Google Git
Sign in
fuchsia / fuchsia / be0a0c3f97b29231c9207a934063b3ce9e562dd1 / . / src / security / fcrypto / test / cipher.cc
blob: ab5309af02a9e580e847dd81a8c964dabb9cff16 [file] [log] [blame]
// Copyright 2017 The Fuchsia Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/security/fcrypto/cipher.h"
#include <limits.h>
#include <stddef.h>
#include <stdint.h>
#include <zircon/errors.h>
#include <zircon/types.h>
#include <zxtest/zxtest.h>
#include "src/security/fcrypto/bytes.h"
#include "src/security/fcrypto/test/utils.h"
namespace crypto {
namespace testing {
namespace {
TEST(GetLengths, Uninitialized) {
size_t len;
EXPECT_STATUS(Cipher::GetKeyLen(Cipher::kUninitialized, &len), ZX_ERR_INVALID_ARGS);
EXPECT_STATUS(Cipher::GetIVLen(Cipher::kUninitialized, &len), ZX_ERR_INVALID_ARGS);
EXPECT_STATUS(Cipher::GetIVLen(Cipher::kUninitialized, &len), ZX_ERR_INVALID_ARGS);
}
TEST(GetLengths, AES256_XTS) {
size_t key_len;
EXPECT_STATUS(Cipher::GetKeyLen(Cipher::kAES256_XTS, nullptr), ZX_ERR_INVALID_ARGS);
EXPECT_OK(Cipher::GetKeyLen(Cipher::kAES256_XTS, &key_len));
EXPECT_EQ(key_len, 64U);
size_t iv_len;
EXPECT_STATUS(Cipher::GetIVLen(Cipher::kAES256_XTS, nullptr), ZX_ERR_INVALID_ARGS);
EXPECT_OK(Cipher::GetIVLen(Cipher::kAES256_XTS, &iv_len));
EXPECT_EQ(iv_len, 16U);
size_t block_size;
EXPECT_STATUS(Cipher::GetIVLen(Cipher::kAES256_XTS, nullptr), ZX_ERR_INVALID_ARGS);
EXPECT_OK(Cipher::GetIVLen(Cipher::kAES256_XTS, &block_size));
EXPECT_EQ(block_size, 16U);
}
TEST(InitEncrypt, Uninitialized) {
Cipher cipher;
Secret key;
Bytes iv;
EXPECT_STATUS(cipher.InitEncrypt(Cipher::kUninitialized, key, iv), ZX_ERR_INVALID_ARGS);
}
void TestInitEncrypt(Cipher::Algorithm cipher) {
Cipher encrypt;
Secret key;
Bytes iv;
ASSERT_OK(GenerateKeyMaterial(cipher, &key, &iv));
// Bad key
Secret bad_key;
ASSERT_OK(bad_key.Generate(key.len() - 1));
EXPECT_STATUS(encrypt.InitEncrypt(cipher, bad_key, iv), ZX_ERR_INVALID_ARGS);
// Bad IV
Bytes bad_iv;
ASSERT_OK(bad_iv.Copy(iv.get(), iv.len() - 1));
EXPECT_STATUS(encrypt.InitEncrypt(cipher, key, bad_iv), ZX_ERR_INVALID_ARGS);
// Bad alignment
EXPECT_STATUS(encrypt.InitEncrypt(cipher, key, iv, PAGE_SIZE - 1), ZX_ERR_INVALID_ARGS);
// Valid with and without alignment
EXPECT_OK(encrypt.InitEncrypt(cipher, key, iv));
EXPECT_OK(encrypt.InitEncrypt(cipher, key, iv, PAGE_SIZE));
}
TEST(InitEncrypt, AES256_XTS) { ASSERT_NO_FATAL_FAILURES(TestInitEncrypt(Cipher::kAES256_XTS)); }
TEST(InitDecrypt, Uninitialized) {
Cipher decrypt;
Secret key;
Bytes iv;
EXPECT_STATUS(decrypt.InitDecrypt(Cipher::kUninitialized, key, iv), ZX_ERR_INVALID_ARGS);
}
void TestInitDecrypt(Cipher::Algorithm cipher) {
Cipher decrypt;
Secret key;
Bytes iv;
ASSERT_OK(GenerateKeyMaterial(cipher, &key, &iv));
// Bad key
Secret bad_key;
