diff --git a/crypto_adapters/t_cose_openssl_crypto.c b/crypto_adapters/t_cose_openssl_crypto.c index 0133628a..1d11a596 100644 --- a/crypto_adapters/t_cose_openssl_crypto.c +++ b/crypto_adapters/t_cose_openssl_crypto.c @@ -1884,7 +1884,7 @@ t_cose_crypto_aead_decrypt(const int32_t cose_algorithm_id, (int)tag_length, tmp); if(ossl_result != 1) { - return_value = 10; // TODO: proper error code + return_value = T_COSE_ERR_DATA_AUTH_FAILED; goto Done1; } /* The pointer math is safe and this call won't write off the end @@ -1898,7 +1898,7 @@ t_cose_crypto_aead_decrypt(const int32_t cose_algorithm_id, &dummy_length); if(ossl_result != 1) { /* This is where an authentication failure is detected. */ - return_value = 10; // TODO: proper error code + return_value = T_COSE_ERR_DATA_AUTH_FAILED; goto Done1; } diff --git a/examples/init_keys_psa.c b/examples/init_keys_psa.c index 225da040..c4f33aa1 100644 --- a/examples/init_keys_psa.c +++ b/examples/init_keys_psa.c @@ -192,7 +192,7 @@ void free_fixed_signing_key(struct t_cose_key key_pair) * Public function, see init_keys.h */ enum t_cose_err_t -init_fixed_test_ec_encryption_key(uint32_t cose_ec_curve_id, +init_fixed_test_ec_encryption_key(int32_t cose_ec_curve_id, struct t_cose_key *public_key, struct t_cose_key *private_key) { diff --git a/inc/t_cose/t_cose_common.h b/inc/t_cose/t_cose_common.h index de37da77..c08d831a 100644 --- a/inc/t_cose/t_cose_common.h +++ b/inc/t_cose/t_cose_common.h @@ -9,7 +9,6 @@ * See BSD-3-Clause license in README.md */ - #ifndef __T_COSE_COMMON_H__ #define __T_COSE_COMMON_H__ @@ -490,6 +489,7 @@ enum t_cose_err_t { */ T_COSE_ERR_MAC0_FORMAT = 48, + // TODO: duplicate uses of next three error codes. /** The requested content key distribution algorithm is not supported. */ T_COSE_ERR_UNSUPPORTED_CONTENT_KEY_DISTRIBUTION_ALG = 46, @@ -636,7 +636,11 @@ enum t_cose_err_t { * to be larger because there are too many protected * headers, party u/v identities were added or * supp info was added. TODO: see xxxx*/ - T_COSE_ERR_KDF_CONTEXT_SIZE = 88 + T_COSE_ERR_KDF_CONTEXT_SIZE = 88, + + /** COSE_Encrypt has the wrong stuff in it */ + T_COSE_ERR_ENCRYPT_FORMAT = 89, + }; diff --git a/src/t_cose_encrypt_dec.c b/src/t_cose_encrypt_dec.c index 8e25a08d..9e855f35 100644 --- a/src/t_cose_encrypt_dec.c +++ b/src/t_cose_encrypt_dec.c @@ -219,8 +219,15 @@ t_cose_encrypt_dec_detached(struct t_cose_encrypt_dec_ctx* me, header_location.nesting = 1; header_location.index = 0; - /* Loop over the array of COSE_Recipients */ + /* --- Enter array of recipients --- */ QCBORDecode_EnterArray(&cbor_decoder, NULL); + cbor_error = QCBORDecode_GetError(&cbor_decoder); + if(cbor_error != QCBOR_SUCCESS) { + return_value = qcbor_decode_error_to_t_cose_error(cbor_error, T_COSE_ERR_ENCRYPT_FORMAT); + goto Done; + } + + /* Loop over the array of COSE_Recipients */ while(1) { return_value = decrypt_one_recipient(me, header_location, @@ -230,8 +237,20 @@ t_cose_encrypt_dec_detached(struct t_cose_encrypt_dec_ctx* me, &rcpnt_params_list, &cek); /* This will have consumed the CBOR of one recipient */ + if(return_value == T_COSE_SUCCESS) { - break; /* One success is good enough. This is done. */ + /* One success is enough to get the CEK. + * + * Breaking here short circuits decoding + * further recipients. If they are not well-formed + * it will be detected by QCBORDecode_ExitArray(), but + * if they are well-formed and have the wrong CBOR + * types and such, it will not be detected. This is + * considered OK for this implementation. Perhaps + * some will disagree. However doing the error detection + * on all will add code and complexity. + */ + break; } if(return_value != T_COSE_ERR_DECLINE) { diff --git a/src/t_cose_recipient_dec_esdh.c b/src/t_cose_recipient_dec_esdh.c index 5c832e29..d5f759a6 100644 --- a/src/t_cose_recipient_dec_esdh.c +++ b/src/t_cose_recipient_dec_esdh.c @@ -112,6 +112,7 @@ t_cose_recipient_dec_esdh_cb_private(struct t_cose_recipient_dec *me_x, { struct t_cose_recipient_dec_esdh *me; QCBORError result; + QCBORError cbor_error; int64_t alg; struct