#include #include #include "gtest/gtest.h" #ifdef SRT_ENABLE_ENCRYPTION #include "common.h" #include "hcrypt.h" #include "version.h" #if (CRYSPR_VERSION_NUMBER >= 0x010100) #define WITH_FIPSMODE 1 /* 1: openssl-evp branch */ #endif #define UT_PKT_MAXLEN 1500 const void *nullPtr = NULL; /* TestCRYSPRmethods: Test presense of required cryspr methods */ class TestCRYSPRmethods : public ::testing::Test { protected: TestCRYSPRmethods() { // initialization code here cryspr_m = NULL; cryspr_fbm = NULL; } ~TestCRYSPRmethods() { // cleanup any pending stuff, but no exceptions allowed } // SetUp() is run immediately before a test starts. #if defined(__GNUC__) && (__GNUC___ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)) // override only supported for GCC>=4.7 void SetUp() override { #else void SetUp() { #endif cryspr_m = cryspr4SRT(); cryspr_fbm = crysprInit(&cryspr_fb); ASSERT_NE(cryspr_m, nullPtr); ASSERT_NE(cryspr_fbm, nullPtr); ASSERT_EQ(cryspr_fbm, &cryspr_fb); } #if defined(__GNUC__) && (__GNUC___ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)) void TearDown() override { #else void TearDown() { #endif // Code here will be called just after the test completes. // OK to throw exceptions from here if needed. } protected: CRYSPR_methods *cryspr_m; /* methods */ CRYSPR_methods cryspr_fb, *cryspr_fbm; /* fall back methods */ // CRYSPR_cb *cryspr_cb; /* Control block */ }; TEST_F(TestCRYSPRmethods, MethodOpen) { EXPECT_NE(cryspr_m, nullPtr); EXPECT_NE(cryspr_m->open, nullPtr); } TEST_F(TestCRYSPRmethods, init) { ASSERT_NE(cryspr_m, nullPtr); } #if WITH_FIPSMODE TEST_F(TestCRYSPRmethods, fipsmode) { if(cryspr_m->fips_mode_set == NULL || cryspr_m->fips_mode_set == cryspr_fbm->fips_mode_set ) { #if defined(CRYSPR_FIPSMODE) //undef: not supported, 0: supported and Off by default, 1: enabled by default EXPECT_NE(cryspr_m->fips_mode_set, cryspr_fbm->fips_mode_set); //Fallback method cannot set FIPS mode EXPECT_EQ(cryspr_m->fips_mode_set(CRYSPR_FIPSMODE ? 0 : 1), CRYSPR_FIPSMODE); EXPECT_EQ(cryspr_m->fips_mode_set(CRYSPR_FIPSMODE), (CRYSPR_FIPSMODE? 0 : 1)); #endif /* CRYSPR_FIPSMODE */ } } #endif /* WITH_FIPSMODE */ TEST_F(TestCRYSPRmethods, open) { EXPECT_NE(cryspr_m->open, nullPtr); } TEST_F(TestCRYSPRmethods, close) { EXPECT_NE(cryspr_m->close, nullPtr); } TEST_F(TestCRYSPRmethods, prng) { EXPECT_NE(cryspr_m->prng, nullPtr); } TEST_F(TestCRYSPRmethods, aes_set_key) { EXPECT_NE(cryspr_m->aes_set_key, nullPtr); } TEST_F(TestCRYSPRmethods, AESecb) { if(cryspr_m->km_wrap == cryspr_fbm->km_wrap) { /* fallback KM_WRAP method used * AES-ECB method then required */ EXPECT_NE(cryspr_m->aes_ecb_cipher, nullPtr); EXPECT_NE(cryspr_m->aes_ecb_cipher, cryspr_fbm->aes_ecb_cipher); } } TEST_F(TestCRYSPRmethods, AESctr) { EXPECT_NE(cryspr_m->aes_ctr_cipher, nullPtr); } TEST_F(TestCRYSPRmethods, SHA1) { if(cryspr_m->sha1_msg_digest == NULL || cryspr_m->km_pbkdf2 == cryspr_fbm->km_pbkdf2 ) { /* fallback PBKDF2 used * then sha1 method required. */ EXPECT_NE(cryspr_m->sha1_msg_digest, nullPtr); EXPECT_NE(cryspr_m->sha1_msg_digest, cryspr_fbm->sha1_msg_digest); } } /* CRYSPR control block test */ class TestCRYSPRcypto : public ::testing::Test { protected: TestCRYSPRcypto() { // initialization code here cryspr_m = NULL; cryspr_fbm = NULL; cryspr_cb = NULL; } ~TestCRYSPRcypto() { // cleanup any pending stuff, but no exceptions allowed } // SetUp() is run immediately before a test starts. #if defined(__GNUC__) && (__GNUC___ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)) // override only supported for GCC>=4.7 void SetUp() override { #else void SetUp() { #endif cryspr_m = cryspr4SRT(); cryspr_fbm = crysprInit(&cryspr_fb); ASSERT_NE(cryspr_m, nullPtr); ASSERT_NE(cryspr_fbm, nullPtr); ASSERT_EQ(cryspr_fbm, &cryspr_fb); cryspr_cb = cryspr_m->open(cryspr_m, UT_PKT_MAXLEN); ASSERT_NE(cryspr_cb, nullPtr); } #if defined(__GNUC__) && (__GNUC___ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7)) void TearDown() override { #else void TearDown() { #endif // Code here will be called just after the test completes. // OK to throw exceptions from here if needed. if (cryspr_m && cryspr_cb) { EXPECT_EQ(cryspr_m->close(cryspr_cb), 0); } } protected: CRYSPR_methods *cryspr_m; /* methods */ CRYSPR_methods cryspr_fb, *cryspr_fbm; /* fall back methods */ CRYSPR_cb *cryspr_cb; /* Control block */ }; TEST_F(TestCRYSPRcypto, CtrlBlock) { EXPECT_EQ(cryspr_m, cryspr_cb->cryspr); //methods set in control block } /*PBKDF2-----------------------------------------------------------------------------------------*/ /* See https://asecuritysite.com/encryption/PBKDF2z to generate "known good" PBKDF2 hash */ /* Test Vector 1.1 to 1.3 */ struct UTVcryspr_pbkdf2 { const char *name; const char *passwd; const char *salt; int itr; size_t keklen; unsigned char kek[256/8]; }; /* PBKDF2 test vectors */ struct UTVcryspr_pbkdf2 pbkdf2_tv[] = { {//[0] /* testname */ "PBKDF2 tv1.128", /* passwd */ "000000000000", /* salt */ "00000000", /* iteration */ 2048, /* keklen */ 128/8, /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79} }, {//[1] /* testname */ "PBKDF2 tv1.192", /* passwd */ "000000000000", /* salt */ "00000000", /* iteration */ 2048, /* keklen */ 192/8, /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79, 0x90,0xab,0xca,0x6e,0xf0,0x02,0xf1,0xad} }, {//[2] /* testname */ "PBKDF2 tv1.256", /* passwd */ "000000000000", /* salt */ "00000000", /* iteration */ 2048, /* keklen */ 256/8, /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79, 0x90,0xab,0xca,0x6e,0xf0,0x02,0xf1,0xad,0x19,0x59,0xcf,0x18,0xac,0x91,0x53,0x3d} }, {//[3] /* testname */ "PBKDF2 