2026-03-14 15:39:21 +08:00
|
|
|
package starcrypto
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
|
|
|
|
"testing"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func TestRootSymmetricWrappers(t *testing.T) {
|
|
|
|
|
aesKey := []byte("0123456789abcdef")
|
|
|
|
|
aesIV := []byte("abcdef9876543210")
|
|
|
|
|
plain := []byte("root-wrapper-aes")
|
|
|
|
|
|
|
|
|
|
aesEnc, err := EncryptAesCBC(plain, aesKey, aesIV, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCBC failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesDec, err := DecryptAesCBC(aesEnc, aesKey, aesIV, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCBC failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesDec, plain) {
|
|
|
|
|
t.Fatalf("aes wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesCFBEnc, err := EncryptAes(plain, aesKey, aesIV, MODECFB, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAes failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesCFBDec, err := DecryptAes(aesCFBEnc, aesKey, aesIV, MODECFB, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAes failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesCFBDec, plain) {
|
|
|
|
|
t.Fatalf("aes generic wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesStreamEnc := &bytes.Buffer{}
|
|
|
|
|
if err := EncryptAesCBCStream(aesStreamEnc, bytes.NewReader(plain), aesKey, aesIV, ""); err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCBCStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesStreamDec := &bytes.Buffer{}
|
|
|
|
|
if err := DecryptAesCBCStream(aesStreamDec, bytes.NewReader(aesStreamEnc.Bytes()), aesKey, aesIV, ""); err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCBCStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesStreamDec.Bytes(), plain) {
|
|
|
|
|
t.Fatalf("aes stream wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4Enc, err := EncryptSM4CBC(plain, aesKey, aesIV, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CBC failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4Dec, err := DecryptSM4CBC(sm4Enc, aesKey, aesIV, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CBC failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4Dec, plain) {
|
|
|
|
|
t.Fatalf("sm4 wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4StreamEnc := &bytes.Buffer{}
|
|
|
|
|
if err := EncryptSM4CBCStream(sm4StreamEnc, bytes.NewReader(plain), aesKey, aesIV, ""); err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CBCStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4StreamDec := &bytes.Buffer{}
|
|
|
|
|
if err := DecryptSM4CBCStream(sm4StreamDec, bytes.NewReader(sm4StreamEnc.Bytes()), aesKey, aesIV, ""); err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CBCStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4StreamDec.Bytes(), plain) {
|
|
|
|
|
t.Fatalf("sm4 stream wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
desKey := []byte("12345678")
|
|
|
|
|
desIV := []byte("abcdefgh")
|
|
|
|
|
desEnc, err := EncryptDESCBC(plain, desKey, desIV, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptDESCBC failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
desDec, err := DecryptDESCBC(desEnc, desKey, desIV, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptDESCBC failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(desDec, plain) {
|
|
|
|
|
t.Fatalf("des wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
desStreamEnc := &bytes.Buffer{}
|
|
|
|
|
if err := EncryptDESCBCStream(desStreamEnc, bytes.NewReader(plain), desKey, desIV, ""); err != nil {
|
|
|
|
|
t.Fatalf("EncryptDESCBCStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
desStreamDec := &bytes.Buffer{}
|
|
|
|
|
if err := DecryptDESCBCStream(desStreamDec, bytes.NewReader(desStreamEnc.Bytes()), desKey, desIV, ""); err != nil {
|
|
|
|
|
t.Fatalf("DecryptDESCBCStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(desStreamDec.Bytes(), plain) {
|
|
|
|
|
t.Fatalf("des stream wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestRootSM2AndSM9Wrappers(t *testing.T) {
|
|
|
|
|
sm2Priv, sm2Pub, err := GenerateSM2Key()
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("GenerateSM2Key failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
msg := []byte("root-sm")
|
|
|
|
|
sig, err := SM2Sign(sm2Priv, msg, nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("SM2Sign failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !SM2Verify(sm2Pub, msg, sig, nil) {
|
|
|
|
|
t.Fatalf("SM2Verify failed")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
signMaster, signPub, err := GenerateSM9SignMasterKey()
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("GenerateSM9SignMasterKey failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
encryptMaster, encryptPub, err := GenerateSM9EncryptMasterKey()
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("GenerateSM9EncryptMasterKey failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
uid := []byte("root@example.com")
|
|
|
|
|
