/*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2000 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <string>
#include <vector>
-#include <map>
-#include <sstream>
+#include <unordered_map>
#include <dpl/test/test_runner.h>
#include <ckm-common.h>
#include <ckmc/ckmc-manager.h>
+#include <ckmc/ckmc-control.h>
#include <ckm/ckm-type.h>
#include <ckm/ckm-manager.h>
#include <encryption-decryption-env.h>
Alias pub;
};
-class EncEnv : public RemoveDataEnv<UID> {
-public:
- EncEnv() : m_dbu(NULL) {}
- ~EncEnv() { delete m_dbu; }
-
- void init(const std::string& str) {
- RemoveDataEnv<UID>::init(str);
- m_dbu = new ScopedDBUnlock(UID, "db-pass"); // unlock user's database
+struct SyncEnv {
+ void init(const std::string&) {
+ g_api = &g_syncApi;
}
void finish() {
- delete m_dbu;
- m_dbu = NULL;
- RemoveDataEnv<UID>::finish();
- g_api = NULL;
- }
-
- ScopedDBUnlock* m_dbu;
-};
-
-struct SyncEnv : public EncEnv {
- void init(const std::string& str) {
- EncEnv::init(str);
- g_api = &g_syncApi;
+ g_api = nullptr;
}
static std::string suffix() { return "_sync"; }
};
-struct AsyncEnv : public EncEnv {
- void init(const std::string& str) {
- EncEnv::init(str);
+struct AsyncEnv {
+ void init(const std::string&) {
g_api = &g_asyncApi;
}
+ void finish() {
+ g_api = nullptr;
+ }
+
static std::string suffix() { return "_async"; }
};
-struct AlgoBase {
- ckmc_algo_type_e m_type;
- size_t m_keyLen;
-
- AlgoBase(ckmc_algo_type_e type, size_t keyLen) : m_type(type), m_keyLen(keyLen) {}
-
- virtual KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr) = 0;
+struct Algo {
+ ckmc_algo_type_e type;
+ size_t keyLen;
};
-typedef std::shared_ptr<AlgoBase> AlgoBasePtr;
+std::unordered_map<size_t, std::vector<Alias>> g_symKeys;
+std::unordered_map<size_t, std::vector<KeyAliasPair>> g_asymKeys;
-template <typename T>
-AlgoBasePtr createAlgo(ckmc_algo_type_e type, size_t keyLen) {
- return AlgoBasePtr(new T(type, keyLen));
-}
+enum KeyIdx {
+ PRIMARY = 0,
+ PASSWORD_PROTECTED = 1,
-struct AlgoAes : public AlgoBase {
- AlgoAes(ckmc_algo_type_e type, size_t keyLen) : AlgoBase(type, keyLen) {}
- KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr);
+ KEY_IDX_MAX
};
-KeyAliasPair AlgoAes::keyGen(const char* pass, const char* suffix)
-{
- KeyAliasPair aliases;
- std::ostringstream oss;
- std::string ownerId = getOwnerIdFromSelf();
- CharPtr passPtr(nullptr, free);
- if (pass)
- passPtr.reset(strdup(pass));
+RawBufferPtr PLAIN_DATA;
+RawBufferPtr BIG_DATA;
+ckmc_raw_buffer_s* DEFAULT_IV;
+ckmc_raw_buffer_s* IV11;
+ckmc_raw_buffer_s* IV12;
+ckmc_raw_buffer_s* IV15;
+ckmc_raw_buffer_s* IV17;
+ckmc_raw_buffer_s* IV128;
+ckmc_raw_buffer_s* AAD32;
+ckmc_raw_buffer_s* AAD64;
- oss << "aes_" << static_cast<int>(m_type) << "_" << m_keyLen << "_key_alias";
- if (suffix)
- oss << suffix;
- aliases.prv = aliasWithLabel(ownerId.c_str(),oss.str().c_str());
- aliases.pub = aliasWithLabel(ownerId.c_str(), oss.str().c_str());
+void generateSymmetricKeys(ManagerShPtr& manager, size_t bitLen)
+{
+ for (int i = 0; i < KEY_IDX_MAX; i++)
+ {
+ Policy p(Password(), true, g_backend);
+ if (i == PASSWORD_PROTECTED)
+ p.password.assign(PASSWORD);
- ckmc_policy_s policy;
- policy.extractable = false;
- policy.password = passPtr.get();
+ std::string alias = std::string("skey_") + std::to_string(bitLen) + std::string("_") + std::to_string(i);
+ int ret = manager->createKeyAES(bitLen, alias, p);
+ if (ret != CKM_API_SUCCESS)
+ RUNNER_ERROR_MSG("AES key creation failed");
- auto mgr = CKM::Manager::create();
- RUNNER_ASSERT_MSG(CKM_API_SUCCESS == mgr->createKeyAES(m_keyLen, Alias(aliases.prv.c_str()),
- _toCkmPolicy(policy, g_backend)),
- "AES key creation failed");
+ g_symKeys[bitLen].push_back(alias);
+ }
+}
- return aliases;
+void generateRsaKeys(ManagerShPtr& manager, size_t bitLen)
+{
+ for (int i = 0; i < KEY_IDX_MAX; i++)
+ {
+ Policy p(Password(), true, g_backend);
+ if (i == PASSWORD_PROTECTED) {
+ p.password.assign(PASSWORD);
+ //p.extractable = false;
+ }
+
+ KeyAliasPair alias;
+ alias.prv = std::string("akey_") + std::to_string(bitLen) + std::string("_") + std::to_string(i);
+ alias.pub = std::string("pub") + alias.prv;
+ int ret = manager->createKeyPairRSA(bitLen, alias.prv, alias.pub, p);
+ if (ret != CKM_API_SUCCESS)
+ RUNNER_ERROR_MSG("RSA key creation failed");
+
+ g_asymKeys[bitLen].push_back(alias);
+ }
}
-struct AlgoRsa : public AlgoBase {
- AlgoRsa(ckmc_algo_type_e type, size_t keyLen) : AlgoBase(type, keyLen) {}
- KeyAliasPair keyGen(const char* pass = nullptr, const char* suffix = nullptr);
-};
+KeyAliasPair getKey(const Algo& algo, KeyIdx idx)
+{
+ if (algo.type == CKMC_ALGO_RSA_OAEP)
+ return g_asymKeys[algo.keyLen][idx];
-KeyAliasPair AlgoRsa::keyGen(const char* pass, const char* suffix)
+ KeyAliasPair pair;
+ pair.prv = g_symKeys[algo.keyLen][idx];
+ pair.pub = pair.prv;
+ return pair;
+}
+
+class EncGroupFixture: public DPL::Test::TestGroup
{
