5079590438

Committed 25 May 2023 12:28PM UTC coverage: 92.228% (+0.5%) from 91.723%

Build # 5079590438

Build Type

Pull #3502

github

Pull Request Pull Request #3502: Apply clang-format to the codebase

Run Details

75589 of 81959 relevant lines covered (92.23%)

12139530.51 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

93.86

/src/tests/test_ecies.cpp

/*
* (C) 2016 Philipp Weber
* (C) 2016 Daniel Neus
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "tests.h"

#if defined(BOTAN_HAS_ECIES)
   #include <botan/ecdh.h>
   #include <botan/ecies.h>
#endif

namespace Botan_Tests {

namespace {

#if defined(BOTAN_HAS_ECIES) && defined(BOTAN_HAS_AES) && defined(BOTAN_HAS_MODE_CBC)

using Flags = Botan::ECIES_Flags;

Botan::EC_Point_Format get_compression_type(const std::string& format) {
   if(format == "uncompressed") {
      return Botan::EC_Point_Format::Uncompressed;
   } else if(format == "compressed") {
      return Botan::EC_Point_Format::Compressed;
   } else if(format == "hybrid") {
      return Botan::EC_Point_Format::Hybrid;
   }
   throw Botan::Invalid_Argument("invalid compression format");
}

Flags ecies_flags(bool cofactor_mode, bool old_cofactor_mode, bool check_mode, bool single_hash_mode) {
   return (cofactor_mode ? Flags::CofactorMode : Flags::None) |
          (single_hash_mode ? Flags::SingleHashMode : Flags::None) |
          (old_cofactor_mode ? Flags::OldCofactorMode : Flags::None) | (check_mode ? Flags::CheckMode : Flags::None);
}

void check_encrypt_decrypt(Test::Result& result,
                           const Botan::ECDH_PrivateKey& private_key,
                           const Botan::ECDH_PrivateKey& other_private_key,
                           const Botan::ECIES_System_Params& ecies_params,
                           const Botan::InitializationVector& iv,
                           const std::string& label,
                           const std::vector<uint8_t>& plaintext,
                           const std::vector<uint8_t>& ciphertext) {
   try {
      Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());
      ecies_enc.set_other_key(other_private_key.public_point());
      Botan::ECIES_Decryptor ecies_dec(other_private_key, ecies_params, Test::rng());
      if(!iv.bits_of().empty()) {
         ecies_enc.set_initialization_vector(iv);
         ecies_dec.set_initialization_vector(iv);
      }
      if(!label.empty()) {
         ecies_enc.set_label(label);
         ecies_dec.set_label(label);
      }

      const std::vector<uint8_t> encrypted = ecies_enc.encrypt(plaintext, Test::rng());
      if(!ciphertext.empty()) {
         result.test_eq("encrypted data", encrypted, ciphertext);
      }
      const Botan::secure_vector<uint8_t> decrypted = ecies_dec.decrypt(encrypted);
      result.test_eq("decrypted data equals plaintext", decrypted, plaintext);

      std::vector<uint8_t> invalid_encrypted = encrypted;
      uint8_t& last_byte = invalid_encrypted[invalid_encrypted.size() - 1];
      last_byte = ~last_byte;
      result.test_throws("throw on invalid ciphertext",
                         [&ecies_dec, &invalid_encrypted] { ecies_dec.decrypt(invalid_encrypted); });
   } catch(Botan::Lookup_Error& e) { result.test_note(std::string("Test not executed: ") + e.what()); }
}

void check_encrypt_decrypt(Test::Result& result,
                           const Botan::ECDH_PrivateKey& private_key,
                           const Botan::ECDH_PrivateKey& other_private_key,
                           const Botan::ECIES_System_Params& ecies_params,
                           size_t iv_length = 0) {
   const std::vector<uint8_t> plaintext{1, 2, 3};
   check_encrypt_decrypt(result,
                         private_key,
                         other_private_key,
                         ecies_params,
                         Botan::InitializationVector(std::vector<uint8_t>(iv_length, 0)),
                         "",
                         plaintext,
                         std::vector<uint8_t>());
}

   #if defined(BOTAN_HAS_KDF1_18033) && defined(BOTAN_HAS_SHA1)

class ECIES_ISO_Tests final : public Text_Based_Test {
   public:
      ECIES_ISO_Tests() : Text_Based_Test("pubkey/ecies-18033.vec", "format,p,a,b,mu,nu,gx,gy,hx,hy,x,r,C0,K") {}

      Test::Result run_one_test(const std::string& /*header*/, const VarMap& vars) override {
         Test::Result result("ECIES-ISO");

         // get test vectors defined by ISO 18033
         const Botan::EC_Point_Format compression_type = get_compression_type(vars.get_req_str("format"));
         const Botan::BigInt p = vars.get_req_bn("p");
         const Botan::BigInt a = vars.get_req_bn("a");
         const Botan::BigInt b = vars.get_req_bn("b");
         const Botan::BigInt mu = vars.get_req_bn("mu");          // order
         const Botan::BigInt nu = vars.get_req_bn("nu");          // cofactor
         const Botan::BigInt gx = vars.get_req_bn("gx");          // base point x
         const Botan::BigInt gy = vars.get_req_bn("gy");          // base point y
         const Botan::BigInt hx = vars.get_req_bn("hx");          // x of public point of bob
         const Botan::BigInt hy = vars.get_req_bn("hy");          // y of public point of bob
         const Botan::BigInt x = vars.get_req_bn("x");            // private key of bob
         const Botan::BigInt r = vars.get_req_bn("r");            // (ephemeral) private key of alice
         const std::vector<uint8_t> c0 = vars.get_req_bin("C0");  // expected encoded (ephemeral) public key
         const std::vector<uint8_t> k = vars.get_req_bin("K");    // expected derived secret

         const Botan::EC_Group domain(p, a, b, gx, gy, mu, nu);

