src/ckm/unprivileged/encryption-decryption.cpp

   1 /*
   2  *  Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *  Licensed under the Apache License, Version 2.0 (the "License");
   5  *  you may not use this file except in compliance with the License.
   6  *  You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *  Unless required by applicable law or agreed to in writing, software
  11  *  distributed under the License is distributed on an "AS IS" BASIS,
  12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *  See the License for the specific language governing permissions and
  14  *  limitations under the License
  15  */
  16 /*
  17  * @file       encryption-decryption.cpp
  18  * @author     Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
  19  * @version    1.0
  20  */
  21
  22
  23 #include <string>
  24 #include <vector>
  25 #include <map>
  26 #include <sstream>
  27
  28 #include <dpl/test/test_runner.h>
  29 #include <ckm-common.h>
  30 #include <ckmc/ckmc-manager.h>
  31 #include <ckm/ckm-type.h>
  32 #include <encryption-decryption-env.h>
  33
  34 using namespace CKM;
  35
  36 namespace {
  37
  38 const char* PASSWORD = "test-password";
  39 const uid_t UID = 5001;
  40 const size_t CTR_DEFAULT_LEN = 16*8;
  41 const size_t DEFAULT_IV_LEN = 16;
  42 const size_t BUF_LEN = 86; // must be less than 1024/8-41 to support RSA OAEP 1024
  43
  44 // Environment
  45 SyncApi g_syncApi;
  46 AsyncApi g_asyncApi;
  47
  48 EncryptionApi* g_api = &g_syncApi;
  49
  50 EncryptionError apiEncrypt(ckmc_param_list_h params,
  51                         const char *key_alias,
  52                         const char *password,
  53                         const ckmc_raw_buffer_s decrypted,
  54                         ckmc_raw_buffer_s **ppencrypted) {
  55     RUNNER_ASSERT_MSG(g_api, "No encryption API is connected");
  56     return g_api->encrypt(params, key_alias, password, decrypted, ppencrypted);
  57 }
  58
  59 EncryptionError apiDecrypt(ckmc_param_list_h params,
  60                         const char *key_alias,
  61                         const char *password,
  62                         const ckmc_raw_buffer_s encrypted,
  63                         ckmc_raw_buffer_s **ppdecrypted) {
  64     RUNNER_ASSERT_MSG(g_api, "No encryption API is connected");
  65     return g_api->decrypt(params, key_alias, password, encrypted, ppdecrypted);
  66 }
  67
  68 template <typename F, typename... Args>
  69 void assert_crypto_result(EncryptionError expected, F&& func, Args... args)
  70 {
  71     EncryptionError ret = func(args...);
  72     RUNNER_ASSERT_MSG(ret == expected,
  73                       "Expected: " << static_cast<int>(expected) <<
  74                       " got: " << static_cast<int>(ret));
  75 }
  76
  77 template <typename F, typename... Args>
  78 void assert_crypto_positive(F&& func, Args... args)
  79 {
  80     assert_crypto_result(EncryptionError::SUCCESS, std::move(func), args...);
  81 }
  82
  83 template <typename F, typename... Args>
  84 void assert_crypto_invalid_param(F&& func, Args... args)
  85 {
  86     assert_crypto_result(EncryptionError::INVALID_PARAM, std::move(func), args...);
  87 }
  88
  89 struct TagTest {
  90     int tagLen;
  91     EncryptionError expected;
  92 };
  93
  94 struct KeyAliasPair
  95 {
  96     Alias prv;
  97     Alias pub;
  98 };
  99
 100 class EncEnv : public RemoveDataEnv<UID> {
 101 public:
 102     EncEnv() : m_dbu(NULL) {}
 103     ~EncEnv() { delete m_dbu; }
 104
 105     void init(const std::string& str) {
 106         RemoveDataEnv<UID>::init(str);
 107         m_dbu = new ScopedDBUnlock(UID, "db-pass"); // unlock user's database
 108     }
 109
 110     void finish() {
 111         delete m_dbu;
 112         m_dbu = NULL;
 113         RemoveDataEnv<UID>::finish();
 114         g_api = NULL;
 115     }
 116
 117     ScopedDBUnlock* m_dbu;
 118 };
 119
 120 struct SyncEnv : public EncEnv {
 121     void init(const std::string& str) {
 122         EncEnv::init(str);
 123         g_api = &g_syncApi;
 124     }
 125
 126     static std::string suffix() { return "_sync"; }
 127 };
 128
 129 struct AsyncEnv : public EncEnv {
 130     void init(const std::string& str) {
 131         EncEnv::init(str);
 132         g_api = &g_asyncApi;
 133     }
 134
 135     static std::string suffix() { return "_async"; }
 136 };
 137
 138 struct AlgoBase {
 139     ckmc_algo_type_e m_type;
 140     size_t m_keyLen;
 141
 142     AlgoBase(ckmc_algo_type_e type, size_t keyLen) : m_type(type), m_keyLen(keyLen) {}
 143
 144     virtual KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr) = 0;
 145 };
 146
 147 typedef std::shared_ptr<AlgoBase> AlgoBasePtr;
 148
 149 template <typename T>
 150 AlgoBasePtr createAlgo(ckmc_algo_type_e type, size_t keyLen) {
 151     return AlgoBasePtr(new T(type, keyLen));
 152 }
 153
 154 struct AlgoAes : public AlgoBase {
 155     AlgoAes(ckmc_algo_type_e type, size_t keyLen) : AlgoBase(type, keyLen) {}
 156     KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr);
 157 };
 158
 159 KeyAliasPair AlgoAes::keyGen(const char* pass, const char* suffix)
 160 {
 161     KeyAliasPair aliases;
 162     std::ostringstream oss;
 163     std::string ownerId = getOwnerIdFromSelf();
 164     CharPtr passPtr(nullptr, free);
 165     if (pass)
 166         passPtr.reset(strdup(pass));
 167
 168     oss << "aes_" << static_cast<int>(m_type) << "_" << m_keyLen << "_key_alias";
 169     if (suffix)
 170         oss << suffix;
 171     aliases.prv = aliasWithLabel(ownerId.c_str(),oss.str().c_str());
 172     aliases.pub = aliasWithLabel(ownerId.c_str(), oss.str().c_str());
 173
 174     ckmc_policy_s policy;
 175     policy.extractable = false;
 176     policy.password = passPtr.get();
 177
 178     assert_positive(ckmc_create_key_aes, m_keyLen, aliases.prv.c_str(), policy);
 179     return aliases;
 180 }
 181
 182 struct AlgoRsa : public AlgoBase {
 183     AlgoRsa(ckmc_algo_type_e type, size_t keyLen) : AlgoBase(type, keyLen) {}
 184     KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr);
 185 };
 186
 187 KeyAliasPair AlgoRsa::keyGen(const char* pass, const char* suffix)
 188 {
 189     std::ostringstream oss_prv, oss_pub;
 190     oss_prv << "rsa_oaep_prv_alias_" << m_keyLen;
 191     oss_pub << "rsa_oaep_pub_alias_" << m_keyLen;
 192     if (suffix) {
 193         oss_prv << suffix;
 194         oss_pub << suffix;
 195     }
 196     KeyAliasPair aliases = {
 197             aliasWithLabel(getOwnerIdFromSelf().c_str(), oss_prv.str().c_str()),
 198             aliasWithLabel(getOwnerIdFromSelf().c_str(), oss_pub.str().c_str())
 199     };
 200     CharPtr passPtr(nullptr, free);
 201     if (pass)
 202         passPtr.reset(strdup(pass));
 203
 204     ckmc_policy_s policyPrv;
 205     policyPrv.password = passPtr.get();
 206     policyPrv.extractable = 0;
 207
 208     ckmc_policy_s policyPub;