tv2.1", /* passwd */ "password", /* salt */ "salt", /* iteration */ 1, /* keklen */ 20, /* kek */ {0x0c,0x60,0xc8,0x0f,0x96,0x1f,0x0e,0x71,0xf3,0xa9,0xb5,0x24,0xaf,0x60,0x12,0x06, 0x2f,0xe0,0x37,0xa6} }, {//[4] /* testname */ "PBKDF2 tv2.20", /* passwd */ "password", /* salt */ "salt", /* iteration */ 2, /* keklen */ 20, /* kek */ {0xea,0x6c,0x01,0x4d,0xc7,0x2d,0x6f,0x8c,0xcd,0x1e,0xd9,0x2a,0xce,0x1d,0x41,0xf0, 0xd8,0xde,0x89,0x57} }, {//[5] /* testname */ "PBKDF2 tv2.4096", /* passwd */ "password", /* salt */ "salt", /* iteration */ 4096, /* keklen */ 20, /* kek */ {0x4b,0x00,0x79,0x01,0xb7,0x65,0x48,0x9a,0xbe,0xad,0x49,0xd9,0x26,0xf7,0x21,0xd0, 0x65,0xa4,0x29,0xc1} }, {//[6] /* testname */ "PBKDF2 tv3.0", /* passwd */ "passwordPASSWORDpassword", /* salt */ "saltSALTsaltSALTsaltSALTsaltSALTsalt", /* iteration */ 4096, /* keklen */ 25, /* kek */ {0x3d,0x2e,0xec,0x4f,0xe4,0x1c,0x84,0x9b,0x80,0xc8,0xd8,0x36,0x62,0xc0,0xe4,0x4a, 0x8b,0x29,0x1a,0x96,0x4c,0xf2,0xf0,0x70,0x38} }, }; void test_pbkdf2( CRYSPR_methods *cryspr_m, CRYSPR_cb *cryspr_cb, size_t tvi) //test vector index { unsigned char kek[256/8]; if(tvi < sizeof(pbkdf2_tv)/sizeof(pbkdf2_tv[0])) { struct UTVcryspr_pbkdf2 *tv = &pbkdf2_tv[tvi]; ASSERT_NE(cryspr_m->km_pbkdf2, nullPtr); cryspr_m->km_pbkdf2( cryspr_cb, (char *)tv->passwd, /* passphrase */ strnlen(tv->passwd, 80), /* passphrase len */ (unsigned char *)tv->salt, /* salt */ strnlen(tv->salt, 80), /* salt_len */ tv->itr, /* iterations */ tv->keklen, /* desired key len {(}16,24,32}*/ kek); /* derived key */ EXPECT_EQ(memcmp(kek, tv->kek, tv->keklen),0); } } TEST_F(TestCRYSPRcypto, PBKDF2_tv1_k128) { test_pbkdf2(cryspr_m, cryspr_cb, 0); } TEST_F(TestCRYSPRcypto, PBKDF2_tv1_k192) { test_pbkdf2(cryspr_m, cryspr_cb, 1); } TEST_F(TestCRYSPRcypto, PBKDF2_tv1_k256) { test_pbkdf2(cryspr_m, cryspr_cb, 2); } TEST_F(TestCRYSPRcypto, PBKDF2_tv2_i1) { test_pbkdf2(cryspr_m, cryspr_cb, 3); } TEST_F(TestCRYSPRcypto, PBKDF2_tv2_i20) { test_pbkdf2(cryspr_m, cryspr_cb, 4); } TEST_F(TestCRYSPRcypto, PBKDF2_tv2_i4096) { test_pbkdf2(cryspr_m, cryspr_cb, 5); } TEST_F(TestCRYSPRcypto, PBKDF2_tv3_0) { test_pbkdf2(cryspr_m, cryspr_cb, 6); } /*AES KeyWrap -----------------------------------------------------------------------------------*/ struct UTVcryspr_km_wrap { const char *name; unsigned char sek[256/8]; /* key to wrap (unwrap result)*/ size_t seklen; unsigned char kek[256/8]; unsigned char wrap[8+256/8]; /* wrapped sek (wrap result) */ }; /* KMWRAP/KMUNWRAP test vectors */ struct UTVcryspr_km_wrap UTV_cryspr_km_wrap[] = { {//[0] /*name */ "tv1.128", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 128/8, /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79}, /* wrap */ {0xF8,0xB6,0x12,0x1B,0xF2,0x03,0x62,0x40,0x80,0x32,0x60,0x8D,0xED,0x0B,0x8E,0x4B, 