         // keys of bob
         const Botan::ECDH_PrivateKey other_private_key(Test::rng(), domain, x);
         const Botan::EC_Point other_public_key_point = domain.point(hx, hy);
         const Botan::ECDH_PublicKey other_public_key(domain, other_public_key_point);

         // (ephemeral) keys of alice
         const Botan::ECDH_PrivateKey eph_private_key(Test::rng(), domain, r);
         const Botan::EC_Point eph_public_key_point = eph_private_key.public_point();
         const std::vector<uint8_t> eph_public_key_bin = eph_public_key_point.encode(compression_type);
         result.test_eq("encoded (ephemeral) public key", eph_public_key_bin, c0);

         // test secret derivation: ISO 18033 test vectors use KDF1 from ISO 18033
         // no cofactor-/oldcofactor-/singlehash-/check-mode and 128 byte secret length
         Botan::ECIES_KA_Params ka_params(
            eph_private_key.domain(), "KDF1-18033(SHA-1)", 128, compression_type, Flags::None);
         const Botan::ECIES_KA_Operation ka(eph_private_key, ka_params, true, Test::rng());
         const Botan::SymmetricKey secret_key = ka.derive_secret(eph_public_key_bin, other_public_key_point);
         result.test_eq("derived secret key", secret_key.bits_of(), k);

         // test encryption / decryption

         for(auto comp_type : {Botan::EC_Point_Format::Uncompressed,
                               Botan::EC_Point_Format::Compressed,
                               Botan::EC_Point_Format::Hybrid}) {
            for(bool cofactor_mode : {true, false}) {
               for(bool single_hash_mode : {true, false}) {
                  for(bool old_cofactor_mode : {true, false}) {
                     for(bool check_mode : {true, false}) {
                        Flags flags = ecies_flags(cofactor_mode, old_cofactor_mode, check_mode, single_hash_mode);

                        if(size_t(cofactor_mode) + size_t(check_mode) + size_t(old_cofactor_mode) > 1) {
                           auto onThrow = [&]() {
                              Botan::ECIES_System_Params(eph_private_key.domain(),
                                                         "KDF2(SHA-1)",
                                                         "AES-256/CBC",
                                                         32,
                                                         "HMAC(SHA-1)",
                                                         20,
                                                         comp_type,
                                                         flags);
                           };
                           result.test_throws("throw on invalid ECIES_Flags", onThrow);
                           continue;
                        }

                        Botan::ECIES_System_Params ecies_params(eph_private_key.domain(),
                                                                "KDF2(SHA-1)",
                                                                "AES-256/CBC",
                                                                32,
                                                                "HMAC(SHA-1)",
                                                                20,
                                                                comp_type,
                                                                flags);
                        check_encrypt_decrypt(result, eph_private_key, other_private_key, ecies_params, 16);
                     }
                  }
               }
            }
         }

         return result;
      }
};

BOTAN_REGISTER_TEST("pubkey", "ecies_iso", ECIES_ISO_Tests);

   #endif

class ECIES_Tests final : public Text_Based_Test {
   public:
      ECIES_Tests() :
            Text_Based_Test("pubkey/ecies.vec",
                            "Curve,PrivateKey,OtherPrivateKey,Kdf,Dem,DemKeyLen,Mac,MacKeyLen,Format,"
                            "CofactorMode,OldCofactorMode,CheckMode,SingleHashMode,Label,Plaintext,Ciphertext",
                            "Iv") {}

      Test::Result run_one_test(const std::string& /*header*/, const VarMap& vars) override {
         Test::Result result("ECIES");

         const std::string curve = vars.get_req_str("Curve");
         const Botan::BigInt private_key_value = vars.get_req_bn("PrivateKey");
         const Botan::BigInt other_private_key_value = vars.get_req_bn("OtherPrivateKey");
         const std::string kdf = vars.get_req_str("Kdf");
         const std::string dem = vars.get_req_str("Dem");
         const size_t dem_key_len = vars.get_req_sz("DemKeyLen");
         const Botan::InitializationVector iv = Botan::InitializationVector(vars.get_opt_bin("Iv"));
         const std::string mac = vars.get_req_str("Mac");
         const size_t mac_key_len = vars.get_req_sz("MacKeyLen");
         const Botan::EC_Point_Format compression_type = get_compression_type(vars.get_req_str("Format"));
         const bool cofactor_mode = vars.get_req_sz("CofactorMode") != 0;
         const bool old_cofactor_mode = vars.get_req_sz("OldCofactorMode") != 0;
         const bool check_mode = vars.get_req_sz("CheckMode") != 0;
         const bool single_hash_mode = vars.get_req_sz("SingleHashMode") != 0;
         const std::string label = vars.get_req_str("Label");
         const std::vector<uint8_t> plaintext = vars.get_req_bin("Plaintext");
         const std::vector<uint8_t> ciphertext = vars.get_req_bin("Ciphertext");

