diff options
Diffstat (limited to 'src/tests/TestCrypt/TestCrypt.cpp')
-rw-r--r-- | src/tests/TestCrypt/TestCrypt.cpp | 144 |
1 files changed, 77 insertions, 67 deletions
diff --git a/src/tests/TestCrypt/TestCrypt.cpp b/src/tests/TestCrypt/TestCrypt.cpp index 2eb9e3e8c..abc1ec370 100644 --- a/src/tests/TestCrypt/TestCrypt.cpp +++ b/src/tests/TestCrypt/TestCrypt.cpp @@ -6,23 +6,23 @@ #include <QtCore> #include <QtTest> -#include <string> #include "SSL.h" #include "Timer.h" -#include "crypto/CryptStateOCB2.h" #include "Utils.h" +#include "crypto/CryptStateOCB2.h" +#include <string> class TestCrypt : public QObject { - Q_OBJECT - private slots: - void initTestCase(); - void cleanupTestCase(); - void testvectors(); - void authcrypt(); - void xexstarAttack(); - void ivrecovery(); - void reverserecovery(); - void tamper(); + Q_OBJECT +private slots: + void initTestCase(); + void cleanupTestCase(); + void testvectors(); + void authcrypt(); + void xexstarAttack(); + void ivrecovery(); + void reverserecovery(); + void tamper(); }; void TestCrypt::initTestCase() { @@ -40,7 +40,7 @@ void TestCrypt::reverserecovery() { // For our testcase, we're going to FORCE iv char encrypt_iv[AES_BLOCK_SIZE]; memset(encrypt_iv, 0x55, AES_BLOCK_SIZE); - enc.setEncryptIV(std::string(reinterpret_cast<const char*>(encrypt_iv), AES_BLOCK_SIZE)); + enc.setEncryptIV(std::string(reinterpret_cast< const char * >(encrypt_iv), AES_BLOCK_SIZE)); dec.setKey(enc.getRawKey(), enc.getDecryptIV(), enc.getEncryptIV()); unsigned char secret[10] = "abcdefghi"; @@ -69,24 +69,24 @@ void TestCrypt::reverserecovery() { int i; - for (i=0;i<128;i++) + for (i = 0; i < 128; i++) enc.encrypt(secret, crypted[i], 10); - for (i=0;i<30;i++) - QVERIFY(dec.decrypt(crypted[127-i], decr, 14)); - for (;i<128;i++) - QVERIFY(!dec.decrypt(crypted[127-i], decr, 14)); - for (i=0;i<30;i++) - QVERIFY(!dec.decrypt(crypted[127-i], decr, 14)); + for (i = 0; i < 30; i++) + QVERIFY(dec.decrypt(crypted[127 - i], decr, 14)); + for (; i < 128; i++) + QVERIFY(!dec.decrypt(crypted[127 - i], decr, 14)); + for (i = 0; i < 30; i++) + QVERIFY(!dec.decrypt(crypted[127 - i], decr, 14)); // Extensive replay attack test - for (i=0;i<512;i++) + for (i = 0; i < 512; i++) enc.encrypt(secret, crypted[i], 10); - for (i=0;i<512;i++) + for (i = 0; i < 512; i++) QVERIFY(dec.decrypt(crypted[i], decr, 14)); - for (i=0;i<512;i++) + for (i = 0; i < 512; i++) QVERIFY(!dec.decrypt(crypted[i], decr, 14)); } @@ -97,7 +97,7 @@ void TestCrypt::ivrecovery() { // For our testcase, we're going to FORCE iv char encrypt_iv[AES_BLOCK_SIZE]; memset(encrypt_iv, 0x55, AES_BLOCK_SIZE); - enc.setEncryptIV(std::string(reinterpret_cast<const char*>(encrypt_iv), AES_BLOCK_SIZE)); + enc.setEncryptIV(std::string(reinterpret_cast< const char * >(encrypt_iv), AES_BLOCK_SIZE)); dec.setKey(enc.getRawKey(), enc.getDecryptIV(), enc.getEncryptIV()); unsigned char secret[10] = "abcdefghi"; @@ -109,21 +109,21 @@ void TestCrypt::ivrecovery() { // Can decrypt. QVERIFY(dec.decrypt(crypted, decr, 14)); // .. correctly. - QVERIFY(memcmp(secret, decr, 10)==0); + QVERIFY(memcmp(secret, decr, 10) == 0); // But will refuse to reuse same IV. - QVERIFY(! dec.decrypt(crypted, decr, 14)); + QVERIFY(!dec.decrypt(crypted, decr, 14)); // Recover from lost packet. - for (int i=0;i<16;i++) + for (int i = 0; i < 