ASSERT_OK(bad_key.Generate(key.len() - 1));
EXPECT_STATUS(decrypt.InitDecrypt(cipher, bad_key, iv), ZX_ERR_INVALID_ARGS);
// Bad IV
Bytes bad_iv;
ASSERT_OK(bad_iv.Copy(iv.get(), iv.len() - 1));
EXPECT_STATUS(decrypt.InitDecrypt(cipher, key, bad_iv), ZX_ERR_INVALID_ARGS);
// Bad alignment
EXPECT_STATUS(decrypt.InitDecrypt(cipher, key, iv, PAGE_SIZE - 1), ZX_ERR_INVALID_ARGS);
// Valid with and without tweak
EXPECT_OK(decrypt.InitDecrypt(cipher, key, iv));
EXPECT_OK(decrypt.InitDecrypt(cipher, key, iv, PAGE_SIZE));
}
TEST(InitDecrypt, AES256_XTS) { ASSERT_NO_FATAL_FAILURES(TestInitDecrypt(Cipher::kAES256_XTS)); }
void TestEncryptStream(Cipher::Algorithm cipher) {
size_t len = PAGE_SIZE;
Secret key;
Bytes iv, ptext;
ASSERT_OK(GenerateKeyMaterial(cipher, &key, &iv));
ASSERT_OK(ptext.Randomize(len));
uint8_t ctext[len];
// Not initialized
Cipher encrypt;
EXPECT_STATUS(encrypt.Encrypt(ptext.get(), len, ctext), ZX_ERR_BAD_STATE);
ASSERT_OK(encrypt.InitEncrypt(cipher, key, iv));
// Zero length
EXPECT_OK(encrypt.Encrypt(ptext.get(), 0, ctext));
// Bad texts
EXPECT_STATUS(encrypt.Encrypt(nullptr, len, ctext), ZX_ERR_INVALID_ARGS);
EXPECT_STATUS(encrypt.Encrypt(ptext.get(), len, nullptr), ZX_ERR_INVALID_ARGS);
// Wrong mode
EXPECT_STATUS(encrypt.Decrypt(ptext.get(), len, ctext), ZX_ERR_BAD_STATE);
// Valid
EXPECT_OK(encrypt.Encrypt(ptext.get(), len, ctext));
// Reset
encrypt.Reset();
EXPECT_STATUS(encrypt.Encrypt(ptext.get(), len, ctext), ZX_ERR_BAD_STATE);
}
TEST(EncryptStream, AES256_XTS) {
ASSERT_NO_FATAL_FAILURES(TestEncryptStream(Cipher::kAES256_XTS));
}
void TestEncryptRandomAccess(Cipher::Algorithm cipher) {
size_t len = PAGE_SIZE;
Secret key;
Bytes iv, ptext;
ASSERT_OK(GenerateKeyMaterial(cipher, &key, &iv));
ASSERT_OK(ptext.Randomize(len));
uint8_t ctext[len];
// Not initialized
Cipher encrypt;
EXPECT_STATUS(encrypt.Encrypt(ptext.get(), len, ctext), ZX_ERR_BAD_STATE);
ASSERT_OK(encrypt.InitEncrypt(cipher, key, iv, len));
// Zero length
EXPECT_OK(encrypt.Encrypt(ptext.get(), 0, 0, ctext));
// Bad texts
EXPECT_STATUS(encrypt.Encrypt(nullptr, 0, len, ctext), ZX_ERR_INVALID_ARGS);
EXPECT_STATUS(encrypt.Encrypt(ptext.get(), 0, len, nullptr), ZX_ERR_INVALID_ARGS);
// Wrong mode
EXPECT_STATUS(encrypt.Decrypt(ptext.get(), 0, len, ctext), ZX_ERR_BAD_STATE);
// Bad offset
EXPECT_STATUS(encrypt.Encrypt(ptext.get(), 1, len, ctext), ZX_ERR_INVALID_ARGS);
// Valid
EXPECT_OK(encrypt.Encrypt(ptext.get(), len, len, ctext));
// Reset
encrypt.Reset();
EXPECT_STATUS(encrypt.Encrypt(ptext.get(), len, ctext), ZX_ERR_BAD_STATE);
}
TEST(EncryptRandomAccess, AES256_XTS) {
ASSERT_NO_FATAL_FAILURES(TestEncryptRandomAccess(Cipher::kAES256_XTS));
}
void TestDecryptStream(Cipher::Algorithm cipher) {
size_t len = PAGE_SIZE;
Secret key;