0x29,0x7E,0x80,0x17,0x4E,0x89,0x68,0xF1} }, {//[1] /*name */ "tv1.192", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 192/8, /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79, 0x90,0xab,0xca,0x6e,0xf0,0x02,0xf1,0xad}, /* wrap */ {0xC1,0xA6,0x58,0x9E,0xC0,0x52,0x6D,0x37,0x84,0x3C,0xBD,0x3B,0x02,0xDD,0x79,0x3F, 0xE6,0x14,0x2D,0x81,0x69,0x4B,0x8E,0x07,0x26,0x4F,0xCD,0x86,0xD6,0x6A,0x70,0x62}, }, {//[2] /*name */ "tv1.256", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 256/8, /* kek */ {0xb6,0xbf,0x5f,0x0c,0xdd,0x25,0xe8,0x58,0x23,0xfd,0x84,0x7a,0xb2,0xb6,0x7f,0x79, 0x90,0xab,0xca,0x6e,0xf0,0x02,0xf1,0xad,0x19,0x59,0xcf,0x18,0xac,0x91,0x53,0x3d}, /* wrap */ {0x94,0xBE,0x9C,0xA6,0x7A,0x27,0x20,0x56,0xED,0xEA,0xA0,0x8F,0x71,0xB1,0xF1,0x85, 0xF6,0xC5,0x67,0xF4,0xA9,0xC2,0x1E,0x78,0x49,0x36,0xA5,0xAE,0x60,0xD0,0x1C,0x30, 0x68,0x27,0x4F,0x66,0x56,0x5A,0x55,0xAA}, }, }; void test_kmwrap( CRYSPR_methods *cryspr_m, CRYSPR_cb *cryspr_cb, size_t tvi) //Test vector index { unsigned char wrap[HAICRYPT_WRAPKEY_SIGN_SZ+256/8]; int rc1,rc2; if (tvi < sizeof(UTV_cryspr_km_wrap)/sizeof(UTV_cryspr_km_wrap[0])) { struct UTVcryspr_km_wrap *tv = &UTV_cryspr_km_wrap[tvi]; size_t wraplen=HAICRYPT_WRAPKEY_SIGN_SZ+tv->seklen; if(cryspr_m && cryspr_cb) { ASSERT_NE(cryspr_m->km_setkey, nullPtr); ASSERT_NE(cryspr_m->km_wrap, nullPtr); rc1 = cryspr_m->km_setkey( cryspr_cb, true, //Wrap tv->kek, tv->seklen); rc2 = cryspr_m->km_wrap( cryspr_cb, wrap, tv->sek, tv->seklen); ASSERT_EQ(rc1, 0); ASSERT_EQ(rc2, 0); EXPECT_EQ(memcmp(tv->wrap, wrap, wraplen), 0); } } } void test_kmunwrap( CRYSPR_methods *cryspr_m, CRYSPR_cb *cryspr_cb, size_t tvi) //Test vector index { unsigned char sek[256/8]; int rc1,rc2; if(tvi < sizeof(UTV_cryspr_km_wrap)/sizeof(UTV_cryspr_km_wrap[0])) { struct UTVcryspr_km_wrap *tv = &UTV_cryspr_km_wrap[tvi]; size_t wraplen=HAICRYPT_WRAPKEY_SIGN_SZ+tv->seklen; if(cryspr_m && cryspr_cb) { ASSERT_NE(cryspr_m->km_setkey, nullPtr); ASSERT_NE(cryspr_m->km_unwrap, nullPtr); rc1 = cryspr_m->km_setkey( cryspr_cb, false, //Unwrap tv->kek, tv->seklen); rc2 = cryspr_m->km_unwrap( cryspr_cb, sek, tv->wrap, wraplen); ASSERT_EQ(rc1, 0); ASSERT_EQ(rc2, 0); EXPECT_EQ(memcmp(tv->sek, sek, tv->seklen), 0); } } } TEST_F(TestCRYSPRcypto, KMWRAP_tv1_k128) { test_kmwrap(cryspr_m, cryspr_cb, 0); } TEST_F(TestCRYSPRcypto, KMWRAP_tv1_k192) { test_kmwrap(cryspr_m, cryspr_cb, 1); } TEST_F(TestCRYSPRcypto, KMWRAP_tv1_k256) { test_kmwrap(cryspr_m, cryspr_cb, 2); } TEST_F(TestCRYSPRcypto, KMUNWRAP_tv1_k128) { test_kmunwrap(cryspr_m, cryspr_cb, 0); } TEST_F(TestCRYSPRcypto, KMUNWRAP_tv1_k192) { test_kmunwrap(cryspr_m, cryspr_cb, 1); } TEST_F(TestCRYSPRcypto, KMUNWRAP_tv1_k256) { test_kmunwrap(cryspr_m, cryspr_cb, 2); } /*AES ECB -----------------------------------------------------------------------------------*/ #if !