test_suite_psa_crypto: Updated multipart tests

- Added checks for calling `finish()`, `verify()` after `set_len()` without calling `update()` & `update_ad()` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2026-04-04 03:26:54 +02:00 · 2026-03-12 16:10:06 +00:00
parent 5311a6e220
commit fa284db5a1
1 changed files with 62 additions and 1 deletions
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -6499,6 +6499,21 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
                   PSA_ERROR_BAD_STATE);
        psa_aead_abort(&operation);

+        /* For CCM, finishing after setting length with aead_update/ad must fail. */
+        PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
+        PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len));
+
+        PSA_ASSERT(psa_aead_set_lengths(&operation, additional_data->len,
+                                        input_data->len));
+        TEST_EQUAL(psa_aead_finish(&operation, final_data,
+                                   finish_output_size,
+                                   &output_part_length,
+                                   tag_buffer, tag_length,
+                                   &tag_size),
+                   PSA_ERROR_INVALID_ARGUMENT);
+        psa_aead_abort(&operation);
+
+        /* Valid path */
        PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
        PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len));

@@ -6529,6 +6544,21 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
                   PSA_ERROR_BAD_STATE);
        psa_aead_abort(&operation);

+        /* For CCM, verifying after setting length with aead_update/ad must fail. */
+        PSA_ASSERT(psa_aead_decrypt_setup(&operation, key, alg));
+        PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len));
+
+        PSA_ASSERT(psa_aead_set_lengths(&operation, additional_data->len,
+                                        input_data->len));
+        TEST_EQUAL(psa_aead_verify(&operation, final_data,
+                                   finish_output_size,
+                                   &output_part_length,
+                                   tag_buffer,
+                                   tag_length),
+                   PSA_ERROR_INVALID_ARGUMENT);
+        psa_aead_abort(&operation);
+
+        /* Valid path */
        PSA_ASSERT(psa_aead_decrypt_setup(&operation, key, alg));
        PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len));

@@ -6624,6 +6654,23 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
                   PSA_ERROR_BAD_STATE);
        psa_aead_abort(&operation);

+        /* For CCM, finishing after setting length with aead_update/ad must fail. */
+        PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
+        PSA_ASSERT(psa_aead_generate_nonce(&operation, nonce_buffer,
+                                           PSA_AEAD_NONCE_MAX_SIZE,
+                                           &nonce_length));
+
+        PSA_ASSERT(psa_aead_set_lengths(&operation, additional_data->len,
+                                        input_data->len));
+        TEST_EQUAL(psa_aead_finish(&operation, final_data,
+                                   finish_output_size,
+                                   &output_part_length,
+                                   tag_buffer, tag_length,
+                                   &tag_size),
+                   PSA_ERROR_INVALID_ARGUMENT);
+        psa_aead_abort(&operation);
+
+        /* Valid path */
        PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
        PSA_ASSERT(psa_aead_generate_nonce(&operation, nonce_buffer,
                                           PSA_AEAD_NONCE_MAX_SIZE,
@@ -6643,8 +6690,8 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
                                   tag_buffer, tag_length,
                                   &tag_size),
                   PSA_SUCCESS);
-
        psa_aead_abort(&operation);
+
        /* For CCM, verifying without setting lengths must fail. */
        PSA_ASSERT(psa_aead_decrypt_setup(&operation, key, alg));
        PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len));
@@ -6656,9 +6703,23 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
                   PSA_ERROR_BAD_STATE);
        psa_aead_abort(&operation);

+        /* For CCM, verifying after setting length with aead_update/ad must fail. */
        PSA_ASSERT(psa_aead_decrypt_setup(&operation, key, alg));
        PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len));

+        PSA_ASSERT(psa_aead_set_lengths(&operation, additional_data->len,
+                                        input_data->len));
+        TEST_EQUAL(psa_aead_verify(&operation, final_data,
+                                   finish_output_size,
+                                   &output_part_length,
+                                   tag_buffer,
+                                   tag_length),
+                   PSA_ERROR_INVALID_ARGUMENT);
+        psa_aead_abort(&operation);
+
+        /* Valid path */
+        PSA_ASSERT(psa_aead_decrypt_setup(&operation, key, alg));
+        PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len));
        PSA_ASSERT(psa_aead_set_lengths(&operation, additional_data->len,
                                        input_data->len));
        PSA_ASSERT(psa_aead_update_ad(&operation, additional_data->x,