1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/encryptor.h"
12 #include "base/macros.h"
13 #include "base/strings/string_number_conversions.h"
14 #include "crypto/symmetric_key.h"
15 #include "testing/gtest/include/gtest/gtest.h"
17 TEST(EncryptorTest, EncryptDecrypt) {
18 std::unique_ptr<crypto::SymmetricKey> key(
19 crypto::SymmetricKey::DeriveKeyFromPassword(
20 crypto::SymmetricKey::AES, "password", "saltiest", 1000, 256));
21 EXPECT_TRUE(key.get());
23 crypto::Encryptor encryptor;
24 // The IV must be exactly as long as the cipher block size.
25 std::string iv("the iv: 16 bytes");
26 EXPECT_EQ(16U, iv.size());
27 EXPECT_TRUE(encryptor.Init(key.get(), crypto::Encryptor::CBC, iv));
29 std::string plaintext("this is the plaintext");
30 std::string ciphertext;
31 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
33 EXPECT_LT(0U, ciphertext.size());
35 std::string decrypted;
36 EXPECT_TRUE(encryptor.Decrypt(ciphertext, &decrypted));
38 EXPECT_EQ(plaintext, decrypted);
41 TEST(EncryptorTest, DecryptWrongKey) {
42 std::unique_ptr<crypto::SymmetricKey> key(
43 crypto::SymmetricKey::DeriveKeyFromPassword(
44 crypto::SymmetricKey::AES, "password", "saltiest", 1000, 256));
45 EXPECT_TRUE(key.get());
47 // A wrong key that can be detected by implementations that validate every
48 // byte in the padding.
49 std::unique_ptr<crypto::SymmetricKey> wrong_key(
50 crypto::SymmetricKey::DeriveKeyFromPassword(
51 crypto::SymmetricKey::AES, "wrongword", "sweetest", 1000, 256));
52 EXPECT_TRUE(wrong_key.get());
54 // A wrong key that can't be detected by any implementation. The password
55 // "wrongword;" would also work.
56 std::unique_ptr<crypto::SymmetricKey> wrong_key2(
57 crypto::SymmetricKey::DeriveKeyFromPassword(
58 crypto::SymmetricKey::AES, "wrongword+", "sweetest", 1000, 256));
59 EXPECT_TRUE(wrong_key2.get());
61 // A wrong key that can be detected by all implementations.
62 std::unique_ptr<crypto::SymmetricKey> wrong_key3(
63 crypto::SymmetricKey::DeriveKeyFromPassword(
64 crypto::SymmetricKey::AES, "wrongwordx", "sweetest", 1000, 256));
65 EXPECT_TRUE(wrong_key3.get());
67 crypto::Encryptor encryptor;
68 // The IV must be exactly as long as the cipher block size.
69 std::string iv("the iv: 16 bytes");
70 EXPECT_EQ(16U, iv.size());
71 EXPECT_TRUE(encryptor.Init(key.get(), crypto::Encryptor::CBC, iv));
73 std::string plaintext("this is the plaintext");
74 std::string ciphertext;
75 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
77 static const unsigned char expected_ciphertext[] = {
78 0x7D, 0x67, 0x5B, 0x53, 0xE6, 0xD8, 0x0F, 0x27,
79 0x74, 0xB1, 0x90, 0xFE, 0x6E, 0x58, 0x4A, 0xA0,
80 0x0E, 0x35, 0xE3, 0x01, 0xC0, 0xFE, 0x9A, 0xD8,
81 0x48, 0x1D, 0x42, 0xB0, 0xBA, 0x21, 0xB2, 0x0C
84 ASSERT_EQ(arraysize(expected_ciphertext), ciphertext.size());
85 for (size_t i = 0; i < ciphertext.size(); ++i) {
86 ASSERT_EQ(expected_ciphertext[i],
87 static_cast<unsigned char>(ciphertext[i]));
90 std::string decrypted;
92 // This wrong key causes the last padding byte to be 5, which is a valid
93 // padding length, and the second to last padding byte to be 137, which is
94 // invalid. If an implementation simply uses the last padding byte to
95 // determine the padding length without checking every padding byte,
96 // Encryptor::Decrypt() will still return true. This is the case for NSS
97 // (crbug.com/124434).
