Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 159ba63dd9e250276698395b3a4352167edf69d2 / . / tests / unit-tests / crypto-helper.t.cpp
blob: 1d86e2ce9caa071dae2492ab8ad9c1bc1a195547 [file] [log] [blame]
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]2/*
Zhiyi Zhanga67fa462020-04-19 13:48:03 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangdc25ddf2020-10-20 14:28:55 -0700[diff] [blame]21#include "detail/crypto-helpers.hpp"
Zhiyi Zhang5d80e1e2020-09-25 11:34:54 -0700[diff] [blame]22#include "test-common.hpp"
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]23
24namespace ndn {
25namespace ndncert {
26namespace tests {
27
28BOOST_AUTO_TEST_SUITE(TestCryptoHelper)
29
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]30BOOST_AUTO_TEST_CASE(EcdhWithRawKey)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]31{
32 ECDHState aliceState;
33 auto alicePub = aliceState.getRawSelfPubKey();
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]34 BOOST_CHECK(aliceState.m_publicKeyLen != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]35
36 ECDHState bobState;
37 auto bobPub = bobState.getRawSelfPubKey();
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]38 BOOST_CHECK(bobState.m_publicKeyLen != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]39
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]40 auto aliceResult = aliceState.deriveSecret(bobPub, bobState.m_publicKeyLen);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]41
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]42 BOOST_CHECK(aliceState.m_sharedSecretLen != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]43
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]44 auto bobResult = bobState.deriveSecret(alicePub, aliceState.m_publicKeyLen);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]45
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]46 BOOST_CHECK(bobState.m_sharedSecretLen != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]47
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]48 BOOST_CHECK_EQUAL_COLLECTIONS(aliceResult, aliceResult + 32, bobResult, bobResult + 32);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]49}
50
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]51BOOST_AUTO_TEST_CASE(EcdhWithRawKeyWrongInput)
52{
53 ECDHState aliceState;
54 auto alicePub = aliceState.getRawSelfPubKey();
55 BOOST_CHECK(alicePub != nullptr);
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]56 BOOST_CHECK(aliceState.m_publicKeyLen != 0);
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]57 uint8_t fakePub[] = {0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
Zhiyi Zhangccd5a0c2020-10-12 13:48:16 -0700[diff] [blame]58 BOOST_CHECK_THROW(aliceState.deriveSecret(fakePub, sizeof(fakePub)), std::runtime_error);
Zhiyi Zhang8da54d62019-11-21 00:03:05 -0800[diff] [blame]59}
60
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]61BOOST_AUTO_TEST_CASE(EcdhWithBase64Key)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]62{
63 ECDHState aliceState;
64 auto alicePub = aliceState.getBase64PubKey();
65 BOOST_CHECK(alicePub != "");
66
67 ECDHState bobState;
68 auto bobPub = bobState.getBase64PubKey();
69 BOOST_CHECK(bobPub != "");
70
71 auto aliceResult = aliceState.deriveSecret(bobPub);
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]72 BOOST_CHECK(aliceState.m_sharedSecretLen != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]73
74 auto bobResult = bobState.deriveSecret(alicePub);
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]75 BOOST_CHECK(bobState.m_sharedSecretLen != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]76
Zhiyi Zhangcfad98d2020-10-11 11:25:14 -0700[diff] [blame]77 BOOST_CHECK_EQUAL_COLLECTIONS(aliceResult, aliceResult + 32, bobResult, bobResult + 32);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]78}