         const Flags flags = ecies_flags(cofactor_mode, old_cofactor_mode, check_mode, single_hash_mode);
         const Botan::EC_Group domain(curve);
         const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);
         const Botan::ECDH_PrivateKey other_private_key(Test::rng(), domain, other_private_key_value);

         const Botan::ECIES_System_Params ecies_params(
            private_key.domain(), kdf, dem, dem_key_len, mac, mac_key_len, compression_type, flags);
         check_encrypt_decrypt(result, private_key, other_private_key, ecies_params, iv, label, plaintext, ciphertext);

         return result;
      }
};

BOTAN_REGISTER_TEST("pubkey", "ecies", ECIES_Tests);

   #if defined(BOTAN_HAS_KDF1_18033) && defined(BOTAN_HAS_HMAC) && defined(BOTAN_HAS_AES) && defined(BOTAN_HAS_SHA2_64)

Test::Result test_other_key_not_set() {
   Test::Result result("ECIES other key not set");

   const Flags flags = ecies_flags(false, false, false, true);
   const Botan::EC_Group domain("secp521r1");
   const Botan::BigInt private_key_value(
      "405029866705438137604064977397053031159826489755682166267763407"
      "5002761777100287880684822948852132235484464537021197213998300006"
      "547176718172344447619746779823");

   const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);
   const Botan::ECIES_System_Params ecies_params(private_key.domain(),
                                                 "KDF1-18033(SHA-512)",
                                                 "AES-256/CBC",
                                                 32,
                                                 "HMAC(SHA-512)",
                                                 20,
                                                 Botan::EC_Point_Format::Compressed,
                                                 flags);

   Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());

   result.test_throws("encrypt not possible without setting other public key",
                      [&ecies_enc]() { ecies_enc.encrypt(std::vector<uint8_t>(8), Test::rng()); });

   return result;
}

Test::Result test_kdf_not_found() {
   Test::Result result("ECIES kdf not found");

   const Flags flags = ecies_flags(false, false, false, true);
   const Botan::EC_Group domain("secp521r1");
   const Botan::BigInt private_key_value(
      "405029866705438137604064977397053031159826489755682166267763407"
      "5002761777100287880684822948852132235484464537021197213998300006"
      "547176718172344447619746779823");

   const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);
   const Botan::ECIES_System_Params ecies_params(private_key.domain(),
                                                 "KDF-XYZ(SHA-512)",
                                                 "AES-256/CBC",
                                                 32,
                                                 "HMAC(SHA-512)",
                                                 20,
                                                 Botan::EC_Point_Format::Compressed,
                                                 flags);

   result.test_throws("kdf not found", [&]() {
      Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());
      ecies_enc.encrypt(std::vector<uint8_t>(8), Test::rng());
   });

   return result;
}

Test::Result test_mac_not_found() {
   Test::Result result("ECIES mac not found");

   const Flags flags = ecies_flags(false, false, false, true);
   const Botan::EC_Group domain("secp521r1");
   const Botan::BigInt private_key_value(
      "405029866705438137604064977397053031159826489755682166267763407"
      "5002761777100287880684822948852132235484464537021197213998300006"
      "547176718172344447619746779823");

   const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);
   const Botan::ECIES_System_Params ecies_params(private_key.domain(),
                                                 "KDF1-18033(SHA-512)",
                                                 "AES-256/CBC",
                                                 32,
                                                 "XYZMAC(SHA-512)",
                                                 20,
                                                 Botan::EC_Point_Format::Compressed,
                                                 flags);

   result.test_throws("mac not found", [&]() {
      Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());
      ecies_enc.encrypt(std::vector<uint8_t>(8), Test::rng());
   });

   return result;
}

Test::Result test_cipher_not_found() {
   Test::Result result("ECIES cipher not found");

   const Flags flags = ecies_flags(false, false, false, true);
   const Botan::EC_Group domain("secp521r1");
   const Botan::BigInt private_key_value(
      "405029866705438137604064977397053031159826489755682166267763407"
      "5002761777100287880684822948852132235484464537021197213998300006"
      "547176718172344447619746779823");

   const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);
   const Botan::ECIES_System_Params ecies_params(private_key.domain(),
                                                 "KDF1-18033(SHA-512)",
                                                 "AES-XYZ-256/CBC",
                                                 32,
                                                 "HMAC(SHA-512)",
                                                 20,
                                                 Botan::EC_Point_Format::Compressed,
                                                 flags);

   result.test_throws("cipher not found", [&]() {
      Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());
      ecies_enc.encrypt(std::vector<uint8_t>(8), Test::rng());
   });

   return result;
}

Test::Result test_system_params_short_ctor() {
   Test::Result result("ECIES short system params ctor");

   const Botan::EC_Group domain("secp521r1");
   const Botan::BigInt private_key_value(
      "405029866705438137604064977397053031159826489755682166267763407"
      "5002761777100287880684822948852132235484464537021197213998300006"
      "547176718172344447619746779823");

   const Botan::BigInt other_private_key_value(
      "2294226772740614508941417891614236736606752960073669253551166842"
      "5866095315090327914760325168219669828915074071456176066304457448"
      "25404691681749451640151380153");

   const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);
   const Botan::ECDH_PrivateKey other_private_key(Test::rng(), domain, other_private_key_value);

   const Botan::ECIES_System_Params ecies_params(
      private_key.domain(), "KDF1-18033(SHA-512)", "AES-256/CBC", 32, "HMAC(SHA-512)", 16);

   const Botan::InitializationVector iv("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");
   const std::string label = "Test";

   const std::vector<uint8_t> plaintext = Botan::hex_decode("000102030405060708090A0B0C0D0E0F");