16; i++) enc.encrypt(secret, crypted, 10); QVERIFY(dec.decrypt(crypted, decr, 14)); // Wraparound. - for (int i=0;i<128;i++) { + for (int i = 0; i < 128; i++) { dec.uiLost = 0; - for (int j=0;j<15;j++) + for (int j = 0; j < 15; j++) enc.encrypt(secret, crypted, 10); QVERIFY(dec.decrypt(crypted, decr, 14)); QCOMPARE(dec.uiLost, 14U); @@ -132,10 +132,10 @@ void TestCrypt::ivrecovery() { QVERIFY(enc.getEncryptIV() == dec.getDecryptIV()); // Wrap too far - for (int i=0;i<257;i++) + for (int i = 0; i < 257; i++) enc.encrypt(secret, crypted, 10); - QVERIFY(! dec.decrypt(crypted, decr, 14)); + QVERIFY(!dec.decrypt(crypted, decr, 14)); // Sync it dec.setDecryptIV(enc.getEncryptIV()); @@ -146,47 +146,53 @@ void TestCrypt::ivrecovery() { void TestCrypt::testvectors() { // Test vectors are from draft-krovetz-ocb-00.txt - const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; + const unsigned char rawkey[AES_BLOCK_SIZE] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; CryptStateOCB2 cs; - std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE); + std::string rawkey_str = std::string(reinterpret_cast< const char * >(rawkey), AES_BLOCK_SIZE); cs.setKey(rawkey_str, rawkey_str, rawkey_str); unsigned char tag[16]; QVERIFY(cs.ocb_encrypt(nullptr, nullptr, 0, rawkey, tag)); - const unsigned char blanktag[AES_BLOCK_SIZE] = {0xBF,0x31,0x08,0x13,0x07,0x73,0xAD,0x5E,0xC7,0x0E,0xC6,0x9E,0x78,0x75,0xA7,0xB0}; - for (int i=0;i<AES_BLOCK_SIZE;i++) + const unsigned char blanktag[AES_BLOCK_SIZE] = { 0xBF, 0x31, 0x08, 0x13, 0x07, 0x73, 0xAD, 0x5E, + 0xC7, 0x0E, 0xC6, 0x9E, 0x78, 0x75, 0xA7, 0xB0 }; + for (int i = 0; i < AES_BLOCK_SIZE; i++) QCOMPARE(tag[i], blanktag[i]); unsigned char source[40]; unsigned char crypt[40]; - for (int i=0;i<40;i++) - source[i]=i; + for (int i = 0; i < 40; i++) + source[i] = i; QVERIFY(cs.ocb_encrypt(source, crypt, 40, rawkey, tag)); - const unsigned char longtag[AES_BLOCK_SIZE] = {0x9D,0xB0,0xCD,0xF8,0x80,0xF7,0x3E,0x3E,0x10,0xD4,0xEB,0x32,0x17,0x76,0x66,0x88}; - const unsigned char crypted[40] = {0xF7,0x5D,0x6B,0xC8,0xB4,0xDC,0x8D,0x66,0xB8,0x36,0xA2,0xB0,0x8B,0x32,0xA6,0x36,0x9F,0x1C,0xD3,0xC5,0x22,0x8D,0x79,0xFD, - 0x6C,0x26,0x7F,0x5F,0x6A,0xA7,0xB2,0x31,0xC7,0xDF,0xB9,0xD5,0x99,0x51,0xAE,0x9C - }; - - for (int i=0;i<AES_BLOCK_SIZE;i++) + const unsigned char longtag[AES_BLOCK_SIZE] = { 0x9D, 0xB0, 0xCD, 0xF8, 0x80, 0xF7, 0x3E, 0x3E, + 0x10, 0xD4, 0xEB, 0x32, 0x17, 0x76, 0x66, 0x88 }; + const unsigned char crypted[40] = { 0xF7, 0x5D, 0x6B, 0xC8, 0xB4, 0xDC, 0x8D, 0x66, 0xB8, 0x36, + 0xA2, 0xB0, 0x8B, 0x32, 0xA6, 0x36, 0x9F, 0x1C, 0xD3, 0xC5, + 0x22, 0x8D, 0x79, 0xFD, 0x6C, 0x26, 0x7F, 0x5F, 0x6A, 0xA7, + 0xB2, 0x31, 0xC7, 0xDF, 0xB9, 0xD5, 0x99, 0x51, 0xAE, 0x9C }; + + for (int i = 0; i < AES_BLOCK_SIZE; i++) QCOMPARE(tag[i], longtag[i]); - for (int i=0;i<40;i++) + for (int i = 0; i < 40; i++) QCOMPARE(crypt[i], crypted[i]); } void TestCrypt::authcrypt() { - for (int len=0;len<128;len++) { - const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; - const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; - std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE); - std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE); + for (int len = 0; len < 128; len++) { + const unsigned char rawkey[AES_BLOCK_SIZE] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; + const unsigned