Bytes iv, ptext;
ASSERT_OK(GenerateKeyMaterial(cipher, &key, &iv));
ASSERT_OK(ptext.Randomize(len));
uint8_t ctext[len];
uint8_t result[len];
Cipher encrypt;
ASSERT_OK(encrypt.InitEncrypt(cipher, key, iv));
ASSERT_OK(encrypt.Encrypt(ptext.get(), len, ctext));
// Not initialized
Cipher decrypt;
EXPECT_STATUS(decrypt.Decrypt(ctext, len, result), ZX_ERR_BAD_STATE);
ASSERT_OK(decrypt.InitDecrypt(cipher, key, iv));
// Zero length
EXPECT_OK(decrypt.Decrypt(ctext, 0, result));
// Bad texts
EXPECT_STATUS(decrypt.Decrypt(nullptr, len, result), ZX_ERR_INVALID_ARGS);
EXPECT_STATUS(decrypt.Decrypt(ctext, len, nullptr), ZX_ERR_INVALID_ARGS);
// Wrong mode
EXPECT_STATUS(decrypt.Encrypt(ctext, len, result), ZX_ERR_BAD_STATE);
// Valid
EXPECT_OK(decrypt.Decrypt(ctext, len, result));
EXPECT_EQ(memcmp(ptext.get(), result, len), 0);
// Mismatched key, iv
Secret bad_key;
Bytes bad_iv;
ASSERT_OK(GenerateKeyMaterial(cipher, &bad_key, &bad_iv));
ASSERT_OK(decrypt.InitDecrypt(cipher, bad_key, iv));
EXPECT_OK(decrypt.Decrypt(ctext, len, result));
EXPECT_NE(memcmp(ptext.get(), result, len), 0);
ASSERT_OK(decrypt.InitDecrypt(cipher, key, bad_iv));
EXPECT_OK(decrypt.Decrypt(ctext, len, result));
EXPECT_NE(memcmp(ptext.get(), result, len), 0);
// Bad stream order
ASSERT_OK(decrypt.InitDecrypt(cipher, key, iv));
EXPECT_OK(decrypt.Decrypt(ctext, len / 2, result + (len / 2)));
EXPECT_OK(decrypt.Decrypt(ctext + (len / 2), len / 2, result));
EXPECT_NE(memcmp(ptext.get(), result, len), 0);
// Modified
ctext[0] ^= 1;
ASSERT_OK(decrypt.InitDecrypt(cipher, key, iv));
EXPECT_OK(decrypt.Decrypt(ctext, len, result));
EXPECT_NE(memcmp(ptext.get(), result, len), 0);
// Reset
decrypt.Reset();
EXPECT_STATUS(decrypt.Decrypt(ctext, len, result), ZX_ERR_BAD_STATE);
}
TEST(DecryptStream, AES256_XTS) {
ASSERT_NO_FATAL_FAILURES(TestDecryptStream(Cipher::kAES256_XTS));
}
void TestDecryptRandomAccess(Cipher::Algorithm cipher) {
size_t len = PAGE_SIZE;
Secret key;
Bytes iv, ptext;
ASSERT_OK(GenerateKeyMaterial(cipher, &key, &iv));
ASSERT_OK(ptext.Randomize(len));
uint8_t ctext[len];
uint8_t result[len];
Cipher encrypt;
ASSERT_OK(encrypt.InitEncrypt(cipher, key, iv, len / 4));
ASSERT_OK(encrypt.Encrypt(ptext.get(), len, len, ctext));
// Not initialized
Cipher decrypt;
EXPECT_STATUS(decrypt.Decrypt(ctext, 0, len, result), ZX_ERR_BAD_STATE);
ASSERT_OK(decrypt.InitDecrypt(cipher, key, iv, len / 4));
// Zero length
EXPECT_OK(decrypt.Decrypt(ctext, 0, 0, result));
// Bad texts
EXPECT_STATUS(decrypt.Decrypt(nullptr, 0, len, result), ZX_ERR_INVALID_ARGS);
EXPECT_STATUS(decrypt.Decrypt(ctext, 0, len, nullptr), ZX_ERR_INVALID_ARGS);
// Wrong mode
EXPECT_STATUS(decrypt.Encrypt(ctext, 0, len, result), ZX_ERR_BAD_STATE);
// Bad offset
EXPECT_STATUS(decrypt.Decrypt(ctext, 1, len, result), ZX_ERR_INVALID_ARGS);
