1 #include <stdio.h> 2 #include <string.h> 3 #include "gtest/gtest.h" 4 5 #ifdef SRT_ENABLE_ENCRYPTION 6 #include "common.h" 7 #include "hcrypt.h" 8 #include "version.h" 9 10 11 #if (CRYSPR_VERSION_NUMBER >= 0x010100) 12 #define WITH_FIPSMODE 1 /* 1: openssl-evp branch */ 13 #endif 14 15 #define UT_PKT_MAXLEN 1500 16 17 const void *nullPtr = NULL; 18 19 /* TestCRYSPRmethods: Test presense of required cryspr methods */ 20 21 class TestCRYSPRmethods 22 : public ::testing::Test 23 { 24 protected: TestCRYSPRmethods()25 TestCRYSPRmethods() 26 { 27 // initialization code here 28 cryspr_m = NULL; 29 cryspr_fbm = NULL; 30 } 31 ~TestCRYSPRmethods()32 ~TestCRYSPRmethods() 33 { 34 // cleanup any pending stuff, but no exceptions allowed 35 } 36 37 // SetUp() is run immediately before a test starts. 38 #if defined(__GNUC__) && (__GNUC___ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)) 39 // override only supported for GCC>=4.7 SetUp()40 void SetUp() override { 41 #else 42 void SetUp() { 43 #endif 44 cryspr_m = cryspr4SRT(); 45 cryspr_fbm = crysprInit(&cryspr_fb); 46 47 ASSERT_NE(cryspr_m, nullPtr); 48 ASSERT_NE(cryspr_fbm, nullPtr); 49 ASSERT_EQ(cryspr_fbm, &cryspr_fb); 50 } 51 52 #if defined(__GNUC__) && (__GNUC___ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)) 53 void TearDown() override { 54 #else 55 void TearDown() { 56 #endif 57 // Code here will be called just after the test completes. 58 // OK to throw exceptions from here if needed. 59 } 60 61 protected: 62 63 CRYSPR_methods *cryspr_m; /* methods */ 64 CRYSPR_methods cryspr_fb, *cryspr_fbm; /* fall back methods */ 65 // CRYSPR_cb *cryspr_cb; /* Control block */ 66 }; 67 68 69 TEST_F(TestCRYSPRmethods, MethodOpen) 70 { 71 EXPECT_NE(cryspr_m, nullPtr); 72 EXPECT_NE(cryspr_m->open, nullPtr); 73 } 74 75 76 TEST_F(TestCRYSPRmethods, init) 77 { 78 ASSERT_NE(cryspr_m, nullPtr); 79 } 80 81 #if WITH_FIPSMODE 82 TEST_F(TestCRYSPRmethods, fipsmode) 83 { 84 if(cryspr_m->fips_mode_set == NULL || cryspr_m->fips_mode_set == cryspr_fbm->fips_mode_set ) { 85 #if defined(CRYSPR_FIPSMODE) //undef: not supported, 0: supported and Off by default, 1: enabled by default 86 EXPECT_NE(cryspr_m->fips_mode_set, cryspr_fbm->fips_mode_set); //Fallback method cannot set FIPS mode 87 EXPECT_EQ(cryspr_m->fips_mode_set(CRYSPR_FIPSMODE ? 0 : 1), CRYSPR_FIPSMODE); 88 EXPECT_EQ(cryspr_m->fips_mode_set(CRYSPR_FIPSMODE), (CRYSPR_FIPSMODE? 0 : 1)); 89 #endif /* CRYSPR_FIPSMODE */ 90 } 91 } 92 #endif /* WITH_FIPSMODE */ 93 94 TEST_F(TestCRYSPRmethods, open) 95 { 96 EXPECT_NE(cryspr_m->open, nullPtr); 97 } 98 99 TEST_F(TestCRYSPRmethods, close) 100 { 101 EXPECT_NE(cryspr_m->close, nullPtr); 102 } 103 104 TEST_F(TestCRYSPRmethods, prng) 105 { 106 EXPECT_NE(cryspr_m->prng, nullPtr); 107 } 108 109 TEST_F(TestCRYSPRmethods, aes_set_key) 110 { 111 EXPECT_NE(cryspr_m->aes_set_key, nullPtr); 112 } 113 114 TEST_F(TestCRYSPRmethods, AESecb) 