2 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
4 * Contact: Dariusz Michaluk (d.michaluk@samsung.com)
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License
21 * @author Dariusz Michaluk (d.michaluk@samsung.com)
22 * @author Mateusz Forc (m.forc@samsung.com)
25 #include "dpl/test/test_runner.h"
26 #include "yaca-test-common.h"
27 #include "yaca-test-vector.h"
29 #include <yaca_encrypt.h>
34 const Buffer DATA = random_buffer(1024);
35 const size_t INVALID_IV_BIT_LENGTH = 512;
42 KeyIvPair() : key(generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_192BIT)),
43 iv(generate_key(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_128BIT))
47 yaca_key_type_e algo_to_key_type(yaca_encrypt_algorithm_e algo)
49 if (algo == YACA_ENCRYPT_3DES_3TDEA ||
50 algo == YACA_ENCRYPT_UNSAFE_3DES_2TDEA ||
51 algo == YACA_ENCRYPT_UNSAFE_DES)
52 return YACA_KEY_TYPE_DES;
54 return YACA_KEY_TYPE_SYMMETRIC;
59 Encryptor(yaca_encrypt_algorithm_e algo,
60 yaca_block_cipher_mode_e bcm,
61 const KeyPtr& key_ptr,
65 m_enCtxPtr(encrypt_init(algo, bcm, key_ptr, iv_ptr)),
66 m_decCtxPtr(decrypt_init(algo, bcm, key_ptr, iv_ptr))
69 set_padding(YACA_PADDING_NONE);
71 set_effective_key_bits(key_bits);
74 virtual Buffer encrypt(const Buffer& data, size_t repeats = 1)
76 Buffer update_out = run_update(data, repeats, &m_enCtxPtr, yaca_encrypt_update);
77 Buffer final_out = run_finalize(&m_enCtxPtr, yaca_encrypt_finalize);
78 update_out.insert(update_out.end(), final_out.begin(), final_out.end());
82 virtual Buffer decrypt(const Buffer& data, size_t repeats = 1)
84 Buffer update_out = run_update(data, repeats, &m_decCtxPtr, yaca_decrypt_update);
85 Buffer final_out = run_finalize(&m_decCtxPtr, yaca_decrypt_finalize);
86 update_out.insert(update_out.end(), final_out.begin(), final_out.end());
90 void set_padding(yaca_padding_e padding)
92 YACA_SUCCESS(yaca_context_set_property(m_enCtxPtr.get(), YACA_PROPERTY_PADDING,
93 (void*)(&padding), sizeof(padding)));
94 YACA_SUCCESS(yaca_context_set_property(m_decCtxPtr.get(), YACA_PROPERTY_PADDING,
95 (void*)(&padding), sizeof(padding)));
98 void set_effective_key_bits(size_t key_bits)
100 YACA_SUCCESS(yaca_context_set_property(m_enCtxPtr.get(), YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
101 (void*)(&key_bits), sizeof(key_bits)));
102 YACA_SUCCESS(yaca_context_set_property(m_decCtxPtr.get(), YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
103 (void*)(&key_bits), sizeof(key_bits)));
106 int set_tag_len(yaca_block_cipher_mode_e bcm, size_t tag_len)
110 return yaca_context_set_property(m_enCtxPtr.get(), YACA_PROPERTY_GCM_TAG_LEN,
111 (void*)&tag_len, sizeof(tag_len));
113 return yaca_context_set_property(m_enCtxPtr.get(), YACA_PROPERTY_CCM_TAG_LEN,
114 (void*)&tag_len, sizeof(tag_len));
116 return YACA_ERROR_INVALID_PARAMETER;
124 typedef std::function<int(yaca_context_h, const char*, size_t, char*, size_t*)> Update;
125 typedef std::function<int(yaca_context_h, char*, size_t*)> Final;
127 Buffer run_update(const Buffer& data, size_t repeats, CtxPtr* ctx_ptr, Update update)
132 auto text_ptr = out_buf_alloc(*ctx_ptr, data.size(), len);
134 for (size_t i = 0; i < repeats; ++i) {
135 YACA_SUCCESS(update(ctx_ptr->get(), data.data(), data.size(), text_ptr.get(), &len));
136 output.insert(output.end(), text_ptr.get(), text_ptr.get() + len);
143 Buffer run_finalize(CtxPtr* ctx_ptr, Final finalize)
147 auto final_ptr = out_buf_alloc(m_decCtxPtr, 0, len);
148 if (final_ptr != nullptr) {
149 YACA_SUCCESS(finalize(ctx_ptr->get(), final_ptr.get(), &len));
150 output.insert(output.end(), final_ptr.get(), final_ptr.get() + len);
156 std::string bin2hex(const Buffer &bin_str)
158 std::stringstream data;
160 for (const auto& i : bin_str)
161 data << std::hex << static_cast<int>(static_cast<unsigned char>(i));
166 void check_test_vector_init(yaca_encrypt_algorithm_e algo,
167 yaca_block_cipher_mode_e bcm,
172 yaca_context_h ctx = YACA_CONTEXT_NULL;
173 int expected = YACA_ERROR_NONE;
174 yaca_key_type_e key_type;
177 expected = YACA_ERROR_INVALID_PARAMETER;
179 auto iv_ptr = (iv_len > 0) ? generate_key(YACA_KEY_TYPE_IV, iv_len)
183 * Invalid DES key cannot be created using yaca_key_generate().
