From 7798e730b2b21c0a74602217570b7ca905109d3d Mon Sep 17 00:00:00 2001 From: Sylvio Alves Date: Tue, 21 Oct 2025 10:33:07 -0300 Subject: [PATCH 1/5] drivers: crypto: return -ENOTSUP when needed Make sure all crypto driver returns proper error when feature is not supported. Signed-off-by: Sylvio Alves --- drivers/crypto/crypto_ataes132a.c | 14 +++++++------- drivers/crypto/crypto_cc23x0.c | 14 +++++++------- drivers/crypto/crypto_it51xxx_sha.c | 4 ++-- drivers/crypto/crypto_it8xxx2_sha.c | 4 ++-- drivers/crypto/crypto_it8xxx2_sha_v2.c | 4 ++-- drivers/crypto/crypto_mchp_xec_symcr.c | 4 ++-- drivers/crypto/crypto_mtls_shim.c | 6 +++--- drivers/crypto/crypto_npcx_sha.c | 6 +++--- drivers/crypto/crypto_rts5912_sha.c | 2 +- drivers/crypto/crypto_smartbond.c | 2 +- drivers/crypto/crypto_stm32.c | 8 ++++---- drivers/crypto/crypto_stm32_hash.c | 4 ++-- 12 files changed, 36 insertions(+), 36 deletions(-) diff --git a/drivers/crypto/crypto_ataes132a.c b/drivers/crypto/crypto_ataes132a.c index 388c6dcfec6d2..1c78d3224cdb4 100644 --- a/drivers/crypto/crypto_ataes132a.c +++ b/drivers/crypto/crypto_ataes132a.c @@ -713,7 +713,7 @@ static int do_ccm_encrypt_mac(struct cipher_ctx *ctx, if (aead_op->ad != NULL || aead_op->ad_len != 0U) { LOG_ERR("Associated data is not supported."); - return -EINVAL; + return -ENOTSUP; } ataes132a_aes_ccm_encrypt(dev, key_id, &mac_mode, @@ -758,7 +758,7 @@ static int do_ccm_decrypt_auth(struct cipher_ctx *ctx, if (aead_op->ad != NULL || aead_op->ad_len != 0U) { LOG_ERR("Associated data is not supported."); - return -EINVAL; + return -ENOTSUP; } /* Normal Decryption Mode will only decrypt host generated packets */ @@ -835,18 +835,18 @@ static int ataes132a_session_setup(const struct device *dev, if (algo != CRYPTO_CIPHER_ALGO_AES) { LOG_ERR("ATAES132A unsupported algorithm"); - return -EINVAL; + return -ENOTSUP; } /*ATAES132A support I2C polling only*/ if (!(ctx->flags & CAP_SYNC_OPS)) { LOG_ERR("Async not supported by this driver"); - return -EINVAL; + return -ENOTSUP; } if (ctx->keylen != ATAES132A_AES_KEY_SIZE) { LOG_ERR("ATAES132A unsupported key size"); - return -EINVAL; + return -ENOTSUP; } if (op_type == CRYPTO_CIPHER_OP_ENCRYPT) { @@ -859,7 +859,7 @@ static int ataes132a_session_setup(const struct device *dev, break; default: LOG_ERR("ATAES132A unsupported mode"); - return -EINVAL; + return -ENOTSUP; } } else { switch (mode) { @@ -871,7 +871,7 @@ static int ataes132a_session_setup(const struct device *dev, break; default: LOG_ERR("ATAES132A unsupported mode"); - return -EINVAL; + return -ENOTSUP; } } diff --git a/drivers/crypto/crypto_cc23x0.c b/drivers/crypto/crypto_cc23x0.c index f6f2d5efbac69..28caaf2eee6fa 100644 --- a/drivers/crypto/crypto_cc23x0.c +++ b/drivers/crypto/crypto_cc23x0.c @@ -985,24 +985,24 @@ static int crypto_cc23x0_session_setup(const struct device *dev, { if (ctx->flags & ~(CRYPTO_CC23_CAP)) { LOG_ERR("Unsupported feature"); - return -EINVAL; + return -ENOTSUP; } if (algo != CRYPTO_CIPHER_ALGO_AES) { LOG_ERR("Unsupported algo"); - return -EINVAL; + return -ENOTSUP; } if (mode != CRYPTO_CIPHER_MODE_ECB && mode != CRYPTO_CIPHER_MODE_CTR && mode != CRYPTO_CIPHER_MODE_CCM) { LOG_ERR("Unsupported mode"); - return -EINVAL; + return -ENOTSUP; } if (ctx->keylen != 16U) { LOG_ERR("%u key size is not supported", ctx->keylen); - return -EINVAL; + return -ENOTSUP; } if (!ctx->key.bit_stream) { @@ -1022,13 +1022,13 @@ static int crypto_cc23x0_session_setup(const struct device *dev, ctx->ops.ccm_crypt_hndlr = crypto_cc23x0_ccm_encrypt; break; default: - return -EINVAL; + return -ENOTSUP; } } else { switch (mode) { case CRYPTO_CIPHER_MODE_ECB: LOG_ERR("ECB decryption not supported by the hardware"); - return -EINVAL; + return -ENOTSUP; case CRYPTO_CIPHER_MODE_CTR: ctx->ops.ctr_crypt_hndlr = crypto_cc23x0_ctr; break; @@ -1036,7 +1036,7 @@ static int crypto_cc23x0_session_setup(const struct device *dev, ctx->ops.ccm_crypt_hndlr = crypto_cc23x0_ccm_decrypt; break; default: - return -EINVAL; + return -ENOTSUP; } } diff --git a/drivers/crypto/crypto_it51xxx_sha.c b/drivers/crypto/crypto_it51xxx_sha.c index bd20c29b25fac..855db84396e19 100644 --- a/drivers/crypto/crypto_it51xxx_sha.c +++ b/drivers/crypto/crypto_it51xxx_sha.c @@ -238,12 +238,12 @@ static int it51xxx_hash_begin_session(const struct device *dev, struct hash_ctx { if (algo != CRYPTO_HASH_ALGO_SHA256) { LOG_ERR("Unsupported algorithm"); - return -EINVAL; + return -ENOTSUP; } if (ctx->flags & ~(it51xxx_query_hw_caps(dev))) { LOG_ERR("Unsupported flag"); - return -EINVAL; + return -ENOTSUP; } it51xxx_sha256_init(true); diff --git a/drivers/crypto/crypto_it8xxx2_sha.c b/drivers/crypto/crypto_it8xxx2_sha.c index 5ce174ab237ee..19e3514be00e6 100644 --- a/drivers/crypto/crypto_it8xxx2_sha.c +++ b/drivers/crypto/crypto_it8xxx2_sha.c @@ -188,12 +188,12 @@ static int it8xxx2_hash_begin_session(const struct device *dev, { if (algo != CRYPTO_HASH_ALGO_SHA256) { LOG_ERR("Unsupported algo"); - return -EINVAL; + return -ENOTSUP; } if (ctx->flags & ~(it8xxx2_query_hw_caps(dev))) { LOG_ERR("Unsupported flag"); - return -EINVAL; + return -ENOTSUP; } it8xxx2_sha256_init(false); diff --git a/drivers/crypto/crypto_it8xxx2_sha_v2.c b/drivers/crypto/crypto_it8xxx2_sha_v2.c