98 crypto::Encryptor decryptor;
99 EXPECT_TRUE(decryptor.Init(wrong_key.get(), crypto::Encryptor::CBC, iv));
100 EXPECT_FALSE(decryptor.Decrypt(ciphertext, &decrypted));
102 // This demonstrates that not all wrong keys can be detected by padding
103 // error. This wrong key causes the last padding byte to be 1, which is
104 // a valid padding block of length 1.
105 crypto::Encryptor decryptor2;
106 EXPECT_TRUE(decryptor2.Init(wrong_key2.get(), crypto::Encryptor::CBC, iv));
107 EXPECT_TRUE(decryptor2.Decrypt(ciphertext, &decrypted));
109 // This wrong key causes the last padding byte to be 253, which should be
110 // rejected by all implementations.
111 crypto::Encryptor decryptor3;
112 EXPECT_TRUE(decryptor3.Init(wrong_key3.get(), crypto::Encryptor::CBC, iv));
113 EXPECT_FALSE(decryptor3.Decrypt(ciphertext, &decrypted));
118 // From NIST SP 800-38a test cast:
119 // - F.5.1 CTR-AES128.Encrypt
120 // - F.5.6 CTR-AES256.Encrypt
121 // http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
122 const unsigned char kAES128CTRKey[] = {
123 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
124 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
127 const unsigned char kAES256CTRKey[] = {
128 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
129 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
130 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
131 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
134 const unsigned char kAESCTRInitCounter[] = {
135 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
136 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
139 const unsigned char kAESCTRPlaintext[] = {
141 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
142 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
144 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
145 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
147 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
148 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
150 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
151 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
154 const unsigned char kAES128CTRCiphertext[] = {
156 0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26,
157 0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce,
159 0x98, 0x06, 0xf6, 0x6b, 0x79, 0x70, 0xfd, 0xff,
160 0x86, 0x17, 0x18, 0x7b, 0xb9, 0xff, 0xfd, 0xff,
162 0x5a, 0xe4, 0xdf, 0x3e, 0xdb, 0xd5, 0xd3, 0x5e,
163 0x5b, 0x4f, 0x09, 0x02, 0x0d, 0xb0, 0x3e, 0xab,
165 0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe, 0x03, 0xd1,
166 0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee
169 const unsigned char kAES256CTRCiphertext[] = {
171 0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5,
172 0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28,
174 0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a,
175 0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5,
177 0x2b, 0x09, 0x30, 0xda, 0xa2, 0x3d, 0xe9, 0x4c,
178 0xe8, 0x70, 0x17, 0xba, 0x2d, 0x84, 0x98, 0x8d,
180 0xdf, 0xc9, 0xc5, 0x8d, 0xb6, 0x7a, 0xad, 0xa6,
181 0x13, 0xc2, 0xdd, 0x08, 0x45, 0x79, 0x41, 0xa6
184 void TestAESCTREncrypt(
185 const unsigned char* key, size_t key_size,
186 const unsigned char* init_counter, size_t init_counter_size,
187 const unsigned char* plaintext, size_t plaintext_size,
188 const unsigned char* ciphertext, size_t ciphertext_size) {
189 std::string key_str(reinterpret_cast<const char*>(key), key_size);
190 std::unique_ptr<crypto::SymmetricKey> sym_key(
191 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, key_str));
192 ASSERT_TRUE(sym_key.get());
194 crypto::Encryptor encryptor;
195 EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CTR, ""));
197 base::StringPiece init_counter_str(
198 reinterpret_cast<const char*>(init_counter), init_counter_size);
199 base::StringPiece plaintext_str(
200 reinterpret_cast<const char*>(plaintext), plaintext_size);
202 EXPECT_TRUE(encryptor.SetCounter(init_counter_str));
203 std::string encrypted;
204 EXPECT_TRUE(encryptor.Encrypt(plaintext_str, &encrypted));
206 EXPECT_EQ(ciphertext_size, encrypted.size());
207 EXPECT_EQ(0, memcmp(encrypted.data(), ciphertext, encrypted.size()));
209 std::string decrypted;
210 EXPECT_TRUE(encryptor.SetCounter(init_counter_str));
211 EXPECT_TRUE(encryptor.Decrypt(encrypted, &decrypted));
213 EXPECT_EQ(plaintext_str, decrypted);
216 void TestAESCTRMultipleDecrypt(
217 const unsigned char* key, size_t key_size,
218 const unsigned char* init_counter, size_t init_counter_size,
219 const unsigned char* plaintext, size_t plaintext_size,
220 const unsigned char* ciphertext, size_t ciphertext_size) {
221 std::string key_str(reinterpret_cast<const char*>(key), key_size);
222 std::unique_ptr<crypto::SymmetricKey> sym_key(
223 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, key_str));
224 ASSERT_TRUE(sym_key.get());
226 crypto::Encryptor encryptor;
227 EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CTR, ""));
229 // Counter is set only once.