   // generated with botan
   const std::vector<uint8_t> ciphertext = Botan::hex_decode(
      "0401519EAA0489FF9D51E98E4C22349463E2001CD06F8CE47D81D4007A"
      "79ACF98E92C814686477CEA666EFC277DC84E15FC95E38AFF8E16D478A"
      "44CD5C5F1517F8B1F300000591317F261C3D04A7207F01EAE3EC70F2360"
      "0F82C53CC0B85BE7AC9F6CE79EF2AB416E5934D61BA9D346385D7545C57F"
      "77C7EA7C58E18C70CBFB0A24AE1B9943EC5A8D0657522CCDF30BA95674D81"
      "B397635D215178CD13BD9504AE957A9888F4128FFC0F0D3F1CEC646AEC8CE"
      "3F2463D233B22A7A12B679F4C06501F584D4DEFF6D26592A8D873398BD892"
      "B477B3468813C053DA43C4F3D49009F7A12D6EF7");

   check_encrypt_decrypt(result, private_key, other_private_key, ecies_params, iv, label, plaintext, ciphertext);

   return result;
}

Test::Result test_ciphertext_too_short() {
   Test::Result result("ECIES ciphertext too short");

   const Botan::EC_Group domain("secp521r1");
   const Botan::BigInt private_key_value(
      "405029866705438137604064977397053031159826489755682166267763407"
      "5002761777100287880684822948852132235484464537021197213998300006"
      "547176718172344447619746779823");

   const Botan::BigInt other_private_key_value(
      "2294226772740614508941417891614236736606752960073669253551166842"
      "5866095315090327914760325168219669828915074071456176066304457448"
      "25404691681749451640151380153");

   const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);
   const Botan::ECDH_PrivateKey other_private_key(Test::rng(), domain, other_private_key_value);

   const Botan::ECIES_System_Params ecies_params(
      private_key.domain(), "KDF1-18033(SHA-512)", "AES-256/CBC", 32, "HMAC(SHA-512)", 16);

   Botan::ECIES_Decryptor ecies_dec(other_private_key, ecies_params, Test::rng());

   result.test_throws("ciphertext too short",
                      [&ecies_dec]() { ecies_dec.decrypt(Botan::hex_decode("0401519EAA0489FF9D51E98E4C22349A")); });

   return result;
}

class ECIES_Unit_Tests final : public Test {
   public:
      std::vector<Test::Result> run() override {
         std::vector<Test::Result> results;

         std::vector<std::function<Test::Result()>> fns = {test_other_key_not_set,
                                                           test_kdf_not_found,
                                                           test_mac_not_found,
                                                           test_cipher_not_found,
                                                           test_system_params_short_ctor,
                                                           test_ciphertext_too_short};

         for(size_t i = 0; i != fns.size(); ++i) {
            try {
               results.emplace_back(fns[i]());
            } catch(std::exception& e) {
               results.emplace_back(Test::Result::Failure("ECIES unit tests " + std::to_string(i), e.what()));
            }
         }

         return results;
      }
};

BOTAN_REGISTER_TEST("pubkey", "ecies_unit", ECIES_Unit_Tests);