(CRYSPR_HAS_AESCTR && CRYSPR_HAS_AESKWRAP) /* AES-ECB test vectors */ struct UTVcryspr_aes_ecb { const char *name; unsigned char sek[256/8]; /* Stream Encrypting Key*/ size_t seklen; const char *cleartxt; /* clear text (decrypt result0 */ unsigned char ciphertxt[32]; /* cipher text (encrypt result) */ size_t outlen; }; struct UTVcryspr_aes_ecb UTV_cryspr_aes_ecb[] = { {//[0] /*name */ "tv1.128", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 128/8, /* cleartxt */ "0000000000000000", /* ciphertxt */ {0xE0,0x86,0x82,0xBE,0x5F,0x2B,0x18,0xA6,0xE8,0x43,0x7A,0x15,0xB1,0x10,0xD4,0x18}, /* cipherlen */ 16, }, {//[1] /*name */ "tv1.192", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 192/8, /* cleartxt */ "0000000000000000", /* ciphertxt */ {0xCC,0xFE,0xD9,0x9E,0x38,0xE9,0x60,0xF5,0xD7,0xE1,0xC5,0x9F,0x56,0x3A,0x49,0x9D}, /* cipherlen */ 16, }, {//[2] /*name */ "tv1.256", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 256/8, /* cleartxt */ "0000000000000000", /* ciphertxt */ {0x94,0xB1,0x3A,0x9F,0x4C,0x09,0xD4,0xD7,0x00,0x2C,0x3F,0x11,0x7D,0xB1,0x7C,0x8B}, /* cipherlen */ 16, }, {//[3] /*name */ "tv2.128", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 128/8, /* cleartxt */ "00000000000000000000000000000000", /* ciphertxt */ {0xE0,0x86,0x82,0xBE,0x5F,0x2B,0x18,0xA6,0xE8,0x43,0x7A,0x15,0xB1,0x10,0xD4,0x18, 0xE0,0x86,0x82,0xBE,0x5F,0x2B,0x18,0xA6,0xE8,0x43,0x7A,0x15,0xB1,0x10,0xD4,0x18}, /* cipherlen */ 32, }, {//[4] /*name */ "tv2.192", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 192/8, /* cleartxt */ "00000000000000000000000000000000", /* ciphertxt */ {0xCC,0xFE,0xD9,0x9E,0x38,0xE9,0x60,0xF5,0xD7,0xE1,0xC5,0x9F,0x56,0x3A,0x49,0x9D, 0xCC,0xFE,0xD9,0x9E,0x38,0xE9,0x60,0xF5,0xD7,0xE1,0xC5,0x9F,0x56,0x3A,0x49,0x9D}, /* cipherlen */ 32, }, {//[5] /*name */ "tv2.256", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 256/8, /* cleartxt */ "00000000000000000000000000000000", /* ciphertxt */ {0x94,0xB1,0x3A,0x9F,0x4C,0x09,0xD4,0xD7,0x00,0x2C,0x3F,0x11,0x7D,0xB1,0x7C,0x8B, 0x94,0xB1,0x3A,0x9F,0x4C,0x09,0xD4,0xD7,0x00,0x2C,0x3F,0x11,0x7D,0xB1,0x7C,0x8B}, /* cipherlen */ 32, }, }; void test_AESecb( CRYSPR_methods *cryspr_m, CRYSPR_cb *cryspr_cb, size_t tvi, bool bEncrypt) { unsigned char result[128]; unsigned char *intxt; unsigned char *outtxt; int rc1,rc2; if(tvi < sizeof(UTV_cryspr_aes_ecb)/sizeof(UTV_cryspr_aes_ecb[0])) { struct UTVcryspr_aes_ecb *tv = &UTV_cryspr_aes_ecb[tvi]; size_t txtlen=strnlen((const char *)tv->cleartxt, 100); size_t outlen=sizeof(result); ASSERT_NE(cryspr_m->aes_set_key, nullPtr); ASSERT_NE(cryspr_m->aes_ecb_cipher, nullPtr); rc1 = cryspr_m->aes_set_key( bEncrypt, tv->sek, /* Stream encrypting Key */ tv->seklen, #if WITH_FIPSMODE cryspr_cb->aes_sek[0]); #else &cryspr_cb->aes_sek[0]); #endif