230 EXPECT_TRUE(encryptor.SetCounter(base::StringPiece(
231 reinterpret_cast<const char*>(init_counter), init_counter_size)));
233 std::string ciphertext_str(reinterpret_cast<const char*>(ciphertext),
236 int kTestDecryptSizes[] = { 32, 16, 8 };
239 for (size_t i = 0; i < arraysize(kTestDecryptSizes); ++i) {
240 std::string decrypted;
241 size_t len = kTestDecryptSizes[i];
243 encryptor.Decrypt(ciphertext_str.substr(offset, len), &decrypted));
244 EXPECT_EQ(len, decrypted.size());
245 EXPECT_EQ(0, memcmp(decrypted.data(), plaintext + offset, len));
252 TEST(EncryptorTest, EncryptAES128CTR) {
254 kAES128CTRKey, arraysize(kAES128CTRKey),
255 kAESCTRInitCounter, arraysize(kAESCTRInitCounter),
256 kAESCTRPlaintext, arraysize(kAESCTRPlaintext),
257 kAES128CTRCiphertext, arraysize(kAES128CTRCiphertext));
260 TEST(EncryptorTest, EncryptAES256CTR) {
262 kAES256CTRKey, arraysize(kAES256CTRKey),
263 kAESCTRInitCounter, arraysize(kAESCTRInitCounter),
264 kAESCTRPlaintext, arraysize(kAESCTRPlaintext),
265 kAES256CTRCiphertext, arraysize(kAES256CTRCiphertext));
268 TEST(EncryptorTest, EncryptAES128CTR_MultipleDecrypt) {
269 TestAESCTRMultipleDecrypt(
270 kAES128CTRKey, arraysize(kAES128CTRKey),
271 kAESCTRInitCounter, arraysize(kAESCTRInitCounter),
272 kAESCTRPlaintext, arraysize(kAESCTRPlaintext),
273 kAES128CTRCiphertext, arraysize(kAES128CTRCiphertext));
276 TEST(EncryptorTest, EncryptAES256CTR_MultipleDecrypt) {
277 TestAESCTRMultipleDecrypt(
278 kAES256CTRKey, arraysize(kAES256CTRKey),
279 kAESCTRInitCounter, arraysize(kAESCTRInitCounter),
280 kAESCTRPlaintext, arraysize(kAESCTRPlaintext),
281 kAES256CTRCiphertext, arraysize(kAES256CTRCiphertext));
284 TEST(EncryptorTest, EncryptDecryptCTR) {
285 std::unique_ptr<crypto::SymmetricKey> key(
286 crypto::SymmetricKey::GenerateRandomKey(crypto::SymmetricKey::AES, 128));
288 EXPECT_TRUE(key.get());
289 const std::string kInitialCounter = "0000000000000000";
291 crypto::Encryptor encryptor;
292 EXPECT_TRUE(encryptor.Init(key.get(), crypto::Encryptor::CTR, ""));
293 EXPECT_TRUE(encryptor.SetCounter(kInitialCounter));
295 std::string plaintext("normal plaintext of random length");
296 std::string ciphertext;
297 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
298 EXPECT_LT(0U, ciphertext.size());
300 std::string decrypted;
301 EXPECT_TRUE(encryptor.SetCounter(kInitialCounter));
302 EXPECT_TRUE(encryptor.Decrypt(ciphertext, &decrypted));
303 EXPECT_EQ(plaintext, decrypted);
305 plaintext = "0123456789012345";
306 EXPECT_TRUE(encryptor.SetCounter(kInitialCounter));
307 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
308 EXPECT_LT(0U, ciphertext.size());
310 EXPECT_TRUE(encryptor.SetCounter(kInitialCounter));
311 EXPECT_TRUE(encryptor.Decrypt(ciphertext, &decrypted));
312 EXPECT_EQ(plaintext, decrypted);
315 TEST(EncryptorTest, CTRCounter) {
316 const int kCounterSize = 16;
317 const unsigned char kTest1[] =
318 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
319 unsigned char buf[16];
321 // Increment 10 times.
