test: aes ccm roundtrip

WilliamTakeshi · WilliamTakeshi · commit dcb7d1f24e76 · 2026-02-24T15:38:24.000+01:00
diff --git a/crypto/lakers-crypto-cryptocell310-sys/src/lib.rs b/crypto/lakers-crypto-cryptocell310-sys/src/lib.rs
@@ -366,3 +366,20 @@ impl digest::OutputSizeUser for HashInProcessSha256 {
     type OutputSize = digest::typenum::U32;
 }
 impl digest::HashMarker for HashInProcessSha256 {}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use lakers_shared::test_helper::{
+        test_aes_ccm_roundtrip, test_aes_ccm_tag_16, test_aes_ccm_tag_8,
+    };
+
+    #[test]
+    fn test_cryptocell_aes_ccm() {
+        test_aes_ccm_roundtrip::<Crypto, CcmTagLen8>(&mut Crypto);
+        test_aes_ccm_roundtrip::<Crypto, CcmTagLen16>(&mut Crypto);
+
+        test_aes_ccm_tag_8::<Crypto>(&mut Crypto);
+        test_aes_ccm_tag_16::<Crypto>(&mut Crypto);
+    }
+}
diff --git a/crypto/lakers-crypto-psa/src/lib.rs b/crypto/lakers-crypto-psa/src/lib.rs
@@ -324,6 +324,9 @@ impl digest::HashMarker for BufferedHasherSha256 {}
 #[cfg(test)]
 mod tests {
     use super::*;
+    use lakers_shared::test_helper::{
+        test_aes_ccm_roundtrip, test_aes_ccm_tag_16, test_aes_ccm_tag_8,
+    };
 
     #[test]
     fn test_hmac_sha256() {
@@ -347,4 +350,13 @@ mod tests {
         let result_2 = Crypto.hmac_sha256(&MESSAGE_2, &KEY);
         assert_eq!(result_2, RESULT_2_TV);
     }
+
+    #[test]
+    fn test_psa_aes_ccm() {
+        test_aes_ccm_roundtrip::<Crypto, CcmTagLen8>(&mut Crypto);
+        test_aes_ccm_roundtrip::<Crypto, CcmTagLen16>(&mut Crypto);
+
+        test_aes_ccm_tag_8::<Crypto>(&mut Crypto);
+        test_aes_ccm_tag_16::<Crypto>(&mut Crypto);
+    }
 }
diff --git a/crypto/lakers-crypto-rustcrypto/src/lib.rs b/crypto/lakers-crypto-rustcrypto/src/lib.rs
@@ -185,3 +185,23 @@ impl<Rng: rand_core::RngCore + rand_core::CryptoRng> CryptoTrait for Crypto<Rng>
         (private_key.into(), public_key.into())
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use lakers_shared::test_helper::{
+        test_aes_ccm_roundtrip, test_aes_ccm_tag_16, test_aes_ccm_tag_8,
+    };
+    use lakers_shared::{CcmTagLen16, CcmTagLen8};
+
+    use super::*;
+
+    #[test]
+    fn test_rustcrypto_aes_ccm() {
+        let mut crypto = Crypto::new(rand_core::OsRng);
+        test_aes_ccm_roundtrip::<Crypto<rand_core::OsRng>, CcmTagLen8>(&mut crypto);
+        test_aes_ccm_roundtrip::<Crypto<rand_core::OsRng>, CcmTagLen16>(&mut crypto);
+
+        test_aes_ccm_tag_8::<Crypto<rand_core::OsRng>>(&mut crypto);
+        test_aes_ccm_tag_16::<Crypto<rand_core::OsRng>>(&mut crypto);
+    }
+}
diff --git a/shared/src/crypto.rs b/shared/src/crypto.rs
@@ -98,3 +98,125 @@ pub struct CcmTagLen16;
 impl CcmTagLen for CcmTagLen16 {
     const LEN: usize = 16;
 }
+
+pub mod test_helper {
+    use super::*;
+
+    pub fn test_aes_ccm_roundtrip<C: Crypto, Tag: CcmTagLen>(crypto: &mut C) {
+        let key: BytesCcmKeyLen = [
+            0x26, 0x51, 0x1f, 0xb5, 0x1f, 0xcf, 0xa7, 0x5c, 0xb4, 0xb4, 0x4d, 0xa7, 0x5a, 0x6e,
+            0x5a, 0x0e,
+        ]
+        .into();
+
+        let iv: BytesCcmIvLen = [
+            0x5a, 0x8a, 0xa4, 0x85, 0xc3, 0x16, 0xe9, 0x40, 0x3a, 0xff, 0x85, 0x9f, 0xbb,
+        ]
+        .into();
+
+        let ad = [
+            0xa1, 0x6a, 0x2e, 0x74, 0x1f, 0x1c, 0xd9, 0x71, 0x72, 0x85, 0xb6, 0xd8, 0x82, 0xc1,
+            0xfc, 0x53, 0x65, 0x5e, 0x97, 0x73, 0x76, 0x1a, 0xd6, 0x97, 0xa7, 0xee, 0x64, 0x10,
+            0x18, 0x4c, 0x79, 0x82,
+        ];
+        let plaintext = [
+            0x87, 0x39, 0xb4, 0xbe, 0xa1, 0xa0, 0x99, 0xfe, 0x54, 0x74, 0x99, 0xcb, 0xc6, 0xd1,
+            0xb1, 0x3d, 0x84, 0x9b, 0x80, 0x84, 0xc9, 0xb6, 0xac, 0xc5,
+        ];
+