79
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]80BOOST_AUTO_TEST_CASE(HmacSha256)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]81{
Zhiyi Zhangdd308932020-10-16 21:59:06 -0700[diff] [blame]82 const uint8_t input[] = {0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
83 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
84 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]85 const uint8_t salt[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
86 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c};
87 const uint8_t expected[] = {0x07, 0x77, 0x09, 0x36, 0x2c, 0x2e, 0x32, 0xdf,
88 0x0d, 0xdc, 0x3f, 0x0d, 0xc4, 0x7b, 0xba, 0x63,
89 0x90, 0xb6, 0xc7, 0x3b, 0xb5, 0x0f, 0x9c, 0x31,
90 0x22, 0xec, 0x84, 0x4a, 0xd7, 0xc2, 0xb3, 0xe5};
91 uint8_t result[32];
Zhiyi Zhangdd308932020-10-16 21:59:06 -0700[diff] [blame]92 hmac_sha256(input, sizeof(input), salt, sizeof(salt), result);
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]93 BOOST_CHECK_EQUAL_COLLECTIONS(result, result + sizeof(result), expected,
94 expected + sizeof(expected));
95}
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]96
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]97BOOST_AUTO_TEST_CASE(Hkdf1)
98{
99 // RFC5869 appendix A.1
100 const uint8_t ikm[] = {0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
101 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
102 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
103 const uint8_t salt[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
104 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c};
105 const uint8_t info[] = {0xf0, 0xf1, 0xf2, 0xf3, 0xf4,
106 0xf5, 0xf6, 0xf7, 0xf8, 0xf9};
107 const uint8_t expected[] = {
108 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, 0x90, 0x43, 0x4f,
109 0x64, 0xd0, 0x36, 0x2f, 0x2a, 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a,
110 0x5a, 0x4c, 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, 0x34,
111 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, 0x58, 0x65};
112 uint8_t result[42];
113 auto resultLen = hkdf(ikm, sizeof(ikm), salt, sizeof(salt), result,
114 sizeof(result), info, sizeof(info));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]115
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]116 BOOST_CHECK_EQUAL(resultLen, sizeof(result));
117 BOOST_CHECK_EQUAL_COLLECTIONS(result, result + sizeof(result), expected,
118 expected + sizeof(expected));
119}
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]120
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]121BOOST_AUTO_TEST_CASE(Hkdf2)
122{
123 // RFC5869 appendix A.2
124 const uint8_t ikm[] = {
125 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
126 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
127 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
128 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
129 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
130 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
131 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f};
132 const uint8_t salt[] = {
133 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b,
134 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
135 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x80, 0x81, 0x82, 0x83,
136 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
137 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b,
138 0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
139 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf};
140 const uint8_t info[] = {
141 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb,
142 0xbc, 0xbd, 0xbe, 0xbf, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
143 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3,
