src/ckm/encryption-decryption.cpp

   1 /*
   2  *  Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *  Licensed under the Apache License, Version 2.0 (the "License");
   5  *  you may not use this file except in compliance with the License.
   6  *  You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *  Unless required by applicable law or agreed to in writing, software
  11  *  distributed under the License is distributed on an "AS IS" BASIS,
  12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *  See the License for the specific language governing permissions and
  14  *  limitations under the License
  15  */
  16 /*
  17  * @file       encryption-decryption.cpp
  18  * @author     Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
  19  * @version    1.0
  20  */
  21
  22
  23 #include <string>
  24 #include <vector>
  25 #include <map>
  26 #include <sstream>
  27
  28 #include <dpl/test/test_runner.h>
  29 #include <ckm-common.h>
  30 #include <ckmc/ckmc-manager.h>
  31 #include <ckm/ckm-type.h>
  32 #include <access_provider2.h>
  33 #include <encryption-decryption-env.h>
  34
  35 using namespace CKM;
  36
  37 namespace {
  38
  39 const char* PASSWORD = "test-password";
  40 const uid_t UID = 5555;
  41 const gid_t GID = 5555;
  42 const size_t CTR_DEFAULT_LEN = 16*8;
  43 const size_t DEFAULT_IV_LEN = 16;
  44 const size_t BUF_LEN = 86; // must be less than 1024/8-41 to support RSA OAEP 1024
  45
  46 // Environment
  47 SyncApi g_syncApi;
  48 AsyncApi g_asyncApi;
  49
  50 EncryptionApi* g_api = &g_syncApi;
  51
  52 EncryptionError apiEncrypt(const ckmc_param_list_s *params,
  53                         const char *key_alias,
  54                         const char *password,
  55                         const ckmc_raw_buffer_s decrypted,
  56                         ckmc_raw_buffer_s **ppencrypted) {
  57     RUNNER_ASSERT_MSG(g_api, "No encryption API is connected");
  58     return g_api->encrypt(params, key_alias, password, decrypted, ppencrypted);
  59 }
  60
  61 EncryptionError apiDecrypt(const ckmc_param_list_s *params,
  62                         const char *key_alias,
  63                         const char *password,
  64                         const ckmc_raw_buffer_s encrypted,
  65                         ckmc_raw_buffer_s **ppdecrypted) {
  66     RUNNER_ASSERT_MSG(g_api, "No encryption API is connected");
  67     return g_api->decrypt(params, key_alias, password, encrypted, ppdecrypted);
  68 }
  69
  70 template <typename F, typename... Args>
  71 void assert_crypto_result(EncryptionError expected, F&& func, Args... args)
  72 {
  73     EncryptionError ret = func(args...);
  74     RUNNER_ASSERT_MSG(ret == expected,
  75                       "Expected: " << static_cast<int>(expected) <<
  76                       " got: " << static_cast<int>(ret));
  77 }
  78
  79 template <typename F, typename... Args>
  80 void assert_crypto_positive(F&& func, Args... args)
  81 {
  82     assert_crypto_result(EncryptionError::SUCCESS, std::move(func), args...);
  83 }
  84
  85 template <typename F, typename... Args>
  86 void assert_crypto_invalid_param(F&& func, Args... args)
  87 {
  88     assert_crypto_result(EncryptionError::INVALID_PARAM, std::move(func), args...);
  89 }
  90
  91 struct TagTest {
  92     int tagLen;
  93     EncryptionError expected;
  94 };
  95
  96 struct KeyAliasPair
  97 {
  98     Alias prv;
  99     Alias pub;
 100 };
 101
 102 class EncEnv : public RemoveDataEnv<UID> {
 103 public:
 104     EncEnv() : m_dbu(NULL), m_sap(NULL) {}
 105     ~EncEnv() { delete m_sap; delete m_dbu; }
 106
 107     void init(const std::string& str) {
 108         RemoveDataEnv<UID>::init(str);
 109         m_dbu = new ScopedDBUnlock(UID, "db-pass"); // unlock user's database
 110         m_sap = new ScopedAccessProvider("my-label");    // setup label
 111
 112         // setup smack rules and switch user
 113         m_sap->allowAPI("key-manager::api-storage", "rw");
 114         m_sap->allowAPI("key-manager::api-encryption", "rw");
 115         m_sap->applyAndSwithToUser(UID, GID);
 116     }
 117
 118     void finish() {
 119         delete m_sap;
 120         m_sap = NULL;
 121         delete m_dbu;
 122         m_dbu = NULL;
 123         RemoveDataEnv<UID>::finish();
 124         g_api = NULL;
 125     }
 126
 127     ScopedDBUnlock* m_dbu;
 128     ScopedAccessProvider* m_sap;
 129 };
 130
 131 struct SyncEnv : public EncEnv {
 132     void init(const std::string& str) {
 133         EncEnv::init(str);
 134         g_api = &g_syncApi;
 135     }
 136
 137     static std::string suffix() { return "_sync"; }
 138 };
 139
 140 struct AsyncEnv : public EncEnv {
 141     void init(const std::string& str) {
 142         EncEnv::init(str);
 143         g_api = &g_asyncApi;
 144     }
 145
 146     static std::string suffix() { return "_async"; }
 147 };
 148
 149 struct AlgoBase {
 150     ckmc_algo_type_e m_type;
 151     size_t m_keyLen;
 152
 153     AlgoBase(ckmc_algo_type_e type, size_t keyLen) : m_type(type), m_keyLen(keyLen) {}
 154
 155     virtual KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr) = 0;
 156 };
 157
 158 typedef std::shared_ptr<AlgoBase> AlgoBasePtr;
 159
 160 template <typename T>
 161 AlgoBasePtr createAlgo(ckmc_algo_type_e type, size_t keyLen) {
 162     return AlgoBasePtr(new T(type, keyLen));
 163 }
 164
 165 struct AlgoAes : public AlgoBase {
 166     AlgoAes(ckmc_algo_type_e type, size_t keyLen) : AlgoBase(type, keyLen) {}
 167     KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr);
 168 };
 169
 170 KeyAliasPair AlgoAes::keyGen(const char* pass, const char* suffix)
 171 {
 172     KeyAliasPair aliases;
 173     std::ostringstream oss;
 174     std::string ownerId = getOwnerIdFromSelf();
 175     CharPtr passPtr(nullptr, free);
 176     if (pass)
 177         passPtr.reset(strdup(pass));
 178
 179     oss << "aes_" << static_cast<int>(m_type) << "_" << m_keyLen << "_key_alias";
 180     if (suffix)
 181         oss << suffix;
 182     aliases.prv = aliasWithLabel(ownerId.c_str(),oss.str().c_str());
 183     aliases.pub = aliasWithLabel(ownerId.c_str(), oss.str().c_str());
 184
 185     ckmc_policy_s policy;
 186     policy.extractable = false;
 187     policy.password = passPtr.get();
 188
 189     assert_positive(ckmc_create_key_aes, m_keyLen, aliases.prv.c_str(), policy);
 190     return aliases;
 191 }
 192
 193 struct AlgoRsa : public AlgoBase {
 194     AlgoRsa(ckmc_algo_type_e type, size_t keyLen) : AlgoBase(type, keyLen) {}
 195     KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr);
 196 };
 197
 198 KeyAliasPair AlgoRsa::keyGen(const char* pass, const char* suffix)
 199 {
 200     std::ostringstream oss_prv, oss_pub;
 201     oss_prv << "rsa_oaep_prv_alias_" << m_keyLen;
 202     oss_pub << "rsa_oaep_pub_alias_" << m_keyLen;
 203     if (suffix) {
 204         oss_prv << suffix;
 205         oss_pub << suffix;
 206     }
 207     KeyAliasPair aliases = {
 208             aliasWithLabel(getOwnerIdFromSelf().c_str(), oss_prv.str().c_str()),
