1 //! Tests for AES-GCM when used with non-96-bit IVs. 2 //! 3 //! Vectors taken from NIST CAVS vectors' `gcmEncryptExtIV128.rsp` file 4 /// <https://csrc.nist.gov/Projects/cryptographic-algorithm-validation-program/CAVP-TESTING-BLOCK-CIPHER-MODES> 5 6 #[macro_use] 7 extern crate hex_literal; 8 9 use aes_gcm::{ 10 aead::{ 11 generic_array::{typenum, GenericArray}, 12 Aead, NewAead, 13 }, 14 aes::Aes128, 15 AesGcm, 16 }; 17 18 /// Based on the following `gcmEncryptExtIV128.rsp` test vector: 19 /// 20 /// [Keylen = 128] 21 /// [IVlen = 8] 22 /// [PTlen = 128] 23 /// [AADlen = 0] 24 /// [Taglen = 128] 25 /// 26 /// Count = 0 27 mod ivlen8 { 28 use super::*; 29 30 type Aes128GcmWith8BitNonce = AesGcm<Aes128, typenum::U1>; 31 32 #[test] encrypt()33 fn encrypt() { 34 let key = hex!("15b2d414826453f9e1c7dd0b69d8d1eb"); 35 let nonce = hex!("b6"); 36 let plaintext = hex!("8cfa255530c6fbc19d51bd4aeb39c91b"); 37 38 let ciphertext = Aes128GcmWith8BitNonce::new(&key.into()) 39 .encrypt(GenericArray::from_slice(&nonce), &plaintext[..]) 40 .unwrap(); 41 42 let (ct, tag) = ciphertext.split_at(ciphertext.len() - 16); 43 assert_eq!(hex!("4822cb98bd5f5d921ee19285c9032375"), ct); 44 assert_eq!(hex!("8a40670ebac98cf4e9cc1bf8f803167d"), tag); 45 } 46 } 47 48 /// Based on the following `gcmEncryptExtIV128.rsp` test vector: 49 /// 50 /// [Keylen = 128] 51 /// [IVlen = 1024] 52 /// [PTlen = 128] 53 /// [AADlen = 0] 54 /// [Taglen = 128] 55 /// 56 /// Count = 0 57 mod ivlen1024 { 58 use super::*; 59 60 type Aes128GcmWith1024BitNonce = AesGcm<Aes128, typenum::U128>; 61 62 #[test] encrypt()63 fn encrypt() { 64 let key = hex!("71eebc49c8fb773b2224eaff3ad68714"); 65 let nonce = hex!( 66 "07e961e67784011f72faafd95b0eb64089c8de15ad685ec57e63d56e679d3e20 67 2b18b75fcbbec3185ffc41653bc2ac4ae6ae8be8c85636f353a9d19a86100d0b 68 d035cc6bdefcab4318ac7b1a08b819427ad8f6abc782466c6ebd4d6a0dd76e78 69 389b0a2a66506bb85f038ffc1da220c24f3817c7b2d02c5e8fc5e7e3be5074bc" 70 ); 71 let plaintext = hex!("705da82292143d2c949dc4ba014f6396"); 72 73 let ciphertext = Aes128GcmWith1024BitNonce::new(&key.into()) 74 .encrypt(GenericArray::from_slice(&nonce), &plaintext[..]) 75 .unwrap(); 76 77 let (ct, tag) = ciphertext.split_at(ciphertext.len() - 16); 78 assert_eq!(hex!("032363cf0828a03553478bec0f51f372"), ct); 79 assert_eq!(hex!("c681b2c568feaa21900bc44b86aeb946"), tag); 80 } 81 } 82