diff options
| author | Andreas Schneider <asn@samba.org> | 2021-08-17 11:19:01 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2022-07-28 11:51:28 +0000 |
| commit | 0813ea5bf86b9aead6c3529b356744241cff770b (patch) | |
| tree | e48e00637fc5efb8bbfa90fd79c6eabe7c808a12 /lib | |
| parent | 0d059e4425587a196332477ed4e75293ced47296 (diff) | |
| download | samba-0813ea5bf86b9aead6c3529b356744241cff770b.tar.gz | |
lib:crypto: Add test for samba_gnutls_aead_aes_256_cbc_hmac_sha512_decrypt()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c b/lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c index 5e83cec341a..b2a0e2d2ff7 100644 --- a/lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c +++ b/lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c @@ -209,6 +209,53 @@ static void torture_encrypt(void **state) TALLOC_FREE(frame); } +static void torture_encrypt_decrypt(void **state) +{ + NTSTATUS status; + TALLOC_CTX *frame = talloc_stackframe(); + DATA_BLOB cek = data_blob_const(session_key, sizeof(session_key)); + const DATA_BLOB plaintext = + data_blob_const(plaintext_data, sizeof(plaintext_data)); + DATA_BLOB iv = data_blob_const(salt_data, sizeof(salt_data)); + DATA_BLOB cipher_text; + uint8_t auth_tag[64] = {0}; + DATA_BLOB plaintext_decrypted; + + status = samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt( + frame, + &plaintext, + &cek, + &samr_aes256_enc_key_salt, + &samr_aes256_mac_key_salt, + &iv, + &cipher_text, + auth_tag); + assert_true(NT_STATUS_IS_OK(status)); + assert_int_equal(cipher_text.length, 528); + assert_in_range(cipher_text.length, + plaintext.length, + plaintext.length + 16); + assert_non_null(cipher_text.data); + + status = samba_gnutls_aead_aes_256_cbc_hmac_sha512_decrypt( + frame, + &cipher_text, + &cek, + &samr_aes256_enc_key_salt, + &samr_aes256_mac_key_salt, + &iv, + auth_tag, + &plaintext_decrypted); + assert_true(NT_STATUS_IS_OK(status)); + assert_non_null(plaintext_decrypted.data); + assert_int_equal(plaintext_decrypted.length, plaintext.length); + assert_memory_equal(plaintext_decrypted.data, + plaintext.data, + plaintext.length); + + TALLOC_FREE(frame); +} + int main(int argc, char *argv[]) { int rc; @@ -216,6 +263,7 @@ int main(int argc, char *argv[]) cmocka_unit_test(torture_enc_key), cmocka_unit_test(torture_mac_key), cmocka_unit_test(torture_encrypt), + cmocka_unit_test(torture_encrypt_decrypt), }; if (argc == 2) { |