Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / boringssl / fb44824b91c8219bc2dd49195d16c1f07d511a26 / . / src / fipsoracle / cavp_aes_gcm_test.cc
blob: 9871b73bca26d60d7620323b634c0dbb8f191889 [file] [log] [blame]
Robert Sloan2424d842017-05-01 07:46:28 -0700[diff] [blame]1/* Copyright (c) 2017, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15// cavp_aes_gcm_test processes a NIST CAVP AES GCM test vector request file and
16// emits the corresponding response. An optional sample vector file can be
17// passed to verify the result.
18
19#include <stdlib.h>
20
21#include <openssl/aead.h>
22#include <openssl/cipher.h>
23#include <openssl/crypto.h>
24#include <openssl/err.h>
25
26#include "../crypto/test/file_test.h"
27#include "cavp_test_util.h"
28
29
30struct TestCtx {
31 const EVP_AEAD *aead;
32 std::unique_ptr<FileTest> response_sample;
33};
34
35static const EVP_AEAD *GetAEAD(const std::string &name, const bool enc) {
36 if (name == "aes-128-gcm") {
37 return EVP_aead_aes_128_gcm_fips_testonly();
38 } else if (name == "aes-256-gcm") {
39 return EVP_aead_aes_256_gcm_fips_testonly();
40 }
41 return nullptr;
42}
43
44static bool TestAEADEncrypt(FileTest *t, void *arg) {
45 TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
46
47 std::string key_len_str, iv_len_str, pt_len_str, aad_len_str, tag_len_str;
48 if (!t->GetInstruction(&key_len_str, "Keylen") ||
49 !t->GetInstruction(&iv_len_str, "IVlen") ||
50 !t->GetInstruction(&pt_len_str, "PTlen") ||
51 !t->GetInstruction(&aad_len_str, "AADlen") ||
52 !t->GetInstruction(&tag_len_str, "Taglen")) {
53 return false;
54 }
55
56 std::string count;
57 std::vector<uint8_t> key, iv, pt, aad, tag, ct;
58 if (!t->GetAttribute(&count, "Count") ||
59 !t->GetBytes(&key, "Key") ||
60 !t->GetBytes(&aad, "AAD") ||
61 !t->GetBytes(&pt, "PT") ||
62 key.size() * 8 != strtoul(key_len_str.c_str(), nullptr, 0) ||
63 pt.size() * 8 != strtoul(pt_len_str.c_str(), nullptr, 0) ||
64 aad.size() * 8 != strtoul(aad_len_str.c_str(), nullptr, 0)) {
65 return false;
66 }
67
68 size_t tag_len = strtoul(tag_len_str.c_str(), nullptr, 0) / 8;
69 if (!AEADEncrypt(ctx->aead, &ct, &tag, tag_len, key, pt, aad, &iv)) {
70 return false;
71 }
72 printf("%s", t->CurrentTestToString().c_str());
73 printf("IV = %s\r\n", EncodeHex(iv.data(), iv.size()).c_str());
74 printf("CT = %s\r\n", EncodeHex(ct.data(), ct.size()).c_str());
75 printf("Tag = %s\r\n\r\n", EncodeHex(tag.data(), tag.size()).c_str());
76
77 // Check if sample response file matches.
