// Copyright (c) 2017 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "quiche/quic/core/crypto/aes_128_gcm_encrypter.h" #include <memory> #include <string> #include <vector> #include "absl/base/macros.h" #include "absl/strings/escaping.h" #include "quiche/quic/core/quic_utils.h" #include "quiche/quic/platform/api/quic_test.h" #include "quiche/quic/test_tools/quic_test_utils.h" #include "quiche/common/test_tools/quiche_test_utils.h" namespace { // The AES GCM test vectors come from the file gcmEncryptExtIV128.rsp // downloaded from http://csrc.nist.gov/groups/STM/cavp/index.html on // 2013-02-01. The test vectors in that file look like this: // // [Keylen = 128] // [IVlen = 96] // [PTlen = 0] // [AADlen = 0] // [Taglen = 128] // // Count = 0 // Key = 11754cd72aec309bf52f7687212e8957 // IV = 3c819d9a9bed087615030b65 // PT = // AAD = // CT = // Tag = 250327c674aaf477aef2675748cf6971 // // Count = 1 // Key = ca47248ac0b6f8372a97ac43508308ed // IV = ffd2b598feabc9019262d2be // PT = // AAD = // CT = // Tag = 60d20404af527d248d893ae495707d1a // // ... // // The gcmEncryptExtIV128.rsp file is huge (2.8 MB), so I selected just a // few test vectors for this unit test. // Describes a group of test vectors that all have a given key length, IV // length, plaintext length, AAD length, and tag length. struct TestGroupInfo { … }; // Each test vector consists of six strings of lowercase hexadecimal digits. // The strings may be empty (zero length). A test vector with a nullptr |key| // marks the end of an array of test vectors. struct TestVector { … }; const TestGroupInfo test_group_info[] = …; const TestVector test_group_0[] = …; const TestVector test_group_1[] = …; const TestVector test_group_2[] = …; const TestVector test_group_3[] = …; const TestVector test_group_4[] = …; const TestVector test_group_5[] = …; const TestVector* const test_group_array[] = …; } // namespace namespace quic { namespace test { // EncryptWithNonce wraps the |Encrypt| method of |encrypter| to allow passing // in an nonce and also to allocate the buffer needed for the ciphertext. QuicData* EncryptWithNonce(Aes128GcmEncrypter* encrypter, absl::string_view nonce, absl::string_view associated_data, absl::string_view plaintext) { … } class Aes128GcmEncrypterTest : public QuicTest { … }; TEST_F(Aes128GcmEncrypterTest, Encrypt) { … } TEST_F(Aes128GcmEncrypterTest, EncryptPacket) { … } TEST_F(Aes128GcmEncrypterTest, GetMaxPlaintextSize) { … } TEST_F(Aes128GcmEncrypterTest, GetCiphertextSize) { … } TEST_F(Aes128GcmEncrypterTest, GenerateHeaderProtectionMask) { … } } // namespace test } // namespace quic