signUser, err := GenerateSM9SignUserKey(signMaster, uid, 0)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("GenerateSM9SignUserKey failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
encryptUser, err := GenerateSM9EncryptUserKey(encryptMaster, uid, 0)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("GenerateSM9EncryptUserKey failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm9Sig, err := SM9SignASN1(signUser, msg)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("SM9SignASN1 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !SM9VerifyASN1(signPub, uid, 0, msg, sm9Sig) {
|
|
|
|
|
t.Fatalf("SM9VerifyASN1 failed")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cipher, err := SM9Encrypt(encryptPub, uid, 0, msg)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("SM9Encrypt failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
dec, err := SM9Decrypt(encryptUser, uid, cipher)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("SM9Decrypt failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(dec, msg) {
|
|
|
|
|
t.Fatalf("SM9 wrapper decrypt mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestRootChaChaAndSM4DerivedWrappers(t *testing.T) {
|
|
|
|
|
key := []byte("0123456789abcdef0123456789abcdef")
|
|
|
|
|
nonce := []byte("123456789012")
|
|
|
|
|
aad := []byte("aad")
|
|
|
|
|
plain := []byte("root-chacha-wrapper")
|
|
|
|
|
|
|
|
|
|
chachaEnc, err := EncryptChaCha20(plain, key, nonce)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptChaCha20 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
chachaDec, err := DecryptChaCha20(chachaEnc, key, nonce)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptChaCha20 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(chachaDec, plain) {
|
|
|
|
|
t.Fatalf("chacha wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
polyEnc, err := EncryptChaCha20Poly1305(plain, key, nonce, aad)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptChaCha20Poly1305 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
polyDec, err := DecryptChaCha20Poly1305(polyEnc, key, nonce, aad)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptChaCha20Poly1305 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(polyDec, plain) {
|
|
|
|
|
t.Fatalf("chacha20-poly1305 wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4Key := []byte("0123456789abcdef")
|
|
|
|
|
sm4IV := []byte("abcdef9876543210")
|
|
|
|
|
sm4Plain := []byte("root-sm4-derived")
|
|
|
|
|
|
|
|
|
|
ecbEnc, err := EncryptSM4ECB(sm4Plain, sm4Key, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4ECB failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
ecbDec, err := DecryptSM4ECB(ecbEnc, sm4Key, "")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4ECB failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(ecbDec, sm4Plain) {
|
|
|
|
|
t.Fatalf("sm4 ecb wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ofbEnc, err := EncryptSM4OFB(sm4Plain, sm4Key, sm4IV)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4OFB failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
ofbDec, err := DecryptSM4OFB(ofbEnc, sm4Key, sm4IV)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4OFB failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(ofbDec, sm4Plain) {
|
|
|
|
|
t.Fatalf("sm4 ofb wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctrEnc, err := EncryptSM4CTR(sm4Plain, sm4Key, sm4IV)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CTR failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
ctrDec, err := DecryptSM4CTR(ctrEnc, sm4Key, sm4IV)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CTR failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(ctrDec, sm4Plain) {
|
|
|
|
|
t.Fatalf("sm4 ctr wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ecbStreamEnc := &bytes.Buffer{}
|
|
|
|
|
if err := EncryptSM4ECBStream(ecbStreamEnc, bytes.NewReader(sm4Plain), sm4Key, ""); err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4ECBStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
ecbStreamDec := &bytes.Buffer{}
|
|
|
|
|
if err := DecryptSM4ECBStream(ecbStreamDec, bytes.NewReader(ecbStreamEnc.Bytes()), sm4Key, ""); err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4ECBStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(ecbStreamDec.Bytes(), sm4Plain) {
|
|
|
|
|
t.Fatalf("sm4 ecb stream wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestRootOptionsAndGCMWrappers(t *testing.T) {
|
|
|
|
|
aesKey := []byte("0123456789abcdef")
|
|
|
|
|
sm4Key := []byte("0123456789abcdef")
|
|
|
|
|
nonce := []byte("123456789012")
|
|
|
|
|
plain := []byte("root-options-gcm")
|
|
|
|
|
|
|
|
|
|
aesEnc, err := EncryptAesGCM(plain, aesKey, nonce, []byte("aad"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesGCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesDec, err := DecryptAesGCM(aesEnc, aesKey, nonce, []byte("aad"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesGCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesDec, plain) {
|
|
|
|
|