q_useful_buf_c cek_encrypted; struct q_useful_buf_c info_struct; @@ -139,16 +140,26 @@ t_cose_recipient_dec_esdh_cb_private(struct t_cose_recipient_dec *me_x, /* One recipient */ QCBORDecode_EnterArray(cbor_decoder, NULL); + cbor_error = QCBORDecode_GetError(cbor_decoder); + if(cbor_error != QCBOR_SUCCESS) { + cose_result = qcbor_decode_error_to_t_cose_error(cbor_error, T_COSE_ERR_RECIPIENT_FORMAT); + goto done; + } cose_result = t_cose_headers_decode( cbor_decoder, /* in: decoder to read from */ - loc, /* in: location in COSE message*/ + loc, /* in: location in COSE message */ decode_ephemeral_key, /* in: callback for specials */ - NULL, /* in: context for callback */ + NULL, /* in: context for specials callback */ p_storage, /* in: parameter storage */ params, /* out: list of decoded params */ &protected_params /* out: encoded prot params */ ); + + if(cose_result != T_COSE_SUCCESS) { + goto done; + } + /* The ephemeral public key comes from the headers. It was * processed by the decode_ephemeral_key() callback. */ ephem_param = t_cose_param_find(*params, @@ -159,9 +170,6 @@ t_cose_recipient_dec_esdh_cb_private(struct t_cose_recipient_dec *me_x, } ephemeral_key = ephem_param->value.special_decode.value.key; - if(cose_result != T_COSE_SUCCESS) { - goto done_free_ec; - } /* Recipient array contains AES Key Wrap algorithm. * The KEK used to encrypt the CEK with AES-KW is then diff --git a/test/data/aead_in_error.diag b/test/data/aead_in_error.diag new file mode 100644 index 00000000..b4fc088a --- /dev/null +++ b/test/data/aead_in_error.diag @@ -0,0 +1,23 @@ +96( + [ + h'A10103', + {5: h'02D1F7E6F26C43D4868D87CE'}, + h'256B748DEB647131C12A10AC261DA0628E420492A36F3DED8642B4B6FA1EB15DCEC80A0E', + [ + [ + h'A101381C', + {-1: + { + 1: 2, + -1: 1, + -2: h'E12C938B182258C9D447D41821715261AE99AD77D241943F4A12FF20DD3CE400', + -3: h'48B0588903365733B98D388C6136C04B7FFD1A770CD2611189EE84E9941A7E26' + }, + 4: h'6D65726961646F632E6272616E64796275636B406275636B6C616E642E6578616D706C65' + }, + h'508FAD30A1A95D1380B5167D032799C72477AB60258ABFB71C7AB603A4890EF44F1363ED9F569E85' + ] + ] + ] +) + diff --git a/test/data/cose_encrypt_junk_recipient.diag b/test/data/cose_encrypt_junk_recipient.diag new file mode 100644 index 00000000..7571f05c --- /dev/null +++ b/test/data/cose_encrypt_junk_recipient.diag @@ -0,0 +1,24 @@ +96( + [ + h'A10103', + {5: h'02D1F7E6F26C43D4868D87CE'}, + h'256B748DEB647131C12A10AC261DA0628E420492A36F3DED8642B4B6FA1EB15DCEC80A0F', + [ + "junk in recipients array", + [ + h'A101381C', + {-1: + { + 1: 2, + -1: 1, + -2: h'E12C938B182258C9D447D41821715261AE99AD77D241943F4A12FF20DD3CE400', + -3: h'48B0588903365733B98D388C6136C04B7FFD1A770CD2611189EE84E9941A7E26' + }, + 4: h'6D65726961646F632E6272616E64796275636B406275636B6C616E642E6578616D706C65' + }, + h'508FAD30A1A95D1380B5167D032799C72477AB60258ABFB71C7AB603A4890EF44F1363ED9F569E85' + ] + ] + ] +) + diff --git a/test/data/cose_encrypt_p256_wrap_128.diag b/test/data/cose_encrypt_p256_wrap_128.diag new file mode 100644 index 00000000..87839f8a --- /dev/null +++ b/test/data/cose_encrypt_p256_wrap_128.diag @@ -0,0 +1,23 @@ +96( + [ + h'A10103', + {5: h'02D1F7E6F26C43D4868D87CE'}, + h'256B748DEB647131C12A10AC261DA0628E420492A36F3DED8642B4B6FA1EB15DCEC80A0F', + [ + [ + h'A101381C', + {-1: + { + 1: 2, + -1: 1, + -2: h'E12C938B182258C9D447D41821715261AE99AD77D241943F4A12FF20DD3CE400', + -3: h'48B0588903365733B98D388C6136C04B7FFD1A770CD2611189EE84E9941A7E26' + }, + 4: h'6D65726961646F632E6272616E64796275636B406275636B6C616E642E6578616D706C65' + }, + h'508FAD30A1A95D1380B5167D032799C72477AB60258ABFB71C7AB603A4890EF44F1363ED9F569E85' + ] + ] + ] +) + diff --git a/test/data/cose_recipients_map_instead_of_array.diag b/test/data/cose_recipients_map_instead_of_array.diag new file mode 100644 index 00000000..c8e948e8 --- /dev/null +++ b/test/data/cose_recipients_map_instead_of_array.diag @@ -0,0 +1,24 @@ +96( + [ + h'A10103', + {5: h'02D1F7E6F26C43D4868D87CE'}, + h'256B748DEB647131C12A10AC261DA0628E420492A36F3DED8642B4B6FA1EB15DCEC80A0F', + { + "label": + [ + h'A101381C', + {-1: + { + 1: 2, + -1: 1, + -2: h'E12C938B182258C9D447D41821715261AE99AD77D241943F4A12FF20DD3CE400', + -3: h'48B0588903365733B98D388C6136C04B7FFD1A770CD2611189EE84E9941A7E26' + }, + 4: h'6D65726961646F632E6272616E64796275636B406275636B6C616E642E6578616D706C65' + }, + h'508FAD30A1A95D1380B5167D032799C72477AB60258ABFB71C7AB603A4890EF44F1363ED9F569E85' + ] + } + ] +) + diff --git a/test/data/make_test_messages.sh b/test/data/make_test_messages.sh new file mode 100755 index 00000000..0a45874b --- /dev/null +++ b/test/data/make_test_messages.