 209             aliasWithLabel(getOwnerIdFromSelf().c_str(), oss_pub.str().c_str())
 210     };
 211     CharPtr passPtr(nullptr, free);
 212     if (pass)
 213         passPtr.reset(strdup(pass));
 214
 215     ckmc_policy_s policyPrv;
 216     policyPrv.password = passPtr.get();
 217     policyPrv.extractable = 0;
 218
 219     ckmc_policy_s policyPub;
 220     policyPub.password = passPtr.get();
 221     policyPub.extractable = 0;
 222
 223     assert_positive(ckmc_create_key_pair_rsa,
 224                     m_keyLen,
 225                     aliases.prv.c_str(),
 226                     aliases.pub.c_str(),
 227                     policyPrv,
 228                     policyPub);
 229     return aliases;
 230 }
 231
 232 enum Algorithm {
 233     AES_CBC_128,
 234     AES_CBC_192,
 235     AES_CBC_256,
 236     AES_GCM_128,
 237     AES_GCM_192,
 238     AES_GCM_256,
 239     AES_CTR_128,
 240     AES_CTR_192,
 241     AES_CTR_256,
 242     AES_CFB_128,
 243     AES_CFB_192,
 244     AES_CFB_256,
 245     RSA_OAEP_1024,
 246     RSA_OAEP_2048,
 247     RSA_OAEP_4096,
 248 };
 249
 250 std::map<Algorithm, AlgoBasePtr> g_algorithms = {
 251         { AES_CBC_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 128) },
 252         { AES_CBC_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 192) },
 253         { AES_CBC_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 256) },
 254         { AES_GCM_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 128) },
 255         { AES_GCM_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 192) },
 256         { AES_GCM_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 256) },
 257         { AES_CTR_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 128) },
 258         { AES_CTR_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 192) },
 259         { AES_CTR_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 256) },
 260         { AES_CFB_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 128) },
 261         { AES_CFB_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 192) },
 262         { AES_CFB_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 256) },
 263         { RSA_OAEP_1024, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 1024) },
 264         { RSA_OAEP_2048, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 2048) },
 265         { RSA_OAEP_4096, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 4096) },
 266 };
 267
 268 void setParam(ParamListPtr& params, ckmc_param_name_e name, ckmc_raw_buffer_s* buffer)
 269 {
 270     int ret = ckmc_param_list_add_buffer(params.get(), name, buffer);
 271     RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE,
 272                       "Failed to set param " << name << " error: " << CKMCErrorToString(ret));
 273 }
 274
 275 void setParam(ParamListPtr& params, ckmc_param_name_e name, int integer)
 276 {
 277     int ret = ckmc_param_list_add_integer(params.get(), name, integer);
 278     RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE,
 279                       "Failed to set param " << name << " error: " << CKMCErrorToString(ret));
 280 }
 281
 282 struct EncryptionResult
 283 {
 284     RawBufferPtr encrypted;
 285     ParamListPtr params;
 286     Alias prvKey;
 287     Alias pubKey;
 288 };
 289
 290 EncryptionResult encrypt(const AlgoBasePtr& algo,
 291                          const RawBufferPtr& plain,
 292                          const char* pass = nullptr)
 293 {
 294     EncryptionResult ret;
 295     ckmc_raw_buffer_s* encrypted = nullptr;
 296     KeyAliasPair aliases = algo->keyGen(pass);
 297
 298     ret.params = createParamListPtr();
 299     assert_positive(ckmc_generate_params, algo->m_type, ret.params.get());
 300     setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 301
 302     assert_crypto_positive(apiEncrypt,
 303                            ret.params.get(),
 304                            aliases.pub.c_str(),
 305                            pass,
 306                            *plain.get(),
 307                            &encrypted);
 308
 309     ret.encrypted = create_raw_buffer(encrypted);
 310     ret.prvKey = aliases.prv;
 311     ret.pubKey = aliases.pub;
 312     return ret;
 313 }
 314
 315 void testAllAlgorithms(
 316         const std::function<void(const AlgoBasePtr& algo)>& test)
 317 {
 318     for(const auto& it : g_algorithms)
 319         test(it.second);
 320 }
 321
 322 void testNoIvEnc(Algorithm type)
 323 {
 324     const AlgoBasePtr& algo = g_algorithms.at(type);
 325
 326     // prepare buffers
 327     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 328     ckmc_raw_buffer_s* encrypted = nullptr;
 329
 330     // add key
 331     KeyAliasPair aliases = algo->keyGen();
 332
 333     // param list with algo type only
 334     ParamListPtr params = createParamListPtr();
 335     setParam(params, CKMC_PARAM_ALGO_TYPE, algo->m_type);
 336     assert_crypto_invalid_param(apiEncrypt,
 337                                 params.get(),
 338                                 aliases.pub.c_str(),
 339                                 nullptr,
 340                                 *plain.get(),
 341                                 &encrypted);
 342 }
 343
 344 void testNoIvDec(Algorithm type)
 345 {
 346     const AlgoBasePtr& algo = g_algorithms.at(type);
 347
 348     // prepare buffers
 349     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 350     ckmc_raw_buffer_s* decrypted = nullptr;
 351
 352     // encrypt;
 353     auto ret = encrypt(algo, plain);
 354
 355     // param list with algo type only
 356     ParamListPtr params = createParamListPtr();
 357     setParam(params, CKMC_PARAM_ALGO_TYPE, algo->m_type);
 358     assert_crypto_invalid_param(apiDecrypt,
 359                                 params.get(),
 360                                 ret.prvKey.c_str(),
 361                                 nullptr,
 362                                 *ret.encrypted.get(),
 363                                 &decrypted);
 364 }
 365
 366 void testInvalidIvEnc(Algorithm type)
 367 {
 368     const AlgoBasePtr& algo = g_algorithms.at(type);
 369
 370     // prepare buffers
 371     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 372     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 373
 374     // add key
 375     KeyAliasPair aliases = algo->keyGen();
 376
 377     // setup params
 378     ParamListPtr params = createParamListPtr();
 379     assert_positive(ckmc_generate_params, algo->m_type, params.get());
 380
 381     // invalid encryption
 382     auto test = [&](){
 383         assert_crypto_invalid_param(apiEncrypt,
 384                                     params.get(),
 385                                     aliases.pub.c_str(),
 386                                     nullptr,
 387                                     *plain.get(),
 388                                     &encryptedTmp);
 389         ckmc_buffer_free(encryptedTmp);
 390         encryptedTmp = nullptr;