   #endif

#endif

}

}

1	/*
2	* (C) 2016 Philipp Weber
3	* (C) 2016 Daniel Neus
4	*
5	* Botan is released under the Simplified BSD License (see license.txt)
6	*/
7
8	#include "tests.h"
9
10	#if defined(BOTAN_HAS_ECIES)
11	#include <botan/ecdh.h>
12	#include <botan/ecies.h>
13	#endif
14
15	namespace Botan_Tests {
16
17	namespace {
18
19	#if defined(BOTAN_HAS_ECIES) && defined(BOTAN_HAS_AES) && defined(BOTAN_HAS_MODE_CBC)
20
21	using Flags = Botan::ECIES_Flags;
22
23	Botan::EC_Point_Format get_compression_type(const std::string& format) {	14✔
24	if(format == "uncompressed") {	14✔
25	return Botan::EC_Point_Format::Uncompressed;
26	} else if(format == "compressed") {	6✔
27	return Botan::EC_Point_Format::Compressed;
28	} else if(format == "hybrid") {	×
29	return Botan::EC_Point_Format::Hybrid;
30	}
31	throw Botan::Invalid_Argument("invalid compression format");	×
32	}
33
34	Flags ecies_flags(bool cofactor_mode, bool old_cofactor_mode, bool check_mode, bool single_hash_mode) {	108✔
35	return (cofactor_mode ? Flags::CofactorMode : Flags::None) \|	108✔
36	(single_hash_mode ? Flags::SingleHashMode : Flags::None) \|
37	(old_cofactor_mode ? Flags::OldCofactorMode : Flags::None) \| (check_mode ? Flags::CheckMode : Flags::None);	216✔
38	}
39
40	void check_encrypt_decrypt(Test::Result& result,	61✔
41	const Botan::ECDH_PrivateKey& private_key,
42	const Botan::ECDH_PrivateKey& other_private_key,
43	const Botan::ECIES_System_Params& ecies_params,
44	const Botan::InitializationVector& iv,
45	const std::string& label,
46	const std::vector<uint8_t>& plaintext,
47	const std::vector<uint8_t>& ciphertext) {
48	try {	61✔
49	Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());	61✔
50	ecies_enc.set_other_key(other_private_key.public_point());	61✔
51	Botan::ECIES_Decryptor ecies_dec(other_private_key, ecies_params, Test::rng());	61✔
52	if(!iv.bits_of().empty()) {	120✔
53	ecies_enc.set_initialization_vector(iv);	59✔
54	ecies_dec.set_initialization_vector(iv);	59✔
55	}
56	if(!label.empty()) {	61✔
57	ecies_enc.set_label(label);	11✔
58	ecies_dec.set_label(label);	11✔
59	}
60
61	const std::vector<uint8_t> encrypted = ecies_enc.encrypt(plaintext, Test::rng());	61✔
62	if(!ciphertext.empty()) {	61✔
63	result.test_eq("encrypted data", encrypted, ciphertext);	26✔
64	}
65	const Botan::secure_vector<uint8_t> decrypted = ecies_dec.decrypt(encrypted);	61✔
66	result.test_eq("decrypted data equals plaintext", decrypted, plaintext);	61✔
67
68	std::vector<uint8_t> invalid_encrypted = encrypted;	61✔
69	uint8_t& last_byte = invalid_encrypted[invalid_encrypted.size() - 1];	61✔
70	last_byte = ~last_byte;	61✔
71	result.test_throws("throw on invalid ciphertext",	183✔
72	[&ecies_dec, &invalid_encrypted] { ecies_dec.decrypt(invalid_encrypted); });	61✔
73	} catch(Botan::Lookup_Error& e) { result.test_note(std::string("Test not executed: ") + e.what()); }	183✔
74	}	61✔
75
76	void check_encrypt_decrypt(Test::Result& result,	48✔
77	const Botan::ECDH_PrivateKey& private_key,
78	const Botan::ECDH_PrivateKey& other_private_key,
79	const Botan::ECIES_System_Params& ecies_params,
80	size_t iv_length = 0) {
81	const std::vector<uint8_t> plaintext{1, 2, 3};	48✔
82	check_encrypt_decrypt(result,	48✔
83	private_key,
84	other_private_key,
85	ecies_params,
86	Botan::InitializationVector(std::vector<uint8_t>(iv_length, 0)),	144✔
87	"",
88	plaintext,
89	std::vector<uint8_t>());	96✔
90	}	48✔
91
92	#if defined(BOTAN_HAS_KDF1_18033) && defined(BOTAN_HAS_SHA1)
93
94	class ECIES_ISO_Tests final : public Text_Based_Test {	×
95	public:
96	ECIES_ISO_Tests() : Text_Based_Test("pubkey/ecies-18033.vec", "format,p,a,b,mu,nu,gx,gy,hx,hy,x,r,C0,K") {}	3✔
97
98	Test::Result run_one_test(const std::string& /header/, const VarMap& vars) override {	2✔
99	Test::Result result("ECIES-ISO");	2✔
100
101	// get test vectors defined by ISO 18033
102	const Botan::EC_Point_Format compression_type = get_compression_type(vars.get_req_str("format"));	2✔
103	const Botan::BigInt p = vars.get_req_bn("p");	2✔
104	const Botan::BigInt a = vars.get_req_bn("a");	2✔
105	const Botan::BigInt b = vars.get_req_bn("b");	2✔
106	const Botan::BigInt mu = vars.get_req_bn("mu"); // order	2✔
107	const Botan::BigInt nu = vars.get_req_bn("nu"); // cofactor	2✔
108	const Botan::BigInt gx = vars.get_req_bn("gx"); // base point x	2✔
109	const Botan::BigInt gy = vars.get_req_bn("gy"); // base point y	2✔
110	const Botan::BigInt hx = vars.get_req_bn("hx"); // x of public point of bob	2✔
111	const Botan::BigInt hy = vars.get_req_bn("hy"); // y of public point of bob	2✔
