[mirror_qemu.git] / tests / test-crypto-cipher.c

/*
 * QEMU Crypto cipher algorithms
 *
 * Copyright (c) 2015 Red Hat, Inc.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 *
 */

#include "qemu/osdep.h"
#include <glib.h>

#include "crypto/init.h"
#include "crypto/cipher.h"

typedef struct QCryptoCipherTestData QCryptoCipherTestData;
struct QCryptoCipherTestData {
    const char *path;
    QCryptoCipherAlgorithm alg;
    QCryptoCipherMode mode;
    const char *key;
    const char *plaintext;
    const char *ciphertext;
    const char *iv;
};

/* AES test data comes from appendix F of:
 *
 * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
 */
static QCryptoCipherTestData test_data[] = {
    {
        /* NIST F.1.1 ECB-AES128.Encrypt */
        .path = "/crypto/cipher/aes-ecb-128",
        .alg = QCRYPTO_CIPHER_ALG_AES_128,
        .mode = QCRYPTO_CIPHER_MODE_ECB,
        .key = "2b7e151628aed2a6abf7158809cf4f3c",
        .plaintext =
            "6bc1bee22e409f96e93d7e117393172a"
            "ae2d8a571e03ac9c9eb76fac45af8e51"
            "30c81c46a35ce411e5fbc1191a0a52ef"
            "f69f2445df4f9b17ad2b417be66c3710",
        .ciphertext =
            "3ad77bb40d7a3660a89ecaf32466ef97"
            "f5d3d58503b9699de785895a96fdbaaf"
            "43b1cd7f598ece23881b00e3ed030688"
            "7b0c785e27e8ad3f8223207104725dd4"
    },
    {
        /* NIST F.1.3 ECB-AES192.Encrypt */
        .path = "/crypto/cipher/aes-ecb-192",
        .alg = QCRYPTO_CIPHER_ALG_AES_192,
        .mode = QCRYPTO_CIPHER_MODE_ECB,
        .key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
        .plaintext  =
            "6bc1bee22e409f96e93d7e117393172a"
            "ae2d8a571e03ac9c9eb76fac45af8e51"
            "30c81c46a35ce411e5fbc1191a0a52ef"
            "f69f2445df4f9b17ad2b417be66c3710",
        .ciphertext =
            "bd334f1d6e45f25ff712a214571fa5cc"
            "974104846d0ad3ad7734ecb3ecee4eef"
            "ef7afd2270e2e60adce0ba2face6444e"
            "9a4b41ba738d6c72fb16691603c18e0e"
    },
    {
        /* NIST F.1.5 ECB-AES256.Encrypt */
        .path = "/crypto/cipher/aes-ecb-256",
        .alg = QCRYPTO_CIPHER_ALG_AES_256,
        .mode = QCRYPTO_CIPHER_MODE_ECB,
        .key =
            "603deb1015ca71be2b73aef0857d7781"
            "1f352c073b6108d72d9810a30914dff4",
        .plaintext  =
            "6bc1bee22e409f96e93d7e117393172a"
            "ae2d8a571e03ac9c9eb76fac45af8e51"
            "30c81c46a35ce411e5fbc1191a0a52ef"
            "f69f2445df4f9b17ad2b417be66c3710",
        .ciphertext =
            "f3eed1bdb5d2a03c064b5a7e3db181f8"
            "591ccb10d410ed26dc5ba74a31362870"
            "b6ed21b99ca6f4f9f153e7b1beafed1d"
            "23304b7a39f9f3ff067d8d8f9e24ecc7",
    },
    {
        /* NIST F.2.1 CBC-AES128.Encrypt */
        .path = "/crypto/cipher/aes-cbc-128",
        .alg = QCRYPTO_CIPHER_ALG_AES_128,
        .mode = QCRYPTO_CIPHER_MODE_CBC,