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +rm -rf test_messages.[ch] + +for i in *.diag; +do + j=${i%.*} + diag2cbor.rb $i > $j + + xxd -c 8 -i $j > $j.tmp + size=`grep 'unsigned int' $j.tmp | sed 's/^.*=\ \([0-9]*\);/\1/'` + grep 'unsigned char' $j.tmp | sed 's/^unsigned/extern const unsigned/' | \ + sed 's/].*/\];/' | \ + sed "s/\[\]/\[$size\]/" >> test_messages.h + cat $j.tmp | sed 's/^unsigned/const unsigned/' >> test_messages.c + + + rm $j $j.tmp + +done + diff --git a/test/data/test_messages.c b/test/data/test_messages.c new file mode 100644 index 00000000..dd856c29 --- /dev/null +++ b/test/data/test_messages.c @@ -0,0 +1,258 @@ +const unsigned char aead_in_error[] = { + 0xd8, 0x60, 0x84, 0x43, 0xa1, 0x01, 0x03, 0xa1, + 0x05, 0x4c, 0x02, 0xd1, 0xf7, 0xe6, 0xf2, 0x6c, + 0x43, 0xd4, 0x86, 0x8d, 0x87, 0xce, 0x58, 0x24, + 0x25, 0x6b, 0x74, 0x8d, 0xeb, 0x64, 0x71, 0x31, + 0xc1, 0x2a, 0x10, 0xac, 0x26, 0x1d, 0xa0, 0x62, + 0x8e, 0x42, 0x04, 0x92, 0xa3, 0x6f, 0x3d, 0xed, + 0x86, 0x42, 0xb4, 0xb6, 0xfa, 0x1e, 0xb1, 0x5d, + 0xce, 0xc8, 0x0a, 0x0e, 0x81, 0x83, 0x44, 0xa1, + 0x01, 0x38, 0x1c, 0xa2, 0x20, 0xa4, 0x01, 0x02, + 0x20, 0x01, 0x21, 0x58, 0x20, 0xe1, 0x2c, 0x93, + 0x8b, 0x18, 0x22, 0x58, 0xc9, 0xd4, 0x47, 0xd4, + 0x18, 0x21, 0x71, 0x52, 0x61, 0xae, 0x99, 0xad, + 0x77, 0xd2, 0x41, 0x94, 0x3f, 0x4a, 0x12, 0xff, + 0x20, 0xdd, 0x3c, 0xe4, 0x00, 0x22, 0x58, 0x20, + 0x48, 0xb0, 0x58, 0x89, 0x03, 0x36, 0x57, 0x33, + 0xb9, 0x8d, 0x38, 0x8c, 0x61, 0x36, 0xc0, 0x4b, + 0x7f, 0xfd, 0x1a, 0x77, 0x0c, 0xd2, 0x61, 0x11, + 0x89, 0xee, 0x84, 0xe9, 0x94, 0x1a, 0x7e, 0x26, + 0x04, 0x58, 0x24, 0x6d, 0x65, 0x72, 0x69, 0x61, + 0x64, 0x6f, 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, + 0x64, 0x79, 0x62, 0x75, 0x63, 0x6b, 0x40, 0x62, + 0x75, 0x63, 0x6b, 0x6c, 0x61, 0x6e, 0x64, 0x2e, + 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x58, + 0x28, 0x50, 0x8f, 0xad, 0x30, 0xa1, 0xa9, 0x5d, + 0x13, 0x80, 0xb5, 0x16, 0x7d, 0x03, 0x27, 0x99, + 0xc7, 0x24, 0x77, 0xab, 0x60, 0x25, 0x8a, 0xbf, + 0xb7, 0x1c, 0x7a, 0xb6, 0x03, 0xa4, 0x89, 0x0e, + 0xf4, 0x4f, 0x13, 0x63, 0xed, 0x9f, 0x56, 0x9e, + 0x85 +}; +const unsigned int aead_in_error_len = 225; +const unsigned char cose_encrypt_junk_recipient[] = { + 0xd8, 0x60, 0x84, 0x43, 0xa1, 0x01, 0x03, 0xa1, + 0x05, 0x4c, 0x02, 0xd1, 0xf7, 0xe6, 0xf2, 0x6c, + 0x43, 0xd4, 0x86, 0x8d, 0x87, 0xce, 0x58, 0x24, + 0x25, 0x6b, 0x74, 0x8d, 0xeb, 0x64, 0x71, 0x31, + 0xc1, 0x2a, 0x10, 0xac, 0x26, 0x1d, 0xa0, 0x62, + 0x8e, 0x42, 0x04, 0x92, 0xa3, 0x6f, 0x3d, 0xed, + 0x86, 0x42, 0xb4, 0xb6, 0xfa, 0x1e, 0xb1, 0x5d, + 0xce, 0xc8, 0x0a, 0x0f, 0x82, 0x78, 0x18, 0x6a, + 0x75, 0x6e, 0x6b, 0x20, 0x69, 0x6e, 0x20, 0x72, + 0x65, 0x63, 0x69, 0x70, 0x69, 0x65, 0x6e, 0x74, + 0x73, 0x20, 0x61, 0x72, 0x72, 0x61, 0x79, 0x83, + 0x44, 0xa1, 0x01, 0x38, 0x1c, 0xa2, 0x20, 0xa4, + 0x01, 0x02, 0x20, 0x01, 0x21, 0x58, 0x20, 0xe1, + 0x2c, 0x93, 0x8b, 0x18, 0x22, 0x58, 0xc9, 0xd4, + 0x47, 0xd4, 0x18, 0x21, 0x71, 0x52, 0x61, 0xae, + 0x99, 0xad, 0x77, 0xd2, 0x41, 0x94, 0x3f, 0x4a, + 0x12, 0xff, 0x20, 0xdd, 0x3c, 0xe4, 0x00, 0x22, + 0x58, 0x20, 0x48, 0xb0, 0x58, 0x89, 0x03, 0x36, + 0x57, 0x33, 0xb9, 0x8d, 0x38, 0x8c, 0x61, 0x36, + 0xc0, 0x4b, 0x7f, 0xfd, 0x1a, 0x77, 0x0c, 0xd2, + 0x61, 0x11, 0x89, 0xee, 0x84, 0xe9, 0x94, 0x1a, + 0x7e, 0x26, 0x04, 0x58, 0x24, 0x6d, 0x65, 0x72, + 0x69, 0x61, 0x64, 0x6f, 0x63, 0x2e, 0x62, 0x72, + 0x61, 0x6e, 0x64, 0x79, 0x62, 0x75, 0x63, 0x6b, + 0x40, 0x62, 0x75, 0x63, 0x6b, 0x6c, 0x61, 0x6e, + 