 209     policyPub.password = passPtr.get();
 210     policyPub.extractable = 0;
 211
 212     assert_positive(ckmc_create_key_pair_rsa,
 213                     m_keyLen,
 214                     aliases.prv.c_str(),
 215                     aliases.pub.c_str(),
 216                     policyPrv,
 217                     policyPub);
 218     return aliases;
 219 }
 220
 221 enum Algorithm {
 222     AES_CBC_128,
 223     AES_CBC_192,
 224     AES_CBC_256,
 225     AES_GCM_128,
 226     AES_GCM_192,
 227     AES_GCM_256,
 228     AES_CTR_128,
 229     AES_CTR_192,
 230     AES_CTR_256,
 231     AES_CFB_128,
 232     AES_CFB_192,
 233     AES_CFB_256,
 234     RSA_OAEP_1024,
 235     RSA_OAEP_2048,
 236     RSA_OAEP_4096,
 237 };
 238
 239 std::map<Algorithm, AlgoBasePtr> g_algorithms = {
 240         { AES_CBC_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 128) },
 241         { AES_CBC_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 192) },
 242         { AES_CBC_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 256) },
 243         { AES_GCM_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 128) },
 244         { AES_GCM_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 192) },
 245         { AES_GCM_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 256) },
 246         { AES_CTR_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 128) },
 247         { AES_CTR_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 192) },
 248         { AES_CTR_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 256) },
 249         { AES_CFB_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 128) },
 250         { AES_CFB_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 192) },
 251         { AES_CFB_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 256) },
 252         { RSA_OAEP_1024, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 1024) },
 253         { RSA_OAEP_2048, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 2048) },
 254         { RSA_OAEP_4096, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 4096) },
 255 };
 256
 257 void setParam(ParamListPtr& params, ckmc_param_name_e name, ckmc_raw_buffer_s* buffer)
 258 {
 259     int ret = ckmc_param_list_set_buffer(params.get(), name, buffer);
 260     RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE,
 261                       "Failed to set param " << name << " error: " << CKMCErrorToString(ret));
 262 }
 263
 264 void setParam(ParamListPtr& params, ckmc_param_name_e name, int integer)
 265 {
 266     int ret = ckmc_param_list_set_integer(params.get(), name, integer);
 267     RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE,
 268                       "Failed to set param " << name << " error: " << CKMCErrorToString(ret));
 269 }
 270
 271 struct EncryptionResult
 272 {
 273     RawBufferPtr encrypted;
 274     ParamListPtr params;
 275     Alias prvKey;
 276     Alias pubKey;
 277 };
 278
 279 EncryptionResult encrypt(const AlgoBasePtr& algo,
 280                          const RawBufferPtr& plain,
 281                          const char* pass = nullptr)
 282 {
 283     EncryptionResult ret;
 284     ckmc_raw_buffer_s* encrypted = nullptr;
 285     KeyAliasPair aliases = algo->keyGen(pass);
 286
 287     ckmc_param_list_h handle = NULL;
 288     assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
 289     ret.params = ParamListPtr(handle, ckmc_param_list_free);
 290     setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 291
 292     assert_crypto_positive(apiEncrypt,
 293                            ret.params.get(),
 294                            aliases.pub.c_str(),
 295                            pass,
 296                            *plain.get(),
 297                            &encrypted);
 298
 299     ret.encrypted = create_raw_buffer(encrypted);
 300     ret.prvKey = aliases.prv;
 301     ret.pubKey = aliases.pub;
 302     return ret;
 303 }
 304
 305 void testAllAlgorithms(
 306         const std::function<void(const AlgoBasePtr& algo)>& test)
 307 {
 308     for(const auto& it : g_algorithms)
 309         test(it.second);
 310 }
 311
 312 void testNoIvEnc(Algorithm type)
 313 {
 314     const AlgoBasePtr& algo = g_algorithms.at(type);
 315
 316     // prepare buffers
 317     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 318     ckmc_raw_buffer_s* encrypted = nullptr;
 319
 320     // add key
 321     KeyAliasPair aliases = algo->keyGen();
 322
 323     // param list with algo type only
 324     ParamListPtr params = createParamListPtr();
 325     setParam(params, CKMC_PARAM_ALGO_TYPE, algo->m_type);
 326     assert_crypto_invalid_param(apiEncrypt,
 327                                 params.get(),
 328                                 aliases.pub.c_str(),
 329                                 nullptr,
 330                                 *plain.get(),
 331                                 &encrypted);
 332 }
 333
 334 void testNoIvDec(Algorithm type)
 335 {
 336     const AlgoBasePtr& algo = g_algorithms.at(type);
 337
 338     // prepare buffers
 339     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 340     ckmc_raw_buffer_s* decrypted = nullptr;
 341
 342     // encrypt;
 343     auto ret = encrypt(algo, plain);
 344
 345     // param list with algo type only
 346     ParamListPtr params = createParamListPtr();
 347     setParam(params, CKMC_PARAM_ALGO_TYPE, algo->m_type);
 348     assert_crypto_invalid_param(apiDecrypt,
 349                                 params.get(),
 350                                 ret.prvKey.c_str(),
 351                                 nullptr,
 352                                 *ret.encrypted.get(),
 353                                 &decrypted);
 354 }
 355
 356 void testInvalidIvEnc(Algorithm type)
 357 {
 358     const AlgoBasePtr& algo = g_algorithms.at(type);
 359
 360     // prepare buffers
 361     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 362     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 363
 364     // add key
 365     KeyAliasPair aliases = algo->keyGen();
 366
 367     // setup params
 368     ckmc_param_list_h handle = NULL;
 369     assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
 370     ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
 371
 372     // invalid encryption
 373     auto test = [&](){
 374         assert_crypto_invalid_param(apiEncrypt,
 375                                     params.get(),
 376                                     aliases.pub.c_str(),
 377                                     nullptr,
 378                                     *plain.get(),
 379                                     &encryptedTmp);
 380         ckmc_buffer_free(encryptedTmp);
 381         encryptedTmp = nullptr;
 382     };
 383     // invalid iv size
 384     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN-1));
 385     test();
 386     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN+1));