        .key = "2b7e151628aed2a6abf7158809cf4f3c",
        .iv = "000102030405060708090a0b0c0d0e0f",
        .plaintext  =
            "6bc1bee22e409f96e93d7e117393172a"
            "ae2d8a571e03ac9c9eb76fac45af8e51"
            "30c81c46a35ce411e5fbc1191a0a52ef"
            "f69f2445df4f9b17ad2b417be66c3710",
        .ciphertext =
            "7649abac8119b246cee98e9b12e9197d"
            "5086cb9b507219ee95db113a917678b2"
            "73bed6b8e3c1743b7116e69e22229516"
            "3ff1caa1681fac09120eca307586e1a7",
    },
    {
        /* NIST F.2.3 CBC-AES128.Encrypt */
        .path = "/crypto/cipher/aes-cbc-192",
        .alg = QCRYPTO_CIPHER_ALG_AES_192,
        .mode = QCRYPTO_CIPHER_MODE_CBC,
        .key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
        .iv = "000102030405060708090a0b0c0d0e0f",
        .plaintext  =
            "6bc1bee22e409f96e93d7e117393172a"
            "ae2d8a571e03ac9c9eb76fac45af8e51"
            "30c81c46a35ce411e5fbc1191a0a52ef"
            "f69f2445df4f9b17ad2b417be66c3710",
        .ciphertext =
            "4f021db243bc633d7178183a9fa071e8"
            "b4d9ada9ad7dedf4e5e738763f69145a"
            "571b242012fb7ae07fa9baac3df102e0"
            "08b0e27988598881d920a9e64f5615cd",
    },
    {
        /* NIST F.2.5 CBC-AES128.Encrypt */
        .path = "/crypto/cipher/aes-cbc-256",
        .alg = QCRYPTO_CIPHER_ALG_AES_256,
        .mode = QCRYPTO_CIPHER_MODE_CBC,
        .key =
            "603deb1015ca71be2b73aef0857d7781"
            "1f352c073b6108d72d9810a30914dff4",
        .iv = "000102030405060708090a0b0c0d0e0f",
        .plaintext  =
            "6bc1bee22e409f96e93d7e117393172a"
            "ae2d8a571e03ac9c9eb76fac45af8e51"
            "30c81c46a35ce411e5fbc1191a0a52ef"
            "f69f2445df4f9b17ad2b417be66c3710",
        .ciphertext =
            "f58c4c04d6e5f1ba779eabfb5f7bfbd6"
            "9cfc4e967edb808d679f777bc6702c7d"
            "39f23369a9d9bacfa530e26304231461"
            "b2eb05e2c39be9fcda6c19078c6a9d1b",
    },
    {
        .path = "/crypto/cipher/des-rfb-ecb-56",
        .alg = QCRYPTO_CIPHER_ALG_DES_RFB,
        .mode = QCRYPTO_CIPHER_MODE_ECB,
        .key = "0123456789abcdef",
        .plaintext =
            "6bc1bee22e409f96e93d7e117393172a"
            "ae2d8a571e03ac9c9eb76fac45af8e51"
            "30c81c46a35ce411e5fbc1191a0a52ef"
            "f69f2445df4f9b17ad2b417be66c3710",
        .ciphertext =
            "8f346aaf64eaf24040720d80648c52e7"
            "aefc616be53ab1a3d301e69d91e01838"
            "ffd29f1bb5596ad94ea2d8e6196b7f09"
            "30d8ed0bf2773af36dd82a6280c20926",
    },
    {
        /* RFC 2144, Appendix B.1 */
        .path = "/crypto/cipher/cast5-128",
        .alg = QCRYPTO_CIPHER_ALG_CAST5_128,
        .mode = QCRYPTO_CIPHER_MODE_ECB,
        .key = "0123456712345678234567893456789A",
        .plaintext = "0123456789abcdef",
        .ciphertext = "238b4fe5847e44b2",
    },
};