0x64, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, + 0x65, 0x58, 0x28, 0x50, 0x8f, 0xad, 0x30, 0xa1, + 0xa9, 0x5d, 0x13, 0x80, 0xb5, 0x16, 0x7d, 0x03, + 0x27, 0x99, 0xc7, 0x24, 0x77, 0xab, 0x60, 0x25, + 0x8a, 0xbf, 0xb7, 0x1c, 0x7a, 0xb6, 0x03, 0xa4, + 0x89, 0x0e, 0xf4, 0x4f, 0x13, 0x63, 0xed, 0x9f, + 0x56, 0x9e, 0x85 +}; +const unsigned int cose_encrypt_junk_recipient_len = 251; +const unsigned char cose_encrypt_p256_wrap_128[] = { + 0xd8, 0x60, 0x84, 0x43, 0xa1, 0x01, 0x03, 0xa1, + 0x05, 0x4c, 0x02, 0xd1, 0xf7, 0xe6, 0xf2, 0x6c, + 0x43, 0xd4, 0x86, 0x8d, 0x87, 0xce, 0x58, 0x24, + 0x25, 0x6b, 0x74, 0x8d, 0xeb, 0x64, 0x71, 0x31, + 0xc1, 0x2a, 0x10, 0xac, 0x26, 0x1d, 0xa0, 0x62, + 0x8e, 0x42, 0x04, 0x92, 0xa3, 0x6f, 0x3d, 0xed, + 0x86, 0x42, 0xb4, 0xb6, 0xfa, 0x1e, 0xb1, 0x5d, + 0xce, 0xc8, 0x0a, 0x0f, 0x81, 0x83, 0x44, 0xa1, + 0x01, 0x38, 0x1c, 0xa2, 0x20, 0xa4, 0x01, 0x02, + 0x20, 0x01, 0x21, 0x58, 0x20, 0xe1, 0x2c, 0x93, + 0x8b, 0x18, 0x22, 0x58, 0xc9, 0xd4, 0x47, 0xd4, + 0x18, 0x21, 0x71, 0x52, 0x61, 0xae, 0x99, 0xad, + 0x77, 0xd2, 0x41, 0x94, 0x3f, 0x4a, 0x12, 0xff, + 0x20, 0xdd, 0x3c, 0xe4, 0x00, 0x22, 0x58, 0x20, + 0x48, 0xb0, 0x58, 0x89, 0x03, 0x36, 0x57, 0x33, + 0xb9, 0x8d, 0x38, 0x8c, 0x61, 0x36, 0xc0, 0x4b, + 0x7f, 0xfd, 0x1a, 0x77, 0x0c, 0xd2, 0x61, 0x11, + 0x89, 0xee, 0x84, 0xe9, 0x94, 0x1a, 0x7e, 0x26, + 0x04, 0x58, 0x24, 0x6d, 0x65, 0x72, 0x69, 0x61, + 0x64, 0x6f, 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, + 0x64, 0x79, 0x62, 0x75, 0x63, 0x6b, 0x40, 0x62, + 0x75, 0x63, 0x6b, 0x6c, 0x61, 0x6e, 0x64, 0x2e, + 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x58, + 0x28, 0x50, 0x8f, 0xad, 0x30, 0xa1, 0xa9, 0x5d, + 0x13, 0x80, 0xb5, 0x16, 0x7d, 0x03, 0x27, 0x99, + 0xc7, 0x24, 0x77, 0xab, 0x60, 0x25, 0x8a, 0xbf, + 0xb7, 0x1c, 0x7a, 0xb6, 0x03, 0xa4, 0x89, 0x0e, + 0xf4, 0x4f, 0x13, 0x63, 0xed, 0x9f, 0x56, 0x9e, + 0x85 +}; +const unsigned int cose_encrypt_p256_wrap_128_len = 225; +const unsigned char cose_recipients_map_instead_of_array[] = { + 0xd8, 0x60, 0x84, 0x43, 0xa1, 0x01, 0x03, 0xa1, + 0x05, 0x4c, 0x02, 0xd1, 0xf7, 0xe6, 0xf2, 0x6c, + 0x43, 0xd4, 0x86, 0x8d, 0x87, 0xce, 0x58, 0x24, + 0x25, 0x6b, 0x74, 0x8d, 0xeb, 0x64, 0x71, 0x31, + 0xc1, 0x2a, 0x10, 0xac, 0x26, 0x1d, 0xa0, 0x62, + 0x8e, 0x42, 0x04, 0x92, 0xa3, 0x6f, 0x3d, 0xed, + 0x86, 0x42, 0xb4, 0xb6, 0xfa, 0x1e, 0xb1, 0x5d, + 0xce, 0xc8, 0x0a, 0x0f, 0xa1, 0x65, 0x6c, 0x61, + 0x62, 0x65, 0x6c, 0x83, 0x44, 0xa1, 0x01, 0x38, + 0x1c, 0xa2, 0x20, 0xa4, 0x01, 0x02, 0x20, 0x01, + 0x21, 0x58, 0x20, 0xe1, 0x2c, 0x93, 0x8b, 0x18, + 0x22, 0x58, 0xc9, 0xd4, 0x47, 0xd4, 0x18, 0x21, + 0x71, 0x52, 0x61, 0xae, 0x99, 0xad, 0x77, 0xd2, + 0x41, 0x94, 0x3f, 0x4a, 0x12, 0xff, 0x20, 0xdd, + 0x3c, 0xe4, 0x00, 0x22, 0x58, 0x20, 0x48, 0xb0, + 0x58, 0x89, 0x03, 0x36, 0x57, 0x33, 0xb9, 0x8d, + 0x38, 0x8c, 0x61, 0x36, 0xc0, 0x4b, 0x7f, 0xfd, + 0x1a, 0x77, 0x0c, 0xd2, 0x61, 0x11, 0x89, 0xee, + 0x84, 0xe9, 0x94, 0x1a, 0x7e, 0x26, 0x04, 0x58, + 0x24, 0x6d, 0x65, 0x72, 0x69, 0x61, 0x64, 0x6f, + 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x79, + 0x62, 0x75, 0x63, 0x6b, 0x40, 0x62, 0x75, 0x63, + 0x6b, 0x6c, 0x61, 0x6e, 0x64, 0x2e, 0x65, 0x78, + 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x58, 0x28, 0x50, + 0x8f, 0xad, 0x30, 0xa1, 0xa9, 0x5d, 0x13, 0x80, + 0xb5, 0x16, 0x7d, 0x03, 0x27, 0x99, 0xc7, 0x24, + 0x77, 0xab, 0x60, 0x25, 0x8a, 0xbf, 0xb7, 0x1c, + 0x7a, 0xb6, 0x03, 0xa4, 0x89, 0x0e, 0xf4, 0x4f, + 0x13, 0x63, 0xed, 0x9f, 0x56, 0x9e, 0x85 +}; +const unsigned int cose_recipients_map_instead_of_array_len = 231; +const unsigned char tstr_ciphertext[] = { + 0xd8, 0x60, 0x84, 0x43, 0xa1, 0x01, 0x03, 0xa1, + 0x05, 0x4c, 0x02, 0xd1, 0xf7, 0xe6, 0xf2, 0x6c, + 0x43, 0xd4, 0x86, 0x8d, 0x87, 0xce, 0x78, 0x22, + 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x74, + 0x65, 0x78, 0x74, 0x20, 0x74, 0x68, 0x61, 0x74, + 0x20, 0x69, 0x73, 0x20, 0x74, 0x73, 0x74, 0x72, + 0x2c, 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x62, 0x73, + 0x74, 0x72, 0x81, 0x83, 0x44, 0xa1, 0x01, 0x38, + 0x1c, 0xa2, 0x20, 0xa4, 0x01, 0x02, 0x20, 0x01, + 0x21, 