uint64_t
cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials) {
int i;
v128_t nonce;
clock_t timer;
unsigned char *enc_buf;
unsigned int len = octets_in_buffer;
enc_buf = (unsigned char*) crypto_alloc(octets_in_buffer);
if (enc_buf == NULL)
return 0; /* indicate bad parameters by returning null */
/* time repeated trials */
v128_set_to_zero(&nonce);
timer = clock();
for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
cipher_set_iv(c, &nonce);
cipher_encrypt(c, enc_buf, &len);
}
timer = clock() - timer;
crypto_free(enc_buf);
if (timer == 0) {
/* Too fast! */
return 0;
}
return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
}
void Cipher::reset()
{
memset(&m_ctx, 0, sizeof(m_ctx));
cipher_init_ctx(&m_ctx, m_info);
if (m_iv.length())
cipher_set_iv(&m_ctx, (unsigned char *)m_iv.c_str(), m_iv.length());
}
int cipher_ctx_reset (cipher_context_t *ctx, uint8_t *iv_buf)
{
int retval = cipher_reset(ctx);
if (0 == retval)
retval = cipher_set_iv(ctx, iv_buf, ctx->cipher_info->iv_size);
return 0 == retval;
}
int cipher_ctx_reset (cipher_context_t *ctx, uint8_t *iv_buf)
{
if (!polar_ok(cipher_reset(ctx)))
return 0;
if (!polar_ok(cipher_set_iv(ctx, iv_buf, ctx->cipher_info->iv_size)))
return 0;
return 1;
}
result_t Cipher::init(std::string &key, std::string &iv)
{
m_key = key;
m_iv = iv;
if (m_iv.length() && cipher_set_iv(&m_ctx, (unsigned char *)m_iv.c_str(),
m_iv.length()))
{
m_iv.resize(0);
return Runtime::setError("Invalid iv size");
}
return 0;
}
uint64_t
cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
unsigned octets_in_buffer, int num_trials) {
int i;
v128_t nonce;
clock_t timer;
unsigned char *enc_buf;
int cipher_index = rand() % num_cipher;
/* Over-alloc, for NIST CBC padding */
enc_buf = crypto_alloc(octets_in_buffer+17);
if (enc_buf == NULL)
return 0; /* indicate bad parameters by returning null */
memset(enc_buf, 0, octets_in_buffer);
/* time repeated trials */
v128_set_to_zero(&nonce);
timer = clock();
for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
/* length parameter to cipher_encrypt is in/out -- out is total, padded
* length -- so reset it each time. */
unsigned octets_to_encrypt = octets_in_buffer;
/* encrypt buffer with cipher */
cipher_set_iv(cipher_array[cipher_index], &nonce, direction_encrypt);
cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_to_encrypt);
/* choose a cipher at random from the array*/
cipher_index = (*((uint32_t *)enc_buf)) % num_cipher;
}
timer = clock() - timer;
free(enc_buf);
if (timer == 0) {
/* Too fast! */
return 0;
}
return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
}
uint64_t
cipher_array_bits_per_second (cipher_t *cipher_array[], int num_cipher,
unsigned octets_in_buffer, int num_trials)
{
int i;
v128_t nonce;
clock_t timer;
unsigned char *enc_buf;
int cipher_index = 0;
enc_buf = crypto_alloc(octets_in_buffer);
if (enc_buf == NULL) {
return 0; /* indicate bad parameters by returning null */
}
/* time repeated trials */
v128_set_to_zero(&nonce);
timer = clock();
for (i = 0; i < num_trials; i++, nonce.v32[3] = i) {
/* choose a cipher at random from the array*/
cipher_index = (*((uint32_t*)enc_buf)) % num_cipher;
/* encrypt buffer with cipher */
cipher_set_iv(cipher_array[cipher_index], &nonce, direction_encrypt);
cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_in_buffer);
}
timer = clock() - timer;
free(enc_buf);
if (timer == 0) {
/* Too fast! */
return 0;
}
return CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
}
void cipher_context_set_iv(cipher_ctx_t *evp, uint8_t *iv, size_t iv_len, int enc)
{
if (evp == NULL || iv == NULL) {
LOGE("cipher_context_set_keyiv(): Cipher context or IV is null");
return;
}
if (enc) {
rand_bytes(iv, iv_len);
}
#if defined(USE_CRYPTO_OPENSSL)
if (!EVP_CipherInit_ex(evp, NULL, NULL, enc_key, iv, enc)) {
EVP_CIPHER_CTX_cleanup(evp);
FATAL("Cannot set key and IV");
}
#elif defined(USE_CRYPTO_POLARSSL)
if (cipher_setkey(evp, enc_key, enc_key_len * 8, enc) != 0) {
cipher_free_ctx(evp);
FATAL("Cannot set PolarSSL cipher key");
}
#if POLARSSL_VERSION_NUMBER >= 0x01030000
if (cipher_set_iv(evp, iv, iv_len) != 0) {
cipher_free_ctx(evp);
FATAL("Cannot set PolarSSL cipher IV");
}
if(cipher_reset(evp) != 0) {
cipher_free_ctx(evp);
FATAL("Cannot finalize PolarSSL cipher context");
}
#else
if(cipher_reset(evp, iv) != 0) {
cipher_free_ctx(evp);
FATAL("Cannot set PolarSSL cipher IV");
}
#endif
#endif
#ifdef DEBUG
dump("IV", iv);
#endif
}
/*
* Packet-oriented wrapper for non-AEAD modes
*/
int cipher_crypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen )
{
int ret;
size_t finish_olen;
if( ( ret = cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
return( ret );
if( ( ret = cipher_reset( ctx ) ) != 0 )
return( ret );
if( ( ret = cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
return( ret );
if( ( ret = cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
return( ret );
*olen += finish_olen;
return( 0 );
}
void cipher_context_set_iv(cipher_ctx_t *ctx, uint8_t *iv, size_t iv_len,
int enc)
{
const unsigned char *true_key;
if (iv == NULL) {
LOGE("cipher_context_set_iv(): IV is null");
return;
}
if (!enc) {
memcpy(ctx->iv, iv, iv_len);
}
if (enc_method >= SALSA20) {
return;
}
if (enc_method == RC4_MD5) {
unsigned char key_iv[32];
memcpy(key_iv, enc_key, 16);
memcpy(key_iv + 16, iv, 16);
true_key = enc_md5(key_iv, 32, NULL);
iv_len = 0;
} else {
true_key = enc_key;
}
#ifdef USE_CRYPTO_APPLECC
cipher_cc_t *cc = &ctx->cc;
if (cc->valid == kCCContextValid) {
memcpy(cc->iv, iv, iv_len);
memcpy(cc->key, true_key, enc_key_len);
cc->iv_len = iv_len;
cc->key_len = enc_key_len;
cc->encrypt = enc ? kCCEncrypt : kCCDecrypt;
if (cc->cryptor != NULL) {
CCCryptorRelease(cc->cryptor);
cc->cryptor = NULL;
}
CCCryptorStatus ret;
ret = CCCryptorCreateWithMode(
cc->encrypt,
cc->mode,
cc->cipher,
cc->padding,
cc->iv, cc->key, cc->key_len,
NULL, 0, 0, 0,
&cc->cryptor);
if (ret != kCCSuccess) {
if (cc->cryptor != NULL) {
CCCryptorRelease(cc->cryptor);
cc->cryptor = NULL;
}
FATAL("Cannot set CommonCrypto key and IV");
}
return;
}
#endif
cipher_evp_t *evp = &ctx->evp;
if (evp == NULL) {
LOGE("cipher_context_set_iv(): Cipher context is null");
return;
}
#if defined(USE_CRYPTO_OPENSSL)
if (!EVP_CipherInit_ex(evp, NULL, NULL, true_key, iv, enc)) {
EVP_CIPHER_CTX_cleanup(evp);
FATAL("Cannot set key and IV");
}
#elif defined(USE_CRYPTO_POLARSSL)
// XXX: PolarSSL 1.3.11: cipher_free_ctx deprecated, Use cipher_free() instead.
