crypto/fipsmodule/aes/aes_test.cc - boringssl - Git at Google

 /* Copyright (c) 2015, Google Inc.
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

 #include <stdio.h>
 #include <string.h>

 #include <memory>
 #include <vector>

 #include <gtest/gtest.h>

 #include <openssl/aes.h>

 #include "../../internal.h"
 #include "../../test/file_test.h"
 #include "../../test/test_util.h"


 static void TestRaw(FileTest *t) {
   std::vector<uint8_t> key, plaintext, ciphertext;
   ASSERT_TRUE(t->GetBytes(&key, "Key"));
   ASSERT_TRUE(t->GetBytes(&plaintext, "Plaintext"));
   ASSERT_TRUE(t->GetBytes(&ciphertext, "Ciphertext"));

   ASSERT_EQ(static_cast<unsigned>(AES_BLOCK_SIZE), plaintext.size());
   ASSERT_EQ(static_cast<unsigned>(AES_BLOCK_SIZE), ciphertext.size());

   AES_KEY aes_key;
   ASSERT_EQ(0, AES_set_encrypt_key(key.data(), 8 * key.size(), &aes_key));

   // Test encryption.
   uint8_t block[AES_BLOCK_SIZE];
   AES_encrypt(plaintext.data(), block, &aes_key);
   EXPECT_EQ(Bytes(ciphertext), Bytes(block));

   // Test in-place encryption.
   OPENSSL_memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
   AES_encrypt(block, block, &aes_key);
   EXPECT_EQ(Bytes(ciphertext), Bytes(block));

   ASSERT_EQ(0, AES_set_decrypt_key(key.data(), 8 * key.size(), &aes_key));

   // Test decryption.
   AES_decrypt(ciphertext.data(), block, &aes_key);
   EXPECT_EQ(Bytes(plaintext), Bytes(block));

   // Test in-place decryption.
   OPENSSL_memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
   AES_decrypt(block, block, &aes_key);
   EXPECT_EQ(Bytes(plaintext), Bytes(block));
 }

 static void TestKeyWrap(FileTest *t) {
   // All test vectors use the default IV, so test both with implicit and
   // explicit IV.
   //
   // TODO(davidben): Find test vectors that use a different IV.
   static const uint8_t kDefaultIV[] = {
       0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6,
   };

   std::vector<uint8_t> key, plaintext, ciphertext;
   ASSERT_TRUE(t->GetBytes(&key, "Key"));
   ASSERT_TRUE(t->GetBytes(&plaintext, "Plaintext"));
   ASSERT_TRUE(t->GetBytes(&ciphertext, "Ciphertext"));

   ASSERT_EQ(plaintext.size() + 8, ciphertext.size())
       << "Invalid Plaintext and Ciphertext lengths.";

   // Test encryption.
   AES_KEY aes_key;
   ASSERT_EQ(0, AES_set_encrypt_key(key.data(), 8 * key.size(), &aes_key));

   // Test with implicit IV.
   std::unique_ptr<uint8_t[]> buf(new uint8_t[ciphertext.size()]);
   int len = AES_wrap_key(&aes_key, nullptr /* iv */, buf.get(),
                          plaintext.data(), plaintext.size());
   ASSERT_GE(len, 0);
   EXPECT_EQ(Bytes(ciphertext), Bytes(buf.get(), static_cast<size_t>(len)));

   // Test with explicit IV.
   OPENSSL_memset(buf.get(), 0, ciphertext.size());
   len = AES_wrap_key(&aes_key, kDefaultIV, buf.get(), plaintext.data(),
                      plaintext.size());
   ASSERT_GE(len, 0);
   EXPECT_EQ(Bytes(ciphertext), Bytes(buf.get(), static_cast<size_t>(len)));

   // Test decryption.
   ASSERT_EQ(0, AES_set_decrypt_key(key.data(), 8 * key.size(), &aes_key));

   // Test with implicit IV.
   buf.reset(new uint8_t[plaintext.size()]);
   len = AES_unwrap_key(&aes_key, nullptr /* iv */, buf.get(), ciphertext.data(),
                        ciphertext.size());
   ASSERT_GE(len, 0);
   EXPECT_EQ(Bytes(plaintext), Bytes(buf.get(), static_cast<size_t>(len)));

   // Test with explicit IV.
   OPENSSL_memset(buf.get(), 0, plaintext.size());
   len = AES_unwrap_key(&aes_key, kDefaultIV, buf.get(), ciphertext.data(),
                        ciphertext.size());
   ASSERT_GE(len, 0);

   // Test corrupted ciphertext.
   ciphertext[0] ^= 1;
   EXPECT_EQ(-1, AES_unwrap_key(&aes_key, nullptr /* iv */, buf.get(),
                                ciphertext.data(), ciphertext.size()));
 }

 TEST(AESTest, TestVectors) {
   FileTestGTest("crypto/fipsmodule/aes/aes_tests.txt", [](FileTest *t) {
     if (t->GetParameter() == "Raw") {
       TestRaw(t);
     } else if (t->GetParameter() == "KeyWrap") {
       TestKeyWrap(t);
     } else {
       ADD_FAILURE() << "Unknown mode " << t->GetParameter();
     }
   });
 }
	/* Copyright (c) 2015, Google Inc.
	*
	* Permission to use, copy, modify, and/or distribute this software for any
	* purpose with or without fee is hereby granted, provided that the above
	* copyright notice and this permission notice appear in all copies.
	*
	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
	* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
	* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
	* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

