From ade76189c58740bf06fb4527a76f75b0de0c9994 Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Thu, 31 Jul 2025 12:38:06 +0530 Subject: [PATCH] test(hal/crypto): Update AES test app to remove redundant block operation --- .../hal/test_apps/crypto/CMakeLists.txt | 3 + .../hal/test_apps/crypto/main/CMakeLists.txt | 5 +- .../hal/test_apps/crypto/main/aes/aes_block.c | 111 -------- .../hal/test_apps/crypto/main/aes/aes_block.h | 29 --- .../hal/test_apps/crypto/main/aes/test_aes.c | 238 +++++------------- .../test_apps/crypto/main/aes/test_params.h | 96 ++++++- .../hal/test_apps/crypto/sdkconfig.defaults | 3 + 7 files changed, 165 insertions(+), 320 deletions(-) delete mode 100644 components/hal/test_apps/crypto/main/aes/aes_block.c delete mode 100644 components/hal/test_apps/crypto/main/aes/aes_block.h diff --git a/components/hal/test_apps/crypto/CMakeLists.txt b/components/hal/test_apps/crypto/CMakeLists.txt index bb19db5736..213af4cade 100644 --- a/components/hal/test_apps/crypto/CMakeLists.txt +++ b/components/hal/test_apps/crypto/CMakeLists.txt @@ -6,4 +6,7 @@ set(EXTRA_COMPONENT_DIRS "$ENV{IDF_PATH}/tools/test_apps/components") include($ENV{IDF_PATH}/tools/cmake/project.cmake) +# "Trim" the build. Include the minimal set of components, main, and anything it depends on. +idf_build_set_property(MINIMAL_BUILD ON) + project(crypto_test) diff --git a/components/hal/test_apps/crypto/main/CMakeLists.txt b/components/hal/test_apps/crypto/main/CMakeLists.txt index 3dd261a0ce..e63a848486 100644 --- a/components/hal/test_apps/crypto/main/CMakeLists.txt +++ b/components/hal/test_apps/crypto/main/CMakeLists.txt @@ -30,14 +30,13 @@ endif() if(CONFIG_SOC_AES_SUPPORTED) list(APPEND srcs "aes/test_aes.c" "$ENV{IDF_PATH}/components/mbedtls/port/aes/esp_aes_common.c" - "aes/aes_block.c") + "$ENV{IDF_PATH}/components/mbedtls/port/aes/esp_aes.c") + list(APPEND priv_include_dirs "$ENV{IDF_PATH}/components/mbedtls/port/include" "$ENV{IDF_PATH}/components/mbedtls/port/aes/include") if(CONFIG_SOC_AES_SUPPORT_DMA) list(APPEND priv_include_dirs "$ENV{IDF_PATH}/components/mbedtls/port/aes/dma/include") - list(APPEND srcs "$ENV{IDF_PATH}/components/mbedtls/port/aes/dma/esp_aes.c") - if(NOT CONFIG_SOC_AES_GDMA) list(APPEND srcs "$ENV{IDF_PATH}/components/mbedtls/port/aes/dma/esp_aes_crypto_dma_impl.c") else() diff --git a/components/hal/test_apps/crypto/main/aes/aes_block.c b/components/hal/test_apps/crypto/main/aes/aes_block.c deleted file mode 100644 index 15de815e8c..0000000000 --- a/components/hal/test_apps/crypto/main/aes/aes_block.c +++ /dev/null @@ -1,111 +0,0 @@ -/* - * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD - * - * SPDX-License-Identifier: CC0-1.0 - */ - -#include -#include -#include - -#include "esp_crypto_periph_clk.h" -#include "hal/aes_types.h" -#include "hal/aes_hal.h" -#include "hal/aes_ll.h" - -#if SOC_AES_SUPPORTED - -#include "aes_block.h" - -void aes_crypt_cbc_block(int mode, - uint8_t key_bytes, - const uint8_t key[32], - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output) -{ - uint32_t *output_words = (uint32_t *)output; - const uint32_t *input_words = (const uint32_t *)input; - uint32_t *iv_words = (uint32_t *)iv; - unsigned char temp[16]; - - esp_crypto_aes_enable_periph_clk(true); - - /* Sets the key used for AES encryption/decryption */ - aes_hal_setkey(key, key_bytes, mode); - - if (mode == ESP_AES_DECRYPT) { - while ( length > 0 ) { - memcpy(temp, input_words, 16); - aes_hal_transform_block(input_words, output_words); - - output_words[0] = output_words[0] ^ iv_words[0]; - output_words[1] = output_words[1] ^ iv_words[1]; - output_words[2] = output_words[2] ^ iv_words[2]; - output_words[3] = output_words[3] ^ iv_words[3]; - - memcpy( iv_words, temp, 16 ); - - input_words += 4; - output_words += 4; - length -= 16; - } - } else { // ESP_AES_ENCRYPT - while ( length > 0 ) { - - output_words[0] = input_words[0] ^ iv_words[0]; - output_words[1] = input_words[1] ^ iv_words[1]; - output_words[2] = input_words[2] ^ iv_words[2]; - output_words[3] = input_words[3] ^ iv_words[3]; - - aes_hal_transform_block(output_words, output_words); - memcpy( iv_words, output_words, 16 ); - - input_words += 4; - output_words += 4; - length -= 16; - } - } - - esp_crypto_aes_enable_periph_clk(false); -} - - -void aes_crypt_ctr_block(uint8_t key_bytes, - const uint8_t key[32], - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ) -{ - int c, i; - size_t n = *nc_off; - - esp_crypto_aes_enable_periph_clk(true); - - /* Sets the key used for AES encryption/decryption */ - aes_hal_setkey(key, key_bytes, ESP_AES_ENCRYPT); - - while (length--) { - if ( n == 0 ) { - aes_hal_transform_block(nonce_counter, stream_block); - for ( i = 16; i > 0; i-- ) { - if ( ++nonce_counter[i - 1] != 0 ) { - break; - } - } - } - c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); - n = ( n + 1 ) & 0x0F; - } - - *nc_off = n; - - esp_crypto_aes_enable_periph_clk(false); -} - -#endif diff --git a/components/hal/test_apps/crypto/main/aes/aes_block.h b/components/hal/test_apps/crypto/main/aes/aes_block.h deleted file mode 100644 index bb46bd8c91..0000000000 --- a/components/hal/test_apps/crypto/main/aes/aes_block.h +++ /dev/null @@ -1,29 +0,0 @@ -/* - * SPDX-FileCopyrightText: 2019-2023 Espressif Systems (Shanghai) CO LTD - * - * SPDX-License-Identifier: Apache-2.0 - */ -#pragma once - -#include - -#if SOC_AES_SUPPORTED - -void aes_crypt_cbc_block(int mode, - uint8_t key_bytes, - const uint8_t key[32], - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output); - -void aes_crypt_ctr_block(uint8_t key_bytes, - const uint8_t key[32], - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ); - -#endif diff --git a/components/hal/test_apps/crypto/main/aes/test_aes.c b/components/hal/test_apps/crypto/main/aes/test_aes.c index 518669b5bd..e8c1673254 100644 --- a/components/hal/test_apps/crypto/main/aes/test_aes.c +++ b/components/hal/test_apps/crypto/main/aes/test_aes.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: CC0-1.0 */ @@ -15,15 +15,10 @@ #include "memory_checks.h" #include "unity_fixture.h" #include "esp_log.h" -#include "aes/esp_aes.h" -#include "aes/esp_aes_gcm.h" #if SOC_AES_SUPPORTED - -#include "aes_block.h" - -#define AES_BUFFER_SIZE 1600 -#define AES_LONG_BUFFER_SIZE 8000 +#include "aes/esp_aes.h" +#include "aes/esp_aes_gcm.h" TEST_GROUP(aes); @@ -39,17 +34,16 @@ TEST_TEAR_DOWN(aes) test_utils_get_leak_level(ESP_LEAK_TYPE_CRITICAL, ESP_COMP_LEAK_ALL)); } -static void test_cbc_aes(bool is_dma, size_t buffer_size, const uint8_t expected_cipher_end[32]) +static void test_cbc_aes(size_t buffer_size, const uint8_t expected_cipher_end[32]) { esp_aes_context ctx; - unsigned int key_bits = 256; uint8_t nonce[16]; esp_aes_init(&ctx); - esp_aes_setkey(&ctx, key_256, key_bits); + TEST_ASSERT_EQUAL(0, esp_aes_setkey(&ctx, key_256, KEY_BITS)); - uint8_t *chipertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); - TEST_ASSERT_NOT_NULL(chipertext); + uint8_t *ciphertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); + TEST_ASSERT_NOT_NULL(ciphertext); uint8_t *plaintext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); TEST_ASSERT_NOT_NULL(plaintext); uint8_t *decryptedtext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); @@ -60,52 +54,34 @@ static void test_cbc_aes(bool is_dma, size_t buffer_size, const uint8_t expected // Encrypt memcpy(nonce, iv, 16); -#ifdef SOC_AES_SUPPORT_DMA - if (is_dma) { - esp_aes_crypt_cbc(&ctx, ESP_AES_ENCRYPT, buffer_size, nonce, plaintext, chipertext); - } - else -#endif - { - aes_crypt_cbc_block(ESP_AES_ENCRYPT, key_bits / 8, key_256, buffer_size, nonce, plaintext, chipertext); - } - TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, chipertext + buffer_size - 32, 32); + TEST_ASSERT_EQUAL(0, esp_aes_crypt_cbc(&ctx, ESP_AES_ENCRYPT, buffer_size, nonce, plaintext, ciphertext)); + TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, ciphertext + buffer_size - 32, 32); // Decrypt memcpy(nonce, iv, 16); -#ifdef SOC_AES_SUPPORT_DMA - if (is_dma) { - esp_aes_crypt_cbc(&ctx, ESP_AES_DECRYPT, buffer_size, nonce, chipertext, decryptedtext); - } - else -#endif - { - aes_crypt_cbc_block(ESP_AES_DECRYPT, key_bits / 8, key_256, buffer_size, nonce, chipertext, decryptedtext); - } + TEST_ASSERT_EQUAL(0, esp_aes_crypt_cbc(&ctx, ESP_AES_DECRYPT, buffer_size, nonce, ciphertext, decryptedtext)); TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, buffer_size); esp_aes_free(&ctx); // Free dynamically allocated memory - heap_caps_free(chipertext); + heap_caps_free(ciphertext); heap_caps_free(plaintext); heap_caps_free(decryptedtext); } -static void test_ctr_aes(bool is_dma, size_t buffer_size, const uint8_t expected_cipher_end[32]) +static void test_ctr_aes(size_t buffer_size, const uint8_t expected_cipher_end[32]) { - esp_aes_context ctx; - unsigned int key_bits = 256; uint8_t nonce[16]; uint8_t stream_block[16]; size_t nc_off = 0; esp_aes_init(&ctx); - esp_aes_setkey(&ctx, key_256, key_bits); + TEST_ASSERT_EQUAL(0, esp_aes_setkey(&ctx, key_256, KEY_BITS)); - uint8_t *chipertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); - TEST_ASSERT_NOT_NULL(chipertext); + uint8_t *ciphertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); + TEST_ASSERT_NOT_NULL(ciphertext); uint8_t *plaintext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); TEST_ASSERT_NOT_NULL(plaintext); uint8_t *decryptedtext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); @@ -116,53 +92,35 @@ static void test_ctr_aes(bool is_dma, size_t buffer_size, const uint8_t expected // Encrypt memcpy(nonce, iv, 16); -#ifdef SOC_AES_SUPPORT_DMA - if (is_dma) { - esp_aes_crypt_ctr(&ctx, buffer_size, &nc_off, nonce, stream_block, plaintext, chipertext); - } - else -#endif - { - aes_crypt_ctr_block(key_bits / 8, key_256, buffer_size, &nc_off, nonce, stream_block, plaintext, chipertext); - } - TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, chipertext + buffer_size - 32, 32); + TEST_ASSERT_EQUAL(0, esp_aes_crypt_ctr(&ctx, buffer_size, &nc_off, nonce, stream_block, plaintext, ciphertext)); + TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, ciphertext + buffer_size - 32, 32); // Decrypt memcpy(nonce, iv, 16); nc_off = 0; -#ifdef SOC_AES_SUPPORT_DMA - if (is_dma) { - esp_aes_crypt_ctr(&ctx, buffer_size, &nc_off, nonce, stream_block, chipertext, decryptedtext); - } - else -#endif - { - aes_crypt_ctr_block(key_bits / 8, key_256, buffer_size, &nc_off, nonce, stream_block, chipertext, decryptedtext); - } + TEST_ASSERT_EQUAL(0, esp_aes_crypt_ctr(&ctx, buffer_size, &nc_off, nonce, stream_block, ciphertext, decryptedtext)); TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, buffer_size); esp_aes_free(&ctx); // Free dynamically allocated memory - heap_caps_free(chipertext); + heap_caps_free(ciphertext); heap_caps_free(plaintext); heap_caps_free(decryptedtext); } -#ifdef