tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

KeyMint: Test size requirements for ciphers

Browse source 
Test size requirements for symmetric (Stream and Block) ciphers.
These tests are similar to CTS tests of symmetric ciphers.
For reference CTS test BlockCipherTestBase#testKatEncryptOneByteAtATime
for all its derived classes eg. AES128CBCNoPaddingCipherTest,
AES128CBCPKCS7PaddingCipherTest etc.

Bug: 226899425
Test: run vts -m VtsAidlKeyMintTargetTest

Change-Id: I78408071fbf5a360d89c5bbae479faffd7c6d935
This commit is contained in:
Prashant Patil 2022-07-06 18:58:07 +00:00
parent 45263c60fa
commit dd5f7f0e8d
3 changed files with 425 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

94
security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
View file

@ -772,6 +772,100 @@ void KeyMintAidlTestBase::CheckAesIncrementalEncryptOperation(BlockMode block_mo
} }
} }
void KeyMintAidlTestBase::AesCheckEncryptOneByteAtATime(const string& key, BlockMode block_mode,
PaddingMode padding_mode, const string& iv,
const string& plaintext,
const string& exp_cipher_text) {
bool is_authenticated_cipher = (block_mode == BlockMode::GCM);
auto auth_set = AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.AesEncryptionKey(key.size() * 8)
.BlockMode(block_mode)
.Padding(padding_mode);
if (iv.size() > 0) auth_set.Authorization(TAG_CALLER_NONCE);
if (is_authenticated_cipher) auth_set.Authorization(TAG_MIN_MAC_LENGTH, 128);
ASSERT_EQ(ErrorCode::OK, ImportKey(auth_set, KeyFormat::RAW, key));
CheckEncryptOneByteAtATime(block_mode, 16 /*block_size*/, padding_mode, iv, plaintext,
exp_cipher_text);
}
void KeyMintAidlTestBase::CheckEncryptOneByteAtATime(BlockMode block_mode, const int block_size,
PaddingMode padding_mode, const string& iv,
const string& plaintext,
const string& exp_cipher_text) {
bool is_stream_cipher = (block_mode == BlockMode::CTR || block_mode == BlockMode::GCM);
bool is_authenticated_cipher = (block_mode == BlockMode::GCM);
auto params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding_mode);
if (iv.size() > 0) params.Authorization(TAG_NONCE, iv.data(), iv.size());
if (is_authenticated_cipher) params.Authorization(TAG_MAC_LENGTH, 128);
AuthorizationSet output_params;
EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params, &output_params));
string actual_ciphertext;
if (is_stream_cipher) {
// Assert that a 1 byte of output is produced for 1 byte of input.
// Every input byte produces an output byte.
for (int plaintext_index = 0; plaintext_index < plaintext.size(); plaintext_index++) {
string ciphertext;
EXPECT_EQ(ErrorCode::OK, Update(plaintext.substr(plaintext_index, 1), &ciphertext));
// Some StrongBox implementations cannot support 1:1 input:output lengths, so
// we relax this API restriction for them.
if (SecLevel() != SecurityLevel::STRONGBOX) {
EXPECT_EQ(1, ciphertext.size()) << "plaintext index: " << plaintext_index;
}
actual_ciphertext.append(ciphertext);
}
string ciphertext;
EXPECT_EQ(ErrorCode::OK, Finish(&ciphertext));
if (SecLevel() != SecurityLevel::STRONGBOX) {
string expected_final_output;
if (is_authenticated_cipher) {
expected_final_output = exp_cipher_text.substr(plaintext.size());
}
EXPECT_EQ(expected_final_output, ciphertext);
}
actual_ciphertext.append(ciphertext);
} else {
// Assert that a block of output is produced once a full block of input is provided.
// Every input block produces an output block.
bool compare_output = true;
string additional_information;
int vendor_api_level = property_get_int32("ro.vendor.api_level", 0);
if (SecLevel() == SecurityLevel::STRONGBOX) {
// This is known to be broken on older vendor implementations.
if (vendor_api_level < 33) {
compare_output = false;
} else {
additional_information = " (b/194134359) ";
}
}
for (int plaintext_index = 0; plaintext_index < plaintext.size(); plaintext_index++) {
string ciphertext;
EXPECT_EQ(ErrorCode::OK, Update(plaintext.substr(plaintext_index, 1), &ciphertext));
if (compare_output) {
if ((plaintext_index % block_size) == block_size - 1) {
// Update is expected to have output a new block
EXPECT_EQ(block_size, ciphertext.size())
<< "plaintext index: " << plaintext_index << additional_information;
} else {
// Update is expected to have produced no output
EXPECT_EQ(0, ciphertext.size())
<< "plaintext index: " << plaintext_index << additional_information;
}
}
actual_ciphertext.append(ciphertext);
}
string ciphertext;
EXPECT_EQ(ErrorCode::OK, Finish(&ciphertext));
actual_ciphertext.append(ciphertext);
}
// Regardless of how the completed ciphertext got accumulated, it should match the expected
// ciphertext.
EXPECT_EQ(exp_cipher_text, actual_ciphertext);
}
void KeyMintAidlTestBase::CheckHmacTestVector(const string& key, const string& message, void KeyMintAidlTestBase::CheckHmacTestVector(const string& key, const string& message,
Digest digest, const string& expected_mac) { Digest digest, const string& expected_mac) {
SCOPED_TRACE("CheckHmacTestVector"); SCOPED_TRACE("CheckHmacTestVector");