184 * If test case is incorrect, wrong key (symmetric) is generated
185 * in order to check how api behave with inappropriate key imported
188 if ((algo == YACA_ENCRYPT_UNSAFE_DES || algo == YACA_ENCRYPT_UNSAFE_3DES_2TDEA ||
189 algo == YACA_ENCRYPT_3DES_3TDEA) && valid)
190 key_type = YACA_KEY_TYPE_DES;
192 key_type = YACA_KEY_TYPE_SYMMETRIC;
194 auto key_ptr = generate_key(key_type, key_len);
196 YACA_RESULT(expected, yaca_encrypt_initialize(&ctx, algo, bcm, key_ptr.get(), iv_ptr.get()));
197 yaca_context_destroy(ctx);
198 ctx = YACA_CONTEXT_NULL;
199 YACA_RESULT(expected, yaca_decrypt_initialize(&ctx, algo, bcm, key_ptr.get(), iv_ptr.get()));
200 yaca_context_destroy(ctx);
203 void check_test_vector_output(const Buffer &input,
204 yaca_encrypt_algorithm_e algo,
205 yaca_block_cipher_mode_e bcm,
210 const Buffer &expected,
213 auto key_ptr = import_key(algo_to_key_type(algo), nullptr, key.data(), key.size());
214 auto iv_ptr = (iv.size() > 0) ? import_key(YACA_KEY_TYPE_IV, nullptr, iv.data(), iv.size())
217 Encryptor encryptor(algo, bcm, key_ptr, iv_ptr, key_bits, padded);
218 Buffer output_vector = encryptor.encrypt(input, repeats);
220 auto keyHex = bin2hex(key);
221 auto ivHex = bin2hex(iv);
222 std::stringstream message;
224 message << "Parameters:\n"
225 << encrypt2str(algo) << std::endl
226 << bcm2str(bcm) << std::endl
227 << "key: " << keyHex << std::endl
228 << "iv: " << ivHex << std::endl
229 << "repeats: " << repeats << std::endl;
231 YACA_ASSERT_MSG(expected.size() == output_vector.size(), "size differs\n" << message.str());
232 YACA_ASSERT_MSG(expected == output_vector,
233 "\nEncrypt string comparison failed\n" << message.str());
236 void test_encryption_output(std::string filename, bool padded=true)
238 auto tvv = loadTestVector(filename);
240 for (const auto& tv : tvv) {
242 yaca_encrypt_algorithm_e algo;
243 yaca_block_cipher_mode_e bcm;
250 tv.get("input", input);
251 tv.get("algo", algo);
254 if (algo == YACA_ENCRYPT_UNSAFE_RC2)
255 tv.get("effective_key_bits", key_bits);
257 tv.get("repeats", repeats);
258 tv.get("output", expected);
260 check_test_vector_output(input, algo, bcm, key, key_bits, iv, repeats, expected, padded);
264 void test_vector_encrypt_decrypt(const Buffer &input,
265 yaca_encrypt_algorithm_e algo,
266 yaca_block_cipher_mode_e bcm,
270 std::stringstream message;
272 auto key_ptr = generate_key(algo_to_key_type(algo), key_len);
273 auto iv_ptr = (iv_len > 0) ? generate_key(YACA_KEY_TYPE_IV, iv_len)
275 Encryptor encryptor(algo, bcm, key_ptr, iv_ptr);
277 auto encrypt_output = encryptor.encrypt(input);
278 auto decrypt_output = encryptor.decrypt(encrypt_output);
280 message << "Parameters:\n"
281 << encrypt2str(algo) << std::endl
282 << bcm2str(bcm) << std::endl
283 << "key_len: " << key_len << std::endl
284 << "iv_len: " << iv_len << std::endl;
286 YACA_ASSERT_MSG(input.size() == decrypt_output.size(), "Size after encrypt-decrypt differs\n");
287 YACA_ASSERT_MSG(input == decrypt_output, "Text after encrypt-decrypt has changed\n"
291 void test_encryption_decryption(std::string filename)
293 std::string s = "abcdefghijklmnoprstuvwxyz0123456789";
295 auto tvv = loadTestVector(filename);
297 for (const auto& tv : tvv) {
298 yaca_encrypt_algorithm_e algo;
299 yaca_block_cipher_mode_e bcm;
302 size_t key_data_len = 0;
305 tv.get("algo", algo);
307 tv.get("key_len", key_len);
308 tv.get("iv_len", iv_len);
309 if (bcm == YACA_BCM_WRAP)
310 tv.get("key_data_len", key_data_len);
312 if (key_data_len > 0)
313 input = random_buffer(key_data_len / 8);
315 std::copy(s.begin(), s.end(), std::back_inserter(input));
317 test_vector_encrypt_decrypt(input, algo, bcm, key_len, iv_len);
321 void test_vector_gcm_tag_len(size_t key_len,
326 auto key_ptr = generate_key(YACA_KEY_TYPE_SYMMETRIC, key_len);
327 auto iv_ptr = generate_key(YACA_KEY_TYPE_IV, iv_len);
329 int expected = YACA_ERROR_NONE;
331 expected = YACA_ERROR_INVALID_PARAMETER;
333 Encryptor encryptor(YACA_ENCRYPT_AES, YACA_BCM_GCM, key_ptr, iv_ptr);
334 encryptor.encrypt(DATA);
336 YACA_RESULT(expected, encryptor.set_tag_len(YACA_BCM_GCM, tag_len));
339 void test_vector_ccm_tag_len(size_t key_len,
344 auto key_ptr = generate_key(YACA_KEY_TYPE_SYMMETRIC, key_len);
345 auto iv_ptr = generate_key(YACA_KEY_TYPE_IV, iv_len);
347 int expected = YACA_ERROR_NONE;
349 expected = YACA_ERROR_INVALID_PARAMETER;
351 Encryptor encryptor(YACA_ENCRYPT_AES, YACA_BCM_CCM, key_ptr, iv_ptr);
353 YACA_RESULT(expected, encryptor.set_tag_len(YACA_BCM_CCM, tag_len));
356 void aes_gcm_test_output(const Buffer &input,
357 yaca_encrypt_algorithm_e algo,
358 yaca_block_cipher_mode_e bcm,
363 const Buffer &output)
365 auto key_ptr = import_key(algo_to_key_type(algo), nullptr, key.data(), key.size());
366 auto iv_ptr = (iv.size() > 0) ? import_key(YACA_KEY_TYPE_IV, nullptr, iv.data(), iv.size())
369 size_t tag_len = tag.size();
373 Buffer encrypt_output;
374 auto enc_ctx_ptr = encrypt_init(algo, bcm, key_ptr, iv_ptr);
375 size_t update_len = 0;
376 size_t final_len = 0;
379 YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD,
380 aad.data(), aad.size()));
382 if (!input.empty()) {
383 auto update_ptr = out_buf_alloc(enc_ctx_ptr, input.size(), update_len);
384 YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), input.data(), input.size(),
385 update_ptr.get(), &update_len));
386 encrypt_output.insert(encrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len);
389 auto final_ptr = out_buf_alloc(enc_ctx_ptr, 0, final_len);
390 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx_ptr.get(), final_ptr.get(), &final_len));
391 encrypt_output.insert(encrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len);
393 YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN,
394 (void*)&tag_len, sizeof(tag_len)));
395 YACA_SUCCESS(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
396 (void**)&tag_output, &tag_len));
397 ChrPtr tag_ptr = wrap_ptr(tag_output);
399 YACA_ASSERT_MSG(output.size() == encrypt_output.size(), "Ciphertext size after encrypt differs\n");
400 YACA_ASSERT_MSG(output == encrypt_output, "Ciphertext after encrypt differs\n");
401 YACA_ASSERT_MSG(tag.size() == tag_len, "Tag size after encrypt differs\n");
402 YACA_ASSERT_MSG(yaca_memcmp(tag.data(), tag_output, tag_len) == YACA_ERROR_NONE,
403 "Tag after encrypt differs\n");
406 Buffer decrypt_output;
407 auto dec_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM, key_ptr, iv_ptr);
410 YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD,
411 aad.data(), aad.size()));
412 if (!output.empty()) {
413 auto update_ptr = out_buf_alloc(dec_ctx_ptr, output.size(), update_len);
414 YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), output.data(), output.size(),
415 update_ptr.get(), &update_len));
416 decrypt_output.insert(decrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len);
419 YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
420 tag.data(), tag.size()));
422 final_ptr = out_buf_alloc(dec_ctx_ptr, 0, final_len);