if (cipher_setkey(evp, true_key, enc_key_len * 8, enc) != 0) {
cipher_free_ctx(evp);
FATAL("Cannot set PolarSSL cipher key");
}
#if POLARSSL_VERSION_NUMBER >= 0x01030000
if (cipher_set_iv(evp, iv, iv_len) != 0) {
cipher_free_ctx(evp);
FATAL("Cannot set PolarSSL cipher IV");
}
if (cipher_reset(evp) != 0) {
cipher_free_ctx(evp);
FATAL("Cannot finalize PolarSSL cipher context");
}
#else
if (cipher_reset(evp, iv) != 0) {
cipher_free_ctx(evp);
FATAL("Cannot set PolarSSL cipher IV");
}
#endif
#elif defined(USE_CRYPTO_MBEDTLS)
if (mbedtls_cipher_setkey(evp, true_key, enc_key_len * 8, enc) != 0) {
mbedtls_cipher_free(evp);
FATAL("Cannot set mbed TLS cipher key");
}
if (mbedtls_cipher_set_iv(evp, iv, iv_len) != 0) {
mbedtls_cipher_free(evp);
FATAL("Cannot set mbed TLS cipher IV");
}
if (mbedtls_cipher_reset(evp) != 0) {
mbedtls_cipher_free(evp);
FATAL("Cannot finalize mbed TLS cipher context");
}
#endif
#ifdef DEBUG
dump("IV", (char *)iv, iv_len);
#endif
}
int
main (int argc, char *argv[]) {
uint8_t buffer[2532];
unsigned int buf_len = 2500;
int i, j;
extern cipher_type_t aes_icm;
#ifdef OPENSSL
extern cipher_type_t aes_gcm_128_openssl;
extern cipher_type_t aes_gcm_256_openssl;
#endif
cipher_t *c;
uint8_t key[46] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05
};
v128_t nonce;
int num_trials = 500;
int num_fail;
printf("statistical tests driver\n");
v128_set_to_zero(&nonce);
for (i=0; i < 2500; i++)
buffer[i] = 0;
/* run tests */
printf("running stat_tests on all-null buffer, expecting failure\n");
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
for (i=0; i < 2500; i++)
buffer[i] = rand();
printf("running stat_tests on rand(), expecting success\n");
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
printf("running stat_tests on AES-128-ICM, expecting success\n");
/* set buffer to cipher output */
for (i=0; i < 2500; i++)
buffer[i] = 0;
err_check(cipher_type_alloc(&aes_icm, &c, 30, 0));
err_check(cipher_init(c, key));
err_check(cipher_set_iv(c, &nonce, direction_encrypt));
err_check(cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
printf("runs test (please be patient): ");
fflush(stdout);
num_fail = 0;
v128_set_to_zero(&nonce);
for(j=0; j < num_trials; j++) {
for (i=0; i < 2500; i++)
buffer[i] = 0;
nonce.v32[3] = i;
err_check(cipher_set_iv(c, &nonce, direction_encrypt));
err_check(cipher_encrypt(c, buffer, &buf_len));
if (stat_test_runs(buffer)) {
num_fail++;
}
}
printf("%d failures in %d tests\n", num_fail, num_trials);
printf("(nota bene: a small fraction of stat_test failures does not \n"
"indicate that the random source is invalid)\n");
err_check(cipher_dealloc(c));
printf("running stat_tests on AES-256-ICM, expecting success\n");
/* set buffer to cipher output */
for (i=0; i < 2500; i++)
buffer[i] = 0;
err_check(cipher_type_alloc(&aes_icm, &c, 46, 0));
err_check(cipher_init(c, key));
err_check(cipher_set_iv(c, &nonce, direction_encrypt));
err_check(cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
printf("runs test (please be patient): ");
fflush(stdout);
num_fail = 0;
v128_set_to_zero(&nonce);
for(j=0; j < num_trials; j++) {
for (i=0; i < 2500; i++)
buffer[i] = 0;
nonce.v32[3] = i;
err_check(cipher_set_iv(c, &nonce, direction_encrypt));
err_check(cipher_encrypt(c, buffer, &buf_len));
if (stat_test_runs(buffer)) {
num_fail++;
}
}
#ifdef OPENSSL
{
printf("running stat_tests on AES-128-GCM, expecting success\n");
/* set buffer to cipher output */