0x58, 0x20, 0xe1, 0x2c, 0x93, 0x8b, 0x18, + 0x22, 0x58, 0xc9, 0xd4, 0x47, 0xd4, 0x18, 0x21, + 0x71, 0x52, 0x61, 0xae, 0x99, 0xad, 0x77, 0xd2, + 0x41, 0x94, 0x3f, 0x4a, 0x12, 0xff, 0x20, 0xdd, + 0x3c, 0xe4, 0x00, 0x22, 0x58, 0x20, 0x48, 0xb0, + 0x58, 0x89, 0x03, 0x36, 0x57, 0x33, 0xb9, 0x8d, + 0x38, 0x8c, 0x61, 0x36, 0xc0, 0x4b, 0x7f, 0xfd, + 0x1a, 0x77, 0x0c, 0xd2, 0x61, 0x11, 0x89, 0xee, + 0x84, 0xe9, 0x94, 0x1a, 0x7e, 0x26, 0x04, 0x58, + 0x24, 0x6d, 0x65, 0x72, 0x69, 0x61, 0x64, 0x6f, + 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x79, + 0x62, 0x75, 0x63, 0x6b, 0x40, 0x62, 0x75, 0x63, + 0x6b, 0x6c, 0x61, 0x6e, 0x64, 0x2e, 0x65, 0x78, + 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x58, 0x28, 0x50, + 0x8f, 0xad, 0x30, 0xa1, 0xa9, 0x5d, 0x13, 0x80, + 0xb5, 0x16, 0x7d, 0x03, 0x27, 0x99, 0xc7, 0x24, + 0x77, 0xab, 0x60, 0x25, 0x8a, 0xbf, 0xb7, 0x1c, + 0x7a, 0xb6, 0x03, 0xa4, 0x89, 0x0e, 0xf4, 0x4f, + 0x13, 0x63, 0xed, 0x9f, 0x56, 0x9e, 0x85 +}; +const unsigned int tstr_ciphertext_len = 223; +const unsigned char unknown_symmetric_alg[] = { + 0xd8, 0x60, 0x84, 0x43, 0xa1, 0x01, 0x08, 0xa1, + 0x05, 0x4c, 0x02, 0xd1, 0xf7, 0xe6, 0xf2, 0x6c, + 0x43, 0xd4, 0x86, 0x8d, 0x87, 0xce, 0x58, 0x24, + 0x25, 0x6b, 0x74, 0x8d, 0xeb, 0x64, 0x71, 0x31, + 0xc1, 0x2a, 0x10, 0xac, 0x26, 0x1d, 0xa0, 0x62, + 0x8e, 0x42, 0x04, 0x92, 0xa3, 0x6f, 0x3d, 0xed, + 0x86, 0x42, 0xb4, 0xb6, 0xfa, 0x1e, 0xb1, 0x5d, + 0xce, 0xc8, 0x0a, 0x0f, 0x81, 0x83, 0x44, 0xa1, + 0x01, 0x38, 0x1c, 0xa2, 0x20, 0xa4, 0x01, 0x02, + 0x20, 0x01, 0x21, 0x58, 0x20, 0xe1, 0x2c, 0x93, + 0x8b, 0x18, 0x22, 0x58, 0xc9, 0xd4, 0x47, 0xd4, + 0x18, 0x21, 0x71, 0x52, 0x61, 0xae, 0x99, 0xad, + 0x77, 0xd2, 0x41, 0x94, 0x3f, 0x4a, 0x12, 0xff, + 0x20, 0xdd, 0x3c, 0xe4, 0x00, 0x22, 0x58, 0x20, + 0x48, 0xb0, 0x58, 0x89, 0x03, 0x36, 0x57, 0x33, + 0xb9, 0x8d, 0x38, 0x8c, 0x61, 0x36, 0xc0, 0x4b, + 0x7f, 0xfd, 0x1a, 0x77, 0x0c, 0xd2, 0x61, 0x11, + 0x89, 0xee, 0x84, 0xe9, 0x94, 0x1a, 0x7e, 0x26, + 0x04, 0x58, 0x24, 0x6d, 0x65, 0x72, 0x69, 0x61, + 0x64, 0x6f, 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, + 0x64, 0x79, 0x62, 0x75, 0x63, 0x6b, 0x40, 0x62, + 0x75, 0x63, 0x6b, 0x6c, 0x61, 0x6e, 0x64, 0x2e, + 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x58, + 0x28, 0x50, 0x8f, 0xad, 0x30, 0xa1, 0xa9, 0x5d, + 0x13, 0x80, 0xb5, 0x16, 0x7d, 0x03, 0x27, 0x99, + 0xc7, 0x24, 0x77, 0xab, 0x60, 0x25, 0x8a, 0xbf, + 0xb7, 0x1c, 0x7a, 0xb6, 0x03, 0xa4, 0x89, 0x0e, + 0xf4, 0x4f, 0x13, 0x63, 0xed, 0x9f, 0x56, 0x9e, + 0x85 +}; +const unsigned int unknown_symmetric_alg_len = 225; +const unsigned char unprot_headers_wrong_type[] = { + 0xd8, 0x60, 0x84, 0x43, 0xa1, 0x01, 0x03, 0x82, + 0x05, 0x4c, 0x02, 0xd1, 0xf7, 0xe6, 0xf2, 0x6c, + 0x43, 0xd4, 0x86, 0x8d, 0x87, 0xce, 0x58, 0x24, + 0x25, 0x6b, 0x74, 0x8d, 0xeb, 0x64, 0x71, 0x31, + 0xc1, 0x2a, 0x10, 0xac, 0x26, 0x1d, 0xa0, 0x62, + 0x8e, 0x42, 0x04, 0x92, 0xa3, 0x6f, 0x3d, 0xed, + 0x86, 0x42, 0xb4, 0xb6, 0xfa, 0x1e, 0xb1, 0x5d, + 0xce, 0xc8, 0x0a, 0x0f, 0x81, 0x83, 0x44, 0xa1, + 0x01, 0x38, 0x1c, 0xa2, 0x20, 0xa4, 0x01, 0x02, + 0x20, 0x01, 0x21, 0x58, 0x20, 0xe1, 0x2c, 0x93, + 0x8b, 0x18, 0x22, 0x58, 0xc9, 0xd4, 0x47, 0xd4, + 0x18, 0x21, 0x71, 0x52, 0x61, 0xae, 0x99, 0xad, + 0x77, 0xd2, 0x41, 0x94, 0x3f, 0x4a, 0x12, 0xff, + 0x20, 0xdd, 0x3c, 0xe4, 0x00, 0x22, 0x58, 0x20, + 0x48, 0xb0, 0x58, 0x89, 0x03, 0x36, 0x57, 0x33, + 0xb9, 0x8d, 0x38, 0x8c, 0x61, 0x36, 0xc0, 0x4b, + 0x7f, 0xfd, 0x1a, 0x77, 0x0c, 0xd2, 0x61, 0x11, + 0x89, 0xee, 0x84, 0xe9, 0x94, 0x1a, 0x7e, 0x26, + 0x04, 0x58, 0x24, 0x6d, 0x65, 0x72, 0x69, 0x61, + 0x64, 0x6f, 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, + 0x64, 0x79, 0x62, 0x75, 0x63, 0x6b, 0x40, 0x62, + 0x75, 0x63, 0x6b, 0x6c, 0x61, 0x6e, 0x64, 0x2e, + 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x58, + 0x28, 0x50, 0x8f, 0xad, 0x30, 0xa1, 0xa9, 0x5d, + 0x13, 0x80, 0xb5, 0x16, 0x7d, 0x03, 0x27, 0x99, + 0xc7, 0x24, 0x77, 0xab, 0x60, 0x25, 0x8a, 0xbf, + 0xb7, 0x1c, 0x7a, 0xb6, 0x03, 0xa4, 0x89, 0x0e, + 0xf4, 0x4f, 0x13, 0x63, 0xed, 0x9f, 0x56, 0x9e, + 0x85 +}; +const unsigned