322 crypto::Encryptor::Counter counter1(
323 std::string(reinterpret_cast<const char*>(kTest1), kCounterSize));
324 for (int i = 0; i < 10; ++i)
325 counter1.Increment();
327 EXPECT_EQ(0, memcmp(buf, kTest1, 15));
328 EXPECT_EQ(10, buf[15]);
330 // Check corner cases.
331 const unsigned char kTest2[] = {
332 0, 0, 0, 0, 0, 0, 0, 0,
333 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
335 const unsigned char kExpect2[] =
336 {0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0};
337 crypto::Encryptor::Counter counter2(
338 std::string(reinterpret_cast<const char*>(kTest2), kCounterSize));
339 counter2.Increment();
341 EXPECT_EQ(0, memcmp(buf, kExpect2, kCounterSize));
343 const unsigned char kTest3[] = {
344 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
345 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
347 const unsigned char kExpect3[] =
348 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
349 crypto::Encryptor::Counter counter3(
350 std::string(reinterpret_cast<const char*>(kTest3), kCounterSize));
351 counter3.Increment();
353 EXPECT_EQ(0, memcmp(buf, kExpect3, kCounterSize));
356 // TODO(wtc): add more known-answer tests. Test vectors are available from
357 // http://www.ietf.org/rfc/rfc3602
358 // http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
359 // http://gladman.plushost.co.uk/oldsite/AES/index.php
360 // http://csrc.nist.gov/groups/STM/cavp/documents/aes/KAT_AES.zip
362 // NIST SP 800-38A test vector F.2.5 CBC-AES256.Encrypt.
363 TEST(EncryptorTest, EncryptAES256CBC) {
364 // From NIST SP 800-38a test cast F.2.5 CBC-AES256.Encrypt.
365 static const unsigned char kRawKey[] = {
366 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
367 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
368 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
369 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
371 static const unsigned char kRawIv[] = {
372 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
373 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
375 static const unsigned char kRawPlaintext[] = {
377 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
378 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
380 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
381 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
383 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
384 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
386 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
387 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10,
389 static const unsigned char kRawCiphertext[] = {
391 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
392 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
394 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
395 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
397 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
398 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
400 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
401 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b,
402 // PKCS #5 padding, encrypted.
403 0x3f, 0x46, 0x17, 0x96, 0xd6, 0xb0, 0xd6, 0xb2,
404 0xe0, 0xc2, 0xa7, 0x2b, 0x4d, 0x80, 0xe6, 0x44
407 std::string key(reinterpret_cast<const char*>(kRawKey), sizeof(kRawKey));
408 std::unique_ptr<crypto::SymmetricKey> sym_key(
409 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, key));
410 ASSERT_TRUE(sym_key.get());
412 crypto::Encryptor encryptor;
413 // The IV must be exactly as long a the cipher block size.
414 std::string iv(reinterpret_cast<const char*>(kRawIv), sizeof(kRawIv));
415 EXPECT_EQ(16U, iv.size());
416 EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
418 std::string plaintext(reinterpret_cast<const char*>(kRawPlaintext),
419 sizeof(kRawPlaintext));
420 std::string ciphertext;
421 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
423 EXPECT_EQ(sizeof(kRawCiphertext), ciphertext.size());
424 EXPECT_EQ(0, memcmp(ciphertext.data(), kRawCiphertext, ciphertext.size()));
426 std::string decrypted;
427 EXPECT_TRUE(encryptor.Decrypt(ciphertext, &decrypted));
429 EXPECT_EQ(plaintext, decrypted);
432 // Expected output derived from the NSS implementation.