index 3098bf4b9b5e0..e2f334c96dc3c 100644 --- a/drivers/crypto/crypto_it8xxx2_sha_v2.c +++ b/drivers/crypto/crypto_it8xxx2_sha_v2.c @@ -308,12 +308,12 @@ static int it8xxx2_hash_begin_session(const struct device *dev, { if (algo != CRYPTO_HASH_ALGO_SHA256) { LOG_ERR("Unsupported algorithm"); - return -EINVAL; + return -ENOTSUP; } if (ctx->flags & ~(it8xxx2_query_hw_caps(dev))) { LOG_ERR("Unsupported flag"); - return -EINVAL; + return -ENOTSUP; } it8xxx2_sha256_init(true); diff --git a/drivers/crypto/crypto_mchp_xec_symcr.c b/drivers/crypto/crypto_mchp_xec_symcr.c index 3d3ea836475f2..ac04126f6e2ec 100644 --- a/drivers/crypto/crypto_mchp_xec_symcr.c +++ b/drivers/crypto/crypto_mchp_xec_symcr.c @@ -405,13 +405,13 @@ static int xec_symcr_hash_session_begin(const struct device *dev, struct hash_ct if (ctx->flags & ~(MCHP_XEC_SYMCR_CAPS_SUPPORT)) { LOG_ERR("Unsupported flag"); - return -EINVAL; + return -ENOTSUP; } rom_algo = lookup_hash_alg(algo); if (rom_algo == MCHP_ROM_HASH_ALG_NONE) { LOG_ERR("Unsupported algo %d", algo); - return -EINVAL; + return -ENOTSUP; } session_idx = mchp_xec_get_unused_session_index(data); diff --git a/drivers/crypto/crypto_mtls_shim.c b/drivers/crypto/crypto_mtls_shim.c index 2031e7d7c987b..eda094cdf72f4 100644 --- a/drivers/crypto/crypto_mtls_shim.c +++ b/drivers/crypto/crypto_mtls_shim.c @@ -341,7 +341,7 @@ static int mtls_session_setup(const struct device *dev, #endif mode != CRYPTO_CIPHER_MODE_ECB) { LOG_ERR("Unsupported mode"); - return -EINVAL; + return -ENOTSUP; } if (ctx->keylen != 16U) { @@ -541,7 +541,7 @@ static int mtls_hash_session_setup(const struct device *dev, if (ctx->flags & ~(MTLS_SUPPORT)) { LOG_ERR("Unsupported flag"); - return -EINVAL; + return -ENOTSUP; } if ((algo != CRYPTO_HASH_ALGO_SHA224) && @@ -549,7 +549,7 @@ static int mtls_hash_session_setup(const struct device *dev, (algo != CRYPTO_HASH_ALGO_SHA384) && (algo != CRYPTO_HASH_ALGO_SHA512)) { LOG_ERR("Unsupported algo: %d", algo); - return -EINVAL; + return -ENOTSUP; } ctx_idx = mtls_get_unused_session_index(); diff --git a/drivers/crypto/crypto_npcx_sha.c b/drivers/crypto/crypto_npcx_sha.c index 65da0cb5dcf0f..b37d287467bd4 100644 --- a/drivers/crypto/crypto_npcx_sha.c +++ b/drivers/crypto/crypto_npcx_sha.c @@ -99,7 +99,7 @@ static int npcx_sha_compute(struct hash_ctx *ctx, struct hash_pkt *pkt, bool fin break; default: LOG_ERR("Unexpected algo: %d", npcx_session->algo); - return -EINVAL; + return -ENOTSUP; } if (!ctx->started) { @@ -140,13 +140,13 @@ static int npcx_hash_session_setup(const struct device *dev, struct hash_ctx *ct if (ctx->flags & ~(NPCX_HASH_CAPS_SUPPORT)) { LOG_ERR("Unsupported flag"); - return -EINVAL; + return -ENOTSUP; } if ((algo != CRYPTO_HASH_ALGO_SHA256) && (algo != CRYPTO_HASH_ALGO_SHA384) && (algo != CRYPTO_HASH_ALGO_SHA512)) { LOG_ERR("Unsupported algo: %d", algo); - return -EINVAL; + return -ENOTSUP; } ctx_idx = npcx_get_unused_session_index(); diff --git a/drivers/crypto/crypto_rts5912_sha.c b/drivers/crypto/crypto_rts5912_sha.c index dc4ab4ec89e9e..7e9620aa33cb7 100644 --- a/drivers/crypto/crypto_rts5912_sha.c +++ b/drivers/crypto/crypto_rts5912_sha.c @@ -268,7 +268,7 @@ static int rts5912_hash_begin_session(const struct device *dev, struct hash_ctx rts5912_sha256_start(dev); break; default: - return -EINVAL; + return -ENOTSUP; } return 0; diff --git a/drivers/crypto/crypto_smartbond.c b/drivers/crypto/crypto_smartbond.c index 3861e74409aa4..f236472b9b9b0 100644 --- a/drivers/crypto/crypto_smartbond.c +++ b/drivers/crypto/crypto_smartbond.c @@ -384,7 +384,7 @@ static int crypto_smartbond_hash_set_algo(enum hash_algo algo) (0x1 << AES_HASH_CRYPTO_CTRL_REG_CRYPTO_ALG_Pos)); break; default: - return -EINVAL; + return -ENOTSUP; } return 0; diff --git a/drivers/crypto/crypto_stm32.c b/drivers/crypto/crypto_stm32.c index b1c7cf59b03d5..d95499252d9c0 100644 --- a/drivers/crypto/crypto_stm32.c +++ b/drivers/crypto/crypto_stm32.c @@ -335,12 +335,12 @@ static int crypto_stm32_session_setup(const struct device *dev, if (ctx->flags & ~(CRYP_SUPPORT)) { LOG_ERR("Unsupported flag"); - return -EINVAL; + return -ENOTSUP; } if (algo != CRYPTO_CIPHER_ALGO_AES) { LOG_ERR("Unsupported algo"); - return -EINVAL; + return -ENOTSUP; } /* The CRYP peripheral supports the AES ECB, CBC, CTR, CCM and GCM @@ -356,7 +356,7 @@ static int crypto_stm32_session_setup(const struct device *dev, (mode != CRYPTO_CIPHER_MODE_CBC) && (mode != CRYPTO_CIPHER_MODE_CTR)) { LOG_ERR("Unsupported mode"); - return -EINVAL; + return -ENOTSUP; } /* The STM32F4 CRYP peripheral supports key sizes of 128, 192 and 256 @@ -368,7 +368,7 @@ static int crypto_stm32_session_setup(const struct device *dev, #endif (ctx->keylen != 32U)) { LOG_ERR("%u key size is not supported", ctx->keylen); - return -EINVAL; + return -ENOTSUP; } ctx_idx = crypto_stm32_get_unused_session_index(dev); diff --git a/drivers/crypto/crypto_stm32_hash.c b/drivers/crypto/crypto_stm32_hash.c index b563ed899cef8..dc0a761d7e6a4 100644 --- a/drivers/crypto/crypto_stm32_hash.c +++ b/drivers/crypto/crypto_stm32_hash.c @@ -72,7 +72,7 @@ static int stm32_hash_handler(struct hash_ctx *ctx, struct hash_pkt *pkt, bool f default: k_sem_give(&data->device_sem); LOG_ERR("Unsupported