YACA: Add seal/open tests.

Change-Id: Ie3ca9b19fde43bdf619919a05c8dcbf616dde68c

diff --git a/src/yaca/yaca-test-common.h b/src/yaca/yaca-test-common.h
index 6e100ad..4e69885 100644 (file)
--- a/src/yaca/yaca-test-common.h
+++ b/src/yaca/yaca-test-common.h
@@ -236,3 +236,13 @@ const char* bcm2str(yaca_block_cipher_mode_e bcm);
 /* If input is longer than len it is truncated and an ellipsis is appended.
  * Otherwise the original string is returned. */
 std::string truncate_str(const std::string &input, size_t len);
+
+struct KeyPair {
+    KeyPtr prv;
+    KeyPtr pub;
+
+    KeyPair(yaca_key_type_e prv_key_type, size_t key_bit_len) :
+            prv(generate_key(prv_key_type, key_bit_len)),
+            pub(extract_public_key(prv))
+            {}
+};

diff --git a/src/yaca/yaca-test-seal.cpp b/src/yaca/yaca-test-seal.cpp
index dc259f6..b6a206d 100644 (file)
--- a/src/yaca/yaca-test-seal.cpp
+++ b/src/yaca/yaca-test-seal.cpp
@@ -29,8 +29,53 @@
 #include <yaca_encrypt.h>
 #include <yaca_key.h>
 
+namespace {
+
 const Buffer DATA = random_buffer(1024);
 
+typedef std::vector<KeyPair> KeyPairs;
+
+void test_vector_seal_open(yaca_encrypt_algorithm_e algo,
+                           yaca_block_cipher_mode_e bcm,
+                           size_t sym_key_len,
+                           const KeyPtr &rsa_priv,
+                           const KeyPtr &rsa_pub)
+{
+    Buffer seal_output;
+    Buffer open_output;
+    size_t update_len = 0;
+    size_t final_len = 0;
+    KeyPtr sym_key = null_key();
+    KeyPtr iv = null_key();
+
+    CtxPtr seal_ctx = seal_init(rsa_pub, algo, bcm, sym_key_len, sym_key, iv);
+    CtxPtr open_ctx = open_init(rsa_priv, algo, bcm, sym_key_len, sym_key, iv);
+
+    ChrPtr update_ptr = out_buf_alloc(seal_ctx, DATA.size(), update_len);
+    ChrPtr final_ptr = out_buf_alloc(seal_ctx, 0, final_len);
+
+    YACA_SUCCESS(yaca_seal_update(seal_ctx.get(), DATA.data(), DATA.size(), update_ptr.get(), &update_len));
+    seal_output.insert(seal_output.end(), update_ptr.get(), update_ptr.get() + update_len);
+
+    YACA_SUCCESS(yaca_seal_finalize(seal_ctx.get(), final_ptr.get(), &final_len));
+    seal_output.insert(seal_output.end(), final_ptr.get(), final_ptr.get() + final_len);
+
+    update_ptr = out_buf_alloc(open_ctx, seal_output.size(), update_len);
+    final_ptr = out_buf_alloc(open_ctx, 0, final_len);
+
+    YACA_SUCCESS(yaca_open_update(open_ctx.get(), seal_output.data(), seal_output.size(),
+                                  update_ptr.get(), &update_len));
+    open_output.insert(open_output.end(), update_ptr.get(), update_ptr.get() + update_len);
+
+    YACA_SUCCESS(yaca_open_finalize(open_ctx.get(), final_ptr.get(), &final_len));
+    open_output.insert(open_output.end(), final_ptr.get(), final_ptr.get() + final_len);
+
+    YACA_ASSERT_MSG(DATA.size() == open_output.size(), "Size after seal-open differs\n");
+    YACA_ASSERT_MSG(DATA == open_output, "Text after seal-open has changed\n");
+}
+
+}//namespace anonymous
+
 RUNNER_TEST_GROUP_INIT(T5000_YACA_SEAL);
 
 RUNNER_TEST(T5010_yaca_seal_init_invalid_param, YacaTest)
@@ -39,7 +84,7 @@ RUNNER_TEST(T5010_yaca_seal_init_invalid_param, YacaTest)
     yaca_key_h sym_key;
     yaca_key_h iv;
 