 387     test();
 388 };
 389
 390 void testInvalidIvDec(Algorithm type)
 391 {
 392     const AlgoBasePtr& algo = g_algorithms.at(type);
 393
 394     // prepare buffers
 395     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 396     ckmc_raw_buffer_s* decrypted = nullptr;
 397
 398     // valid encryption
 399     auto ret = encrypt(algo, plain);
 400
 401     // decryption
 402     auto test2 = [&](){
 403         assert_crypto_invalid_param(apiDecrypt,
 404                                     ret.params.get(),
 405                                     ret.prvKey.c_str(),
 406                                     nullptr,
 407                                     *ret.encrypted.get(),
 408                                     &decrypted);
 409         ckmc_buffer_free(decrypted);
 410         decrypted = nullptr;
 411     };
 412
 413     // invalid iv size
 414     setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN-1));
 415     test2();
 416     setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN+1));
 417     test2();
 418 };
 419
 420 void encryptionWithCustomData(Algorithm type, ckmc_param_name_e name)
 421 {
 422     const AlgoBasePtr& algo = g_algorithms.at(type);
 423
 424     // prepare buffers
 425     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 426     ckmc_raw_buffer_s* encrypted = nullptr;
 427     ckmc_raw_buffer_s* decrypted = nullptr;
 428
 429     // add key
 430     KeyAliasPair aliases = algo->keyGen();
 431
 432     // setup params
 433     ckmc_param_list_h handle = NULL;
 434     assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
 435     ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
 436
 437     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 438
 439     // set AAD
 440     setParam(params, name, createRandomBufferCAPI(64));
 441
 442     // encrypt
 443     assert_crypto_positive(apiEncrypt,
 444                            params.get(),
 445                            aliases.pub.c_str(),
 446                            nullptr,
 447                            *plain.get(),
 448                            &encrypted);
 449     RawBufferPtr tmpEnc = create_raw_buffer(encrypted);
 450
 451     // decrypt
 452     assert_crypto_positive(apiDecrypt,
 453                            params.get(),
 454                            aliases.prv.c_str(),
 455                            nullptr,
 456                            *tmpEnc.get(),
 457                            &decrypted);
 458     RawBufferPtr tmpDec = create_raw_buffer(decrypted);
 459
 460     // check
 461     assert_buffers_equal(*plain.get(), *tmpDec.get());
 462     tmpDec.reset();
 463     decrypted = nullptr;
 464
 465     // set wrong AAD
 466     setParam(params, name, createRandomBufferCAPI(32));
 467
 468     // decrypt
 469     assert_crypto_result(EncryptionError::SERVER_ERROR,
 470                          apiDecrypt,
 471                          params.get(),
 472                          aliases.prv.c_str(),
 473                          nullptr,
 474                          *tmpEnc.get(),
 475                          &decrypted);
 476 }
 477
 478 void testGcmIvSize(size_t size,
 479                    const KeyAliasPair& aliases,
 480                    EncryptionError error = EncryptionError::SUCCESS)
 481 {
 482     // prepare buffers
 483     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 484     RawBufferPtr encrypted;
 485     RawBufferPtr decrypted;
 486     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 487     ckmc_raw_buffer_s* decryptedTmp = nullptr;
 488
 489     // setup params
 490     ckmc_param_list_h handle = NULL;
 491     assert_positive(ckmc_generate_new_params, CKMC_ALGO_AES_GCM, &handle);
 492     ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
 493     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 494     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(size));
 495
 496     // encryption
 497     assert_crypto_result(error,
 498                          apiEncrypt,
 499                          params.get(),
 500                          aliases.pub.c_str(),
 501                          nullptr,
 502                          *plain.get(),
 503                          &encryptedTmp);
 504
 505     if(error != EncryptionError::SUCCESS)
 506         return;
 507     encrypted = create_raw_buffer(encryptedTmp);
 508
 509     // decryption
 510     assert_crypto_positive(apiDecrypt,
 511                            params.get(),
 512                            aliases.prv.c_str(),
 513                            nullptr,
 514                            *encrypted.get(),
 515                            &decryptedTmp);
 516     decrypted = create_raw_buffer(decryptedTmp);
 517
 518     assert_buffers_equal(*plain.get(), *decrypted.get());
 519 }
 520
 521 void testIntegrity(Algorithm type)
 522 {
 523     const AlgoBasePtr& algo = g_algorithms.at(type);
 524
 525     // prepare buffers
 526     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 527     ckmc_raw_buffer_s* decrypted = nullptr;
 528
 529     // encrypt
 530     auto ret = encrypt(algo, plain);
 531
 532     // break the encrypted data
 533     ret.encrypted->data[BUF_LEN/2]++;
 534
 535     // no data integrity check
 536     assert_crypto_positive(apiDecrypt,
 537                            ret.params.get(),
 538                            ret.prvKey.c_str(),
 539                            nullptr,
 540                            *ret.encrypted.get(),
 541                            &decrypted);
 542
 543     RawBufferPtr tmp = create_raw_buffer(decrypted);
 544     assert_buffers_equal(*plain.get(), *decrypted, false);
 545 }
 546
 547 void testCtrEncryptionInvalidLength(Algorithm type)
 548 {
 549     const AlgoBasePtr& algo = g_algorithms.at(type);
 550
 551     // prepare buffers
 552     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 553     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 554
 555     // add AES CTR key
 556     KeyAliasPair aliases = algo->keyGen();
 557
 558     // setup params
 559     ckmc_param_list_h handle = NULL;
 560     assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
 561     ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
 562     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 563
 564     // encryption
 565     auto test = [&](){
 566         assert_crypto_invalid_param(apiEncrypt,
 567                                     params.get(),
 568                                     aliases.pub.c_str(),
 569                                     nullptr,
 570                                     *plain.get(),
 571                                     &encryptedTmp);
 572         ckmc_buffer_free(encryptedTmp);
 573         encryptedTmp = nullptr;
 574     };
 575     // invalid counter size
 576     setParam(params, CKMC_PARAM_ED_CTR_LEN, -1);
 577     test();
