1 // Copyright 2022 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 use crypto_provider::aes::{Aes, BLOCK_SIZE};
16 use crypto_provider::CryptoProvider;
17 use crypto_provider_default::CryptoProviderImpl;
18 use ldt_tbc::{TweakableBlockCipherDecrypter, TweakableBlockCipherEncrypter};
19 use xts_aes::{XtsAes128Key, XtsAes256Key, XtsDecrypter, XtsEncrypter, XtsError, XtsKey};
20
21 const MAX_XTS_SIZE: usize = (1 << 20) * BLOCK_SIZE;
22
23 #[test]
too_small_payload()24 fn too_small_payload() {
25 let key = [0_u8; 32];
26 let (enc, dec) = build_ciphers::<<CryptoProviderImpl as CryptoProvider>::Aes128, _>(
27 &XtsAes128Key::from(&key),
28 );
29 let tweak = [0u8; 16];
30 let mut payload = [0u8; BLOCK_SIZE - 1];
31 assert_eq!(enc.encrypt_data_unit(tweak.into(), &mut payload), Err(XtsError::DataTooShort));
32 assert_eq!(dec.decrypt_data_unit(tweak.into(), &mut payload), Err(XtsError::DataTooShort));
33
34 let key = [0u8; 64];
35 let (enc, dec) = build_ciphers::<<CryptoProviderImpl as CryptoProvider>::Aes256, _>(
36 &XtsAes256Key::from(&key),
37 );
38 assert_eq!(enc.encrypt_data_unit(tweak.into(), &mut payload), Err(XtsError::DataTooShort));
39 assert_eq!(dec.decrypt_data_unit(tweak.into(), &mut payload), Err(XtsError::DataTooShort));
40 }
41
42 #[test]
block_size_payload()43 fn block_size_payload() {
44 let key = [0_u8; 32];
45 let (enc, dec) = build_ciphers::<<CryptoProviderImpl as CryptoProvider>::Aes128, _>(
46 &XtsAes128Key::from(&key),
47 );
48 let tweak = [0u8; 16];
49 let mut payload = [0u8; BLOCK_SIZE];
50 assert!(enc.encrypt_data_unit(tweak.into(), &mut payload).is_ok());
51 assert!(dec.decrypt_data_unit(tweak.into(), &mut payload).is_ok());
52
53 let key = [0u8; 64];
54 let (enc, dec) = build_ciphers::<<CryptoProviderImpl as CryptoProvider>::Aes256, _>(
55 &XtsAes256Key::from(&key),
56 );
57 assert!(enc.encrypt_data_unit(tweak.into(), &mut payload).is_ok());
58 assert!(dec.decrypt_data_unit(tweak.into(), &mut payload).is_ok());
59 }
60
61 #[test]
max_xts_sized_payload()62 fn max_xts_sized_payload() {
63 let key = [0_u8; 32];
64 let (enc, dec) = build_ciphers::<<CryptoProviderImpl as CryptoProvider>::Aes128, _>(
65 &XtsAes128Key::from(&key),
66 );
67 let tweak = [0u8; 16];
68 let mut payload = vec![0u8; MAX_XTS_SIZE];
69 assert!(enc.encrypt_data_unit(tweak.into(), payload.as_mut_slice()).is_ok());
70 assert!(dec.decrypt_data_unit(tweak.into(), payload.as_mut_slice()).is_ok());
71
72 let key = [0u8; 64];
73 let (enc, dec) = build_ciphers::<<CryptoProviderImpl as CryptoProvider>::Aes256, _>(
74 &XtsAes256Key::from(&key),
75 );
76 assert!(enc.encrypt_data_unit(tweak.into(), payload.as_mut_slice()).is_ok());
77 assert!(dec.decrypt_data_unit(tweak.into(), payload.as_mut_slice()).is_ok());
78 }
79
80 #[test]
too_large_payload()81 fn too_large_payload() {
82 let key = [0_u8; 32];
83 let (enc, dec) = build_ciphers::<<CryptoProviderImpl as CryptoProvider>::Aes128, _>(
84 &XtsAes128Key::from(&key),
85 );
86 let tweak = [0u8; 16];
87 let mut payload = vec![0u8; MAX_XTS_SIZE + 1];
88 assert_eq!(
89 enc.encrypt_data_unit(tweak.into(), payload.as_mut_slice()),
90 Err(XtsError::DataTooLong)
91 );
92 assert_eq!(
93 dec.decrypt_data_unit(tweak.into(), payload.as_mut_slice()),
94 Err(XtsError::DataTooLong)
95 );
96
97 let key = [0u8; 64];
98 let (enc, dec) = build_ciphers::<<CryptoProviderImpl as CryptoProvider>::Aes256, _>(
99 &XtsAes256Key::from(&key),
100 );
101 assert_eq!(
102 enc.encrypt_data_unit(tweak.into(), payload.as_mut_slice()),
103 Err(XtsError::DataTooLong)
104 );
105 assert_eq!(
106 dec.decrypt_data_unit(tweak.into(), payload.as_mut_slice()),
107 Err(XtsError::DataTooLong)
108 );
109 }
110
build_ciphers<A: Aes<Key = K::BlockCipherKey>, K: XtsKey + ldt_tbc::TweakableBlockCipherKey>( key: &K, ) -> (XtsEncrypter<A, K>, XtsDecrypter<A, K>)111 fn build_ciphers<A: Aes<Key = K::BlockCipherKey>, K: XtsKey + ldt_tbc::TweakableBlockCipherKey>(
112 key: &K,
113 ) -> (XtsEncrypter<A, K>, XtsDecrypter<A, K>) {
114 let enc = XtsEncrypter::<A, _>::new(key);
115 let dec = XtsDecrypter::<A, _>::new(key);
116 (enc, dec)
117 }
118