/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this file, * You can obtain one at http://mozilla.org/MPL/2.0/. */ #include #include "nss.h" #include "pk11pub.h" #include "nss_scoped_ptrs.h" #include "gtest/gtest.h" namespace nss_test { class Pkcs11DesTest : public ::testing::Test { protected: SECStatus EncryptWithIV(std::vector& iv, const CK_MECHANISM_TYPE mech) { // Generate a random key. ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); ScopedPK11SymKey sym_key( PK11_KeyGen(slot.get(), mech, nullptr, 8, nullptr)); EXPECT_TRUE(!!sym_key); std::vector data(16); std::vector output(16); SECItem params = {siBuffer, iv.data(), static_cast(iv.size())}; // Try to encrypt. unsigned int output_len = 0; return PK11_Encrypt(sym_key.get(), mech, ¶ms, output.data(), &output_len, output.size(), data.data(), data.size()); } }; TEST_F(Pkcs11DesTest, ZeroLengthIV) { std::vector iv(0); EXPECT_EQ(SECFailure, EncryptWithIV(iv, CKM_DES_CBC)); EXPECT_EQ(SECFailure, EncryptWithIV(iv, CKM_DES3_CBC)); } TEST_F(Pkcs11DesTest, IVTooShort) { std::vector iv(7); EXPECT_EQ(SECFailure, EncryptWithIV(iv, CKM_DES_CBC)); EXPECT_EQ(SECFailure, EncryptWithIV(iv, CKM_DES3_CBC)); } TEST_F(Pkcs11DesTest, WrongLengthIV) { // We tolerate IVs > 8 std::vector iv(15, 0); EXPECT_EQ(SECSuccess, EncryptWithIV(iv, CKM_DES_CBC)); EXPECT_EQ(SECSuccess, EncryptWithIV(iv, CKM_DES3_CBC)); } TEST_F(Pkcs11DesTest, AllGood) { std::vector iv(8, 0); EXPECT_EQ(SECSuccess, EncryptWithIV(iv, CKM_DES_CBC)); EXPECT_EQ(SECSuccess, EncryptWithIV(iv, CKM_DES3_CBC)); } } // namespace nss_test