algorithm in handler: %d", session->algo); - return -EINVAL; + return -ENOTSUP; } k_sem_give(&data->device_sem); @@ -98,7 +98,7 @@ static int stm32_hash_begin_session(const struct device *dev, struct hash_ctx *c break; default: LOG_ERR("Unsupported hash algorithm: %d", algo); - return -EINVAL; + return -ENOTSUP; } ctx_idx = crypto_stm32_hash_get_unused_session_index(dev); From 60610433688828fad185723b6422bd8bc053abd5 Mon Sep 17 00:00:00 2001 From: Sylvio Alves Date: Tue, 21 Oct 2025 10:44:28 -0300 Subject: [PATCH 2/5] drivers: crypto: expand mbedTLS shim driver capabilities Select SHA24, SHA256 and SHA384 as part of the shim driver. Signed-off-by: Sylvio Alves --- drivers/crypto/Kconfig | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 4c5c268fcebba..8510762e5d880 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -25,6 +25,9 @@ config CRYPTO_MBEDTLS_SHIM bool "MbedTLS shim driver [EXPERIMENTAL]" select MBEDTLS select MBEDTLS_ENABLE_HEAP + select MBEDTLS_SHA224 + select MBEDTLS_SHA256 + select MBEDTLS_SHA384 select MBEDTLS_SHA512 select MBEDTLS_CIPHER_AES_ENABLED select EXPERIMENTAL From 42cbb353768d4835bf14c93412422241cc32a592 Mon Sep 17 00:00:00 2001 From: Sylvio Alves Date: Tue, 21 Oct 2025 08:26:46 -0300 Subject: [PATCH 3/5] tests: crypto: hash: expand test coverage for multiple SHA algorithms Refactor hash tests to support SHA-224, SHA-256, SHA-384, and SHA-512 algorithms with a unified test vector framework. This improves test coverage and makes it easier to verify hardware crypto drivers that support multiple SHA variants. Signed-off-by: Sylvio Alves --- tests/crypto/crypto_hash/src/main.c | 197 ++++++++++++++++++++++------ 1 file changed, 159 insertions(+), 38 deletions(-) diff --git a/tests/crypto/crypto_hash/src/main.c b/tests/crypto/crypto_hash/src/main.c index a5863716654e5..fa04afc7df968 100644 --- a/tests/crypto/crypto_hash/src/main.c +++ b/tests/crypto/crypto_hash/src/main.c @@ -112,6 +112,23 @@ uint8_t test7[] = { 0x8b, 0x4f, 0x4a, 0xb0, 0xed, 0x99, 0x5e }; +static const uint8_t sha224_results[7][28] = { + {0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9, 0x47, 0x61, 0x02, 0xbb, 0x28, 0x82, + 0x34, 0xc4, 0x15, 0xa2, 0xb0, 0x1f, 0x82, 0x8e, 0xa6, 0x2a, 0xc5, 0xb3, 0xe4, 0x2f}, + {0xb1, 0xe4, 0x6b, 0xb9, 0xef, 0xe4, 0x5a, 0xf5, 0x54, 0x36, 0x34, 0x49, 0xc6, 0x94, + 0x5a, 0x0d, 0x61, 0x69, 0xfc, 0x3a, 0x5a, 0x39, 0x6a, 0x56, 0xcb, 0x97, 0xcb, 0x57}, + {0xd2, 0xb0, 0x86, 0xdb, 0xee, 0x60, 0x90, 0x7e, 0xd1, 0x09, 0x86, 0x77, 0xfe, 0x04, + 0x37, 0xb8, 0x14, 0x55, 0x66, 0x87, 0x17, 0x2d, 0x1f, 0x59, 0xcf, 0x38, 0x6c, 0x97}, + {0xbb, 0xac, 0x30, 0x15, 0x10, 0x7f, 0xe0, 0x2b, 0x0c, 0x0b, 0x2b, 0xdc, 0xb2, 0x6f, + 0x44, 0x19, 0x1b, 0xa8, 0xdb, 0xab, 0x43, 0xf5, 0xc6, 0xbb, 0xaa, 0x0a, 0x13, 0x41}, + {0xc2, 0x63, 0xf2, 0x74, 0x12, 0xc1, 0xfd, 0xfb, 0x29, 0x33, 0xb6, 0x2a, 0xec, 0x9f, + 0xa2, 0x60, 0x9c, 0x05, 0x7b, 0x91, 0x1e, 0x99, 0x2d, 0x8f, 0xb2, 0xe5, 0xe1, 0x5a}, + {0x95, 0x99, 0xbd, 0x2d, 0xe7, 0x5b, 0xdf, 0xef, 0xe4, 0xff, 0xf3, 0xc3, 0x78, 0x98, + 0x87, 0xf5, 0xa5, 0x26, 0xd0, 0xea, 0x63, 0xa8, 0xa5, 0xd2, 0x8f, 0xc5, 0x62, 0xd6}, + {0x1f, 0xf8, 0x37, 0xcf, 0xf3, 0x74, 0x77, 0x4d, 0x0c, 0x23, 0x2e, 0x77, 0xb9, 0x64, + 0xed, 0x29, 0xf5, 0xd1, 0xe7, 0x75, 0xad, 0x1a, 0x4e, 0x76, 0x6f, 0x18, 0x7a, 0x77}, +}; + uint8_t sha256_results[7][32] = { {0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, @@ -136,54 +153,158 @@ uint8_t sha256_results[7][32] = { 0x86, 0x59, 0x98, 0x71, 0x4a, 0xad, 0x0b, 0x5e} }; -ZTEST_USER(crypto_hash, test_hash) -{ - int ret; - struct hash_ctx ctx; +static const uint8_t sha384_results[7][48] = { + {0x38, 0xb0, 0x60, 0xa7, 0x51, 0xac, 0x96, 0x38, 0x4c, 0xd9, 0x32, 0x7e, + 0xb1, 0xb1, 0xe3, 0x6a, 0x21, 0xfd, 0xb7, 0x11, 0x14, 0xbe, 0x07, 0x43, + 0x4c, 0x0c, 0xc7, 0xbf, 0x63, 0xf6, 0xe1, 0xda, 0x27, 0x4e, 0xde, 0xbf, + 0xe7, 0x6f, 0x65, 0xfb, 0xd5, 0x1a, 0xd2, 0xf1, 0x48, 0x98, 0xb9, 0x5b}, + {0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62, + 0x45, 0x2a, 0x86, 0xd5, 0x0e, 0x02, 0x67, 0x22, 0x8b, 0xe1, 0x76, 0xc7, + 0x7d, 0x24, 0x02, 0xef, 0xfe, 0x9f, 0xa5, 0x0d, 0xe4, 0x07, 0xbb, 0xb8, + 0x51, 0xb3, 0x7d, 0x59, 0x04, 0xab, 0xa2, 0xde, 0xde, 0x74, 0xda, 0x2a}, + {0xe9, 0x32, 0x48, 0x92, 0xec, 0x87, 0xf2, 0x29, 0x75, 0xc1, 0x4e, 0x42, + 0x0f, 0x3d, 0x77, 0x7d, 0xe5, 0xe9, 0x75, 0xbf, 0x01, 0x86, 0xeb, 0x99, + 0xdc, 0x44, 0x7c, 0xbe, 0x96, 0xcf, 0x8a, 0x7a, 0xcb, 0xbb, 0x78, 0x31, + 0xcf, 0xaf, 0xbb, 0xbf, 0x40, 0x4c, 0xdd, 0x5a, 0x45, 0x91, 0x64, 0x75}, + {0x81, 0x3d, 0x8e, 0x6f, 0x29, 0x18, 0x99, 0xb8, 0x49, 0xf1, 0xab, 0x87, + 0xcb, 0x04, 0x51, 0x48, 0x88, 0xb7, 0x0f, 0x5c, 0x66, 0xbe, 0xc7, 0x96, + 0x44, 0x59, 0x55, 0xae, 0x83, 0xc3, 0x9e, 0xee, 0xec, 0x62, 0xc2, 0x5c, + 0x25, 0xe9, 0x42, 0x94, 0x49, 0xd1, 0x33, 0x40, 0xc4, 0x7a, 0x96, 0x38}, + {0x2a, 0x6c, 0xca, 0xf7, 0xc7, 0xa7, 0xde, 0x23, 0x2e, 0xec, 0x95, 0x52, + 0x1a, 0x64, 0x4e, 0x6d, 0x27, 0x95, 0x6e, 0x32, 0x1c, 0x9f, 0x49, 0x21, + 0x87, 0x04, 0x14, 0x77, 0x76, 0xbc, 0x52, 0x39, 0xc5, 0x72, 0xaa, 0xe4, + 0xbf, 0xbb, 0x19, 0x72, 0x49, 0xd7, 0xd7, 0xbd, 0x09, 0xef, 0x12, 0x88}, + {0x7c, 0xab, 0x44, 0x4f, 0xc2, 0x63, 0xf1, 0x68, 0x83, 0x29, 0x6a, 0x84, + 0xc5, 0xb3, 0x00, 0xc0, 0x56, 0x0f, 