 578     setParam(params, CKMC_PARAM_ED_CTR_LEN, 0);
 579     test();
 580     setParam(params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN+1);
 581     test();
 582 }
 583
 584 void testCtrEncryptionValidLength(Algorithm type)
 585 {
 586     const AlgoBasePtr& algo = g_algorithms.at(type);
 587
 588     // prepare buffers
 589     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 590     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 591
 592     // add AES CTR key
 593     KeyAliasPair aliases = algo->keyGen();
 594
 595     // setup params
 596     ckmc_param_list_h handle = NULL;
 597     assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
 598     ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
 599     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 600
 601     // encryption
 602     auto test = [&](){
 603         assert_crypto_positive(apiEncrypt,
 604                                params.get(),
 605                                aliases.pub.c_str(),
 606                                nullptr,
 607                                *plain.get(),
 608                                &encryptedTmp);
 609         ckmc_buffer_free(encryptedTmp);
 610         encryptedTmp = nullptr;
 611     };
 612     // valid counter sizez
 613     setParam(params, CKMC_PARAM_ED_CTR_LEN, 1);
 614     test();
 615     setParam(params, CKMC_PARAM_ED_CTR_LEN, 4);
 616     test();
 617     setParam(params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN-1);
 618     test();
 619     setParam(params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN);
 620     test();
 621 }
 622
 623 void testCtrDecryptionInvalidLength(Algorithm type)
 624 {
 625     const AlgoBasePtr& algo = g_algorithms.at(type);
 626
 627     // prepare buffers
 628     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 629     ckmc_raw_buffer_s* decrypted = nullptr;
 630
 631     // add AES CTR key & encrypt
 632     auto ret = encrypt(algo, plain);
 633
 634     // decryption
 635     auto test = [&](){
 636         assert_crypto_invalid_param(apiDecrypt,
 637                                     ret.params.get(),
 638                                     ret.prvKey.c_str(),
 639                                     nullptr,
 640                                     *ret.encrypted.get(),
 641                                     &decrypted);
 642         ckmc_buffer_free(decrypted);
 643         decrypted = nullptr;
 644     };
 645     // invalid counter size
 646     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, -1);
 647     test();
 648     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, 0);
 649     test();
 650     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN+1);
 651     test();
 652 }
 653
 654 void testCtrDecryptionValidLength(Algorithm type)
 655 {
 656     const AlgoBasePtr& algo = g_algorithms.at(type);
 657
 658     // prepare buffers
 659     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 660     ckmc_raw_buffer_s* decrypted = nullptr;
 661
 662     // add AES CTR key & encrypt
 663     auto ret = encrypt(algo, plain);
 664
 665     // decryption
 666     auto test = [&](){
 667         assert_crypto_positive(apiDecrypt,
 668                                ret.params.get(),
 669                                ret.prvKey.c_str(),
 670                                nullptr,
 671                                *ret.encrypted.get(),
 672                                &decrypted);
 673         ckmc_buffer_free(decrypted);
 674         RawBufferPtr tmp = create_raw_buffer(decrypted);
 675         assert_buffers_equal(*plain.get(), *decrypted);
 676     };
 677     // invalid counter size
 678     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, 1);
 679     test();
 680     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, 4);
 681     test();
 682     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN-1);
 683     test();
 684     setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, CTR_DEFAULT_LEN);
 685     test();
 686 }
 687
 688 void testGcmEncryptionTagLen(Algorithm type)
 689 {
 690     const AlgoBasePtr& algo = g_algorithms.at(type);
 691
 692     // prepare buffers
 693     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 694     ckmc_raw_buffer_s* encryptedTmp = nullptr;
 695
 696     // add AES GCM key
 697     KeyAliasPair aliases = algo->keyGen();
 698
 699     // setup params
 700     ckmc_param_list_h handle = NULL;
 701     assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
 702     ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
 703     setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 704
 705     std::vector<TagTest> testData = {
 706             // illegal tag lengths
 707             { -1,   EncryptionError::INVALID_PARAM },
 708             { 0,    EncryptionError::INVALID_PARAM },
 709             { 16,   EncryptionError::INVALID_PARAM },
 710             { 48,   EncryptionError::INVALID_PARAM },
 711             { 72,   EncryptionError::INVALID_PARAM },
 712             { 100,  EncryptionError::INVALID_PARAM },
 713             { 108,  EncryptionError::INVALID_PARAM },
 714             { 116,  EncryptionError::INVALID_PARAM },
 715             { 124,  EncryptionError::INVALID_PARAM },
 716             { 256,  EncryptionError::INVALID_PARAM },
 717             // legal tag lengths
 718             { 32,   EncryptionError::SUCCESS },
 719             { 64,   EncryptionError::SUCCESS },
 720             { 96,   EncryptionError::SUCCESS },
 721             { 104,  EncryptionError::SUCCESS },
 722             { 112,  EncryptionError::SUCCESS },
 723             { 120,  EncryptionError::SUCCESS },
 724             { 128,  EncryptionError::SUCCESS },
 725     };
 726
 727     // encryption
 728     for(const auto& it : testData)
 729     {
 730         setParam(params, CKMC_PARAM_ED_TAG_LEN, it.tagLen);
 731         assert_crypto_result(it.expected,
 732                              apiEncrypt,
 733                              params.get(),
 734                              aliases.pub.c_str(),
 735                              nullptr,
 736                              *plain.get(),
 737                              &encryptedTmp);
 738         ckmc_buffer_free(encryptedTmp);
 739         encryptedTmp = nullptr;
 740     }
 741 }
 742
 743 void testGcmDecryptionTagLen(Algorithm type)
 744 {
 745     const AlgoBasePtr& algo = g_algorithms.at(type);
 746
 747     // prepare buffers
 748     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 749     ckmc_raw_buffer_s* decrypted = nullptr;
 750
 751     // add AES GCM key & encrypt
 752     auto ret = encrypt(algo, plain);
 753
 754     std::vector<TagTest> testData = {
 755             // illegal tag lengths
 756             { -1,   EncryptionError::INVALID_PARAM },
 757             { 0,    EncryptionError::INVALID_PARAM },
 758             { 16,   EncryptionError::INVALID_PARAM },