115 { 116 if(cryspr_m->km_wrap == cryspr_fbm->km_wrap) { 117 /* fallback KM_WRAP method used 118 * AES-ECB method then required 119 */ 120 EXPECT_NE(cryspr_m->aes_ecb_cipher, nullPtr); 121 EXPECT_NE(cryspr_m->aes_ecb_cipher, cryspr_fbm->aes_ecb_cipher); 122 } 123 } 124 TEST_F(TestCRYSPRmethods, AESctr) 125 { 126 EXPECT_NE(cryspr_m->aes_ctr_cipher, nullPtr); 127 } 128 129 TEST_F(TestCRYSPRmethods, SHA1) 130 { 131 if(cryspr_m->sha1_msg_digest == NULL || cryspr_m->km_pbkdf2 == cryspr_fbm->km_pbkdf2 ) { 132 /* fallback PBKDF2 used 133 * then sha1 method required. 134 */ 135 EXPECT_NE(cryspr_m->sha1_msg_digest, nullPtr); 136 EXPECT_NE(cryspr_m->sha1_msg_digest, cryspr_fbm->sha1_msg_digest); 137 } 138 } 139 140 141 /* CRYSPR control block test */ 142 class TestCRYSPRcypto 143 : public ::testing::Test 144 { 145 protected: 146 TestCRYSPRcypto() 147 { 148 // initialization code here 149 cryspr_m = NULL; 150 cryspr_fbm = NULL; 151 cryspr_cb = NULL; 152 } 153 154 ~TestCRYSPRcypto() 155 { 156 // cleanup any pending stuff, but no exceptions allowed 157 } 158 159 // SetUp() is run immediately before a test starts. 160 #if defined(__GNUC__) && (__GNUC___ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)) 161 // override only supported for GCC>=4.7 162 void SetUp() override { 163 #else 164 void SetUp() { 165 #endif 166 cryspr_m = cryspr4SRT(); 167 cryspr_fbm = crysprInit(&cryspr_fb); 168 169 ASSERT_NE(cryspr_m, nullPtr); 170 ASSERT_NE(cryspr_fbm, nullPtr); 171 ASSERT_EQ(cryspr_fbm, &cryspr_fb); 172 cryspr_cb = cryspr_m->open(cryspr_m, UT_PKT_MAXLEN); 173 ASSERT_NE(cryspr_cb, nullPtr); 174 } 175 176 #if defined(__GNUC__) && (__GNUC___ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)) 177 void TearDown() override { 178 #else 179 void TearDown() { 180 #endif 181 // Code here will be called just after the test completes. 182 // OK to throw exceptions from here if needed. 183 if (cryspr_m && cryspr_cb) { 184 EXPECT_EQ(cryspr_m->close(cryspr_cb), 0); 185 } 186 } 187 188 protected: 189 190 CRYSPR_methods *cryspr_m; /* methods */ 191 CRYSPR_methods cryspr_fb, *cryspr_fbm; /* fall back methods */ 192 CRYSPR_cb *cryspr_cb; /* Control block */ 193 }; 194 195 TEST_F(TestCRYSPRcypto, CtrlBlock) 196 { 197 EXPECT_EQ(cryspr_m, cryspr_cb->cryspr); //methods set in control block 198 } 199 200 /*PBKDF2-----------------------------------------------------------------------------------------*/ 201 202 /* See https://asecuritysite.com/encryption/PBKDF2z 203 to generate "known good" PBKDF2 hash 204 */ 205 /* Test Vector 1.1 to 1.3 */ 206 207 struct UTVcryspr_pbkdf2 { 208 const char *name; 209 const char *passwd; 210 const char *salt; 211 int itr; 212 size_t keklen; 213 unsigned char kek[256/8]; 214 }; 215 216 /* PBKDF2 test vectors */ 217 struct UTVcryspr_pbkdf2 pbkdf2_tv[] = { 218 {//[0] 219 /* testname */ "PBKDF2 tv1.128", 220 /* passwd */ "000000000000", 221 /* salt */ "00000000", 