// Valid
EXPECT_OK(decrypt.Decrypt(ctext, len, len, result));
EXPECT_EQ(memcmp(ptext.get(), result, len), 0);
// Mismatched key, iv and offset
Secret bad_key;
Bytes bad_iv;
ASSERT_OK(GenerateKeyMaterial(cipher, &bad_key, &bad_iv));
ASSERT_OK(decrypt.InitDecrypt(cipher, bad_key, iv, len / 4));
EXPECT_OK(decrypt.Decrypt(ctext, len, len, result));
EXPECT_NE(memcmp(ptext.get(), result, len), 0);
ASSERT_OK(decrypt.InitDecrypt(cipher, key, bad_iv, len / 4));
EXPECT_OK(decrypt.Decrypt(ctext, len, len, result));
EXPECT_NE(memcmp(ptext.get(), result, len), 0);
ASSERT_OK(decrypt.InitDecrypt(cipher, key, bad_iv, len / 4));
EXPECT_OK(decrypt.Decrypt(ctext, 0, len, result));
EXPECT_NE(memcmp(ptext.get(), result, len), 0);
// Modified
ctext[0] ^= 1;
ASSERT_OK(decrypt.InitDecrypt(cipher, key, iv, len / 4));
EXPECT_OK(decrypt.Decrypt(ctext, len, len, result));
EXPECT_NE(memcmp(ptext.get(), result, len), 0);
// Reset
decrypt.Reset();
EXPECT_STATUS(decrypt.Decrypt(ctext, 0, len, result), ZX_ERR_BAD_STATE);
}
TEST(DecryptRandomAccess, AES256_XTS) {
ASSERT_NO_FATAL_FAILURES(TestDecryptRandomAccess(Cipher::kAES256_XTS));
}
// The following tests are taken from NIST's SP 800-38E. The non-byte aligned tests vectors are
// omitted; as they are not supported. Of those remaining, every tenth is selected up to number 200
// as a representative sample.
void TestSP800_TC(Cipher::Algorithm cipher, const char* xkey, const char* xiv, const char* xptext,
const char* xctext) {
Secret key;
Bytes iv, ctext, ptext;
ASSERT_OK(HexToSecret(xkey, &key));
ASSERT_OK(HexToBytes(xiv, &iv));
ASSERT_OK(HexToBytes(xptext, &ptext));
ASSERT_OK(HexToBytes(xctext, &ctext));
size_t len = ctext.len();
uint8_t tmp[len];
Cipher encrypt;
EXPECT_OK(encrypt.InitEncrypt(cipher, key, iv));
EXPECT_OK(encrypt.Encrypt(ptext.get(), len, tmp));
EXPECT_EQ(memcmp(tmp, ctext.get(), len), 0);
Cipher decrypt;
EXPECT_OK(decrypt.InitDecrypt(cipher, key, iv));
EXPECT_OK(decrypt.Decrypt(ctext.get(), len, tmp));
EXPECT_EQ(memcmp(tmp, ptext.get(), len), 0);
}
// clang-format off
// See https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/XTSTestVectors.zip
TEST(SP800_38E, TC010) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"5d4240766e71216ab73da19ea88027488759c3c83aad8223bcb60ad5559f913d1fa858154fbb8217c04ca352b22e492cf9ea81d1a87838125c90a1340d04f8cf",
// iv
"08496af5e9e51e06e562ad121ed422e4",
// ptext
"ab5ead893b99dc72e927c82edf40c3e9617c6789d9d488d63a91ed7d37892eba",
// ctext
"a8fb3a8bb9c1158d08610636137db4bc2adf2907291e965efe91e5b804c2f3f8"));
}
TEST(SP800_38E, TC020) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"c9032290ea6c1b8fe8448fdb6e7e48ef0d81c1a0bc84a9052e40807e515733ed93e55838a88ff1c78509c62afb26d52a8ff687846601b0930771e6df1d1f3c4d",
