summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--testsuite/ocb-test.c182
1 files changed, 45 insertions, 137 deletions
diff --git a/testsuite/ocb-test.c b/testsuite/ocb-test.c
index 7a952a62..3892ddda 100644
--- a/testsuite/ocb-test.c
+++ b/testsuite/ocb-test.c
@@ -1,148 +1,56 @@
#include "testutils.h"
#include "nettle-internal.h"
-/* FIXME: Lots of almost duplicated code with siv tests. */
-/* AEAD ciphers */
-typedef void
-ocb_encrypt_message_func(const void *ctx,
- size_t nlength, const uint8_t *nonce,
- size_t alength, const uint8_t *adata,
- size_t tlength,
- size_t clength, uint8_t *dst, const uint8_t *src);
-
-typedef int
-ocb_decrypt_message_func(const void *encrypt_ctx, const void *decrypt_ctx,
- size_t nlength, const uint8_t *nonce,
- size_t alength, const uint8_t *adata,
- size_t tlength,
- size_t mlength, uint8_t *dst, const uint8_t *src);
+struct ocb_aes128_message_key
+{
+ struct ocb_aes128_encrypt_key encrypt_key;
+ struct aes128_ctx decrypt_key;
+};
static void
-test_compare_results(const char *name,
- const struct tstring *adata,
- /* Expected results. */
- const struct tstring *e_clear,
- const struct tstring *e_cipher,
- /* Actual results. */
- const void *clear,
- const void *cipher)
+ocb_aes128_set_encrypt_key_wrapper (struct ocb_aes128_message_key *key,
+ const uint8_t *aes_key)
{
- if (!MEMEQ(e_cipher->length, e_cipher->data, cipher))
- {
- fprintf(stderr, "%s: encryption failed\nAdata: ", name);
- tstring_print_hex(adata);
- fprintf(stderr, "\nInput: ");
- tstring_print_hex(e_clear);
- fprintf(stderr, "\nOutput: ");
- print_hex(e_cipher->length, cipher);
- fprintf(stderr, "\nExpected:");
- tstring_print_hex(e_cipher);
- fprintf(stderr, "\n");
- FAIL();
- }
- if (!MEMEQ(e_clear->length, e_clear->data, clear))
- {
- fprintf(stderr, "%s decrypt failed:\nAdata:", name);
- tstring_print_hex(adata);
- fprintf(stderr, "\nInput: ");
- tstring_print_hex(e_cipher);
- fprintf(stderr, "\nOutput: ");
- print_hex(e_clear->length, clear);
- fprintf(stderr, "\nExpected:");
- tstring_print_hex(e_clear);
- fprintf(stderr, "\n");
- FAIL();
- }
-} /* test_compare_results */
-
+ ocb_aes128_set_encrypt_key (&key->encrypt_key, aes_key);
+}
static void
-test_ocb_message(const char *name,
- nettle_set_key_func *set_encrypt_key,
- nettle_set_key_func *set_decrypt_key,
- ocb_encrypt_message_func *encrypt,
- ocb_decrypt_message_func *decrypt,
- size_t encrypt_context_size, size_t decrypt_context_size,
- size_t key_size, size_t digest_size,
- const struct tstring *key,
- const struct tstring *nonce,
- const struct tstring *authdata,
- const struct tstring *cleartext,
- const struct tstring *ciphertext)
+ocb_aes128_set_decrypt_key_wrapper (struct ocb_aes128_message_key *key,
+ const uint8_t *aes_key)
{
- void *encrypt_ctx = xalloc(encrypt_context_size);
- void *decrypt_ctx = xalloc(decrypt_context_size);
- uint8_t *en_data;
- uint8_t *de_data;
- int ret;
-
- ASSERT (key->length == key_size);
- ASSERT (cleartext->length + digest_size == ciphertext->length);
-
- de_data = xalloc(cleartext->length);
- en_data = xalloc(ciphertext->length);
-
- /* Ensure we get the same answers using the all-in-one API. */
- memset(de_data, 0, cleartext->length);
- memset(en_data, 0, ciphertext->length);
-
- set_encrypt_key(encrypt_ctx, key->data);
- encrypt(encrypt_ctx, nonce->length, nonce->data,
- authdata->length, authdata->data, digest_size,
- ciphertext->length, en_data, cleartext->data);
-
- set_decrypt_key(decrypt_ctx, key->data);
-