int unprot_headers_wrong_type_len = 225; +const unsigned char yy[] = { + 0xd8, 0x60, 0x84, 0x43, 0xa1, 0x01, 0x03, 0xa1, + 0x05, 0x4c, 0x02, 0xd1, 0xf7, 0xe6, 0xf2, 0x6c, + 0x43, 0xd4, 0x86, 0x8d, 0x87, 0xce, 0x58, 0x24, + 0x25, 0x6b, 0x74, 0x8d, 0xeb, 0x64, 0x71, 0x31, + 0xc1, 0x2a, 0x10, 0xac, 0x26, 0x1d, 0xa0, 0x62, + 0x8e, 0x42, 0x04, 0x92, 0xa3, 0x6f, 0x3d, 0xed, + 0x86, 0x42, 0xb4, 0xb6, 0xfa, 0x1e, 0xb1, 0x5d, + 0xce, 0xc8, 0x0a, 0x0f, 0x81, 0x83, 0x44, 0xa1, + 0x01, 0x38, 0x1c, 0xa2, 0x20, 0xa4, 0x01, 0x02, + 0x20, 0x01, 0x21, 0x58, 0x20, 0xe1, 0x2c, 0x93, + 0x8b, 0x18, 0x22, 0x58, 0xc9, 0xd4, 0x47, 0xd4, + 0x18, 0x21, 0x71, 0x52, 0x61, 0xae, 0x99, 0xad, + 0x77, 0xd2, 0x41, 0x94, 0x3f, 0x4a, 0x12, 0xff, + 0x20, 0xdd, 0x3c, 0xe4, 0x00, 0x22, 0x58, 0x20, + 0x48, 0xb0, 0x58, 0x89, 0x03, 0x36, 0x57, 0x33, + 0xb9, 0x8d, 0x38, 0x8c, 0x61, 0x36, 0xc0, 0x4b, + 0x7f, 0xfd, 0x1a, 0x77, 0x0c, 0xd2, 0x61, 0x11, + 0x89, 0xee, 0x84, 0xe9, 0x94, 0x1a, 0x7e, 0x26, + 0x04, 0x58, 0x24, 0x6d, 0x65, 0x72, 0x69, 0x61, + 0x64, 0x6f, 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, + 0x64, 0x79, 0x62, 0x75, 0x63, 0x6b, 0x40, 0x62, + 0x75, 0x63, 0x6b, 0x6c, 0x61, 0x6e, 0x64, 0x2e, + 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x58, + 0x28, 0x50, 0x8f, 0xad, 0x30, 0xa1, 0xa9, 0x5d, + 0x13, 0x80, 0xb5, 0x16, 0x7d, 0x03, 0x27, 0x99, + 0xc7, 0x24, 0x77, 0xab, 0x60, 0x25, 0x8a, 0xbf, + 0xb7, 0x1c, 0x7a, 0xb6, 0x03, 0xa4, 0x89, 0x0e, + 0xf4, 0x4f, 0x13, 0x63, 0xed, 0x9f, 0x56, 0x9e, + 0x85 +}; +const unsigned int yy_len = 225; diff --git a/test/data/test_messages.h b/test/data/test_messages.h new file mode 100644 index 00000000..9b26813f --- /dev/null +++ b/test/data/test_messages.h @@ -0,0 +1,8 @@ +extern const unsigned char aead_in_error[225]; +extern const unsigned char cose_encrypt_junk_recipient[251]; +extern const unsigned char cose_encrypt_p256_wrap_128[225]; +extern const unsigned char cose_recipients_map_instead_of_array[231]; +extern const unsigned char tstr_ciphertext[223]; +extern const unsigned char unknown_symmetric_alg[225]; +extern const unsigned char unprot_headers_wrong_type[225]; +extern const unsigned char yy[225]; diff --git a/test/data/tstr_ciphertext.diag b/test/data/tstr_ciphertext.diag new file mode 100644 index 00000000..57be35bb --- /dev/null +++ b/test/data/tstr_ciphertext.diag @@ -0,0 +1,23 @@ +96( + [ + h'A10103', + {5: h'02D1F7E6F26C43D4868D87CE'}, + "cipher text that is tstr, not bstr", + [ + [ + h'A101381C', + {-1: + { + 1: 2, + -1: 1, + -2: h'E12C938B182258C9D447D41821715261AE99AD77D241943F4A12FF20DD3CE400', + -3: h'48B0588903365733B98D388C6136C04B7FFD1A770CD2611189EE84E9941A7E26' + }, + 4: h'6D65726961646F632E6272616E64796275636B406275636B6C616E642E6578616D706C65' + }, + h'508FAD30A1A95D1380B5167D032799C72477AB60258ABFB71C7AB603A4890EF44F1363ED9F569E85' + ] + ] + ] +) + diff --git a/test/data/unknown_symmetric_alg.diag b/test/data/unknown_symmetric_alg.diag new file mode 100644 index 00000000..24ddda0c --- /dev/null +++ b/test/data/unknown_symmetric_alg.diag @@ -0,0 +1,23 @@ +96( + [ + h'A10108', + {5: h'02D1F7E6F26C43D4868D87CE'}, + h'256B748DEB647131C12A10AC261DA0628E420492A36F3DED8642B4B6FA1EB15DCEC80A0F', + [ + [ + h'A101381C', + {-1: + { + 1: 2, + -1: 1, + -2: h'E12C938B182258C9D447D41821715261AE99AD77D241943F4A12FF20DD3CE400', + -3: h'48B0588903365733B98D388C6136C04B7FFD1A770CD2611189EE84E9941A7E26' + }, + 4: h'6D65726961646F632E6272616E64796275636B406275636B6C616E642E6578616D706C65' + }, + h'508FAD30A1A95D1380B5167D032799C72477AB60258ABFB71C7AB603A4890EF44F1363ED9F569E85' + ] + ] + ] +) + diff --git a/test/data/unprot_headers_wrong_type.diag b/test/data/unprot_headers_wrong_type.diag new file mode 100644 index 00000000..990babfa --- /dev/null +++ b/test/data/unprot_headers_wrong_type.diag @@ -0,0 +1,23 @@ +96( + [ + h'A10103', + [5, h'02D1F7E6F26C43D4868D87CE'], + h'256B748DEB647131C12A10AC261DA0628E420492A36F3DED8642B4B6FA1EB15DCEC80A0F', + [ + [ + h'A101381C', + {-1: + { + 1: 2, + -1: 1, + -2: h'E12C938B182258C9D447D41821715261AE99AD77D241943F4A12FF20DD3CE400', + -3: h'48B0588903365733B98D388C6136C04B7FFD1A770CD2611189EE84E9941A7E26' + }, + 4: h'6D65726961646F632E6272616E64796275636B406275636B6C616E642E6578616D706C65' + }, + h'508FAD30A1A95D1380B5167D032799C72477AB60258ABFB71C7AB603A4890EF44F1363ED9F569E85' + ] + ] + ] +) + diff --git a/test/run_tests.c b/test/run_tests.c index c68f2c85..afa253d8 100644 --- a/test/run_tests.c +++ b/test/run_tests.c @@ -57,6 +57,9 @@ static test_entry s_tests[] = { TEST_ENTRY(esdh_enc_dec_test), TEST_ENTRY(decrypt_known_good), + + TEST_ENTRY(decrypt_known_bad), + TEST_ENTRY(kdf_context_test), #endif /* T_COSE_USE_B_CON_SHA256 */ diff --git a/test/t_cose_encrypt_decrypt_test.c b/test/t_cose_encrypt_decrypt_test.c index 8aeaeff5..e740bea1 100644 --- a/test/t_cose_encrypt_decrypt_test.c +++ b/test/t_cose_encrypt_decrypt_test.c @@ -14,6 +14,7 @@ #include "t_cose/t_cose_encrypt_enc.h" #include "t_cose/t_cose_recipient_dec_esdh.h" #include "t_cose/t_cose_recipient_enc_esdh.h" +#include "data/test_messages.h" @@ -431,41 +432,6 @@ esdh_enc_dec_test(void) } - -/* This comes from the COSE WG Examples repository */ - -static const uint8_t p256_wrap_128_02[] = { - 0xD8, 0x60, 0x84, 0x43, 0xA1, 0x01, 0x03, 0xA1, - 0x05, 0x4C, 0x02, 0xD1, 0xF7, 0xE6, 0xF2, 0x6C, - 0x43, 0xD4, 0x86, 0x8D, 0x87, 0xCE, 0x58, 0x24, - 0x25, 0x6B, 0x74, 0x8D, 0xEB, 0x64, 0x71, 0x31, - 0xC1, 0x2A, 0x10, 0xAC, 0x26, 0x1D, 0xA0, 0x62, - 0x8E, 0x42, 0x04, 0x92, 0xA3, 0x6F, 0x3D, 0xED, - 0x86, 0x42, 0xB4, 0xB6, 0xFA, 0x1E, 0xB1, 0x5D, - 0xCE, 0xC8, 0x0A, 0x0F, 0x81, 0x83, 0x44, 0xA1, - 0x01, 0x38, 0x1C, 0xA2, 0x20, 0xA4, 0x01, 0x02, - 0x20, 0x01, 0x21, 0x58, 0x20, 0xE1, 0x2C, 0x93, - 0x8B, 0x18, 0x22, 0x58, 0xC9, 0xD4, 0x47, 0xD4, - 0x18, 0x21, 0x71, 0x52, 0x61, 0xAE, 0x99, 0xAD, - 0x77, 0xD2, 0x41, 0x94, 0x3F, 0x4A, 0x12, 0xFF, - 0x20, 0xDD, 0x3C, 0xE4, 0x00, 0x22, 0x58, 0x20, - 0x48, 0xB0, 0x58, 0x89, 0x03, 0x36, 0x57, 0x33, - 0xB9, 0x8D, 0x38, 0x8C, 0x61, 0x36, 0xC0, 0x4B, - 0x7F, 0xFD, 0x1A, 0x77, 0x0C, 0xD2, 0x61, 0x11, - 0x89, 0xEE, 0x84, 0xE9, 0x94, 0x1A, 0x7E, 0x26, - 0x04, 0x58, 0x24, 0x6D, 0x65, 0x72, 0x69, 0x61, - 0x64, 0x6F, 0x63, 0x2E, 0x62, 0x72, 0x61, 0x6E, - 0x64, 0x79, 0x62, 0x75, 0x63, 0x6B, 0x40, 0x62, - 0x75, 0x63, 0x6B, 0x6C, 0x61, 0x6E, 0x64, 0x2E, - 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x58, - 0x28, 0x50, 0x8F, 0xAD, 0x30, 0xA1, 0xA9, 0x5D, - 0x13, 0x80, 0xB5, 0x16, 0x7D, 0x03, 0x27, 0x99, - 0xC7, 0x24, 0x77, 0xAB, 0x60, 0x25, 0x8A, 0xBF, - 0xB7, 0x1C, 0x7A, 0xB6, 0x03, 0xA4, 0x89, 0x0E, - 0xF4, 0x4F, 0x13, 0x63, 0xED, 0x9F, 0x56, 0x9E, - 0x85}; - - int32_t decrypt_known_good(void) { enum t_cose_err_t result; @@ -503,7 +469,7 @@ int32_t decrypt_known_good(void) (struct t_cose_recipient_dec *)&dec_recipient); result = t_cose_encrypt_dec(&dec_ctx, - UsefulBuf_FROM_BYTE_ARRAY_LITERAL(p256_wrap_128_02), /* in: message to decrypt */ + UsefulBuf_FROM_BYTE_ARRAY_LITERAL(cose_encrypt_p256_wrap_128), /* in: message to decrypt */ NULL_Q_USEFUL_BUF_C, /* in/unused: AAD */ decrypted_buffer, &decrypted_payload, @@ -512,6 +478,8 @@ int32_t decrypt_known_good(void) if(result != T_COSE_SUCCESS) { return (int32_t)result + 2000; } + + free_fixed_test_ec_encryption_key(pubkey); free_fixed_test_ec_encryption_key(privatekey); @@ -519,6 +487,145 @@ int32_t decrypt_known_good(void) } + + +struct decrypt_test { + const char *sz_description; + struct q_useful_buf_c message; + enum t_cose_err_t expected_return_value; + int32_t cose_ec_curve_id; /* For key */ + struct q_useful_buf_c expected_payload; +}; + + +int32_t run_decrypt_test(const struct decrypt_test *test) +{ + enum t_cose_err_t result; + struct t_cose_encrypt_dec_ctx dec_ctx; + struct t_cose_recipient_dec_esdh dec_recipient; + Q_USEFUL_BUF_MAKE_STACK_UB ( decrypted_buffer, 400); + struct q_useful_buf_c decrypted_payload; + struct t_cose_parameter *params; + struct t_cose_key privatekey; + struct t_cose_key pubkey; + + if(!t_cose_is_algorithm_supported(T_COSE_ALGORITHM_A128KW)) { + /* Mbed TLS 2.28 doesn't support key wrap. */ + /* TODO: check for other required algorithms here */ + return