	#include <stdio.h>
	#include <string.h>

	#include <memory>
	#include <vector>

	#include <gtest/gtest.h>

	#include <openssl/aes.h>

	#include "../../internal.h"
	#include "../../test/file_test.h"
	#include "../../test/test_util.h"


	static void TestRaw(FileTest *t) {
	std::vector<uint8_t> key, plaintext, ciphertext;
	ASSERT_TRUE(t->GetBytes(&key, "Key"));
	ASSERT_TRUE(t->GetBytes(&plaintext, "Plaintext"));
	ASSERT_TRUE(t->GetBytes(&ciphertext, "Ciphertext"));

	ASSERT_EQ(static_cast<unsigned>(AES_BLOCK_SIZE), plaintext.size());
	ASSERT_EQ(static_cast<unsigned>(AES_BLOCK_SIZE), ciphertext.size());

	AES_KEY aes_key;
	ASSERT_EQ(0, AES_set_encrypt_key(key.data(), 8 * key.size(), &aes_key));

	// Test encryption.
	uint8_t block[AES_BLOCK_SIZE];
	AES_encrypt(plaintext.data(), block, &aes_key);
	EXPECT_EQ(Bytes(ciphertext), Bytes(block));

	// Test in-place encryption.
	OPENSSL_memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
	AES_encrypt(block, block, &aes_key);
	EXPECT_EQ(Bytes(ciphertext), Bytes(block));

	ASSERT_EQ(0, AES_set_decrypt_key(key.data(), 8 * key.size(), &aes_key));

	// Test decryption.
	AES_decrypt(ciphertext.data(), block, &aes_key);
	EXPECT_EQ(Bytes(plaintext), Bytes(block));

	// Test in-place decryption.
	OPENSSL_memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
	AES_decrypt(block, block, &aes_key);
	EXPECT_EQ(Bytes(plaintext), Bytes(block));
	}

	static void TestKeyWrap(FileTest *t) {
	// All test vectors use the default IV, so test both with implicit and
	// explicit IV.
	//
	// TODO(davidben): Find test vectors that use a different IV.
	static const uint8_t kDefaultIV[] = {
	0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6,
	};

	std::vector<uint8_t> key, plaintext, ciphertext;
	ASSERT_TRUE(t->GetBytes(&key, "Key"));
	ASSERT_TRUE(t->GetBytes(&plaintext, "Plaintext"));
	ASSERT_TRUE(t->GetBytes(&ciphertext, "Ciphertext"));

	ASSERT_EQ(plaintext.size() + 8, ciphertext.size())
	<< "Invalid Plaintext and Ciphertext lengths.";

	// Test encryption.
	AES_KEY aes_key;
	ASSERT_EQ(0, AES_set_encrypt_key(key.data(), 8 * key.size(), &aes_key));

	// Test with implicit IV.
	std::unique_ptr<uint8_t[]> buf(new uint8_t[ciphertext.size()]);
	int len = AES_wrap_key(&aes_key, nullptr /* iv */, buf.get(),
	plaintext.data(), plaintext.size());
	ASSERT_GE(len, 0);
	EXPECT_EQ(Bytes(ciphertext), Bytes(buf.get(), static_cast<size_t>(len)));

	// Test with explicit IV.
	OPENSSL_memset(buf.get(), 0, ciphertext.size());
	len = AES_wrap_key(&aes_key, kDefaultIV, buf.get(), plaintext.data(),
	plaintext.size());
	ASSERT_GE(len, 0);
	EXPECT_EQ(Bytes(ciphertext), Bytes(buf.get(), static_cast<size_t>(len)));

	// Test decryption.
	ASSERT_EQ(0, AES_set_decrypt_key(key.data(), 8 * key.size(), &aes_key));

	// Test with implicit IV.
	buf.reset(new uint8_t[plaintext.size()]);
	len = AES_unwrap_key(&aes_key, nullptr /* iv */, buf.get(), ciphertext.data(),
	ciphertext.size());
	ASSERT_GE(len, 0);
	EXPECT_EQ(Bytes(plaintext), Bytes(buf.get(), static_cast<size_t>(len)));

	// Test with explicit IV.
	OPENSSL_memset(buf.get(), 0, plaintext.size());
	len = AES_unwrap_key(&aes_key, kDefaultIV, buf.get(), ciphertext.data(),
	ciphertext.size());
	ASSERT_GE(len, 0);

	// Test corrupted ciphertext.
	ciphertext[0] ^= 1;
	EXPECT_EQ(-1, AES_unwrap_key(&aes_key, nullptr /* iv */, buf.get(),
	ciphertext.data(), ciphertext.size()));
	}

	TEST(AESTest, TestVectors) {
	FileTestGTest("crypto/fipsmodule/aes/aes_tests.txt", [](FileTest *t) {
	if (t->GetParameter() == "Raw") {
	TestRaw(t);
	} else if (t->GetParameter() == "KeyWrap") {
	TestKeyWrap(t);
	} else {
	ADD_FAILURE() << "Unknown mode " << t->GetParameter();
	}
	});
	}