423 YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx_ptr.get(), final_ptr.get(), &final_len));
424 decrypt_output.insert(decrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len);
426 YACA_ASSERT_MSG(input.size() == decrypt_output.size(), "Size after encrypt-decrypt differs\n");
427 YACA_ASSERT_MSG(input == decrypt_output, "Text after encrypt-decrypt has changed\n");
430 void aes_ccm_test_output(const Buffer &input,
431 yaca_encrypt_algorithm_e algo,
432 yaca_block_cipher_mode_e bcm,
437 const Buffer &output)
439 auto key_ptr = import_key(algo_to_key_type(algo), nullptr, key.data(), key.size());
440 auto iv_ptr = (iv.size() > 0) ? import_key(YACA_KEY_TYPE_IV, nullptr, iv.data(), iv.size())
443 size_t tag_len = tag.size();
447 Buffer encrypt_output;
448 auto enc_ctx_ptr = encrypt_init(algo, bcm, key_ptr, iv_ptr);
449 size_t update_len = 0;
450 size_t final_len = 0;
452 YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN,
453 (void*)&tag_len, sizeof(tag_len)));
456 YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), NULL, input.size(), NULL, &update_len));
457 YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD,
458 aad.data(), aad.size()));
461 if (!input.empty()) {
462 auto update_ptr = out_buf_alloc(enc_ctx_ptr, input.size(), update_len);
463 YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), input.data(), input.size(),
464 update_ptr.get(), &update_len));
465 encrypt_output.insert(encrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len);
468 auto final_ptr = out_buf_alloc(enc_ctx_ptr, 0, final_len);
469 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx_ptr.get(), final_ptr.get(), &final_len));
470 encrypt_output.insert(encrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len);
472 YACA_SUCCESS(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
473 (void**)&tag_output, &tag_len));
474 ChrPtr tag_ptr = wrap_ptr(tag_output);
476 YACA_ASSERT_MSG(output.size() == encrypt_output.size(), "Ciphertext size after encrypt differs \n");
477 YACA_ASSERT_MSG(output == encrypt_output, "ciphertext after encrypt differs\n");
478 YACA_ASSERT_MSG(tag.size() == tag_len, "Tag size after encrypt differs\n");
479 YACA_ASSERT_MSG(yaca_memcmp(tag.data(), tag_output, tag_len) == YACA_ERROR_NONE,
480 "Tag after encrypt differs\n");
483 Buffer decrypt_output;
484 auto dec_ctx_ptr = decrypt_init(algo, bcm, key_ptr, iv_ptr);
486 YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
487 tag.data(), tag.size()));
490 YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), NULL, output.size(), NULL, &update_len));
491 YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD,
492 aad.data(), aad.size()));
495 if (!output.empty()) {
496 auto update_ptr = out_buf_alloc(dec_ctx_ptr, output.size(), update_len);
497 YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), output.data(), output.size(),
498 update_ptr.get(), &update_len));
499 decrypt_output.insert(decrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len);
502 final_ptr = out_buf_alloc(dec_ctx_ptr, 0, final_len);
503 YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx_ptr.get(), final_ptr.get(), &final_len));
504 decrypt_output.insert(decrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len);
506 YACA_ASSERT_MSG(input.size() == decrypt_output.size(), "Size after encrypt-decrypt differs\n");
507 YACA_ASSERT_MSG(input == decrypt_output, "Text after encrypt-decrypt has changed\n");
510 }//namespace anonymous
512 RUNNER_TEST_GROUP_INIT(T3000_YACA_ENCRYPT);
514 RUNNER_TEST(T3010_yaca_encrypt_init_invalid_param, YacaTest)
517 KeyIvPair key_iv_pair;
518 auto asym_key_ptr = generate_key(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_1024BIT);
519 auto bad_iv_ptr = generate_key(YACA_KEY_TYPE_IV, INVALID_IV_BIT_LENGTH);
520 auto des_key_ptr = generate_key(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_UNSAFE_64BIT);
522 YACA_INVALID_PARAM(yaca_encrypt_initialize(nullptr, YACA_ENCRYPT_AES, YACA_BCM_CBC,
523 key_iv_pair.key.get(), key_iv_pair.iv.get()));
525 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, static_cast<yaca_encrypt_algorithm_e>(-1),
526 YACA_BCM_CBC, key_iv_pair.key.get(),
527 key_iv_pair.iv.get()));
529 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES,
530 static_cast<yaca_block_cipher_mode_e>(-1),
531 key_iv_pair.key.get(), key_iv_pair.iv.get()));
533 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC, YACA_KEY_NULL,
534 key_iv_pair.iv.get()));
536 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
537 asym_key_ptr.get(), key_iv_pair.iv.get()));
539 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_UNSAFE_DES, YACA_BCM_ECB,
540 des_key_ptr.get(), key_iv_pair.iv.get()));
542 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
543 key_iv_pair.key.get(), YACA_KEY_NULL));
545 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
546 key_iv_pair.key.get(), bad_iv_ptr.get()));
548 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
549 key_iv_pair.iv.get(), key_iv_pair.iv.get()));
551 YACA_INVALID_PARAM(yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
552 des_key_ptr.get(), key_iv_pair.iv.get()));
555 RUNNER_TEST(T3020_yaca_encrypt_update_invalid_param, YacaTest)
557 size_t ciphertext_len = 0;
558 KeyIvPair key_iv_pair;
559 auto en_ctx_ptr = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC, key_iv_pair.key, key_iv_pair.iv);
560 auto inv_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC, key_iv_pair.key, key_iv_pair.iv);
561 auto ciphertext_ptr = out_buf_alloc(en_ctx_ptr, DATA.size(), ciphertext_len);
563 YACA_INVALID_PARAM(yaca_encrypt_update(YACA_CONTEXT_NULL, DATA.data(), DATA.size(),
564 ciphertext_ptr.get(), &ciphertext_len));
566 YACA_INVALID_PARAM(yaca_encrypt_update(en_ctx_ptr.get(), nullptr, DATA.size(),
567 ciphertext_ptr.get(), &ciphertext_len));
569 YACA_INVALID_PARAM(yaca_encrypt_update(en_ctx_ptr.get(), nullptr, 0,
570 ciphertext_ptr.get(), &ciphertext_len));
572 YACA_INVALID_PARAM(yaca_encrypt_update(en_ctx_ptr.get(), DATA.data(), 0,
573 ciphertext_ptr.get(), &ciphertext_len));
575 YACA_INVALID_PARAM(yaca_encrypt_update(en_ctx_ptr.get(), DATA.data(), DATA.size(),
576 nullptr, &ciphertext_len));
578 YACA_INVALID_PARAM(yaca_encrypt_update(en_ctx_ptr.get(), DATA.data(), DATA.size(),
579 ciphertext_ptr.get(), nullptr));
581 YACA_INVALID_PARAM(yaca_encrypt_update(inv_ctx_ptr.get(), DATA.data(), DATA.size(),
582 ciphertext_ptr.get(), &ciphertext_len));
585 RUNNER_TEST(T3030_yaca_encrypt_final_invalid_param, YacaTest)
587 size_t ciphertext_len = 0;
588 KeyIvPair key_iv_pair;
589 auto en_ctx_ptr = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC, key_iv_pair.key, key_iv_pair.iv);
590 auto ciphertext_ptr = out_buf_alloc(en_ctx_ptr, DATA.size(), ciphertext_len);
591 auto inv_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC, key_iv_pair.key, key_iv_pair.iv);
593 YACA_INVALID_PARAM(yaca_encrypt_finalize(YACA_CONTEXT_NULL, ciphertext_ptr.get(),
596 YACA_INVALID_PARAM(yaca_encrypt_finalize(en_ctx_ptr.get(), nullptr, &ciphertext_len));
