diff options
author | Moonchild <moonchild@palemoon.org> | 2021-03-14 22:47:32 +0000 |
---|---|---|
committer | Moonchild <moonchild@palemoon.org> | 2021-03-14 22:47:32 +0000 |
commit | 52d5ff242f1327c1c6d6e9f7209930c1ec9f7828 (patch) | |
tree | bcedd9b5bfbe4b97b2dc0fe60a7e83ef6a4ec1e0 /security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc | |
parent | 0038394c392080b2d2765ccaccd8e84c0d9daf05 (diff) | |
download | uxp-52d5ff242f1327c1c6d6e9f7209930c1ec9f7828.tar.gz |
Issue #1746 - Revert "Update to NSS 3.59.1.1"
Diffstat (limited to 'security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc')
-rw-r--r-- | security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc | 71 |
1 files changed, 10 insertions, 61 deletions
diff --git a/security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc index 7f950422f2..1e4aa2faf2 100644 --- a/security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc +++ b/security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc @@ -1,5 +1,4 @@ /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=2 et sw=2 tw=80: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this file, * You can obtain one at http://mozilla.org/MPL/2.0/. */ @@ -9,10 +8,8 @@ #include "pk11pub.h" #include "secerr.h" -#include "gtest/gtest.h" #include "nss_scoped_ptrs.h" -#include "testvectors/cbc-vectors.h" -#include "util.h" +#include "gtest/gtest.h" namespace nss_test { @@ -256,8 +253,8 @@ TEST_F(Pkcs11CbcPadTest, FailEncryptShortParam) { unsigned int encrypted_len = 0; size_t input_len = AES_BLOCK_SIZE; - // CK_NSS_GCM_PARAMS is the largest param struct used across AES modes - uint8_t param_buf[sizeof(CK_NSS_GCM_PARAMS)]; + // CK_GCM_PARAMS is the largest param struct used across AES modes + uint8_t param_buf[sizeof(CK_GCM_PARAMS)]; SECItem param = {siBuffer, param_buf, sizeof(param_buf)}; SECItem key_item = {siBuffer, const_cast<uint8_t*>(kKeyData), 16}; @@ -281,18 +278,18 @@ TEST_F(Pkcs11CbcPadTest, FailEncryptShortParam) { sizeof(encrypted), kInput, input_len); EXPECT_EQ(SECSuccess, rv); - // GCM should have a CK_NSS_GCM_PARAMS - param.len = sizeof(CK_NSS_GCM_PARAMS) - 1; + // GCM should have a CK_GCM_PARAMS + param.len = sizeof(CK_GCM_PARAMS) - 1; rv = PK11_Encrypt(key.get(), CKM_AES_GCM, ¶m, encrypted, &encrypted_len, sizeof(encrypted), kInput, input_len); EXPECT_EQ(SECFailure, rv); param.len++; - reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->pIv = param_buf; - reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->ulIvLen = 12; - reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->pAAD = nullptr; - reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->ulAADLen = 0; - reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->ulTagBits = 128; + reinterpret_cast<CK_GCM_PARAMS*>(param.data)->pIv = param_buf; + reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulIvLen = 12; + reinterpret_cast<CK_GCM_PARAMS*>(param.data)->pAAD = nullptr; + reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulAADLen = 0; + reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulTagBits = 128; rv = PK11_Encrypt(key.get(), CKM_AES_GCM, ¶m, encrypted, &encrypted_len, sizeof(encrypted), kInput, input_len); EXPECT_EQ(SECSuccess, rv); @@ -557,52 +554,4 @@ INSTANTIATE_TEST_CASE_P(EncryptDecrypt, Pkcs11CbcPadTest, ::testing::Values(CKM_AES_CBC_PAD, CKM_AES_CBC, CKM_DES3_CBC_PAD, CKM_DES3_CBC)); -class Pkcs11AesCbcWycheproofTest - : public ::testing::TestWithParam<AesCbcTestVector> { - protected: - void RunTest(const AesCbcTestVector vec) { - bool valid = vec.valid; - std::string err = "Test #" + std::to_string(vec.id) + " failed"; - std::vector<uint8_t> key = hex_string_to_bytes(vec.key); - std::vector<uint8_t> iv = hex_string_to_bytes(vec.iv); - std::vector<uint8_t> ciphertext = hex_string_to_bytes(vec.ciphertext); - std::vector<uint8_t> msg = hex_string_to_bytes(vec.msg); - std::vector<uint8_t> decrypted(vec.ciphertext.size()); - unsigned int decrypted_len = 0; - - ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); - ASSERT_NE(nullptr, slot); - - // Don't provide a null pointer, even if the length is 0. We don't want to - // fail on trivial checks. - uint8_t tmp; - SECItem iv_item = {siBuffer, iv.data() ? iv.data() : &tmp, - static_cast<unsigned int>(iv.size())}; - SECItem key_item = {siBuffer, key.data() ? key.data() : &tmp, - static_cast<unsigned int>(key.size())}; - - PK11SymKey* pKey = PK11_ImportSymKey(slot.get(), kMech, PK11_OriginUnwrap, - CKA_ENCRYPT, &key_item, nullptr); - ASSERT_NE(nullptr, pKey); - ScopedPK11SymKey spKey = ScopedPK11SymKey(pKey); - - SECStatus rv = PK11_Decrypt(spKey.get(), kMech, &iv_item, decrypted.data(), - &decrypted_len, decrypted.size(), - ciphertext.data(), ciphertext.size()); - - ASSERT_EQ(valid ? SECSuccess : SECFailure, rv) << err; - if (valid) { - EXPECT_EQ(msg.size(), static_cast<size_t>(decrypted_len)) << err; - EXPECT_EQ(0, memcmp(msg.data(), decrypted.data(), decrypted_len)) << err; - } - } - - const CK_MECHANISM_TYPE kMech = CKM_AES_CBC_PAD; -}; - -TEST_P(Pkcs11AesCbcWycheproofTest, TestVectors) { RunTest(GetParam()); } - -INSTANTIATE_TEST_CASE_P(WycheproofTestVector, Pkcs11AesCbcWycheproofTest, - ::testing::ValuesIn(kCbcWycheproofVectors)); - } // namespace nss_test |