blob: f653dc06e506bb5e1835c1c2a448cfed11a26708
1 | /* |
2 | * Copyright 2015 The Android Open Source Project |
3 | * |
4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
5 | * you may not use this file except in compliance with the License. |
6 | * You may obtain a copy of the License at |
7 | * |
8 | * http://www.apache.org/licenses/LICENSE-2.0 |
9 | * |
10 | * Unless required by applicable law or agreed to in writing, software |
11 | * distributed under the License is distributed on an "AS IS" BASIS, |
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
13 | * See the License for the specific language governing permissions and |
14 | * limitations under the License. |
15 | */ |
16 | |
17 | #include "ecies_kem.h" |
18 | |
19 | #include <gtest/gtest.h> |
20 | #include <openssl/evp.h> |
21 | |
22 | #include <hardware/keymaster_defs.h> |
23 | #include <keymaster/android_keymaster_utils.h> |
24 | |
25 | #include "android_keymaster_test_utils.h" |
26 | #include "nist_curve_key_exchange.h" |
27 | |
28 | using std::string; |
29 | |
30 | namespace keymaster { |
31 | namespace test { |
32 | |
33 | StdoutLogger logger; |
34 | |
35 | static const keymaster_ec_curve_t kEcCurves[] = {KM_EC_CURVE_P_224, KM_EC_CURVE_P_256, |
36 | KM_EC_CURVE_P_384, KM_EC_CURVE_P_521}; |
37 | |
38 | /** |
39 | * TestConsistency just tests that the basic key encapsulation hold. |
40 | */ |
41 | TEST(EciesKem, TestConsistency) { |
42 | static const uint32_t kKeyLen = 32; |
43 | for (auto& curve : kEcCurves) { |
44 | AuthorizationSet kem_description(AuthorizationSetBuilder() |
45 | .Authorization(TAG_EC_CURVE, curve) |
46 | .Authorization(TAG_KDF, KM_KDF_RFC5869_SHA256) |
47 | .Authorization(TAG_ECIES_SINGLE_HASH_MODE) |
48 | .Authorization(TAG_KEY_SIZE, kKeyLen)); |
49 | keymaster_error_t error; |
50 | EciesKem* kem = new EciesKem(kem_description, &error); |
51 | ASSERT_EQ(KM_ERROR_OK, error); |
52 | |
53 | NistCurveKeyExchange* key_exchange = NistCurveKeyExchange::GenerateKeyExchange(curve); |
54 | Buffer peer_public_value; |
55 | ASSERT_TRUE(key_exchange->public_value(&peer_public_value)); |
56 | |
57 | Buffer output_clear_key; |
58 | Buffer output_encrypted_key; |
59 | ASSERT_TRUE(kem->Encrypt(peer_public_value, &output_clear_key, &output_encrypted_key)); |
60 | ASSERT_EQ(kKeyLen, output_clear_key.available_read()); |
61 | ASSERT_EQ(peer_public_value.available_read(), output_encrypted_key.available_read()); |
62 | |
63 | Buffer decrypted_clear_key; |
64 | ASSERT_TRUE( |
65 | kem->Decrypt(key_exchange->private_key(), output_encrypted_key, &decrypted_clear_key)); |
66 | ASSERT_EQ(kKeyLen, decrypted_clear_key.available_read()); |
67 | EXPECT_EQ(0, memcmp(output_clear_key.peek_read(), decrypted_clear_key.peek_read(), |
68 | output_clear_key.available_read())); |
69 | } |
70 | } |
71 | |
72 | } // namespace test |
73 | } // namespace keymaster |
74 |