- std::ostringstream oss_prv, oss_pub;
- oss_prv << "rsa_oaep_prv_alias_" << m_keyLen;
- oss_pub << "rsa_oaep_pub_alias_" << m_keyLen;
- if (suffix) {
- oss_prv << suffix;
- oss_pub << suffix;
+public:
+ void Init() override
+ {
+ remove_user_data(UID);
+ int ret = ckmc_unlock_user_key(UID, "db-pass");
+ if (ret != CKMC_ERROR_NONE)
+ RUNNER_ERROR_MSG("DB unlock failed: " << CKMCErrorToString(ret));
+
+ // generate keys
+ auto manager = Manager::create();
+ generateSymmetricKeys(manager, 128);
+ generateSymmetricKeys(manager, 192);
+ generateSymmetricKeys(manager, 256);
+ generateRsaKeys(manager, 1024);
+ generateRsaKeys(manager, 2048);
+ generateRsaKeys(manager, 4096);
+
+ PLAIN_DATA = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
+ BIG_DATA = create_raw_buffer(createRandomBufferCAPI(5000000));
+ DEFAULT_IV = createRandomBufferCAPI(DEFAULT_IV_LEN);
+ IV11 = createRandomBufferCAPI(11);
+ IV12 = createRandomBufferCAPI(12);
+ IV15 = createRandomBufferCAPI(15);
+ IV17 = createRandomBufferCAPI(17);
+ IV128 = createRandomBufferCAPI(128);
+ AAD32 = createRandomBufferCAPI(32);
+ AAD64 = createRandomBufferCAPI(64);
}
- KeyAliasPair aliases = {
- aliasWithLabel(getOwnerIdFromSelf().c_str(), oss_prv.str().c_str()),
- aliasWithLabel(getOwnerIdFromSelf().c_str(), oss_pub.str().c_str())
- };
- CharPtr passPtr(nullptr, free);
- if (pass)
- passPtr.reset(strdup(pass));
-
- ckmc_policy_s policyPrv;
- policyPrv.password = passPtr.get();
- policyPrv.extractable = 0;
-
- ckmc_policy_s policyPub;
- policyPub.password = passPtr.get();
- policyPub.extractable = 0;
-
- auto mgr = CKM::Manager::create();
-
- RUNNER_ASSERT_MSG(CKM_API_SUCCESS == mgr->createKeyPairRSA(static_cast<int>(m_keyLen),
- CKM::Alias(aliases.prv.c_str()),
- CKM::Alias(aliases.pub.c_str()),
- _toCkmPolicy(policyPrv, g_backend),
- _toCkmPolicy(policyPub, g_backend)), "RSA key pair generation failed" );
- return aliases;
-}
-
-enum Algorithm {
- AES_CBC_128,
- AES_CBC_192,
- AES_CBC_256,
- AES_GCM_128,
- AES_GCM_192,
- AES_GCM_256,
- AES_CTR_128,
- AES_CTR_192,
- AES_CTR_256,
- AES_CFB_128,
- AES_CFB_192,
- AES_CFB_256,
- RSA_OAEP_1024,
- RSA_OAEP_2048,
- RSA_OAEP_4096,
-};
-std::map<Algorithm, AlgoBasePtr> g_algorithms = {
- { AES_CBC_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 128) },
- { AES_CBC_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 192) },
- { AES_CBC_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CBC, 256) },
- { AES_GCM_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 128) },
- { AES_GCM_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 192) },
- { AES_GCM_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_GCM, 256) },
- { AES_CTR_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 128) },
- { AES_CTR_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 192) },
- { AES_CTR_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CTR, 256) },
- { AES_CFB_128, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 128) },
- { AES_CFB_192, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 192) },
- { AES_CFB_256, createAlgo<AlgoAes>(CKMC_ALGO_AES_CFB, 256) },
- { RSA_OAEP_1024, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 1024) },
- { RSA_OAEP_2048, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 2048) },
- { RSA_OAEP_4096, createAlgo<AlgoRsa>(CKMC_ALGO_RSA_OAEP, 4096) },
+ void Finish() override
+ {
+ BIG_DATA.reset();
+ PLAIN_DATA.reset();
+ ckmc_buffer_free(AAD64);
+ ckmc_buffer_free(AAD32);
+ ckmc_buffer_free(IV128);
+ ckmc_buffer_free(IV17);
+ ckmc_buffer_free(IV15);
+ ckmc_buffer_free(IV12);
+ ckmc_buffer_free(IV11);
+ ckmc_buffer_free(DEFAULT_IV);
+
+ int ret = ckmc_lock_user_key(UID);
+ if (ret != CKMC_ERROR_NONE)
+ RUNNER_ERROR_MSG("DB lock failed: " << CKMCErrorToString(ret));
+ remove_user_data(UID);
+ }
};
+
void setParam(ParamListPtr& params, ckmc_param_name_e name, ckmc_raw_buffer_s* buffer)
{
int ret = ckmc_param_list_set_buffer(params.get(), name, buffer);
Alias pubKey;
};
-EncryptionResult encrypt(const AlgoBasePtr& algo,
+EncryptionResult encrypt(const Algo& algo,
const RawBufferPtr& plain,
const char* pass = nullptr)
{
EncryptionResult ret;
ckmc_raw_buffer_s* encrypted = nullptr;
- KeyAliasPair aliases = algo->keyGen(pass);
+ KeyAliasPair aliases = getKey(algo, pass == nullptr ? PRIMARY : PASSWORD_PROTECTED);
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ret.params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(ret.params, CKMC_PARAM_ED_IV, DEFAULT_IV);
assert_crypto_positive(apiEncrypt,
ret.params.get(),
}
void testAllAlgorithms(
- const std::function<void(const AlgoBasePtr& algo)>& test)
+ const std::function<void(const Algo& algo)>& test)
+{
+ test( { CKMC_ALGO_AES_CBC, 128 });
+ test( { CKMC_ALGO_AES_CBC, 192 });
+ test( { CKMC_ALGO_AES_CBC, 256 });
+ test( { CKMC_ALGO_AES_GCM, 128 });
+ test( { CKMC_ALGO_AES_GCM, 192 });
+ test( { CKMC_ALGO_AES_GCM, 256 });
+ test( { CKMC_ALGO_AES_CTR, 128 });