9
security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
View file

@ -188,6 +188,10 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> {
void CheckAesIncrementalEncryptOperation(BlockMode block_mode, int message_size); void CheckAesIncrementalEncryptOperation(BlockMode block_mode, int message_size);
void AesCheckEncryptOneByteAtATime(const string& key, BlockMode block_mode,
PaddingMode padding_mode, const string& iv,
const string& plaintext, const string& exp_cipher_text);
void CheckHmacTestVector(const string& key, const string& message, Digest digest, void CheckHmacTestVector(const string& key, const string& message, Digest digest,
const string& expected_mac); const string& expected_mac);
@ -343,6 +347,11 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> {
string name_; string name_;
string author_; string author_;
long challenge_; long challenge_;
private:
void CheckEncryptOneByteAtATime(BlockMode block_mode, const int block_size,
PaddingMode padding_mode, const string& iv,
const string& plaintext, const string& exp_cipher_text);
}; };
// If the given property is available, add it to the tag set under the given tag ID. // If the given property is available, add it to the tag set under the given tag ID.

322
security/keymint/aidl/vts/functional/KeyMintTest.cpp
View file

@ -5699,6 +5699,328 @@ TEST_P(EncryptionOperationsTest, AesGcmIncremental) {
CheckAesIncrementalEncryptOperation(BlockMode::GCM, 240); CheckAesIncrementalEncryptOperation(BlockMode::GCM, 240);
} }
/*
* EncryptionOperationsTest.Aes128CBCNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/CBC/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes128CBCNoPaddingOneByteAtATime) {
string kat_key = hex2str("7E3D723C09A9852B24F584F9D916F6A8");
string kat_iv = hex2str("944AE274D983892EADE422274858A96A");
string kat_plaintext =
hex2str("044E15899A080AADEB6778F64323B64D2CBCBADB338DF93B9AC459D4F41029"
"809FFF37081C22EF278F896AB213A2A631");
string kat_ciphertext =
hex2str("B419293FCBD686F2913D1CF947E510D42FAFEDE5593C98AFD6AEE272596A"
"56FE42C22F2A5E3B6A02BA9D8D0DE1E9A810");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes128CBCPKCS7PaddingOneByteAtATime
* Verifies input and output sizes of AES/CBC/PKCS7Padding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes128CBCPKCS7PaddingOneByteAtATime) {
string kat_key = hex2str("F16E698472578E919D92806262C5169F");
string kat_iv = hex2str("EF743540F8421ACA128A3247521F3E7D");
string kat_plaintext =
hex2str("5BEBF33569D90BF5E853814E12E7C7AA5758013F755773E29F4A25EC26EEB7"
"65F7F2DC251F7DC62AEFCA1E8A5A11A1DCD44F0BD8FB593A5AE3");
string kat_ciphertext =
hex2str("3197CF6DB9466188B5FED375329324EE7D6092A8C0E41DFAF49E3724271427"
"896D56A6243C0D59D6639722AF93CD53449BDDABF9C5F153EBDBFED9ED98C8CC37");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::PKCS7, kat_iv,
kat_plaintext, kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes128CTRNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/CTR/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes128CTRNoPaddingOneByteAtATime) {
string kat_key = hex2str("4713a7b2f93efe809b42ecc45213ef9f");
string kat_iv = hex2str("ebfa19b0ebf3d57feabd4c4bd04bea01");
string kat_plaintext =
hex2str("6d2c07e1fc86f99c6e2a8f6567828b4262a9c23d0f3ed8ab32482283c79796"
"f0adba1bcd3736084996452a917fae98005aebe61f9e91c3");
string kat_ciphertext =
hex2str("345deb1d67b95e600e05cad4c32ec381aadb3e2c1ec7e0fb956dc38e6860cf"