SOC_AES_SUPPORT_DMA - +#if SOC_AES_SUPPORT_DMA static void test_ofb_aes(size_t buffer_size, const uint8_t expected_cipher_end[32]) { esp_aes_context ctx; - unsigned int key_bits = 256; uint8_t nonce[16]; size_t nc_off = 0; esp_aes_init(&ctx); - esp_aes_setkey(&ctx, key_256, key_bits); + TEST_ASSERT_EQUAL(0, esp_aes_setkey(&ctx, key_256, KEY_BITS)); - uint8_t *chipertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); - TEST_ASSERT_NOT_NULL(chipertext); + uint8_t *ciphertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); + TEST_ASSERT_NOT_NULL(ciphertext); uint8_t *plaintext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); TEST_ASSERT_NOT_NULL(plaintext); uint8_t *decryptedtext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); @@ -173,19 +131,19 @@ static void test_ofb_aes(size_t buffer_size, const uint8_t expected_cipher_end[3 // Encrypt memcpy(nonce, iv, 16); - esp_aes_crypt_ofb(&ctx, buffer_size, &nc_off, nonce, plaintext, chipertext); - TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, chipertext + buffer_size - 32, 32); + TEST_ASSERT_EQUAL(0, esp_aes_crypt_ofb(&ctx, buffer_size, &nc_off, nonce, plaintext, ciphertext)); + TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, ciphertext + buffer_size - 32, 32); // Decrypt memcpy(nonce, iv, 16); nc_off = 0; - esp_aes_crypt_ofb(&ctx, buffer_size, &nc_off, nonce, chipertext, decryptedtext); + TEST_ASSERT_EQUAL(0, esp_aes_crypt_ofb(&ctx, buffer_size, &nc_off, nonce, ciphertext, decryptedtext)); TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, buffer_size); esp_aes_free(&ctx); // Free dynamically allocated memory - heap_caps_free(chipertext); + heap_caps_free(ciphertext); heap_caps_free(plaintext); heap_caps_free(decryptedtext); } @@ -193,14 +151,13 @@ static void test_ofb_aes(size_t buffer_size, const uint8_t expected_cipher_end[3 static void test_cfb8_aes(size_t buffer_size, const uint8_t expected_cipher_end[32]) { esp_aes_context ctx; - unsigned int key_bits = 256; uint8_t nonce[16]; esp_aes_init(&ctx); - esp_aes_setkey(&ctx, key_256, key_bits); + TEST_ASSERT_EQUAL(0, esp_aes_setkey(&ctx, key_256, KEY_BITS)); - uint8_t *chipertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); - TEST_ASSERT_NOT_NULL(chipertext); + uint8_t *ciphertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); + TEST_ASSERT_NOT_NULL(ciphertext); uint8_t *plaintext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); TEST_ASSERT_NOT_NULL(plaintext); uint8_t *decryptedtext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); @@ -211,18 +168,18 @@ static void test_cfb8_aes(size_t buffer_size, const uint8_t expected_cipher_end[ // Encrypt memcpy(nonce, iv, 16); - esp_aes_crypt_cfb8(&ctx, ESP_AES_ENCRYPT, buffer_size, nonce, plaintext, chipertext); - TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, chipertext + buffer_size - 32, 32); + TEST_ASSERT_EQUAL(0, esp_aes_crypt_cfb8(&ctx, ESP_AES_ENCRYPT, buffer_size, nonce, plaintext, ciphertext)); + TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, ciphertext + buffer_size - 32, 32); // Decrypt memcpy(nonce, iv, 16); - esp_aes_crypt_cfb8(&ctx, ESP_AES_DECRYPT, buffer_size, nonce, chipertext, decryptedtext); + TEST_ASSERT_EQUAL(0, esp_aes_crypt_cfb8(&ctx, ESP_AES_DECRYPT, buffer_size, nonce, ciphertext, decryptedtext)); TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, buffer_size); esp_aes_free(&ctx); // Free dynamically allocated memory - heap_caps_free(chipertext); + heap_caps_free(ciphertext); heap_caps_free(plaintext); heap_caps_free(decryptedtext); } @@ -230,15 +187,14 @@ static void test_cfb8_aes(size_t buffer_size, const uint8_t expected_cipher_end[ static void test_cfb128_aes(size_t buffer_size, const uint8_t expected_cipher_end[32]) { esp_aes_context ctx; - unsigned int key_bits = 256; uint8_t nonce[16]; size_t nc_off = 0; esp_aes_init(&ctx); - esp_aes_setkey(&ctx, key_256, key_bits); + TEST_ASSERT_EQUAL(0, esp_aes_setkey(&ctx, key_256, KEY_BITS)); - uint8_t *chipertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); - TEST_ASSERT_NOT_NULL(chipertext); + uint8_t *ciphertext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); + TEST_ASSERT_NOT_NULL(ciphertext); uint8_t *plaintext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); TEST_ASSERT_NOT_NULL(plaintext); uint8_t *decryptedtext = heap_caps_calloc(buffer_size, sizeof(uint8_t), MALLOC_CAP_INTERNAL | MALLOC_CAP_8BIT); @@ -249,25 +205,25 @@ static void test_cfb128_aes(size_t buffer_size, const uint8_t expected_cipher_en // Encrypt memcpy(nonce, iv, 16); - esp_aes_crypt_cfb128(&ctx, ESP_AES_ENCRYPT, buffer_size, &nc_off, nonce, plaintext, chipertext); - TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, chipertext + buffer_size - 32, 32); + TEST_ASSERT_EQUAL(0, esp_aes_crypt_cfb128(&ctx, ESP_AES_ENCRYPT, buffer_size, &nc_off, nonce, plaintext, ciphertext)); + TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, ciphertext + buffer_size - 32, 32); // Decrypt nc_off = 0; memcpy(nonce, iv, 16); - esp_aes_crypt_cfb128(&ctx, ESP_AES_DECRYPT, buffer_size, &nc_off, nonce, chipertext, decryptedtext); + TEST_ASSERT_EQUAL(0, esp_aes_crypt_cfb128(&ctx, ESP_AES_DECRYPT, buffer_size, &nc_off, nonce, ciphertext, decryptedtext)); TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, buffer_size); esp_aes_free(&ctx); // Free dynamically allocated memory - heap_caps_free(chipertext); + heap_caps_free(ciphertext); heap_caps_free(plaintext); heap_caps_free(decryptedtext); } +#if SOC_GCM_SUPPORTED #define CIPHER_ID_AES 2 - static void test_gcm_aes(size_t length, const uint8_t expected_last_block[16], const uint8_t expected_tag[16]) { uint8_t iv[16]; @@ -296,17 +252,17 @@ static void test_gcm_aes(size_t length, const uint8_t expected_last_block[16], c memcpy(iv_buf, iv, iv_length); esp_aes_gcm_init(&ctx); - TEST_ASSERT(esp_aes_gcm_setkey(&ctx, CIPHER_ID_AES, key, 8 * sizeof(key)) == 0); + TEST_ASSERT_EQUAL(0, esp_aes_gcm_setkey(&ctx, CIPHER_ID_AES, key, 8 * sizeof(key))); /* Encrypt and authenticate */ - TEST_ASSERT(esp_aes_gcm_crypt_and_tag(&ctx, ESP_AES_ENCRYPT, length, iv_buf, iv_length, add, add_length, plaintext, ciphertext, tag_len, tag_buf_encrypt) == 0); + TEST_ASSERT_EQUAL(0, esp_aes_gcm_crypt_and_tag(&ctx, ESP_AES_ENCRYPT, length, iv_buf, iv_length, add, add_length, plaintext, ciphertext, tag_len, tag_buf_encrypt)); size_t offset = length > 16 ? length - 16 : 0; /* Sanity check: make sure the last ciphertext block matches what we expect to see. */ TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_last_block, ciphertext + offset, MIN(16, length)); TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_tag, tag_buf_encrypt, tag_len); /* Decrypt and authenticate */ - TEST_ASSERT(esp_aes_gcm_auth_decrypt(&ctx, length, iv_buf, iv_length, add, add_length, expected_tag, tag_len, ciphertext, decryptedtext) == 0); + TEST_ASSERT_EQUAL(0, esp_aes_gcm_auth_decrypt(&ctx, length, iv_buf, iv_length, add, add_length, expected_tag, tag_len, ciphertext, decryptedtext)); TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, length); esp_aes_gcm_free(&ctx); @@ -315,148 +271,75 @@ static void test_gcm_aes(size_t length, const