598 YACA_INVALID_PARAM(yaca_encrypt_finalize(en_ctx_ptr.get(), ciphertext_ptr.get(), nullptr));
600 YACA_INVALID_PARAM(yaca_encrypt_finalize(inv_ctx_ptr.get(), ciphertext_ptr.get(),
604 RUNNER_TEST(T3040_yaca_decrypt_init_invalid_param, YacaTest)
607 KeyIvPair key_iv_pair;
608 auto asym_key_ptr = generate_key(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_1024BIT);
609 auto bad_iv_ptr = generate_key(YACA_KEY_TYPE_IV, INVALID_IV_BIT_LENGTH);
610 auto des_key_ptr = generate_key(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_UNSAFE_64BIT);
612 YACA_INVALID_PARAM(yaca_decrypt_initialize(nullptr, YACA_ENCRYPT_AES, YACA_BCM_CBC,
613 key_iv_pair.key.get(), key_iv_pair.iv.get()));
615 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, static_cast<yaca_encrypt_algorithm_e>(-1),
616 YACA_BCM_CBC, key_iv_pair.key.get(),
617 key_iv_pair.iv.get()));
619 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES,
620 static_cast<yaca_block_cipher_mode_e>(-1),
621 key_iv_pair.key.get(), key_iv_pair.iv.get()));
623 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC, YACA_KEY_NULL,
624 key_iv_pair.iv.get()));
626 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
627 asym_key_ptr.get(), key_iv_pair.iv.get()));
629 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_UNSAFE_DES, YACA_BCM_ECB,
630 des_key_ptr.get(), key_iv_pair.iv.get()));
632 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
633 key_iv_pair.key.get(), YACA_KEY_NULL));
635 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
636 key_iv_pair.key.get(), bad_iv_ptr.get()));
638 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
639 key_iv_pair.iv.get(), key_iv_pair.iv.get()));
641 YACA_INVALID_PARAM(yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC,
642 des_key_ptr.get(), key_iv_pair.iv.get()));
645 RUNNER_TEST(T3050_yaca_decrypt_update_invalid_param, YacaTest)
647 size_t plaintext_len = 0;
648 KeyIvPair key_iv_pair;
649 auto dec_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC, key_iv_pair.key, key_iv_pair.iv);
650 auto plaintext_ptr = out_buf_alloc(dec_ctx_ptr, DATA.size(), plaintext_len);
651 auto inv_ctx_ptr = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC, key_iv_pair.key, key_iv_pair.iv);
653 YACA_INVALID_PARAM(yaca_decrypt_update(YACA_CONTEXT_NULL, DATA.data(), DATA.size(),
654 nullptr, &plaintext_len));
656 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx_ptr.get(), nullptr, DATA.size(),
657 plaintext_ptr.get(), &plaintext_len));
659 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx_ptr.get(), DATA.data(), 0,
660 plaintext_ptr.get(), &plaintext_len));
662 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx_ptr.get(), nullptr, 0,
663 plaintext_ptr.get(), &plaintext_len));
665 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx_ptr.get(), DATA.data(), DATA.size(),
666 nullptr, &plaintext_len));
668 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx_ptr.get(), DATA.data(), DATA.size(),
669 plaintext_ptr.get(), nullptr));
671 YACA_INVALID_PARAM(yaca_decrypt_update(inv_ctx_ptr.get(), DATA.data(), DATA.size(),
672 plaintext_ptr.get(), &plaintext_len));
675 RUNNER_TEST(T3060_yaca_decrypt_final_invalid_param, YacaTest)
677 size_t plaintext_len = 0;
678 KeyIvPair key_iv_pair;
679 auto dec_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC, key_iv_pair.key, key_iv_pair.iv);
680 auto plaintext_ptr = out_buf_alloc(dec_ctx_ptr, DATA.size(), plaintext_len);
681 auto inv_ctx_ptr = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC, key_iv_pair.key, key_iv_pair.iv);
683 YACA_INVALID_PARAM(yaca_decrypt_finalize(YACA_CONTEXT_NULL, plaintext_ptr.get(),
686 YACA_INVALID_PARAM(yaca_decrypt_finalize(dec_ctx_ptr.get(), nullptr, &plaintext_len));
688 YACA_INVALID_PARAM(yaca_decrypt_finalize(dec_ctx_ptr.get(), plaintext_ptr.get(), nullptr));
690 YACA_INVALID_PARAM(yaca_decrypt_finalize(inv_ctx_ptr.get(), plaintext_ptr.get(),
694 RUNNER_TEST(T3070_yaca_get_iv_bits_invalid_param, YacaTest)
696 const size_t KEY_LEN = 256;
698 const size_t INVALID_KEY_BIT_LENGTH = 512;
700 YACA_INVALID_PARAM(yaca_encrypt_get_iv_bit_length(static_cast<yaca_encrypt_algorithm_e>(-1),
701 YACA_BCM_CBC, KEY_LEN, &iv_bit_len));
703 YACA_INVALID_PARAM(yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES,
704 static_cast<yaca_block_cipher_mode_e>(-1),
705 KEY_LEN, &iv_bit_len));
707 YACA_INVALID_PARAM(yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_CBC,
708 INVALID_KEY_BIT_LENGTH, &iv_bit_len));
710 YACA_INVALID_PARAM(yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_CBC,
714 RUNNER_TEST(T3075_yaca_key_wrap_unwrap_invalid_param, YacaTest)
716 size_t wrapped_len = 0;
717 size_t unwrapped_len = 0;
719 KeyPtr key = generate_key(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_192BIT);
720 KeyPtr iv = null_key();
721 Buffer key_data = random_buffer(YACA_KEY_LENGTH_192BIT / 8);
723 CtxPtr enc_ctx = encrypt_init(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_WRAP, key, iv);
724 CtxPtr dec_ctx = decrypt_init(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_WRAP, key, iv);
726 ChrPtr wrapped = out_buf_alloc(enc_ctx, key_data.size(), wrapped_len);
727 ChrPtr unwrapped = out_buf_alloc(dec_ctx, wrapped_len, unwrapped_len);
729 YACA_INVALID_PARAM(yaca_encrypt_finalize(enc_ctx.get(), wrapped.get(), &wrapped_len));
730 YACA_INVALID_PARAM(yaca_encrypt_update(enc_ctx.get(), key_data.data(), YACA_KEY_LENGTH_UNSAFE_64BIT / 8,
731 wrapped.get(), &wrapped_len));
732 YACA_INVALID_PARAM(yaca_encrypt_update(enc_ctx.get(), key_data.data(), YACA_KEY_LENGTH_512BIT / 8,
733 wrapped.get(), &wrapped_len));
734 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), key_data.data(), key_data.size(),
735 wrapped.get(), &wrapped_len));
737 // only a single update is allowed
738 YACA_INVALID_PARAM(yaca_encrypt_update(enc_ctx.get(), key_data.data(), key_data.size(),
739 wrapped.get(), &wrapped_len));
741 YACA_INVALID_PARAM(yaca_decrypt_finalize(dec_ctx.get(), wrapped.get(), &wrapped_len));
742 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx.get(), wrapped.get(), wrapped_len - 1,
743 unwrapped.get(),&unwrapped_len));
744 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), wrapped.get(), wrapped_len,
745 unwrapped.get(), &unwrapped_len));
747 // only a single update is allowed
748 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx.get(), wrapped.get(), wrapped_len,
749 unwrapped.get(), &unwrapped_len));
752 RUNNER_TEST(T3077_yaca_get_iv_bit_length, YacaTest)
755 YACA_SUCCESS(yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_CBC, YACA_KEY_LENGTH_256BIT,
757 YACA_ASSERT_MSG(iv_bit_len == YACA_KEY_LENGTH_IV_128BIT, "Invalid IV bit length.");
759 YACA_SUCCESS(yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_ECB, YACA_KEY_LENGTH_256BIT,
761 YACA_ASSERT_MSG(iv_bit_len == 0, "Invalid IV bit length.");
763 YACA_SUCCESS(yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_CBC, YACA_KEY_LENGTH_192BIT,