 391     };
 392     // invalid iv size
 393     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN-1));
 394     test();
 395     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN+1));
 396     test();
 397 };
 398
 399 void testInvalidIvDec(Algorithm type)
 400 {
 401     const AlgoBasePtr& algo = g_algorithms.at(type);
 402
 403     // prepare buffers
 404     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 405     ckmc_raw_buffer_s* decrypted = nullptr;
 406
 407     // valid encryption
 408     auto ret = encrypt(algo, plain);
 409
 410     // decryption
 411     auto test2 = [&](){
 412         assert_crypto_invalid_param(apiDecrypt,
 413                                     ret.params.get(),
 414                                     ret.prvKey.c_str(),
 415                                     nullptr,
 416                                     *ret.encrypted.get(),
 417                                     &decrypted);
 418         ckmc_buffer_free(decrypted);
 419         decrypted = nullptr;
 420     };
 421
 422     // invalid iv size
 423     setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN-1));
 424     test2();
 425     setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN+1));
 426     test2();
 427 };
 428
 429 void encryptionWithCustomData(Algorithm type, ckmc_param_name_e name)
 430 {
 431     const AlgoBasePtr& algo = g_algorithms.at(type);
 432
 433     // prepare buffers
 434     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 435     ckmc_raw_buffer_s* encrypted = nullptr;
 436     ckmc_raw_buffer_s* decrypted = nullptr;
 437
 438     // add key
 439     KeyAliasPair aliases = algo->keyGen();
 440
 441     // setup params
 442     ParamListPtr params = createParamListPtr();
 443     assert_positive(ckmc_generate_params, algo->m_type, params.get());
 444     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 445
 446     // set AAD
 447     setParam(params, name, createRandomBufferCAPI(64));
 448
 449     // encrypt
 450     assert_crypto_positive(apiEncrypt,
 451                            params.get(),
 452                            aliases.pub.c_str(),
 453                            nullptr,
 454                            *plain.get(),
 455                            &encrypted);
 456     RawBufferPtr tmpEnc = create_raw_buffer(encrypted);
 457
 458     // decrypt
 459     assert_crypto_positive(apiDecrypt,
 460                            params.get(),
 461                            aliases.prv.c_str(),
 462                            nullptr,
 463                            *tmpEnc.get(),
 464                            &decrypted);
 465     RawBufferPtr tmpDec = create_raw_buffer(decrypted);
 466
 467     // check
 468     assert_buffers_equal(*plain.get(), *tmpDec.get());
 469     tmpDec.reset();
 470     decrypted = nullptr;
 471
 472     // set wrong AAD
 473     setParam(params, name, createRandomBufferCAPI(32));
 474
 475     // decrypt
 476     assert_crypto_result(EncryptionError::SERVER_ERROR,
 477                          apiDecrypt,
 478                          params.get(),
 479                          aliases.prv.c_str(),
 480                          nullptr,
 481                          *tmpEnc.get(),
 482                          &decrypted);
 483 }
 484
 485 void testGcmIvSize(size_t size,
 486                    const KeyAliasPair& aliases,
 487                    EncryptionError error = EncryptionError::SUCCESS)
 488 {
 489     // prepare buffers
 490     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 491     RawBufferPtr encrypted;
 492     RawBufferPtr decrypted;
 493     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 494     ckmc_raw_buffer_s* decryptedTmp = nullptr;
 495
 496     // setup params
 497     ParamListPtr params = createParamListPtr();
 498     assert_positive(ckmc_generate_params, CKMC_ALGO_AES_GCM, params.get());
 499     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 500     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(size));
 501
 502     // encryption
 503     assert_crypto_result(error,
 504                          apiEncrypt,
 505                          params.get(),
 506                          aliases.pub.c_str(),
 507                          nullptr,
 508                          *plain.get(),
 509                          &encryptedTmp);
 510
 511     if(error != EncryptionError::SUCCESS)
 512         return;
 513     encrypted = create_raw_buffer(encryptedTmp);
 514
 515     // decryption
 516     assert_crypto_positive(apiDecrypt,
 517                            params.get(),
 518                            aliases.prv.c_str(),
 519                            nullptr,
 520                            *encrypted.get(),
 521                            &decryptedTmp);
 522     decrypted = create_raw_buffer(decryptedTmp);
 523
 524     assert_buffers_equal(*plain.get(), *decrypted.get());
 525 }
 526
 527 void testIntegrity(Algorithm type)
 528 {
 529     const AlgoBasePtr& algo = g_algorithms.at(type);
 530
 531     // prepare buffers
 532     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 533     ckmc_raw_buffer_s* decrypted = nullptr;
 534
 535     // encrypt
 536     auto ret = encrypt(algo, plain);
 537
 538     // break the encrypted data
 539     ret.encrypted->data[BUF_LEN/2]++;
 540
 541     // no data integrity check
 542     assert_crypto_positive(apiDecrypt,
 543                            ret.params.get(),
 544                            ret.prvKey.c_str(),
 545                            nullptr,
 546                            *ret.encrypted.get(),
 547                            &decrypted);
 548
 549     RawBufferPtr tmp = create_raw_buffer(decrypted);
 550     assert_buffers_equal(*plain.get(), *decrypted, false);
 551 }
 552
 553 void testCtrEncryptionInvalidLength(Algorithm type)
 554 {
 555     const AlgoBasePtr& algo = g_algorithms.at(type);
 556
 557     // prepare buffers
 558     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 559     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 560
 561     // add AES CTR key
 562     KeyAliasPair aliases = algo->keyGen();
 563
 564     // setup params
 565     ParamListPtr params = createParamListPtr();
 566     assert_positive(ckmc_generate_params, algo->m_type, params.get());
 567     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 568
 569     // encryption
 570     auto test = [&](){
 571         assert_crypto_invalid_param(apiEncrypt,
 572                                     params.get(),
 573                                     aliases.pub.c_str(),
 574                                     nullptr,
 575                                     *plain.get(),
 576                                     &encryptedTmp);
 577         ckmc_buffer_free(encryptedTmp);
 578         encryptedTmp = nullptr;
 579     };
 580     // invalid counter size
 581     setParam(params, CKMC_PARAM_ED_CTR_LEN, -1);
 582     test();
 583     setParam(params, CKMC_PARAM_ED_CTR_LEN, 0);
 584     test();
