void test_aes_generate(void)
{
MegaAesKey *pk, *mk, *k1, *k2;
// create and verify key from password
pk = mega_aes_key_new_from_password(PASSWORD);
g_assert(mega_aes_key_is_loaded(pk));
g_assert_cmpstr(PASSWORD_KEY, ==, mega_aes_key_get_ubase64(pk));
// create master key from encrypted UBase64, and verify against decrypted
mk = mega_aes_key_new_from_enc_ubase64(ENC_MASTER_KEY, pk);
g_assert(mega_aes_key_is_loaded(mk));
g_assert_cmpstr(DEC_MASTER_KEY, ==, mega_aes_key_get_ubase64(mk));
g_assert_cmpstr(ENC_MASTER_KEY, ==, mega_aes_key_get_enc_ubase64(mk, pk));
g_object_unref(mk);
g_object_unref(pk);
// create random keys and compare
k1 = mega_aes_key_new_generated();
k2 = mega_aes_key_new_generated();
g_assert(mega_aes_key_is_loaded(k1));
g_assert(mega_aes_key_is_loaded(k2));
g_assert_cmpstr(mega_aes_key_get_ubase64(k1), !=, mega_aes_key_get_ubase64(k2));
g_object_unref(k1);
g_object_unref(k2);
// check if long passwords work
pk = mega_aes_key_new_from_password(PASSWORD_BUG);
g_assert(mega_aes_key_is_loaded(pk));
}
void test_aes_encrypt(void)
{
MegaAesKey* k = mega_aes_key_new_from_binary(KEY_BINARY);
g_assert(mega_aes_key_is_loaded(k));
guchar plain[64] = {0}, cipher[64] = {0}, plain_dec[64] = {0};
mega_aes_key_encrypt_raw(k, plain, cipher, 64);
mega_aes_key_decrypt_raw(k, cipher, plain_dec, 64);
g_assert(memcmp(plain, plain_dec, 64) == 0);
g_assert(memcmp(plain, cipher, 64) != 0);
// VALID use of UBase64 funcs
gchar* cipher_ubase64 = mega_aes_key_encrypt(k, plain, 16);
g_assert_cmpstr(cipher_ubase64, ==, "muj9ArNAKIoOe7_w8LpU1g");
GBytes* plain_bytes = mega_aes_key_decrypt(k, cipher_ubase64);
g_assert_cmpuint(g_bytes_get_size(plain_bytes), ==, 16);
g_assert(memcmp(g_bytes_get_data(plain_bytes, NULL), plain, 16) == 0);
// INVALID use of UBase64 funcs
g_test_expect_message(G_LOG_DOMAIN, G_LOG_LEVEL_CRITICAL, "*(len % 16) == 0*failed*");
gchar* non_multiple_of_16 = mega_aes_key_encrypt(k, plain, 18);
g_test_assert_expected_messages();
g_assert(non_multiple_of_16 == NULL);
g_test_expect_message(G_LOG_DOMAIN, G_LOG_LEVEL_CRITICAL, "*len > 0*failed*");
gchar* zero_length = mega_aes_key_encrypt(k, plain, 0);
g_test_assert_expected_messages();
g_assert(zero_length == NULL);
GBytes* invalid_key_ubase64 = mega_aes_key_decrypt(k, KEY_INVALID);
g_assert(invalid_key_ubase64 == NULL);
GBytes* null_key_ubase64 = mega_aes_key_decrypt(k, KEY_NULL);
g_assert(null_key_ubase64 == NULL);
}
static GConverterResult convert(GConverter *converter, const void *inbuf, gsize inbuf_size, void *outbuf, gsize outbuf_size, GConverterFlags flags, gsize *bytes_read, gsize *bytes_written, GError **error)
{
MegaAesCtrEncryptor *encryptor = MEGA_AES_CTR_ENCRYPTOR(converter);
MegaAesCtrEncryptorPrivate* priv = encryptor->priv;
guchar nonce[8];
if (!priv->key || !mega_aes_key_is_loaded(MEGA_AES_KEY(priv->key)))
{
g_set_error(error, 1, 0, "No key is set for AES-CTR decryption/encryption!");
return G_CONVERTER_ERROR;
}
if (outbuf_size < inbuf_size)
{
g_set_error(error, G_IO_ERROR, G_IO_ERROR_NO_SPACE, "No space");
return G_CONVERTER_ERROR;
}
*bytes_written = *bytes_read = 0;
mega_file_key_get_nonce(priv->key, nonce);
// if input is not aligned, align it
if (inbuf_size > 0 && priv->position % 16 != 0)
{
gsize offset = priv->position % 16;;
gsize to_align = MIN(inbuf_size, 16 - offset);
guchar align_buf[16];