static inline int unhex(char c)
{
    if (c >= 'a' && c <= 'f') {
        return 10 + (c - 'a');
    }
    if (c >= 'A' && c <= 'F') {
        return 10 + (c - 'A');
    }
    return c - '0';
}

static inline char hex(int i)
{
    if (i < 10) {
        return '0' + i;
    }
    return 'a' + (i - 10);
}

static size_t unhex_string(const char *hexstr,
                           uint8_t **data)
{
    size_t len;
    size_t i;

    if (!hexstr) {
        *data = NULL;
        return 0;
    }

    len = strlen(hexstr);
    *data = g_new0(uint8_t, len / 2);

    for (i = 0; i < len; i += 2) {
        (*data)[i/2] = (unhex(hexstr[i]) << 4) | unhex(hexstr[i+1]);
    }
    return len / 2;
}

static char *hex_string(const uint8_t *bytes,
                        size_t len)
{
    char *hexstr = g_new0(char, len * 2 + 1);
    size_t i;

    for (i = 0; i < len; i++) {
        hexstr[i*2] = hex((bytes[i] >> 4) & 0xf);
        hexstr[i*2+1] = hex(bytes[i] & 0xf);
    }
    hexstr[len*2] = '\0';

    return hexstr;
}

static void test_cipher(const void *opaque)
{
    const QCryptoCipherTestData *data = opaque;

    QCryptoCipher *cipher;
    uint8_t *key, *iv, *ciphertext, *plaintext, *outtext;
    size_t nkey, niv, nciphertext, nplaintext;
    char *outtexthex;
    size_t ivsize, keysize, blocksize;

    nkey = unhex_string(data->key, &key);
    niv = unhex_string(data->iv, &iv);
    nciphertext = unhex_string(data->ciphertext, &ciphertext);
    nplaintext = unhex_string(data->plaintext, &plaintext);

    g_assert(nciphertext == nplaintext);

    outtext = g_new0(uint8_t, nciphertext);

    cipher = qcrypto_cipher_new(
        data->alg, data->mode,
        key, nkey,
        &error_abort);
    g_assert(cipher != NULL);

    keysize = qcrypto_cipher_get_key_len(data->alg);
    blocksize = qcrypto_cipher_get_block_len(data->alg);
    ivsize = qcrypto_cipher_get_iv_len(data->alg, data->mode);

    g_assert_cmpint(keysize, ==, nkey);
    g_assert_cmpint(ivsize, ==, niv);
    if (niv) {
        g_assert_cmpint(blocksize, ==, niv);
    }

    if (iv) {
        g_assert(qcrypto_cipher_setiv(cipher,
                                      iv, niv,
                                      &error_abort) == 0);
    }
    g_assert(qcrypto_cipher_encrypt(cipher,
                                    plaintext,
                                    outtext,
                                    nplaintext,
                                    &error_abort) == 0);

    outtexthex = hex_string(outtext, nciphertext);

    g_assert_cmpstr(outtexthex, ==, data->ciphertext);

    g_free(outtexthex);

    if (iv) {
        g_assert(qcrypto_cipher_setiv(cipher,
                                      iv, niv,
                                      &error_abort) == 0);
    }
    g_assert(qcrypto_cipher_decrypt(cipher,
                                    ciphertext,
                                    outtext,
                                    nplaintext,
                                    &error_abort) == 0);

    outtexthex = hex_string(outtext, nplaintext);

    g_assert_cmpstr(outtexthex, ==, data->plaintext);

    g_free(outtext);
    g_free(outtexthex);
    g_free(key);
    g_free(iv);
    g_free(ciphertext);
    g_free(plaintext);
    qcrypto_cipher_free(cipher);
}


static void test_cipher_null_iv(void)
{
    QCryptoCipher *cipher;
    uint8_t key[32] = { 0 };
    uint8_t plaintext[32] = { 0 };
    uint8_t ciphertext[32] = { 0 };

    cipher = qcrypto_cipher_new(
        QCRYPTO_CIPHER_ALG_AES_256,
        QCRYPTO_CIPHER_MODE_CBC,
        key, sizeof(key),
        &error_abort);
    g_assert(cipher != NULL);