222 /* iteration */ 2048, 223 /* keklen */ 128/8, 224 /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79} 225 }, 226 {//[1] 227 /* testname */ "PBKDF2 tv1.192", 228 /* passwd */ "000000000000", 229 /* salt */ "00000000", 230 /* iteration */ 2048, 231 /* keklen */ 192/8, 232 /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79, 233 0x90,0xab,0xca,0x6e,0xf0,0x02,0xf1,0xad} 234 }, 235 {//[2] 236 /* testname */ "PBKDF2 tv1.256", 237 /* passwd */ "000000000000", 238 /* salt */ "00000000", 239 /* iteration */ 2048, 240 /* keklen */ 256/8, 241 /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79, 242 0x90,0xab,0xca,0x6e,0xf0,0x02,0xf1,0xad,0x19,0x59,0xcf,0x18,0xac,0x91,0x53,0x3d} 243 }, 244 {//[3] 245 /* testname */ "PBKDF2 tv2.1", 246 /* passwd */ "password", 247 /* salt */ "salt", 248 /* iteration */ 1, 249 /* keklen */ 20, 250 /* kek */ {0x0c,0x60,0xc8,0x0f,0x96,0x1f,0x0e,0x71,0xf3,0xa9,0xb5,0x24,0xaf,0x60,0x12,0x06, 251 0x2f,0xe0,0x37,0xa6} 252 }, 253 {//[4] 254 /* testname */ "PBKDF2 tv2.20", 255 /* passwd */ "password", 256 /* salt */ "salt", 257 /* iteration */ 2, 258 /* keklen */ 20, 259 /* kek */ {0xea,0x6c,0x01,0x4d,0xc7,0x2d,0x6f,0x8c,0xcd,0x1e,0xd9,0x2a,0xce,0x1d,0x41,0xf0, 260 0xd8,0xde,0x89,0x57} 261 }, 262 {//[5] 263 /* testname */ "PBKDF2 tv2.4096", 264 /* passwd */ "password", 265 /* salt */ "salt", 266 /* iteration */ 4096, 267 /* keklen */ 20, 268 /* kek */ {0x4b,0x00,0x79,0x01,0xb7,0x65,0x48,0x9a,0xbe,0xad,0x49,0xd9,0x26,0xf7,0x21,0xd0, 269 0x65,0xa4,0x29,0xc1} 270 }, 271 {//[6] 272 /* testname */ "PBKDF2 tv3.0", 273 /* passwd */ "passwordPASSWORDpassword", 274 /* salt */ "saltSALTsaltSALTsaltSALTsaltSALTsalt", 275 /* iteration */ 4096, 276 /* keklen */ 25, 277 /* kek */ {0x3d,0x2e,0xec,0x4f,0xe4,0x1c,0x84,0x9b,0x80,0xc8,0xd8,0x36,0x62,0xc0,0xe4,0x4a, 278 0x8b,0x29,0x1a,0x96,0x4c,0xf2,0xf0,0x70,0x38} 279 }, 280 }; 281 282 void test_pbkdf2( 283 CRYSPR_methods *cryspr_m, 284 CRYSPR_cb *cryspr_cb, 285 size_t tvi) //test vector index 286 { 287 unsigned char kek[256/8]; 288 289 if(tvi < sizeof(pbkdf2_tv)/sizeof(pbkdf2_tv[0])) { 290 struct UTVcryspr_pbkdf2 *tv = &pbkdf2_tv[tvi]; 291 292 ASSERT_NE(cryspr_m->km_pbkdf2, nullPtr); 293 294 cryspr_m->km_pbkdf2( 295 cryspr_cb, 296 (char *)tv->passwd, /* passphrase */ 297 strnlen(tv->passwd, 80), /* passphrase len */ 298 (unsigned char *)tv->salt, /* salt */ 299 strnlen(tv->salt, 80), /* salt_len */ 300 tv->itr, /* iterations */ 301 tv->keklen, /* desired key len {(}16,24,32}*/ 302 kek); /* derived key */ 303 304 EXPECT_EQ(memcmp(kek, tv->kek, tv->keklen),0); 305 } 306 } 307 308 309 TEST_F(TestCRYSPRcypto, PBKDF2_tv1_k128) 310 { 311 test_pbkdf2(cryspr_m, cryspr_cb, 0); 312 } 313 314 TEST_F(TestCRYSPRcypto, PBKDF2_tv1_k192) 315 { 316 test_pbkdf2(cryspr_m, cryspr_cb, 1); 317 } 318 319 TEST_F(TestCRYSPRcypto, PBKDF2_tv1_k256) 320 { 321 test_pbkdf2(cryspr_m, cryspr_cb, 2); 322 } 323 324 