if(bEncrypt) { intxt=(unsigned char *)tv->cleartxt; outtxt=(unsigned char *)tv->ciphertxt; }else{ intxt=(unsigned char *)tv->ciphertxt; outtxt=(unsigned char *)tv->cleartxt; } rc2 = cryspr_m->aes_ecb_cipher( bEncrypt, /* true:encrypt, false:decrypt */ #if WITH_FIPSMODE cryspr_cb->aes_sek[0], /* CRYpto Service PRovider AES Key context */ #else &cryspr_cb->aes_sek[0], /* CRYpto Service PRovider AES Key context */ #endif intxt, /* src */ txtlen, /* length */ result, /* dest */ &outlen); /* dest length */ ASSERT_EQ(rc1, 0); ASSERT_EQ(rc2, 0); ASSERT_EQ(outlen, ((txtlen+(CRYSPR_AESBLKSZ-1))/CRYSPR_AESBLKSZ)*CRYSPR_AESBLKSZ); EXPECT_EQ(memcmp(outtxt, result, txtlen), 0); } } #define ENCRYPT true #define DECRYPT false TEST_F(TestCRYSPRcypto, EncryptAESecb_tv1_128) { test_AESecb(cryspr_m, cryspr_cb, 0, ENCRYPT); } TEST_F(TestCRYSPRcypto, EncryptAESecb_tv1_192) { test_AESecb(cryspr_m, cryspr_cb, 1, ENCRYPT); } TEST_F(TestCRYSPRcypto, EncryptAESecb_tv1_256) { test_AESecb(cryspr_m, cryspr_cb, 2, ENCRYPT); } TEST_F(TestCRYSPRcypto, EncryptAESecb_tv2_128) { test_AESecb(cryspr_m, cryspr_cb, 3, ENCRYPT); } TEST_F(TestCRYSPRcypto, EncryptAESecb_tv2_192) { test_AESecb(cryspr_m, cryspr_cb, 4, ENCRYPT); } TEST_F(TestCRYSPRcypto, EncryptAESecb_tv2_256) { test_AESecb(cryspr_m, cryspr_cb, 5, ENCRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESecb_tv1_128) { test_AESecb(cryspr_m, cryspr_cb, 0, DECRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESecb_tv1_192) { test_AESecb(cryspr_m, cryspr_cb, 1, DECRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESecb_tv1_256) { test_AESecb(cryspr_m, cryspr_cb, 2, DECRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESecb_tv2_128) { test_AESecb(cryspr_m, cryspr_cb, 3, DECRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESecb_tv2_192) { test_AESecb(cryspr_m, cryspr_cb, 4, DECRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESecb_tv2_256) { test_AESecb(cryspr_m, cryspr_cb, 5, DECRYPT); } #endif /* !(CRYSPR_HAS_AESCTR && CRYSPR_HAS_AESKWRAP) */ /*AES CTR -----------------------------------------------------------------------------------*/ #if CRYSPR_HAS_AESCTR struct UTVcryspr_aes_ctr { const char *name; unsigned char sek[256/8]; /* Stream Encrypting Key*/ size_t seklen; unsigned char iv[CRYSPR_AESBLKSZ];/* initial vector */ const char *cleartxt; /* clear text (decrypt result0 */ unsigned char ciphertxt[24]; /* cipher text (encrypt result) */ }; /* AES-CTR test vectors */ struct UTVcryspr_aes_ctr UTV_cryspr_aes_ctr[] = { {//[0] /*name */ "tv1.128", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 128/8, /* iv */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* cleartxt */ "000000000000000000000000", /* ciphertxt */ {0x56,0xD9,0x7B,0xE4,0xDF,0xBA,0x1C,0x0B,0xB8,0x7C,0xCA,0x69,0xFA,0x04,0x1B,0x1E, 