"0553535566e1b12fa9f87d29266ca26df427233df035df28");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CTR, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes128ECBNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/ECB/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes128ECBNoPaddingOneByteAtATime) {
string kat_key = hex2str("7DA2467F068854B3CB36E5C333A16619");
string kat_plaintext =
hex2str("9A07C9575AD9CE209DF9F3953965CEBE8208587C7AE575A1904BF25048946D"
"7B6168A9A27BCE554BEA94EF26E6C742A0");
string kat_ciphertext =
hex2str("8C47E49420FC92AC4CA2C601BC3F8AC31D01B260B7B849F2B8EEDFFFED8F36"
"C31CBDA0D22F95C9C2A48C347E8C77AC82");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::NONE, "", kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes128ECBPKCS7PaddingOneByteAtATime
* Verifies input and output sizes of AES/ECB/PKCS7Padding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes128ECBPKCS7PaddingOneByteAtATime) {
string kat_key = hex2str("C3BE04BCCB3D99B85290F113FE7AF194");
string kat_plaintext =
hex2str("348C213FD8DF3F990C20C5ACBF07B34B6264AE245784A5A6176DBFB1C2E7DD"
"27E52CC92B8EEE40614F05B507B355F6354A2705BD86");
string kat_ciphertext =
hex2str("07CD05C41FEDEDDC5DB4B3E35E676153184A119AA4DFDDC290616F1FA60093"
"1DE6BEA9BDB90D1D733899946F8C8E5C0C4383F99F5D88E27F3EBC0C6E52759ED3");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::PKCS7, "", kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes128GCMNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/GCM/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes128GCMNoPaddingOneByteAtATime) {
string kat_key = hex2str("ba76354f0aed6e8d91f45c4ff5a062db");
string kat_iv = hex2str("b79437ae08ff355d7d8a4d0f");
string kat_plaintext =
hex2str("6d7596a8fd56ceaec61de7940984b7736fec44f572afc3c8952e4dc6541e2b"
"c6a702c440a37610989543f63fedb047ca2173bc18581944");
string kat_ciphertext =
hex2str("b3f6799e8f9326f2df1e80fcd2cb16d78c9dc7cc14bb677862dc6c639b3a63"
"38d24b312d3989e5920b5dbfc976765efbfe57bb385940a7a43bdf05bddae3c9d6a2fb"
"bdfcc0cba0");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::GCM, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes192CBCNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/CBC/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes192CBCNoPaddingOneByteAtATime) {
if (SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
}
string kat_key = hex2str("be8cc4e25cce46e5d55725e2391f7d3cf59ed60062f5a43b");
string kat_iv = hex2str("80a199aab0eee77e7762ddf3b3a32f40");
string kat_plaintext =
hex2str("064f9200e0df37d4711af4a69d11addf9e1c345d9d8195f9f1f715019ce96a"
"167f2497c994bd496eb80bfb2ba2c9d5af");
string kat_ciphertext =
hex2str("859b90becaa85e95a71e104efbd7a3b723bcbf4eb39865544a05d9e90b6fe5"
"72c134552f3a138e726fbe493b3a839598");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes192CBCPKCS7PaddingOneByteAtATime
* Verifies input and output sizes of AES/CBC/PKCS7Padding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes192CBCPKCS7PaddingOneByteAtATime) {
if (SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
}
string kat_key = hex2str("68969215ec41e4df7d23de0e806f458f52aff492bd7c5263");
string kat_iv = hex2str("e61d13dfbf0533289f0e7950209da418");
string kat_plaintext =
hex2str("8d4c1cac27511ee2d82409a7f378e7e402b0eb189c1eaa5c506eb72a9074"
"b170");
string kat_ciphertext =
hex2str("e70bcd62c595dc1b2b8c197bb91a7447e1be2cbcf3fdc69e7e991faf0f57cf"
"4e3884138ff403a41fd99818708ada301c");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::PKCS7, kat_iv,
