Skip to content

Commit 05e253e

Browse files
justsmthjustsmth
committed
Add more tests
1 parent 6386c92 commit 05e253e

File tree

3 files changed

+435
-9
lines changed

3 files changed

+435
-9
lines changed

aws-lc-rs/src/cipher.rs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -107,8 +107,8 @@
107107
//!
108108
//! // Encrypt
109109
//! let mut first_update = encrypting_key
110-
//! .update(original_message, ciphertext_slice)
111-
//! .unwrap();
110+
//! .update(original_message, ciphertext_slice)
111+
//! .unwrap();
112112
//! let first_update_len = first_update.written().len();
113113
//! let (context, final_update) = encrypting_key.finish(first_update.remainder_mut()).unwrap();
114114
//! let ciphertext_len = first_update_len + final_update.written().len();

aws-lc-rs/src/cipher/streaming.rs

Lines changed: 241 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -355,12 +355,96 @@ impl StreamingDecryptingKey {
355355
#[cfg(test)]
356356
mod tests {
357357
use crate::cipher::{
358-
DecryptionContext, OperatingMode, StreamingDecryptingKey, StreamingEncryptingKey,
359-
UnboundCipherKey, AES_256, AES_256_KEY_LEN,
358+
DecryptionContext, EncryptionContext, OperatingMode, StreamingDecryptingKey,
359+
StreamingEncryptingKey, UnboundCipherKey, AES_128, AES_256, AES_256_KEY_LEN,
360360
};
361+
use crate::iv::{FixedLength, IV_LEN_128_BIT};
361362
use crate::rand::{SecureRandom, SystemRandom};
363+
use crate::test::from_hex;
362364
use paste::*;
363365

366+
#[test]
367+
fn test_encrypt_ctr_exact_fit_out_buffer() {
368+
let random = SystemRandom::new();
369+
370+
for plaintext_len in (8..200).step_by(7) {
371+
let mut plaintext = vec![0u8; plaintext_len];
372+
random.fill(&mut plaintext).unwrap();
373+
374+
for cipher_alg in [&AES_128, &AES_256] {
375+
let mut key = vec![0u8; cipher_alg.key_len];
376+
random.fill(&mut key).unwrap();
377+
378+
let unbound_key = UnboundCipherKey::new(cipher_alg, &key).unwrap();
379+
let mut encrypt_key = StreamingEncryptingKey::ctr(unbound_key).unwrap();
380+
381+
let mut ciphertext_buff = vec![0u8; plaintext_len];
382+
let mut buffer_update = encrypt_key
383+
.update(&plaintext, &mut ciphertext_buff)
384+
.unwrap();
385+
let (decrypt_ctx, _) = encrypt_key
386+
.finish(&mut buffer_update.remainder_mut())
387+
.unwrap();
388+
389+
let unbound_key2 = UnboundCipherKey::new(cipher_alg, &key).unwrap();
390+
let mut decrypt_key =
391+
StreamingDecryptingKey::ctr(unbound_key2, decrypt_ctx).unwrap();
392+
393+
let mut plaintext_buff = vec![0u8; plaintext_len];
394+
let mut buffer_update = decrypt_key
395+
.update(&ciphertext_buff, &mut plaintext_buff)
396+
.unwrap();
397+
let _ = decrypt_key
398+
.finish(&mut buffer_update.remainder_mut())
399+
.unwrap();
400+
401+
assert_eq!(&plaintext_buff, &plaintext);
402+
}
403+
}
404+
}
405+
406+
#[test]
407+
fn test_encrypt_cbc_exact_fit_out_buffer() {
408+
let random = SystemRandom::new();
409+
410+
for plaintext_len in (8..200).step_by(7) {
411+
let mut plaintext = vec![0u8; plaintext_len];
412+
random.fill(&mut plaintext).unwrap();
413+
414+
for cipher_alg in [&AES_128, &AES_256] {
415+
let mut key = vec![0u8; cipher_alg.key_len];
416+
random.fill(&mut key).unwrap();
417+
418+
let unbound_key = UnboundCipherKey::new(cipher_alg, &key).unwrap();
419+
let mut encrypt_key = StreamingEncryptingKey::cbc_pkcs7(unbound_key).unwrap();
420+
421+
let mut ciphertext_buff = vec![0u8; plaintext_len + cipher_alg.block_len()];
422+
let mut ciphertext_len = 0usize;
423+
let mut buffer_update = encrypt_key
424+
.update(&plaintext, &mut ciphertext_buff)
425+
.unwrap();
426+
ciphertext_len += buffer_update.written().len();
427+
let remaining_buff = buffer_update.remainder_mut();
428+
let (decrypt_ctx, buffer_update) = encrypt_key.finish(remaining_buff).unwrap();
429+
ciphertext_len += buffer_update.written().len();
430+
431+
let unbound_key2 = UnboundCipherKey::new(cipher_alg, &key).unwrap();
432+
let mut decrypt_key =
433+
StreamingDecryptingKey::cbc_pkcs7(unbound_key2, decrypt_ctx).unwrap();
434+
435+
let mut plaintext_buff = vec![0u8; plaintext_len + cipher_alg.block_len()];
436+
let mut buffer_update = decrypt_key
437+
.update(&ciphertext_buff[0..ciphertext_len], &mut plaintext_buff)
438+
.unwrap();
439+
let _ = decrypt_key
440+
.finish(&mut buffer_update.remainder_mut())
441+
.unwrap();
442+
443+
assert_eq!(&plaintext_buff[0..plaintext_len], &plaintext);
444+
}
445+
}
446+
}
447+
364448
fn step_encrypt(
365449
mut encrypting_key: StreamingEncryptingKey,
366450
plaintext: &[u8],
@@ -415,8 +499,8 @@ mod tests {
415499
ciphertext: &[u8],
416500
step: usize,
417501
) -> Box<[u8]> {
418-
let alg = decrypting_key.algorithm;
419-
let mode = decrypting_key.mode;
502+
let alg = decrypting_key.algorithm();
503+
let mode = decrypting_key.mode();
420504
let n = ciphertext.len();
421505
let mut plaintext = vec![0u8; n + alg.block_len()];
422506