0x4c, 0x4f, 0x08, 0x96, 0x95, 0x99, + 0xef, 0xe0, 0x81, 0x10, 0x81, 0x16, 0xd2, 0xea, 0xed, 0xb3, 0x30, 0xb8, + 0x06, 0x11, 0x61, 0x9c, 0x12, 0x97, 0x46, 0x05, 0xf5, 0xdf, 0x91, 0x18}, + {0xa1, 0x4c, 0x97, 0x00, 0x2f, 0x08, 0x3a, 0xf7, 0x17, 0x2d, 0x30, 0x99, + 0x28, 0x3f, 0x36, 0xcf, 0xd1, 0xf8, 0x56, 0xe3, 0x4b, 0x89, 0x63, 0x26, + 0x39, 0xe5, 0x36, 0xbe, 0xbe, 0xa5, 0x69, 0xa6, 0xac, 0x89, 0x19, 0x91, + 0x5a, 0xc7, 0x78, 0xfb, 0xaa, 0xa2, 0xe2, 0x0d, 0x6f, 0xfc, 0x28, 0x41}, +}; +static const uint8_t sha512_results[7][64] = { + {0xcf, 0x83, 0xe1, 0x35, 0x7e, 0xef, 0xb8, 0xbd, 0xf1, 0x54, 0x28, 0x50, 0xd6, + 0x6d, 0x80, 0x07, 0xd6, 0x20, 0xe4, 0x05, 0x0b, 0x57, 0x15, 0xdc, 0x83, 0xf4, + 0xa9, 0x21, 0xd3, 0x6c, 0xe9, 0xce, 0x47, 0xd0, 0xd1, 0x3c, 0x5d, 0x85, 0xf2, + 0xb0, 0xff, 0x83, 0x18, 0xd2, 0x87, 0x7e, 0xec, 0x2f, 0x63, 0xb9, 0x31, 0xbd, + 0x47, 0x41, 0x7a, 0x81, 0xa5, 0x38, 0x32, 0x7a, 0xf9, 0x27, 0xda, 0x3e}, + {0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d, 0x17, + 0xb0, 0xcf, 0xb7, 0x4a, 0x50, 0x83, 0xf8, 0xe0, 0x69, 0x72, 0x6d, 0x8c, 0x84, + 0x1c, 0xbe, 0x59, 0x6e, 0x04, 0x31, 0xcb, 0x77, 0x41, 0xa5, 0xb5, 0x0f, 0x71, + 0x66, 0x6c, 0xfd, 0x54, 0xba, 0xcb, 0x7b, 0x00, 0xae, 0xa8, 0x91, 0x49, 0x9c, + 0xf4, 0xef, 0x6a, 0x03, 0xc8, 0xa8, 0x3f, 0xe3, 0x7c, 0x3f, 0x7b, 0xaf}, + {0x1c, 0xac, 0x66, 0x62, 0x60, 0x2f, 0xcc, 0x5f, 0x6c, 0x69, 0xf4, 0x8a, 0xa1, + 0x7a, 0x92, 0x47, 0x50, 0x31, 0x36, 0x3d, 0xa5, 0xc7, 0xb7, 0x8e, 0x2c, 0xa3, + 0xb9, 0xd2, 0x1f, 0x27, 0xd6, 0x72, 0x6c, 0x2c, 0xc7, 0x6c, 0xa5, 0x51, 0x8a, + 0xda, 0x2c, 0x2f, 0xa7, 0x2e, 0xca, 0xf8, 0x34, 0x3f, 0x0c, 0xe1, 0xc1, 0xe8, + 0x2f, 0x69, 0x96, 0xad, 0x6e, 0x8b, 0xbc, 0x5c, 0x84, 0xc2, 0x7f, 0xb3}, + {0x74, 0x29, 0x16, 0x51, 0x71, 0x75, 0xab, 0x4c, 0xa7, 0x01, 0x89, 0xc9, 0xae, + 0x15, 0xca, 0xad, 0x39, 0x59, 0x9b, 0x67, 0x2d, 0xca, 0x75, 0x7b, 0x25, 0x62, + 0x75, 0x47, 0xfb, 0x84, 0x5b, 0xe0, 0x55, 0x25, 0x23, 0x21, 0x32, 0x67, 0x3f, + 0x09, 0x10, 0xcc, 0x24, 0x29, 0xf5, 0x0b, 0xe9, 0xc3, 0x86, 0xec, 0x14, 0xe8, + 0x52, 0xc5, 0xa9, 0x0a, 0x03, 0xc5, 0x63, 0xe1, 0xf6, 0xd7, 0x7b, 0x5c}, + {0x09, 0xa9, 0x85, 0xc1, 0x5f, 0xa5, 0xcc, 0x68, 0xa8, 0x96, 0x8f, 0xfa, 0xea, + 0xf3, 0xb5, 0xec, 0x23, 0x45, 0x69, 0xad, 0x56, 0x74, 0x50, 0x39, 0x4c, 0x07, + 0x5b, 0x90, 0x61, 0xc8, 0xf7, 0xdf, 0x58, 0xff, 0x11, 0x29, 0x95, 0x70, 0x18, + 0x82, 0x16, 0xc6, 0x31, 0xde, 0x60, 0x4d, 0xf0, 0xab, 0x08, 0xcd, 0xd1, 0x93, + 0x29, 0x1c, 0xe5, 0x76, 0x3a, 0xcd, 0xc4, 0x27, 0xdf, 0x06, 0x04, 0x89}, + {0xf8, 0xbc, 0x6c, 0x96, 0x37, 0x92, 0xe6, 0x3d, 0x84, 0x15, 0x32, 0xee, 0xa5, + 0x2f, 0x56, 0x70, 0xa4, 0x3e, 0xd0, 0xac, 0x72, 0xde, 0xa9, 0xb8, 0xd9, 0x2b, + 0x0d, 0xd9, 0x19, 0xc8, 0x1a, 0x28, 0xa0, 0xff, 0xc5, 0x6d, 0xb6, 0x9a, 0xc9, + 0x12, 0x30, 0x78, 0x2a, 0xe1, 0x2d, 0x35, 0x6e, 0x62, 0xd3, 0x94, 0x4b, 0xa0, + 0xdb, 0x29, 0x7f, 0xe9, 0xaf, 0x34, 0x85, 0xbc, 0xd6, 0x9e, 0xe4, 0x1c}, + {0xd2, 0x7d, 0xf8, 0xfb, 0x7e, 0xd5, 0xb9, 0x1c, 0xa8, 0x08, 0x33, 0x77, 0xf1, + 0x3c, 0x6f, 0x59, 0x63, 0xd7, 0x4e, 0x4a, 0xcc, 0x54, 0x24, 0x6b, 0x2e, 0x14, + 0x96, 0x25, 0xd2, 0x52, 0xeb, 0xf2, 0x66, 0x25, 0x3c, 0xae, 0x62, 0x83, 0x38, + 0xc1, 0x11, 0x94, 0x16, 0x8b, 0x73, 0x72, 0xf3, 0xf8, 0x61, 0x04, 0x1a, 0x46, + 0xaf, 0x54, 0x4b, 0x2f, 0xec, 0xdf, 0x76, 0x08, 0x57, 0x71, 0xef, 0x8c}, +}; + +static inline const struct device *get_crypto_dev(void) +{ #ifdef CRYPTO_DRV_NAME const struct device *dev = device_get_binding(CRYPTO_DRV_NAME); - - if (!dev) { - zassert(0, "Crypto device is not ready"); - } #else const struct device *dev = DEVICE_DT_GET_ONE(CRYPTO_DEV_COMPAT); +#endif + return dev; +} + +static void run_vector_set(enum hash_algo algo, size_t out_len, const uint8_t *const *inputs, + const size_t *in_lens, const uint8_t *const expected[], size_t nvec) +{ + const struct device *dev = get_crypto_dev(); - if (!device_is_ready(dev)) { - zassert(0, "Crypto device is not ready"); + zassert_true(dev && device_is_ready(dev), "Crypto device is not ready"); + + struct hash_ctx ctx = {.flags = CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS}; + int rc = hash_begin_session(dev, &ctx, algo); + + /* Skip test if algorithm is not supported */ + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; } -#endif - ctx.flags = CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS; - - ret = hash_begin_session(dev, &ctx, CRYPTO_HASH_ALGO_SHA256); - zassert_true(ret == 0, "Failed to init sha256 session"); - -#define TEST_HASH(_i) \ - do { \ - uint8_t out_buf[32] = {0}; \ - struct hash_pkt pkt = { \ - .in_buf = test ## _i, \ - .in_len = sizeof(test ## _i), \ - .out_buf = out_buf, \ - }; \ - ret = hash_compute(&ctx, &pkt); \ - zassert_true(ret == 0, "Failed to compute hash for test " #_i); \ - ret = memcmp(pkt.out_buf, sha256_results[_i - 1], 32); \ - zassert_true(ret == 0, "Failed to compute hash for test " #_i); \ - } while (0) - - - TEST_HASH(1); - TEST_HASH(2); - TEST_HASH(3); - TEST_HASH(4); - TEST_HASH(5); - TEST_HASH(6); - TEST_HASH(7); + zassert_equal(rc, 0, "begin_session failed"); + + for (size_t i = 0; i < nvec; i++) { + uint8_t out[64] = {0}; /* big enough for SHA-512 */ + + struct hash_pkt pkt = { + /* Safe: hash operations only read from in_buf, never modify it */ + .in_buf = inputs[i], + .in_len = in_lens[i], + .out_buf = out, + }; + rc = hash_compute(&ctx, &pkt); + zassert_equal(rc, 0, "hash_compute failed @vec %d", (int)i + 1); + rc = memcmp(out, expected[i], out_len); + zassert_equal(rc, 0, "digest mismatch @vec %d", (int)i + 1); + } hash_free_session(dev, &ctx); } +/* Convert our 2D byte arrays to array-of-pointers for helper */ +#define PTRS_FROM_2D(name) \ + static const uint8_t *name##_ptrs[] = {name[0], name[1], name[2], name[3], \ + name[4], name[5], name[6]} + +PTRS_FROM_2D(sha224_results); +PTRS_FROM_2D(sha256_results); +PTRS_FROM_2D(sha384_results); +PTRS_FROM_2D(sha512_results); + +/* Inputs & sizes */ +static const uint8_t *inputs[] = {test1, test2, test3, test4, test5, test6, test7}; +static const size_t in_lens[] = {sizeof(test1), sizeof(test2), sizeof(test3), sizeof(test4), + sizeof(test5), sizeof(test6), sizeof(test7)}; + +ZTEST(crypto_hash, test_sha224) +{ + run_vector_set(CRYPTO_HASH_ALGO_SHA224, 28, inputs, in_lens, + (const uint8_t *const *)sha224_results_ptrs, 7); +} + +ZTEST(crypto_hash, test_sha256) +{ + run_vector_set(CRYPTO_HASH_ALGO_SHA256, 32, inputs, in_lens, + (const uint8_t *const *)sha256_results_ptrs, 7); +} + +ZTEST(crypto_hash, test_sha384) +{ + run_vector_set(CRYPTO_HASH_ALGO_SHA384, 48, inputs, in_lens, + (const uint8_t *const *)sha384_results_ptrs, 7); +} + +ZTEST(crypto_hash, test_sha512) +{ + run_vector_set(CRYPTO_HASH_ALGO_SHA512, 64, inputs, in_lens, + (const uint8_t *const *)sha512_results_ptrs, 7); +} + ZTEST_SUITE(crypto_hash, NULL, NULL, NULL, NULL, NULL); From 18e2996c6cef720c0c55d1b58be818e530a106a2 Mon Sep 17 00:00:00 2001 From: Sylvio Alves Date: Wed, 22 Oct 2025 12:49:55 -0300 Subject: [PATCH 4/5] tests: crypto: add AES cipher tests Add AES test cases for ECB, CBC, CCM, and GCM modes with standard test vectors from FIPS-197 and NIST specifications. Signed-off-by: Sylvio Alves --- tests/crypto/crypto_aes/CMakeLists.txt | 8 + tests/crypto/crypto_aes/prj.conf | 9 + tests/crypto/crypto_aes/prj_mtls_shim.conf | 8 + tests/crypto/crypto_aes/src/main.c | 583 +++++++++++++++++++++ tests/crypto/crypto_aes/testcase.yaml | 8 + 5 files changed, 616 insertions(+) create mode 100644 tests/crypto/crypto_aes/CMakeLists.txt create mode 100644 tests/crypto/crypto_aes/prj.conf create mode 100644 tests/crypto/crypto_aes/prj_mtls_shim.conf create mode 100644 tests/crypto/crypto_aes/src/main.c create mode 100644 tests/crypto/crypto_aes/testcase.yaml diff --git a/tests/crypto/crypto_aes/CMakeLists.txt b/tests/crypto/crypto_aes/CMakeLists.txt new file mode 100644 index 0000000000000..674c61c5c2c1c --- /dev/null +++ b/tests/crypto/crypto_aes/CMakeLists.txt @@ -0,0 +1,8 @@ +# Copyright (c) 2025 Espressif Systems (Shanghai) Co., Ltd. +# SPDX-License-Identifier: Apache-2.0 + +cmake_minimum_required(VERSION 3.20.0) +find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) +project(crypto_hash) + +target_sources(app PRIVATE src/main.c) diff --git a/tests/crypto/crypto_aes/prj.conf b/tests/crypto/crypto_aes/prj.conf new file mode 100644 index 0000000000000..68f464029a22d --- /dev/null +++ b/tests/crypto/crypto_aes/prj.conf @@ -0,0 +1,9 @@ +CONFIG_ZTEST_STACK_SIZE=4096 +CONFIG_ZTEST=y +CONFIG_LOG=y +CONFIG_LOG_MODE_MINIMAL=y + +CONFIG_MAIN_STACK_SIZE=4096 + +CONFIG_CRYPTO=y +CONFIG_CRYPTO_LOG_LEVEL_DBG=y diff --git a/tests/crypto/crypto_aes/prj_mtls_shim.conf b/tests/crypto/crypto_aes/prj_mtls_shim.conf new file mode 100644 index 0000000000000..71d350424a3be --- /dev/null +++ b/tests/crypto/crypto_aes/prj_mtls_shim.conf @@ -0,0 +1,8 @@ +CONFIG_MBEDTLS=y +CONFIG_MBEDTLS_BUILTIN=y +CONFIG_MBEDTLS_HEAP_SIZE=512 +CONFIG_MBEDTLS_CIPHER_AES_ENABLED=y +CONFIG_MBEDTLS_CIPHER_CCM_ENABLED=y +CONFIG_MBEDTLS_CIPHER_GCM_ENABLED=y + +CONFIG_CRYPTO_MBEDTLS_SHIM=y diff --git a/tests/crypto/crypto_aes/src/main.c b/tests/crypto/crypto_aes/src/main.c new file mode 100644 index 0000000000000..c3fe23f2312c1 --- /dev/null +++ b/tests/crypto/crypto_aes/src/main.c @@ -0,0 +1,583 @@ +/* + * Copyright (c) 2025 Espressif Systems (Shanghai) Co., Ltd. + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include +#include +#include +#include +#include + +#ifdef CONFIG_CRYPTO_MBEDTLS_SHIM +#define CRYPTO_DRV_NAME CONFIG_CRYPTO_MBEDTLS_SHIM_DRV_NAME +#else +#error "You need to enable one crypto device" +#endif + +/* Some crypto drivers require IO buffers to be aligned */ +#define IO_ALIGNMENT_BYTES 4 + +/* Test vectors from FIPS-197 and NIST SP 800-38A */ + +/* ECB Mode Test Vectors - FIPS-197 */ +static uint8_t ecb_key[16] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}; + +static uint8_t ecb_plaintext[16] = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, + 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF}; + +static uint8_t ecb_ciphertext[16] = {0x69, 0xC4, 0xE0, 0xD8, 0x6A, 0x7B, 0x04, 0x30, + 0xD8, 0xCD, 0xB7, 0x80, 0x70, 0xB4, 0xC5, 0x5A}; + +/* CBC Mode Test Vectors - Single block (16 bytes, no padding) */ +static uint8_t cbc_key[16] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}; + +static uint8_t cbc_iv[16] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}; + +static uint8_t cbc_plaintext[16] = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}; + +static