144 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
145 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb,
146 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
147 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff};
148 const uint8_t expected[] = {
149 0xb1, 0x1e, 0x39, 0x8d, 0xc8, 0x03, 0x27, 0xa1, 0xc8, 0xe7, 0xf7, 0x8c,
150 0x59, 0x6a, 0x49, 0x34, 0x4f, 0x01, 0x2e, 0xda, 0x2d, 0x4e, 0xfa, 0xd8,
151 0xa0, 0x50, 0xcc, 0x4c, 0x19, 0xaf, 0xa9, 0x7c, 0x59, 0x04, 0x5a, 0x99,
152 0xca, 0xc7, 0x82, 0x72, 0x71, 0xcb, 0x41, 0xc6, 0x5e, 0x59, 0x0e, 0x09,
153 0xda, 0x32, 0x75, 0x60, 0x0c, 0x2f, 0x09, 0xb8, 0x36, 0x77, 0x93, 0xa9,
154 0xac, 0xa3, 0xdb, 0x71, 0xcc, 0x30, 0xc5, 0x81, 0x79, 0xec, 0x3e, 0x87,
155 0xc1, 0x4c, 0x01, 0xd5, 0xc1, 0xf3, 0x43, 0x4f, 0x1d, 0x87};
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]156
Davide Pesavento368341b2019-08-13 23:57:50 -0400[diff] [blame]157 uint8_t result[82];
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]158 auto resultLen = hkdf(ikm, sizeof(ikm), salt, sizeof(salt), result,
159 sizeof(result), info, sizeof(info));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]160
Zhiyi Zhanga2ce5992019-08-14 17:35:00 -0700[diff] [blame]161 BOOST_CHECK_EQUAL(resultLen, sizeof(result));
162 BOOST_CHECK_EQUAL_COLLECTIONS(result, result + sizeof(result), expected,
163 expected + sizeof(expected));
164}
165
166BOOST_AUTO_TEST_CASE(Hkdf3)
167{
168 // RFC5869 appendix A.3
169 const uint8_t ikm[] = {0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
170 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
171 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
172 const uint8_t expected[] = {
173 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f, 0x71, 0x5f, 0x80,
174 0x2a, 0x06, 0x3c, 0x5a, 0x31, 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1,
175 0x87, 0x9e, 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d, 0x9d,
176 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a, 0x96, 0xc8};
177 uint8_t result[42];
178
179 auto resultLen = hkdf(ikm, sizeof(ikm), nullptr, 0, result,
180 sizeof(result), nullptr, 0);
181
182 BOOST_CHECK_EQUAL(resultLen, sizeof(result));
183 BOOST_CHECK_EQUAL_COLLECTIONS(result, result + sizeof(result), expected,
184 expected + sizeof(expected));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]185}
186
Zhiyi Zhanga67fa462020-04-19 13:48:03 -0700[diff] [blame]187BOOST_AUTO_TEST_CASE(AesGcm1)
188{
189 // Test case from NIST Cryptographic Algorithm Validation Program
190 // https://csrc.nist.gov/Projects/cryptographic-algorithm-validation-program/CAVP-TESTING-BLOCK-CIPHER-MODES
191 // Count = 0
192 // Key = cf063a34d4a9a76c2c86787d3f96db71
193 // IV = 113b9785971864c83b01c787
194 // CT =
195 // AAD =
196 // Tag = 72ac8493e3a5228b5d130a69d2510e42
197 // PT =
198 const uint8_t key[] = {0xcf, 0x06, 0x3a, 0x34, 0xd4, 0xa9, 0xa7, 0x6c,
199 0x2c, 0x86, 0x78, 0x7d, 0x3f, 0x96, 0xdb, 0x71};
200 const uint8_t iv[] = {0x11, 0x3b, 0x97, 0x85, 0x97, 0x18,
201 0x64, 0xc8, 0x3b, 0x01, 0xc7, 0x87};
202 const uint8_t expected_tag[] = {0x72, 0xac, 0x84, 0x93, 0xe3, 0xa5,
203 0x22, 0x8b, 0x5d, 0x13, 0x0a, 0x69,
204 0xd2, 0x51, 0x0e, 0x42};
205
206 uint8_t ciphertext[256] = {0};
207 uint8_t tag[16] = {0};
tylerliu06aa3682020-10-12 22:03:42 -0700[diff] [blame]208 const uint8_t empty_buffer[1] = {0};
209 int size = aes_gcm_128_encrypt(empty_buffer, 0, empty_buffer, 0, key, iv, ciphertext, tag);
Zhiyi Zhanga67fa462020-04-19 13:48:03 -0700[diff] [blame]210 BOOST_CHECK(size == 0);
211 BOOST_CHECK_EQUAL_COLLECTIONS(tag, tag + 16, expected_tag, expected_tag + sizeof(expected_tag));
212
213 uint8_t decrypted[256] = {0};
tylerliuad1ade52020-10-13 11:21:27 -0700[diff] [blame]214 size = aes_gcm_128_decrypt(ciphertext, size, empty_buffer, 0, tag, key, iv, decrypted);