765 YACA_ASSERT_MSG(iv_bit_len == YACA_KEY_LENGTH_IV_64BIT, "Invalid IV bit length.");
768 RUNNER_TEST(T3080_yaca_encrypt_decrypt_init_param_comb, YacaTest)
770 auto tvv = loadTestVector("encrypt_param_comb.txt");
772 for (const auto& tv : tvv) {
773 yaca_encrypt_algorithm_e algo;
774 yaca_block_cipher_mode_e bcm;
779 tv.get("algo", algo);
781 tv.get("key_len", key_len);
782 tv.get("iv_len", iv_len);
783 tv.get("valid", valid);
785 check_test_vector_init(algo, bcm, key_len, iv_len, valid);
789 RUNNER_TEST(T3090_yaca_encrypt_update_finalize_output_comp, YacaTest)
791 test_encryption_output("encrypt_output_comparison.txt");
792 test_encryption_output("encrypt_output_comparison_rc2_cast5_nopad.txt", false);
793 test_encryption_output("encrypt_output_comparison_rc4.txt");
794 test_encryption_output("encrypt_output_comparison_wrap.txt");
797 RUNNER_TEST(T3100_yaca_encrypt_decrypt_comparison, YacaTest)
799 test_encryption_decryption("encrypt_valid_param.txt");
800 test_encryption_decryption("encrypt_valid_param_wrap.txt");
803 RUNNER_TEST(T3110_yaca_aes_gcm_call_order_invalid_param, YacaTest)
805 KeyIvPair key_iv_pair;
808 auto aad = random_buffer(16);
809 Buffer encrypt_output;
810 Buffer decrypt_output;
813 auto enc_ctx_ptr = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM,
814 key_iv_pair.key, key_iv_pair.iv);
815 size_t update_len = 0;
816 auto update_ptr = out_buf_alloc(enc_ctx_ptr, DATA.size(), update_len);
817 size_t final_len = 0;
818 auto final_ptr = out_buf_alloc(enc_ctx_ptr, 0, final_len);
820 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
822 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
823 (void**)&tag, &tag_len));
824 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN,
825 (void*)&tag_len, sizeof(tag_len)));
827 YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD,
828 aad.data(), aad.size()));
830 YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), DATA.data(), DATA.size(),
831 update_ptr.get(), &update_len));
832 encrypt_output.insert(encrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len);
834 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD,
835 aad.data(), aad.size()));
836 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
838 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
839 (void**)&tag, &tag_len));
840 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN,
841 (void*)&tag_len, sizeof(tag_len)));
843 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx_ptr.get(), final_ptr.get(), &final_len));
844 encrypt_output.insert(encrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len);
846 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD,
847 aad.data(), aad.size()));
848 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
850 YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN,
851 (void*)&tag_len, sizeof(tag_len)));
852 YACA_SUCCESS(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
853 (void**)&tag, &tag_len));
854 ChrPtr tag_ptr = wrap_ptr(tag);
856 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN,
857 (void*)&tag_len, sizeof(tag_len)));
860 auto dec_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM,
861 key_iv_pair.key, key_iv_pair.iv);
862 update_ptr = out_buf_alloc(dec_ctx_ptr, encrypt_output.size(), update_len);
863 final_ptr = out_buf_alloc(dec_ctx_ptr, 0, final_len);
865 YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
866 (void**)&tag, &tag_len));
867 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN,
868 (void*)&tag_len, sizeof(tag_len)));
870 YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD,
871 aad.data(), aad.size()));
873 YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), encrypt_output.data(), encrypt_output.size(),
874 update_ptr.get(), &update_len));
875 decrypt_output.insert(decrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len);
877 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD,
878 aad.data(), aad.size()));
879 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN,
880 (void*)&tag_len, sizeof(tag_len)));
881 YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
882 (void**)&tag, &tag_len));
883 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
886 YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, tag, tag_len));
888 YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx_ptr.get(), final_ptr.get(), &final_len));
889 decrypt_output.insert(decrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len);
891 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD,
892 aad.data(), aad.size()));
893 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
895 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN,
896 (void*)&tag_len, sizeof(tag_len)));
897 YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG,
898 (void**)&tag, &tag_len));
900 YACA_ASSERT_MSG(DATA.size() == decrypt_output.size(), "Size after encrypt-decrypt differs\n");
901 YACA_ASSERT_MSG(DATA == decrypt_output, "Text after encrypt-decrypt has changed\n");
904 RUNNER_TEST(T3120_yaca_aes_ccm_call_order_invalid_param, YacaTest)
906 KeyPtr key = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT);
907 KeyPtr iv = generate_key(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_64BIT);
910 auto aad = random_buffer(16);
911 Buffer encrypt_output;
912 Buffer decrypt_output;
915 auto enc_ctx_ptr = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv);
916 size_t update_len = 0;
917 auto update_ptr = out_buf_alloc(enc_ctx_ptr, DATA.size(), update_len);
918 size_t final_len = 0;
919 auto final_ptr = out_buf_alloc(enc_ctx_ptr, 0, final_len);
921 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
923 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
924 (void**)&tag, &tag_len));
925 YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN,
926 (void*)&tag_len, sizeof(tag_len)));
928 YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), NULL, DATA.size(), NULL, &update_len));
929 YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD,
930 aad.data(), aad.size()));
931 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN,
932 (void*)&tag_len, sizeof(tag_len)));
934 YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), DATA.data(), DATA.size(),
935 update_ptr.get(), &update_len));
936 encrypt_output.insert(encrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len);
938 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD,
939 aad.data(), aad.size()));
940 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
942 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN,
943 (void*)&tag_len, sizeof(tag_len)));
944 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
945 (void**)&tag, &tag_len));
947 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx_ptr.get(), final_ptr.get(), &final_len));
948 encrypt_output.insert(encrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len);
950 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD,
951 aad.data(), aad.size()));
952 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