    /* Don't call qcrypto_cipher_setiv */

    qcrypto_cipher_encrypt(cipher,
                           plaintext,
                           ciphertext,
                           sizeof(plaintext),
                           &error_abort);

    qcrypto_cipher_free(cipher);
}

static void test_cipher_short_plaintext(void)
{
    Error *err = NULL;
    QCryptoCipher *cipher;
    uint8_t key[32] = { 0 };
    uint8_t plaintext1[20] = { 0 };
    uint8_t ciphertext1[20] = { 0 };
    uint8_t plaintext2[40] = { 0 };
    uint8_t ciphertext2[40] = { 0 };
    int ret;

    cipher = qcrypto_cipher_new(
        QCRYPTO_CIPHER_ALG_AES_256,
        QCRYPTO_CIPHER_MODE_CBC,
        key, sizeof(key),
        &error_abort);
    g_assert(cipher != NULL);

    /* Should report an error as plaintext is shorter
     * than block size
     */
    ret = qcrypto_cipher_encrypt(cipher,
                                 plaintext1,
                                 ciphertext1,
                                 sizeof(plaintext1),
                                 &err);
    g_assert(ret == -1);
    g_assert(err != NULL);

    error_free(err);
    err = NULL;

    /* Should report an error as plaintext is larger than
     * block size, but not a multiple of block size
     */
    ret = qcrypto_cipher_encrypt(cipher,
                                 plaintext2,
                                 ciphertext2,
                                 sizeof(plaintext2),
                                 &err);
    g_assert(ret == -1);
    g_assert(err != NULL);

    error_free(err);
    qcrypto_cipher_free(cipher);
}

int main(int argc, char **argv)
{
    size_t i;

    g_test_init(&argc, &argv, NULL);

    g_assert(qcrypto_init(NULL) == 0);

    for (i = 0; i < G_N_ELEMENTS(test_data); i++) {
        if (qcrypto_cipher_supports(test_data[i].alg)) {
            g_test_add_data_func(test_data[i].path, &test_data[i], test_cipher);
        }
    }

    g_test_add_func("/crypto/cipher/null-iv",
                    test_cipher_null_iv);

    g_test_add_func("/crypto/cipher/short-plaintext",
                    test_cipher_short_plaintext);

