Chromium Code Reviews Chromium Code Reviews
Issue 7056026:
Implement AES-CTR for NSS. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/encryptor.h" | 5 #include "crypto/encryptor.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/string_number_conversions.h" | 10 #include "base/string_number_conversions.h" |
| (...skipping 17 matching lines...) Expand all Loading... | |
| 28 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext)); | 28 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext)); |
| 29 | 29 |
| 30 EXPECT_LT(0U, ciphertext.size()); | 30 EXPECT_LT(0U, ciphertext.size()); |
| 31 | 31 |
| 32 std::string decypted; | 32 std::string decypted; |
| 33 EXPECT_TRUE(encryptor.Decrypt(ciphertext, &decypted)); | 33 EXPECT_TRUE(encryptor.Decrypt(ciphertext, &decypted)); |
| 34 | 34 |
| 35 EXPECT_EQ(plaintext, decypted); | 35 EXPECT_EQ(plaintext, decypted); |
| 36 } | 36 } |
| 37 | 37 |
| 38 // ECB mode encryption is only implemented using NSS. | |
| 39 #if defined(USE_NSS) | |
| 40 | |
| 41 TEST(EncryptorTest, EncryptDecryptCTR) { | |
| 42 scoped_ptr<crypto::SymmetricKey> key( | |
| 43 crypto::SymmetricKey::GenerateRandomKey( | |
| 44 crypto::SymmetricKey::AES, 128)); | |
| 45 | |
| 46 EXPECT_TRUE(NULL != key.get()); | |
| 47 const std::string kInitialCounter = "0000000000000000"; | |
| 48 | |
| 49 crypto::Encryptor encryptor; | |
| 50 EXPECT_TRUE(encryptor.Init(key.get(), crypto::Encryptor::CTR, "")); | |
| 51 EXPECT_TRUE(encryptor.UpdateCounter(kInitialCounter)); | |
| 52 | |
| 53 std::string plaintext("normal plaintext of random length"); | |
| 54 std::string ciphertext; | |
| 55 EXPECT_TRUE(encryptor.Encrypt(plaintext, &ciphertext)); | |
| 56 | |
| 57 EXPECT_LT(0U, ciphertext.size()); | |
| 58 | |
| 59 std::string decypted; | |
| 60 EXPECT_TRUE(encryptor.UpdateCounter(kInitialCounter)); | |
| 61 EXPECT_TRUE(encryptor.Decrypt(ciphertext, &decypted)); | |
| 62 | |
| 63 EXPECT_EQ(plaintext, decypted); | |
| 64 } | |
| 65 | |
| 66 TEST(EncryptorTest, CTRCounter) { | |
| 67 const int kCounterSize = 16; | |
| 68 const char kTest1[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; | |
| 69 uint8 buf[16]; | |
| 70 | |
| 71 // Increment 10 times. | |
| 72 crypto::Encryptor::Counter counter1(std::string(kTest1, kCounterSize)); | |
| 73 for (int i = 0; i < 10; ++i) | |
| 74 counter1.Increment(); | |
| 75 counter1.Write(buf); | |
| 76 EXPECT_EQ(0, memcmp(buf, kTest1, 15)); | |
| 77 EXPECT_TRUE(buf[15] == 10); | |
| 78 | |
| 79 // Check corner cases. | |
| 80 const char kTest2[] = {0, 0, 0, 0, 0, 0, 0, 0, | |
| 81 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; | |
| 82 const char kExpect2[] = {0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0}; | |
| 83 crypto::Encryptor::Counter counter2(std::string(kTest2, kCounterSize)); | |
| 84 counter2.Increment(); | |
| 85 counter2.Write(buf); | |
| 86 EXPECT_EQ(0, memcmp(buf, kExpect2, kCounterSize)); | |
| 87 | |
| 88 const char kTest3[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, | |
| 89 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; | |
| 90 const char kExpect3[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; | |
| 91 crypto::Encryptor::Counter counter3(std::string(kTest3, kCounterSize)); | |
| 92 counter3.Increment(); | |
| 93 counter3.Write(buf); | |
| 94 EXPECT_EQ(0, memcmp(buf, kExpect3, kCounterSize)); | |
| 95 } | |
| 96 | |
| 97 #endif | |
|
wtc
2011/06/21 00:33:32
Nit: add a
// defined(USE_NSS)
comment.
| |
| 98 | |
| 38 // TODO(wtc): add more known-answer tests. Test vectors are available from | 99 // TODO(wtc): add more known-answer tests. Test vectors are available from |
| 39 // http://www.ietf.org/rfc/rfc3602 | 100 // http://www.ietf.org/rfc/rfc3602 |
| 40 // http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf | 101 // http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf |
| 41 // http://gladman.plushost.co.uk/oldsite/AES/index.php | 102 // http://gladman.plushost.co.uk/oldsite/AES/index.php |
| 42 // http://csrc.nist.gov/groups/STM/cavp/documents/aes/KAT_AES.zip | 103 // http://csrc.nist.gov/groups/STM/cavp/documents/aes/KAT_AES.zip |
| 43 | 104 |
| 44 // NIST SP 800-38A test vector F.2.5 CBC-AES256.Encrypt. | 105 // NIST SP 800-38A test vector F.2.5 CBC-AES256.Encrypt. |
| 45 TEST(EncryptorTest, EncryptAES256CBC) { | 106 TEST(EncryptorTest, EncryptAES256CBC) { |
| 46 // From NIST SP 800-38a test cast F.2.5 CBC-AES256.Encrypt. | 107 // From NIST SP 800-38a test cast F.2.5 CBC-AES256.Encrypt. |
| 47 static const unsigned char raw_key[] = { | 108 static const unsigned char raw_key[] = { |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 224 | 285 |
| 225 crypto::Encryptor encryptor; | 286 crypto::Encryptor encryptor; |
| 226 // The IV must be exactly as long a the cipher block size. | 287 // The IV must be exactly as long a the cipher block size. |
| 227 EXPECT_EQ(16U, iv.size()); | 288 EXPECT_EQ(16U, iv.size()); |
| 228 EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); | 289 EXPECT_TRUE(encryptor.Init(sym_key.get(), crypto::Encryptor::CBC, iv)); |
| 229 | 290 |
| 230 std::string decrypted; | 291 std::string decrypted; |
| 231 EXPECT_FALSE(encryptor.Decrypt("", &decrypted)); | 292 EXPECT_FALSE(encryptor.Decrypt("", &decrypted)); |
| 232 EXPECT_EQ("", decrypted); | 293 EXPECT_EQ("", decrypted); |
| 233 } | 294 } |
| OLD | NEW |