954 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN,
955 (void*)&tag_len, sizeof(tag_len)));
956 YACA_SUCCESS(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
957 (void**)&tag, &tag_len));
958 ChrPtr tag_ptr = wrap_ptr(tag);
961 auto dec_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv);
962 update_ptr = out_buf_alloc(dec_ctx_ptr, encrypt_output.size(), update_len);
963 final_ptr = out_buf_alloc(dec_ctx_ptr, 0, final_len);
965 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN,
966 (void*)&tag_len, sizeof(tag_len)));
967 YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
968 (void**)&tag, &tag_len));
969 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
972 YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, tag, tag_len));
974 YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), NULL, encrypt_output.size(),
976 YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD,
977 aad.data(), aad.size()));
978 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
981 YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), encrypt_output.data(), encrypt_output.size(),
982 update_ptr.get(), &update_len));
983 decrypt_output.insert(decrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len);
985 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD,
986 aad.data(), aad.size()));
987 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
989 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN,
990 (void*)&tag_len, sizeof(tag_len)));
991 YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
992 (void**)&tag, &tag_len));
994 YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx_ptr.get(), final_ptr.get(), &final_len));
995 decrypt_output.insert(decrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len);
997 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD,
998 aad.data(), aad.size()));
999 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
1001 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN,
1002 (void*)&tag_len, sizeof(tag_len)));
1003 YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG,
1004 (void**)&tag, &tag_len));
1006 YACA_ASSERT_MSG(DATA.size() == decrypt_output.size(), "Size after encrypt-decrypt differs\n");
1007 YACA_ASSERT_MSG(DATA == decrypt_output, "Text after encrypt-decrypt has changed\n");
1010 RUNNER_TEST(T3130_yaca_aes_gcm_tag_len_combs_invalid_param, YacaTest)
1012 auto tvv = loadTestVector("encrypt_aes_gcm_tag_len.txt");
1014 for (const auto& tv : tvv) {
1020 tv.get("key_len", key_len);
1021 tv.get("iv_len", iv_len);
1022 tv.get("tag_len", tag_len);
1023 tv.get("valid", valid);
1025 test_vector_gcm_tag_len(key_len, iv_len, tag_len, valid);
1029 RUNNER_TEST(T3140_yaca_aes_ccm_tag_len_combs_invalid_param, YacaTest)
1031 auto tvv = loadTestVector("encrypt_aes_ccm_tag_len.txt");
1033 for (const auto& tv : tvv) {
1039 tv.get("key_len", key_len);
1040 tv.get("iv_len", iv_len);
1041 tv.get("tag_len", tag_len);
1042 tv.get("valid", valid);
1044 test_vector_ccm_tag_len(key_len, iv_len, tag_len, valid);
1048 RUNNER_TEST(T3150_yaca_aes_gcm_ccm_output_comparison, YacaTest)
1050 auto tvv = loadTestVector("encrypt_output_comparison_aes_gcm_ccm.txt");
1052 for (const auto& tv : tvv) {
1054 yaca_encrypt_algorithm_e algo;
1055 yaca_block_cipher_mode_e bcm;
1062 tv.get("input", input);
1063 tv.get("algo", algo);
1069 tv.get("output", output);
1071 bcm == YACA_BCM_GCM ? aes_gcm_test_output(input, algo, bcm, key, iv, aad, tag, output)
1072 : aes_ccm_test_output(input, algo, bcm, key, iv, aad, tag, output);
1076 RUNNER_TEST(T3160_yaca_set_get_padding_invalid_param, YacaTest)
1078 KeyIvPair key_iv_pair;
1079 CtxPtr enc_ctx = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CBC,
1080 key_iv_pair.key, key_iv_pair.iv);
1082 yaca_padding_e padding = YACA_PADDING_NONE;
1085 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), static_cast<yaca_property_e>(-1),
1086 (void*)(&padding), sizeof(padding)));
1087 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_PADDING,
1088 nullptr, sizeof(padding)));
1089 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_PADDING,
1090 (void*)(&padding), 0));
1091 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_PADDING,
1092 (void*)(&padding), sizeof(char)));
1094 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_PADDING,
1095 (void**)(&padding), &padding_len));
1097 size_t output_len = get_output_length(enc_ctx);
1098 Buffer output(output_len);
1099 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx.get(), output.data(), &output_len));
1100 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_PADDING,
1101 (void*)(&padding), sizeof(padding)));
1103 std::vector<yaca_block_cipher_mode_e> bcms = {YACA_BCM_OFB, YACA_BCM_CFB, YACA_BCM_GCM,
1104 YACA_BCM_CTR, YACA_BCM_CBC};
1105 std::vector<yaca_padding_e> paddings = {YACA_PADDING_PKCS1, YACA_PADDING_PKCS1_PSS,
1106 YACA_PADDING_X931, YACA_PADDING_PKCS1_SSLV23,
1107 YACA_PADDING_PKCS1_OAEP};
1109 for (yaca_block_cipher_mode_e bcm : bcms) {
1110 enc_ctx = encrypt_init(YACA_ENCRYPT_AES, bcm, key_iv_pair.key, key_iv_pair.iv);
1112 for (yaca_padding_e padding : paddings) {
1113 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_PADDING,
1114 (void*)(&padding), sizeof(padding)));
1119 RUNNER_TEST(T3170_yaca_set_get_rc2_key_bits_invalid_param, YacaTest)
1121 size_t effective_key_bits;
1122 size_t effective_key_bits_len;
1123 KeyPtr key = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_UNSAFE_128BIT);
1124 CtxPtr enc_ctx = encrypt_init(YACA_ENCRYPT_UNSAFE_RC2, YACA_BCM_ECB, key, null_key());
1126 effective_key_bits = 0;
1127 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(),
1128 YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
1129 (void*)(&effective_key_bits),
1130 sizeof(effective_key_bits)));
1131 effective_key_bits = 1025;
1132 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(),
1133 YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
1134 (void*)(&effective_key_bits),
1135 sizeof(effective_key_bits)));
1137 effective_key_bits = 128;
1138 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(),
1139 YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
1140 (void*)(&effective_key_bits), sizeof(char)));
1142 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(),
1143 YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
1144 (void**)(&effective_key_bits),
1145 &effective_key_bits_len));
1147 size_t output_len = get_output_length(enc_ctx, DATA.size());
1148 Buffer output(output_len);
1149 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), DATA.data(), DATA.size(),
1150 output.data(), &output_len));
1151 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(),
1152 YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
1153 (void*)(&effective_key_bits),
1154 sizeof(effective_key_bits)));
1156 std::vector<yaca_encrypt_algorithm_e> algos = {YACA_ENCRYPT_AES, YACA_ENCRYPT_UNSAFE_3DES_2TDEA,
1157 YACA_ENCRYPT_CAST5};
1159 for (yaca_encrypt_algorithm_e algo : algos) {