+ test( { CKMC_ALGO_AES_CTR, 192 });
+ test( { CKMC_ALGO_AES_CTR, 256 });
+ test( { CKMC_ALGO_AES_CFB, 128 });
+ test( { CKMC_ALGO_AES_CFB, 192 });
+ test( { CKMC_ALGO_AES_CFB, 256 });
+ test( { CKMC_ALGO_RSA_OAEP, 1024 });
+ test( { CKMC_ALGO_RSA_OAEP, 2048 });
+ test( { CKMC_ALGO_RSA_OAEP, 4096 });
+}
+
+void testNoIvEnc(const Algo& algo)
{
- for(const auto& it : g_algorithms)
- test(it.second);
-}
-
-void testNoIvEnc(Algorithm type)
-{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* encrypted = nullptr;
// add key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// param list with algo type only
ParamListPtr params = createParamListPtr();
- setParam(params, CKMC_PARAM_ALGO_TYPE, algo->m_type);
+ setParam(params, CKMC_PARAM_ALGO_TYPE, algo.type);
assert_crypto_invalid_param(apiEncrypt,
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encrypted);
}
-void testNoIvDec(Algorithm type)
+void testNoIvDec(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt;
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
// param list with algo type only
ParamListPtr params = createParamListPtr();
- setParam(params, CKMC_PARAM_ALGO_TYPE, algo->m_type);
+ setParam(params, CKMC_PARAM_ALGO_TYPE, algo.type);
assert_crypto_invalid_param(apiDecrypt,
params.get(),
ret.prvKey.c_str(),
&decrypted);
}
-void testInvalidIvEnc(Algorithm type)
+void testInvalidIvEnc(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* encryptedTmp = nullptr;
// add key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
// invalid encryption
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encryptedTmp);
ckmc_buffer_free(encryptedTmp);
encryptedTmp = nullptr;
};
// invalid iv size
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN-1));
+ setParam(params, CKMC_PARAM_ED_IV, IV15);
test();
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN+1));
+ setParam(params, CKMC_PARAM_ED_IV, IV17);
test();
};
-void testInvalidIvDec(Algorithm type)
+void testInvalidIvDec(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// valid encryption
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
// decryption
auto test2 = [&](){
};
// invalid iv size
- setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN-1));
+ setParam(ret.params, CKMC_PARAM_ED_IV, IV15);
test2();
- setParam(ret.params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN+1));
+ setParam(ret.params, CKMC_PARAM_ED_IV, IV17);
test2();
};
-void encryptionWithCustomData(Algorithm type, ckmc_param_name_e name)
+void encryptionWithCustomData(const Algo& algo, ckmc_param_name_e name)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* encrypted = nullptr;
ckmc_raw_buffer_s* decrypted = nullptr;
// add key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
// set AAD
- setParam(params, name, createRandomBufferCAPI(64));
+ setParam(params, name, AAD64);
// encrypt
assert_crypto_positive(apiEncrypt,
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encrypted);
RawBufferPtr tmpEnc = create_raw_buffer(encrypted);
RawBufferPtr tmpDec = create_raw_buffer(decrypted);
// check
- assert_buffers_equal(*plain.get(), *tmpDec.get());
+ assert_buffers_equal(*PLAIN_DATA.get(), *tmpDec.get());
tmpDec.reset();
decrypted = nullptr;
// set wrong AAD
- setParam(params, name, createRandomBufferCAPI(32));
+ setParam(params, name, AAD32);
// decrypt
assert_crypto_result(EncryptionError::INVALID_PARAM,
&decrypted);
}
-void testGcmIvSize(size_t size,
+void testGcmIvSize(ckmc_raw_buffer_s* iv,
const KeyAliasPair& aliases,
EncryptionError error = EncryptionError::SUCCESS)
{
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
RawBufferPtr encrypted;
RawBufferPtr decrypted;
ckmc_raw_buffer_s* encryptedTmp = nullptr;
ckmc_param_list_h handle = NULL;
assert_positive(ckmc_generate_new_params, CKMC_ALGO_AES_GCM, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(size));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
+ setParam(params, CKMC_PARAM_ED_IV, iv);
// encryption
assert_crypto_result(error,
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encryptedTmp);
if(error != EncryptionError::SUCCESS)
&decryptedTmp);
decrypted = create_raw_buffer(decryptedTmp);
- assert_buffers_equal(*plain.get(), *decrypted.get());
+ assert_buffers_equal(*PLAIN_DATA.get(), *decrypted.get());
}
-void testIntegrity(Algorithm type)
+void testIntegrity(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
// break the encrypted data
ret.encrypted->data[BUF_LEN/2]++;
&decrypted);
RawBufferPtr tmp = create_raw_buffer(decrypted);
- assert_buffers_equal(*plain.get(), *decrypted, false);
+ assert_buffers_equal(*PLAIN_DATA.get(), *decrypted, false);
}
-void testCtrEncryptionInvalidLength(Algorithm type)
+void testCtrEncryptionInvalidLength(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* encryptedTmp = nullptr;
// add AES CTR key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
// encryption
auto test = [&](){