// iv
"30ffaecc5c0843078b13d370d912ede9",
// ptext
"a02ffe56131167a1b12136f04bb71786aade3b06adf578fd8d998e39a9846c12",
// ctext
"5ab207394fc7a0728a2c683a880d4daee8c20553d91722816a76340e2b4e6662"));
}
TEST(SP800_38E, TC030) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"d9dd2f932b39b82c666352b104b15b31f714cde49d9d2e019aa1e73db3818b8eddaf4f47f6f1fc173eec2e0c30674803de8780f945d8005d9fe995785912354b",
// iv
"dfc989f8d81871a2bfe7839b94dc8a9f",
// ptext
"72660b85b4cb16ed7334404fa39877b62a15ebdee777bd1013df9f6733372b62",
// ctext
"ae4dd2851a8c12efc5a49cfcb7d98f6eb3a8b6d76400aaf53ca6c7fe142a6689"));
}
TEST(SP800_38E, TC040) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"d77104e5756ca260c3c5912439b7f8c81716d5c4a457e24d104ae50b40167a80ff03e0682729d824dfa8c84c794b80303dc9ff0585088ee6532565bec63ad7c2",
// iv
"e9dc846cef4a2c41b4a020f44c233f47",
// ptext
"c125edd5ff5eaf875cc4b2bba5fb7dc47a2a1dbe5cba38b213372188890f153f",
// ctext
"cada4e269a208e1ee4b3379a4ede5dea049a93fd8e0f5b26069800b0789a0319"));
}
TEST(SP800_38E, TC050) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"0406cefa3e16325e0b820591b5d45bbf21164b521ded97628835f2d3be7ecca18d1ba0e5d47f10b969420f59c02e731161a2a262b55b5f35f6f8ef365159f50d",
// iv
"9ab2ef46133b547a8ab880e17000aba1",
// ptext
"cfe237a9399d58034a6ca7f0066a96374235c1659ca7e7fc978a1db2cb30263a",
// ctext
"d2f5bfe75ba30148aaf42b56e264e1827f29b8097f06322d4c7c74bcb2ff540c"));
}
TEST(SP800_38E, TC060) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"bade4d98d950bc1c0f9af6c0449df05955ad9db136fdab98b07f359b3a3781d44ccd04a9bdbf2191099dd74705811c9cbf26173dba5ca9c1c89566f061d0c943",
// iv
"28b0fe036e623143923e8bbc34588269",
// ptext
"70ccd34838671d1699a89e113edcae8fd312415b6f8fd5d00b02705887822497",
// ctext
"b090dcd79bfc77f1a5ed3470dca309d018c1c82b39832a2e4f355e43a787f643"));
}
TEST(SP800_38E, TC070) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"b353e17f495d6b6a24357a6a6c30372d8e6d79923f0e0b62224af47240123ed909f5a94a299a0cbda4ba99e864698803101507e7027041fe04eed90336d89c76",
// iv
"45c9b9a9842445dd369f2f9408c76813",
// ptext
"d265b71fb89677540d73c441368299c4162e9f5c070c3856813245f0ed402fab",
// ctext
"48126086975de6b282a5acdbeec5777e5f5955d7f938f3c56fe69a91b8b63401"));
}
TEST(SP800_38E, TC080) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"2c7ca38b0445ca7345c53d05e433a84e93617723ec4f22a9e3c4d822fdda9a88748d653b83ea170668fae1b22525afd3aa78e1f09106a22d640d853524a80b5a",
// iv
"44ddb8c843750a34a598c4b1f91d9230",
// ptext
"847417b53e2fe4662e6197409e869dcc16c3b1902cbcd5ed01b5b60d890c4f79",
// ctext
"187d4fd73abe3cb652f58a3860e0d8ca36509b10b5843c693160a18824b45ff3"));
}