uint8_t cbc_ciphertext[16] = {0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, + 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d}; + +/* CTR Mode Test Vectors */ +static uint8_t ctr_key[16] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}; + +static uint8_t ctr_iv[12] = {0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, + 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb}; + +static uint8_t ctr_plaintext[64] = { + 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, + 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, + 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, + 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 0xf6, 0x9f, 0x24, 0x45, + 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}; + +static uint8_t ctr_ciphertext[64] = { + 0x22, 0xe5, 0x2f, 0xb1, 0x77, 0xd8, 0x65, 0xb2, 0xf7, 0xc6, 0xb5, 0x12, 0x69, + 0x2d, 0x11, 0x4d, 0xed, 0x6c, 0x1c, 0x72, 0x25, 0xda, 0xf6, 0xa2, 0xaa, 0xd9, + 0xd3, 0xda, 0x2d, 0xba, 0x21, 0x68, 0x35, 0xc0, 0xaf, 0x6b, 0x6f, 0x40, 0xc3, + 0xc6, 0xef, 0xc5, 0x85, 0xd0, 0x90, 0x2c, 0xc2, 0x63, 0x12, 0x2b, 0xc5, 0x8e, + 0x72, 0xde, 0x5c, 0xa2, 0xa3, 0x5c, 0x85, 0x3a, 0xb9, 0x2c, 0x06, 0xbb}; + +/* CCM Mode Test Vectors - RFC 3610 test vector #1 */ +static uint8_t ccm_key[16] = {0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf}; + +static uint8_t ccm_nonce[13] = {0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5}; + +static uint8_t ccm_hdr[8] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}; + +static uint8_t ccm_plaintext[23] = {0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e}; + +static uint8_t ccm_ciphertext[31] = {0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, + 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, + 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84, 0x17, + 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0}; + +/* GCM Mode Test Vectors - MACsec GCM-AES test vector 2.4.1 */ +static uint8_t gcm_key[16] = {0x07, 0x1b, 0x11, 0x3b, 0x0c, 0xa7, 0x43, 0xfe, + 0xcc, 0xcf, 0x3d, 0x05, 0x1f, 0x73, 0x73, 0x82}; + +static uint8_t gcm_nonce[12] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + +static uint8_t gcm_hdr[20] = {0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, + 0xcd, 0x3d, 0x88, 0xe5, 0x4c, 0x2a, 0x76, 0xd4, 0x57, 0xed}; + +static uint8_t gcm_plaintext[42] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, + 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x04}; + +static uint8_t gcm_ciphertext[58] = { + 0x13, 0xb4, 0xc7, 0x2b, 0x38, 0x9d, 0xc5, 0x01, 0x8e, 0x72, 0xa1, 0x71, 0xdd, 0x85, 0xa5, + 0xd3, 0x75, 0x22, 0x74, 0xd3, 0xa0, 0x19, 0xfb, 0xca, 0xed, 0x09, 0xa4, 0x25, 0xcd, 0x9b, + 0x2e, 0x1c, 0x9b, 0x72, 0xee, 0xe7, 0xc9, 0xde, 0x7d, 0x52, 0xb3, 0xf3, 0xd6, 0xa5, 0x28, + 0x4f, 0x4a, 0x6d, 0x3f, 0xe2, 0x2a, 0x5d, 0x6c, 0x2b, 0x96, 0x04, 0x94, 0xc3}; + +static inline const struct device *get_crypto_dev(void) +{ +#ifdef CRYPTO_DRV_NAME + const struct device *dev = device_get_binding(CRYPTO_DRV_NAME); +#else + const struct device *dev = DEVICE_DT_GET_ONE(CRYPTO_DEV_COMPAT); +#endif + return dev; +} + +static const struct device *crypto_dev; + +static void *crypto_aes_setup(void) +{ + crypto_dev = get_crypto_dev(); + zassert_true(crypto_dev && device_is_ready(crypto_dev), "Crypto device is not ready"); + return NULL; +} + +static void crypto_aes_before(void *fixture) +{ + ARG_UNUSED(fixture); + + /* Add delay between tests to ensure cleanup */ + k_msleep(10); +} + +/* ECB Mode Tests */ +ZTEST(crypto_aes, test_ecb_encrypt) +{ + uint8_t encrypted[16] __aligned(IO_ALIGNMENT_BYTES) = {0}; + struct cipher_ctx ctx = { + .keylen = sizeof(ecb_key), + .key.bit_stream = ecb_key, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)ecb_plaintext, + .in_len = sizeof(ecb_plaintext), + .out_buf_max = sizeof(encrypted), + .out_buf = encrypted, + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_ECB, CRYPTO_CIPHER_OP_ENCRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_block_op(&ctx, &pkt); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "ECB encrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(encrypted, ecb_ciphertext, sizeof(ecb_ciphertext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "ECB encrypt output mismatch"); +} + +ZTEST(crypto_aes, test_ecb_decrypt) +{ + uint8_t decrypted[16] __aligned(IO_ALIGNMENT_BYTES) = {0}; + struct cipher_ctx ctx = { + .keylen = sizeof(ecb_key), + .key.bit_stream = ecb_key, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)ecb_ciphertext, + .in_len = sizeof(ecb_ciphertext), + .out_buf_max = sizeof(decrypted), + .out_buf = decrypted, + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_ECB, CRYPTO_CIPHER_OP_DECRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_block_op(&ctx, &pkt); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "ECB decrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(decrypted, ecb_plaintext, sizeof(ecb_plaintext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "ECB decrypt output mismatch"); +} + +/* CBC Mode Tests */ +ZTEST(crypto_aes, test_cbc_encrypt) +{ + uint8_t encrypted[32] __aligned(IO_ALIGNMENT_BYTES) = {0}; + uint8_t iv_copy[16]; + + memcpy(iv_copy, cbc_iv, sizeof(cbc_iv)); + + struct