uint8_t expected_last_block[16], c heap_caps_free(ciphertext); heap_caps_free(decryptedtext); } +#endif /* SOC_GCM_SUPPORTED */ #endif /* SOC_AES_SUPPORT_DMA */ TEST(aes, cbc_aes_256_block_test) { - const uint8_t expected_cipher_end[32] = { - 0x3e, 0x68, 0x8a, 0x02, 0xe6, 0xf2, 0x6a, 0x9e, - 0x9b, 0xb2, 0xc0, 0xc4, 0x63, 0x63, 0xd9, 0x25, - 0x51, 0xdc, 0xc2, 0x71, 0x96, 0xb3, 0xe5, 0xcd, - 0xbd, 0x0e, 0xf2, 0xef, 0xa9, 0xab, 0xab, 0x2d, - }; - - test_cbc_aes(0,AES_BUFFER_SIZE, expected_cipher_end); + test_cbc_aes(AES_BUFFER_SIZE_BLOCK_MODE, expected_cipher_end_block_cbc); } TEST(aes, ctr_aes_256_block_test) { - const uint8_t expected_cipher_end[32] = { - 0xed, 0xa4, 0xa4, 0xe0, 0xee, 0x1d, 0x73, 0x96, - 0xd3, 0xde, 0xaa, 0xe0, 0xb7, 0x76, 0x7f, 0xcb, - 0x0f, 0xe8, 0x64, 0xf0, 0xd3, 0xf1, 0xab, 0x14, - 0x5a, 0x89, 0x47, 0xb4, 0x32, 0xed, 0x41, 0x9c, - }; - - test_ctr_aes(0, AES_BUFFER_SIZE, expected_cipher_end); + test_ctr_aes(AES_BUFFER_SIZE_BLOCK_MODE, expected_cipher_end_block_ctr); } #if SOC_AES_SUPPORT_DMA - TEST(aes, cbc_aes_256_dma_test) { - const uint8_t expected_cipher_end[32] = { - 0x3e, 0x68, 0x8a, 0x02, 0xe6, 0xf2, 0x6a, 0x9e, - 0x9b, 0xb2, 0xc0, 0xc4, 0x63, 0x63, 0xd9, 0x25, - 0x51, 0xdc, 0xc2, 0x71, 0x96, 0xb3, 0xe5, 0xcd, - 0xbd, 0x0e, 0xf2, 0xef, 0xa9, 0xab, 0xab, 0x2d, - }; - test_cbc_aes(1, AES_BUFFER_SIZE, expected_cipher_end); + test_cbc_aes(AES_BUFFER_SIZE_DMA_MODE, expected_cipher_end_dma_cbc); } TEST(aes, ctr_aes_256_dma_test) { - const uint8_t expected_cipher_end[32] = { - 0xed, 0xa4, 0xa4, 0xe0, 0xee, 0x1d, 0x73, 0x96, - 0xd3, 0xde, 0xaa, 0xe0, 0xb7, 0x76, 0x7f, 0xcb, - 0x0f, 0xe8, 0x64, 0xf0, 0xd3, 0xf1, 0xab, 0x14, - 0x5a, 0x89, 0x47, 0xb4, 0x32, 0xed, 0x41, 0x9c, - }; - test_ctr_aes(1, AES_BUFFER_SIZE, expected_cipher_end); + test_ctr_aes(AES_BUFFER_SIZE_DMA_MODE, expected_cipher_end_dma_ctr); } TEST(aes, ofb_aes_256_dma_test) { - const uint8_t expected_cipher_end[] = { - 0x9e, 0x12, 0x10, 0xf0, 0x3f, 0xbf, 0xf8, 0x34, - 0x08, 0x86, 0x7c, 0x02, 0x6b, 0x8a, 0x76, 0xa6, - 0x25, 0x9f, 0x34, 0x61, 0x8b, 0x89, 0x60, 0x16, - 0xe6, 0xa0, 0xa5, 0xb6, 0x5b, 0x0a, 0xeb, 0x1f, - }; - test_ofb_aes(AES_BUFFER_SIZE, expected_cipher_end); + test_ofb_aes(AES_BUFFER_SIZE_DMA_MODE, expected_cipher_end_dma_ofb); } TEST(aes, cfb8_aes_256_dma_test) { - const uint8_t expected_cipher_end[] = { - 0x76, 0x95, 0x22, 0x72, 0x3f, 0x44, 0x2d, 0x32, - 0x3e, 0x85, 0xb8, 0xe8, 0xf7, 0x38, 0x04, 0xd6, - 0x4a, 0xc5, 0xdb, 0x2c, 0x46, 0x5f, 0x5b, 0xa2, - 0x24, 0x4a, 0x35, 0xcb, 0xe5, 0x94, 0x71, 0x21, - }; - test_cfb8_aes(AES_BUFFER_SIZE, expected_cipher_end); + test_cfb8_aes(AES_BUFFER_SIZE_DMA_MODE, expected_cipher_end_dma_cfb8); } TEST(aes, cfb128_aes_256_dma_test) { - const uint8_t expected_cipher_end[] = { - 0xd0, 0x9b, 0x2e, 0x25, 0xd5, 0xeb, 0x08, 0xbd, - 0xd8, 0x7e, 0x64, 0xde, 0x35, 0x2b, 0xb1, 0x53, - 0xf8, 0x3a, 0xf7, 0xa8, 0x1e, 0x96, 0xaa, 0xce, - 0xa4, 0xf2, 0x8a, 0x2d, 0x01, 0xd5, 0x62, 0xa0, - }; - test_cfb128_aes(AES_BUFFER_SIZE, expected_cipher_end); + test_cfb128_aes(AES_BUFFER_SIZE_DMA_MODE, expected_cipher_end_dma_cfb128); } #if CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT TEST(aes, cbc_aes_256_long_dma_test) { - const uint8_t expected_cipher_end[32] = { - 0xd1, 0x32, 0x62, 0x9d, 0x2f, 0x0e, 0x1d, 0x27, - 0x0e, 0x2b, 0x53, 0x0b, 0x81, 0x53, 0x92, 0x69, - 0x8a, 0x9c, 0x25, 0xb1, 0x77, 0x2b, 0xe4, 0x80, - 0x3a, 0xee, 0xdc, 0xbb, 0x80, 0xd6, 0x1a, 0x42, - }; - test_cbc_aes(1, AES_LONG_BUFFER_SIZE, expected_cipher_end); + test_cbc_aes(AES_BUFFER_SIZE_DMA_MODE_WITH_INTERRUPT, expected_cipher_end_dma_cbc_with_interrupt); } TEST(aes, ctr_aes_256_long_dma_test) { - const