TEST(SP800_38E, TC090) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"9051e843a1a216c0bbad5d67e2e30ee414ae0ec29675deca56507ef011ba7f3f273edd58ea12c02ad03ebe2405702a0b8ac33016d216e22af0f1141998ea488b",
// iv
"b4599993e7c9b1c96a49828ad0eb0d24",
// ptext
"dd09c1fc4932cbebdcc02fd5ae3cd84c69cceaebca4fecfc6f975ca211fbe205",
// ctext
"a818957f0e23cdd3b9d579ba40997a9be651566996f656be257a806a36c2756f"));
}
TEST(SP800_38E, TC100) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"198363340a2c104edecef6ada540a9c3a752c4fdcab8d16fff1823d98d959389b92bfd43a9df083600e07f712d6f04a20456d452ec6cb7e836da36581ff7ea33",
// iv
"3738f1d2fa33ed4fd3dc8345a77c3195",
// ptext
"8e9369480e1c33bd5e4f9355cc81acc0a97bac373ab8a292874fe7103b16ed95",
// ctext
"3a23189b53f33da3976c3db3a945cbe89b7cbae84f00dc691b4a113ebefe65b2"));
}
TEST(SP800_38E, TC110) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"6b1984c24e7eb6628e3a11c9ccd2594033a3a0d9016eae65c2f24e09b9a66e9fe9d163a506dfbccf2d93e8991e2fc560e10435b890b5889a5003e4bf817dc3e0",
// iv
"6bb0d3ae4fa86e431619e407d59ad4f4",
// ptext
"6a741a945bfbf0c67afd43ba1f841816c099515805d0fc1f7dbf6de900e0aa7a219c88563271b009d1ac90eb7dc99735",
// ctext
"e47bce292baa63bef316f680a5f480a7b883dfab6ed5a57f7e29ecb89e354a31c9b174c4abad6cbababa19140c4620a3"));
}
TEST(SP800_38E, TC120) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"10c2e0ee117d7c83bcc1422b1c75445fdca94530eac7c9292e76a2766766368d7f852c6f6b25e8448e9e315b761dcb1a31290b643535a66de5c2bc1e5e3978f7",
// iv
"5879b20b8e420dbc2258ac2edc8c227a",
// ptext
"95fa154a5845e016c11482071cc2078108eca943b4a3a7bdb65c09ebaf4c7b5b529dc5a718b34f488dd8bab912207da9",
// ctext
"6edfac840de7a7e9a4718eb8a1270004806bf4d1ef6249c13b482d390cac49e31f8e1bffc387c2837f2c891eb8e1243a"));
}
TEST(SP800_38E, TC130) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"43401c1696961f2cfa7f2f825c0bd08683219ef7a3b8f2352c6a27afa14424de31ceb11b0983b981b3cc59f712d7513bbd78b97724544fba99a7370698c1f586",
// iv
"78753fb9e9fa3bff92ed0419cddc538b",
// ptext
"7b57a6803504864254cf8dc951502410d9cdc6cd2bcc5ba15d8253f42b8f5a6886ac7c7d00c1487012e02c670540e100",
// ctext
"99dc0c7a5041257055a6a857ab29191552c63a5432c6371dead034f1167746bfb84c260b304eca8e6ec315dab732e03a"));
}
TEST(SP800_38E, TC140) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"1e30686246d41359c6b98bc474ca7c70bfd1b1167183d099443b50050b9abc031d2491249b64dae81532d55e5ec4b8fc0942956b8016e70c05c07c2f9281294a",
// iv
"7bf88e00f309e50739b2eb9b8fa8ce07",
// ptext
"df6a4358a3aefbf2490a0cf00e7b7be13ed08881003e140a4681bc794a5327f06ac3fb54cb89be10130ee742bc28ba57",
// ctext
"fb051d28b1f2d0f225afe2b5738eb3ed30a050642436fd9c65aa3160997204d05efdbb9d0ccda19a497ba135ff0490e4"));
}
TEST(SP800_38E, TC150) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"b4713941c6a4ffdbfe2bffdcca09631911e91f1260e650d389803b1aa89f5789fb8ead890218105b63c6d8af1cdaecb8da8c807a16e97ebdab860c169431f596",