t.Fatalf("aes gcm wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4Enc, err := EncryptSM4WithOptions(plain, sm4Key, &CipherOptions{Nonce: nonce})
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4WithOptions failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4Dec, err := DecryptSM4WithOptions(sm4Enc, sm4Key, &CipherOptions{Nonce: nonce})
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4WithOptions failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4Dec, plain) {
|
|
|
|
|
t.Fatalf("sm4 options wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-03-18 13:43:18 +08:00
|
|
|
|
|
|
|
|
func TestRootCTRAtAndGCMChunkWrappers(t *testing.T) {
|
|
|
|
|
aesKey := []byte("0123456789abcdef")
|
|
|
|
|
aesIV := []byte("abcdef9876543210")
|
|
|
|
|
aesNonce := []byte("123456789012")
|
|
|
|
|
plain := bytes.Repeat([]byte("root-ctr-offset-"), 64)
|
|
|
|
|
|
|
|
|
|
aesFull, err := EncryptAesCTR(plain, aesKey, aesIV)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCTR failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
offset := 33
|
|
|
|
|
seg := aesFull[offset : offset+100]
|
|
|
|
|
decSeg, err := DecryptAesCTRAt(seg, aesKey, aesIV, int64(offset))
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCTRAt failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(decSeg, plain[offset:offset+100]) {
|
|
|
|
|
t.Fatalf("root aes ctr at mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
chunkCipher, err := EncryptAesGCMChunk([]byte("root-aes-gcm-chunk"), aesKey, aesNonce, []byte("aad"), 2)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesGCMChunk failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
chunkPlain, err := DecryptAesGCMChunk(chunkCipher, aesKey, aesNonce, []byte("aad"), 2)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesGCMChunk failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(chunkPlain, []byte("root-aes-gcm-chunk")) {
|
|
|
|
|
t.Fatalf("root aes gcm chunk mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4Key := []byte("0123456789abcdef")
|
|
|
|
|
sm4IV := []byte("abcdef9876543210")
|
|
|
|
|
sm4Nonce := []byte("123456789012")
|
|
|
|
|
sm4Full, err := EncryptSM4CTR(plain, sm4Key, sm4IV)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CTR failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4Seg := sm4Full[offset : offset+100]
|
|
|
|
|
sm4DecSeg, err := DecryptSM4CTRAt(sm4Seg, sm4Key, sm4IV, int64(offset))
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CTRAt failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4DecSeg, plain[offset:offset+100]) {
|
|
|
|
|
t.Fatalf("root sm4 ctr at mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4ChunkCipher, err := EncryptSM4GCMChunk([]byte("root-sm4-gcm-chunk"), sm4Key, sm4Nonce, []byte("aad"), 3)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4GCMChunk failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4ChunkPlain, err := DecryptSM4GCMChunk(sm4ChunkCipher, sm4Key, sm4Nonce, []byte("aad"), 3)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4GCMChunk failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4ChunkPlain, []byte("root-sm4-gcm-chunk")) {
|
|
|
|
|
t.Fatalf("root sm4 gcm chunk mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestRootCFB8AndSegmentDecryptWrappers(t *testing.T) {
|
|
|
|
|
key := []byte("0123456789abcdef")
|
|
|
|
|
iv := []byte("abcdef9876543210")
|
|
|
|
|
plain := bytes.Repeat([]byte("0123456789abcdef"), 4)
|
|
|
|
|
|
|
|
|
|
aesCFB8, err := EncryptAesCFB8(plain, key, iv)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCFB8 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesCFB8Dec, err := DecryptAesCFB8(aesCFB8, key, iv)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCFB8 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesCFB8Dec, plain) {
|
|
|
|
|
t.Fatalf("root aes cfb8 mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesCBC, err := EncryptAesCBC(plain, key, iv, ZEROPADDING)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCBC failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesCBCSegDec, err := DecryptAesCBCFromSecondBlock(aesCBC[len(iv):], key, aesCBC[:len(iv)])
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCBCFromSecondBlock failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesCBCSegDec, plain[len(iv):]) {
|
|
|
|
|
t.Fatalf("root aes cbc from-second-block mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesCFB, err := EncryptAesCFB(plain, key, iv)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCFB failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesCFBSegDec, err := DecryptAesCFBFromSecondBlock(aesCFB[len(iv):], key, aesCFB[:len(iv)])
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCFBFromSecondBlock failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesCFBSegDec, plain[len(iv):]) {
|
|
|
|
|
t.Fatalf("root aes cfb from-second-block mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4CFB8, err := EncryptSM4CFB8(plain, key, iv)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CFB8 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4CFB8Dec, err := DecryptSM4CFB8(sm4CFB8, key, iv)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CFB8 failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4CFB8Dec, plain) {