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encryptedTmp);
ckmc_buffer_free(encryptedTmp);
encryptedTmp = nullptr;
test();
}
-void testCtrEncryptionValidLength(Algorithm type)
+void testCtrEncryptionValidLength(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* encryptedTmp = nullptr;
// add AES CTR key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
// encryption
auto test = [&](){
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encryptedTmp);
ckmc_buffer_free(encryptedTmp);
encryptedTmp = nullptr;
test();
}
-void testCtrDecryptionInvalidLength(Algorithm type)
+void testCtrDecryptionInvalidLength(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// add AES CTR key & encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
// decryption
auto test = [&](){
test();
}
-void testCtrDecryptionValidLength(Algorithm type)
+void testCtrDecryptionValidLength(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// add AES CTR key & encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
// decryption
auto test = [&](){
&decrypted);
ckmc_buffer_free(decrypted);
RawBufferPtr tmp = create_raw_buffer(decrypted);
- assert_buffers_equal(*plain.get(), *decrypted);
+ assert_buffers_equal(*PLAIN_DATA.get(), *decrypted);
};
// invalid counter size
setParam(ret.params, CKMC_PARAM_ED_CTR_LEN, 1);
test();
}
-void testGcmEncryptionTagLen(Algorithm type)
+void testGcmEncryptionTagLen(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* encryptedTmp = nullptr;
// add AES GCM key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
std::vector<TagTest> testData = {
// illegal tag lengths
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encryptedTmp);
ckmc_buffer_free(encryptedTmp);
encryptedTmp = nullptr;
}
}
-void testGcmDecryptionTagLen(Algorithm type)
+void testGcmDecryptionTagLen(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// add AES GCM key & encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
std::vector<TagTest> testData = {
// illegal tag lengths
}
}
-void testGcmWrongTag(Algorithm type)
+void testGcmWrongTag(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt with AES GCM
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
// modify tag (last 16B of encrypted message)
ret.encrypted->data[ret.encrypted->size-1]++;
&decrypted);
}
-void testGcmDifferentIvSizes(Algorithm type)
+void testGcmDifferentIvSizes(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// add AES GCM key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
- testGcmIvSize(11, aliases, EncryptionError::SERVER_ERROR); // 12B is the smallest
- testGcmIvSize(12, aliases);
- testGcmIvSize(17, aliases);
- testGcmIvSize(128, aliases);
+ testGcmIvSize(IV11, aliases, EncryptionError::SERVER_ERROR); // 12B is the smallest
+ testGcmIvSize(IV12, aliases);
+ testGcmIvSize(IV17, aliases);
+ testGcmIvSize(IV128, aliases);
}
-void testEncryptDecryptBigData(Algorithm type)
+void testEncryptDecryptBigData(const Algo& algo)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
-
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(5000000));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, BIG_DATA);
assert_positive(apiDecrypt,
ret.params.get(),
&decrypted);
RawBufferPtr tmp = create_raw_buffer(decrypted);
- assert_buffers_equal(*plain.get(), *decrypted);
+ assert_buffers_equal(*BIG_DATA.get(), *decrypted);
}
-void testEncryptDecryptDifferentKeys(Algorithm type, bool success)
+void testEncryptDecryptDifferentKeys(const Algo& algo, bool success)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
- // add different key
- KeyAliasPair differentKeys = algo->keyGen(nullptr, "_wrong");
+ // get different keys
+ KeyAliasPair differentKeys = getKey(algo, PASSWORD_PROTECTED);
if (success) {
// some algorithms don't verify key validity
assert_crypto_positive(apiDecrypt,
ret.params.get(),
differentKeys.prv.c_str(),
- nullptr,
+ PASSWORD,
*ret.encrypted.get(),
&decrypted);
RawBufferPtr tmp = create_raw_buffer(decrypted);
- assert_buffers_equal(*plain.get(), *decrypted, false);
+ assert_buffers_equal(*PLAIN_DATA.get(), *decrypted, false);
} else {
- assert_crypto_result(EncryptionError::INVALID_PARAM,
+ assert_crypto_result(EncryptionError::INVALID_PARAM,
apiDecrypt,
ret.params.get(),
differentKeys.prv.c_str(),
- nullptr,
+ PASSWORD,
*ret.encrypted.get(),
&decrypted);
- }
-
- // Cleanup before testing next algorithm. Ignore results because not all keys are present
- ckmc_remove_alias(ret.prvKey.c_str());
- ckmc_remove_alias(ret.pubKey.c_str());
- ckmc_remove_alias(differentKeys.prv.c_str());
- ckmc_remove_alias(differentKeys.pub.c_str());
+ }
}
-void testRsaLongestData(Algorithm type, size_t dataSize)
+void testRsaLongestData(const Algo& algo, size_t dataSize)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
// prepare buffers
RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(dataSize));
ckmc_raw_buffer_s* decrypted = nullptr;
assert_buffers_equal(*plain.get(), *decrypted);