INT32_MIN; + } + + result = init_fixed_test_ec_encryption_key(test->cose_ec_curve_id, + &pubkey, /* out: public key to be used for encryption */ + &privatekey); /* out: corresponding private key for decryption */ + if(result != T_COSE_SUCCESS) { + return (int32_t)result + 1000; + } + + t_cose_encrypt_dec_init(&dec_ctx, 0); + + t_cose_recipient_dec_esdh_init(&dec_recipient); + + t_cose_recipient_dec_esdh_set_key(&dec_recipient, + privatekey, /* in: private key handle */ + NULL_Q_USEFUL_BUF_C); /* in: kid */ + + t_cose_encrypt_dec_add_recipient(&dec_ctx, + (struct t_cose_recipient_dec *)&dec_recipient); + + result = t_cose_encrypt_dec(&dec_ctx, + test->message, /* in: message to decrypt */ + NULL_Q_USEFUL_BUF_C, /* in/unused: AAD */ + decrypted_buffer, + &decrypted_payload, + ¶ms); + + if(result != test->expected_return_value) { + return (int32_t)result + 2000; + } + + return 0; + +} + + +static int32_t +init_decrypt_test_list(struct decrypt_test tests[], size_t size) +{ + int test_num; + + test_num = 0; + + tests[test_num].sz_description = "body symmetric alg id is not one that is a symmertic alg"; + tests[test_num].message = UsefulBuf_FROM_BYTE_ARRAY_LITERAL(unknown_symmetric_alg); + tests[test_num].cose_ec_curve_id = T_COSE_ELLIPTIC_CURVE_P_256; + tests[test_num].expected_return_value = T_COSE_ERR_UNSUPPORTED_ENCRYPTION_ALG; + test_num++; + + tests[test_num].sz_description = "cipher text is a tstr, not an bstr"; + tests[test_num].message = UsefulBuf_FROM_BYTE_ARRAY_LITERAL(tstr_ciphertext); + tests[test_num].cose_ec_curve_id = T_COSE_ELLIPTIC_CURVE_P_256; + tests[test_num].expected_return_value = T_COSE_ERR_ENCRYPT_FORMAT; + test_num++; + + tests[test_num].sz_description = "the aead ciphertext is modified so aead validation fails"; + tests[test_num].message = UsefulBuf_FROM_BYTE_ARRAY_LITERAL(aead_in_error); + tests[test_num].cose_ec_curve_id = T_COSE_ELLIPTIC_CURVE_P_256; + tests[test_num].expected_return_value = T_COSE_ERR_DATA_AUTH_FAILED; + test_num++; + + tests[test_num].sz_description = "the body unprot header params is an array, not a map"; + tests[test_num].message = UsefulBuf_FROM_BYTE_ARRAY_LITERAL(unprot_headers_wrong_type); + tests[test_num].cose_ec_curve_id = T_COSE_ELLIPTIC_CURVE_P_256; + tests[test_num].expected_return_value = T_COSE_ERR_PARAMETER_CBOR; + test_num++; + + tests[test_num].sz_description = "the array of recipients is a map, not an array"; + tests[test_num].message = UsefulBuf_FROM_BYTE_ARRAY_LITERAL(cose_recipients_map_instead_of_array); + tests[test_num].cose_ec_curve_id = T_COSE_ELLIPTIC_CURVE_P_256; + tests[test_num].expected_return_value = T_COSE_ERR_ENCRYPT_FORMAT; + test_num++; + + + tests[test_num].sz_description = "a recipient is a text string, not an array"; + tests[test_num].message = UsefulBuf_FROM_BYTE_ARRAY_LITERAL(cose_encrypt_junk_recipient); + tests[test_num].cose_ec_curve_id = T_COSE_ELLIPTIC_CURVE_P_256; + tests[test_num].expected_return_value = T_COSE_ERR_RECIPIENT_FORMAT; + test_num++; + // TODO: check size + + tests[test_num].sz_description = NULL; + + return 0; +} + + +int32_t decrypt_known_bad(void) +{ + int32_t result; + struct decrypt_test test_list[10]; + int32_t i; + + result = init_decrypt_test_list(test_list, sizeof(test_list)); + if(result) { + return result; + } + + for(i = 0; test_list[i].sz_description != NULL; i++) { + if(i == 5) { /* For setting break point for a particular test */ + result = 99; + } + + result = run_decrypt_test(&test_list[i]); + if(result) { + return i * 10000 + (int32_t)result; + } + } + + return 0; +} + + /* Input parameters for kdf_instance_test() */ struct kdf_context_test_input { struct q_useful_buf_c party_u_ident; diff --git a/test/t_cose_encrypt_decrypt_test.h b/test/t_cose_encrypt_decrypt_test.h index e49508b6..d281ae01 100644 --- a/test/t_cose_encrypt_decrypt_test.h +++ b/test/t_cose_encrypt_decrypt_test.h @@ -19,6 +19,8 @@ int32_t esdh_enc_dec_test(void); int32_t decrypt_known_good(void); +int32_t decrypt_known_bad(void); + int32_t kdf_context_test(void); #endif /* t_cose_encrypt_decrypt_test_h */