if (priv->direction == MEGA_AES_CTR_ENCRYPTOR_DIRECTION_ENCRYPT && priv->mac)
mega_chunked_cbc_mac_update(priv->mac, align_buf + offset, to_align);
memcpy(align_buf + offset, inbuf, to_align);
mega_aes_key_encrypt_ctr(MEGA_AES_KEY(priv->key), nonce, priv->position / 16, align_buf, align_buf, 16);
memcpy(outbuf, align_buf + offset, to_align);
if (priv->direction == MEGA_AES_CTR_ENCRYPTOR_DIRECTION_DECRYPT)
mega_chunked_cbc_mac_update(priv->mac, outbuf, to_align);
*bytes_written = *bytes_read = to_align;
priv->position += to_align;
outbuf += to_align; inbuf += to_align;
inbuf_size -= to_align; outbuf_size -= to_align;
}
// we are aligned, and there are more data on the input
if (inbuf_size > 0)
{
if (priv->direction == MEGA_AES_CTR_ENCRYPTOR_DIRECTION_ENCRYPT && priv->mac)
mega_chunked_cbc_mac_update(priv->mac, inbuf, inbuf_size);
mega_aes_key_encrypt_ctr(MEGA_AES_KEY(priv->key), nonce, priv->position / 16, inbuf, outbuf, inbuf_size);
if (priv->direction == MEGA_AES_CTR_ENCRYPTOR_DIRECTION_DECRYPT && priv->mac)
mega_chunked_cbc_mac_update(priv->mac, outbuf, inbuf_size);
*bytes_written = *bytes_read = *bytes_read + inbuf_size;
priv->position += inbuf_size;
}
if (flags & G_CONVERTER_INPUT_AT_END)
return G_CONVERTER_FINISHED;
if (flags & G_CONVERTER_FLUSH)
return G_CONVERTER_FLUSHED;
return G_CONVERTER_CONVERTED;
}
void test_aes_construction(void)
{
MegaAesKey *k, *ek;
// VALID USES:
// create empty key, check that it is not laoded
k = mega_aes_key_new();
g_assert(MEGA_IS_AES_KEY(k));
g_assert(!mega_aes_key_is_loaded(k));
g_object_unref(k);
// create key from UBase64
k = mega_aes_key_new_from_ubase64(KEY_UBASE64);
g_assert(MEGA_IS_AES_KEY(k));
g_assert(mega_aes_key_is_loaded(k));
g_assert_cmpstr(KEY_UBASE64, ==, mega_aes_key_get_ubase64(k));
g_object_unref(k);
// create key from Binary data (use as dec_key below)
ek = mega_aes_key_new_from_binary(KEY_BINARY);
g_assert(MEGA_IS_AES_KEY(ek));
g_assert(mega_aes_key_is_loaded(ek));
g_assert(memcmp(KEY_BINARY, mega_aes_key_get_binary(ek), 16) == 0);
g_assert_cmpstr(KEY_UBASE64, ==, mega_aes_key_get_ubase64(ek));
// create key from encrypted UBase64
k = mega_aes_key_new_from_enc_ubase64(KEY_UBASE64, ek);
g_assert(MEGA_IS_AES_KEY(k));
g_assert(mega_aes_key_is_loaded(k));
g_assert_cmpstr(KEY_UBASE64, ==, mega_aes_key_get_enc_ubase64(k, ek));
g_object_unref(k);
// create key from encrypted Binary data
k = mega_aes_key_new_from_enc_binary(KEY_BINARY, ek);
g_assert(MEGA_IS_AES_KEY(k));
g_assert(mega_aes_key_is_loaded(k));
g_assert(memcmp(KEY_BINARY, mega_aes_key_get_enc_binary(k, ek), 16) == 0);
g_object_unref(k);
g_object_unref(ek);
// INVALID USES
k = mega_aes_key_new_from_ubase64(KEY_LONG);
g_assert(MEGA_IS_AES_KEY(k));
g_assert(!mega_aes_key_is_loaded(k));
g_object_unref(k);
k = mega_aes_key_new_from_ubase64(KEY_SHORT);
g_assert(MEGA_IS_AES_KEY(k));
g_assert(!mega_aes_key_is_loaded(k));
g_object_unref(k);
k = mega_aes_key_new_from_ubase64(KEY_INVALID);
g_assert(MEGA_IS_AES_KEY(k));
g_assert(!mega_aes_key_is_loaded(k));
g_object_unref(k);
k = mega_aes_key_new_from_ubase64(KEY_NULL);
g_assert(MEGA_IS_AES_KEY(k));
g_assert(!mega_aes_key_is_loaded(k));
g_object_unref(k);
g_test_expect_message(G_LOG_DOMAIN, G_LOG_LEVEL_CRITICAL, "*data != NULL*");
k = mega_aes_key_new_from_ubase64(NULL);
g_test_assert_expected_messages();
g_assert(MEGA_IS_AES_KEY(k));
g_assert(!mega_aes_key_is_loaded(k));
g_object_unref(k);
}