Fixes for TSIP AES CTR unit tests and handling of invalid cases.

2025-07-30 18:57:27 +02:00 · 2025-06-19 14:34:32 -07:00
parent 191165a021
commit 41591e7eb9
2 changed files with 40 additions and 42 deletions
--- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
+++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
@ -226,12 +226,6 @@ static int tsip_aes128_ctr_test(int prnt, tsip_aes_key_index_t* aes_key)
        0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
        0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff
    };
-    WOLFSSL_SMALL_STACK_STATIC const byte oddCipher[] =
-    {
-        0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
-        0xc2
-    };
-
    WOLFSSL_SMALL_STACK_STATIC const byte ctr128Key[] =
    {
        0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
@ -249,13 +243,6 @@ static int tsip_aes128_ctr_test(int prnt, tsip_aes_key_index_t* aes_key)
        0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1,
        0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
    };
-
-    WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap128Cipher[] =
-    {
-        0xe1,0x33,0x38,0xe3,0x6c,0xb7,0x19,0x62,
-        0xe0,0x0d,0x02,0x0b,0x4c,0xed,0xbd,0x86,
-        0xd3,0xda,0xe1,0x5b,0x04
-    };
    WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap128CipherLong[] =
    {
        0xe1,0x33,0x38,0xe3,0x6c,0xb7,0x19,0x62,
@ -274,14 +261,6 @@ static int tsip_aes128_ctr_test(int prnt, tsip_aes_key_index_t* aes_key)
    } testVec[] = {
        { ctr128Key, (int)sizeof(ctr128Key), ctrIv,
          ctrPlain, (int)sizeof(ctrPlain), ctr128Cipher },
-        /* let's try with just 9 bytes, non block size test */
-        { ctr128Key, (int)sizeof(ctr128Key), ctrIv,
-          ctrPlain, (int)sizeof(oddCipher), ctr128Cipher },
-        /* and an additional 9 bytes to reuse tmp left buffer */
-        { NULL, 0, NULL, ctrPlain, (int)sizeof(oddCipher), oddCipher },
-        /* Counter wrapping */
-        { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128,
-          ctrPlain, (int)sizeof(ctr128Wrap128Cipher), ctr128Wrap128Cipher },
        { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128,
          ctrPlain, (int)sizeof(ctr128Wrap128CipherLong),
          ctr128Wrap128CipherLong },
@ -302,6 +281,22 @@ static int tsip_aes128_ctr_test(int prnt, tsip_aes_key_index_t* aes_key)
        goto out;
    }

+    /* test failure cases - null */
+    ret = wc_tsip_AesCtr(NULL, NULL, NULL, 1);
+    if (ret != BAD_FUNC_ARG) {
+        ret = -8; goto out;
+    }
+    /* test failure cases - size, but no buffer */
+    ret = wc_tsip_AesCtr(enc, NULL, NULL, 1);
+    if (ret != BAD_FUNC_ARG) {
+        ret = -9; goto out;
+    }
+    /* test failure cases - non block aligned  */
+    ret = wc_tsip_AesCtr(enc, plain, cipher, 15);
+    if (ret != BAD_FUNC_ARG) {
+        ret = -10; goto out;
+    }
+
    for (i = 0; i < AES_CTR_TEST_LEN; i++) {
        if (testVec[i].key != NULL) {
            ret = wc_AesSetKeyDirect(enc, testVec[i].key, (word32)testVec[i].keySz,
@ -386,11 +381,6 @@ static int tsip_aes256_ctr_test(int prnt, tsip_aes_key_index_t* aes_key)
        0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
        0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff
    };
-    WOLFSSL_SMALL_STACK_STATIC const byte oddCipher[] =
-    {
-        0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
-        0xc2
-    };
    WOLFSSL_SMALL_STACK_STATIC const byte ctr256Key[] =
    {
        0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
@ -410,12 +400,6 @@ static int tsip_aes256_ctr_test(int prnt, tsip_aes_key_index_t* aes_key)
        0xdf,0xc9,0xc5,0x8d,0xb6,0x7a,0xad,0xa6,
        0x13,0xc2,0xdd,0x08,0x45,0x79,0x41,0xa6
    };
-    WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap128Cipher[] =
-    {
-        0x50,0xfd,0x97,0xc3,0xe6,0x1a,0xbb,0x48,
-        0x73,0xfb,0x78,0xdf,0x1e,0x8e,0x77,0xe6,
-        0x4b,0x45,0x7c,0xd6,0x8a
-    };
    WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap128CipherLong[] =
    {
        0x50,0xfd,0x97,0xc3,0xe6,0x1a,0xbb,0x48,
@ -435,12 +419,6 @@ static int tsip_aes256_ctr_test(int prnt, tsip_aes_key_index_t* aes_key)
    } testVec[] = {
        { ctr256Key, (int)sizeof(ctr256Key), ctrIv,
          ctrPlain, (int)sizeof(ctrPlain), ctr256Cipher },
-        /* let's try with just 9 bytes, non block size test */
-        { ctr256Key, (int)sizeof(ctr256Key), ctrIv,
-          ctrPlain, (int)sizeof(oddCipher), ctr256Cipher },
-        /* Counter wrapping */
-        { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128,
-          ctrPlain, (int)sizeof(ctr256Wrap128Cipher), ctr256Wrap128Cipher },
        { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128,
          ctrPlain, (int)sizeof(ctr256Wrap128CipherLong),
          ctr256Wrap128CipherLong },
@ -461,6 +439,22 @@ static int tsip_aes256_ctr_test(int prnt, tsip_aes_key_index_t* aes_key)
        goto out;
    }