 585     setParam(params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN+1);
 586     test();
 587 }
 588
 589 void testCtrEncryptionValidLength(Algorithm type)
 590 {
 591     const AlgoBasePtr& algo = g_algorithms.at(type);
 592
 593     // prepare buffers
 594     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 595     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 596
 597     // add AES CTR key
 598     KeyAliasPair aliases = algo->keyGen();
 599
 600     // setup params
 601     ParamListPtr params = createParamListPtr();
 602     assert_positive(ckmc_generate_params, algo->m_type, params.get());
 603     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 604
 605     // encryption
 606     auto test = [&](){
 607         assert_crypto_positive(apiEncrypt,
 608                                params.get(),
 609                                aliases.pub.c_str(),
 610                                nullptr,
 611                                *plain.get(),
 612                                &encryptedTmp);
 613         ckmc_buffer_free(encryptedTmp);
 614         encryptedTmp = nullptr;
 615     };
 616     // valid counter sizez
 617     setParam(params, CKMC_PARAM_ED_CTR_LEN, 1);
 618     test();
 619     setParam(params, CKMC_PARAM_ED_CTR_LEN, 4);
 620     test();
 621     setParam(params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN-1);
 622     test();
 623     setParam(params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN);
 624     test();
 625 }
 626
 627 void testCtrDecryptionInvalidLength(Algorithm type)
 628 {
 629     const AlgoBasePtr& algo = g_algorithms.at(type);
 630
 631     // prepare buffers
 632     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 633     ckmc_raw_buffer_s* decrypted = nullptr;
 634
 635     // add AES CTR key & encrypt
 636     auto ret = encrypt(algo, plain);
 637
 638     // decryption
 639     auto test = [&](){
 640         assert_crypto_invalid_param(apiDecrypt,
 641                                     ret.params.get(),
 642                                     ret.prvKey.c_str(),
 643                                     nullptr,
 644                                     *ret.encrypted.get(),
 645                                     &decrypted);
 646         ckmc_buffer_free(decrypted);
 647         decrypted = nullptr;
 648     };
 649     // invalid counter size
 650     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, -1);
 651     test();
 652     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, 0);
 653     test();
 654     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN+1);
 655     test();
 656 }
 657
 658 void testCtrDecryptionValidLength(Algorithm type)
 659 {
 660     const AlgoBasePtr& algo = g_algorithms.at(type);
 661
 662     // prepare buffers
 663     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 664     ckmc_raw_buffer_s* decrypted = nullptr;
 665
 666     // add AES CTR key & encrypt
 667     auto ret = encrypt(algo, plain);
 668
 669     // decryption
 670     auto test = [&](){
 671         assert_crypto_positive(apiDecrypt,
 672                                ret.params.get(),
 673                                ret.prvKey.c_str(),
 674                                nullptr,
 675                                *ret.encrypted.get(),
 676                                &decrypted);
 677         ckmc_buffer_free(decrypted);
 678         RawBufferPtr tmp = create_raw_buffer(decrypted);
 679         assert_buffers_equal(*plain.get(), *decrypted);
 680     };
 681     // invalid counter size
 682     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, 1);
 683     test();
 684     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, 4);
 685     test();
 686     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN-1);
 687     test();
 688     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN);
 689     test();
 690 }
 691
 692 void testGcmEncryptionTagLen(Algorithm type)
 693 {
 694     const AlgoBasePtr& algo = g_algorithms.at(type);
 695
 696     // prepare buffers
 697     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 698     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 699
 700     // add AES GCM key
 701     KeyAliasPair aliases = algo->keyGen();
 702
 703     // setup params
 704     ParamListPtr params = createParamListPtr();
 705     assert_positive(ckmc_generate_params, algo->m_type, params.get());
 706     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 707
 708     std::vector<TagTest> testData = {
 709             // illegal tag lengths
 710             { -1,   EncryptionError::INVALID_PARAM },
 711             { 0,    EncryptionError::INVALID_PARAM },
 712             { 16,   EncryptionError::INVALID_PARAM },
 713             { 48,   EncryptionError::INVALID_PARAM },
 714             { 72,   EncryptionError::INVALID_PARAM },
 715             { 100,  EncryptionError::INVALID_PARAM },
 716             { 108,  EncryptionError::INVALID_PARAM },
 717             { 116,  EncryptionError::INVALID_PARAM },
 718             { 124,  EncryptionError::INVALID_PARAM },
 719             { 256,  EncryptionError::INVALID_PARAM },
 720             // legal tag lengths
 721             { 32,   EncryptionError::SUCCESS },
 722             { 64,   EncryptionError::SUCCESS },
 723             { 96,   EncryptionError::SUCCESS },
 724             { 104,  EncryptionError::SUCCESS },
 725             { 112,  EncryptionError::SUCCESS },
 726             { 120,  EncryptionError::SUCCESS },
 727             { 128,  EncryptionError::SUCCESS },
 728     };
 729
 730     // encryption
 731     for(const auto& it : testData)
 732     {
 733         setParam(params, CKMC_PARAM_ED_TAG_LEN, it.tagLen);
 734         assert_crypto_result(it.expected,
 735                              apiEncrypt,
 736                              params.get(),
 737                              aliases.pub.c_str(),
 738                              nullptr,
 739                              *plain.get(),
 740                              &encryptedTmp);
 741         ckmc_buffer_free(encryptedTmp);
 742         encryptedTmp = nullptr;
 743     }
 744 }
 745
 746 void testGcmDecryptionTagLen(Algorithm type)
 747 {
 748     const AlgoBasePtr& algo = g_algorithms.at(type);
 749
 750     // prepare buffers
 751     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 752     ckmc_raw_buffer_s* decrypted = nullptr;
 753
 754     // add AES GCM key & encrypt
 755     auto ret = encrypt(algo, plain);
 756
 757     std::vector<TagTest> testData = {
 758             // illegal tag lengths
 759             { -1,   EncryptionError::INVALID_PARAM },
 760             { 0,    EncryptionError::INVALID_PARAM },
 761             { 16,   EncryptionError::INVALID_PARAM },
 762             { 48,   EncryptionError::INVALID_PARAM },
 763             { 72,   EncryptionError::INVALID_PARAM },
 764             { 100,  EncryptionError::INVALID_PARAM },
 765             { 108,  EncryptionError::INVALID_PARAM },
