| // Copyright (c) 2021, Google Inc. |
| // |
| // Permission to use, copy, modify, and/or distribute this software for any |
| // purpose with or without fee is hereby granted, provided that the above |
| // copyright notice and this permission notice appear in all copies. |
| // |
| // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
| // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
| // SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
| // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION |
| // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
| // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| |
| package main |
| |
| import ( |
| "bytes" |
| "crypto/aes" |
| "crypto/rand" |
| "encoding/hex" |
| "testing" |
| ) |
| |
| func TestCTSRoundTrip(t *testing.T) { |
| var buf [aes.BlockSize * 8]byte |
| var key, iv [16]byte |
| rand.Reader.Read(buf[:]) |
| rand.Reader.Read(key[:]) |
| rand.Reader.Read(iv[:]) |
| |
| for i := aes.BlockSize; i < len(buf); i++ { |
| in := buf[:i] |
| ciphertext := doCTSEncrypt(key[:], in[:], iv[:]) |
| if len(ciphertext) != len(in) { |
| t.Errorf("incorrect ciphertext length for input length %d", len(in)) |
| continue |
| } |
| out := doCTSDecrypt(key[:], ciphertext, iv[:]) |
| |
| if !bytes.Equal(in[:], out) { |
| t.Errorf("did not round trip for length %d", len(in)) |
| } |
| } |
| } |
| |
| func TestCTSVectors(t *testing.T) { |
| tests := []struct { |
| plaintextHex string |
| ciphertextHex string |
| ivHex string |
| }{ |
| // Test vectors from OpenSSL. |
| { |
| "4920776f756c64206c696b652074686520", |
| "c6353568f2bf8cb4d8a580362da7ff7f97", |
| "00000000000000000000000000000000", |
| }, |
| { |
| "4920776f756c64206c696b65207468652047656e6572616c20476175277320", |
| "fc00783e0efdb2c1d445d4c8eff7ed2297687268d6ecccc0c07b25e25ecfe5", |
| "00000000000000000000000000000000", |
| }, |
| { |
| "4920776f756c64206c696b65207468652047656e6572616c2047617527732043", |
| "39312523a78662d5be7fcbcc98ebf5a897687268d6ecccc0c07b25e25ecfe584", |
| "00000000000000000000000000000000", |
| }, |
| { |
| "4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c", |
| "97687268d6ecccc0c07b25e25ecfe584b3fffd940c16a18c1b5549d2f838029e39312523a78662d5be7fcbcc98ebf5", |
| "00000000000000000000000000000000", |
| }, |
| { |
| "4920776f756c64206c696b65207468652047656e6572616c20476175277320436869636b656e2c20706c656173652c", |
| "5432a630742dee7beb70f9f1400ee6a0426da5c54a9990f5ae0b7825f51f0060b557cfb581949a4bdf3bb67dedd472", |
| "000102030405060708090a0b0c0d0e0f", |
| }, |
| } |
| |
| key := fromHex("636869636b656e207465726979616b69") |
| |
| for i, test := range tests { |
| plaintext := fromHex(test.plaintextHex) |
| iv := fromHex(test.ivHex) |
| ciphertext := doCTSEncrypt(key, plaintext, iv) |
| if got := hex.EncodeToString(ciphertext); got != test.ciphertextHex { |
| t.Errorf("#%d: unexpected ciphertext %s, want %s", i, got, test.ciphertextHex) |
| } |
| plaintextAgain := doCTSDecrypt(key, ciphertext, iv) |
| if !bytes.Equal(plaintext, plaintextAgain) { |
| t.Errorf("#%d: did not round trip", i) |
| } |
| } |
| } |