+    /* test failure cases - null */
+    ret = wc_tsip_AesCtr(NULL, NULL, NULL, 1);
+    if (ret != BAD_FUNC_ARG) {
+        ret = -8; goto out;
+    }
+    /* test failure cases - size, but no buffer */
+    ret = wc_tsip_AesCtr(enc, NULL, NULL, 1);
+    if (ret != BAD_FUNC_ARG) {
+        ret = -9; goto out;
+    }
+    /* test failure cases - non block aligned  */
+    ret = wc_tsip_AesCtr(enc, plain, cipher, 15);
+    if (ret != BAD_FUNC_ARG) {
+        ret = -10; goto out;
+    }
+
    for (i = 0; i < AES_CTR_TEST_LEN; i++) {
        if (testVec[i].key != NULL) {
            ret = wc_AesSetKeyDirect(enc, testVec[i].key, (word32)testVec[i].keySz,
--- a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
+++ b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
@ -606,13 +606,17 @@ int wc_tsip_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
 #endif /* HAVE_AES_CBC */

 #ifdef WOLFSSL_AES_COUNTER
+/* API only supports even blocks (16 byte) */
+/* Use the public wc_AesCtrEncrypt with crypto callbacks to handle odd remain */
 int wc_tsip_AesCtr(struct Aes* aes, byte* out, const byte* in, word32 sz)
 {
    tsip_aes_handle_t _handle;
    int ret;
+    int blocks = (int)(sz / WC_AES_BLOCK_SIZE);
+    int remain = (int)(sz % WC_AES_BLOCK_SIZE);
    byte *iv;

-    if ((in == NULL) || (out == NULL) || (aes == NULL)) {
+    if (aes == NULL || in == NULL || out == NULL || sz == 0 || remain != 0) {
        return BAD_FUNC_ARG;
    }

@ -630,7 +634,7 @@ int wc_tsip_AesCtr(struct Aes* aes, byte* out, const byte* in, word32 sz)
        ret = R_TSIP_Aes128CtrInit(&_handle, &aes->ctx.tsip_keyIdx, iv);
        if (ret == TSIP_SUCCESS) {
            ret = R_TSIP_Aes128CtrUpdate(&_handle, (uint8_t*)in,
-                (uint8_t*)out, sz);
+                (uint8_t*)out, blocks * WC_AES_BLOCK_SIZE);
            if (ret == TSIP_SUCCESS) {
                ret = R_TSIP_Aes128CtrFinal(&_handle);
            }
@ -644,7 +648,7 @@ int wc_tsip_AesCtr(struct Aes* aes, byte* out, const byte* in, word32 sz)
        ret = R_TSIP_Aes256CtrInit(&_handle, &aes->ctx.tsip_keyIdx, iv);
        if (ret == TSIP_SUCCESS) {
            ret = R_TSIP_Aes256CtrUpdate(&_handle, (uint8_t*)in,
-                (uint8_t*)out, sz);
+                (uint8_t*)out, blocks * WC_AES_BLOCK_SIZE);
            if (ret == TSIP_SUCCESS) {
                ret = R_TSIP_Aes256CtrFinal(&_handle);
            }
@ -656,9 +660,9 @@ int wc_tsip_AesCtr(struct Aes* aes, byte* out, const byte* in, word32 sz)

    if (ret == TSIP_SUCCESS) {
        /* increment IV counter */
-        int i, blocks = (int)(sz / WC_AES_BLOCK_SIZE);
        while (blocks--) {
            /* in network byte order so start at end and work back */
+            int i;
            for (i = WC_AES_BLOCK_SIZE - 1; i >= 0; i--) {
                if (++iv[i]) /* we're done unless we overflow */
                    break;