Zhiyi Zhanga67fa462020-04-19 13:48:03 -0700[diff] [blame]215 BOOST_CHECK(size == 0);
216}
217
218BOOST_AUTO_TEST_CASE(AesGcm2)
219{
220 // Test case from NIST Cryptographic Algorithm Validation Program
221 // https://csrc.nist.gov/Projects/cryptographic-algorithm-validation-program/CAVP-TESTING-BLOCK-CIPHER-MODES
222 // Count = 1
223 // Key = 2370e320d4344208e0ff5683f243b213
224 // IV = 04dbb82f044d30831c441228
225 // CT =
226 // AAD = d43a8e5089eea0d026c03a85178b27da
227 // Tag = 2a049c049d25aa95969b451d93c31c6e
228 // PT =
229 const uint8_t key[] = {0x23, 0x70, 0xe3, 0x20, 0xd4, 0x34, 0x42, 0x08,
230 0xe0, 0xff, 0x56, 0x83, 0xf2, 0x43, 0xb2, 0x13};
231 const uint8_t iv[] = {0x04, 0xdb, 0xb8, 0x2f, 0x04, 0x4d,
232 0x30, 0x83, 0x1c, 0x44, 0x12, 0x28};
233 const uint8_t aad[] = {0xd4, 0x3a, 0x8e, 0x50, 0x89, 0xee, 0xa0, 0xd0,
234 0x26, 0xc0, 0x3a, 0x85, 0x17, 0x8b, 0x27, 0xda};
235 const uint8_t expected_tag[] = {0x2a, 0x04, 0x9c, 0x04, 0x9d, 0x25,
236 0xaa, 0x95, 0x96, 0x9b, 0x45, 0x1d,
237 0x93, 0xc3, 0x1c, 0x6e};
238
239 uint8_t ciphertext[256] = {0};
240 uint8_t tag[16] = {0};
tylerliu06aa3682020-10-12 22:03:42 -0700[diff] [blame]241 const uint8_t empty_buffer[1] = {0};
242 int size = aes_gcm_128_encrypt(empty_buffer, 0, aad, sizeof(aad), key, iv, ciphertext, tag);
Zhiyi Zhanga67fa462020-04-19 13:48:03 -0700[diff] [blame]243 BOOST_CHECK(size == 0);
244 BOOST_CHECK_EQUAL_COLLECTIONS(tag, tag + 16, expected_tag, expected_tag + sizeof(expected_tag));
245
246 uint8_t decrypted[256] = {0};
247 size = aes_gcm_128_decrypt(ciphertext, size, aad, sizeof(aad), tag, key, iv, decrypted);
248 BOOST_CHECK(size == 0);
249}
250
251BOOST_AUTO_TEST_CASE(AesGcm3)
252{
253 // Test case from NIST Cryptographic Algorithm Validation Program
254 // https://csrc.nist.gov/Projects/cryptographic-algorithm-validation-program/CAVP-TESTING-BLOCK-CIPHER-MODES
255 // Count = 0
256 // Key = bc22f3f05cc40db9311e4192966fee92
257 // IV = 134988e662343c06d3ab83db
258 // CT = 4c0168ab95d3a10ef25e5924108389365c67d97778995892d9fd46897384af61fc559212b3267e90fe4df7bfd1fbed46f4b9ee
259 // AAD = 10087e6ed81049b509c31d12fee88c64
260 // Tag = 771357958a316f166bd0dacc98ea801a
261 // PT = 337c1bc992386cf0f957617fe4d5ec1218ae1cc40369305518eb177e9b15c1646b142ff71237efaa58790080cd82e8848b295c
262 const uint8_t key[] = {0xbc, 0x22, 0xf3, 0xf0, 0x5c, 0xc4, 0x0d, 0xb9,
263 0x31, 0x1e, 0x41, 0x92, 0x96, 0x6f, 0xee, 0x92};
264 const uint8_t iv[] = {0x13, 0x49, 0x88, 0xe6, 0x62, 0x34,
265 0x3c, 0x06, 0xd3, 0xab, 0x83, 0xdb};
266 const uint8_t aad[] = {0x10, 0x08, 0x7e, 0x6e, 0xd8, 0x10, 0x49, 0xb5,
267 0x09, 0xc3, 0x1d, 0x12, 0xfe, 0xe8, 0x8c, 0x64};
268 const uint8_t expected_ciphertext[] = {
269 0x4c, 0x01, 0x68, 0xab, 0x95, 0xd3, 0xa1, 0x0e, 0xf2, 0x5e, 0x59,
270 0x24, 0x10, 0x83, 0x89, 0x36, 0x5c, 0x67, 0xd9, 0x77, 0x78, 0x99,
271 0x58, 0x92, 0xd9, 0xfd, 0x46, 0x89, 0x73, 0x84, 0xaf, 0x61, 0xfc,
272 0x55, 0x92, 0x12, 0xb3, 0x26, 0x7e, 0x90, 0xfe, 0x4d, 0xf7, 0xbf,
273 0xd1, 0xfb, 0xed, 0x46, 0xf4, 0xb9, 0xee};
274 const uint8_t expected_tag[] = {0x77, 0x13, 0x57, 0x95, 0x8a, 0x31,
275 0x6f, 0x16, 0x6b, 0xd0, 0xda, 0xcc,
276 0x98, 0xea, 0x80, 0x1a};
277 const uint8_t plaintext[] = {
278 0x33, 0x7c, 0x1b, 0xc9, 0x92, 0x38, 0x6c, 0xf0, 0xf9, 0x57, 0x61,
279 0x7f, 0xe4, 0xd5, 0xec, 0x12, 0x18, 0xae, 0x1c, 0xc4, 0x03, 0x69,
280 0x30, 0x55, 0x18, 0xeb, 0x17, 0x7e, 0x9b, 0x15, 0xc1, 0x64, 0x6b,
281 0x14, 0x2f, 0xf7, 0x12, 0x37, 0xef, 0xaa, 0x58, 0x79, 0x00, 0x80,
282 0xcd, 0x82, 0xe8, 0x84, 0x8b, 0x29, 0x5c};
283
284 uint8_t ciphertext[256] = {0};
285 uint8_t tag[16] = {0};
286 int size = aes_gcm_128_encrypt(plaintext, sizeof(plaintext), aad, sizeof(aad), key, iv, ciphertext, tag);
287 BOOST_CHECK_EQUAL_COLLECTIONS(ciphertext, ciphertext + size,
288 expected_ciphertext, expected_ciphertext + sizeof(expected_ciphertext));