|
|
|
|
|
t.Fatalf("root sm4 cfb8 mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4CBC, err := EncryptSM4CBC(plain, key, iv, ZEROPADDING)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CBC failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4CBCSegDec, err := DecryptSM4CBCFromSecondBlock(sm4CBC[len(iv):], key, sm4CBC[:len(iv)])
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CBCFromSecondBlock failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4CBCSegDec, plain[len(iv):]) {
|
|
|
|
|
t.Fatalf("root sm4 cbc from-second-block mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4CFB, err := EncryptSM4CFBNoBlock(plain, key, iv)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CFB failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4CFBSegDec, err := DecryptSM4CFBFromSecondBlock(sm4CFB[len(iv):], key, sm4CFB[:len(iv)])
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CFBFromSecondBlock failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4CFBSegDec, plain[len(iv):]) {
|
|
|
|
|
t.Fatalf("root sm4 cfb from-second-block mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
func TestRootOptionsAndCCMWrappers(t *testing.T) {
|
|
|
|
|
aesKey := []byte("0123456789abcdef")
|
|
|
|
|
sm4Key := []byte("0123456789abcdef")
|
|
|
|
|
nonce := []byte("123456789012")
|
|
|
|
|
aad := []byte("aad")
|
|
|
|
|
plain := []byte("root-options-ccm")
|
|
|
|
|
|
|
|
|
|
aesEnc, err := EncryptAesCCM(plain, aesKey, nonce, aad)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesDec, err := DecryptAesCCM(aesEnc, aesKey, nonce, aad)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesDec, plain) {
|
|
|
|
|
t.Fatalf("aes ccm wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesOpts := &CipherOptions{Mode: MODECCM, Nonce: nonce, AAD: aad}
|
|
|
|
|
aesOptEnc, err := EncryptAesWithOptions(plain, aesKey, aesOpts)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesWithOptions CCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesOptDec, err := DecryptAesWithOptions(aesOptEnc, aesKey, aesOpts)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesWithOptions CCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesOptDec, plain) {
|
|
|
|
|
t.Fatalf("aes options ccm wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesChunkCipher, err := EncryptAesCCMChunk([]byte("root-aes-ccm-chunk"), aesKey, nonce, aad, 4)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCCMChunk failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesChunkPlain, err := DecryptAesCCMChunk(aesChunkCipher, aesKey, nonce, aad, 4)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCCMChunk failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesChunkPlain, []byte("root-aes-ccm-chunk")) {
|
|
|
|
|
t.Fatalf("root aes ccm chunk mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesStreamEnc := &bytes.Buffer{}
|
|
|
|
|
if err := EncryptAesCCMStream(aesStreamEnc, bytes.NewReader(plain), aesKey, nonce, aad); err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesCCMStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesStreamDec := &bytes.Buffer{}
|
|
|
|
|
if err := DecryptAesCCMStream(aesStreamDec, bytes.NewReader(aesStreamEnc.Bytes()), aesKey, nonce, aad); err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesCCMStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesStreamDec.Bytes(), plain) {
|
|
|
|
|
t.Fatalf("aes ccm stream wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4Enc, err := EncryptSM4CCM(plain, sm4Key, nonce, aad)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4Dec, err := DecryptSM4CCM(sm4Enc, sm4Key, nonce, aad)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4Dec, plain) {
|
|
|
|
|
t.Fatalf("sm4 ccm wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4Opts := &CipherOptions{Mode: MODECCM, Nonce: nonce, AAD: aad}
|
|
|
|
|
sm4OptEnc, err := EncryptSM4WithOptions(plain, sm4Key, sm4Opts)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4WithOptions CCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4OptDec, err := DecryptSM4WithOptions(sm4OptEnc, sm4Key, sm4Opts)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4WithOptions CCM failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4OptDec, plain) {
|
|
|
|
|
t.Fatalf("sm4 options ccm wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4ChunkCipher, err := EncryptSM4CCMChunk([]byte("root-sm4-ccm-chunk"), sm4Key, nonce, aad, 6)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CCMChunk failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4ChunkPlain, err := DecryptSM4CCMChunk(sm4ChunkCipher, sm4Key, nonce, aad, 6)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CCMChunk failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4ChunkPlain, []byte("root-sm4-ccm-chunk")) {
|
|
|
|
|
t.Fatalf("root sm4 ccm chunk mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4StreamEnc := &bytes.Buffer{}