1160 enc_ctx = encrypt_init(algo, YACA_BCM_ECB, key, null_key());
1162 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(),
1163 YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS,
1164 (void*)(&effective_key_bits),
1165 sizeof(effective_key_bits)));
1169 RUNNER_TEST(T3180_yaca_set_get_gcm_properties_invalid_param, YacaTest)
1171 KeyPtr key = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_192BIT);
1172 KeyPtr iv = generate_key(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_128BIT);
1173 KeyPtr gcm_iv = generate_key(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_64BIT);
1175 size_t aad_len = 16;
1176 Buffer aad = random_buffer(aad_len);
1177 size_t tag_len = 16;
1180 size_t update_len, final_len;
1183 CtxPtr enc_ctx = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv);
1184 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_GCM_AAD,
1185 aad.data(), aad.size()));
1187 Buffer encrypt_output;
1188 ChrPtr update = out_buf_alloc(enc_ctx, DATA.size(), update_len);
1189 ChrPtr final = out_buf_alloc(enc_ctx, 0, final_len);
1190 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), DATA.data(), DATA.size(),
1191 update.get(), &update_len));
1192 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx.get(), final.get(), &final_len));
1193 encrypt_output.insert(encrypt_output.end(), update.get(), update.get() + update_len);
1194 encrypt_output.insert(encrypt_output.end(), final.get(), final.get() + final_len);
1196 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG_LEN,
1197 (void*)(&tag_len), sizeof(tag_len)));
1198 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG,
1199 (void**)&tag, &tag_len));
1201 CtxPtr dec_ctx = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv);
1202 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_AAD,
1203 aad.data(), aad.size()));
1205 update = out_buf_alloc(dec_ctx, encrypt_output.size(), update_len);
1206 final = out_buf_alloc(dec_ctx, 0, final_len);
1208 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), encrypt_output.data(), encrypt_output.size(),
1209 update.get(), &update_len));
1211 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_TAG,
1214 YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx.get(), final.get(), &final_len));
1217 enc_ctx = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM, key, gcm_iv);
1218 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_CCM_AAD,
1219 aad.data(), aad.size()));
1220 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_GCM_AAD,
1221 (void**)aad.data(), &aad_len));
1223 encrypt_output.clear();
1224 update = out_buf_alloc(enc_ctx, DATA.size(), update_len);
1225 final = out_buf_alloc(enc_ctx, 0, final_len);
1226 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), DATA.data(), DATA.size(),
1227 update.get(), &update_len));
1228 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx.get(), final.get(), &final_len));
1229 encrypt_output.insert(encrypt_output.end(), update.get(), update.get() + update_len);
1230 encrypt_output.insert(encrypt_output.end(), final.get(), final.get() + final_len);
1232 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG_LEN,
1233 (void*)(&tag_len), sizeof(tag_len)));
1234 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG_LEN,
1235 (void*)(&tag_len), sizeof(char)));
1237 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG,
1238 (void**)&tag, &tag_len));
1239 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG,
1240 nullptr, &tag_len));
1241 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG,
1242 (void**)&tag, nullptr));
1244 YACA_SUCCESS(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG,
1245 (void**)&tag, &tag_len));
1246 ChrPtr tag_ptr = wrap_ptr(tag);
1248 dec_ctx = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM, key, gcm_iv);
1249 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_AAD,
1250 aad.data(), aad.size()));
1251 YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx.get(), YACA_PROPERTY_GCM_AAD,
1252 (void**)aad.data(), &aad_len));
1254 update = out_buf_alloc(dec_ctx, encrypt_output.size(), update_len);
1255 final = out_buf_alloc(dec_ctx, 0, final_len);
1257 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), encrypt_output.data(), encrypt_output.size(),
1258 update.get(), &update_len));
1260 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_TAG,
1263 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_TAG, tag, tag_len));
1265 YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx.get(), final.get(), &final_len));
1268 RUNNER_TEST(T3190_yaca_set_get_ccm_properties_invalid_param, YacaTest)
1270 KeyPtr key = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_192BIT);
1271 KeyPtr iv = generate_key(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_64BIT);
1273 size_t aad_len = 16;
1274 Buffer aad = random_buffer(aad_len);
1275 size_t tag_len = 12;
1278 size_t update_len, final_len;
1281 CtxPtr enc_ctx = encrypt_init(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_CFB, key, iv);
1282 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG_LEN,
1283 (void*)(&tag_len), sizeof(tag_len)));
1285 YACA_INVALID_PARAM(yaca_encrypt_update(enc_ctx.get(), NULL, DATA.size(), NULL, &update_len));
1286 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_CCM_AAD,
1287 aad.data(), aad.size()));
1289 Buffer encrypt_output;
1290 ChrPtr update = out_buf_alloc(enc_ctx, DATA.size(), update_len);
1291 ChrPtr final = out_buf_alloc(enc_ctx, 0, final_len);
1292 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), DATA.data(), DATA.size(),
1293 update.get(), &update_len));
1294 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx.get(), final.get(), &final_len));
1295 encrypt_output.insert(encrypt_output.end(), update.get(), update.get() + update_len);
1296 encrypt_output.insert(encrypt_output.end(), final.get(), final.get() + final_len);
1298 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG,
1299 (void**)&tag, &tag_len));
1301 CtxPtr dec_ctx = decrypt_init(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_CFB, key, iv);
1302 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_TAG,
1304 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx.get(), NULL, encrypt_output.size(), NULL,
1306 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_AAD,
1307 aad.data(), aad.size()));
1309 update = out_buf_alloc(dec_ctx, encrypt_output.size(), update_len);
1310 final = out_buf_alloc(dec_ctx, 0, final_len);
1312 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), encrypt_output.data(), encrypt_output.size(),
1313 update.get(), &update_len));
1314 YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx.get(), final.get(), &final_len));
1317 enc_ctx = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv);
1318 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG_LEN,
1319 (void*)(&tag_len), sizeof(tag_len)));
1320 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG_LEN,
1321 (void*)(&tag_len), sizeof(char)));