+        let ciphertext = crypto.aes_ccm_encrypt::<64, Tag>(&key, &iv, &ad, &plaintext);
+        assert_eq!(ciphertext.len(), plaintext.len() + Tag::LEN);
+
+        let decrypted = crypto
+            .aes_ccm_decrypt::<64, Tag>(&key, &iv, &ad, ciphertext.as_slice())
+            .expect("decryption should succeed");
+
+        assert_eq!(decrypted.as_slice(), &plaintext);
+    }
+
+    pub fn test_aes_ccm_tag_8<C: Crypto>(crypto: &mut C) {
+        type Tag = CcmTagLen8;
+        let key: BytesCcmKeyLen = [
+            0x36, 0x8f, 0x35, 0xa1, 0xf8, 0x0e, 0xaa, 0xac, 0xd6, 0xbb, 0x13, 0x66, 0x09, 0x38,
+            0x97, 0x27,
+        ]
+        .into();
+
+        let iv: BytesCcmIvLen = [
+            0x84, 0x2a, 0x84, 0x45, 0x84, 0x75, 0x02, 0xea, 0x77, 0x36, 0x3a, 0x16, 0xb6,
+        ]
+        .into();
+
+        let ad = [
+            0x34, 0x39, 0x6d, 0xfc, 0xfa, 0x6f, 0x74, 0x2a, 0xea, 0x70, 0x40, 0x97, 0x6b, 0xd5,
+            0x96, 0x49, 0x7a, 0x7a, 0x6f, 0xa4, 0xfb, 0x85, 0xee, 0x8e, 0x4c, 0xa3, 0x94, 0xd0,
+            0x20, 0x95, 0xb7, 0xbf,
+        ];
+        let plaintext = [
+            0x1c, 0xcc, 0xd5, 0x58, 0x25, 0x31, 0x6a, 0x94, 0xc5, 0x97, 0x9e, 0x04, 0x93, 0x10,
+            0xd1, 0xd7, 0x17, 0xcd, 0xfb, 0x76, 0x24, 0x28, 0x9d, 0xac,
+        ];
+
+        let expected_ct: [u8; 32] = [
+            0x1a, 0x58, 0x09, 0x4f, 0x0e, 0x8c, 0x60, 0x35, 0xa5, 0x58, 0x4b, 0xfa, 0x8d, 0x10,
+            0x09, 0xc5, 0xf7, 0x8f, 0xd2, 0xca, 0x48, 0x7f, 0xf2, 0x22, 0xf6, 0xd1, 0xd8, 0x97,
+            0xd6, 0x05, 0x16, 0x18,
+        ];
+
+        let ciphertext = crypto.aes_ccm_encrypt::<64, Tag>(&key, &iv, &ad, &plaintext);
+        assert_eq!(ciphertext.len(), plaintext.len() + Tag::LEN);
+        assert_eq!(
+            ciphertext,
+            EdhocBuffer::new_from_slice(&expected_ct).expect("expected_ct.length() <= 64")
+        );
+
+        let decrypted = crypto
+            .aes_ccm_decrypt::<64, Tag>(&key, &iv, &ad, ciphertext.as_slice())
+            .expect("decryption should succeed");
+
+        assert_eq!(decrypted.as_slice(), &plaintext);
+    }
+
+    pub fn test_aes_ccm_tag_16<C: Crypto>(crypto: &mut C) {
+        type Tag = CcmTagLen16;
+        let key: BytesCcmKeyLen = [
+            0x41, 0x89, 0x35, 0x1b, 0x5c, 0xae, 0xa3, 0x75, 0xa0, 0x29, 0x9e, 0x81, 0xc6, 0x21,
+            0xbf, 0x43,
+        ]
+        .into();
+
+        let iv: BytesCcmIvLen = [
+            0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72,
+        ]
+        .into();
+
+        let ad = [
+            0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77, 0x48,
+            0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20, 0x6d, 0x8c,
+            0x8a, 0x34, 0x39, 0x51,
+        ];
+        let plaintext = [
+            0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8, 0x25,
+            0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef,
+        ];
+
+        let expected_ct: [u8; 40] = [
+            0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6, 0xee,
+            0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0xd8, 0x0e, 0x8b, 0xf8,
+            0x0f, 0x4a, 0x46, 0xca, 0xb0, 0x6d, 0x43, 0x13, 0xf0, 0xdb, 0x9b, 0xe9,
+        ];
+
+        let ciphertext = crypto.aes_ccm_encrypt::<64, Tag>(&key, &iv, &ad, &plaintext);
+        assert_eq!(ciphertext.len(), plaintext.len() + Tag::LEN);
+        assert_eq!(
+            ciphertext,
+            EdhocBuffer::new_from_slice(&expected_ct).expect("expected_ct.length() < 64")
+        );
+
+        let decrypted = crypto
+            .aes_ccm_decrypt::<64, Tag>(&key, &iv, &ad, ciphertext.as_slice())
+            .expect("decryption should succeed");
+
+        assert_eq!(decrypted.as_slice(), &plaintext);
+    }
+}