 759             { 48,   EncryptionError::INVALID_PARAM },
 760             { 72,   EncryptionError::INVALID_PARAM },
 761             { 100,  EncryptionError::INVALID_PARAM },
 762             { 108,  EncryptionError::INVALID_PARAM },
 763             { 116,  EncryptionError::INVALID_PARAM },
 764             { 124,  EncryptionError::INVALID_PARAM },
 765             { 256,  EncryptionError::INVALID_PARAM },
 766             // legal tag lengths (EVP_CipherFinal fails but we can't get the error code)
 767             { 32,   EncryptionError::SERVER_ERROR },
 768             { 64,   EncryptionError::SERVER_ERROR },
 769             { 96,   EncryptionError::SERVER_ERROR },
 770             { 104,  EncryptionError::SERVER_ERROR },
 771             { 112,  EncryptionError::SERVER_ERROR },
 772             { 120,  EncryptionError::SERVER_ERROR },
 773             // legal tag length that was actually used for encryption (default)
 774             { 128,  EncryptionError::SUCCESS },
 775     };
 776
 777     // decryption
 778     for(const auto& it : testData)
 779     {
 780         setParam(ret.params, CKMC_PARAM_ED_TAG_LEN, it.tagLen);
 781         assert_crypto_result(it.expected,
 782                              apiDecrypt,
 783                              ret.params.get(),
 784                              ret.prvKey.c_str(),
 785                              nullptr,
 786                              *ret.encrypted.get(),
 787                              &decrypted);
 788         ckmc_buffer_free(decrypted);
 789         decrypted = nullptr;
 790     }
 791 }
 792
 793 void testGcmWrongTag(Algorithm type)
 794 {
 795     const AlgoBasePtr& algo = g_algorithms.at(type);
 796
 797     // prepare buffers
 798     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 799     ckmc_raw_buffer_s* decrypted = nullptr;
 800
 801     // encrypt with AES GCM
 802     auto ret = encrypt(algo, plain);
 803
 804     // modify tag (last 16B of encrypted message)
 805     ret.encrypted->data[ret.encrypted->size-1]++;
 806
 807     // EVP_CipherFinal fails but we can't get error code
 808     assert_crypto_result(EncryptionError::SERVER_ERROR,
 809                          apiDecrypt,
 810                          ret.params.get(),
 811                          ret.prvKey.c_str(),
 812                          nullptr,
 813                          *ret.encrypted.get(),
 814                          &decrypted);
 815 }
 816
 817 void testGcmDifferentIvSizes(Algorithm type)
 818 {
 819     const AlgoBasePtr& algo = g_algorithms.at(type);
 820
 821     // add AES GCM key
 822     KeyAliasPair aliases = algo->keyGen();
 823
 824     testGcmIvSize(11,  aliases, EncryptionError::SERVER_ERROR); // 12B is the smallest
 825     testGcmIvSize(12,  aliases);
 826     testGcmIvSize(17,  aliases);
 827     testGcmIvSize(128, aliases);
 828 }
 829
 830 void testEncryptDecryptBigData(Algorithm type)
 831 {
 832     const AlgoBasePtr& algo = g_algorithms.at(type);
 833
 834     // prepare buffers
 835     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(5000000));
 836     ckmc_raw_buffer_s* decrypted = nullptr;
 837
 838     // encrypt
 839     auto ret = encrypt(algo, plain);
 840
 841     assert_positive(apiDecrypt,
 842                     ret.params.get(),
 843                     ret.prvKey.c_str(),
 844                     nullptr,
 845                     *ret.encrypted.get(),
 846                     &decrypted);
 847     RawBufferPtr tmp = create_raw_buffer(decrypted);
 848
 849     assert_buffers_equal(*plain.get(), *decrypted);
 850 }
 851
 852 void testEncryptDecryptDifferentKeys(Algorithm type, bool success)
 853 {
 854     const AlgoBasePtr& algo = g_algorithms.at(type);
 855     // prepare buffers
 856     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 857     ckmc_raw_buffer_s* decrypted = nullptr;
 858
 859     // encrypt
 860     auto ret = encrypt(algo, plain);
 861
 862     // add different key
 863     KeyAliasPair differentKeys = algo->keyGen(nullptr, "_wrong");
 864
 865
 866     if (success) {
 867         // some algorithms don't verify key validity
 868         assert_crypto_positive(apiDecrypt,
 869                                ret.params.get(),
 870                                differentKeys.prv.c_str(),
 871                                nullptr,
 872                                *ret.encrypted.get(),
 873                                &decrypted);
 874         RawBufferPtr tmp = create_raw_buffer(decrypted);
 875
 876         assert_buffers_equal(*plain.get(), *decrypted, false);
 877     } else {
 878         // different key should not be accepted
 879         assert_crypto_result(EncryptionError::SERVER_ERROR,
 880                              apiDecrypt,
 881                              ret.params.get(),
 882                              differentKeys.prv.c_str(),
 883                              nullptr,
 884                              *ret.encrypted.get(),
 885                              &decrypted);
 886     }
 887
 888     // Cleanup before testing next algorithm. Ignore results because not all keys are present
 889     ckmc_remove_alias(ret.prvKey.c_str());
 890     ckmc_remove_alias(ret.pubKey.c_str());
 891     ckmc_remove_alias(differentKeys.prv.c_str());
 892     ckmc_remove_alias(differentKeys.pub.c_str());
 893 }
 894
 895 void testRsaLongestData(Algorithm type, size_t dataSize)
 896 {
 897     const AlgoBasePtr& algo = g_algorithms.at(type);
 898     // prepare buffers
 899     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(dataSize));
 900     ckmc_raw_buffer_s* decrypted = nullptr;
 901
 902     // encrypt
 903     auto ret = encrypt(algo, plain);
 904
 905     assert_crypto_positive(apiDecrypt,
 906                            ret.params.get(),
 907                            ret.prvKey.c_str(),
 908                            nullptr,
 909                            *ret.encrypted.get(),
 910                            &decrypted);
 911     RawBufferPtr tmp = create_raw_buffer(decrypted);
 912
 913     assert_buffers_equal(*plain.get(), *decrypted);
 914 }
 915
 916 void testRsaDataTooLong(Algorithm type, size_t dataSize)
 917 {
 918     const AlgoBasePtr& algo = g_algorithms.at(type);
 919     // prepare buffers
 920     RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(dataSize));
 921
 922     // encrypt
 923     EncryptionResult ret;
 924     ckmc_raw_buffer_s* encrypted = nullptr;
 925     KeyAliasPair aliases = algo->keyGen();
 926
 927     ckmc_param_list_h handle = NULL;
 928     assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
 929     ret.params = ParamListPtr(handle, ckmc_param_list_free);
 930     assert_crypto_result(EncryptionError::SERVER_ERROR,
 931                          apiEncrypt,
 932                          ret.params.get(),
 933                          aliases.pub.c_str(),
 934                          nullptr,
