From a0af959ff54dbc05558edace4a4f1593b02a3f2d Mon Sep 17 00:00:00 2001 From: Mateusz Forc Date: Fri, 12 Aug 2016 12:00:33 +0200 Subject: [PATCH] YACA: Add GCM/CCM call order tests Change-Id: Icfde4167a7f674c5cb5605c036ba47233da5c6d1 --- src/yaca/yaca-test-encrypt.cpp | 206 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 206 insertions(+) diff --git a/src/yaca/yaca-test-encrypt.cpp b/src/yaca/yaca-test-encrypt.cpp index 98d90aa..48a8b84 100644 --- a/src/yaca/yaca-test-encrypt.cpp +++ b/src/yaca/yaca-test-encrypt.cpp @@ -579,3 +579,209 @@ RUNNER_TEST(T3100_yaca_encrypt_decrypt_comparison, YacaTest) test_encryption_decryption("encrypt_valid_param.txt"); test_encryption_decryption("encrypt_valid_param_wrap.txt"); } + +RUNNER_TEST(T3110_yaca_aes_gcm_call_order_invalid_param, YacaTest) +{ + KeyIvPair key_iv_pair; + size_t tag_len = 14; + auto tag = create_yaca_buffer(tag_len); + auto aad = random_buffer(16); + Buffer encrypt_output; + Buffer decrypt_output; + + // encryption + auto enc_ctx_ptr = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM, + key_iv_pair.key, key_iv_pair.iv); + size_t update_len = 0; + auto update_ptr = out_buf_alloc(enc_ctx_ptr, DATA.size(), update_len); + size_t final_len = 0; + auto final_ptr = out_buf_alloc(enc_ctx_ptr, 0, final_len); + + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + tag.get(), tag_len)); + YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + (void**)tag.get(), &tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + + YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD, + aad.data(), aad.size())); + + YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), DATA.data(), DATA.size(), + update_ptr.get(), &update_len)); + encrypt_output.insert(encrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len); + + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + tag.get(), tag_len)); + YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + (void**)tag.get(), &tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + + YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx_ptr.get(), final_ptr.get(), &final_len)); + encrypt_output.insert(encrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len); + + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + tag.get(), tag_len)); + YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + YACA_SUCCESS(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + (void**)tag.get(), &tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + + // decryption + auto dec_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_GCM, + key_iv_pair.key, key_iv_pair.iv); + update_ptr = out_buf_alloc(dec_ctx_ptr, encrypt_output.size(), update_len); + final_ptr = out_buf_alloc(dec_ctx_ptr, 0, final_len); + + YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + (void**)tag.get(), &tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + + YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD, + aad.data(), aad.size())); + + YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), encrypt_output.data(), encrypt_output.size(), + update_ptr.get(), &update_len)); + decrypt_output.insert(decrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len); + + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + (void**)tag.get(), &tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + tag.get(), tag_len + 42)); + + YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + tag.get(), tag_len)); + + YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx_ptr.get(), final_ptr.get(), &final_len)); + decrypt_output.insert(decrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len); + + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + tag.get(), tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_GCM_TAG, + (void**)tag.get(), &tag_len)); + + YACA_ASSERT_MSG(DATA.size() == decrypt_output.size(), "Size after encrypt-decrypt differs\n"); + YACA_ASSERT_MSG(DATA == decrypt_output, "Text after encrypt-decrypt has changed\n"); +} + +RUNNER_TEST(T3120_yaca_aes_ccm_call_order_invalid_param, YacaTest) +{ + KeyPtr key = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT); + KeyPtr iv = generate_key(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_64BIT); + size_t tag_len = 16; + auto tag = create_yaca_buffer(tag_len); + auto aad = random_buffer(16); + Buffer encrypt_output; + Buffer decrypt_output; + + // encryption + auto enc_ctx_ptr = encrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv); + size_t update_len = 0; + auto update_ptr = out_buf_alloc(enc_ctx_ptr, DATA.size(), update_len); + size_t final_len = 0; + auto final_ptr = out_buf_alloc(enc_ctx_ptr, 0, final_len); + + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + tag.get(), tag_len)); + YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + (void**)tag.get(), &tag_len)); + YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + + YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), NULL, DATA.size(), NULL, &update_len)); + YACA_SUCCESS(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + + YACA_SUCCESS(yaca_encrypt_update(enc_ctx_ptr.get(), DATA.data(), DATA.size(), + update_ptr.get(), &update_len)); + encrypt_output.insert(encrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len); + + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + tag.get(), tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + YACA_INVALID_PARAM(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + (void**)tag.get(), &tag_len)); + + YACA_SUCCESS(yaca_encrypt_finalize(enc_ctx_ptr.get(), final_ptr.get(), &final_len)); + encrypt_output.insert(encrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len); + + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + tag.get(), tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + YACA_SUCCESS(yaca_context_get_property(enc_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + (void**)tag.get(), &tag_len)); + + // decryption + auto dec_ctx_ptr = decrypt_init(YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv); + update_ptr = out_buf_alloc(dec_ctx_ptr, encrypt_output.size(), update_len); + final_ptr = out_buf_alloc(dec_ctx_ptr, 0, final_len); + + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + (void**)tag.get(), &tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + tag.get(), tag_len + 42)); + + YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + tag.get(), tag_len)); + + YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), NULL, encrypt_output.size(), + NULL, &update_len)); + YACA_SUCCESS(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + tag.get(), tag_len)); + + YACA_SUCCESS(yaca_decrypt_update(dec_ctx_ptr.get(), encrypt_output.data(), encrypt_output.size(), + update_ptr.get(), &update_len)); + decrypt_output.insert(decrypt_output.end(), update_ptr.get(), update_ptr.get() + update_len); + + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + tag.get(), tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + (void**)tag.get(), &tag_len)); + + YACA_SUCCESS(yaca_decrypt_finalize(dec_ctx_ptr.get(), final_ptr.get(), &final_len)); + decrypt_output.insert(decrypt_output.end(), final_ptr.get(), final_ptr.get() + final_len); + + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_AAD, + aad.data(), aad.size())); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + tag.get(), tag_len)); + YACA_INVALID_PARAM(yaca_context_set_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG_LEN, + (void*)&tag_len, sizeof(tag_len))); + YACA_INVALID_PARAM(yaca_context_get_property(dec_ctx_ptr.get(), YACA_PROPERTY_CCM_TAG, + (void**)tag.get(), &tag_len)); + + YACA_ASSERT_MSG(DATA.size() == decrypt_output.size(), "Size after encrypt-decrypt differs\n"); + YACA_ASSERT_MSG(DATA == decrypt_output, "Text after encrypt-decrypt has changed\n"); +} -- 2.7.4