for (i=0; i < 2500; i++) {
buffer[i] = 0;
}
err_check(cipher_type_alloc(&aes_gcm_128_openssl, &c, AES_128_GCM_KEYSIZE_WSALT, 8));
err_check(cipher_init(c, key));
err_check(cipher_set_iv(c, &nonce, direction_encrypt));
err_check(cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
fflush(stdout);
num_fail = 0;
v128_set_to_zero(&nonce);
for(j=0; j < num_trials; j++) {
for (i=0; i < 2500; i++) {
buffer[i] = 0;
}
nonce.v32[3] = i;
err_check(cipher_set_iv(c, &nonce, direction_encrypt));
err_check(cipher_encrypt(c, buffer, &buf_len));
buf_len = 2500;
if (stat_test_runs(buffer)) {
num_fail++;
}
}
printf("running stat_tests on AES-256-GCM, expecting success\n");
/* set buffer to cipher output */
for (i=0; i < 2500; i++) {
buffer[i] = 0;
}
err_check(cipher_type_alloc(&aes_gcm_256_openssl, &c, AES_256_GCM_KEYSIZE_WSALT, 16));
err_check(cipher_init(c, key));
err_check(cipher_set_iv(c, &nonce, direction_encrypt));
err_check(cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
fflush(stdout);
num_fail = 0;
v128_set_to_zero(&nonce);
for(j=0; j < num_trials; j++) {
for (i=0; i < 2500; i++) {
buffer[i] = 0;
}
nonce.v32[3] = i;
err_check(cipher_set_iv(c, &nonce, direction_encrypt));
err_check(cipher_encrypt(c, buffer, &buf_len));
buf_len = 2500;
if (stat_test_runs(buffer)) {
num_fail++;
}
}
}
#endif
printf("%d failures in %d tests\n", num_fail, num_trials);
printf("(nota bene: a small fraction of stat_test failures does not \n"
"indicate that the random source is invalid)\n");
err_check(cipher_dealloc(c));
return 0;
}
err_status_t
cipher_driver_test_buffering (cipher_t *c)
{
int i, j, num_trials = 1000;
unsigned len, buflen = 1024;
uint8_t buffer0[buflen], buffer1[buflen], *current, *end;
uint8_t idx[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34
};
err_status_t status;
printf("testing output buffering for cipher %s...",
c->type->description);
for (i = 0; i < num_trials; i++) {
/* set buffers to zero */
for (j = 0; j < buflen; j++) {
buffer0[j] = buffer1[j] = 0;
}
/* initialize cipher */
status = cipher_set_iv(c, idx, direction_encrypt);
if (status) {
return status;
}
/* generate 'reference' value by encrypting all at once */
status = cipher_encrypt(c, buffer0, &buflen);
if (status) {
return status;
}
/* re-initialize cipher */
status = cipher_set_iv(c, idx, direction_encrypt);
if (status) {
return status;
}
/* now loop over short lengths until buffer1 is encrypted */
current = buffer1;
end = buffer1 + buflen;
while (current < end) {
/* choose a short length */
len = rand() & 0x01f;
/* make sure that len doesn't cause us to overreach the buffer */
if (current + len > end) {
len = end - current;
}
status = cipher_encrypt(c, current, &len);
if (status) {
return status;
}
/* advance pointer into buffer1 to reflect encryption */
current += len;
/* if buffer1 is all encrypted, break out of loop */
if (current == end) {
break;
}
}
/* compare buffers */
for (j = 0; j < buflen; j++) {
if (buffer0[j] != buffer1[j]) {
#if PRINT_DEBUG
printf("test case %d failed at byte %d\n", i, j);
printf("computed: %s\n", octet_string_hex_string(buffer1, buflen));
printf("expected: %s\n", octet_string_hex_string(buffer0, buflen));
#endif
return err_status_algo_fail;
}
}
}
printf("passed\n");
return err_status_ok;
}
err_status_t
cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data) {
const cipher_test_case_t *test_case = test_data;
cipher_t *c;
err_status_t status;
uint8_t buffer[SELF_TEST_BUF_OCTETS];