 935                          *plain.get(),
 936                          &encrypted);
 937 }
 938
 939 } // namespace anonymous
 940
 941
 942 RUNNER_TEST_GROUP_INIT(CKM_ENCRYPTION_DECRYPTION);
 943
 944 /////////////////////////////////////////
 945 // Generic encryption decryption tests
 946 /////////////////////////////////////////
 947
 948 RUNNER_TEST_MULTIPLE(TED_0010_encrypt_invalid_param_list, SyncEnv, AsyncEnv)
 949 {
 950     testAllAlgorithms([](const AlgoBasePtr& algo){
 951         // prepare buffers
 952         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 953         ckmc_raw_buffer_s* encrypted = nullptr;
 954
 955         // add key
 956         KeyAliasPair aliases = algo->keyGen();
 957
 958         // null param list
 959         assert_crypto_invalid_param(apiEncrypt,
 960                                     nullptr,
 961                                     aliases.pub.c_str(),
 962                                     nullptr,
 963                                     *plain.get(),
 964                                     &encrypted);
 965
 966         // empty param list
 967         ParamListPtr params = createParamListPtr();
 968         assert_crypto_invalid_param(apiEncrypt,
 969                                     params.get(),
 970                                     aliases.pub.c_str(),
 971                                     nullptr,
 972                                     *plain.get(),
 973                                     &encrypted);
 974     });
 975 }
 976
 977 RUNNER_TEST_MULTIPLE(TED_0020_encrypt_missing_key, SyncEnv, AsyncEnv)
 978 {
 979     testAllAlgorithms([](const AlgoBasePtr& algo){
 980         // prepare buffers
 981         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
 982         ckmc_raw_buffer_s* encrypted = nullptr;
 983
 984         // setup params
 985         ckmc_param_list_h handle = NULL;
 986         assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
 987         ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
 988         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
 989
 990         assert_crypto_result(EncryptionError::ALIAS_UNKNOWN,
 991                              apiEncrypt,
 992                              params.get(),
 993                              "non-existing-key-alias",
 994                              nullptr,
 995                              *plain.get(),
 996                              &encrypted);
 997     });
 998 }
 999
1000 RUNNER_TEST_MULTIPLE(TED_0030_encrypt_no_plain_text, SyncEnv, AsyncEnv)
1001 {
1002     testAllAlgorithms([](const AlgoBasePtr& algo){
1003         // prepare buffers
1004         ckmc_raw_buffer_s plain = { nullptr, 0 };
1005         ckmc_raw_buffer_s* encrypted = nullptr;
1006
1007         // add key
1008         KeyAliasPair aliases = algo->keyGen();
1009
1010         // setup params
1011         ckmc_param_list_h handle = NULL;
1012         assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
1013         ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
1014         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1015
1016         assert_crypto_invalid_param(apiEncrypt,
1017                                     params.get(),
1018                                     aliases.pub.c_str(),
1019                                     nullptr,
1020                                     plain,
1021                                     &encrypted);
1022     });
1023 }
1024
1025 RUNNER_TEST_MULTIPLE(TED_0040_encrypt_no_output_buffer, SyncEnv, AsyncEnv)
1026 {
1027     testAllAlgorithms([](const AlgoBasePtr& algo){
1028         // prepare buffers
1029         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1030         ckmc_raw_buffer_s** encrypted = nullptr;
1031
1032         // add key
1033         KeyAliasPair aliases = algo->keyGen();
1034
1035         // setup params
1036         ckmc_param_list_h handle = NULL;
1037         assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
1038         ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
1039         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1040
1041         assert_crypto_invalid_param(apiEncrypt,
1042                                     params.get(),
1043                                     aliases.pub.c_str(),
1044                                     nullptr,
1045                                     *plain.get(),
1046                                     encrypted);
1047     });
1048 }
1049
1050 RUNNER_TEST_MULTIPLE(TED_0110_decrypt_invalid_param_list, SyncEnv, AsyncEnv)
1051 {
1052     testAllAlgorithms([](const AlgoBasePtr& algo){
1053         // prepare buffers
1054         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1055         ckmc_raw_buffer_s* decrypted = nullptr;
1056
1057         // encrypt;
1058         auto ret = encrypt(algo, plain);
1059
1060         // null param list
1061         assert_crypto_invalid_param(apiDecrypt,
1062                                     nullptr,
1063                                     ret.prvKey.c_str(),
1064                                     nullptr,
1065                                     *ret.encrypted.get(),
1066                                     &decrypted);
1067
1068         // empty param list
1069         ParamListPtr params = createParamListPtr();
1070         assert_crypto_invalid_param(apiDecrypt,
1071                                     params.get(),
1072                                     ret.prvKey.c_str(),
1073                                     nullptr,
1074                                     *ret.encrypted.get(),
1075                                     &decrypted);
1076     });
1077 }
1078
1079 RUNNER_TEST_MULTIPLE(TED_0120_decrypt_missing_key, SyncEnv, AsyncEnv)
1080 {
1081     testAllAlgorithms([](const AlgoBasePtr& algo){
1082         // prepare buffers
1083         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1084         ckmc_raw_buffer_s* decrypted = nullptr;
1085
1086         // encrypt
1087         auto ret = encrypt(algo, plain);
1088
1089         // remove key
1090         assert_positive(ckmc_remove_alias, ret.prvKey.c_str());
1091
1092         // try to decrypt
1093         assert_crypto_result(EncryptionError::ALIAS_UNKNOWN,
1094                              apiDecrypt,
1095                              ret.params.get(),
1096                              ret.prvKey.c_str(),
1097                              nullptr,
1098                              *ret.encrypted.get(),
1099                              &decrypted);
1100     });
1101 }
1102
1103 RUNNER_TEST_MULTIPLE(TED_0130_decrypt_no_encrypted_text, SyncEnv, AsyncEnv)
1104 {
1105     testAllAlgorithms([](const AlgoBasePtr& algo){
1106         // prepare buffers
1107         ckmc_raw_buffer_s encrypted = { nullptr, 0 };
1108         ckmc_raw_buffer_s* decrypted = nullptr;
1109
1110         // add key