289 BOOST_CHECK_EQUAL_COLLECTIONS(tag, tag + 16, expected_tag, expected_tag + sizeof(expected_tag));
290
291 uint8_t decrypted[256] = {0};
292 size = aes_gcm_128_decrypt(ciphertext, size, aad, sizeof(aad), tag, key, iv, decrypted);
Zhiyi Zhang82e0c722020-10-14 17:51:29 -0700[diff] [blame]293 BOOST_CHECK_EQUAL_COLLECTIONS(decrypted, decrypted + size,
294 plaintext, plaintext + sizeof(plaintext));
Zhiyi Zhanga67fa462020-04-19 13:48:03 -0700[diff] [blame]295}
296
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]297BOOST_AUTO_TEST_CASE(AesIV)
298{
299 const uint8_t key[] = {0xbc, 0x22, 0xf3, 0xf0, 0x5c, 0xc4, 0x0d, 0xb9,
300 0x31, 0x1e, 0x41, 0x92, 0x96, 0x6f, 0xee, 0x92};
301 const std::string plaintext = "alongstringalongstringalongstringalongstringalongstringalongstringalongstringalongstring";
302 const std::string associatedData = "test";
303 uint32_t counter = 0;
304 auto block = encodeBlockWithAesGcm128(ndn::tlv::Content, key, (uint8_t*)plaintext.c_str(), plaintext.size(),
305 (uint8_t*)associatedData.c_str(), associatedData.size(), counter);
306 block.parse();
307 auto ivBlock = block.get(tlv::InitializationVector);
308 Buffer ivBuf(ivBlock.value(), ivBlock.value_size());
309 BOOST_CHECK_EQUAL(ivBuf.size(), 12);
310 BOOST_CHECK(ivBuf[0] >= 128);
311 BOOST_CHECK_EQUAL(ivBuf[8] + ivBuf[9] + ivBuf[10] + ivBuf[11], 0);
Zhiyi Zhang159ba632020-10-20 15:09:12 -0700[diff] [blame^]312 BOOST_CHECK_EQUAL(counter, 6);
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]313 counter = 300;
314 block = encodeBlockWithAesGcm128(ndn::tlv::ApplicationParameters, key, (uint8_t*)plaintext.c_str(), plaintext.size(),
315 (uint8_t*)associatedData.c_str(), associatedData.size(), counter);
316 block.parse();
317 ivBlock = block.get(tlv::InitializationVector);
318 Buffer ivBuf2(ivBlock.value(), ivBlock.value_size());
319 BOOST_CHECK_EQUAL(ivBuf2.size(), 12);
320 BOOST_CHECK(ivBuf2[0] < 128);
321 BOOST_CHECK_EQUAL(ivBuf2[8] + ivBuf2[9], 0);
322 BOOST_CHECK_EQUAL(ivBuf2[10], 1);
323 BOOST_CHECK_EQUAL(ivBuf2[11], 44);
Zhiyi Zhang159ba632020-10-20 15:09:12 -0700[diff] [blame^]324 BOOST_CHECK_EQUAL(counter, 306);
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]325}
326
Zhiyi Zhangc5d93a92020-10-14 17:07:35 -0700[diff] [blame]327BOOST_AUTO_TEST_CASE(BlockEncodingDecoding)
328{
329 const uint8_t key[] = {0xbc, 0x22, 0xf3, 0xf0, 0x5c, 0xc4, 0x0d, 0xb9,
330 0x31, 0x1e, 0x41, 0x92, 0x96, 0x6f, 0xee, 0x92};
331 const std::string plaintext = "alongstringalongstringalongstringalongstringalongstringalongstringalongstringalongstring";
Zhiyi Zhangdd308932020-10-16 21:59:06 -0700[diff] [blame]332 const std::string associatedData = "right";
333 const std::string wrongAssociatedData = "wrong";
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]334 uint32_t counter = 0;
Zhiyi Zhangc5d93a92020-10-14 17:07:35 -0700[diff] [blame]335 auto block = encodeBlockWithAesGcm128(ndn::tlv::Content, key, (uint8_t*)plaintext.c_str(), plaintext.size(),
Zhiyi Zhang222810b2020-10-16 21:50:35 -0700[diff] [blame]336 (uint8_t*)associatedData.c_str(), associatedData.size(), counter);
Zhiyi Zhangc5d93a92020-10-14 17:07:35 -0700[diff] [blame]337 auto decoded = decodeBlockWithAesGcm128(block, key, (uint8_t*)associatedData.c_str(), associatedData.size());
Zhiyi Zhangdd308932020-10-16 21:59:06 -0700[diff] [blame]338 BOOST_CHECK_EQUAL(plaintext, std::string(decoded.get<char>(), decoded.size()));
339 decoded = decodeBlockWithAesGcm128(block, key, (uint8_t*)wrongAssociatedData.c_str(), wrongAssociatedData.size());
340 BOOST_CHECK_EQUAL(decoded.size(), 0);
Zhiyi Zhangc5d93a92020-10-14 17:07:35 -0700[diff] [blame]341}
342
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]343BOOST_AUTO_TEST_SUITE_END()
344
345} // namespace tests
346} // namespace ndncert
347} // namespace ndn