TEST_F(TestCRYSPRcypto, PBKDF2_tv2_i1) 325 { 326 test_pbkdf2(cryspr_m, cryspr_cb, 3); 327 } 328 329 TEST_F(TestCRYSPRcypto, PBKDF2_tv2_i20) 330 { 331 test_pbkdf2(cryspr_m, cryspr_cb, 4); 332 } 333 334 TEST_F(TestCRYSPRcypto, PBKDF2_tv2_i4096) 335 { 336 test_pbkdf2(cryspr_m, cryspr_cb, 5); 337 } 338 339 TEST_F(TestCRYSPRcypto, PBKDF2_tv3_0) 340 { 341 test_pbkdf2(cryspr_m, cryspr_cb, 6); 342 } 343 344 /*AES KeyWrap -----------------------------------------------------------------------------------*/ 345 346 struct UTVcryspr_km_wrap { 347 const char *name; 348 unsigned char sek[256/8]; /* key to wrap (unwrap result)*/ 349 size_t seklen; 350 unsigned char kek[256/8]; 351 unsigned char wrap[8+256/8]; /* wrapped sek (wrap result) */ 352 }; 353 354 /* KMWRAP/KMUNWRAP test vectors */ 355 struct UTVcryspr_km_wrap UTV_cryspr_km_wrap[] = { 356 {//[0] 357 /*name */ "tv1.128", 358 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 359 /* seklen */ 128/8, 360 /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79}, 361 /* wrap */ {0xF8,0xB6,0x12,0x1B,0xF2,0x03,0x62,0x40,0x80,0x32,0x60,0x8D,0xED,0x0B,0x8E,0x4B, 362 0x29,0x7E,0x80,0x17,0x4E,0x89,0x68,0xF1} 363 }, 364 {//[1] 365 /*name */ "tv1.192", 366 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 367 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 368 /* seklen */ 192/8, 369 /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79, 370 0x90,0xab,0xca,0x6e,0xf0,0x02,0xf1,0xad}, 371 /* wrap */ {0xC1,0xA6,0x58,0x9E,0xC0,0x52,0x6D,0x37,0x84,0x3C,0xBD,0x3B,0x02,0xDD,0x79,0x3F, 372 0xE6,0x14,0x2D,0x81,0x69,0x4B,0x8E,0x07,0x26,0x4F,0xCD,0x86,0xD6,0x6A,0x70,0x62}, 373 }, 374 {//[2] 375 /*name */ "tv1.256", 376 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 377 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 378 /* seklen */ 256/8, 379 /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79, 380 0x90,0xab,0xca,0x6e,0xf0,0x02,0xf1,0xad,0x19,0x59,0xcf,0x18,0xac,0x91,0x53,0x3d}, 381 /* wrap */ {0x94,0xBE,0x9C,0xA6,0x7A,0x27,0x20,0x56,0xED,0xEA,0xA0,0x8F,0x71,0xB1,0xF1,0x85, 382 0xF6,0xC5,0x67,0xF4,0xA9,0xC2,0x1E,0x78,0x49,0x36,0xA5,0xAE,0x60,0xD0,0x1C,0x30, 383 0x68,0x27,0x4F,0x66,0x56,0x5A,0x55,0xAA}, 384 }, 385 }; 386 387 void test_kmwrap( 388 CRYSPR_methods *cryspr_m, 389 CRYSPR_cb *cryspr_cb, 390 size_t tvi) //Test vector index 391 { 392 unsigned char wrap[HAICRYPT_WRAPKEY_SIGN_SZ+256/8]; 393 int rc1,rc2; 394 395 if (tvi < sizeof(UTV_cryspr_km_wrap)/sizeof(UTV_cryspr_km_wrap[0])) 396 { 397 struct UTVcryspr_km_wrap *tv = &UTV_cryspr_km_wrap[tvi]; 398 size_t wraplen=HAICRYPT_WRAPKEY_SIGN_SZ+tv->seklen; 399 400 if(cryspr_m && cryspr_cb) { 401 ASSERT_NE(cryspr_m->km_setkey, nullPtr); 402 ASSERT_NE(cryspr_m->km_wrap, nullPtr); 403 404 rc1 = cryspr_m->km_setkey( 405 cryspr_cb, 406 true, //Wrap 407 tv->kek, 408 tv->seklen); 409 410 rc2 = cryspr_m->km_wrap( 411 cryspr_cb, 412 wrap, 413 tv->sek, 414 tv->seklen); 