0x68,0xD2,0xCC,0xFE,0xCA,0x4E,0x00,0x51}, }, {//[1] /*name */ "tv1.192", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 192/8, /* iv */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* cleartxt */ "000000000000000000000000", /* ciphertxt */ {0x9A,0xD0,0x59,0xA2,0x9C,0x8F,0x62,0x93,0xD8,0xC4,0x99,0x5E,0xF9,0x00,0x3B,0xE7, 0xFD,0x03,0x82,0xBA,0xF7,0x43,0xC7,0x7B}, }, {//[2] /*name */ "tv1.256", /* sek */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* seklen */ 256/8, /* iv */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, /* cleartxt */ "000000000000000000000000", /* ciphertxt */ {0xEC,0xA5,0xF0,0x48,0x92,0x70,0xB9,0xB9,0x9D,0x78,0x92,0x24,0xA2,0xB4,0x10,0xB7, 0x63,0x3F,0xBA,0xCB,0xF7,0x75,0x06,0x89} }, }; void test_AESctr( CRYSPR_methods *cryspr_m, CRYSPR_cb *cryspr_cb, size_t tvi, bool bEncrypt) { unsigned char result[100]; unsigned char ivec[CRYSPR_AESBLKSZ]; unsigned char *intxt; unsigned char *outtxt; int rc1,rc2; if(tvi < sizeof(UTV_cryspr_aes_ctr)/sizeof(UTV_cryspr_aes_ctr[0])) { struct UTVcryspr_aes_ctr *tv = &UTV_cryspr_aes_ctr[tvi]; size_t txtlen=strnlen((const char *)tv->cleartxt, 100); ASSERT_NE(cryspr_m->aes_set_key, nullPtr); ASSERT_NE(cryspr_m->aes_ctr_cipher, nullPtr); rc1 = cryspr_m->aes_set_key( true, //For CTR, Encrypt key is used for both encryption and decryption tv->sek, /* Stream encrypting Key */ tv->seklen, #if WITH_FIPSMODE cryspr_cb->aes_sek[0]); #else &cryspr_cb->aes_sek[0]); #endif if(bEncrypt) { intxt=(unsigned char *)tv->cleartxt; outtxt=(unsigned char *)tv->ciphertxt; }else{ intxt=(unsigned char *)tv->ciphertxt; outtxt=(unsigned char *)tv->cleartxt; } memcpy(ivec, tv->iv, sizeof(ivec)); //cipher ivec not const rc2 = cryspr_m->aes_ctr_cipher( bEncrypt, /* true:encrypt, false:decrypt */ #if WITH_FIPSMODE cryspr_cb->aes_sek[0], /* CRYpto Service PRovider AES Key context */ #else &cryspr_cb->aes_sek[0], /* CRYpto Service PRovider AES Key context */ #endif ivec, /* iv */ intxt, /* src */ txtlen, /* length */ result); /* dest */ ASSERT_EQ(rc1, 0); ASSERT_EQ(rc2, 0); EXPECT_EQ(memcmp(outtxt, result, txtlen), 0); } } #define ENCRYPT true #define DECRYPT false TEST_F(TestCRYSPRcypto, EncryptAESctr_tv1_128) { test_AESctr(cryspr_m, cryspr_cb, 0, ENCRYPT); } TEST_F(TestCRYSPRcypto, EncryptAESctr_tv1_192) { test_AESctr(cryspr_m, cryspr_cb, 1, ENCRYPT); } TEST_F(TestCRYSPRcypto, EncryptAESctr_tv1_256) { test_AESctr(cryspr_m, cryspr_cb, 2, ENCRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESctr_tv1_128) { test_AESctr(cryspr_m, cryspr_cb, 0, DECRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESctr_tv1_192) { test_AESctr(cryspr_m, cryspr_cb, 1, DECRYPT); } TEST_F(TestCRYSPRcypto, DecryptAESctr_tv1_256) { test_AESctr(cryspr_m, cryspr_cb, 2, DECRYPT); } #endif /* CRYSPR_HAS_AESCTR */ #endif /* SRT_ENABLE_ENCRYPTION */