From: Krzysztof Jackiewicz Date: Wed, 17 May 2023 16:01:32 +0000 (+0200) Subject: Cipher API unit tests X-Git-Tag: accepted/tizen/7.0/unified/20230620.164235~1^2~6 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=fe121f88778f2bc2853dc7f701d75d6638355fa8;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git Cipher API unit tests Change-Id: I9ef5e3db62a36043d6b5691a0aaff5ce7236c302 --- diff --git a/unit-tests/test_sw-backend.cpp b/unit-tests/test_sw-backend.cpp index c0643403..854bb255 100644 --- a/unit-tests/test_sw-backend.cpp +++ b/unit-tests/test_sw-backend.cpp @@ -1385,4 +1385,120 @@ NEGATIVE_TEST_CASE(deriveKBKDFHMACwrongParams) test.Fail(32, HMAC256, COUNTER, BEFORE, CTX, LAB, NO_BUF, NO_SIZE, 64); } +NEGATIVE_TEST_CASE(cipherAPI) +{ + auto key = generateAes(256); + auto& rsa = generateObjUPtrPair(AlgoType::RSA_GEN, 1024); + + // no algorithm + BOOST_REQUIRE_THROW(key->initContext(CryptoAlgorithm(), true), Exc::Crypto::InputParam); + + CryptoAlgorithm ca; + ca.setParam(ParamName::ALGO_TYPE, AlgoType::RSA_OAEP); + + // symmetric encryption only + BOOST_REQUIRE_THROW(rsa.prv->initContext(ca, true), Exc::Crypto::OperationNotSupported); + BOOST_REQUIRE_THROW(rsa.pub->initContext(ca, true), Exc::Crypto::OperationNotSupported); + + // unsupported algorithm + BOOST_REQUIRE_THROW(key->initContext(ca, true), Exc::Crypto::InputParam); + + // no IV + ca.setParam(ParamName::ALGO_TYPE, AlgoType::AES_GCM); + BOOST_REQUIRE_THROW(key->initContext(ca, true), Exc::Crypto::InputParam); + + auto iv = createRandom(Params::DEFAULT_AES_IV_LEN); + ca.setParam(ParamName::ED_IV, iv); + GCtxShPtr gcm; + BOOST_REQUIRE_NO_THROW(gcm = key->initContext(ca, true)); + + // AAD missing + BOOST_REQUIRE_THROW(gcm->customize(ca), Exc::Crypto::InputParam); + + auto aad = createRandom(32); + ca.setParam(ParamName::ALGO_TYPE, AlgoType::AES_CBC); + ca.setParam(ParamName::ED_AAD, aad); + + // no customization in CBC + GCtxShPtr cbc; + BOOST_REQUIRE_NO_THROW(cbc = key->initContext(ca, true)); + BOOST_REQUIRE_THROW(cbc->customize(ca), Exc::Crypto::InputParam); + + BOOST_REQUIRE_NO_THROW(gcm->customize(ca)); + + auto plaintext = createRandom(128); + RawBuffer ciphertext; + BOOST_REQUIRE_NO_THROW(ciphertext = gcm->update(plaintext)); + + // no customization after update + BOOST_REQUIRE_THROW(gcm->customize(ca), Exc::Crypto::InputParam); + + BOOST_REQUIRE_NO_THROW(ciphertext = gcm->update(plaintext)); + BOOST_REQUIRE_NO_THROW(ciphertext = gcm->update(plaintext)); + + // no tag should be passed for encryption + auto tag = createRandom(Params::DEFAULT_AES_GCM_TAG_LEN_BYTES); + BOOST_REQUIRE_THROW(gcm->finalize(tag), Exc::Crypto::InputParam); + + BOOST_REQUIRE_NO_THROW(tag = gcm->finalize(RawBuffer())); + + // no update after finalize + BOOST_REQUIRE_THROW(gcm->update(plaintext), Exc::Crypto::InputParam); + + BOOST_REQUIRE_NO_THROW(gcm = key->initContext(ca, false)); + BOOST_REQUIRE_THROW(gcm->finalize(tag), Exc::Crypto::InputParam); +} + +POSITIVE_TEST_CASE(cipherAPI) +{ + auto key = generateAes(256); + RawBuffer plaintext[4] = {createRandom(128),createRandom(129),createRandom(130),createRandom(131)}; + RawBuffer ciphertext[4]; + CryptoAlgorithm ca; + GCtxShPtr gcm; + RawBuffer tag; + + ca.setParam(ParamName::ALGO_TYPE, AlgoType::AES_GCM); + auto iv = createRandom(Params::DEFAULT_AES_IV_LEN); + ca.setParam(ParamName::ED_IV, iv); + RawBuffer aad[4] = {createRandom(32), createRandom(33), createRandom(34), createRandom(35)}; + ca.setParam(ParamName::ED_AAD, aad[0]); + BOOST_REQUIRE_NO_THROW(gcm = key->initContext(ca, true)); + iv.resize(6); + ca.setParam(ParamName::ED_IV, iv); + BOOST_REQUIRE_NO_THROW(gcm = key->initContext(ca, true)); + + ca.setParam(ParamName::ED_AAD, aad[1]); + BOOST_REQUIRE_NO_THROW(gcm->customize(ca)); + ca.setParam(ParamName::ED_AAD, aad[2]); + BOOST_REQUIRE_NO_THROW(gcm->customize(ca)); + ca.setParam(ParamName::ED_AAD, aad[3]); + BOOST_REQUIRE_NO_THROW(gcm->customize(ca)); + + for (size_t i = 0; i < 4; i++) + BOOST_REQUIRE_NO_THROW(ciphertext[i] = gcm->update(plaintext[i])); + + BOOST_REQUIRE_NO_THROW(tag = gcm->finalize(RawBuffer())); + + // decrypt + ca.setParam(ParamName::ED_AAD, aad[0]); + + BOOST_REQUIRE_NO_THROW(gcm = key->initContext(ca, false)); + + ca.setParam(ParamName::ED_AAD, aad[1]); + BOOST_REQUIRE_NO_THROW(gcm->customize(ca)); + ca.setParam(ParamName::ED_AAD, aad[2]); + BOOST_REQUIRE_NO_THROW(gcm->customize(ca)); + ca.setParam(ParamName::ED_AAD, aad[3]); + BOOST_REQUIRE_NO_THROW(gcm->customize(ca)); + + for (size_t i = 0; i < 4; i++) { + RawBuffer decrypted; + BOOST_REQUIRE_NO_THROW(decrypted = gcm->update(ciphertext[i])); + BOOST_REQUIRE(decrypted == plaintext[i]); + } + + BOOST_REQUIRE_NO_THROW(gcm->finalize(tag)); +} + BOOST_AUTO_TEST_SUITE_END()