}
-void testRsaDataTooLong(Algorithm type, size_t dataSize)
+void testRsaDataTooLong(const Algo& algo, size_t dataSize)
{
- const AlgoBasePtr& algo = g_algorithms.at(type);
// prepare buffers
RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(dataSize));
// encrypt
EncryptionResult ret;
ckmc_raw_buffer_s* encrypted = nullptr;
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ret.params = ParamListPtr(handle, ckmc_param_list_free);
assert_crypto_result(EncryptionError::INVALID_PARAM,
apiEncrypt,
} // namespace anonymous
-
-RUNNER_TEST_GROUP_INIT(CKM_ENCRYPTION_DECRYPTION);
+RUNNER_TEST_GROUP_INIT_ENV(CKM_ENCRYPTION_DECRYPTION, EncGroupFixture);
/////////////////////////////////////////
// Generic encryption decryption tests
RUNNER_TEST_MULTIPLE(TED_0010_encrypt_invalid_param_list, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* encrypted = nullptr;
// add key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// null param list
assert_crypto_invalid_param(apiEncrypt,
nullptr,
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encrypted);
// empty param list
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encrypted);
});
}
RUNNER_TEST_MULTIPLE(TED_0020_encrypt_missing_key, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* encrypted = nullptr;
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
assert_crypto_result(EncryptionError::ALIAS_UNKNOWN,
apiEncrypt,
params.get(),
"non-existing-key-alias",
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
&encrypted);
});
}
RUNNER_TEST_MULTIPLE(TED_0030_encrypt_no_plain_text, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
ckmc_raw_buffer_s plain = { nullptr, 0 };
ckmc_raw_buffer_s* encrypted = nullptr;
// add key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
assert_crypto_invalid_param(apiEncrypt,
params.get(),
RUNNER_TEST_MULTIPLE(TED_0040_encrypt_no_output_buffer, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s** encrypted = nullptr;
// add key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
assert_crypto_invalid_param(apiEncrypt,
params.get(),
aliases.pub.c_str(),
nullptr,
- *plain.get(),
+ *PLAIN_DATA.get(),
encrypted);
});
}
RUNNER_TEST_MULTIPLE(TED_0110_decrypt_invalid_param_list, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt;
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
// null param list
assert_crypto_invalid_param(apiDecrypt,
RUNNER_TEST_MULTIPLE(TED_0120_decrypt_missing_key, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt
- auto ret = encrypt(algo, plain);
-
- // remove key
- assert_positive(ckmc_remove_alias, ret.prvKey.c_str());
+ auto ret = encrypt(algo, PLAIN_DATA);
// try to decrypt
assert_crypto_result(EncryptionError::ALIAS_UNKNOWN,
apiDecrypt,
ret.params.get(),
- ret.prvKey.c_str(),
+ "non-existent-key",
nullptr,
*ret.encrypted.get(),
&decrypted);
RUNNER_TEST_MULTIPLE(TED_0130_decrypt_no_encrypted_text, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
ckmc_raw_buffer_s encrypted = { nullptr, 0 };
ckmc_raw_buffer_s* decrypted = nullptr;
// add key
- KeyAliasPair aliases = algo->keyGen();
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// setup params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
assert_crypto_invalid_param(apiDecrypt,
params.get(),
RUNNER_TEST_MULTIPLE(TED_0140_decrypt_no_output_buffer, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s** decrypted = nullptr;
// encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
assert_crypto_invalid_param(apiDecrypt,
ret.params.get(),
RUNNER_TEST_MULTIPLE(TED_0200_encrypt_decrypt_different_keys, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptDifferentKeys(AES_CBC_128, false);
- testEncryptDecryptDifferentKeys(AES_CBC_192, false);
- testEncryptDecryptDifferentKeys(AES_CBC_256, false);
- testEncryptDecryptDifferentKeys(AES_GCM_128, false);
- testEncryptDecryptDifferentKeys(AES_GCM_192, false);
- testEncryptDecryptDifferentKeys(AES_GCM_256, false);
- testEncryptDecryptDifferentKeys(AES_CTR_128, true);
- testEncryptDecryptDifferentKeys(AES_CTR_192, true);
- testEncryptDecryptDifferentKeys(AES_CTR_256, true);
- testEncryptDecryptDifferentKeys(AES_CFB_128, true);
- testEncryptDecryptDifferentKeys(AES_CFB_192, true);
- testEncryptDecryptDifferentKeys(AES_CFB_256, true);
- testEncryptDecryptDifferentKeys(RSA_OAEP_1024, false);
- testEncryptDecryptDifferentKeys(RSA_OAEP_2048, false);
- testEncryptDecryptDifferentKeys(RSA_OAEP_4096, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CBC, 128}, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CBC, 192}, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CBC, 256}, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_GCM, 128}, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_GCM, 192}, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_GCM, 256}, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CTR, 128}, true);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CTR, 192}, true);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CTR, 256}, true);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CFB, 128}, true);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CFB, 192}, true);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_AES_CFB, 256}, true);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_RSA_OAEP, 1024}, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_RSA_OAEP, 2048}, false);
