diff options
Diffstat (limited to 'testsuite/testutils.c')
-rw-r--r-- | testsuite/testutils.c | 150 |
1 files changed, 150 insertions, 0 deletions
diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 391f7b58..3420ae9d 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -908,6 +908,156 @@ test_aead(const struct nettle_aead *aead, } void +test_aead_message (const struct nettle_aead_message *aead, + const struct tstring *key, + const struct tstring *nonce, + const struct tstring *adata, + const struct tstring *clear, + const struct tstring *cipher) +{ + void *ctx = xalloc (aead->context_size); + uint8_t *buf = xalloc (cipher->length + 1); + uint8_t *copy = xalloc (cipher->length); + + static const uint8_t nul = 0; + int res; + + ASSERT (key->length == aead->key_size); + ASSERT (cipher->length > clear->length); + ASSERT (cipher->length - clear->length == aead->digest_size); + + aead->set_encrypt_key (ctx, key->data); + buf[cipher->length] = 0xae; + aead->encrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + cipher->length, buf, clear->data); + if (!MEMEQ (cipher->length, cipher->data, buf)) + { + fprintf(stderr, "aead->encrypt (message) failed:\n got: "); + print_hex (cipher->length, buf); + fprintf (stderr, " exp: "); + tstring_print_hex (cipher); + FAIL(); + } + if (buf[cipher->length] != 0xae) + { + fprintf (stderr, "aead->encrypt (message) wrote too much.\n "); + FAIL(); + } + aead->set_decrypt_key (ctx, key->data); + + memset (buf, 0xae, clear->length + 1); + + res = aead->decrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + clear->length, buf, cipher->data); + if (!res) + { + fprintf (stderr, "decrypting valid ciphertext failed:\n "); + tstring_print_hex (cipher); + } + if (!MEMEQ (clear->length, clear->data, buf)) + { + fprintf(stderr, "aead->decrypt (message) failed:\n got: "); + print_hex (clear->length, buf); + fprintf (stderr, " exp: "); + tstring_print_hex (clear); + FAIL(); + } + + /* Invalid messages */ + if (clear->length > 0 + && aead->decrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + clear->length - 1, buf, cipher->data)) + { + fprintf (stderr, "Invalid message (truncated) not rejected\n"); + FAIL(); + } + memcpy (copy, cipher->data, cipher->length); + copy[0] ^= 4; + if (aead->decrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + clear->length, buf, copy)) + { + fprintf (stderr, "Invalid message (first byte modified) not rejected\n"); + FAIL(); + } + + memcpy (copy, cipher->data, cipher->length); + copy[cipher->length - 1] ^= 4; + if (aead->decrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + clear->length, buf, copy)) + { + fprintf (stderr, "Invalid message (last byte modified) not rejected\n"); + FAIL(); + } + + if (aead->decrypt (ctx, + nonce->length, nonce->data, + adata->length > 0 ? adata->length - 1 : 1, + adata->length > 0 ? adata->data : &nul, + clear->length, buf, cipher->data)) + { + fprintf (stderr, "Invalid adata not rejected\n"); + FAIL(); + } + + /* Test in-place operation. NOTE: Not supported for SIV-CMAC. */ + if (aead->supports_inplace) + { + aead->set_encrypt_key (ctx, key->data); + buf[cipher->length] = 0xae; + + memcpy (buf, clear->data, clear->length); + aead->encrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + cipher->length, buf, buf); + if (!MEMEQ (cipher->length, cipher->data, buf)) + { + fprintf(stderr, "aead->encrypt (in-place message) failed:\n got: "); + print_hex (cipher->length, buf); + fprintf (stderr, " exp: "); + tstring_print_hex (cipher); + FAIL(); + } + if (buf[cipher->length] != 0xae) + { + fprintf (stderr, "aead->encrypt (in-place message) wrote too much.\n "); + FAIL(); + } + + res = aead->decrypt (ctx, + nonce->length, nonce->data, + adata->length, adata->data, + clear->length, buf, buf); + if (!res) + { + fprintf (stderr, "in-place decrypting valid ciphertext failed:\n "); + tstring_print_hex (cipher); + } + if (!MEMEQ (clear->length, clear->data, buf)) + { + fprintf(stderr, "aead->decrypt (in-place message) failed:\n got: "); + print_hex (clear->length, buf); + fprintf (stderr, " exp: "); + tstring_print_hex (clear); + FAIL(); + } + } + free (ctx); + free (buf); + free (copy); +} + +void test_hash(const struct nettle_hash *hash, const struct tstring *msg, const struct tstring *digest) |