 766             { 116,  EncryptionError::INVALID_PARAM },
 767             { 124,  EncryptionError::INVALID_PARAM },
 768             { 256,  EncryptionError::INVALID_PARAM },
 769             // legal tag lengths (EVP_CipherFinal fails but we can't get the error code)
 770             { 32,   EncryptionError::SERVER_ERROR },
 771             { 64,   EncryptionError::SERVER_ERROR },
 772             { 96,   EncryptionError::SERVER_ERROR },
 773             { 104,  EncryptionError::SERVER_ERROR },
 774             { 112,  EncryptionError::SERVER_ERROR },
 775             { 120,  EncryptionError::SERVER_ERROR },
 776             // legal tag length that was actually used for encryption (default)
 777             { 128,  EncryptionError::SUCCESS },
 778     };
 779
 780     // decryption
 781     for(const auto& it : testData)
 782     {
 783         setParam(ret.params, CKMC_PARAM_ED_TAG_LEN, it.tagLen);
 784         assert_crypto_result(it.expected,
 785                              apiDecrypt,
 786                              ret.params.get(),
 787                              ret.prvKey.c_str(),
 788                              nullptr,
 789                              *ret.encrypted.get(),
 790                              &decrypted);
 791         ckmc_buffer_free(decrypted);
 792         decrypted = nullptr;
 793     }
 794 }
 795
 796 void testGcmWrongTag(Algorithm type)
 797 {
 798     const AlgoBasePtr& algo = g_algorithms.at(type);
 799
 800     // prepare buffers
 801     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 802     ckmc_raw_buffer_s* decrypted = nullptr;
 803
 804     // encrypt with AES GCM
 805     auto ret = encrypt(algo, plain);
 806
 807     // modify tag (last 16B of encrypted message)
 808     ret.encrypted->data[ret.encrypted->size-1]++;
 809
 810     // EVP_CipherFinal fails but we can't get error code
 811     assert_crypto_result(EncryptionError::SERVER_ERROR,
 812                          apiDecrypt,
 813                          ret.params.get(),
 814                          ret.prvKey.c_str(),
 815                          nullptr,
 816                          *ret.encrypted.get(),
 817                          &decrypted);
 818 }
 819
 820 void testGcmDifferentIvSizes(Algorithm type)
 821 {
 822     const AlgoBasePtr& algo = g_algorithms.at(type);
 823
 824     // add AES GCM key
 825     KeyAliasPair aliases = algo->keyGen();
 826
 827     testGcmIvSize(11,   aliases, EncryptionError::SERVER_ERROR); // 12B is the smallest
 828     testGcmIvSize(12,  aliases);
 829     testGcmIvSize(17,  aliases);
 830     testGcmIvSize(128, aliases);
 831 }
 832
 833 void testEncryptDecryptBigData(Algorithm type)
 834 {
 835     const AlgoBasePtr& algo = g_algorithms.at(type);
 836
 837     // prepare buffers
 838     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(5000000));
 839     ckmc_raw_buffer_s* decrypted = nullptr;
 840
 841     // encrypt
 842     auto ret = encrypt(algo, plain);
 843
 844     assert_positive(apiDecrypt,
 845                     ret.params.get(),
 846                     ret.prvKey.c_str(),
 847                     nullptr,
 848                     *ret.encrypted.get(),
 849                     &decrypted);
 850     RawBufferPtr tmp = create_raw_buffer(decrypted);
 851
 852     assert_buffers_equal(*plain.get(), *decrypted);
 853 }
 854
 855 void testEncryptDecryptDifferentKeys(Algorithm type, bool success)
 856 {
 857     const AlgoBasePtr& algo = g_algorithms.at(type);
 858     // prepare buffers
 859     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 860     ckmc_raw_buffer_s* decrypted = nullptr;
 861
 862     // encrypt
 863     auto ret = encrypt(algo, plain);
 864
 865     // add different key
 866     KeyAliasPair differentKeys = algo->keyGen(nullptr, "_wrong");
 867
 868
 869     if (success) {
 870         // some algorithms don't verify key validity
 871         assert_crypto_positive(apiDecrypt,
 872                                ret.params.get(),
 873                                differentKeys.prv.c_str(),
 874                                nullptr,
 875                                *ret.encrypted.get(),
 876                                &decrypted);
 877         RawBufferPtr tmp = create_raw_buffer(decrypted);
 878
 879         assert_buffers_equal(*plain.get(), *decrypted, false);
 880     } else {
 881         // different key should not be accepted
 882         assert_crypto_result(EncryptionError::SERVER_ERROR,
 883                              apiDecrypt,
 884                              ret.params.get(),
 885                              differentKeys.prv.c_str(),
 886                              nullptr,
 887                              *ret.encrypted.get(),
 888                              &decrypted);
 889     }
 890
 891     // Cleanup before testing next algorithm. Ignore results because not all keys are present
 892     ckmc_remove_alias(ret.prvKey.c_str());
 893     ckmc_remove_alias(ret.pubKey.c_str());
 894     ckmc_remove_alias(differentKeys.prv.c_str());
 895     ckmc_remove_alias(differentKeys.pub.c_str());
 896 }
 897
 898 void testRsaLongestData(Algorithm type, size_t dataSize)
 899 {
 900     const AlgoBasePtr& algo = g_algorithms.at(type);
 901     // prepare buffers
 902     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(dataSize));
 903     ckmc_raw_buffer_s* decrypted = nullptr;
 904
 905     // encrypt
 906     auto ret = encrypt(algo, plain);
 907
 908     assert_crypto_positive(apiDecrypt,
 909                            ret.params.get(),
 910                            ret.prvKey.c_str(),
 911                            nullptr,
 912                            *ret.encrypted.get(),
 913                            &decrypted);
 914     RawBufferPtr tmp = create_raw_buffer(decrypted);
 915
 916     assert_buffers_equal(*plain.get(), *decrypted);
 917 }
 918
 919 void testRsaDataTooLong(Algorithm type, size_t dataSize)
 920 {
 921     const AlgoBasePtr& algo = g_algorithms.at(type);
 922     // prepare buffers
 923     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(dataSize));
 924
 925     // encrypt
 926     EncryptionResult ret;
 927     ckmc_raw_buffer_s* encrypted = nullptr;
 928     KeyAliasPair aliases = algo->keyGen();
 929
 930     ret.params = createParamListPtr();
 931     assert_positive(ckmc_generate_params, algo->m_type, ret.params.get());
 932     assert_crypto_result(EncryptionError::SERVER_ERROR,
 933                          apiEncrypt,
 934                          ret.params.get(),
 935                          aliases.pub.c_str(),
 936                          nullptr,
 937                          *plain.get(),
 938                          &encrypted);
 939 }
 940
 941 } // namespace anonymous
 942
 943
 944 RUNNER_TEST_GROUP_INIT(CKM_ENCRYPTION_DECRYPTION);
 945
 946 /////////////////////////////////////////
 947 // Generic encryption decryption tests
 948 /////////////////////////////////////////
 949
 950 RUNNER_TEST_MULTIPLE(TED_0010_encrypt_invalid_param_list, SyncEnv, AsyncEnv)