+ testEncryptDecryptDifferentKeys({CKMC_ALGO_RSA_OAEP, 4096}, false);
}
RUNNER_TEST_MULTIPLE(TED_0300_encrypt_decrypt, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
assert_crypto_positive(apiDecrypt,
ret.params.get(),
&decrypted);
RawBufferPtr tmp = create_raw_buffer(decrypted);
- assert_buffers_equal(*plain.get(), *decrypted);
+ assert_buffers_equal(*PLAIN_DATA.get(), *decrypted);
});
}
RUNNER_TEST_MULTIPLE(TED_0310_encrypt_decrypt_password, SyncEnv, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
ckmc_raw_buffer_s* decrypted = nullptr;
// encrypt
- auto ret = encrypt(algo, plain, PASSWORD);
+ auto ret = encrypt(algo, PLAIN_DATA, PASSWORD);
// wrong password
assert_crypto_result(EncryptionError::AUTH_FAILED,
&decrypted);
RawBufferPtr tmp = create_raw_buffer(decrypted); // guarantees deletion
- assert_buffers_equal(*plain.get(), *decrypted);
+ assert_buffers_equal(*PLAIN_DATA.get(), *decrypted);
});
}
// long test split into smaller ones
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_128, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CBC_128, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CBC_128);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CBC, 128});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_192, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CBC_192, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CBC_192);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CBC, 192});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cbc_256, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CBC_256, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CBC_256);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CBC, 256});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_128, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_GCM_128, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_GCM_128);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_GCM, 128});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_192, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_GCM_192, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_GCM_192);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_GCM, 192});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_gcm_256, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_GCM_256, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_GCM_256);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_GCM, 256});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_128, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CTR_128, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CTR_128);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CTR, 128});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_192, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CTR_192, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CTR_192);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CTR, 192});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_ctr_256, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CTR_256, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CTR_256);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CTR, 256});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_128, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CFB_128, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CFB_128);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CFB, 128});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_192, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CFB_192, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CFB_192);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CFB, 192});
}
-RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_aes_cfb_256, SyncEnv, AsyncEnv)
+RUNNER_TEST_MULTIPLE(TED_0400_encrypt_decrypt_big_data_AES_CFB_256, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testEncryptDecryptBigData(AES_CFB_256);
+ testEncryptDecryptBigData({CKMC_ALGO_AES_CFB, 256});
}
/////////////////////////////////////////
RUNNER_TEST_MULTIPLE(TED_1005_no_iv_enc, SyncEnv, AsyncEnv)
{
- testNoIvEnc(AES_CTR_128);
- testNoIvEnc(AES_CTR_192);
- testNoIvEnc(AES_CTR_256);
- testNoIvEnc(AES_CBC_128);
- testNoIvEnc(AES_CBC_192);
- testNoIvEnc(AES_CBC_256);
- testNoIvEnc(AES_CFB_128);
- testNoIvEnc(AES_CFB_192);
- testNoIvEnc(AES_CFB_256);
- testNoIvEnc(AES_GCM_128);
- testNoIvEnc(AES_GCM_192);
- testNoIvEnc(AES_GCM_256);
+ testNoIvEnc({CKMC_ALGO_AES_CTR, 128});