uint8_t buffer2[SELF_TEST_BUF_OCTETS];
unsigned int len;
int i, j, case_num = 0;
debug_print(mod_cipher, "running self-test for cipher %s",
ct->description);
/*
* check to make sure that we have at least one test case, and
* return an error if we don't - we need to be paranoid here
*/
if (test_case == NULL)
return err_status_cant_check;
/*
* loop over all test cases, perform known-answer tests of both the
* encryption and decryption functions
*/
while (test_case != NULL) {
/* allocate cipher */
status = cipher_type_alloc(ct, &c, test_case->key_length_octets);
if (status)
return status;
/*
* test the encrypt function
*/
debug_print(mod_cipher, "testing encryption", NULL);
/* initialize cipher */
status = cipher_init(c, test_case->key, direction_encrypt);
if (status) {
cipher_dealloc(c);
return status;
}
/* copy plaintext into test buffer */
if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
cipher_dealloc(c);
return err_status_bad_param;
}
for (i=0; i < test_case->plaintext_length_octets; i++)
buffer[i] = test_case->plaintext[i];
debug_print(mod_cipher, "plaintext: %s",
octet_string_hex_string(buffer,
test_case->plaintext_length_octets));
/* set the initialization vector */
status = cipher_set_iv(c, test_case->idx);
if (status) {
cipher_dealloc(c);
return status;
}
/* encrypt */
len = test_case->plaintext_length_octets;
status = cipher_encrypt(c, buffer, &len);
if (status) {
cipher_dealloc(c);
return status;
}
debug_print(mod_cipher, "ciphertext: %s",
octet_string_hex_string(buffer,
test_case->ciphertext_length_octets));
/* compare the resulting ciphertext with that in the test case */
if (len != (unsigned int)test_case->ciphertext_length_octets)
return err_status_algo_fail;
status = err_status_ok;
for (i=0; i < test_case->ciphertext_length_octets; i++)
if (buffer[i] != test_case->ciphertext[i]) {
status = err_status_algo_fail;
debug_print(mod_cipher, "test case %d failed", case_num);
debug_print(mod_cipher, "(failure at byte %d)", i);
break;
}
if (status) {
debug_print(mod_cipher, "c computed: %s",
octet_string_hex_string(buffer,
2*test_case->plaintext_length_octets));
debug_print(mod_cipher, "c expected: %s",
octet_string_hex_string(test_case->ciphertext,
2*test_case->plaintext_length_octets));
cipher_dealloc(c);
return err_status_algo_fail;
}
/*
* test the decrypt function
*/
debug_print(mod_cipher, "testing decryption", NULL);
/* re-initialize cipher for decryption */
status = cipher_init(c, test_case->key, direction_decrypt);
if (status) {
cipher_dealloc(c);
return status;
}
/* copy ciphertext into test buffer */
if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
cipher_dealloc(c);
return err_status_bad_param;
}
for (i=0; i < test_case->ciphertext_length_octets; i++)
buffer[i] = test_case->ciphertext[i];
debug_print(mod_cipher, "ciphertext: %s",
octet_string_hex_string(buffer,
test_case->plaintext_length_octets));
/* set the initialization vector */
status = cipher_set_iv(c, test_case->idx);
if (status) {
cipher_dealloc(c);
return status;
}
/* decrypt */
len = test_case->ciphertext_length_octets;
status = cipher_decrypt(c, buffer, &len);
if (status) {
cipher_dealloc(c);
return status;
}
debug_print(mod_cipher, "plaintext: %s",
octet_string_hex_string(buffer,
test_case->plaintext_length_octets));
/* compare the resulting plaintext with that in the test case */
if (len != (unsigned int)test_case->plaintext_length_octets)
return err_status_algo_fail;
status = err_status_ok;