78 if (ctx->response_sample) {
79 ctx->response_sample->ReadNext();
80 std::string expected_count;
81 std::vector<uint8_t> expected_iv, expected_ct, expected_tag;
82 if (!ctx->response_sample->GetAttribute(&expected_count, "Count") ||
83 count != expected_count ||
84 !ctx->response_sample->GetBytes(&expected_iv, "IV") ||
85 !t->ExpectBytesEqual(expected_iv.data(), expected_iv.size(), iv.data(),
86 iv.size()) ||
87 !ctx->response_sample->GetBytes(&expected_ct, "CT") ||
88 !t->ExpectBytesEqual(expected_ct.data(), expected_ct.size(), ct.data(),
89 ct.size()) ||
90 !ctx->response_sample->GetBytes(&expected_tag, "Tag") ||
91 !t->ExpectBytesEqual(expected_tag.data(), expected_tag.size(),
92 tag.data(), tag.size())) {
93 t->PrintLine("result doesn't match");
94 return false;
95 }
96 }
97
98 return true;
99}
100
101static bool TestAEADDecrypt(FileTest *t, void *arg) {
102 TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
103
104 std::string key_len, iv_len, pt_len_str, aad_len_str, tag_len;
105 if (!t->GetInstruction(&key_len, "Keylen") ||
106 !t->GetInstruction(&iv_len, "IVlen") ||
107 !t->GetInstruction(&pt_len_str, "PTlen") ||
108 !t->GetInstruction(&aad_len_str, "AADlen") ||
109 !t->GetInstruction(&tag_len, "Taglen")) {
110 t->PrintLine("Invalid instruction block.");
111 return false;
112 }
113 size_t aad_len = strtoul(aad_len_str.c_str(), nullptr, 0) / 8;
114 size_t pt_len = strtoul(pt_len_str.c_str(), nullptr, 0) / 8;
115
116 std::string count;
117 std::vector<uint8_t> key, iv, ct, aad, tag, pt;
118 if (!t->GetAttribute(&count, "Count") ||
119 !t->GetBytes(&key, "Key") ||
120 !t->GetBytes(&aad, "AAD") ||
121 !t->GetBytes(&tag, "Tag") ||
122 !t->GetBytes(&iv, "IV") ||
123 !t->GetBytes(&ct, "CT") ||
124 key.size() * 8 != strtoul(key_len.c_str(), nullptr, 0) ||
125 iv.size() * 8 != strtoul(iv_len.c_str(), nullptr, 0) ||
126 ct.size() != pt_len ||
127 aad.size() != aad_len ||
128 tag.size() * 8 != strtoul(tag_len.c_str(), nullptr, 0)) {
129 t->PrintLine("Invalid test case");
130 return false;
131 }
132
133 printf("%s", t->CurrentTestToString().c_str());
134 bool aead_result =
135 AEADDecrypt(ctx->aead, &pt, &aad, pt_len, aad_len, key, ct, tag, iv);
136 if (aead_result) {
137 printf("PT = %s\r\n\r\n", EncodeHex(pt.data(), pt.size()).c_str());
138 } else {
139 printf("FAIL\r\n\r\n");
140 }
141
142 // Check if sample response file matches.
143 if (ctx->response_sample) {
144 ctx->response_sample->ReadNext();
145 std::string expected_count;
146 std::vector<uint8_t> expected_pt;
147 if (!ctx->response_sample->GetAttribute(&expected_count, "Count") ||
148 count != expected_count ||
149 (!aead_result && (ctx->response_sample->HasAttribute("PT") ||
150 !ctx->response_sample->HasAttribute("FAIL"))) ||
151 (aead_result &&
152 (ctx->response_sample->HasAttribute("FAIL") ||
153 !ctx->response_sample->GetBytes(&expected_pt, "PT") ||
154 !t->ExpectBytesEqual(expected_pt.data(), expected_pt.size(),
155 pt.data(), pt.size())))) {
156 t->PrintLine("result doesn't match");
157 return false;
158 }
159 }
160
161 return true;
162}
163
164static int usage(char *arg) {
165 fprintf(stderr,
166 "usage: %s (enc|dec) <cipher> <test file> [<sample response file>]\n",
167 arg);
168 return 1;
169}
170
171int main(int argc, char **argv) {
172 CRYPTO_library_init();
173
174 if (argc < 4 || argc > 5) {
175 return usage(argv[0]);
176 }
177
178 const std::string mode(argv[1]);
179 bool (*test_fn)(FileTest * t, void *arg);
180 if (mode == "enc") {
181 test_fn = &TestAEADEncrypt;
182 } else if (mode == "dec") {
183 test_fn = &TestAEADDecrypt;
184 } else {
185 return usage(argv[0]);
186 }
187
188 const EVP_AEAD *aead = GetAEAD(argv[2], mode == "enc");
189 if (aead == nullptr) {
190 fprintf(stderr, "invalid aead: %s\n", argv[2]);
191 return 1;
192 }
193
194 TestCtx ctx = {aead, nullptr};
195
196 if (argc == 5) {
197 ctx.response_sample.reset(new FileTest(argv[4]));
198 if (!ctx.response_sample->is_open()) {
199 return 1;
200 }
201 ctx.response_sample->SetIgnoreUnusedAttributes(true);
202 }
203
204 printf("# Generated by");
205 for (int i = 0; i < argc; i++) {
206 printf(" %s", argv[i]);
207 }
208 printf("\n\n");
209
210 return FileTestMainSilent(test_fn, &ctx, argv[3]);
211}