- ret = decrypt(encrypt_ctx, decrypt_ctx, nonce->length, nonce->data,
- authdata->length, authdata->data, digest_size,
- cleartext->length, de_data, ciphertext->data);
-
- if (ret != 1)
- {
- fprintf(stderr, "decrypt_message failed to validate message\n");
- FAIL();
- }
- test_compare_results(name, authdata,
- cleartext, ciphertext, de_data, en_data);
-
- /* Ensure that we can detect corrupted message or tag data. */
- en_data[0] ^= 1;
- ret = decrypt(encrypt_ctx, decrypt_ctx, nonce->length, nonce->data,
- authdata->length, authdata->data, digest_size,
- cleartext->length, de_data, en_data);
- if (ret != 0)
- {
- fprintf(stderr, "decrypt_message failed to detect corrupted message\n");
- FAIL();
- }
-
- /* Ensure we can detect corrupted adata. */
- if (authdata->length) {
- en_data[0] ^= 1;
- ret = decrypt(encrypt_ctx, decrypt_ctx, nonce->length, nonce->data,
- authdata->length-1, authdata->data, digest_size,
- cleartext->length, de_data, en_data);
- if (ret != 0)
- {
- fprintf(stderr, "siv_decrypt_message failed to detect corrupted message\n");
- FAIL();
- }
- }
-
- free(encrypt_ctx);
- free(decrypt_ctx);
- free(en_data);
- free(de_data);
+ ocb_aes128_set_decrypt_key (&key->encrypt_key, &key->decrypt_key, aes_key);
+}
+static void
+ocb_aes128_encrypt_message_wrapper (const struct ocb_aes128_message_key *key,
+ size_t nlength, const uint8_t *nonce,
+ size_t alength, const uint8_t *adata,
+ size_t clength, uint8_t *dst, const uint8_t *src)
+{
+ ocb_aes128_encrypt_message (&key->encrypt_key, nlength, nonce, alength, adata,
+ OCB_DIGEST_SIZE, clength, dst, src);
+}
+static int
+ocb_aes128_decrypt_message_wrapper (const struct ocb_aes128_message_key *key,
+ size_t nlength, const uint8_t *nonce,
+ size_t alength, const uint8_t *adata,
+ size_t mlength, uint8_t *dst, const uint8_t *src)
+{
+ return ocb_aes128_decrypt_message (&key->encrypt_key, &key->decrypt_key,
+ nlength, nonce, alength, adata,
+ OCB_DIGEST_SIZE, mlength, dst, src);
}
-#define test_ocb_aes128(key, nonce, authdata, cleartext, ciphertext) \
- test_ocb_message("ocb_aes128", \
- (nettle_set_key_func*)ocb_aes128_set_encrypt_key, \
- (nettle_set_key_func*)aes128_set_decrypt_key, \
- (ocb_encrypt_message_func*)ocb_aes128_encrypt_message, \
- (ocb_decrypt_message_func*)ocb_aes128_decrypt_message, \
- sizeof(struct ocb_aes128_ctx), sizeof(struct aes128_ctx), \
- AES128_KEY_SIZE, OCB_DIGEST_SIZE, \
- key, nonce, authdata, cleartext, ciphertext)
+static const struct nettle_aead_message
+ocb_aes128_message = {
+ "ocb_aes128",
+ sizeof(struct ocb_aes128_message_key),
+ AES128_KEY_SIZE,
+ OCB_DIGEST_SIZE,
+ 1, /* Supports in-place operation. */
+ (nettle_set_key_func*) ocb_aes128_set_encrypt_key_wrapper,
+ (nettle_set_key_func*) ocb_aes128_set_decrypt_key_wrapper,
+ (nettle_encrypt_message_func*) ocb_aes128_encrypt_message_wrapper,
+ (nettle_decrypt_message_func*) ocb_aes128_decrypt_message_wrapper,
+};
/* For 96-bit tag */
static void
@@ -376,14 +284,14 @@ test_main(void)
SHEX("8a24edb596b59425 43ec197d5369979b")); /* tag */
/* Test the all-in-one message functions. */
- test_ocb_aes128(
+ test_aead_message(&ocb_aes128_message,
SHEX("000102030405060708090A0B0C0D0E0F"), /* key */
SHEX("BBAA99887766554433221100"), /* nonce */
SHEX(""), /* auth data */
SHEX(""), /* plaintext */
SHEX("785407BFFFC8AD9EDCC5520AC9111EE6"));
- test_ocb_aes128(
+ test_aead_message(&ocb_aes128_message,
SHEX("000102030405060708090A0B0C0D0E0F"), /* key */
SHEX("BBAA99887766554433221101"), /* nonce */
SHEX("0001020304050607"), /* auth data */