    return g_test_run();
}
Commit	Line	Data
ca38a4cc DB	1	/*
	2	* QEMU Crypto cipher algorithms
	3	*
	4	* Copyright (c) 2015 Red Hat, Inc.
	5	*
	6	* This library is free software; you can redistribute it and/or
	7	* modify it under the terms of the GNU Lesser General Public
	8	* License as published by the Free Software Foundation; either
	9	* version 2 of the License, or (at your option) any later version.
	10	*
	11	* This library is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	14	* Lesser General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU Lesser General Public
	17	* License along with this library; if not, see <http://www.gnu.org/licenses/>.
	18	*
	19	*/
	20
681c28a3	21	#include "qemu/osdep.h"
ca38a4cc DB	22	#include <glib.h>
	23
	24	#include "crypto/init.h"
	25	#include "crypto/cipher.h"
	26
	27	typedef struct QCryptoCipherTestData QCryptoCipherTestData;
	28	struct QCryptoCipherTestData {
	29	const char *path;
	30	QCryptoCipherAlgorithm alg;
	31	QCryptoCipherMode mode;
	32	const char *key;
	33	const char *plaintext;
	34	const char *ciphertext;
	35	const char *iv;
	36	};
	37
	38	/* AES test data comes from appendix F of:
	39	*
	40	* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
	41	*/
	42	static QCryptoCipherTestData test_data[] = {
	43	{
	44	/* NIST F.1.1 ECB-AES128.Encrypt */
	45	.path = "/crypto/cipher/aes-ecb-128",
	46	.alg = QCRYPTO_CIPHER_ALG_AES_128,
	47	.mode = QCRYPTO_CIPHER_MODE_ECB,
	48	.key = "2b7e151628aed2a6abf7158809cf4f3c",
	49	.plaintext =
	50	"6bc1bee22e409f96e93d7e117393172a"
	51	"ae2d8a571e03ac9c9eb76fac45af8e51"
	52	"30c81c46a35ce411e5fbc1191a0a52ef"
	53	"f69f2445df4f9b17ad2b417be66c3710",
	54	.ciphertext =
	55	"3ad77bb40d7a3660a89ecaf32466ef97"
	56	"f5d3d58503b9699de785895a96fdbaaf"
	57	"43b1cd7f598ece23881b00e3ed030688"
	58	"7b0c785e27e8ad3f8223207104725dd4"
	59	},
	60	{
	61	/* NIST F.1.3 ECB-AES192.Encrypt */
	62	.path = "/crypto/cipher/aes-ecb-192",
	63	.alg = QCRYPTO_CIPHER_ALG_AES_192,
	64	.mode = QCRYPTO_CIPHER_MODE_ECB,
	65	.key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
	66	.plaintext =
	67	"6bc1bee22e409f96e93d7e117393172a"
	68	"ae2d8a571e03ac9c9eb76fac45af8e51"
	69	"30c81c46a35ce411e5fbc1191a0a52ef"
	70	"f69f2445df4f9b17ad2b417be66c3710",
	71	.ciphertext =
	72	"bd334f1d6e45f25ff712a214571fa5cc"
	73	"974104846d0ad3ad7734ecb3ecee4eef"
	74	"ef7afd2270e2e60adce0ba2face6444e"
	75	"9a4b41ba738d6c72fb16691603c18e0e"
	76	},
	77	{
	78	/* NIST F.1.5 ECB-AES256.Encrypt */
	79	.path = "/crypto/cipher/aes-ecb-256",
	80	.alg = QCRYPTO_CIPHER_ALG_AES_256,
	81	.mode = QCRYPTO_CIPHER_MODE_ECB,
	82	.key =
	83	"603deb1015ca71be2b73aef0857d7781"
	84	"1f352c073b6108d72d9810a30914dff4",
	85	.plaintext =
86	"6bc1bee22e409f96e93d7e117393172a"
87	"ae2d8a571e03ac9c9eb76fac45af8e51"
88	"30c81c46a35ce411e5fbc1191a0a52ef"
89	"f69f2445df4f9b17ad2b417be66c3710",
90	.ciphertext =
91	"f3eed1bdb5d2a03c064b5a7e3db181f8"
92	"591ccb10d410ed26dc5ba74a31362870"
93	"b6ed21b99ca6f4f9f153e7b1beafed1d"
94	"23304b7a39f9f3ff067d8d8f9e24ecc7",
95	},
96	{
97	/* NIST F.2.1 CBC-AES128.Encrypt */
98	.path = "/crypto/cipher/aes-cbc-128",
99	.alg = QCRYPTO_CIPHER_ALG_AES_128,
100	.mode = QCRYPTO_CIPHER_MODE_CBC,
101	.key = "2b7e151628aed2a6abf7158809cf4f3c",
102	.iv = "000102030405060708090a0b0c0d0e0f",
103	.plaintext =
104	"6bc1bee22e409f96e93d7e117393172a"
105	"ae2d8a571e03ac9c9eb76fac45af8e51"
106	"30c81c46a35ce411e5fbc1191a0a52ef"
107	"f69f2445df4f9b17ad2b417be66c3710",
108	.ciphertext =
109	"7649abac8119b246cee98e9b12e9197d"
110	"5086cb9b507219ee95db113a917678b2"
111	"73bed6b8e3c1743b7116e69e22229516"
112	"3ff1caa1681fac09120eca307586e1a7",
113	},
114	{
115	/* NIST F.2.3 CBC-AES128.Encrypt */
116	.path = "/crypto/cipher/aes-cbc-192",
117	.alg = QCRYPTO_CIPHER_ALG_AES_192,
118	.mode = QCRYPTO_CIPHER_MODE_CBC,
119	.key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
120	.iv = "000102030405060708090a0b0c0d0e0f",
121	.plaintext =
122	"6bc1bee22e409f96e93d7e117393172a"
123	"ae2d8a571e03ac9c9eb76fac45af8e51"
124	"30c81c46a35ce411e5fbc1191a0a52ef"
125	"f69f2445df4f9b17ad2b417be66c3710",
126	.ciphertext =
127	"4f021db243bc633d7178183a9fa071e8"
128	"b4d9ada9ad7dedf4e5e738763f69145a"
129	"571b242012fb7ae07fa9baac3df102e0"
130	"08b0e27988598881d920a9e64f5615cd",
131	},
132	{
133	/* NIST F.2.5 CBC-AES128.Encrypt */
134	.path = "/crypto/cipher/aes-cbc-256",
135	.alg = QCRYPTO_CIPHER_ALG_AES_256,
136	.mode = QCRYPTO_CIPHER_MODE_CBC,
137	.key =
138	"603deb1015ca71be2b73aef0857d7781"
139	"1f352c073b6108d72d9810a30914dff4",
140	.iv = "000102030405060708090a0b0c0d0e0f",
141	.plaintext =
142	"6bc1bee22e409f96e93d7e117393172a"
143	"ae2d8a571e03ac9c9eb76fac45af8e51"
144	"30c81c46a35ce411e5fbc1191a0a52ef"
145	"f69f2445df4f9b17ad2b417be66c3710",
146	.ciphertext =
147	"f58c4c04d6e5f1ba779eabfb5f7bfbd6"
148	"9cfc4e967edb808d679f777bc6702c7d"
149	"39f23369a9d9bacfa530e26304231461"
150	"b2eb05e2c39be9fcda6c19078c6a9d1b",
151	},
152	{
153	.path = "/crypto/cipher/des-rfb-ecb-56",
154	.alg = QCRYPTO_CIPHER_ALG_DES_RFB,
155	.mode = QCRYPTO_CIPHER_MODE_ECB,
156	.key = "0123456789abcdef",
157	.plaintext =
158	"6bc1bee22e409f96e93d7e117393172a"
159	"ae2d8a571e03ac9c9eb76fac45af8e51"
160	"30c81c46a35ce411e5fbc1191a0a52ef"
161	"f69f2445df4f9b17ad2b417be66c3710",
162	.ciphertext =
163	"8f346aaf64eaf24040720d80648c52e7"
164	"aefc616be53ab1a3d301e69d91e01838"
165	"ffd29f1bb5596ad94ea2d8e6196b7f09"
166	"30d8ed0bf2773af36dd82a6280c20926",
167	},
084a85ee DB	168	{
	169	/* RFC 2144, Appendix B.1 */
	170	.path = "/crypto/cipher/cast5-128",
	171	.alg = QCRYPTO_CIPHER_ALG_CAST5_128,
	172	.mode = QCRYPTO_CIPHER_MODE_ECB,
	173	.key = "0123456712345678234567893456789A",
	174	.plaintext = "0123456789abcdef",
	175	.ciphertext = "238b4fe5847e44b2",
	176	},
ca38a4cc DB	177	};
	178
	179
	180	static inline int unhex(char c)
	181	{
	182	if (c >= 'a' && c <= 'f') {
	183	return 10 + (c - 'a');
	184	}
	185	if (c >= 'A' && c <= 'F') {
	186	return 10 + (c - 'A');
	187	}
	188	return c - '0';
	189	}
	190
	191	static inline char hex(int i)
	192	{
	193	if (i < 10) {
	194	return '0' + i;
	195	}
	196	return 'a' + (i - 10);
	197	}
	198
	199	static size_t unhex_string(const char *hexstr,
	200	uint8_t **data)
	201	{
	202	size_t len;
	203	size_t i;
	204
	205	if (!hexstr) {
	206	*data = NULL;
	207	return 0;
	208	}
	209
	210	len = strlen(hexstr);
	211	*data = g_new0(uint8_t, len / 2);
	212
	213	for (i = 0; i < len; i += 2) {
	214	(*data)[i/2] = (unhex(hexstr[i]) << 4) \| unhex(hexstr[i+1]);
	215	}
	216	return len / 2;
	217	}
	218
	219	static char hex_string(const uint8_t bytes,
	220	size_t len)
	221	{
	222	char hexstr = g_new0(char, len 2 + 1);
	223	size_t i;
	224
	225	for (i = 0; i < len; i++) {
	226	hexstr[i*2] = hex((bytes[i] >> 4) & 0xf);
	227	hexstr[i*2+1] = hex(bytes[i] & 0xf);
	228	}
	229	hexstr[len*2] = '\0';
	230
	231	return hexstr;
	232	}
	233
	234	static void test_cipher(const void *opaque)
	235	{
	236	const QCryptoCipherTestData *data = opaque;
	237
	238	QCryptoCipher *cipher;
ca38a4cc DB	239	uint8_t key, iv, ciphertext, plaintext, *outtext;
	240	size_t nkey, niv, nciphertext, nplaintext;
	241	char *outtexthex;
dd2bf9eb	242	size_t ivsize, keysize, blocksize;
ca38a4cc	243
ca38a4cc DB	244	nkey = unhex_string(data->key, &key);
	245	niv = unhex_string(data->iv, &iv);
	246	nciphertext = unhex_string(data->ciphertext, &ciphertext);
	247	nplaintext = unhex_string(data->plaintext, &plaintext);
	248
	249	g_assert(nciphertext == nplaintext);
	250
	251	outtext = g_new0(uint8_t, nciphertext);
	252
	253	cipher = qcrypto_cipher_new(
	254	data->alg, data->mode,
	255	key, nkey,
019c2ab8	256	&error_abort);
ca38a4cc	257	g_assert(cipher != NULL);
ca38a4cc	258
dd2bf9eb DB	259	keysize = qcrypto_cipher_get_key_len(data->alg);
	260	blocksize = qcrypto_cipher_get_block_len(data->alg);
	261	ivsize = qcrypto_cipher_get_iv_len(data->alg, data->mode);
	262
	263	g_assert_cmpint(keysize, ==, nkey);
	264	g_assert_cmpint(ivsize, ==, niv);
	265	if (niv) {
	266	g_assert_cmpint(blocksize, ==, niv);
	267	}
ca38a4cc DB	268
	269	if (iv) {
	270	g_assert(qcrypto_cipher_setiv(cipher,
	271	iv, niv,
019c2ab8	272	&error_abort) == 0);
ca38a4cc DB	273	}
	274	g_assert(qcrypto_cipher_encrypt(cipher,
	275	plaintext,
	276	outtext,
	277	nplaintext,
019c2ab8	278	&error_abort) == 0);
ca38a4cc DB	279
	280	outtexthex = hex_string(outtext, nciphertext);
	281
	282	g_assert_cmpstr(outtexthex, ==, data->ciphertext);
	283
019c2ab8 DB	284	g_free(outtexthex);
	285
	286	if (iv) {
	287	g_assert(qcrypto_cipher_setiv(cipher,
	288	iv, niv,
	289	&error_abort) == 0);
	290	}
	291	g_assert(qcrypto_cipher_decrypt(cipher,
	292	ciphertext,
	293	outtext,
	294	nplaintext,
	295	&error_abort) == 0);
	296
	297	outtexthex = hex_string(outtext, nplaintext);
	298
	299	g_assert_cmpstr(outtexthex, ==, data->plaintext);
	300
ca38a4cc DB	301	g_free(outtext);
	302	g_free(outtexthex);
	303	g_free(key);
	304	g_free(iv);
	305	g_free(ciphertext);
	306	g_free(plaintext);
	307	qcrypto_cipher_free(cipher);
	308	}
	309
eb2a770b DB	310
	311	static void test_cipher_null_iv(void)
	312	{
	313	QCryptoCipher *cipher;
	314	uint8_t key[32] = { 0 };
	315	uint8_t plaintext[32] = { 0 };
	316	uint8_t ciphertext[32] = { 0 };
	317
	318	cipher = qcrypto_cipher_new(
	319	QCRYPTO_CIPHER_ALG_AES_256,
	320	QCRYPTO_CIPHER_MODE_CBC,
	321	key, sizeof(key),
	322	&error_abort);
	323	g_assert(cipher != NULL);
	324
	325	/* Don't call qcrypto_cipher_setiv */
	326
	327	qcrypto_cipher_encrypt(cipher,
	328	plaintext,
	329	ciphertext,
	330	sizeof(plaintext),
	331	&error_abort);
	332
	333	qcrypto_cipher_free(cipher);
	334	}
	335
3a661f1e DB	336	static void test_cipher_short_plaintext(void)
	337	{
	338	Error *err = NULL;
	339	QCryptoCipher *cipher;
	340	uint8_t key[32] = { 0 };
	341	uint8_t plaintext1[20] = { 0 };
	342	uint8_t ciphertext1[20] = { 0 };
	343	uint8_t plaintext2[40] = { 0 };
	344	uint8_t ciphertext2[40] = { 0 };
	345	int ret;
	346
	347	cipher = qcrypto_cipher_new(
	348	QCRYPTO_CIPHER_ALG_AES_256,
	349	QCRYPTO_CIPHER_MODE_CBC,
	350	key, sizeof(key),
	351	&error_abort);
	352	g_assert(cipher != NULL);
	353
	354	/* Should report an error as plaintext is shorter
	355	* than block size
	356	*/
	357	ret = qcrypto_cipher_encrypt(cipher,
	358	plaintext1,
	359	ciphertext1,
	360	sizeof(plaintext1),
	361	&err);
	362	g_assert(ret == -1);
	363	g_assert(err != NULL);
	364
	365	error_free(err);
	366	err = NULL;
	367
	368	/* Should report an error as plaintext is larger than
	369	* block size, but not a multiple of block size
	370	*/
	371	ret = qcrypto_cipher_encrypt(cipher,
	372	plaintext2,
	373	ciphertext2,
	374	sizeof(plaintext2),
	375	&err);
	376	g_assert(ret == -1);
	377	g_assert(err != NULL);
	378
	379	error_free(err);
	380	qcrypto_cipher_free(cipher);
	381	}
	382
ca38a4cc DB	383	int main(int argc, char **argv)
	384	{
	385	size_t i;
	386
	387	g_test_init(&argc, &argv, NULL);
	388
	389	g_assert(qcrypto_init(NULL) == 0);
	390
	391	for (i = 0; i < G_N_ELEMENTS(test_data); i++) {
aa413635 DB	392	if (qcrypto_cipher_supports(test_data[i].alg)) {
	393	g_test_add_data_func(test_data[i].path, &test_data[i], test_cipher);
	394	}
ca38a4cc	395	}
eb2a770b DB	396
	397	g_test_add_func("/crypto/cipher/null-iv",
	398	test_cipher_null_iv);
	399
3a661f1e DB	400	g_test_add_func("/crypto/cipher/short-plaintext",
	401	test_cipher_short_plaintext);
	402
ca38a4cc DB	403	return g_test_run();
ca38a4cc DB	404	}