+ testNoIvEnc({CKMC_ALGO_AES_CTR, 192});
+ testNoIvEnc({CKMC_ALGO_AES_CTR, 256});
+ testNoIvEnc({CKMC_ALGO_AES_CBC, 128});
+ testNoIvEnc({CKMC_ALGO_AES_CBC, 192});
+ testNoIvEnc({CKMC_ALGO_AES_CBC, 256});
+ testNoIvEnc({CKMC_ALGO_AES_CFB, 128});
+ testNoIvEnc({CKMC_ALGO_AES_CFB, 192});
+ testNoIvEnc({CKMC_ALGO_AES_CFB, 256});
+ testNoIvEnc({CKMC_ALGO_AES_GCM, 128});
+ testNoIvEnc({CKMC_ALGO_AES_GCM, 192});
+ testNoIvEnc({CKMC_ALGO_AES_GCM, 256});
}
RUNNER_TEST_MULTIPLE(TED_1010_invalid_iv_enc, SyncEnv, AsyncEnv)
{
- testInvalidIvEnc(AES_CTR_128);
- testInvalidIvEnc(AES_CTR_192);
- testInvalidIvEnc(AES_CTR_256);
- testInvalidIvEnc(AES_CBC_128);
- testInvalidIvEnc(AES_CBC_192);
- testInvalidIvEnc(AES_CBC_256);
- testInvalidIvEnc(AES_CFB_128);
- testInvalidIvEnc(AES_CFB_192);
- testInvalidIvEnc(AES_CFB_256);
+ testInvalidIvEnc({CKMC_ALGO_AES_CTR, 128});
+ testInvalidIvEnc({CKMC_ALGO_AES_CTR, 192});
+ testInvalidIvEnc({CKMC_ALGO_AES_CTR, 256});
+ testInvalidIvEnc({CKMC_ALGO_AES_CBC, 128});
+ testInvalidIvEnc({CKMC_ALGO_AES_CBC, 192});
+ testInvalidIvEnc({CKMC_ALGO_AES_CBC, 256});
+ testInvalidIvEnc({CKMC_ALGO_AES_CFB, 128});
+ testInvalidIvEnc({CKMC_ALGO_AES_CFB, 192});
+ testInvalidIvEnc({CKMC_ALGO_AES_CFB, 256});
}
RUNNER_TEST_MULTIPLE(TED_1015_no_iv_dec, SyncEnv, AsyncEnv)
{
- testNoIvDec(AES_CTR_128);
- testNoIvDec(AES_CTR_192);
- testNoIvDec(AES_CTR_256);
- testNoIvDec(AES_CBC_128);
- testNoIvDec(AES_CBC_192);
- testNoIvDec(AES_CBC_256);
- testNoIvDec(AES_CFB_128);
- testNoIvDec(AES_CFB_192);
- testNoIvDec(AES_CFB_256);
- testNoIvDec(AES_GCM_128);
- testNoIvDec(AES_GCM_192);
- testNoIvDec(AES_GCM_256);
+ testNoIvDec({CKMC_ALGO_AES_CTR, 128});
+ testNoIvDec({CKMC_ALGO_AES_CTR, 192});
+ testNoIvDec({CKMC_ALGO_AES_CTR, 256});
+ testNoIvDec({CKMC_ALGO_AES_CBC, 128});
+ testNoIvDec({CKMC_ALGO_AES_CBC, 192});
+ testNoIvDec({CKMC_ALGO_AES_CBC, 256});
+ testNoIvDec({CKMC_ALGO_AES_CFB, 128});
+ testNoIvDec({CKMC_ALGO_AES_CFB, 192});
+ testNoIvDec({CKMC_ALGO_AES_CFB, 256});
+ testNoIvDec({CKMC_ALGO_AES_GCM, 128});
+ testNoIvDec({CKMC_ALGO_AES_GCM, 192});
+ testNoIvDec({CKMC_ALGO_AES_GCM, 256});
}
RUNNER_TEST_MULTIPLE(TED_1020_invalid_iv_dec, SyncEnv, AsyncEnv)
{
- testInvalidIvDec(AES_CTR_128);
- testInvalidIvDec(AES_CTR_192);
- testInvalidIvDec(AES_CTR_256);
- testInvalidIvDec(AES_CBC_128);
- testInvalidIvDec(AES_CBC_192);
- testInvalidIvDec(AES_CBC_256);
- testInvalidIvDec(AES_CFB_128);
- testInvalidIvDec(AES_CFB_192);
- testInvalidIvDec(AES_CFB_256);
+ testInvalidIvDec({CKMC_ALGO_AES_CTR, 128});
+ testInvalidIvDec({CKMC_ALGO_AES_CTR, 192});
+ testInvalidIvDec({CKMC_ALGO_AES_CTR, 256});
+ testInvalidIvDec({CKMC_ALGO_AES_CBC, 128});
+ testInvalidIvDec({CKMC_ALGO_AES_CBC, 192});
+ testInvalidIvDec({CKMC_ALGO_AES_CBC, 256});
+ testInvalidIvDec({CKMC_ALGO_AES_CFB, 128});
+ testInvalidIvDec({CKMC_ALGO_AES_CFB, 192});
+ testInvalidIvDec({CKMC_ALGO_AES_CFB, 256});
}
RUNNER_TEST_MULTIPLE(TED_1050_data_integrity, SyncEnv, AsyncEnv)
{
- testIntegrity(AES_CTR_128);
- testIntegrity(AES_CTR_192);
- testIntegrity(AES_CTR_256);
- testIntegrity(AES_CBC_128);
- testIntegrity(AES_CBC_192);
- testIntegrity(AES_CBC_256);
- testIntegrity(AES_CFB_128);
- testIntegrity(AES_CFB_192);
- testIntegrity(AES_CFB_256);
+ testIntegrity({CKMC_ALGO_AES_CTR, 128});
+ testIntegrity({CKMC_ALGO_AES_CTR, 192});
+ testIntegrity({CKMC_ALGO_AES_CTR, 256});
+ testIntegrity({CKMC_ALGO_AES_CBC, 128});
+ testIntegrity({CKMC_ALGO_AES_CBC, 192});
+ testIntegrity({CKMC_ALGO_AES_CBC, 256});
+ testIntegrity({CKMC_ALGO_AES_CFB, 128});
+ testIntegrity({CKMC_ALGO_AES_CFB, 192});
+ testIntegrity({CKMC_ALGO_AES_CFB, 256});
}
RUNNER_TEST_MULTIPLE(TED_1100_ctr_encryption_invalid_length, SyncEnv, AsyncEnv)
{
- testCtrEncryptionInvalidLength(AES_CTR_128);
- testCtrEncryptionInvalidLength(AES_CTR_192);
- testCtrEncryptionInvalidLength(AES_CTR_256);
+ testCtrEncryptionInvalidLength({CKMC_ALGO_AES_CTR, 128});
+ testCtrEncryptionInvalidLength({CKMC_ALGO_AES_CTR, 192});
+ testCtrEncryptionInvalidLength({CKMC_ALGO_AES_CTR, 256});
}
RUNNER_TEST_MULTIPLE(TED_1105_ctr_encryption_valid_length, SyncEnv, AsyncEnv)
{
RUNNER_IGNORED_MSG("Openssl supports only 128-bit AES CTR length");
- testCtrEncryptionValidLength(AES_CTR_128);
- testCtrEncryptionValidLength(AES_CTR_192);
- testCtrEncryptionValidLength(AES_CTR_256);
+ testCtrEncryptionValidLength({CKMC_ALGO_AES_CTR, 128});
+ testCtrEncryptionValidLength({CKMC_ALGO_AES_CTR, 192});
+ testCtrEncryptionValidLength({CKMC_ALGO_AES_CTR, 256});
}
RUNNER_TEST_MULTIPLE(TED_1110_ctr_decryption_invalid_length, SyncEnv, AsyncEnv)
{
- testCtrDecryptionInvalidLength(AES_CTR_128);
- testCtrDecryptionInvalidLength(AES_CTR_192);
- testCtrDecryptionInvalidLength(AES_CTR_256);
+ testCtrDecryptionInvalidLength({CKMC_ALGO_AES_CTR, 128});
+ testCtrDecryptionInvalidLength({CKMC_ALGO_AES_CTR, 192});
+ testCtrDecryptionInvalidLength({CKMC_ALGO_AES_CTR, 256});
}