uint8_t expected_cipher_end[32] = { - 0x30, 0x8e, 0x3b, 0x27, 0x54, 0x85, 0x58, 0x20, - 0x1a, 0xa6, 0xca, 0x81, 0x12, 0x23, 0x7f, 0x01, - 0xba, 0x27, 0x72, 0x44, 0xa9, 0x00, 0x42, 0x8a, - 0x4e, 0xda, 0x26, 0xf9, 0xd9, 0x0b, 0xb1, 0xa5, - }; - test_ctr_aes(1, AES_LONG_BUFFER_SIZE, expected_cipher_end); + test_ctr_aes(AES_BUFFER_SIZE_DMA_MODE_WITH_INTERRUPT, expected_cipher_end_dma_ctr_with_interrupt); } TEST(aes, ofb_aes_256_long_dma_test) { - const uint8_t expected_cipher_end[] = { - 0xdc, 0xd1, 0x8a, 0x5c, 0x38, 0xb4, 0xce, 0xdf, - 0x21, 0xa0, 0xa4, 0x0b, 0x87, 0xbb, 0xdf, 0xf5, - 0x42, 0xc6, 0xe2, 0x1f, 0x9f, 0x93, 0x3b, 0xa4, - 0xdd, 0xb0, 0xce, 0xf0, 0x98, 0x47, 0x23, 0x20, - }; - test_ofb_aes(AES_LONG_BUFFER_SIZE, expected_cipher_end); + test_ofb_aes(AES_BUFFER_SIZE_DMA_MODE_WITH_INTERRUPT, expected_cipher_end_dma_ofb_with_interrupt); } TEST(aes, cfb8_aes_256_long_dma_test) { - const uint8_t expected_cipher_end[] = { - 0x9a, 0x2a, 0xaf, 0xec, 0xd1, 0xf3, 0xd2, 0xe2, - 0xf5, 0x62, 0x16, 0x5c, 0x42, 0x8f, 0xc1, 0xa3, - 0x34, 0x05, 0x9b, 0xa5, 0x44, 0x02, 0xff, 0xf4, - 0x6b, 0xca, 0x3c, 0xac, 0xff, 0x6e, 0xb6, 0x7a, - }; - test_cfb8_aes(AES_LONG_BUFFER_SIZE, expected_cipher_end); + test_cfb8_aes(AES_BUFFER_SIZE_DMA_MODE_WITH_INTERRUPT, expected_cipher_end_dma_cfb8_with_interrupt); } TEST(aes, cfb128_aes_256_long_dma_test) { - const uint8_t expected_cipher_end[] = { - 0x6c, 0x63, 0xa9, 0x19, 0x12, 0x89, 0x57, 0xeb, - 0xbe, 0x73, 0x17, 0x62, 0xc6, 0xfc, 0xf0, 0x43, - 0x6d, 0x49, 0x6b, 0xc6, 0x35, 0xf8, 0xc1, 0x48, - 0xe2, 0xb7, 0xb1, 0x6f, 0x26, 0x9f, 0x04, 0x8b, - }; - test_cfb128_aes(AES_LONG_BUFFER_SIZE, expected_cipher_end); + test_cfb128_aes(AES_BUFFER_SIZE_DMA_MODE_WITH_INTERRUPT, expected_cipher_end_dma_cfb128_with_interrupt); } #endif +#if SOC_GCM_SUPPORTED TEST(aes, gcm_aes_dma_test) { size_t length = 16; @@ -487,6 +370,7 @@ TEST(aes, gcm_aes_long_dma_test) test_gcm_aes(length, expected_last_block, expected_tag); } #endif /* CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT */ +#endif /* SOC_GCM_SUPPORTED */ #endif /* SOC_AES_SUPPORT_DMA */ TEST_GROUP_RUNNER(aes) @@ -506,10 +390,12 @@ TEST_GROUP_RUNNER(aes) RUN_TEST_CASE(aes, cfb8_aes_256_long_dma_test); RUN_TEST_CASE(aes, cfb128_aes_256_long_dma_test); #endif /* CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT */ +#if SOC_GCM_SUPPORTED RUN_TEST_CASE(aes, gcm_aes_dma_test); #if CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT RUN_TEST_CASE(aes, gcm_aes_long_dma_test); #endif /* CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT */ +#endif /* SOC_GCM_SUPPORTED */ #endif /* SOC_AES_SUPPORT_DMA */ } diff --git a/components/hal/test_apps/crypto/main/aes/test_params.h b/components/hal/test_apps/crypto/main/aes/test_params.h index 38285935b9..d32f9bb64b 100644 --- a/components/hal/test_apps/crypto/main/aes/test_params.h +++ b/components/hal/test_apps/crypto/main/aes/test_params.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 * @@ -25,4 +25,98 @@ static const uint8_t iv[] = { 0x10, 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, }; + +#define AES_BUFFER_SIZE_BLOCK_MODE 128 /* Shorter data length to test the block mode */ + +const uint8_t expected_cipher_end_block_cbc[32] = { + 0x89, 0xc1, 0x6b, 0x75, 0x19, 0x03, 0x0f, 0x1d, + 0xdb, 0xfb, 0xb9, 0x90, 0x02, 0x30, 0x34, 0x3c, + 0xf0, 0x12, 0xa1, 0xa3, 0x87, 0x0f, 0x61, 0x32, + 0x58, 0xdd, 0x20, 0xbe, 0xff, 0x30, 0x58, 0x38, +}; + +const uint8_t expected_cipher_end_block_ctr[32] = { + 0xd4, 0xf8, 0x63, 0xd3, 0x1f, 0xfa, 0xfa, 0xf5, + 0x42, 0x7e, 0x3e, 