char nonce[AES_BLOCK_SIZE] = { 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, + 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00 }; + std::string rawkey_str = std::string(reinterpret_cast< const char * >(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast< const char * >(nonce), AES_BLOCK_SIZE); CryptStateOCB2 cs; cs.setKey(rawkey_str, nonce_str, nonce_str); STACKVAR(unsigned char, src, len); - for (int i=0;i<len;i++) + for (int i = 0; i < len; i++) src[i] = (i + 1); unsigned char enctag[AES_BLOCK_SIZE]; @@ -197,20 +203,22 @@ void TestCrypt::authcrypt() { QVERIFY(cs.ocb_encrypt(src, encrypted, len, nonce, enctag)); QVERIFY(cs.ocb_decrypt(encrypted, decrypted, len, nonce, dectag)); - for (int i=0;i<AES_BLOCK_SIZE;i++) + for (int i = 0; i < AES_BLOCK_SIZE; i++) QCOMPARE(enctag[i], dectag[i]); - for (int i=0;i<len;i++) + for (int i = 0; i < len; i++) QCOMPARE(src[i], decrypted[i]); } } // Test prevention of the attack described in section 4.1 of https://eprint.iacr.org/2019/311 void TestCrypt::xexstarAttack() { - const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; - const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; - std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE); - std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE); + const unsigned char rawkey[AES_BLOCK_SIZE] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; + const unsigned char nonce[AES_BLOCK_SIZE] = { 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, + 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00 }; + std::string rawkey_str = std::string(reinterpret_cast< const char * >(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast< const char * >(nonce), AES_BLOCK_SIZE); CryptStateOCB2 cs; cs.setKey(rawkey_str, nonce_str, nonce_str); @@ -246,26 +254,28 @@ void TestCrypt::xexstarAttack() { } void TestCrypt::tamper() { - const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; - const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; - std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE); - std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE); + const unsigned char rawkey[AES_BLOCK_SIZE] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; + const unsigned char nonce[AES_BLOCK_SIZE] = { 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, + 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00 }; + std::string rawkey_str = std::string(reinterpret_cast< const char * >(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast< const char * >(nonce), AES_BLOCK_SIZE); CryptStateOCB2 cs; cs.setKey(rawkey_str, nonce_str, nonce_str); const unsigned char msg[] = "It was a funky funky town!"; - int len = sizeof(msg); + int len = sizeof(msg); - STACKVAR(unsigned char, encrypted, len+4); + STACKVAR(unsigned char, encrypted, len + 4); STACKVAR(unsigned char, decrypted, len); cs.encrypt(msg, encrypted, len); - for (int i=0;i<len*8;i++) { - encrypted[i/8] ^= 1 << (i % 8); - QVERIFY(! cs.decrypt(encrypted, decrypted, len+4)); - encrypted[i/8] ^= 1 << (i % 8); + for (int i = 0; i < len * 8; i++) { + encrypted[i / 8] ^= 1 << (i % 8); + QVERIFY(!cs.decrypt(encrypted, decrypted, len + 4)); + encrypted[i / 8] ^= 1 << (i % 8); } - QVERIFY(cs.decrypt(encrypted, decrypted, len+4)); + QVERIFY(cs.decrypt(encrypted, decrypted, len + 4)); } QTEST_MAIN(TestCrypt) |