415 416 ASSERT_EQ(rc1, 0); 417 ASSERT_EQ(rc2, 0); 418 EXPECT_EQ(memcmp(tv->wrap, wrap, wraplen), 0); 419 } 420 } 421 } 422 423 void test_kmunwrap( 424 CRYSPR_methods *cryspr_m, 425 CRYSPR_cb *cryspr_cb, 426 size_t tvi) //Test vector index 427 { 428 unsigned char sek[256/8]; 429 int rc1,rc2; 430 431 if(tvi < sizeof(UTV_cryspr_km_wrap)/sizeof(UTV_cryspr_km_wrap[0])) 432 { 433 struct UTVcryspr_km_wrap *tv = &UTV_cryspr_km_wrap[tvi]; 434 size_t wraplen=HAICRYPT_WRAPKEY_SIGN_SZ+tv->seklen; 435 436 if(cryspr_m && cryspr_cb) { 437 ASSERT_NE(cryspr_m->km_setkey, nullPtr); 438 ASSERT_NE(cryspr_m->km_unwrap, nullPtr); 439 440 rc1 = cryspr_m->km_setkey( 441 cryspr_cb, 442 false, //Unwrap 443 tv->kek, 444 tv->seklen); 445 446 rc2 = cryspr_m->km_unwrap( 447 cryspr_cb, 448 sek, 449 tv->wrap, 450 wraplen); 451 452 ASSERT_EQ(rc1, 0); 453 ASSERT_EQ(rc2, 0); 454 EXPECT_EQ(memcmp(tv->sek, sek, tv->seklen), 0); 455 } 456 } 457 } 458 459 460 TEST_F(TestCRYSPRcypto, KMWRAP_tv1_k128) 461 { 462 test_kmwrap(cryspr_m, cryspr_cb, 0); 463 } 464 TEST_F(TestCRYSPRcypto, KMWRAP_tv1_k192) 465 { 466 test_kmwrap(cryspr_m, cryspr_cb, 1); 467 } 468 TEST_F(TestCRYSPRcypto, KMWRAP_tv1_k256) 469 { 470 test_kmwrap(cryspr_m, cryspr_cb, 2); 471 } 472 473 TEST_F(TestCRYSPRcypto, KMUNWRAP_tv1_k128) 474 { 475 test_kmunwrap(cryspr_m, cryspr_cb, 0); 476 } 477 TEST_F(TestCRYSPRcypto, KMUNWRAP_tv1_k192) 478 { 479 test_kmunwrap(cryspr_m, cryspr_cb, 1); 480 } 481 TEST_F(TestCRYSPRcypto, KMUNWRAP_tv1_k256) 482 { 483 test_kmunwrap(cryspr_m, cryspr_cb, 2); 484 } 485 486 /*AES ECB -----------------------------------------------------------------------------------*/ 487 #if !(CRYSPR_HAS_AESCTR && CRYSPR_HAS_AESKWRAP) 488 /* AES-ECB test vectors */ 489 struct UTVcryspr_aes_ecb { 490 const char *name; 491 unsigned char sek[256/8]; /* Stream Encrypting Key*/ 492 size_t seklen; 493 const char *cleartxt; /* clear text (decrypt result0 */ 494 unsigned char ciphertxt[32]; /* cipher text (encrypt result) */ 495 size_t outlen; 496 }; 497 498 struct UTVcryspr_aes_ecb UTV_cryspr_aes_ecb[] = { 499 {//[0] 500 /*name */ "tv1.128", 501 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 502 /* seklen */ 128/8, 503 /* cleartxt */ "0000000000000000", 504 /* ciphertxt */ {0xE0,0x86,0x82,0xBE,0x5F,0x2B,0x18,0xA6,0xE8,0x43,0x7A,0x15,0xB1,0x10,0xD4,0x18}, 505 /* cipherlen */ 16, 506 }, 507 {//[1] 508 /*name */ "tv1.192", 509 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 510 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 511 /* seklen */ 192/8, 512 /* cleartxt */ "0000000000000000", 513 /* ciphertxt */ {0xCC,0xFE,0xD9,0x9E,0x38,0xE9,0x60,0xF5,0xD7,0xE1,0xC5,0x9F,0x56,0x3A,0x49,0x9D}, 514 /* cipherlen */ 16, 515 }, 516 {//[2] 517 /*name */ "tv1.256", 518 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 519 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 520 /* seklen */ 256/8, 521 /* cleartxt */ "0000000000000000", 522 /* ciphertxt */ {0x94,0xB1,0x3A,0x9F,0x4C,0x09,0xD4,0xD7,0x00,0x2C,0x3F,0x11,0x7D,0xB1,0x7C,0x8B}, 523 /* cipherlen */ 16, 524 }, 525 {//[3] 526 /*name */ "tv2.128", 527 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 528 /* seklen */ 128/8, 529 /* cleartxt */ "00000000000000000000000000000000", 530 /* ciphertxt */ {0xE0,0x86,0x82,0xBE,0x5F,0x2B,0x18,0xA6,0xE8,0x43,0x7A,0x15,0xB1,0x10,0xD4,0x18, 531 0xE0,0x86,0x82,0xBE,0x5F,0x2B,0x18,0xA6,0xE8,0x43,0x7A,0x15,0xB1,0x10,0xD4,0x18}, 532 /* cipherlen */ 32, 533 }, 534 {//[4] 535 /*name */ "tv2.192", 536 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 537 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 538 /* seklen */ 192/8, 539 /* cleartxt */ "00000000000000000000000000000000", 540 /* ciphertxt */ {0xCC,0xFE,0xD9,0x9E,0x38,0xE9,0x60,0xF5,0xD7,0xE1,0xC5,0x9F,0x56,0x3A,0x49,0x9D, 541 0xCC,0xFE,0xD9,0x9E,0x38,0xE9,0x60,0xF5,0xD7,0xE1,0xC5,0x9F,0x56,0x3A,0x49,0x9D}, 542 /* cipherlen */ 32, 543 }, 544 {//[5] 545 /*name */ "tv2.256", 546 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 547 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 548 /* seklen */ 256/8, 549 /* cleartxt */ "00000000000000000000000000000000", 550 /* ciphertxt */ {0x94,0xB1,0x3A,0x9F,0x4C,0x09,0xD4,0xD7,0x00,0x2C,0x3F,0x11,0x7D,0xB1,0x7C,0x8B, 551 0x94,0xB1,0x3A,0x9F,0x4C,0x09,0xD4,0xD7,0x00,0x2C,0x3F,0x11,0x7D,0xB1,0x7C,0x8B}, 552 /* cipherlen */ 32, 553 }, 554 }; 555 556 void test_AESecb( 557 CRYSPR_methods *cryspr_m, 558 CRYSPR_cb *cryspr_cb, 559 size_t tvi, 560 bool bEncrypt) 561 { 562 unsigned char result[128]; 563 unsigned char *intxt; 564 unsigned char *outtxt; 565 int rc1,rc2; 566 567 if(tvi < sizeof(UTV_cryspr_aes_ecb)/sizeof(UTV_cryspr_aes_ecb[0])) 568 { 569 struct UTVcryspr_aes_ecb *tv = &UTV_cryspr_aes_ecb[tvi]; 570 size_t txtlen=strnlen((const char *)tv->cleartxt, 100); 571 size_t outlen=sizeof(result); 572 573 ASSERT_NE(cryspr_m->aes_set_key, nullPtr); 574 ASSERT_NE(cryspr_m->aes_ecb_cipher, nullPtr); 575 576 rc1 = cryspr_m->aes_set_key( 577 bEncrypt, 578 tv->sek, /* Stream encrypting Key */ 579 tv->seklen, 580 #if WITH_FIPSMODE 581 cryspr_cb->aes_sek[0]); 582 #else 583 &cryspr_cb->aes_sek[0]); 584 #endif 585 if(bEncrypt) { 586 intxt=(unsigned char *)tv->cleartxt; 587 outtxt=(unsigned char *)tv->ciphertxt; 588 }else{ 589 intxt=(unsigned char *)tv->ciphertxt; 590 outtxt=(unsigned char *)tv->cleartxt; 591 } 592 593 rc2 = cryspr_m->aes_ecb_cipher( 594 bEncrypt, /* true:encrypt, false:decrypt */ 595 #if WITH_FIPSMODE 596 cryspr_cb->aes_sek[0], /* CRYpto Service PRovider AES Key context */ 597 #else 598 &cryspr_cb->aes_sek[0], /* CRYpto Service PRovider AES Key context */ 599 #endif 600 intxt, /* src */ 601 txtlen, /* length */ 602 result, /* dest */ 603 &outlen); /* dest length */ 604 605 ASSERT_EQ(rc1, 0); 606 ASSERT_EQ(rc2, 0); 607 ASSERT_EQ(outlen, ((txtlen+(CRYSPR_AESBLKSZ-1))/CRYSPR_AESBLKSZ)*CRYSPR_AESBLKSZ); 