112	const Botan::BigInt x = vars.get_req_bn("x"); // private key of bob	2✔
113	const Botan::BigInt r = vars.get_req_bn("r"); // (ephemeral) private key of alice	2✔
114	const std::vector<uint8_t> c0 = vars.get_req_bin("C0"); // expected encoded (ephemeral) public key	2✔
115	const std::vector<uint8_t> k = vars.get_req_bin("K"); // expected derived secret	2✔
116
117	const Botan::EC_Group domain(p, a, b, gx, gy, mu, nu);	2✔
118
119	// keys of bob
120	const Botan::ECDH_PrivateKey other_private_key(Test::rng(), domain, x);	2✔
121	const Botan::EC_Point other_public_key_point = domain.point(hx, hy);	2✔
122	const Botan::ECDH_PublicKey other_public_key(domain, other_public_key_point);	2✔
123
124	// (ephemeral) keys of alice
125	const Botan::ECDH_PrivateKey eph_private_key(Test::rng(), domain, r);	2✔
126	const Botan::EC_Point eph_public_key_point = eph_private_key.public_point();	2✔
127	const std::vector<uint8_t> eph_public_key_bin = eph_public_key_point.encode(compression_type);	2✔
128	result.test_eq("encoded (ephemeral) public key", eph_public_key_bin, c0);	2✔
129
130	// test secret derivation: ISO 18033 test vectors use KDF1 from ISO 18033
131	// no cofactor-/oldcofactor-/singlehash-/check-mode and 128 byte secret length
132	Botan::ECIES_KA_Params ka_params(	2✔
133	eph_private_key.domain(), "KDF1-18033(SHA-1)", 128, compression_type, Flags::None);	×
134	const Botan::ECIES_KA_Operation ka(eph_private_key, ka_params, true, Test::rng());	2✔
135	const Botan::SymmetricKey secret_key = ka.derive_secret(eph_public_key_bin, other_public_key_point);	2✔
136	result.test_eq("derived secret key", secret_key.bits_of(), k);	4✔
137
138	// test encryption / decryption
139
140	for(auto comp_type : {Botan::EC_Point_Format::Uncompressed,	6✔
141	Botan::EC_Point_Format::Compressed,
142	Botan::EC_Point_Format::Hybrid}) {	8✔
143	for(bool cofactor_mode : {true, false}) {	18✔
144	for(bool single_hash_mode : {true, false}) {	36✔
145	for(bool old_cofactor_mode : {true, false}) {	72✔
146	for(bool check_mode : {true, false}) {	144✔
147	Flags flags = ecies_flags(cofactor_mode, old_cofactor_mode, check_mode, single_hash_mode);	96✔
148
149	if(size_t(cofactor_mode) + size_t(check_mode) + size_t(old_cofactor_mode) > 1) {	96✔
150	auto onThrow = [&]() {	96✔
151	Botan::ECIES_System_Params(eph_private_key.domain(),	×
152	"KDF2(SHA-1)",
153	"AES-256/CBC",
154	32,
155	"HMAC(SHA-1)",
156	20,
157	comp_type,	48✔
158	flags);	48✔
159	};	48✔
160	result.test_throws("throw on invalid ECIES_Flags", onThrow);	96✔
161	continue;	48✔
162	}	48✔
163
164	Botan::ECIES_System_Params ecies_params(eph_private_key.domain(),	48✔
165	"KDF2(SHA-1)",
166	"AES-256/CBC",
167	32,
168	"HMAC(SHA-1)",
169	20,
170	comp_type,
171	flags);	48✔
172	check_encrypt_decrypt(result, eph_private_key, other_private_key, ecies_params, 16);	48✔
173	}	48✔
174	}
175	}
176	}
177	}
178
179	return result;	2✔
180	}	32✔
181	};
182
183	BOTAN_REGISTER_TEST("pubkey", "ecies_iso", ECIES_ISO_Tests);
184
185	#endif
186
187	class ECIES_Tests final : public Text_Based_Test {	×
188	public:
189	ECIES_Tests() :	1✔
190	Text_Based_Test("pubkey/ecies.vec",
191	"Curve,PrivateKey,OtherPrivateKey,Kdf,Dem,DemKeyLen,Mac,MacKeyLen,Format,"
192	"CofactorMode,OldCofactorMode,CheckMode,SingleHashMode,Label,Plaintext,Ciphertext",
193	"Iv") {}	3✔
194
195	Test::Result run_one_test(const std::string& /header/, const VarMap& vars) override {	12✔
196	Test::Result result("ECIES");	12✔
197
198	const std::string curve = vars.get_req_str("Curve");	12✔
199	const Botan::BigInt private_key_value = vars.get_req_bn("PrivateKey");	12✔
200	const Botan::BigInt other_private_key_value = vars.get_req_bn("OtherPrivateKey");	12✔
201	const std::string kdf = vars.get_req_str("Kdf");	12✔
202	const std::string dem = vars.get_req_str("Dem");	12✔
203	const size_t dem_key_len = vars.get_req_sz("DemKeyLen");	12✔
204	const Botan::InitializationVector iv = Botan::InitializationVector(vars.get_opt_bin("Iv"));	22✔
205	const std::string mac = vars.get_req_str("Mac");	12✔
206	const size_t mac_key_len = vars.get_req_sz("MacKeyLen");	12✔
207	const Botan::EC_Point_Format compression_type = get_compression_type(vars.get_req_str("Format"));	12✔
208	const bool cofactor_mode = vars.get_req_sz("CofactorMode") != 0;	12✔
209	const bool old_cofactor_mode = vars.get_req_sz("OldCofactorMode") != 0;	12✔
210	const bool check_mode = vars.get_req_sz("CheckMode") != 0;	12✔
211	const bool single_hash_mode = vars.get_req_sz("SingleHashMode") != 0;	12✔
212	const std::string label = vars.get_req_str("Label");	12✔