@@ -598,4 +682,157 @@ mod tests {
598682
);
599683
}
600684
}
685+
686+
macro_rules! streaming_cipher_kat {
687+
($name:ident, $alg:expr, $mode:expr, $key:literal, $iv: literal, $plaintext:literal, $ciphertext:literal, $from_step:literal, $to_step:literal) => {
688+
#[test]
689+
fn $name() {
690+
let key = from_hex($key).unwrap();
691+
let input = from_hex($plaintext).unwrap();
692+
let expected_ciphertext = from_hex($ciphertext).unwrap();
693+
let iv = from_hex($iv).unwrap();
694+
695+
for step in ($from_step..=$to_step) {
696+
let ec = EncryptionContext::Iv128(
697+
FixedLength::<IV_LEN_128_BIT>::try_from(iv.as_slice()).unwrap(),
698+
);
699+
700+
let unbound_key = UnboundCipherKey::new($alg, &key).unwrap();
701+
702+
let encrypting_key =
703+
StreamingEncryptingKey::new(unbound_key, $mode, ec).unwrap();
704+
705+
let (ciphertext, decrypt_ctx) = step_encrypt(encrypting_key, &input, step);
706+
707+
assert_eq!(expected_ciphertext.as_slice(), ciphertext.as_ref());
708+
709+
let unbound_key2 = UnboundCipherKey::new($alg, &key).unwrap();
710+
let decrypting_key =
711+
StreamingDecryptingKey::new(unbound_key2, $mode, decrypt_ctx).unwrap();
712+
713+
let plaintext = step_decrypt(decrypting_key, &ciphertext, step);
714+
assert_eq!(input.as_slice(), plaintext.as_ref());
715+
}
716+
}
717+
};
718+
}
719+
720+
streaming_cipher_kat!(
721+
test_iv_aes_128_ctr_16_bytes,
722+
&AES_128,
723+
OperatingMode::CTR,
724+
"000102030405060708090a0b0c0d0e0f",
725+
"00000000000000000000000000000000",
726+
"00112233445566778899aabbccddeeff",
727+
"c6b01904c3da3df5e7d62bd96d153686",
728+
2,
729+
9
730+
);
731+
streaming_cipher_kat!(
732+
test_iv_aes_256_ctr_15_bytes,
733+
&AES_256,
734+
OperatingMode::CTR,
735+
"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
736+
"00000000000000000000000000000000",
737+
"00112233445566778899aabbccddee",
738+
"f28122856e1cf9a7216a30d111f399",
739+
2,
740+
9
741+
);
742+
743+
streaming_cipher_kat!(
744+
test_openssl_aes_128_ctr_15_bytes,
745+
&AES_128,
746+
OperatingMode::CTR,
747+
"244828580821c1652582c76e34d299f5",
748+
"093145d5af233f46072a5eb5adc11aa1",
749+
"3ee38cec171e6cf466bf0df98aa0e1",
750+
"bd7d928f60e3422d96b3f8cd614eb2",
751+
2,
752+
9
753+
);
754+
755+
streaming_cipher_kat!(
756+
test_openssl_aes_256_ctr_15_bytes,