608 EXPECT_EQ(memcmp(outtxt, result, txtlen), 0); 609 } 610 } 611 612 613 #define ENCRYPT true 614 #define DECRYPT false 615 616 TEST_F(TestCRYSPRcypto, EncryptAESecb_tv1_128) 617 { 618 test_AESecb(cryspr_m, cryspr_cb, 0, ENCRYPT); 619 } 620 TEST_F(TestCRYSPRcypto, EncryptAESecb_tv1_192) 621 { 622 test_AESecb(cryspr_m, cryspr_cb, 1, ENCRYPT); 623 } 624 TEST_F(TestCRYSPRcypto, EncryptAESecb_tv1_256) 625 { 626 test_AESecb(cryspr_m, cryspr_cb, 2, ENCRYPT); 627 } 628 TEST_F(TestCRYSPRcypto, EncryptAESecb_tv2_128) 629 { 630 test_AESecb(cryspr_m, cryspr_cb, 3, ENCRYPT); 631 } 632 TEST_F(TestCRYSPRcypto, EncryptAESecb_tv2_192) 633 { 634 test_AESecb(cryspr_m, cryspr_cb, 4, ENCRYPT); 635 } 636 TEST_F(TestCRYSPRcypto, EncryptAESecb_tv2_256) 637 { 638 test_AESecb(cryspr_m, cryspr_cb, 5, ENCRYPT); 639 } 640 TEST_F(TestCRYSPRcypto, DecryptAESecb_tv1_128) 641 { 642 test_AESecb(cryspr_m, cryspr_cb, 0, DECRYPT); 643 } 644 TEST_F(TestCRYSPRcypto, DecryptAESecb_tv1_192) 645 { 646 test_AESecb(cryspr_m, cryspr_cb, 1, DECRYPT); 647 } 648 TEST_F(TestCRYSPRcypto, DecryptAESecb_tv1_256) 649 { 650 test_AESecb(cryspr_m, cryspr_cb, 2, DECRYPT); 651 } 652 TEST_F(TestCRYSPRcypto, DecryptAESecb_tv2_128) 653 { 654 test_AESecb(cryspr_m, cryspr_cb, 3, DECRYPT); 655 } 656 TEST_F(TestCRYSPRcypto, DecryptAESecb_tv2_192) 657 { 658 test_AESecb(cryspr_m, cryspr_cb, 4, DECRYPT); 659 } 660 TEST_F(TestCRYSPRcypto, DecryptAESecb_tv2_256) 661 { 662 test_AESecb(cryspr_m, cryspr_cb, 5, DECRYPT); 663 } 664 #endif /* !(CRYSPR_HAS_AESCTR && CRYSPR_HAS_AESKWRAP) */ 665 666 /*AES CTR -----------------------------------------------------------------------------------*/ 667 #if CRYSPR_HAS_AESCTR 668 669 struct UTVcryspr_aes_ctr { 670 const char *name; 671 unsigned char sek[256/8]; /* Stream Encrypting Key*/ 672 size_t seklen; 673 unsigned char iv[CRYSPR_AESBLKSZ];/* initial vector */ 674 const char *cleartxt; /* clear text (decrypt result0 */ 675 unsigned char ciphertxt[24]; /* cipher text (encrypt result) */ 676 }; 677 678 /* AES-CTR test vectors */ 679 struct UTVcryspr_aes_ctr UTV_cryspr_aes_ctr[] = { 680 {//[0] 681 /*name */ "tv1.128", 682 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 683 /* seklen */ 128/8, 684 /* iv */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 685 /* cleartxt */ "000000000000000000000000", 686 /* ciphertxt */ {0x56,0xD9,0x7B,0xE4,0xDF,0xBA,0x1C,0x0B,0xB8,0x7C,0xCA,0x69,0xFA,0x04,0x1B,0x1E, 687 0x68,0xD2,0xCC,0xFE,0xCA,0x4E,0x00,0x51}, 688 }, 689 {//[1] 690 /*name */ "tv1.192", 691 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 692 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 693 /* seklen */ 192/8, 694 /* iv */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 695 /* cleartxt */ "000000000000000000000000", 696 /* ciphertxt */ {0x9A,0xD0,0x59,0xA2,0x9C,0x8F,0x62,0x93,0xD8,0xC4,0x99,0x5E,0xF9,0x00,0x3B,0xE7, 697 