213	const std::vector<uint8_t> plaintext = vars.get_req_bin("Plaintext");	12✔
214	const std::vector<uint8_t> ciphertext = vars.get_req_bin("Ciphertext");	12✔
215
216	const Flags flags = ecies_flags(cofactor_mode, old_cofactor_mode, check_mode, single_hash_mode);	12✔
217	const Botan::EC_Group domain(curve);	12✔
218	const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);	12✔
219	const Botan::ECDH_PrivateKey other_private_key(Test::rng(), domain, other_private_key_value);	12✔
220
221	const Botan::ECIES_System_Params ecies_params(	12✔
222	private_key.domain(), kdf, dem, dem_key_len, mac, mac_key_len, compression_type, flags);	12✔
223	check_encrypt_decrypt(result, private_key, other_private_key, ecies_params, iv, label, plaintext, ciphertext);	12✔
224
225	return result;	24✔
226	}	85✔
227	};
228
229	BOTAN_REGISTER_TEST("pubkey", "ecies", ECIES_Tests);
230
231	#if defined(BOTAN_HAS_KDF1_18033) && defined(BOTAN_HAS_HMAC) && defined(BOTAN_HAS_AES) && defined(BOTAN_HAS_SHA2_64)
232
233	Test::Result test_other_key_not_set() {	1✔
234	Test::Result result("ECIES other key not set");	1✔
235
236	const Flags flags = ecies_flags(false, false, false, true);	1✔
237	const Botan::EC_Group domain("secp521r1");	1✔
238	const Botan::BigInt private_key_value(	1✔
239	"405029866705438137604064977397053031159826489755682166267763407"
240	"5002761777100287880684822948852132235484464537021197213998300006"
241	"547176718172344447619746779823");	1✔
242
243	const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);	1✔
244	const Botan::ECIES_System_Params ecies_params(private_key.domain(),	1✔
245	"KDF1-18033(SHA-512)",
246	"AES-256/CBC",
247	32,
248	"HMAC(SHA-512)",
249	20,
250	Botan::EC_Point_Format::Compressed,
251	flags);	1✔
252
253	Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());	1✔
254
255	result.test_throws("encrypt not possible without setting other public key",	2✔
256	[&ecies_enc]() { ecies_enc.encrypt(std::vector<uint8_t>(8), Test::rng()); });	1✔
257
258	return result;	1✔
259	}	2✔
260
261	Test::Result test_kdf_not_found() {	1✔
262	Test::Result result("ECIES kdf not found");	1✔
263
264	const Flags flags = ecies_flags(false, false, false, true);	1✔
265	const Botan::EC_Group domain("secp521r1");	1✔
266	const Botan::BigInt private_key_value(	1✔
267	"405029866705438137604064977397053031159826489755682166267763407"
268	"5002761777100287880684822948852132235484464537021197213998300006"
269	"547176718172344447619746779823");	1✔
270
271	const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);	1✔
272	const Botan::ECIES_System_Params ecies_params(private_key.domain(),	1✔
273	"KDF-XYZ(SHA-512)",
274	"AES-256/CBC",
275	32,
276	"HMAC(SHA-512)",
277	20,
278	Botan::EC_Point_Format::Compressed,
279	flags);	1✔
280
281	result.test_throws("kdf not found", [&]() {	2✔
282	Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());	1✔
283	ecies_enc.encrypt(std::vector<uint8_t>(8), Test::rng());	2✔
284	});	1✔
285
286	return result;	1✔
287	}	2✔
288
289	Test::Result test_mac_not_found() {	1✔
290	Test::Result result("ECIES mac not found");	1✔
291
292	const Flags flags = ecies_flags(false, false, false, true);	1✔
293	const Botan::EC_Group domain("secp521r1");	1✔
294	const Botan::BigInt private_key_value(	1✔
295	"405029866705438137604064977397053031159826489755682166267763407"
296	"5002761777100287880684822948852132235484464537021197213998300006"
297	"547176718172344447619746779823");	1✔
298
299	const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);	1✔
300	const Botan::ECIES_System_Params ecies_params(private_key.domain(),	1✔
301	"KDF1-18033(SHA-512)",
302	"AES-256/CBC",
303	32,
304	"XYZMAC(SHA-512)",
305	20,
306	Botan::EC_Point_Format::Compressed,
307	flags);	1✔
308
309	result.test_throws("mac not found", [&]() {	2✔
310	Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());	1✔
311	ecies_enc.encrypt(std::vector<uint8_t>(8), Test::rng());	×
312	});	×
313
314	return result;	1✔
315	}	2✔
316
317	Test::Result test_cipher_not_found() {	1✔
318	Test::Result result("ECIES cipher not found");	1✔
319
320	const Flags flags = ecies_flags(false, false, false, true);	1✔
321	const Botan::EC_Group domain("secp521r1");	1✔
322	const Botan::BigInt private_key_value(	1✔
323	"405029866705438137604064977397053031159826489755682166267763407"
324	"5002761777100287880684822948852132235484464537021197213998300006"
325	"547176718172344447619746779823");	1✔
326
327	const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);	1✔
328	const Botan::ECIES_System_Params ecies_params(private_key.domain(),	1✔