for (i=0; i < test_case->plaintext_length_octets; i++)
if (buffer[i] != test_case->plaintext[i]) {
status = err_status_algo_fail;
debug_print(mod_cipher, "test case %d failed", case_num);
debug_print(mod_cipher, "(failure at byte %d)", i);
}
if (status) {
debug_print(mod_cipher, "p computed: %s",
octet_string_hex_string(buffer,
2*test_case->plaintext_length_octets));
debug_print(mod_cipher, "p expected: %s",
octet_string_hex_string(test_case->plaintext,
2*test_case->plaintext_length_octets));
cipher_dealloc(c);
return err_status_algo_fail;
}
/* deallocate the cipher */
status = cipher_dealloc(c);
if (status)
return status;
/*
* the cipher passed the test case, so move on to the next test
* case in the list; if NULL, we'l proceed to the next test
*/
test_case = test_case->next_test_case;
++case_num;
}
/* now run some random invertibility tests */
/* allocate cipher, using paramaters from the first test case */
test_case = test_data;
status = cipher_type_alloc(ct, &c, test_case->key_length_octets);
if (status)
return status;
rand_source_init();
for (j=0; j < NUM_RAND_TESTS; j++) {
unsigned length;
int plaintext_len;
uint8_t key[MAX_KEY_LEN];
uint8_t iv[MAX_KEY_LEN];
/* choose a length at random (leaving room for IV and padding) */
length = rand() % (SELF_TEST_BUF_OCTETS - 64);
debug_print(mod_cipher, "random plaintext length %d\n", length);
status = rand_source_get_octet_string(buffer, length);
if (status) return status;
debug_print(mod_cipher, "plaintext: %s",
octet_string_hex_string(buffer, length));
/* copy plaintext into second buffer */
for (i=0; (unsigned int)i < length; i++)
buffer2[i] = buffer[i];
/* choose a key at random */
if (test_case->key_length_octets > MAX_KEY_LEN)
return err_status_cant_check;
status = rand_source_get_octet_string(key, test_case->key_length_octets);
if (status) return status;
/* chose a random initialization vector */
status = rand_source_get_octet_string(iv, MAX_KEY_LEN);
if (status) return status;
/* initialize cipher */
status = cipher_init(c, key, direction_encrypt);
if (status) {
cipher_dealloc(c);
return status;
}
/* set initialization vector */
status = cipher_set_iv(c, test_case->idx);
if (status) {
cipher_dealloc(c);
return status;
}
/* encrypt buffer with cipher */
plaintext_len = length;
status = cipher_encrypt(c, buffer, &length);
if (status) {
cipher_dealloc(c);
return status;
}
debug_print(mod_cipher, "ciphertext: %s",
octet_string_hex_string(buffer, length));
/*
* re-initialize cipher for decryption, re-set the iv, then
* decrypt the ciphertext
*/
status = cipher_init(c, key, direction_decrypt);
if (status) {
cipher_dealloc(c);
return status;
}
status = cipher_set_iv(c, test_case->idx);
if (status) {
cipher_dealloc(c);
return status;
}
status = cipher_decrypt(c, buffer, &length);
if (status) {
cipher_dealloc(c);
return status;
}
debug_print(mod_cipher, "plaintext[2]: %s",
octet_string_hex_string(buffer, length));
/* compare the resulting plaintext with the original one */
if (length != (unsigned int)plaintext_len)
return err_status_algo_fail;
status = err_status_ok;
for (i=0; i < plaintext_len; i++)
if (buffer[i] != buffer2[i]) {
status = err_status_algo_fail;
debug_print(mod_cipher, "random test case %d failed", case_num);
debug_print(mod_cipher, "(failure at byte %d)", i);
}
if (status) {
cipher_dealloc(c);
return err_status_algo_fail;
}
}
status = cipher_dealloc(c);
if (status)
return status;
return err_status_ok;
}
