1 // Copyright (c) 2019, Google Inc.
2 //
3 // Permission to use, copy, modify, and/or distribute this software for any
4 // purpose with or without fee is hereby granted, provided that the above
5 // copyright notice and this permission notice appear in all copies.
6 //
7 // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 // SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14 
15 #include <openssl/cipher.h>
16 
17 #include <gtest/gtest.h>
18 
19 #include "../../crypto/internal.h"
20 #include "../../crypto/test/test_util.h"
21 
22 struct BlowfishTestCase {
23   uint8_t key[16];
24   uint8_t plaintext[16];
25   uint8_t iv[8];
26   uint8_t ecb_ciphertext[16];
27   uint8_t cbc_ciphertext[24];
28   uint8_t cfb_ciphertext[16];
29 };
30 
31 static const BlowfishTestCase kTests[] = {
32     // Randomly generated test cases. Checked against vanilla OpenSSL.
33     {
34         {0xbb, 0x56, 0xb1, 0x27, 0x7c, 0x4c, 0xdd, 0x5a, 0x99, 0x90, 0x1e, 0x6f,
35          0xeb, 0x36, 0x6c, 0xf3},
36         {0xa6, 0x5b, 0xe0, 0x99, 0xad, 0x5d, 0x91, 0x98, 0x37, 0xc1, 0xa4, 0x7f,
37          0x01, 0x24, 0x9a, 0x6b},
38         {0xd5, 0x8a, 0x5c, 0x29, 0xeb, 0xee, 0xed, 0x76},
39         {0xda, 0x6e, 0x18, 0x9c, 0x03, 0x59, 0x12, 0x61, 0xfa, 0x20, 0xd9, 0xce,
40          0xee, 0x43, 0x9d, 0x05},
41         {0x4f, 0x8b, 0x3e, 0x17, 0xa5, 0x35, 0x9b, 0xcb,
42          0xdf, 0x3c, 0x52, 0xfb, 0xe5, 0x20, 0xdd, 0x53,
43          0xd5, 0xf8, 0x1a, 0x6c, 0xf0, 0x99, 0x34, 0x94},
44         {0xfd, 0x65, 0xc5, 0xa6, 0x07, 0x07, 0xb5, 0xf3, 0x2e, 0xfb, 0x12, 0xc3,
45          0x7f, 0x45, 0x37, 0x54},
46     },
47     {
48         {0x5d, 0x98, 0xa9, 0xd2, 0x27, 0x5d, 0xc8, 0x8c, 0x8c, 0xee, 0x23, 0x7f,
49          0x8e, 0x2b, 0xd4, 0x8d},
50         {0x60, 0xec, 0x31, 0xda, 0x25, 0x07, 0x02, 0x14, 0x84, 0x44, 0x96, 0xa6,
51          0x04, 0x81, 0xca, 0x4e},
52         {0x96, 0x4c, 0xa4, 0x07, 0xee, 0x1c, 0xd1, 0xfb},
53         {0x83, 0x8a, 0xef, 0x18, 0x53, 0x96, 0xec, 0xf3, 0xf4, 0xd9, 0xe8, 0x4b,
54          0x2c, 0x3f, 0xe7, 0x27},
55         {0xad, 0x78, 0x70, 0x06, 0x2e, 0x5e, 0xa5, 0x21,
56          0xdd, 0xe8, 0xa0, 0xb9, 0xdb, 0x0c, 0x81, 0x1d,
57          0x0a, 0xd3, 0xa9, 0x63, 0x78, 0xac, 0x82, 0x64},
58         {0x43, 0x2f, 0xf3, 0x23, 0xf4, 0x5c, 0xbf, 0x05, 0x53, 0x3c, 0x9e, 0xd6,
59          0xd3, 0xd2, 0xc0, 0xf0},
60     },
61 };
62 
TEST(Blowfish,ECB)63 TEST(Blowfish, ECB) {
64   unsigned test_num = 0;
65   for (const auto &test : kTests) {
66     test_num++;
67     SCOPED_TRACE(test_num);
68 
69     uint8_t out[sizeof(test.ecb_ciphertext)];
70     int out_bytes, final_bytes;
71 
72     bssl::ScopedEVP_CIPHER_CTX ctx;
73     ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_bf_ecb(), nullptr, test.key,
74                                    nullptr));
75     ASSERT_TRUE(EVP_CIPHER_CTX_set_padding(ctx.get(), 0 /* no padding */));
76     ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
77                                   sizeof(test.plaintext)));
78     ASSERT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
79     EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
80               sizeof(test.plaintext));
81     EXPECT_EQ(Bytes(test.ecb_ciphertext), Bytes(out));
82 
83     bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
84     ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_bf_ecb(), nullptr,
85                                    test.key, nullptr));
86     ASSERT_TRUE(
87         EVP_CIPHER_CTX_set_padding(decrypt_ctx.get(), 0 /* no padding */));
88     ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
89                                   test.ecb_ciphertext,
90                                   sizeof(test.ecb_ciphertext)));
91     ASSERT_TRUE(
92         EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
93     EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
94               sizeof(test.plaintext));
95     EXPECT_EQ(Bytes(test.plaintext), Bytes(out));
96   }
97 }
98 
TEST(Blowfish,CBC)99 TEST(Blowfish, CBC) {
100   unsigned test_num = 0;
101   for (const auto &test : kTests) {
102     test_num++;
103     SCOPED_TRACE(test_num);
104 
105     uint8_t out[sizeof(test.cbc_ciphertext)];
106     int out_bytes, final_bytes;
107 
108     bssl::ScopedEVP_CIPHER_CTX ctx;
109     ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_bf_cbc(), nullptr, test.key,
110                                    test.iv));
111     ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
112                                   sizeof(test.plaintext)));
113     EXPECT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
114     EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
115               sizeof(test.cbc_ciphertext));
116     EXPECT_EQ(Bytes(test.cbc_ciphertext), Bytes(out));
117 
118     bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
119     ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_bf_cbc(), nullptr,
120                                    test.key, test.iv));
121     ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
122                                   test.cbc_ciphertext,
123                                   sizeof(test.cbc_ciphertext)));
124     EXPECT_TRUE(
125         EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
126     EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
127               sizeof(test.plaintext));
128     EXPECT_EQ(Bytes(test.plaintext), Bytes(out, out_bytes + final_bytes));
129   }
130 }
131 
TEST(Blowfish,CFB)132 TEST(Blowfish, CFB) {
133   unsigned test_num = 0;
134   for (const auto &test : kTests) {
135     test_num++;
136     SCOPED_TRACE(test_num);
137 
138     uint8_t out[sizeof(test.cfb_ciphertext)];
139     int out_bytes, final_bytes;
140 
141     bssl::ScopedEVP_CIPHER_CTX ctx;
142     ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_bf_cfb(), nullptr, test.key,
143                                    test.iv));
144     ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
145                                   sizeof(test.plaintext)));
146     ASSERT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
147     EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
148               sizeof(test.plaintext));
149     EXPECT_EQ(Bytes(test.cfb_ciphertext), Bytes(out));
150 
151     bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
152     ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_bf_cfb(), nullptr,
153                                    test.key, test.iv));
154     ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
155                                   test.cfb_ciphertext,
156                                   sizeof(test.cfb_ciphertext)));
157     ASSERT_TRUE(
158         EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
159     EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
160               sizeof(test.plaintext));
161     EXPECT_EQ(Bytes(test.plaintext), Bytes(out));
162   }
163 }
164