0xFD,0x03,0x82,0xBA,0xF7,0x43,0xC7,0x7B}, 698 }, 699 {//[2] 700 /*name */ "tv1.256", 701 /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 702 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 703 /* seklen */ 256/8, 704 /* iv */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, 705 /* cleartxt */ "000000000000000000000000", 706 /* ciphertxt */ {0xEC,0xA5,0xF0,0x48,0x92,0x70,0xB9,0xB9,0x9D,0x78,0x92,0x24,0xA2,0xB4,0x10,0xB7, 707 0x63,0x3F,0xBA,0xCB,0xF7,0x75,0x06,0x89} 708 }, 709 }; 710 711 void test_AESctr( 712 CRYSPR_methods *cryspr_m, 713 CRYSPR_cb *cryspr_cb, 714 size_t tvi, 715 bool bEncrypt) 716 { 717 unsigned char result[100]; 718 unsigned char ivec[CRYSPR_AESBLKSZ]; 719 unsigned char *intxt; 720 unsigned char *outtxt; 721 int rc1,rc2; 722 723 if(tvi < sizeof(UTV_cryspr_aes_ctr)/sizeof(UTV_cryspr_aes_ctr[0])) 724 { 725 struct UTVcryspr_aes_ctr *tv = &UTV_cryspr_aes_ctr[tvi]; 726 size_t txtlen=strnlen((const char *)tv->cleartxt, 100); 727 728 ASSERT_NE(cryspr_m->aes_set_key, nullPtr); 729 ASSERT_NE(cryspr_m->aes_ctr_cipher, nullPtr); 730 731 rc1 = cryspr_m->aes_set_key( 732 true, //For CTR, Encrypt key is used for both encryption and decryption 733 tv->sek, /* Stream encrypting Key */ 734 tv->seklen, 735 #if WITH_FIPSMODE 736 cryspr_cb->aes_sek[0]); 737 #else 738 &cryspr_cb->aes_sek[0]); 739 #endif 740 if(bEncrypt) { 741 intxt=(unsigned char *)tv->cleartxt; 742 outtxt=(unsigned char *)tv->ciphertxt; 743 }else{ 744 intxt=(unsigned char *)tv->ciphertxt; 745 outtxt=(unsigned char *)tv->cleartxt; 746 } 747 748 memcpy(ivec, tv->iv, sizeof(ivec)); //cipher ivec not const 749 rc2 = cryspr_m->aes_ctr_cipher( 750 bEncrypt, /* true:encrypt, false:decrypt */ 751 #if WITH_FIPSMODE 752 cryspr_cb->aes_sek[0], /* CRYpto Service PRovider AES Key context */ 753 #else 754 &cryspr_cb->aes_sek[0], /* CRYpto Service PRovider AES Key context */ 755 #endif 756 ivec, /* iv */ 757 intxt, /* src */ 758 txtlen, /* length */ 759 result); /* dest */ 760 761 ASSERT_EQ(rc1, 0); 762 ASSERT_EQ(rc2, 0); 763 EXPECT_EQ(memcmp(outtxt, result, txtlen), 0); 764 } 765 } 766 767 768 #define ENCRYPT true 769 #define DECRYPT false 770 771 TEST_F(TestCRYSPRcypto, EncryptAESctr_tv1_128) 772 { 773 test_AESctr(cryspr_m, cryspr_cb, 0, ENCRYPT); 774 } 775 TEST_F(TestCRYSPRcypto, EncryptAESctr_tv1_192) 776 { 777 test_AESctr(cryspr_m, cryspr_cb, 1, ENCRYPT); 778 } 779 TEST_F(TestCRYSPRcypto, EncryptAESctr_tv1_256) 780 { 781 test_AESctr(cryspr_m, cryspr_cb, 2, ENCRYPT); 782 } 783 TEST_F(TestCRYSPRcypto, DecryptAESctr_tv1_128) 784 { 785 test_AESctr(cryspr_m, cryspr_cb, 0, DECRYPT); 786 } 787 TEST_F(TestCRYSPRcypto, DecryptAESctr_tv1_192) 788 { 789 test_AESctr(cryspr_m, cryspr_cb, 1, DECRYPT); 790 } 791 TEST_F(TestCRYSPRcypto, DecryptAESctr_tv1_256) 792 { 793 test_AESctr(cryspr_m, cryspr_cb, 2, DECRYPT); 794 } 795 #endif /* CRYSPR_HAS_AESCTR */ 796 797 #endif /* SRT_ENABLE_ENCRYPTION */ 798