diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 9e433bcd9d..ea1e5cadc2 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -2448,3 +2448,113 @@ exit: mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); } /* END_CASE */ + +/* BEGIN_CASE */ +void aead_decrypt_setup( int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *total_input_data, + data_t *input_ciphertext, + data_t *input_tag, + data_t *expected_result_arg, + int forced_status_arg, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + unsigned char *output_data = NULL; + size_t output_size = 0; + size_t output_length = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + data_t* expected_result = expected_result_arg; + psa_status_t forced_status = forced_status_arg; + psa_status_t expected_status = expected_status_arg; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + + psa_aead_operation_t operation = psa_aead_operation_init(); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + + output_size = input_ciphertext->len; + + if( expected_status != PSA_ERROR_INVALID_ARGUMENT && + expected_status != PSA_ERROR_NOT_SUPPORTED ) + { + /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( output_size, + PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, + total_input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_ciphertext->len ) ); + } + + ASSERT_ALLOC( output_data, output_size ); + + mbedtls_test_driver_aead_hooks.forced_status = forced_status; + + status = psa_aead_decrypt_setup( &operation, key, alg ); + + TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? + PSA_SUCCESS : forced_status ); + + TEST_EQUAL( status, expected_status ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_decrypt_setup, 1 ); + + if( status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_set_nonce, + forced_status == PSA_SUCCESS ? 1 : 0 ); + + PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len, + input_ciphertext->len ) ); + + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_set_lengths, + forced_status == PSA_SUCCESS ? 1 : 0 ); + + PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x, + additional_data->len ) ); + + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_update_ad, + forced_status == PSA_SUCCESS ? 1 : 0 ); + + PSA_ASSERT( psa_aead_update( &operation, input_ciphertext->x, + input_ciphertext->len, output_data, + output_size, &output_length ) ); + + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_update, + forced_status == PSA_SUCCESS ? 1 : 0 ); + + ASSERT_COMPARE( expected_result->x, expected_result->len, + output_data, output_length ); + + PSA_ASSERT( psa_aead_verify( &operation, output_data, output_size, + &output_length, input_tag->x, input_tag->len ) ); + + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_verify, + forced_status == PSA_SUCCESS ? 1 : 0 ); + + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_finish, 0 ); + + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits_abort, + forced_status == PSA_SUCCESS ? 1 : 0 ); + } + +exit: + PSA_ASSERT( psa_destroy_key( key ) ); + mbedtls_free( output_data ); + PSA_DONE( ); +} +/* END_CASE */