1 /*
2 * Copyright (C) 2019 Red Hat, Inc.
3 *
4 * Author: Daiki Ueno
5 *
6 * This file is part of GnuTLS.
7 *
8 * GnuTLS is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * GnuTLS is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <https://www.gnu.org/licenses/>
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #include <gnutls/crypto.h>
27
28 #include <assert.h>
29 #include <stdint.h>
30 #include <string.h>
31 #include "utils.h"
32
tls_log_func(int level,const char * str)33 static void tls_log_func(int level, const char *str)
34 {
35 fprintf(stderr, "<%d>| %s", level, str);
36 }
37
38 /* Test whether gnutls_aead_cipher_{en,de}crypt_vec works */
start(const char * name,int algo)39 static void start(const char *name, int algo)
40 {
41 int ret;
42 gnutls_aead_cipher_hd_t ch;
43 uint8_t key16[64];
44 uint8_t iv16[32];
45 uint8_t auth[128];
46 uint8_t data[64+56+36];
47 gnutls_datum_t key, iv;
48 giovec_t iov[3];
49 giovec_t auth_iov[2];
50 uint8_t tag[64];
51 size_t tag_size = 0;
52 size_t i;
53
54 key.data = key16;
55 key.size = gnutls_cipher_get_key_size(algo);
56 assert(key.size <= sizeof(key16));
57
58 iv.data = iv16;
59 iv.size = gnutls_cipher_get_iv_size(algo);
60 assert(iv.size <= sizeof(iv16));
61
62 memset(iv.data, 0xff, iv.size);
63 memset(key.data, 0xfe, key.size);
64 memset(data, 0xfa, sizeof(data));
65 memset(auth, 0xaa, sizeof(auth));
66
67 iov[0].iov_base = data;
68 iov[0].iov_len = 64;
69 iov[1].iov_base = data + 64;
70 iov[1].iov_len = 56;
71 iov[2].iov_base = data + 64 + 56;
72 iov[2].iov_len = 36;
73
74 auth_iov[0].iov_base = auth;
75 auth_iov[0].iov_len = 64;
76 auth_iov[1].iov_base = auth + 64;
77 auth_iov[1].iov_len = 64;
78
79 success("trying %s\n", name);
80
81 ret =
82 gnutls_aead_cipher_init(&ch, algo, &key);
83 if (ret < 0)
84 fail("gnutls_cipher_init: %s\n", gnutls_strerror(ret));
85
86 for (i = 0; i < 2; i++) {
87 ret = gnutls_aead_cipher_encryptv2(ch,
88 iv.data, iv.size,
89 auth_iov, 2,
90 iov, i + 1,
91 tag, &tag_size);
92 if (ret < 0)
93 fail("could not encrypt data: %s\n", gnutls_strerror(ret));
94
95 ret = gnutls_aead_cipher_decryptv2(ch,
96 iv.data, iv.size,
97 auth_iov, 2,
98 iov, i + 1,
99 tag, tag_size);
100 if (ret < 0)
101 fail("could not decrypt data: %s\n", gnutls_strerror(ret));
102 }
103
104 gnutls_aead_cipher_deinit(ch);
105 }
106
107 void
doit(void)108 doit(void)
109 {
110 int ret;
111
112 gnutls_global_set_log_function(tls_log_func);
113 if (debug)
114 gnutls_global_set_log_level(4711);
115
116 ret = global_init();
117 if (ret < 0) {
118 fail("Cannot initialize library\n"); /*errcode 1 */
119 }
120
121 start("aes-128-gcm", GNUTLS_CIPHER_AES_128_GCM);
122 start("aes-192-gcm", GNUTLS_CIPHER_AES_192_GCM);
123 start("aes-256-gcm", GNUTLS_CIPHER_AES_256_GCM);
124 start("aes-128-ccm", GNUTLS_CIPHER_AES_128_CCM);
125 if (!gnutls_fips140_mode_enabled())
126 start("chacha20-poly1305", GNUTLS_CIPHER_CHACHA20_POLY1305);
127
128 gnutls_global_deinit();
129 }
130