1111         KeyAliasPair aliases = algo->keyGen();
1112
1113         // setup params
1114         ckmc_param_list_h handle = NULL;
1115         assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
1116         ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
1117         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1118
1119         assert_crypto_invalid_param(apiDecrypt,
1120                                     params.get(),
1121                                     aliases.prv.c_str(),
1122                                     nullptr,
1123                                     encrypted,
1124                                     &decrypted);
1125     });
1126 }
1127
1128 RUNNER_TEST_MULTIPLE(TED_0140_decrypt_no_output_buffer, SyncEnv, AsyncEnv)
1129 {
1130     testAllAlgorithms([](const AlgoBasePtr& algo){
1131         // prepare buffers
1132         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1133         ckmc_raw_buffer_s** decrypted = nullptr;
1134
1135         // encrypt
1136         auto ret = encrypt(algo, plain);
1137
1138         assert_crypto_invalid_param(apiDecrypt,
1139                                     ret.params.get(),
1140                                     ret.prvKey.c_str(),
1141                                     nullptr,
1142                                     *ret.encrypted.get(),
1143                                     decrypted);
1144     });
1145 }
1146
1147 RUNNER_TEST_MULTIPLE(TED_0200_encrypt_decrypt_different_keys, SyncEnv, AsyncEnv)
1148 {
1149     testEncryptDecryptDifferentKeys(AES_CBC_128, false);
1150     testEncryptDecryptDifferentKeys(AES_CBC_192, false);
1151     testEncryptDecryptDifferentKeys(AES_CBC_256, false);
1152     testEncryptDecryptDifferentKeys(AES_GCM_128, false);
1153     testEncryptDecryptDifferentKeys(AES_GCM_192, false);
1154     testEncryptDecryptDifferentKeys(AES_GCM_256, false);
1155     testEncryptDecryptDifferentKeys(AES_CTR_128, true);
1156     testEncryptDecryptDifferentKeys(AES_CTR_192, true);
1157     testEncryptDecryptDifferentKeys(AES_CTR_256, true);
1158     testEncryptDecryptDifferentKeys(AES_CFB_128, true);
1159     testEncryptDecryptDifferentKeys(AES_CFB_192, true);
1160     testEncryptDecryptDifferentKeys(AES_CFB_256, true);
1161     testEncryptDecryptDifferentKeys(RSA_OAEP_1024, false);
1162     testEncryptDecryptDifferentKeys(RSA_OAEP_2048, false);
1163     testEncryptDecryptDifferentKeys(RSA_OAEP_4096, false);
1164 }
1165
1166 RUNNER_TEST_MULTIPLE(TED_0300_encrypt_decrypt, SyncEnv, AsyncEnv)
1167 {
1168     testAllAlgorithms([](const AlgoBasePtr& algo){
1169         // prepare buffers
1170         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1171         ckmc_raw_buffer_s* decrypted = nullptr;
1172
1173         // encrypt
1174         auto ret = encrypt(algo, plain);
1175
1176         assert_crypto_positive(apiDecrypt,
1177                                ret.params.get(),
1178                                ret.prvKey.c_str(),
1179                                nullptr,
1180                                *ret.encrypted.get(),
1181                                &decrypted);
1182         RawBufferPtr tmp = create_raw_buffer(decrypted);
1183
1184         assert_buffers_equal(*plain.get(), *decrypted);
1185     });
1186 }
1187
1188 RUNNER_TEST_MULTIPLE(TED_0310_encrypt_decrypt_password, SyncEnv, AsyncEnv)
1189 {
1190     testAllAlgorithms([](const AlgoBasePtr& algo){
1191         // prepare buffers
1192         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1193         ckmc_raw_buffer_s* decrypted = nullptr;
1194
1195         // encrypt
1196         auto ret = encrypt(algo, plain, PASSWORD);
1197
1198         // wrong password
1199         assert_crypto_result(EncryptionError::AUTH_FAILED,
1200                              apiDecrypt,
1201                              ret.params.get(),
1202                              ret.prvKey.c_str(),
1203                              "wrong-password",
1204                              *ret.encrypted.get(),
1205                              &decrypted);
1206
1207         // correct password
1208         assert_crypto_positive(apiDecrypt,
1209                                ret.params.get(),
1210                                ret.prvKey.c_str(),
1211                                PASSWORD,
1212                                *ret.encrypted.get(),
1213                                &decrypted);
1214         RawBufferPtr tmp = create_raw_buffer(decrypted); // guarantees deletion
1215
1216         assert_buffers_equal(*plain.get(), *decrypted);
1217     });
1218 }
1219
1220 // long test split into smaller ones
1221 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_128, SyncEnv, AsyncEnv)
1222 {
1223     testEncryptDecryptBigData(AES_CBC_128);
1224 }
1225
1226 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_192, SyncEnv, AsyncEnv)
1227 {
1228     testEncryptDecryptBigData(AES_CBC_192);
1229 }
1230
1231 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_256, SyncEnv, AsyncEnv)
1232 {
1233     testEncryptDecryptBigData(AES_CBC_256);
1234 }
1235
1236 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_128, SyncEnv, AsyncEnv)
1237 {
1238     testEncryptDecryptBigData(AES_GCM_128);
1239 }
1240
1241 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_192, SyncEnv, AsyncEnv)
1242 {
1243     testEncryptDecryptBigData(AES_GCM_192);
1244 }
1245
1246 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_256, SyncEnv, AsyncEnv)
1247 {
1248     testEncryptDecryptBigData(AES_GCM_256);
1249 }
1250
1251 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_128, SyncEnv, AsyncEnv)
1252 {
1253     testEncryptDecryptBigData(AES_CTR_128);
1254 }
1255
1256 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_192, SyncEnv, AsyncEnv)
1257 {
1258     testEncryptDecryptBigData(AES_CTR_192);
1259 }
1260
1261 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_256, SyncEnv, AsyncEnv)
1262 {
1263     testEncryptDecryptBigData(AES_CTR_256);
1264 }
1265
1266 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_128, SyncEnv, AsyncEnv)
1267 {
1268     testEncryptDecryptBigData(AES_CFB_128);
1269 }
1270
1271 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_192, SyncEnv, AsyncEnv)
1272 {
1273     testEncryptDecryptBigData(AES_CFB_192);
1274 }
1275
1276 RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_256, SyncEnv, AsyncEnv)
1277 {
1278     testEncryptDecryptBigData(AES_CFB_256);
1279 }
1280
1281 /////////////////////////////////////////
1282 // Algorithm specific tests
1283 /////////////////////////////////////////
1284
1285 RUNNER_TEST_MULTIPLE(TED_1005_no_iv_enc, SyncEnv, AsyncEnv)
1286 {
1287     testNoIvEnc(AES_CTR_128);
1288     testNoIvEnc(AES_CTR_192);
1289     testNoIvEnc(AES_CTR_256);
1290     testNoIvEnc(AES_CBC_128);
1291     testNoIvEnc(AES_CBC_192);
1292     testNoIvEnc(AES_CBC_256);
1293     testNoIvEnc(AES_CFB_128);
1294     testNoIvEnc(AES_CFB_192);
