gitee.com/ks-custle/core-gm@v0.0.0-20230922171213-b83bdd97b62c/grpc/credentials/alts/internal/conn/aeadrekey_test.go (about) 1 /* 2 * 3 * Copyright 2018 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 package conn 20 21 import ( 22 "bytes" 23 "encoding/hex" 24 "testing" 25 ) 26 27 // cryptoTestVector is struct for a rekey test vector 28 type rekeyAEADTestVector struct { 29 desc string 30 key, nonce, plaintext, aad, ciphertext []byte 31 } 32 33 // Test encrypt and decrypt using (adapted) test vectors for AES-GCM. 34 func (s) TestAES128GCMRekeyEncrypt(t *testing.T) { 35 for _, test := range []rekeyAEADTestVector{ 36 // NIST vectors from: 37 // http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf 38 // 39 // IEEE vectors from: 40 // http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf 41 // 42 // Key expanded by setting 43 // expandedKey = (key || 44 // key ^ {0x01,..,0x01} || 45 // key ^ {0x02,..,0x02})[0:44]. 46 { 47 desc: "Derived from NIST test vector 1", 48 key: dehex("0000000000000000000000000000000001010101010101010101010101010101020202020202020202020202"), 49 nonce: dehex("000000000000000000000000"), 50 aad: dehex(""), 51 plaintext: dehex(""), 52 ciphertext: dehex("85e873e002f6ebdc4060954eb8675508"), 53 }, 54 { 55 desc: "Derived from NIST test vector 2", 56 key: dehex("0000000000000000000000000000000001010101010101010101010101010101020202020202020202020202"), 57 nonce: dehex("000000000000000000000000"), 58 aad: dehex(""), 59 plaintext: dehex("00000000000000000000000000000000"), 60 ciphertext: dehex("51e9a8cb23ca2512c8256afff8e72d681aca19a1148ac115e83df4888cc00d11"), 61 }, 62 { 63 desc: "Derived from NIST test vector 3", 64 key: dehex("feffe9928665731c6d6a8f9467308308fffee8938764721d6c6b8e9566318209fcfdeb908467711e6f688d96"), 65 nonce: dehex("cafebabefacedbaddecaf888"), 66 aad: dehex(""), 67 plaintext: dehex("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255"), 68 ciphertext: dehex("1018ed5a1402a86516d6576d70b2ffccca261b94df88b58f53b64dfba435d18b2f6e3b7869f9353d4ac8cf09afb1663daa7b4017e6fc2c177c0c087c0df1162129952213cee1bc6e9c8495dd705e1f3d"), 69 }, 70 { 71 desc: "Derived from NIST test vector 4", 72 key: dehex("feffe9928665731c6d6a8f9467308308fffee8938764721d6c6b8e9566318209fcfdeb908467711e6f688d96"), 73 nonce: dehex("cafebabefacedbaddecaf888"), 74 aad: dehex("feedfacedeadbeeffeedfacedeadbeefabaddad2"), 75 plaintext: dehex("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"), 76 ciphertext: dehex("1018ed5a1402a86516d6576d70b2ffccca261b94df88b58f53b64dfba435d18b2f6e3b7869f9353d4ac8cf09afb1663daa7b4017e6fc2c177c0c087c4764565d077e9124001ddb27fc0848c5"), 77 }, 78 { 79 desc: "Derived from adapted NIST test vector 4 for KDF counter boundary (flip nonce bit 15)", 80 key: dehex("feffe9928665731c6d6a8f9467308308fffee8938764721d6c6b8e9566318209fcfdeb908467711e6f688d96"), 81 nonce: dehex("ca7ebabefacedbaddecaf888"), 82 aad: dehex("feedfacedeadbeeffeedfacedeadbeefabaddad2"), 83 plaintext: dehex("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"), 84 ciphertext: dehex("e650d3c0fb879327f2d03287fa93cd07342b136215adbca00c3bd5099ec41832b1d18e0423ed26bb12c6cd09debb29230a94c0cee15903656f85edb6fc509b1b28216382172ecbcc31e1e9b1"), 85 }, 86 { 87 desc: "Derived from adapted NIST test vector 4 for KDF counter boundary (flip nonce bit 16)", 88 key: dehex("feffe9928665731c6d6a8f9467308308fffee8938764721d6c6b8e9566318209fcfdeb908467711e6f688d96"), 