433 TEST(EncryptorTest, EncryptAES128CBCRegression) {
434 std::string key = "128=SixteenBytes";
435 std::string iv = "Sweet Sixteen IV";
436 std::string plaintext = "Plain text with a g-clef U+1D11E \360\235\204\236";
437 std::string expected_ciphertext_hex =
438 "D4A67A0BA33C30F207344D81D1E944BBE65587C3D7D9939A"
439 "C070C62B9C15A3EA312EA4AD1BC7929F4D3C16B03AD5ADA8";
441 std::unique_ptr<crypto::SymmetricKey> sym_key(
442 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, key));
443 ASSERT_TRUE(sym_key.get());
445 crypto::Encryptor encryptor;
446 // The IV must be exactly as long a the cipher block size.
447 EXPECT_EQ(16U, iv.size());
448 EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
450 std::string ciphertext;
451 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
452 EXPECT_EQ(expected_ciphertext_hex, base::HexEncode(ciphertext.data(),
455 std::string decrypted;
456 EXPECT_TRUE(encryptor.Decrypt(ciphertext, &decrypted));
457 EXPECT_EQ(plaintext, decrypted);
460 // Symmetric keys with an unsupported size should be rejected. Whether they are
461 // rejected by SymmetricKey::Import or Encryptor::Init depends on the platform.
462 TEST(EncryptorTest, UnsupportedKeySize) {
463 std::string key = "7 = bad";
464 std::string iv = "Sweet Sixteen IV";
465 std::unique_ptr<crypto::SymmetricKey> sym_key(
466 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, key));
470 crypto::Encryptor encryptor;
471 // The IV must be exactly as long as the cipher block size.
472 EXPECT_EQ(16U, iv.size());
473 EXPECT_FALSE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
476 TEST(EncryptorTest, UnsupportedIV) {
477 std::string key = "128=SixteenBytes";
478 std::string iv = "OnlyForteen :(";
479 std::unique_ptr<crypto::SymmetricKey> sym_key(
480 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, key));
481 ASSERT_TRUE(sym_key.get());
483 crypto::Encryptor encryptor;
484 EXPECT_FALSE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
487 TEST(EncryptorTest, EmptyEncrypt) {
488 std::string key = "128=SixteenBytes";
489 std::string iv = "Sweet Sixteen IV";
490 std::string plaintext;
491 std::string expected_ciphertext_hex = "8518B8878D34E7185E300D0FCC426396";
493 std::unique_ptr<crypto::SymmetricKey> sym_key(
494 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, key));
495 ASSERT_TRUE(sym_key.get());
497 crypto::Encryptor encryptor;
498 // The IV must be exactly as long a the cipher block size.
499 EXPECT_EQ(16U, iv.size());
500 EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
502 std::string ciphertext;
503 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext));
504 EXPECT_EQ(expected_ciphertext_hex, base::HexEncode(ciphertext.data(),
508 TEST(EncryptorTest, CipherTextNotMultipleOfBlockSize) {
509 std::string key = "128=SixteenBytes";
510 std::string iv = "Sweet Sixteen IV";
512 std::unique_ptr<crypto::SymmetricKey> sym_key(
513 crypto::SymmetricKey::Import(crypto::SymmetricKey::AES, key));
514 ASSERT_TRUE(sym_key.get());
516 crypto::Encryptor encryptor;
517 // The IV must be exactly as long a the cipher block size.
518 EXPECT_EQ(16U, iv.size());
519 EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv));
521 // Use a separately allocated array to improve the odds of the memory tools
522 // catching invalid accesses.
524 // Otherwise when using std::string as the other tests do, accesses several
525 // bytes off the end of the buffer may fall inside the reservation of
526 // the string and not be detected.
527 std::unique_ptr<char[]> ciphertext(new char[1]);
529 std::string plaintext;
531 encryptor.Decrypt(base::StringPiece(ciphertext.get(), 1), &plaintext));