 951 {
 952     testAllAlgorithms([](const AlgoBasePtr& algo){
 953         // prepare buffers
 954         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 955         ckmc_raw_buffer_s* encrypted = nullptr;
 956
 957         // add key
 958         KeyAliasPair aliases = algo->keyGen();
 959
 960         // null param list
 961         assert_crypto_invalid_param(apiEncrypt,
 962                                     nullptr,
 963                                     aliases.pub.c_str(),
 964                                     nullptr,
 965                                     *plain.get(),
 966                                     &encrypted);
 967
 968         // empty param list
 969         ParamListPtr params = createParamListPtr();
 970         assert_crypto_invalid_param(apiEncrypt,
 971                                     params.get(),
 972                                     aliases.pub.c_str(),
 973                                     nullptr,
 974                                     *plain.get(),
 975                                     &encrypted);
 976     });
 977 }
 978
 979 RUNNER_TEST_MULTIPLE(TED_0020_encrypt_missing_key, SyncEnv, AsyncEnv)
 980 {
 981     testAllAlgorithms([](const AlgoBasePtr& algo){
 982         // prepare buffers
 983         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 984         ckmc_raw_buffer_s* encrypted = nullptr;
 985
 986         // setup params
 987         ParamListPtr params = createParamListPtr();
 988         assert_positive(ckmc_generate_params, algo->m_type, params.get());
 989         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 990
 991         assert_crypto_result(EncryptionError::ALIAS_UNKNOWN,
 992                              apiEncrypt,
 993                              params.get(),
 994                              "non-existing-key-alias",
 995                              nullptr,
 996                              *plain.get(),
 997                              &encrypted);
 998     });
 999 }
1000
1001 RUNNER_TEST_MULTIPLE(TED_0030_encrypt_no_plain_text, SyncEnv, AsyncEnv)
1002 {
1003     testAllAlgorithms([](const AlgoBasePtr& algo){
1004         // prepare buffers
1005         ckmc_raw_buffer_s plain = { nullptr, 0 };
1006         ckmc_raw_buffer_s* encrypted = nullptr;
1007
1008         // add key
1009         KeyAliasPair aliases = algo->keyGen();
1010
1011         // setup params
1012         ParamListPtr params = createParamListPtr();
1013         assert_positive(ckmc_generate_params, algo->m_type, params.get());
1014         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1015
1016         assert_crypto_invalid_param(apiEncrypt,
1017                                     params.get(),
1018                                     aliases.pub.c_str(),
1019                                     nullptr,
1020                                     plain,
1021                                     &encrypted);
1022     });
1023 }
1024
1025 RUNNER_TEST_MULTIPLE(TED_0040_encrypt_no_output_buffer, SyncEnv, AsyncEnv)
1026 {
1027     testAllAlgorithms([](const AlgoBasePtr& algo){
1028         // prepare buffers
1029         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1030         ckmc_raw_buffer_s** encrypted = nullptr;
1031
1032         // add key
1033         KeyAliasPair aliases = algo->keyGen();
1034
1035         // setup params
1036         ParamListPtr params = createParamListPtr();
1037         assert_positive(ckmc_generate_params, algo->m_type, params.get());
1038         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1039
1040         assert_crypto_invalid_param(apiEncrypt,
1041                                     params.get(),
1042                                     aliases.pub.c_str(),
1043                                     nullptr,
1044                                     *plain.get(),
1045                                     encrypted);
1046     });
1047 }
1048
1049 RUNNER_TEST_MULTIPLE(TED_0110_decrypt_invalid_param_list, SyncEnv, AsyncEnv)
1050 {
1051     testAllAlgorithms([](const AlgoBasePtr& algo){
1052         // prepare buffers
1053         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1054         ckmc_raw_buffer_s* decrypted = nullptr;
1055
1056         // encrypt;
1057         auto ret = encrypt(algo, plain);
1058
1059         // null param list
1060         assert_crypto_invalid_param(apiDecrypt,
1061                                     nullptr,
1062                                     ret.prvKey.c_str(),
1063                                     nullptr,
1064                                     *ret.encrypted.get(),
1065                                     &decrypted);
1066
1067         // empty param list
1068         ParamListPtr params = createParamListPtr();
1069         assert_crypto_invalid_param(apiDecrypt,
1070                                     params.get(),
1071                                     ret.prvKey.c_str(),
1072                                     nullptr,
1073                                     *ret.encrypted.get(),
1074                                     &decrypted);
1075     });
1076 }
1077
1078 RUNNER_TEST_MULTIPLE(TED_0120_decrypt_missing_key, SyncEnv, AsyncEnv)
1079 {
1080     testAllAlgorithms([](const AlgoBasePtr& algo){
1081         // prepare buffers
1082         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1083         ckmc_raw_buffer_s* decrypted = nullptr;
1084
1085         // encrypt
1086         auto ret = encrypt(algo, plain);
1087
1088         // remove key
1089         assert_positive(ckmc_remove_alias, ret.prvKey.c_str());
1090
1091         // try to decrypt
1092         assert_crypto_result(EncryptionError::ALIAS_UNKNOWN,
1093                              apiDecrypt,
1094                              ret.params.get(),
1095                              ret.prvKey.c_str(),
1096                              nullptr,
1097                              *ret.encrypted.get(),
1098                              &decrypted);
1099     });
1100 }
1101
1102 RUNNER_TEST_MULTIPLE(TED_0130_decrypt_no_encrypted_text, SyncEnv, AsyncEnv)
1103 {
1104     testAllAlgorithms([](const AlgoBasePtr& algo){
1105         // prepare buffers
1106         ckmc_raw_buffer_s encrypted = { nullptr, 0 };
1107         ckmc_raw_buffer_s* decrypted = nullptr;
1108
1109         // add key
1110         KeyAliasPair aliases = algo->keyGen();
1111
1112         // setup params
1113         ParamListPtr params = createParamListPtr();
1114         assert_positive(ckmc_generate_params, algo->m_type, params.get());
1115         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1116
1117         assert_crypto_invalid_param(apiDecrypt,
1118                                     params.get(),
1119                                     aliases.prv.c_str(),
1120                                     nullptr,
1121                                     encrypted,
1122                                     &decrypted);
1123     });
1124 }
1125
1126 RUNNER_TEST_MULTIPLE(TED_0140_decrypt_no_output_buffer, SyncEnv, AsyncEnv)