|
|
|
|
|
if err := EncryptSM4CCMStream(sm4StreamEnc, bytes.NewReader(plain), sm4Key, nonce, aad); err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4CCMStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4StreamDec := &bytes.Buffer{}
|
|
|
|
|
if err := DecryptSM4CCMStream(sm4StreamDec, bytes.NewReader(sm4StreamEnc.Bytes()), sm4Key, nonce, aad); err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4CCMStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4StreamDec.Bytes(), plain) {
|
|
|
|
|
t.Fatalf("sm4 ccm stream wrapper mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
func TestRootXTSWrappers(t *testing.T) {
|
|
|
|
|
k1 := []byte("0123456789abcdef")
|
|
|
|
|
k2 := []byte("fedcba9876543210")
|
|
|
|
|
plain := bytes.Repeat([]byte("0123456789abcdef"), 16)
|
|
|
|
|
|
|
|
|
|
aesEnc, err := EncryptAesXTS(plain, k1, k2, 64)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesXTS failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesDec, err := DecryptAesXTS(aesEnc, k1, k2, 64)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesXTS failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesDec, plain) {
|
|
|
|
|
t.Fatalf("root aes xts mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesSegEnc, err := EncryptAesXTSAt(plain[:64], k1, k2, 64, 1)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesXTSAt failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesSegDec, err := DecryptAesXTSAt(aesSegEnc, k1, k2, 64, 1)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesXTSAt failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesSegDec, plain[:64]) {
|
|
|
|
|
t.Fatalf("root aes xts at mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aesStreamEnc := &bytes.Buffer{}
|
|
|
|
|
if err := EncryptAesXTSStream(aesStreamEnc, bytes.NewReader(plain), k1, k2, 64); err != nil {
|
|
|
|
|
t.Fatalf("EncryptAesXTSStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
aesStreamDec := &bytes.Buffer{}
|
|
|
|
|
if err := DecryptAesXTSStream(aesStreamDec, bytes.NewReader(aesStreamEnc.Bytes()), k1, k2, 64); err != nil {
|
|
|
|
|
t.Fatalf("DecryptAesXTSStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(aesStreamDec.Bytes(), plain) {
|
|
|
|
|
t.Fatalf("root aes xts stream mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4Enc, err := EncryptSM4XTS(plain, k1, k2, 64)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4XTS failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4Dec, err := DecryptSM4XTS(sm4Enc, k1, k2, 64)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4XTS failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4Dec, plain) {
|
|
|
|
|
t.Fatalf("root sm4 xts mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4SegEnc, err := EncryptSM4XTSAt(plain[:64], k1, k2, 64, 2)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4XTSAt failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4SegDec, err := DecryptSM4XTSAt(sm4SegEnc, k1, k2, 64, 2)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4XTSAt failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4SegDec, plain[:64]) {
|
|
|
|
|
t.Fatalf("root sm4 xts at mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sm4StreamEnc := &bytes.Buffer{}
|
|
|
|
|
if err := EncryptSM4XTSStream(sm4StreamEnc, bytes.NewReader(plain), k1, k2, 64); err != nil {
|
|
|
|
|
t.Fatalf("EncryptSM4XTSStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
sm4StreamDec := &bytes.Buffer{}
|
|
|
|
|
if err := DecryptSM4XTSStream(sm4StreamDec, bytes.NewReader(sm4StreamEnc.Bytes()), k1, k2, 64); err != nil {
|
|
|
|
|
t.Fatalf("DecryptSM4XTSStream failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if !bytes.Equal(sm4StreamDec.Bytes(), plain) {
|
|
|
|
|
t.Fatalf("root sm4 xts stream mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
func TestRootKDFAndXTSKeySplitWrappers(t *testing.T) {
|
|
|
|
|
pbk, err := DerivePBKDF2SHA256Key("password", []byte("salt"), 1, 32)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DerivePBKDF2SHA256Key failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if len(pbk) != 32 {
|
|
|
|
|
t.Fatalf("pbkdf2 key length mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
argonParams := DefaultArgon2idParams()
|
|
|
|
|
argonParams.Memory = 32 * 1024
|
|
|
|
|
argonParams.Threads = 1
|
|
|
|
|
argon, err := DeriveArgon2idKey("password", []byte("salt-salt"), argonParams)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("DeriveArgon2idKey failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if len(argon) != int(argonParams.KeyLen) {
|
|
|
|
|
t.Fatalf("argon2 key length mismatch")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
master := []byte("0123456789abcdef0123456789abcdef")
|
|
|
|
|
k1, k2, err := SplitXTSMasterKey(master)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("SplitXTSMasterKey failed: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if len(k1) != 16 || len(k2) != 16 {
|
|
|
|
|
t.Fatalf("split xts wrapper key lengths mismatch")
|
|
|
|
|
}
|
|
|
|
|
}
|