// iv
"737ec14228a09f9c52041d9dbfcdd013",
// ptext
"be7735fe5eed83198698d1597dcfbb5ece39a067a1d0b7486cdf9e80767a55317da178b7ad276974abd4d069604668a6",
// ctext
"aef253795f84d13f90706d34d925394c3d9c3bdc06772fded8ee9cd82b407f06482c679672fa4225c8db8f036eb71eb3"));
}
TEST(SP800_38E, TC160) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"02f5f16166ff196ecbd88d90ece619f1815e6dcfce2827a407fe1201c4a4c82956318912d9c7a6e12ab2f69e17b83c0ec42fc9abb25629e66c37b8583c2ef9bb",
// iv
"bc9ab46c8d61620d078ecd0fe2cc9796",
// ptext
"f163a11a1169c6befcf999c68253f24c35bec8416d7bb738309e8f4cdaed4cc4146bddb71388ffe6361c44b30ceb76b4",
// ctext
"feaa6a8a357f3427dfb745cd2eebb3bd893efaac50cf6fcee3495f6292257954873dcdfca9bef8cec8f032d7fc378481"));
}
TEST(SP800_38E, TC170) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"b67995bece5a587ffdfa9d63ce82700eabaec701312aac591ae4c13045b17832fbffb96fe953be24ad4e22ac146eff566453fb9abec7c80b7d4f849dba96ec2d",
// iv
"952d9dbe6d2b70eca8f11a68bd260e46",
// ptext
"190e1bd6674eabd5f5954a439c6748c820d036913e6ce075e2c53f3a1c53dca62f99a2377a42ce685b33edb63917b2ff",
// ctext
"a458c4a4952c0cd01c096624ffe94f911197691b658f8daee6b1b853775173ded5761e07d9a1a39ef72d8b6242a1422e"));
}
TEST(SP800_38E, TC180) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"4324b0fcdcfedc5af7f8170c157ef68680197f5901fb5f3c9b9f85db8319293066a4e1a61c5943865e7b2de129dd3a6db5d8865ac55722399a58822c4e51d0df",
// iv
"c0eb880e0ee09b46d3d28ad7b363a851",
// ptext
"e6082cecc24808a6b25e7659b24b71e77ec14887750a01fb9d387c2e90acc77243d7a0dbab70e41c34594a4ad197c8aa",
// ctext
"d3c5c210afd597feb2e188b0fc08e77992e2e75bd53cd60c507b2ebca37c7b7defadd06500ab67af7c00e5918fca8a16"));
}
TEST(SP800_38E, TC190) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"458dfebe5a6e381da894a1551b95467f19fd475be6a61930ea7707c4f21f88cddd7283c59cc4211af68cc4273ab0e31bf24bee161a5690c754f46ee6392eb6fd",
// iv
"eb051cfab3db35ff7b3919ede9f79e93",
// ptext
"506a8565eb8d3a39e2cc9d32eb477cbbc621d6451e61fcb8528a6b1935071ffb31f18980ef586b97f02e257e09ca5f0b",
// ctext
"95943d6d57f17f5d626518cbc2c7175ab97cf74bbfc8571e8100a921061e68df4e193b53e4256356efbc42969ebebee1"));
}
TEST(SP800_38E, TC200) {
ASSERT_NO_FATAL_FAILURES(TestSP800_TC(Cipher::kAES256_XTS,
// key
"28ab33a47b32dbe9ac4e33a7dd3bdea0fc47deae790c3f5c24cc4e97229ce0c0a15160ff5cc544e2b4e03b4ccd55cc685e93e4ddb2fad8879d0774e92780c521",
// iv
"3871b04b799f7c572168af16efe880cf",
// ptext
"abf99e347e086cad3676dba7d8ad30713de3852514c78db83ad75d75b686bab066f62431cefe3a98de7b713b72c926fc",
// ctext
"3501de2f9e6921c2ca6c6f5a7d642e7c6ad6cc1fc8f3ba496fc5ddc6580df5584bfed4bd02e48d898dbd06757b5f5b06"));
}
// clang-format on
} // namespace
} // namespace testing
} // namespace crypto