kat_plaintext, kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes192CTRNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/CTR/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes192CTRNoPaddingOneByteAtATime) {
if (SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
}
string kat_key = hex2str("5e2036e790d38815c90beb67a1c9e5aa0e167ef082927317");
string kat_iv = hex2str("df0694959b89054156962d68a226965c");
string kat_plaintext =
hex2str("6ed2781c99e03e45314d6019932220c2c98130c53f9f67ad10ac519adf50e9"
"28091e09cdbbd3b42b");
string kat_ciphertext =
hex2str("e427b6666502e05b82d0b20ae50e862b1936d71266fc49178ac984e71571f2"
"2ae0f90f0c19f42b4a");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CTR, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes192ECBNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/ECB/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes192ECBNoPaddingOneByteAtATime) {
if (SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
}
string kat_key = hex2str("3cab83fb338ba985fbfe74c5e9d2e900adb570b1d67faf92");
string kat_plaintext =
hex2str("2cc64c335a13fb838f3c6aad0a6b47297ca90bb886ddb059200f0b41740c"
"44ab");
string kat_ciphertext =
hex2str("9c5c825328f5ee0aa24947e374d3f9165f484b39dd808c790d7a12964810"
"2453");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::NONE, "", kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes192ECBPKCS7PaddingOneByteAtATime
* Verifies input and output sizes of AES/ECB/PKCS7Padding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes192ECBPKCS7PaddingOneByteAtATime) {
if (SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
}
string kat_key = hex2str("d57f4e5446f736c16476ec4db5decc7b1bf3936e4f7e4618");
string kat_plaintext =
hex2str("b115777f1ee7a43a07daa6401e59c46b7a98213a8747eabfbe3ca4ec93524d"
"e2c7");
string kat_ciphertext =
hex2str("1e92cd20da08bb5fa174a7a69879d4fc25a155e6af06d75b26c5b450d273c8"
"bb7e3a889dd4a9589098b44acf1056e7aa");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::PKCS7, "", kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes192GCMNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/GCM/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes192GCMNoPaddingOneByteAtATime) {
if (SecLevel() == SecurityLevel::STRONGBOX) {
GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
}
string kat_key = hex2str("21339fc1d011abca65d50ce2365230603fd47d07e8830f6e");
string kat_iv = hex2str("d5fb1469a8d81dd75286a418");
string kat_plaintext =
hex2str("cf776dedf53a828d51a0073db3ef0dd1ee19e2e9e243ce97e95841bb9ad4e3"
"ff52");
string kat_ciphertext =
hex2str("3a0d48278111d3296bc663df8a5dbeb2474ea47fd85b608f8d9375d9dcf7de"
"1413ad70fb0e1970669095ad77ebb5974ae8");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::GCM, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes256CBCNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/CBC/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes256CBCNoPaddingOneByteAtATime) {
string kat_key = hex2str("dd2f20dc6b98c100bac919120ff95eb5d96003f8229987b283a1e777b0cd5c30");
string kat_iv = hex2str("23b4d85239fb90db93b07a981e90a170");
string kat_plaintext =
hex2str("2fbe5d46dca5cea433e550d8b291740ab9551c2a2d37680d7fb7b993225f58"
"494cb53caca353e4b637ba05687be20f8d");
string kat_ciphertext =
hex2str("5aba24fc316936c8369061ee8fe463e4faed04288e204456626b988c0e376b"
"6047da1e4fd7c4e1cf2656097f75ae8685");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes256CBCPKCS7PaddingOneByteAtATime