329	"KDF1-18033(SHA-512)",
330	"AES-XYZ-256/CBC",
331	32,
332	"HMAC(SHA-512)",
333	20,
334	Botan::EC_Point_Format::Compressed,
335	flags);	1✔
336
337	result.test_throws("cipher not found", [&]() {	2✔
338	Botan::ECIES_Encryptor ecies_enc(private_key, ecies_params, Test::rng());	1✔
339	ecies_enc.encrypt(std::vector<uint8_t>(8), Test::rng());	×
340	});	×
341
342	return result;	1✔
343	}	2✔
344
345	Test::Result test_system_params_short_ctor() {	1✔
346	Test::Result result("ECIES short system params ctor");	1✔
347
348	const Botan::EC_Group domain("secp521r1");	1✔
349	const Botan::BigInt private_key_value(	1✔
350	"405029866705438137604064977397053031159826489755682166267763407"
351	"5002761777100287880684822948852132235484464537021197213998300006"
352	"547176718172344447619746779823");	1✔
353
354	const Botan::BigInt other_private_key_value(	1✔
355	"2294226772740614508941417891614236736606752960073669253551166842"
356	"5866095315090327914760325168219669828915074071456176066304457448"
357	"25404691681749451640151380153");	1✔
358
359	const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);	1✔
360	const Botan::ECDH_PrivateKey other_private_key(Test::rng(), domain, other_private_key_value);	1✔
361
362	const Botan::ECIES_System_Params ecies_params(	1✔
363	private_key.domain(), "KDF1-18033(SHA-512)", "AES-256/CBC", 32, "HMAC(SHA-512)", 16);	1✔
364
365	const Botan::InitializationVector iv("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");	1✔
366	const std::string label = "Test";	1✔
367
368	const std::vector<uint8_t> plaintext = Botan::hex_decode("000102030405060708090A0B0C0D0E0F");	1✔
369
370	// generated with botan
371	const std::vector<uint8_t> ciphertext = Botan::hex_decode(	1✔
372	"0401519EAA0489FF9D51E98E4C22349463E2001CD06F8CE47D81D4007A"
373	"79ACF98E92C814686477CEA666EFC277DC84E15FC95E38AFF8E16D478A"
374	"44CD5C5F1517F8B1F300000591317F261C3D04A7207F01EAE3EC70F2360"
375	"0F82C53CC0B85BE7AC9F6CE79EF2AB416E5934D61BA9D346385D7545C57F"
376	"77C7EA7C58E18C70CBFB0A24AE1B9943EC5A8D0657522CCDF30BA95674D81"
377	"B397635D215178CD13BD9504AE957A9888F4128FFC0F0D3F1CEC646AEC8CE"
378	"3F2463D233B22A7A12B679F4C06501F584D4DEFF6D26592A8D873398BD892"
379	"B477B3468813C053DA43C4F3D49009F7A12D6EF7");	1✔
380
381	check_encrypt_decrypt(result, private_key, other_private_key, ecies_params, iv, label, plaintext, ciphertext);	1✔
382
383	return result;	2✔
384	}	5✔
385
386	Test::Result test_ciphertext_too_short() {	1✔
387	Test::Result result("ECIES ciphertext too short");	1✔
388
389	const Botan::EC_Group domain("secp521r1");	1✔
390	const Botan::BigInt private_key_value(	1✔
391	"405029866705438137604064977397053031159826489755682166267763407"
392	"5002761777100287880684822948852132235484464537021197213998300006"
393	"547176718172344447619746779823");	1✔
394
395	const Botan::BigInt other_private_key_value(	1✔
396	"2294226772740614508941417891614236736606752960073669253551166842"
397	"5866095315090327914760325168219669828915074071456176066304457448"
398	"25404691681749451640151380153");	1✔
399
400	const Botan::ECDH_PrivateKey private_key(Test::rng(), domain, private_key_value);	1✔
401	const Botan::ECDH_PrivateKey other_private_key(Test::rng(), domain, other_private_key_value);	1✔
402
403	const Botan::ECIES_System_Params ecies_params(	1✔
404	private_key.domain(), "KDF1-18033(SHA-512)", "AES-256/CBC", 32, "HMAC(SHA-512)", 16);	1✔
405
406	Botan::ECIES_Decryptor ecies_dec(other_private_key, ecies_params, Test::rng());	1✔
407
408	result.test_throws("ciphertext too short",	2✔
409	[&ecies_dec]() { ecies_dec.decrypt(Botan::hex_decode("0401519EAA0489FF9D51E98E4C22349A")); });	1✔
410
411	return result;	1✔
412	}	3✔
413
414	class ECIES_Unit_Tests final : public Test {	×
415	public:
416	std::vector<Test::Result> run() override {	1✔
417	std::vector<Test::Result> results;	1✔
418
419	std::vector<std::function<Test::Result()>> fns = {test_other_key_not_set,	1✔
420	test_kdf_not_found,
421	test_mac_not_found,
422	test_cipher_not_found,
423	test_system_params_short_ctor,
424	test_ciphertext_too_short};	7✔
425
426	for(size_t i = 0; i != fns.size(); ++i) {	7✔
427	try {	6✔
428	results.emplace_back(fns[i]());	12✔
429	} catch(std::exception& e) {	×
430	results.emplace_back(Test::Result::Failure("ECIES unit tests " + std::to_string(i), e.what()));	×
431	}	×
432	}
433
434	return results;	1✔
435	}	1✔
436	};
437
438	BOTAN_REGISTER_TEST("pubkey", "ecies_unit", ECIES_Unit_Tests);
439
440	#endif
441
442	#endif
443
444	}
445
446	}

randombit / botan / 5079590438

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous