ceph/src/test/crypto.cc

   1 #include <errno.h>
   2 #include <time.h>
   3
   4 #include "gtest/gtest.h"
   5 #include "include/types.h"
   6 #include "auth/Crypto.h"
   7 #include "common/Clock.h"
   8 #include "common/ceph_crypto.h"
   9 #include "common/ceph_context.h"
  10 #include "global/global_context.h"
  11
  12 class CryptoEnvironment: public ::testing::Environment {
  13 public:
  14   void SetUp() override {
  15     ceph::crypto::init(g_ceph_context);
  16   }
  17 };
  18
  19 TEST(AES, ValidateSecret) {
  20   CryptoHandler *h = g_ceph_context->get_crypto_handler(CEPH_CRYPTO_AES);
  21   int l;
  22
  23   for (l=0; l<16; l++) {
  24     bufferptr bp(l);
  25     int err;
  26     err = h->validate_secret(bp);
  27     EXPECT_EQ(-EINVAL, err);
  28   }
  29
  30   for (l=16; l<50; l++) {
  31     bufferptr bp(l);
  32     int err;
  33     err = h->validate_secret(bp);
  34     EXPECT_EQ(0, err);
  35   }
  36 }
  37
  38 TEST(AES, Encrypt) {
  39   CryptoHandler *h = g_ceph_context->get_crypto_handler(CEPH_CRYPTO_AES);
  40   char secret_s[] = {
  41     0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
  42     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
  43   };
  44   bufferptr secret(secret_s, sizeof(secret_s));
  45
  46   unsigned char plaintext_s[] = {
  47     0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
  48     0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
  49   };
  50   bufferlist plaintext;
  51   plaintext.append((char *)plaintext_s, sizeof(plaintext_s));
  52
  53   bufferlist cipher;
  54   std::string error;
  55   CryptoKeyHandler *kh = h->get_key_handler(secret, error);
  56   int r = kh->encrypt(plaintext, cipher, &error);
  57   ASSERT_EQ(r, 0);
  58   ASSERT_EQ(error, "");
  59
  60   unsigned char want_cipher[] = {
  61     0xb3, 0x8f, 0x5b, 0xc9, 0x35, 0x4c, 0xf8, 0xc6,
  62     0x13, 0x15, 0x66, 0x6f, 0x37, 0xd7, 0x79, 0x3a,
  63     0x11, 0x90, 0x7b, 0xe9, 0xd8, 0x3c, 0x35, 0x70,
  64     0x58, 0x7b, 0x97, 0x9b, 0x03, 0xd2, 0xa5, 0x01,
  65   };
  66   char cipher_s[sizeof(want_cipher)];
  67
  68   ASSERT_EQ(sizeof(cipher_s), cipher.length());
  69   cipher.copy(0, sizeof(cipher_s), &cipher_s[0]);
  70
  71   int err;
  72   err = memcmp(cipher_s, want_cipher, sizeof(want_cipher));
  73   ASSERT_EQ(0, err);
  74
  75   delete kh;
  76 }
  77
  78 TEST(AES, Decrypt) {
  79   CryptoHandler *h = g_ceph_context->get_crypto_handler(CEPH_CRYPTO_AES);
  80   char secret_s[] = {
  81     0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
  82     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
  83   };
  84   bufferptr secret(secret_s, sizeof(secret_s));
  85
  86   unsigned char cipher_s[] = {
  87     0xb3, 0x8f, 0x5b, 0xc9, 0x35, 0x4c, 0xf8, 0xc6,
  88     0x13, 0x15, 0x66, 0x6f, 0x37, 0xd7, 0x79, 0x3a,
  89     0x11, 0x90, 0x7b, 0xe9, 0xd8, 0x3c, 0x35, 0x70,
  90     0x58, 0x7b, 0x97, 0x9b, 0x03, 0xd2, 0xa5, 0x01,
  91   };
  92   bufferlist cipher;
  93   cipher.append((char *)cipher_s, sizeof(cipher_s));
  94
  95   unsigned char want_plaintext[] = {
  96     0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
  97     0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
  98   };
  99   char plaintext_s[sizeof(want_plaintext)];
 100
 101   std::string error;
 102   bufferlist plaintext;
 103   CryptoKeyHandler *kh = h->get_key_handler(secret, error);
 104   int r = kh->decrypt(cipher, plaintext, &error);
 105   ASSERT_EQ(r, 0);
 106   ASSERT_EQ(error, "");
 107
 108   ASSERT_EQ(sizeof(plaintext_s), plaintext.length());
 109   plaintext.copy(0, sizeof(plaintext_s), &plaintext_s[0]);
 110
 111   int err;
 112   err = memcmp(plaintext_s, want_plaintext, sizeof(want_plaintext));
 113   ASSERT_EQ(0, err);
 114
 115   delete kh;
 116 }
 117
 118 TEST(AES, Loop) {
 119   int err;
 120
 121   char secret_s[16];
 122   err = get_random_bytes(secret_s, sizeof(secret_s));
 123   ASSERT_EQ(0, err);
 124   bufferptr secret(secret_s, sizeof(secret_s));
 125
 126   char orig_plaintext_s[1024];
 127   err = get_random_bytes(orig_plaintext_s, sizeof(orig_plaintext_s));
 128   ASSERT_EQ(0, err);
 129
 130   bufferlist plaintext;
 131   plaintext.append(orig_plaintext_s, sizeof(orig_plaintext_s));
 132
 133   for (int i=0; i<10000; i++) {
 134     bufferlist cipher;
 135     {
 136       CryptoHandler *h = g_ceph_context->get_crypto_handler(CEPH_CRYPTO_AES);
 137
 138       std::string error;
 139       CryptoKeyHandler *kh = h->get_key_handler(secret, error);
 140       int r = kh->encrypt(plaintext, cipher, &error);
 141       ASSERT_EQ(r, 0);
 142       ASSERT_EQ(error, "");
 143
 144       delete kh;
 145     }
 146     plaintext.clear();
 147
 148     {
 149       CryptoHandler *h = g_ceph_context->get_crypto_handler(CEPH_CRYPTO_AES);
 150       std::string error;
 151       CryptoKeyHandler *ckh = h->get_key_handler(secret, error);
 152       int r = ckh->decrypt(cipher, plaintext, &error);
 153       ASSERT_EQ(r, 0);
 154       ASSERT_EQ(error, "");
 155
 156       delete ckh;
 157     }
 158   }
 159
 160   char plaintext_s[sizeof(orig_plaintext_s)];
 161   plaintext.copy(0, sizeof(plaintext_s), &plaintext_s[0]);
 162   err = memcmp(plaintext_s, orig_plaintext_s, sizeof(orig_plaintext_s));
 163   ASSERT_EQ(0, err);
 164 }
 165
 166 TEST(AES, LoopKey) {
 167   bufferptr k(16);
 168   get_random_bytes(k.c_str(), k.length());
 169   CryptoKey key(CEPH_CRYPTO_AES, ceph_clock_now(), k);
 170
 171   bufferlist data;
 172   bufferptr r(128);
 173   get_random_bytes(r.c_str(), r.length());
 174   data.append(r);
 175
 176   utime_t start = ceph_clock_now();
 177   int n = 100000;
 178
 179   for (int i=0; i<n; ++i) {
 180     bufferlist encoded;
 181     string error;
 182     int r = key.encrypt(g_ceph_context, data, encoded, &error);
 183     ASSERT_EQ(r, 0);
 184   }
 185
 186   utime_t end = ceph_clock_now();
 187   utime_t dur = end - start;
 188   cout << n << " encoded in " << dur << std::endl;
 189 }