1295     testNoIvEnc(AES_CFB_256);
1296     testNoIvEnc(AES_GCM_128);
1297     testNoIvEnc(AES_GCM_192);
1298     testNoIvEnc(AES_GCM_256);
1299 }
1300
1301 RUNNER_TEST_MULTIPLE(TED_1010_invalid_iv_enc, SyncEnv, AsyncEnv)
1302 {
1303     testInvalidIvEnc(AES_CTR_128);
1304     testInvalidIvEnc(AES_CTR_192);
1305     testInvalidIvEnc(AES_CTR_256);
1306     testInvalidIvEnc(AES_CBC_128);
1307     testInvalidIvEnc(AES_CBC_192);
1308     testInvalidIvEnc(AES_CBC_256);
1309     testInvalidIvEnc(AES_CFB_128);
1310     testInvalidIvEnc(AES_CFB_192);
1311     testInvalidIvEnc(AES_CFB_256);
1312 }
1313
1314 RUNNER_TEST_MULTIPLE(TED_1015_no_iv_dec, SyncEnv, AsyncEnv)
1315 {
1316     testNoIvDec(AES_CTR_128);
1317     testNoIvDec(AES_CTR_192);
1318     testNoIvDec(AES_CTR_256);
1319     testNoIvDec(AES_CBC_128);
1320     testNoIvDec(AES_CBC_192);
1321     testNoIvDec(AES_CBC_256);
1322     testNoIvDec(AES_CFB_128);
1323     testNoIvDec(AES_CFB_192);
1324     testNoIvDec(AES_CFB_256);
1325     testNoIvDec(AES_GCM_128);
1326     testNoIvDec(AES_GCM_192);
1327     testNoIvDec(AES_GCM_256);
1328 }
1329
1330 RUNNER_TEST_MULTIPLE(TED_1020_invalid_iv_dec, SyncEnv, AsyncEnv)
1331 {
1332     testInvalidIvDec(AES_CTR_128);
1333     testInvalidIvDec(AES_CTR_192);
1334     testInvalidIvDec(AES_CTR_256);
1335     testInvalidIvDec(AES_CBC_128);
1336     testInvalidIvDec(AES_CBC_192);
1337     testInvalidIvDec(AES_CBC_256);
1338     testInvalidIvDec(AES_CFB_128);
1339     testInvalidIvDec(AES_CFB_192);
1340     testInvalidIvDec(AES_CFB_256);
1341 }
1342
1343 RUNNER_TEST_MULTIPLE(TED_1050_data_integrity, SyncEnv, AsyncEnv)
1344 {
1345     testIntegrity(AES_CTR_128);
1346     testIntegrity(AES_CTR_192);
1347     testIntegrity(AES_CTR_256);
1348     testIntegrity(AES_CBC_128);
1349     testIntegrity(AES_CBC_192);
1350     testIntegrity(AES_CBC_256);
1351     testIntegrity(AES_CFB_128);
1352     testIntegrity(AES_CFB_192);
1353     testIntegrity(AES_CFB_256);
1354 }
1355
1356 RUNNER_TEST_MULTIPLE(TED_1100_ctr_encryption_invalid_length, SyncEnv, AsyncEnv)
1357 {
1358     testCtrEncryptionInvalidLength(AES_CTR_128);
1359     testCtrEncryptionInvalidLength(AES_CTR_192);
1360     testCtrEncryptionInvalidLength(AES_CTR_256);
1361 }
1362
1363 RUNNER_TEST_MULTIPLE(TED_1105_ctr_encryption_valid_length, SyncEnv, AsyncEnv)
1364 {
1365     RUNNER_IGNORED_MSG("Openssl supports only 128-bit AES CTR length");
1366     testCtrEncryptionValidLength(AES_CTR_128);
1367     testCtrEncryptionValidLength(AES_CTR_192);
1368     testCtrEncryptionValidLength(AES_CTR_256);
1369 }
1370
1371 RUNNER_TEST_MULTIPLE(TED_1110_ctr_decryption_invalid_length, SyncEnv, AsyncEnv)
1372 {
1373     testCtrDecryptionInvalidLength(AES_CTR_128);
1374     testCtrDecryptionInvalidLength(AES_CTR_192);
1375     testCtrDecryptionInvalidLength(AES_CTR_256);
1376 }
1377
1378 RUNNER_TEST_MULTIPLE(TED_1115_ctr_decryption_valid_length, SyncEnv, AsyncEnv)
1379 {
1380     RUNNER_IGNORED_MSG("Openssl supports only 128-bit AES CTR length");
1381     testCtrDecryptionValidLength(AES_CTR_128);
1382     testCtrDecryptionValidLength(AES_CTR_192);
1383     testCtrDecryptionValidLength(AES_CTR_256);
1384 }
1385
1386 RUNNER_TEST_MULTIPLE(TED_1200_gcm_encryption_tag_len, SyncEnv, AsyncEnv)
1387 {
1388     testGcmEncryptionTagLen(AES_GCM_128);
1389     testGcmEncryptionTagLen(AES_GCM_192);
1390     testGcmEncryptionTagLen(AES_GCM_256);
1391 }
1392
1393 RUNNER_TEST_MULTIPLE(TED_1210_gcm_decryption_tag_len, SyncEnv, AsyncEnv)
1394 {
1395     testGcmDecryptionTagLen(AES_GCM_128);
1396     testGcmDecryptionTagLen(AES_GCM_192);
1397     testGcmDecryptionTagLen(AES_GCM_256);
1398 }
1399
1400 RUNNER_TEST_MULTIPLE(TED_1230_gcm_wrong_tag, SyncEnv, AsyncEnv)
1401 {
1402     testGcmWrongTag(AES_GCM_128);
1403     testGcmWrongTag(AES_GCM_192);
1404     testGcmWrongTag(AES_GCM_256);
1405 }
1406
1407 RUNNER_TEST_MULTIPLE(TED_1240_gcm_different_iv_sizes, SyncEnv, AsyncEnv)
1408 {
1409     testGcmDifferentIvSizes(AES_GCM_128);
1410     testGcmDifferentIvSizes(AES_GCM_192);
1411     testGcmDifferentIvSizes(AES_GCM_256);
1412 }
1413
1414 RUNNER_TEST_MULTIPLE(TED_1250_gcm_aad, SyncEnv, AsyncEnv)
1415 {
1416     encryptionWithCustomData(AES_GCM_128, CKMC_PARAM_ED_AAD);
1417     encryptionWithCustomData(AES_GCM_192, CKMC_PARAM_ED_AAD);
1418     encryptionWithCustomData(AES_GCM_256, CKMC_PARAM_ED_AAD);
1419 }
1420
1421 RUNNER_TEST_MULTIPLE(TED_1300_rsa_label, SyncEnv, AsyncEnv)
1422 {
1423     RUNNER_IGNORED_MSG("RSA-OAEP labels are not supported in openssl");
1424     encryptionWithCustomData(RSA_OAEP_1024, CKMC_PARAM_ED_LABEL);
1425     encryptionWithCustomData(RSA_OAEP_2048, CKMC_PARAM_ED_LABEL);
1426     encryptionWithCustomData(RSA_OAEP_4096, CKMC_PARAM_ED_LABEL);
1427 }
1428
1429 RUNNER_TEST_MULTIPLE(TED_1330_rsa_longest_data, SyncEnv, AsyncEnv)
1430 {
1431     testRsaLongestData(RSA_OAEP_1024, 86);
1432     testRsaLongestData(RSA_OAEP_2048, 214);
1433     testRsaLongestData(RSA_OAEP_4096, 470);
1434 }
1435
1436 RUNNER_TEST_MULTIPLE(TED_1350_rsa_data_too_long, SyncEnv, AsyncEnv)
1437 {
1438     testRsaDataTooLong(RSA_OAEP_1024, 87);
1439     testRsaDataTooLong(RSA_OAEP_2048, 215);
1440     testRsaDataTooLong(RSA_OAEP_4096, 471);
1441 }
1442
1443 /////////////////////////////////////////
1444 // Asynchronous only tests
1445 /////////////////////////////////////////
1446 RUNNER_TEST(TED_2000_enc_no_observer_async, EncEnv)
1447 {
1448     testAllAlgorithms([](const AlgoBasePtr& algo){
1449         // prepare buffers
1450         RawBuffer plain = createRandomBuffer(BUF_LEN);
1451
1452         // keys
1453         KeyAliasPair aliases = algo->keyGen(nullptr);
1454
1455         // params
1456         ckmc_param_list_h handle = NULL;
1457         assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
1458         ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
1459         setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
1460
1461         // encrypt
1462         test_no_observer(&ManagerAsync::encrypt,
1463                          *reinterpret_cast<CryptoAlgorithm*>(params.get()),
1464                          aliases.pub,
1465                          Password(),
1466                          plain);
1467     });
1468 }
1469
1470 RUNNER_TEST(TED_2010_dec_no_observer_async, AsyncEnv)
1471 {
1472     testAllAlgorithms([](const AlgoBasePtr& algo){
1473         // prepare buffers
1474         RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
1475
1476         // encrypt
1477         auto ret = encrypt(algo, plain);
1478         RawBuffer encrypted(ret.encrypted->data, ret.encrypted->data + ret.encrypted->size);
1479
1480         // decrypt
1481         test_no_observer(&ManagerAsync::decrypt,
1482                          *reinterpret_cast<CryptoAlgorithm*>(ret.params.get()),
1483                          ret.prvKey,
1484                          Password(),
1485                          encrypted);
1486     });
1487 }