1127 {
1128     testAllAlgorithms([](const AlgoBasePtr& algo){
1129         // prepare buffers
1130         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1131         ckmc_raw_buffer_s** decrypted = nullptr;
1132
1133         // encrypt
1134         auto ret = encrypt(algo, plain);
1135
1136         assert_crypto_invalid_param(apiDecrypt,
1137                                     ret.params.get(),
1138                                     ret.prvKey.c_str(),
1139                                     nullptr,
1140                                     *ret.encrypted.get(),
1141                                     decrypted);
1142     });
1143 }
1144
1145 RUNNER_TEST_MULTIPLE(TED_0200_encrypt_decrypt_different_keys, SyncEnv, AsyncEnv)
1146 {
1147     testEncryptDecryptDifferentKeys(AES_CBC_128, false);
1148     testEncryptDecryptDifferentKeys(AES_CBC_192, false);
1149     testEncryptDecryptDifferentKeys(AES_CBC_256, false);
1150     testEncryptDecryptDifferentKeys(AES_GCM_128, false);
1151     testEncryptDecryptDifferentKeys(AES_GCM_192, false);
1152     testEncryptDecryptDifferentKeys(AES_GCM_256, false);
1153     testEncryptDecryptDifferentKeys(AES_CTR_128, true);
1154     testEncryptDecryptDifferentKeys(AES_CTR_192, true);
1155     testEncryptDecryptDifferentKeys(AES_CTR_256, true);
1156     testEncryptDecryptDifferentKeys(AES_CFB_128, true);
1157     testEncryptDecryptDifferentKeys(AES_CFB_192, true);
1158     testEncryptDecryptDifferentKeys(AES_CFB_256, true);
1159     testEncryptDecryptDifferentKeys(RSA_OAEP_1024, false);
1160     testEncryptDecryptDifferentKeys(RSA_OAEP_2048, false);
1161     testEncryptDecryptDifferentKeys(RSA_OAEP_4096, false);
1162 }
1163
1164 RUNNER_TEST_MULTIPLE(TED_0210_encrypt_decrypt_different_params, SyncEnv, AsyncEnv)
1165 {
1166     testAllAlgorithms([](const AlgoBasePtr& algo){
1167         // prepare buffers
1168         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1169         ckmc_raw_buffer_s* decrypted = nullptr;
1170
1171         // encrypt
1172         auto ret = encrypt(algo, plain);
1173
1174         // setup different params
1175         ParamListPtr params = createParamListPtr();
1176         assert_positive(ckmc_generate_params, CKMC_ALGO_RSA_GEN, params.get());
1177         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1178
1179         assert_crypto_invalid_param(apiDecrypt,
1180                                     params.get(),
1181                                     ret.prvKey.c_str(),
1182                                     nullptr,
1183                                     *ret.encrypted.get(),
1184                                     &decrypted);
1185     });
1186 }
1187
1188 RUNNER_TEST_MULTIPLE(TED_0300_encrypt_decrypt, SyncEnv, AsyncEnv)
1189 {
1190     testAllAlgorithms([](const AlgoBasePtr& algo){
1191         // prepare buffers
1192         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1193         ckmc_raw_buffer_s* decrypted = nullptr;
1194
1195         // encrypt
1196         auto ret = encrypt(algo, plain);
1197
1198         assert_crypto_positive(apiDecrypt,
1199                                ret.params.get(),
1200                                ret.prvKey.c_str(),
1201                                nullptr,
1202                                *ret.encrypted.get(),
1203                                &decrypted);
1204         RawBufferPtr tmp = create_raw_buffer(decrypted);
1205
1206         assert_buffers_equal(*plain.get(), *decrypted);
1207     });
1208 }
1209
1210 RUNNER_TEST_MULTIPLE(TED_0310_encrypt_decrypt_password, SyncEnv, AsyncEnv)
1211 {
1212     testAllAlgorithms([](const AlgoBasePtr& algo){
1213         // prepare buffers
1214         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1215         ckmc_raw_buffer_s* decrypted = nullptr;
1216
1217         // encrypt
1218         auto ret = encrypt(algo, plain, PASSWORD);
1219
1220         // wrong password
1221         assert_crypto_result(EncryptionError::AUTH_FAILED,
1222                              apiDecrypt,
1223                              ret.params.get(),
1224                              ret.prvKey.c_str(),
1225                              "wrong-password",
1226                              *ret.encrypted.get(),
1227                              &decrypted);
1228
1229         // correct password
1230         assert_crypto_positive(apiDecrypt,
1231                                ret.params.get(),
1232                                ret.prvKey.c_str(),
1233                                PASSWORD,
1234                                *ret.encrypted.get(),
1235                                &decrypted);
1236         RawBufferPtr tmp = create_raw_buffer(decrypted); // guarantees deletion
1237
1238         assert_buffers_equal(*plain.get(), *decrypted);
1239     });
1240 }
1241
1242 // long test split into smaller ones
1243 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_128, SyncEnv, AsyncEnv)
1244 {
1245     testEncryptDecryptBigData(AES_CBC_128);
1246 }
1247
1248 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_192, SyncEnv, AsyncEnv)
1249 {
1250     testEncryptDecryptBigData(AES_CBC_192);
1251 }
1252
1253 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_256, SyncEnv, AsyncEnv)
1254 {
1255     testEncryptDecryptBigData(AES_CBC_256);
1256 }
1257
1258 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_128, SyncEnv, AsyncEnv)
1259 {
1260     testEncryptDecryptBigData(AES_GCM_128);
1261 }
1262
1263 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_192, SyncEnv, AsyncEnv)
1264 {
1265     testEncryptDecryptBigData(AES_GCM_192);
1266 }
1267
1268 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_256, SyncEnv, AsyncEnv)
1269 {
1270     testEncryptDecryptBigData(AES_GCM_256);
1271 }
1272
1273 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_128, SyncEnv, AsyncEnv)
1274 {
1275     testEncryptDecryptBigData(AES_CTR_128);
1276 }
1277
1278 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_192, SyncEnv, AsyncEnv)
1279 {
1280     testEncryptDecryptBigData(AES_CTR_192);
1281 }
1282
1283 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_256, SyncEnv, AsyncEnv)
1284 {
1285     testEncryptDecryptBigData(AES_CTR_256);
1286 }
1287
1288 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_128, SyncEnv, AsyncEnv)
1289 {
1290     testEncryptDecryptBigData(AES_CFB_128);
1291 }
1292
1293 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_192, SyncEnv, AsyncEnv)
1294 {
1295     testEncryptDecryptBigData(AES_CFB_192);
1296 }
1297
1298 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_256, SyncEnv, AsyncEnv)
1299 {
1300     testEncryptDecryptBigData(AES_CFB_256);
1301 }
1302
1303 /////////////////////////////////////////
1304 // Algorithm specific tests
1305 /////////////////////////////////////////
1306
1307 RUNNER_TEST_MULTIPLE(TED_1005_no_iv_enc, SyncEnv, AsyncEnv)
1308 {
1309     testNoIvEnc(AES_CTR_128);
1310     testNoIvEnc(AES_CTR_192);
1311     testNoIvEnc(AES_CTR_256);
1312     testNoIvEnc(AES_CBC_128);
1313     testNoIvEnc(AES_CBC_192);
1314     testNoIvEnc(AES_CBC_256);
1315     testNoIvEnc(AES_CFB_128);
1316     testNoIvEnc(AES_CFB_192);
1317     testNoIvEnc(AES_CFB_256);
1318     testNoIvEnc(AES_GCM_128);
1319     testNoIvEnc(AES_GCM_192);
1320     testNoIvEnc(AES_GCM_256);
1321 }
1322
1323 RUNNER_TEST_MULTIPLE(TED_1010_invalid_iv_enc, SyncEnv, AsyncEnv)
1324 {
1325     testInvalidIvEnc(AES_CTR_128);
1326     testInvalidIvEnc(AES_CTR_192);
1327     testInvalidIvEnc(AES_CTR_256);
1328     testInvalidIvEnc(AES_CBC_128);
1329     testInvalidIvEnc(AES_CBC_192);
1330     testInvalidIvEnc(AES_CBC_256);
1331     testInvalidIvEnc(AES_CFB_128);
1332     testInvalidIvEnc(AES_CFB_192);
1333     testInvalidIvEnc(AES_CFB_256);
1334 }
1335
1336 RUNNER_TEST_MULTIPLE(TED_1015_no_iv_dec, SyncEnv, AsyncEnv)
1337 {
1338     testNoIvDec(AES_CTR_128);
1339     testNoIvDec(AES_CTR_192);
1340     testNoIvDec(AES_CTR_256);
1341     testNoIvDec(AES_CBC_128);
1342     testNoIvDec(AES_CBC_192);
1343     testNoIvDec(AES_CBC_256);
1344     testNoIvDec(AES_CFB_128);
1345     testNoIvDec(AES_CFB_192);
1346     testNoIvDec(AES_CFB_256);
1347     testNoIvDec(AES_GCM_128);
1348     testNoIvDec(AES_GCM_192);
1349     testNoIvDec(AES_GCM_256);
1350 }
1351
1352 RUNNER_TEST_MULTIPLE(TED_1020_invalid_iv_dec, SyncEnv, AsyncEnv)
1353 {
1354     testInvalidIvDec(AES_CTR_128);
1355     testInvalidIvDec(AES_CTR_192);
1356     testInvalidIvDec(AES_CTR_256);
1357     testInvalidIvDec(AES_CBC_128);
1358     testInvalidIvDec(AES_CBC_192);
1359     testInvalidIvDec(AES_CBC_256);
1360     testInvalidIvDec(AES_CFB_128);
1361     testInvalidIvDec(AES_CFB_192);
1362     testInvalidIvDec(AES_CFB_256);
1363 }
1364
1365 RUNNER_TEST_MULTIPLE(TED_1050_data_integrity, SyncEnv, AsyncEnv)
1366 {
1367     testIntegrity(AES_CTR_128);
1368     testIntegrity(AES_CTR_192);
1369     testIntegrity(AES_CTR_256);
1370     testIntegrity(AES_CBC_128);
1371     testIntegrity(AES_CBC_192);
1372     testIntegrity(AES_CBC_256);
1373     testIntegrity(AES_CFB_128);
1374     testIntegrity(AES_CFB_192);
1375     testIntegrity(AES_CFB_256);
1376 }
1377
1378 RUNNER_TEST_MULTIPLE(TED_1100_ctr_encryption_invalid_length, SyncEnv, AsyncEnv)
1379 {
1380     testCtrEncryptionInvalidLength(AES_CTR_128);
1381     testCtrEncryptionInvalidLength(AES_CTR_192);
1382     testCtrEncryptionInvalidLength(AES_CTR_256);
1383 }
1384
1385 RUNNER_TEST_MULTIPLE(TED_1105_ctr_encryption_valid_length, SyncEnv, AsyncEnv)
1386 {
1387     RUNNER_IGNORED_MSG("Openssl supports only 128-bit AES CTR length");
1388     testCtrEncryptionValidLength(AES_CTR_128);
1389     testCtrEncryptionValidLength(AES_CTR_192);
1390     testCtrEncryptionValidLength(AES_CTR_256);
1391 }
1392
1393 RUNNER_TEST_MULTIPLE(TED_1110_ctr_decryption_invalid_length, SyncEnv, AsyncEnv)
1394 {
1395     testCtrDecryptionInvalidLength(AES_CTR_128);
1396     testCtrDecryptionInvalidLength(AES_CTR_192);
1397     testCtrDecryptionInvalidLength(AES_CTR_256);
1398 }
1399
1400 RUNNER_TEST_MULTIPLE(TED_1115_ctr_decryption_valid_length, SyncEnv, AsyncEnv)
1401 {
1402     RUNNER_IGNORED_MSG("Openssl supports only 128-bit AES CTR length");
1403     testCtrDecryptionValidLength(AES_CTR_128);
1404     testCtrDecryptionValidLength(AES_CTR_192);
1405     testCtrDecryptionValidLength(AES_CTR_256);
1406 }
1407
1408 RUNNER_TEST_MULTIPLE(TED_1200_gcm_encryption_tag_len, SyncEnv, AsyncEnv)
1409 {
1410     testGcmEncryptionTagLen(AES_GCM_128);
1411     testGcmEncryptionTagLen(AES_GCM_192);
1412     testGcmEncryptionTagLen(AES_GCM_256);
1413 }
1414
1415 RUNNER_TEST_MULTIPLE(TED_1210_gcm_decryption_tag_len, SyncEnv, AsyncEnv)
1416 {
1417     testGcmDecryptionTagLen(AES_GCM_128);
1418     testGcmDecryptionTagLen(AES_GCM_192);
1419     testGcmDecryptionTagLen(AES_GCM_256);
1420 }
1421
1422 RUNNER_TEST_MULTIPLE(TED_1230_gcm_wrong_tag, SyncEnv, AsyncEnv)
1423 {
1424     testGcmWrongTag(AES_GCM_128);
1425     testGcmWrongTag(AES_GCM_192);
1426     testGcmWrongTag(AES_GCM_256);
1427 }
1428
1429 RUNNER_TEST_MULTIPLE(TED_1240_gcm_different_iv_sizes, SyncEnv, AsyncEnv)
1430 {
1431     testGcmDifferentIvSizes(AES_GCM_128);
1432     testGcmDifferentIvSizes(AES_GCM_192);
1433     testGcmDifferentIvSizes(AES_GCM_256);
1434 }
1435
1436 RUNNER_TEST_MULTIPLE(TED_1250_gcm_aad, SyncEnv, AsyncEnv)
1437 {
1438     encryptionWithCustomData(AES_GCM_128, CKMC_PARAM_ED_AAD);
1439     encryptionWithCustomData(AES_GCM_192, CKMC_PARAM_ED_AAD);
1440     encryptionWithCustomData(AES_GCM_256, CKMC_PARAM_ED_AAD);
1441 }
1442
1443 RUNNER_TEST_MULTIPLE(TED_1300_rsa_label, SyncEnv, AsyncEnv)
1444 {
1445     RUNNER_IGNORED_MSG("RSA-OAEP labels are not supported in openssl");
1446     encryptionWithCustomData(RSA_OAEP_1024, CKMC_PARAM_ED_LABEL);
1447     encryptionWithCustomData(RSA_OAEP_2048, CKMC_PARAM_ED_LABEL);
1448     encryptionWithCustomData(RSA_OAEP_4096, CKMC_PARAM_ED_LABEL);
1449 }
1450
1451 RUNNER_TEST_MULTIPLE(TED_1330_rsa_longest_data, SyncEnv, AsyncEnv)
1452 {
1453     testRsaLongestData(RSA_OAEP_1024, 86);
1454     testRsaLongestData(RSA_OAEP_2048, 214);
1455     testRsaLongestData(RSA_OAEP_4096, 470);
1456 }
1457
1458 RUNNER_TEST_MULTIPLE(TED_1350_rsa_data_too_long, SyncEnv, AsyncEnv)
1459 {
1460     testRsaDataTooLong(RSA_OAEP_1024, 87);
1461     testRsaDataTooLong(RSA_OAEP_2048, 215);
1462     testRsaDataTooLong(RSA_OAEP_4096, 471);
1463 }
1464
1465 /////////////////////////////////////////
1466 // Asynchronous only tests
1467 /////////////////////////////////////////
1468 RUNNER_TEST(TED_2000_enc_no_observer_async, EncEnv)
1469 {
1470     testAllAlgorithms([](const AlgoBasePtr& algo){
1471         // prepare buffers
1472         RawBuffer plain = createRandomBuffer(BUF_LEN);
1473
1474         // keys
1475         KeyAliasPair aliases = algo->keyGen(nullptr);
1476
1477         // params
1478         ParamListPtr params = createParamListPtr();
1479         assert_positive(ckmc_generate_params, algo->m_type, params.get());
1480         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1481
1482         // encrypt
1483         test_no_observer(&ManagerAsync::encrypt,
1484                          *reinterpret_cast<CryptoAlgorithm*>(params.get()),
1485                          aliases.pub,
1486                          Password(),
1487                          plain);
1488     });
1489 }
1490
1491 RUNNER_TEST(TED_2010_dec_no_observer_async, AsyncEnv)
1492 {
1493     testAllAlgorithms([](const AlgoBasePtr& algo){
1494         // prepare buffers
1495         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1496
1497         // encrypt
1498         auto ret = encrypt(algo, plain);
1499         RawBuffer encrypted(ret.encrypted->data, ret.encrypted->data + ret.encrypted->size);
1500
1501         // decrypt
1502         test_no_observer(&ManagerAsync::decrypt,
1503                          *reinterpret_cast<CryptoAlgorithm*>(ret.params.get()),
1504                          ret.prvKey,
1505                          Password(),
1506                          encrypted);
1507     });
1508 }