0xad, 0x63, 0x99, 0x69, 0x3d, + 0x91, 0x40, 0xfa, 0xa8, 0x74, 0x89, 0xae, 0xbe, + 0xee, 0x5c, 0xea, 0x45, 0xef, 0x77, 0x2b, 0x83, +}; + +#define AES_BUFFER_SIZE_DMA_MODE 1600 /* Longer data length to test the DMA mode */ + +/* Expected cipher text's last 32 bytes for 1600 bytes data length */ +const uint8_t expected_cipher_end_dma_cbc[32] = { + 0x3e, 0x68, 0x8a, 0x02, 0xe6, 0xf2, 0x6a, 0x9e, + 0x9b, 0xb2, 0xc0, 0xc4, 0x63, 0x63, 0xd9, 0x25, + 0x51, 0xdc, 0xc2, 0x71, 0x96, 0xb3, 0xe5, 0xcd, + 0xbd, 0x0e, 0xf2, 0xef, 0xa9, 0xab, 0xab, 0x2d, +}; + +const uint8_t expected_cipher_end_dma_ctr[32] = { + 0xed, 0xa4, 0xa4, 0xe0, 0xee, 0x1d, 0x73, 0x96, + 0xd3, 0xde, 0xaa, 0xe0, 0xb7, 0x76, 0x7f, 0xcb, + 0x0f, 0xe8, 0x64, 0xf0, 0xd3, 0xf1, 0xab, 0x14, + 0x5a, 0x89, 0x47, 0xb4, 0x32, 0xed, 0x41, 0x9c, +}; + +const uint8_t expected_cipher_end_dma_ofb[32] = { + 0x9e, 0x12, 0x10, 0xf0, 0x3f, 0xbf, 0xf8, 0x34, + 0x08, 0x86, 0x7c, 0x02, 0x6b, 0x8a, 0x76, 0xa6, + 0x25, 0x9f, 0x34, 0x61, 0x8b, 0x89, 0x60, 0x16, + 0xe6, 0xa0, 0xa5, 0xb6, 0x5b, 0x0a, 0xeb, 0x1f, +}; + +const uint8_t expected_cipher_end_dma_cfb8[32] = { + 0x76, 0x95, 0x22, 0x72, 0x3f, 0x44, 0x2d, 0x32, + 0x3e, 0x85, 0xb8, 0xe8, 0xf7, 0x38, 0x04, 0xd6, + 0x4a, 0xc5, 0xdb, 0x2c, 0x46, 0x5f, 0x5b, 0xa2, + 0x24, 0x4a, 0x35, 0xcb, 0xe5, 0x94, 0x71, 0x21, +}; + +const uint8_t expected_cipher_end_dma_cfb128[32] = { + 0xd0, 0x9b, 0x2e, 0x25, 0xd5, 0xeb, 0x08, 0xbd, + 0xd8, 0x7e, 0x64, 0xde, 0x35, 0x2b, 0xb1, 0x53, + 0xf8, 0x3a, 0xf7, 0xa8, 0x1e, 0x96, 0xaa, 0xce, + 0xa4, 0xf2, 0x8a, 0x2d, 0x01, 0xd5, 0x62, 0xa0, +}; + +#define AES_BUFFER_SIZE_DMA_MODE_WITH_INTERRUPT 8000 + +const uint8_t expected_cipher_end_dma_cbc_with_interrupt[32] = { + 0xd1, 0x32, 0x62, 0x9d, 0x2f, 0x0e, 0x1d, 0x27, + 0x0e, 0x2b, 0x53, 0x0b, 0x81, 0x53, 0x92, 0x69, + 0x8a, 0x9c, 0x25, 0xb1, 0x77, 0x2b, 0xe4, 0x80, + 0x3a, 0xee, 0xdc, 0xbb, 0x80, 0xd6, 0x1a, 0x42, +}; + +const uint8_t expected_cipher_end_dma_ctr_with_interrupt[32] = { + 0x30, 0x8e, 0x3b, 0x27, 0x54, 0x85, 0x58, 0x20, + 0x1a, 0xa6, 0xca, 0x81, 0x12, 0x23, 0x7f, 0x01, + 0xba, 0x27, 0x72, 0x44, 0xa9, 0x00, 0x42, 0x8a, + 0x4e, 0xda, 0x26, 0xf9, 0xd9, 0x0b, 0xb1, 0xa5, +}; + +const uint8_t expected_cipher_end_dma_ofb_with_interrupt[32] = { + 0xdc, 0xd1, 0x8a, 0x5c, 0x38, 0xb4, 0xce, 0xdf, + 0x21, 0xa0, 0xa4, 0x0b, 0x87, 0xbb, 0xdf, 0xf5, + 0x42, 0xc6, 0xe2, 0x1f, 0x9f, 0x93, 0x3b, 0xa4, + 0xdd, 0xb0, 0xce, 0xf0, 0x98, 0x47, 0x23, 0x20, +}; + +const uint8_t expected_cipher_end_dma_cfb8_with_interrupt[32] = { + 0x9a, 0x2a, 0xaf, 0xec, 0xd1, 0xf3, 0xd2, 0xe2, + 0xf5, 0x62, 0x16, 0x5c, 0x42, 0x8f, 0xc1, 0xa3, + 0x34, 0x05, 0x9b, 0xa5, 0x44, 0x02, 0xff, 0xf4, + 0x6b, 0xca, 0x3c, 0xac, 0xff, 0x6e, 0xb6, 0x7a, +}; + +const uint8_t expected_cipher_end_dma_cfb128_with_interrupt[32] = { + 0x6c, 0x63, 0xa9, 0x19, 0x12, 0x89, 0x57, 0xeb, + 0xbe, 0x73, 0x17, 0x62, 0xc6, 0xfc, 0xf0, 0x43, + 0x6d, 0x49, 0x6b, 0xc6, 0x35, 0xf8, 0xc1, 0x48, + 0xe2, 0xb7, 0xb1, 0x6f, 0x26, 0x9f, 0x04, 0x8b, +}; + +#define KEY_BITS 256 + #endif /* SOC_AES_SUPPORTED */ diff --git a/components/hal/test_apps/crypto/sdkconfig.defaults b/components/hal/test_apps/crypto/sdkconfig.defaults index 05e548b71a..13eafa08c2 100644 --- a/components/hal/test_apps/crypto/sdkconfig.defaults +++ b/components/hal/test_apps/crypto/sdkconfig.defaults @@ -6,3 +6,6 @@ CONFIG_PARTITION_TABLE_CUSTOM=y CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv" CONFIG_PARTITION_TABLE_FILENAME="partitions.csv" CONFIG_PARTITION_TABLE_OFFSET=0x8000 + +# Enable block and DMA modes for AES +CONFIG_MBEDTLS_AES_HW_SMALL_DATA_LEN_OPTIM=y