1323 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), NULL, DATA.size(), NULL, &update_len));
1324 YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_GCM_AAD,
1325 aad.data(), aad.size()));
1326 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_CCM_AAD,
1327 (void**)aad.data(), &aad_len));
1329 YACA_SUCCESS(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_CCM_AAD,
1330 aad.data(), aad.size()));
1332 encrypt_output.clear();
1333 update = out_buf_alloc(enc_ctx, DATA.size(), update_len);
1334 final = out_buf_alloc(enc_ctx, 0, final_len);
1335 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), DATA.data(), DATA.size(),
1336 update.get(), &update_len));
1337 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx.get(), final.get(), &final_len));
1338 encrypt_output.insert(encrypt_output.end(), update.get(), update.get() + update_len);
1339 encrypt_output.insert(encrypt_output.end(), final.get(), final.get() + final_len);
1341 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG,
1342 (void**)&tag, &tag_len));
1343 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG,
1344 nullptr, &tag_len));
1345 YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG,
1346 (void**)&tag, nullptr));
1348 YACA_SUCCESS(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG,
1349 (void**)&tag, &tag_len));
1350 ChrPtr tag_ptr = wrap_ptr(tag);
1352 dec_ctx = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv);
1353 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_TAG,
1356 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_TAG, tag, tag_len));
1358 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), NULL, encrypt_output.size(), NULL,
1360 YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_AAD,
1361 aad.data(), aad.size()));
1363 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_AAD,
1364 aad.data(), aad.size()));
1366 update = out_buf_alloc(dec_ctx, encrypt_output.size(), update_len);
1367 final = out_buf_alloc(dec_ctx, 0, final_len);
1368 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), encrypt_output.data(), encrypt_output.size(),
1369 update.get(), &update_len));
1370 YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx.get(), final.get(), &final_len));
1373 RUNNER_TEST(T3200_yaca_set_invalid_gcm_tag_aad, YacaTest)
1375 KeyPtr key = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_192BIT);
1376 KeyPtr iv = generate_key(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_64BIT);
1378 size_t aad_len = 16;
1379 Buffer aad = random_buffer(aad_len);
1380 size_t tag_len = 16;
1383 CtxPtr enc_ctx = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM, key, iv);
1385 Buffer encrypt_output;
1386 size_t update_len, final_len;
1387 ChrPtr update = out_buf_alloc(enc_ctx, DATA.size(), update_len);
1388 ChrPtr final = out_buf_alloc(enc_ctx, 0, final_len);
1390 YACA_SUCCESS(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_GCM_AAD,
1391 aad.data(), aad.size()));
1392 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), DATA.data(), DATA.size(),
1393 update.get(), &update_len));
1394 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx.get(), final.get(), &final_len));
1395 YACA_SUCCESS(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_GCM_TAG,
1396 (void**)&tag, &tag_len));
1397 ChrPtr tag_ptr = wrap_ptr(tag);
1399 encrypt_output.insert(encrypt_output.end(), update.get(), update.get() + update_len);
1400 encrypt_output.insert(encrypt_output.end(), final.get(), final.get() + final_len);
1402 CtxPtr dec_ctx = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM, key, iv);
1403 update = out_buf_alloc(dec_ctx, encrypt_output.size(), update_len);
1404 final = out_buf_alloc(dec_ctx, 0, final_len);
1407 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_AAD, tag, aad.size()));
1409 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), encrypt_output.data(), encrypt_output.size(),
1410 update.get(), &update_len));
1413 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_TAG, tag, tag_len));
1415 YACA_INVALID_PARAM(yaca_decrypt_finalize(dec_ctx.get(), final.get(), &final_len));
1417 dec_ctx = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM, key, iv);
1420 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_AAD,
1421 aad.data(), aad.size()));
1423 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), encrypt_output.data(), encrypt_output.size(),
1424 update.get(), &update_len));
1427 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_GCM_TAG,
1428 aad.data(), tag_len));
1430 YACA_INVALID_PARAM(yaca_decrypt_finalize(dec_ctx.get(), final.get(), &final_len));
1433 RUNNER_TEST(T3210_yaca_set_invalid_ccm_tag_aad, YacaTest)
1435 KeyPtr key = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_192BIT);
1436 KeyPtr iv = generate_key(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_64BIT);
1438 size_t aad_len = 16;
1439 Buffer aad = random_buffer(aad_len);
1440 size_t tag_len = 12;
1443 CtxPtr enc_ctx = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv);
1445 Buffer encrypt_output;
1446 size_t update_len, final_len;
1447 ChrPtr update = out_buf_alloc(enc_ctx, DATA.size(), update_len);
1448 ChrPtr final = out_buf_alloc(enc_ctx, 0, final_len);
1450 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), NULL, DATA.size(), NULL, &update_len));
1451 YACA_SUCCESS(yaca_context_set_property(enc_ctx.get(), YACA_PROPERTY_CCM_AAD,
1452 aad.data(), aad.size()));
1453 YACA_SUCCESS(yaca_encrypt_update(enc_ctx.get(), DATA.data(), DATA.size(),
1454 update.get(), &update_len));
1455 YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx.get(), final.get(), &final_len));
1456 YACA_SUCCESS(yaca_context_get_property(enc_ctx.get(), YACA_PROPERTY_CCM_TAG,
1457 (void**)&tag, &tag_len));
1458 ChrPtr tag_ptr = wrap_ptr(tag);
1460 encrypt_output.insert(encrypt_output.end(), update.get(), update.get() + update_len);
1461 encrypt_output.insert(encrypt_output.end(), final.get(), final.get() + final_len);
1463 CtxPtr dec_ctx = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv);
1464 update = out_buf_alloc(dec_ctx, encrypt_output.size(), update_len);
1465 final = out_buf_alloc(dec_ctx, 0, final_len);
1468 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_TAG,
1469 aad.data(), tag_len));
1472 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), NULL, encrypt_output.size(), NULL,
1474 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_AAD,
1475 aad.data(), aad.size()));
1477 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx.get(), encrypt_output.data(), encrypt_output.size(),
1478 update.get(), &update_len));
1480 dec_ctx = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv);
1483 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_TAG, tag, tag_len));
1486 YACA_SUCCESS(yaca_decrypt_update(dec_ctx.get(), NULL, encrypt_output.size(), NULL,
1488 YACA_SUCCESS(yaca_context_set_property(dec_ctx.get(), YACA_PROPERTY_CCM_AAD,
1491 YACA_INVALID_PARAM(yaca_decrypt_update(dec_ctx.get(), encrypt_output.data(), encrypt_output.size(),
1492 update.get(), &update_len));