-    yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES;
+    yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_UNSAFE_RC2;
     yaca_block_cipher_mode_e bcm = YACA_BCM_CBC;
     size_t sym_key_bit_len = YACA_KEY_LENGTH_192BIT;
 
@@ -78,8 +123,9 @@ RUNNER_TEST(T5010_yaca_seal_init_invalid_param, YacaTest)
     YACA_INVALID_PARAM(yaca_seal_initialize(&ctx, rsa_pub_key_ptr.get(), algo, YACA_BCM_WRAP, sym_key_bit_len,
                                             &sym_key, &iv));
 
-    YACA_INVALID_PARAM(yaca_seal_initialize(&ctx, rsa_pub_key_ptr.get(), algo, bcm, 512, &sym_key, &iv));
-    YACA_INVALID_PARAM(yaca_seal_initialize(&ctx, rsa_pub_key_ptr.get(), algo, bcm, 64, &sym_key, &iv));
+    // sym_key_bit_len must be at least 88 bits shorter than RSA key bit length
+    YACA_INVALID_PARAM(yaca_seal_initialize(&ctx, rsa_pub_key_ptr.get(), algo, bcm, YACA_KEY_LENGTH_1024BIT,
+                                            &sym_key, &iv));
     YACA_INVALID_PARAM(yaca_seal_initialize(&ctx, rsa_pub_key_ptr.get(), algo, bcm, 63, &sym_key, &iv));
 
     YACA_INVALID_PARAM(yaca_seal_initialize(&ctx, rsa_pub_key_ptr.get(), algo, bcm, sym_key_bit_len,
@@ -115,6 +161,9 @@ RUNNER_TEST(T5020_yaca_seal_update_invalid_param, YacaTest)
     YACA_INVALID_PARAM(yaca_seal_update(seal_ctx_ptr.get(), DATA.data(), 0,
                                         ciphertext_ptr.get(), &ciphertext_len));
 
+    YACA_INVALID_PARAM(yaca_seal_update(seal_ctx_ptr.get(), nullptr, 0,
+                                        ciphertext_ptr.get(), &ciphertext_len));
+
     YACA_INVALID_PARAM(yaca_seal_update(seal_ctx_ptr.get(), DATA.data(), DATA.size(),
                                         nullptr, &ciphertext_len));
 
@@ -231,6 +280,9 @@ RUNNER_TEST(T5050_yaca_open_update_invalid_param, YacaTest)
     YACA_INVALID_PARAM(yaca_open_update(open_ctx_ptr.get(), DATA.data(), 0,
                                         plaintext_ptr.get(), &plaintext_len));
 
+    YACA_INVALID_PARAM(yaca_open_update(open_ctx_ptr.get(), nullptr, 0,
+                                        plaintext_ptr.get(), &plaintext_len));
+
     YACA_INVALID_PARAM(yaca_open_update(open_ctx_ptr.get(), DATA.data(), DATA.size(),
                                         nullptr, &plaintext_len));
 
@@ -259,3 +311,24 @@ RUNNER_TEST(T5060_yaca_open_final_invalid_param, YacaTest)
     YACA_INVALID_PARAM(yaca_open_finalize(open_ctx_ptr.get(), nullptr, &plaintext_len));
     YACA_INVALID_PARAM(yaca_open_finalize(open_ctx_ptr.get(), plaintext_ptr.get(), nullptr));
 }
+
+RUNNER_TEST(T5070_yaca_seal_open_comparison, YacaTest)
+{
+    auto tvv = loadTestVector("encrypt_valid_param.txt");
+    KeyPairs keys;
+    keys.push_back(KeyPair(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_3072BIT));
+    keys.push_back(KeyPair(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_4096BIT));
+
+    for (const auto& tv : tvv) {
+        yaca_encrypt_algorithm_e algo;
+        yaca_block_cipher_mode_e bcm;
+        size_t sym_key_len;
+
+        tv.get("algo", algo);
+        tv.get("bcm", bcm);
+        tv.get("key_len", sym_key_len);
+
+        for (const auto& key : keys)
+            test_vector_seal_open(algo, bcm, sym_key_len, key.prv, key.pub);
+    }
+}