757+
&AES_256,
758+
OperatingMode::CTR,
759+
"0857db8240ea459bdf660b4cced66d1f2d3734ff2de7b81e92740e65e7cc6a1d",
760+
"f028ecb053f801102d11fccc9d303a27",
761+
"eca7285d19f3c20e295378460e8729",
762+
"b5098e5e788de6ac2f2098eb2fc6f8",
763+
2,
764+
9
765+
);
766+
767+
streaming_cipher_kat!(
768+
test_iv_aes_128_cbc_16_bytes,
769+
&AES_128,
770+
OperatingMode::CBC,
771+
"000102030405060708090a0b0c0d0e0f",
772+
"00000000000000000000000000000000",
773+
"00112233445566778899aabbccddeeff",
774+
"69c4e0d86a7b0430d8cdb78070b4c55a9e978e6d16b086570ef794ef97984232",
775+
2,
776+
9
777+
);
778+
779+
streaming_cipher_kat!(
780+
test_iv_aes_256_cbc_15_bytes,
781+
&AES_256,
782+
OperatingMode::CBC,
783+
"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
784+
"00000000000000000000000000000000",
785+
"00112233445566778899aabbccddee",
786+
"2ddfb635a651a43f582997966840ca0c",
787+
2,
788+
9
789+
);
790+
791+
streaming_cipher_kat!(
792+
test_openssl_aes_128_cbc_15_bytes,
793+
&AES_128,
794+
OperatingMode::CBC,
795+
"053304bb3899e1d99db9d29343ea782d",
796+
"b5313560244a4822c46c2a0c9d0cf7fd",
797+
"a3e4c990356c01f320043c3d8d6f43",
798+
"ad96993f248bd6a29760ec7ccda95ee1",
799+
2,
800+
9
801+
);
802+
803+
streaming_cipher_kat!(
804+
test_openssl_aes_128_cbc_16_bytes,
805+
&AES_128,
806+
OperatingMode::CBC,
807+
"95af71f1c63e4a1d0b0b1a27fb978283",
808+
"89e40797dca70197ff87d3dbb0ef2802",
809+
"aece7b5e3c3df1ffc9802d2dfe296dc7",
810+
"301b5dab49fb11e919d0d39970d06739301919743304f23f3cbc67d28564b25b",
811+
2,
812+
9
813+
);
814+
815+
streaming_cipher_kat!(
816+
test_openssl_aes_256_cbc_15_bytes,
817+
&AES_256,
818+
OperatingMode::CBC,
819+
"d369e03e9752784917cc7bac1db7399598d9555e691861d9dd7b3292a693ef57",
820+
"1399bb66b2f6ad99a7f064140eaaa885",
821+
"7385f5784b85bf0a97768ddd896d6d",
822+
"4351082bac9b4593ae8848cc9dfb5a01",
823+
2,
824+
9
825+
);
826+
827+
streaming_cipher_kat!(
828+
test_openssl_aes_256_cbc_16_bytes,
829+
&AES_256,
830+
OperatingMode::CBC,
831+
"d4a8206dcae01242f9db79a4ecfe277d0f7bb8ccbafd8f9809adb39f35aa9b41",
832+
"24f6076548fb9d93c8f7ed9f6e661ef9",
833+
"a39c1fdf77ea3e1f18178c0ec237c70a",
834+
"f1af484830a149ee0387b854d65fe87ca0e62efc1c8e6909d4b9ab8666470453",
835+
2,
836+
9
837+
);
601838
}

0 commit comments

Comments
 (0)