89 nonce: dehex("cafebbbefacedbaddecaf888"), 90 aad: dehex("feedfacedeadbeeffeedfacedeadbeefabaddad2"), 91 plaintext: dehex("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"), 92 ciphertext: dehex("c0121e6c954d0767f96630c33450999791b2da2ad05c4190169ccad9ac86ff1c721e3d82f2ad22ab463bab4a0754b7dd68ca4de7ea2531b625eda01f89312b2ab957d5c7f8568dd95fcdcd1f"), 93 }, 94 { 95 desc: "Derived from adapted NIST test vector 4 for KDF counter boundary (flip nonce bit 63)", 96 key: dehex("feffe9928665731c6d6a8f9467308308fffee8938764721d6c6b8e9566318209fcfdeb908467711e6f688d96"), 97 nonce: dehex("cafebabefacedb2ddecaf888"), 98 aad: dehex("feedfacedeadbeeffeedfacedeadbeefabaddad2"), 99 plaintext: dehex("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"), 100 ciphertext: dehex("8af37ea5684a4d81d4fd817261fd9743099e7e6a025eaacf8e54b124fb5743149e05cb89f4a49467fe2e5e5965f29a19f99416b0016b54585d12553783ba59e9f782e82e097c336bf7989f08"), 101 }, 102 { 103 desc: "Derived from adapted NIST test vector 4 for KDF counter boundary (flip nonce bit 64)", 104 key: dehex("feffe9928665731c6d6a8f9467308308fffee8938764721d6c6b8e9566318209fcfdeb908467711e6f688d96"), 105 nonce: dehex("cafebabefacedbaddfcaf888"), 106 aad: dehex("feedfacedeadbeeffeedfacedeadbeefabaddad2"), 107 plaintext: dehex("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"), 108 ciphertext: dehex("fbd528448d0346bfa878634864d407a35a039de9db2f1feb8e965b3ae9356ce6289441d77f8f0df294891f37ea438b223e3bf2bdc53d4c5a74fb680bb312a8dec6f7252cbcd7f5799750ad78"), 109 }, 110 { 111 desc: "Derived from IEEE 2.1.1 54-byte auth", 112 key: dehex("ad7a2bd03eac835a6f620fdcb506b345ac7b2ad13fad825b6e630eddb407b244af7829d23cae81586d600dde"), 113 nonce: dehex("12153524c0895e81b2c28465"), 114 aad: dehex("d609b1f056637a0d46df998d88e5222ab2c2846512153524c0895e8108000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233340001"), 115 plaintext: dehex(""), 116 ciphertext: dehex("3ea0b584f3c85e93f9320ea591699efb"), 117 }, 118 { 119 desc: "Derived from IEEE 2.1.2 54-byte auth", 120 key: dehex("e3c08a8f06c6e3ad95a70557b23f75483ce33021a9c72b7025666204c69c0b72e1c2888d04c4e1af97a50755"), 121 nonce: dehex("12153524c0895e81b2c28465"), 122 aad: dehex("d609b1f056637a0d46df998d88e5222ab2c2846512153524c0895e8108000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233340001"), 123 plaintext: dehex(""), 124 ciphertext: dehex("294e028bf1fe6f14c4e8f7305c933eb5"), 125 }, 126 { 127 desc: "Derived from IEEE 2.2.1 60-byte crypt", 128 key: dehex("ad7a2bd03eac835a6f620fdcb506b345ac7b2ad13fad825b6e630eddb407b244af7829d23cae81586d600dde"), 129 nonce: dehex("12153524c0895e81b2c28465"), 130 aad: dehex("d609b1f056637a0d46df998d88e52e00b2c2846512153524c0895e81"), 131 plaintext: dehex("08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a0002"), 132 ciphertext: dehex("db3d25719c6b0a3ca6145c159d5c6ed9aff9c6e0b79f17019ea923b8665ddf52137ad611f0d1bf417a7ca85e45afe106ff9c7569d335d086ae6c03f00987ccd6"), 133 }, 134 { 135 desc: "Derived from IEEE 2.2.2 60-byte crypt", 136 key: dehex("e3c08a8f06c6e3ad95a70557b23f75483ce33021a9c72b7025666204c69c0b72e1c2888d04c4e1af97a50755"), 137 nonce: dehex("12153524c0895e81b2c28465"), 138 aad: dehex("d609b1f056637a0d46df998d88e52e00b2c2846512153524c0895e81"), 139 plaintext: dehex("08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a0002"), 140 ciphertext: dehex("1641f28ec13afcc8f7903389787201051644914933e9202bb9d06aa020c2a67ef51dfe7bc00a856c55b8f8133e77f659132502bad63f5713d57d0c11e0f871ed"), 141 }, 142 { 143 desc: "Derived from IEEE 2.3.1 60-byte auth", 144 key: dehex("071b113b0ca743fecccf3d051f737382061a103a0da642ffcdce3c041e727283051913390ea541fccecd3f07"), 145 nonce: dehex("f0761e8dcd3d000176d457ed"), 146 aad: dehex("e20106d7cd0df0761e8dcd3d88e5400076d457ed08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a0003"), 147 plaintext: dehex(""), 148 ciphertext: dehex("58837a10562b0f1f8edbe58ca55811d3"), 149 }, 150 { 151 desc: "Derived from IEEE 2.3.2 60-byte auth", 152 key: dehex("691d3ee909d7f54167fd1ca0b5d769081f2bde1aee655fdbab80bd5295ae6be76b1f3ceb0bd5f74365ff1ea2"), 153 nonce: dehex("f0761e8dcd3d000176d457ed"), 154 aad: dehex("e20106d7cd0df0761e8dcd3d88e5400076d457ed08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a0003"), 155 plaintext: dehex(""), 156 ciphertext: dehex("c2722ff6ca29a257718a529d1f0c6a3b"), 157 }, 158 { 159 desc: "Derived from IEEE 2.4.1 54-byte crypt", 160 key: dehex("071b113b0ca743fecccf3d051f737382061a103a0da642ffcdce3c041e727283051913390ea541fccecd3f07"), 161 nonce: dehex("f0761e8dcd3d000176d457ed"), 162 aad: dehex("e20106d7cd0df0761e8dcd3d88e54c2a76d457ed"), 163 plaintext: dehex("08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233340004"), 164 ciphertext: dehex("fd96b715b93a13346af51e8acdf792cdc7b2686f8574c70e6b0cbf16291ded427ad73fec48cd298e0528a1f4c644a949fc31dc9279706ddba33f"), 165 }, 166 { 167 desc: "Derived from IEEE 2.4.2 54-byte crypt", 168 key: dehex("691d3ee909d7f54167fd1ca0b5d769081f2bde1aee655fdbab80bd5295ae6be76b1f3ceb0bd5f74365ff1ea2"), 169 nonce: dehex("f0761e8dcd3d000176d457ed"), 170 aad: dehex("e20106d7cd0df0761e8dcd3d88e54c2a76d457ed"), 171 plaintext: dehex("08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233340004"), 172 ciphertext: dehex("b68f6300c2e9ae833bdc070e24021a3477118e78ccf84e11a485d861476c300f175353d5cdf92008a4f878e6cc3577768085c50a0e98fda6cbb8"), 173 }, 174 { 175 desc: "Derived from IEEE 2.5.1 65-byte auth", 176 key: dehex("013fe00b5f11be7f866d0cbbc55a7a90003ee10a5e10bf7e876c0dbac45b7b91033de2095d13bc7d846f0eb9"), 177 nonce: dehex("7cfde9f9e33724c68932d612"), 178 aad: dehex("84c5d513d2aaf6e5bbd2727788e523008932d6127cfde9f9e33724c608000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f0005"), 179 plaintext: dehex(""), 180 ciphertext: dehex("cca20eecda6283f09bb3543dd99edb9b"), 181 }, 182 { 183 desc: "Derived from IEEE 2.5.2 65-byte auth", 184 key: dehex("83c093b58de7ffe1c0da926ac43fb3609ac1c80fee1b624497ef942e2f79a82381c291b78fe5fde3c2d89068"), 185 nonce: dehex("7cfde9f9e33724c68932d612"), 186 aad: dehex("84c5d513d2aaf6e5bbd2727788e523008932d6127cfde9f9e33724c608000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f0005"), 187 plaintext: dehex(""), 188 ciphertext: dehex("b232cc1da5117bf15003734fa599d271"), 189 }, 190 { 191 desc: "Derived from IEEE 2.6.1 61-byte crypt", 192 key: dehex("013fe00b5f11be7f866d0cbbc55a7a90003ee10a5e10bf7e876c0dbac45b7b91033de2095d13bc7d846f0eb9"), 193 nonce: dehex("7cfde9f9e33724c68932d612"), 194 aad: dehex("84c5d513d2aaf6e5bbd2727788e52f008932d6127cfde9f9e33724c6"), 195 plaintext: dehex("08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b0006"), 196 ciphertext: dehex("ff1910d35ad7e5657890c7c560146fd038707f204b66edbc3d161f8ace244b985921023c436e3a1c3532ecd5d09a056d70be583f0d10829d9387d07d33d872e490"), 197 }, 198 { 199 desc: "Derived from IEEE 2.6.2 61-byte crypt", 200 key: dehex("83c093b58de7ffe1c0da926ac43fb3609ac1c80fee1b624497ef942e2f79a82381c291b78fe5fde3c2d89068"), 201 nonce: dehex("7cfde9f9e33724c68932d612"), 202 aad: dehex("84c5d513d2aaf6e5bbd2727788e52f008932d6127cfde9f9e33724c6"), 203 plaintext: dehex("08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b0006"), 204 ciphertext: dehex("0db4cf956b5f97eca4eab82a6955307f9ae02a32dd7d93f83d66ad04e1cfdc5182ad12abdea5bbb619a1bd5fb9a573590fba908e9c7a46c1f7ba0905d1b55ffda4"), 205 }, 206 { 207 desc: "Derived from IEEE 2.7.1 79-byte crypt", 208 key: dehex("88ee087fd95da9fbf6725aa9d757b0cd89ef097ed85ca8faf7735ba8d656b1cc8aec0a7ddb5fabf9f47058ab"), 209 nonce: dehex("7ae8e2ca4ec500012e58495c"), 210 aad: dehex("68f2e77696ce7ae8e2ca4ec588e541002e58495c08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d0007"), 211 plaintext: dehex(""), 212 ciphertext: dehex("813f0e630f96fb2d030f58d83f5cdfd0"), 213 }, 214 { 215 desc: "Derived from IEEE 2.7.2 79-byte crypt", 216 key: dehex("4c973dbc7364621674f8b5b89e5c15511fced9216490fb1c1a2caa0ffe0407e54e953fbe7166601476fab7ba"), 217 nonce: dehex("7ae8e2ca4ec500012e58495c"), 218 aad: dehex("68f2e77696ce7ae8e2ca4ec588e541002e58495c08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d0007"), 219 plaintext: dehex(""), 220 ciphertext: dehex("77e5a44c21eb07188aacbd74d1980e97"), 221 }, 222 { 223 desc: "Derived from IEEE 2.8.1 61-byte crypt", 224 key: dehex("88ee087fd95da9fbf6725aa9d757b0cd89ef097ed85ca8faf7735ba8d656b1cc8aec0a7ddb5fabf9f47058ab"), 225 nonce: dehex("7ae8e2ca4ec500012e58495c"), 226 aad: dehex("68f2e77696ce7ae8e2ca4ec588e54d002e58495c"), 227 plaintext: dehex("08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748490008"), 228 ciphertext: dehex("958ec3f6d60afeda99efd888f175e5fcd4c87b9bcc5c2f5426253a8b506296c8c43309ab2adb5939462541d95e80811e04e706b1498f2c407c7fb234f8cc01a647550ee6b557b35a7e3945381821f4"), 229 }, 230 { 231 desc: "Derived from IEEE 2.8.2 61-byte crypt", 232 key: dehex("4c973dbc7364621674f8b5b89e5c15511fced9216490fb1c1a2caa0ffe0407e54e953fbe7166601476fab7ba"), 233 nonce: dehex("7ae8e2ca4ec500012e58495c"), 234 aad: dehex("68f2e77696ce7ae8e2ca4ec588e54d002e58495c"), 235 plaintext: dehex("08000f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748490008"), 236 ciphertext: dehex("b44d072011cd36d272a9b7a98db9aa90cbc5c67b93ddce67c854503214e2e896ec7e9db649ed4bcf6f850aac0223d0cf92c83db80795c3a17ecc1248bb00591712b1ae71e268164196252162810b00"), 237 }} { 238 aead, err := newRekeyAEAD(test.key) 239 if err != nil { 240 t.Fatal("unexpected failure in newRekeyAEAD: ", err.Error()) 241 } 242 if got := aead.Seal(nil, test.nonce, test.plaintext, test.aad); !bytes.Equal(got, test.ciphertext) { 243 t.Errorf("Unexpected ciphertext for test vector '%s':\nciphertext=%s\nwant= %s", 244 test.desc, hex.EncodeToString(got), hex.EncodeToString(test.ciphertext)) 245 } 246 if got, err := aead.Open(nil, test.nonce, test.ciphertext, test.aad); err != nil || !bytes.Equal(got, test.plaintext) { 247 t.Errorf("Unexpected plaintext for test vector '%s':\nplaintext=%s (err=%v)\nwant= %s", 248 test.desc, hex.EncodeToString(got), err, hex.EncodeToString(test.plaintext)) 249 } 250 251 } 252 } 253 254 func dehex(s string) []byte { 255 if len(s) == 0 { 256 return make([]byte, 0) 257 } 258 b, err := hex.DecodeString(s) 259 if err != nil { 260 panic(err) 261 } 262 return b 263 }