cipher_ctx ctx = { + .keylen = sizeof(cbc_key), + .key.bit_stream = cbc_key, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)cbc_plaintext, + .in_len = sizeof(cbc_plaintext), + .out_buf_max = sizeof(encrypted), + .out_buf = encrypted, + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_CBC, CRYPTO_CIPHER_OP_ENCRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_cbc_op(&ctx, &pkt, iv_copy); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CBC encrypt failed (rc=%d)", rc); + return; + } + + /* CBC prepends IV to output, so ciphertext starts at offset 16 */ + rc = memcmp(encrypted + 16, cbc_ciphertext, sizeof(cbc_ciphertext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CBC encrypt output mismatch"); +} + +ZTEST(crypto_aes, test_cbc_decrypt) +{ + /* For decrypt, need to prepend IV to ciphertext input */ + uint8_t input[32] __aligned(IO_ALIGNMENT_BYTES); + uint8_t decrypted[16] __aligned(IO_ALIGNMENT_BYTES) = {0}; + + /* Prepend IV to ciphertext */ + memcpy(input, cbc_iv, sizeof(cbc_iv)); + memcpy(input + 16, cbc_ciphertext, sizeof(cbc_ciphertext)); + + struct cipher_ctx ctx = { + .keylen = sizeof(cbc_key), + .key.bit_stream = cbc_key, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + }; + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)input, + .in_len = sizeof(input), + .out_buf_max = sizeof(decrypted), + .out_buf = decrypted, + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_CBC, CRYPTO_CIPHER_OP_DECRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_cbc_op(&ctx, &pkt, input); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CBC decrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(decrypted, cbc_plaintext, sizeof(cbc_plaintext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CBC decrypt output mismatch"); +} + +/* CTR Mode Tests */ +ZTEST(crypto_aes, test_ctr_encrypt) +{ + uint8_t encrypted[64] __aligned(IO_ALIGNMENT_BYTES) = {0}; + uint8_t iv_copy[12]; + + memcpy(iv_copy, ctr_iv, sizeof(ctr_iv)); + + struct cipher_ctx ctx = { + .keylen = sizeof(ctr_key), + .key.bit_stream = ctr_key, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + .mode_params.ctr_info.ctr_len = 32, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)ctr_plaintext, + .in_len = sizeof(ctr_plaintext), + .out_buf_max = sizeof(encrypted), + .out_buf = encrypted, + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_CTR, CRYPTO_CIPHER_OP_ENCRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_ctr_op(&ctx, &pkt, iv_copy); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CTR encrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(encrypted, ctr_ciphertext, sizeof(ctr_ciphertext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CTR encrypt output mismatch"); +} + +ZTEST(crypto_aes, test_ctr_decrypt) +{ + uint8_t decrypted[64] __aligned(IO_ALIGNMENT_BYTES) = {0}; + uint8_t iv_copy[12]; + + memcpy(iv_copy, ctr_iv, sizeof(ctr_iv)); + + struct cipher_ctx ctx = { + .keylen = sizeof(ctr_key), + .key.bit_stream = ctr_key, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + .mode_params.ctr_info.ctr_len = 32, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)ctr_ciphertext, + .in_len = sizeof(ctr_ciphertext), + .out_buf_max = sizeof(decrypted), + .out_buf = decrypted, + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_CTR, CRYPTO_CIPHER_OP_DECRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_ctr_op(&ctx, &pkt, iv_copy); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CTR decrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(decrypted, ctr_plaintext, sizeof(ctr_plaintext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CTR decrypt output mismatch"); +} + +/* CCM Mode Tests */ +ZTEST(crypto_aes, test_ccm_encrypt) +{ + uint8_t encrypted[50] __aligned(IO_ALIGNMENT_BYTES) = {0}; + uint8_t nonce_copy[13]; + + memcpy(nonce_copy, ccm_nonce, sizeof(ccm_nonce)); + + struct cipher_ctx ctx = { + .keylen = sizeof(ccm_key), + .key.bit_stream = ccm_key, + .mode_params.ccm_info = { + .nonce_len = sizeof(ccm_nonce), + .tag_len = 8, + }, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)ccm_plaintext, + .in_len = sizeof(ccm_plaintext), + .out_buf_max = sizeof(encrypted), + .out_buf = encrypted, + }; + + struct cipher_aead_pkt aead_pkt = { + .ad = (uint8_t *)ccm_hdr, + .ad_len = sizeof(ccm_hdr), + .pkt = &pkt, + .tag = encrypted + sizeof(ccm_plaintext), + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_CCM, CRYPTO_CIPHER_OP_ENCRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_ccm_op(&ctx, &aead_pkt, nonce_copy); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CCM encrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(encrypted, ccm_ciphertext, sizeof(ccm_ciphertext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CCM encrypt output mismatch"); +} + +ZTEST(crypto_aes, test_ccm_decrypt) +{ + uint8_t decrypted[32] __aligned(IO_ALIGNMENT_BYTES) = {0}; + uint8_t nonce_copy[13]; + uint8_t ciphertext_copy[31]; + + memcpy(nonce_copy, ccm_nonce, sizeof(ccm_nonce)); + memcpy(ciphertext_copy, ccm_ciphertext, sizeof(ccm_ciphertext)); + + struct cipher_ctx ctx = { + .keylen = sizeof(ccm_key), + .key.bit_stream = ccm_key, + .mode_params.ccm_info = { + .nonce_len = sizeof(ccm_nonce), + .tag_len = 8, + }, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)ciphertext_copy, + .in_len = sizeof(ccm_plaintext), + .out_buf_max = sizeof(decrypted), + .out_buf = decrypted, + }; + + struct cipher_aead_pkt aead_pkt = { + .ad = (uint8_t *)ccm_hdr, + .ad_len = sizeof(ccm_hdr), + .pkt = &pkt, + .tag = ciphertext_copy + sizeof(ccm_plaintext), + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_CCM, CRYPTO_CIPHER_OP_DECRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_ccm_op(&ctx, &aead_pkt, nonce_copy); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CCM decrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(decrypted, ccm_plaintext, sizeof(ccm_plaintext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "CCM decrypt output mismatch"); +} + +/* GCM Mode Tests */ +ZTEST(crypto_aes, test_gcm_encrypt) +{ + uint8_t encrypted[60] __aligned(IO_ALIGNMENT_BYTES) = {0}; + uint8_t nonce_copy[12]; + + memcpy(nonce_copy, gcm_nonce, sizeof(gcm_nonce)); + + struct cipher_ctx ctx = { + .keylen = sizeof(gcm_key), + .key.bit_stream = gcm_key, + .mode_params.gcm_info = { + .nonce_len = sizeof(gcm_nonce), + .tag_len = 16, + }, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)gcm_plaintext, + .in_len = sizeof(gcm_plaintext), + .out_buf_max = sizeof(encrypted), + .out_buf = encrypted, + }; + + struct cipher_aead_pkt aead_pkt = { + .ad = (uint8_t *)gcm_hdr, + .ad_len = sizeof(gcm_hdr), + .pkt = &pkt, + .tag = encrypted + sizeof(gcm_plaintext), + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_GCM, CRYPTO_CIPHER_OP_ENCRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_gcm_op(&ctx, &aead_pkt, nonce_copy); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "GCM encrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(encrypted, gcm_ciphertext, sizeof(gcm_ciphertext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "GCM encrypt output mismatch"); +} + +ZTEST(crypto_aes, test_gcm_decrypt) +{ + uint8_t decrypted[44] __aligned(IO_ALIGNMENT_BYTES) = {0}; + uint8_t nonce_copy[12]; + uint8_t ciphertext_copy[58]; + + memcpy(nonce_copy, gcm_nonce, sizeof(gcm_nonce)); + memcpy(ciphertext_copy, gcm_ciphertext, sizeof(gcm_ciphertext)); + + struct cipher_ctx ctx = { + .keylen = sizeof(gcm_key), + .key.bit_stream = gcm_key, + .mode_params.gcm_info = { + .nonce_len = sizeof(gcm_nonce), + .tag_len = 16, + }, + .flags = CAP_RAW_KEY | CAP_SYNC_OPS | CAP_SEPARATE_IO_BUFS, + }; + + struct cipher_pkt pkt = { + .in_buf = (uint8_t *)ciphertext_copy, + .in_len = sizeof(gcm_plaintext), + .out_buf_max = sizeof(decrypted), + .out_buf = decrypted, + }; + struct cipher_aead_pkt aead_pkt = { + .ad = (uint8_t *)gcm_hdr, + .ad_len = sizeof(gcm_hdr), + .pkt = &pkt, + .tag = ciphertext_copy + sizeof(gcm_plaintext), + }; + + int rc = cipher_begin_session(crypto_dev, &ctx, CRYPTO_CIPHER_ALGO_AES, + CRYPTO_CIPHER_MODE_GCM, CRYPTO_CIPHER_OP_DECRYPT); + + if (rc == -ENOTSUP) { + ztest_test_skip(); + return; + } + + rc = cipher_gcm_op(&ctx, &aead_pkt, nonce_copy); + if (rc != 0) { + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "GCM decrypt failed (rc=%d)", rc); + return; + } + + rc = memcmp(decrypted, gcm_plaintext, sizeof(gcm_plaintext)); + cipher_free_session(crypto_dev, &ctx); + zassert_equal(rc, 0, "GCM decrypt output mismatch"); +} + +ZTEST_SUITE(crypto_aes, NULL, crypto_aes_setup, crypto_aes_before, NULL, NULL); diff --git a/tests/crypto/crypto_aes/testcase.yaml b/tests/crypto/crypto_aes/testcase.yaml new file mode 100644 index 0000000000000..36d09836910fb --- /dev/null +++ b/tests/crypto/crypto_aes/testcase.yaml @@ -0,0 +1,8 @@ +tests: + crypto.aes: + platform_allow: + - native_sim + integration_platforms: + - native_sim + extra_args: EXTRA_CONF_FILE=prj_mtls_shim.conf + tags: crypto From 92f3f4deeaf2fe18f1ab5d7a2aeac05051af6515 Mon Sep 17 00:00:00 2001 From: Sylvio Alves Date: Fri, 24 Oct 2025 15:12:42 -0300 Subject: [PATCH 5/5] tests: crypto_aes: add espressif support boards Add ESP32 devkits in testcases. Signed-off-by: Sylvio Alves --- tests/crypto/crypto_aes/src/main.c | 2 ++ tests/crypto/crypto_aes/testcase.yaml | 11 ++++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/tests/crypto/crypto_aes/src/main.c b/tests/crypto/crypto_aes/src/main.c index c3fe23f2312c1..3da74aa964af7 100644 --- a/tests/crypto/crypto_aes/src/main.c +++ b/tests/crypto/crypto_aes/src/main.c @@ -12,6 +12,8 @@ #ifdef CONFIG_CRYPTO_MBEDTLS_SHIM #define CRYPTO_DRV_NAME CONFIG_CRYPTO_MBEDTLS_SHIM_DRV_NAME +#elif CONFIG_CRYPTO_ESP32_AES +#define CRYPTO_DEV_COMPAT espressif_esp32_aes #else #error "You need to enable one crypto device" #endif diff --git a/tests/crypto/crypto_aes/testcase.yaml b/tests/crypto/crypto_aes/testcase.yaml index 36d09836910fb..64d4884532584 100644 --- a/tests/crypto/crypto_aes/testcase.yaml +++ b/tests/crypto/crypto_aes/testcase.yaml @@ -1,8 +1,17 @@ tests: - crypto.aes: + crypto.aes.mbedtls_shim: platform_allow: - native_sim integration_platforms: - native_sim extra_args: EXTRA_CONF_FILE=prj_mtls_shim.conf tags: crypto + crypto.aes: + platform_allow: + - esp32_devkitc/esp32/procpu + - esp32s2_devkitc + - esp32s3_devkitc/esp32s3/procpu + - esp32c3_devkitc + - esp32c6_devkitc/esp32c6/hpcore + - esp32h2_devkitm + tags: crypto