* Verifies input and output sizes of AES/CBC/PKCS7Padding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes256CBCPKCS7PaddingOneByteAtATime) {
string kat_key = hex2str("03ab2510520f5cfebfab0a17a7f8324c9634911f6fc59e586f85346bb38ac88a");
string kat_iv = hex2str("9af96967195bb0184f129beffa8241ae");
string kat_plaintext =
hex2str("2d6944653ac14988a772a2730b7c5bfa99a21732ae26f40cdc5b3a2874c794"
"2545a82b73c48078b9dae62261c65909");
string kat_ciphertext =
hex2str("26b308f7e1668b55705a79c8b3ad10e244655f705f027f390a5c34e4536f51"
"9403a71987b95124073d69f2a3cb95b0ab");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::PKCS7, kat_iv,
kat_plaintext, kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes256CTRNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/CTR/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes256CTRNoPaddingOneByteAtATime) {
string kat_key = hex2str("928b380a8fed4b4b4cfeb56e0c66a4cb0f9ff58d61ac68bcfd0e3fbd910a684f");
string kat_iv = hex2str("0b678a5249e6eeda461dfb4776b6c58e");
string kat_plaintext =
hex2str("f358de57543b297e997cba46fb9100553d6abd65377e55b9aac3006400ead1"
"1f6db3c884");
string kat_ciphertext =
hex2str("a07a35fbd1776ad81462e1935f542337add60962bf289249476817b6ddd532"
"a7be30d4c3");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CTR, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes256ECBNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/ECB/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes256ECBNoPaddingOneByteAtATime) {
string kat_key = hex2str("fa4622d9cf6485075daedd33d2c4fffdf859e2edb7f7df4f04603f7e647fae90");
string kat_plaintext =
hex2str("96ccabbe0c68970d8cdee2b30ab43c2d61cc50ee68271e77571e72478d713a"
"31a476d6806b8116089c6ec50bb543200f");
string kat_ciphertext =
hex2str("0e81839e9dfbfe3b503d619e676abe5ac80fac3f245d8f09b9134b1b32a67d"
"c83e377faf246288931136bef2a07c0be4");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::NONE, "", kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes256ECBPKCS7PaddingOneByteAtATime
* Verifies input and output sizes of AES/ECB/PKCS7Padding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes256ECBPKCS7PaddingOneByteAtATime) {
string kat_key = hex2str("bf3f07c68467fead0ca8e2754500ab514258abf02eb7e615a493bcaaa45d5ee1");
string kat_plaintext =
hex2str("af0757e49018dad628f16998628a407db5f28291bef3bc2e4d8a5a31fb238e"
"6f");
string kat_ciphertext =
hex2str("21ec3011074bf1ef140643d47130326c5e183f61237c69bc77551ca207d71f"
"c2b90cfac6c8d2d125e5cd9ff353dee0df");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::PKCS7, "", kat_plaintext,
kat_ciphertext);
}
/*
* EncryptionOperationsTest.Aes256GCMNoPaddingOneByteAtATime
* Verifies input and output sizes of AES/GCM/NoPadding Algorithm.
*/
TEST_P(EncryptionOperationsTest, Aes256GCMNoPaddingOneByteAtATime) {
string kat_key = hex2str("7972140d831eedac75d5ea515c9a4c3bb124499a90b5f317ac1a685e88fae395");
string kat_iv = hex2str("a66c5252808d823dd4151fed");
string kat_plaintext =
hex2str("c2b9dabf3a55adaa94e8c0d1e77a84a3435aee23b2c3c4abb587b09a9c2afb"
"f0");
string kat_ciphertext =
hex2str("a960619314657b2afb96b93bebb372bffd09e19d53e351f17d1ba2611f9dc3"
"3c9c92d563e8fd381254ac262aa2a4ea0d");
AesCheckEncryptOneByteAtATime(kat_key, BlockMode::GCM, PaddingMode::NONE, kat_iv, kat_plaintext,
kat_ciphertext);
}
struct AesCtrSp80038aTestVector { struct AesCtrSp80038aTestVector {
const char* key; const char* key;
const char* nonce; const char* nonce;