RUNNER_TEST_MULTIPLE(TED_1115_ctr_decryption_valid_length, SyncEnv, AsyncEnv)
{
RUNNER_IGNORED_MSG("Openssl supports only 128-bit AES CTR length");
- testCtrDecryptionValidLength(AES_CTR_128);
- testCtrDecryptionValidLength(AES_CTR_192);
- testCtrDecryptionValidLength(AES_CTR_256);
+ testCtrDecryptionValidLength({CKMC_ALGO_AES_CTR, 128});
+ testCtrDecryptionValidLength({CKMC_ALGO_AES_CTR, 192});
+ testCtrDecryptionValidLength({CKMC_ALGO_AES_CTR, 256});
}
RUNNER_TEST_MULTIPLE(TED_1200_gcm_encryption_tag_len, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testGcmEncryptionTagLen(AES_GCM_128);
- testGcmEncryptionTagLen(AES_GCM_192);
- testGcmEncryptionTagLen(AES_GCM_256);
+ testGcmEncryptionTagLen({CKMC_ALGO_AES_GCM, 128});
+ testGcmEncryptionTagLen({CKMC_ALGO_AES_GCM, 192});
+ testGcmEncryptionTagLen({CKMC_ALGO_AES_GCM, 256});
}
RUNNER_TEST_MULTIPLE(TED_1210_gcm_decryption_tag_len, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testGcmDecryptionTagLen(AES_GCM_128);
- testGcmDecryptionTagLen(AES_GCM_192);
- testGcmDecryptionTagLen(AES_GCM_256);
+ testGcmDecryptionTagLen({CKMC_ALGO_AES_GCM, 128});
+ testGcmDecryptionTagLen({CKMC_ALGO_AES_GCM, 192});
+ testGcmDecryptionTagLen({CKMC_ALGO_AES_GCM, 256});
}
RUNNER_TEST_MULTIPLE(TED_1230_gcm_wrong_tag, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- testGcmWrongTag(AES_GCM_128);
- testGcmWrongTag(AES_GCM_192);
- testGcmWrongTag(AES_GCM_256);
+ testGcmWrongTag({CKMC_ALGO_AES_GCM, 128});
+ testGcmWrongTag({CKMC_ALGO_AES_GCM, 192});
+ testGcmWrongTag({CKMC_ALGO_AES_GCM, 256});
}
RUNNER_TEST_MULTIPLE(TED_1240_gcm_different_iv_sizes, SyncEnv, AsyncEnv)
{
- testGcmDifferentIvSizes(AES_GCM_128);
- testGcmDifferentIvSizes(AES_GCM_192);
- testGcmDifferentIvSizes(AES_GCM_256);
+ testGcmDifferentIvSizes({CKMC_ALGO_AES_GCM, 128});
+ testGcmDifferentIvSizes({CKMC_ALGO_AES_GCM, 192});
+ testGcmDifferentIvSizes({CKMC_ALGO_AES_GCM, 256});
}
RUNNER_TEST_MULTIPLE(TED_1250_gcm_aad, SyncEnv, AsyncEnv)
{
testBackend b(PolicyBackend::FORCE_SOFTWARE);
- encryptionWithCustomData(AES_GCM_128, CKMC_PARAM_ED_AAD);
- encryptionWithCustomData(AES_GCM_192, CKMC_PARAM_ED_AAD);
- encryptionWithCustomData(AES_GCM_256, CKMC_PARAM_ED_AAD);
+ encryptionWithCustomData({CKMC_ALGO_AES_GCM, 128}, CKMC_PARAM_ED_AAD);
+ encryptionWithCustomData({CKMC_ALGO_AES_GCM, 192}, CKMC_PARAM_ED_AAD);
+ encryptionWithCustomData({CKMC_ALGO_AES_GCM, 256}, CKMC_PARAM_ED_AAD);
}
RUNNER_TEST_MULTIPLE(TED_1300_rsa_label, SyncEnv, AsyncEnv)
{
RUNNER_IGNORED_MSG("RSA-OAEP labels are not supported in openssl");
- encryptionWithCustomData(RSA_OAEP_1024, CKMC_PARAM_ED_LABEL);
- encryptionWithCustomData(RSA_OAEP_2048, CKMC_PARAM_ED_LABEL);
- encryptionWithCustomData(RSA_OAEP_4096, CKMC_PARAM_ED_LABEL);
+ encryptionWithCustomData({CKMC_ALGO_RSA_OAEP, 1024}, CKMC_PARAM_ED_LABEL);
+ encryptionWithCustomData({CKMC_ALGO_RSA_OAEP, 2048}, CKMC_PARAM_ED_LABEL);
+ encryptionWithCustomData({CKMC_ALGO_RSA_OAEP, 4096}, CKMC_PARAM_ED_LABEL);
}
RUNNER_TEST_MULTIPLE(TED_1330_rsa_longest_data, SyncEnv, AsyncEnv)
{
- testRsaLongestData(RSA_OAEP_1024, 86);
- testRsaLongestData(RSA_OAEP_2048, 214);
- testRsaLongestData(RSA_OAEP_4096, 470);
+ testRsaLongestData({CKMC_ALGO_RSA_OAEP, 1024}, 86);
+ testRsaLongestData({CKMC_ALGO_RSA_OAEP, 2048}, 214);
+ testRsaLongestData({CKMC_ALGO_RSA_OAEP, 4096}, 470);
}
RUNNER_TEST_MULTIPLE(TED_1350_rsa_data_too_long, SyncEnv, AsyncEnv)
{
- testRsaDataTooLong(RSA_OAEP_1024, 87);
- testRsaDataTooLong(RSA_OAEP_2048, 215);
- testRsaDataTooLong(RSA_OAEP_4096, 471);
+ testRsaDataTooLong({CKMC_ALGO_RSA_OAEP, 1024}, 87);
+ testRsaDataTooLong({CKMC_ALGO_RSA_OAEP, 2048}, 215);
+ testRsaDataTooLong({CKMC_ALGO_RSA_OAEP, 4096}, 471);
}
/////////////////////////////////////////
// Asynchronous only tests
/////////////////////////////////////////
-RUNNER_TEST(TED_2000_enc_no_observer_async, EncEnv)
+RUNNER_TEST(TED_2000_enc_no_observer_async, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
+ testAllAlgorithms([](const Algo& algo){
// prepare buffers
RawBuffer plain = createRandomBuffer(BUF_LEN);
// keys
- KeyAliasPair aliases = algo->keyGen(nullptr);
+ KeyAliasPair aliases = getKey(algo, PRIMARY);
// params
ckmc_param_list_h handle = NULL;
- assert_positive(ckmc_generate_new_params, algo->m_type, &handle);
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
- setParam(params, CKMC_PARAM_ED_IV, createRandomBufferCAPI(DEFAULT_IV_LEN));
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
// encrypt
test_no_observer(&ManagerAsync::encrypt,
RUNNER_TEST(TED_2010_dec_no_observer_async, AsyncEnv)
{
- testAllAlgorithms([](const AlgoBasePtr& algo){
- // prepare buffers
- RawBufferPtr plain = create_raw_buffer(createRandomBufferCAPI(BUF_LEN));
-
+ testAllAlgorithms([](const Algo& algo){
// encrypt
- auto ret = encrypt(algo, plain);
+ auto ret = encrypt(algo, PLAIN_DATA);
RawBuffer encrypted(ret.encrypted->data, ret.encrypted->data + ret.encrypted->size);
// decrypt