diff options
| author |  Yihua Zhang <yihuaz@google.com> | 2018-03-06 21:40:45 -0800 |
|---|---|---|
| committer | Yihua Zhang <yihuaz@google.com> | 2018-03-06 21:40:45 -0800 |
| commit | eaf64866777a42996835606e9c3626c974e728c5 (patch) | |
| tree | 04c693051ba14d798554543123e9b7001d1a3e83 /test/core/tsi | |
| parent | 14b470ac8f59ab1dc88c53335efa84f4849f3fa9 (diff) | |
Add ALTS code to grpc/core
Diffstat (limited to 'test/core/tsi')
26 files changed, 8007 insertions, 94 deletions
diff --git a/test/core/tsi/BUILD b/test/core/tsi/BUILD index e28c0b5f84..8ac3e7687c 100644 --- a/test/core/tsi/BUILD +++ b/test/core/tsi/BUILD @@ -16,7 +16,7 @@ load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_c licenses(["notice"]) # Apache v2 -grpc_package(name = "test/core/tsi") +grpc_package(name = "test/core/tsi", visibility = "public") grpc_cc_library( name = "transport_security_test_lib", diff --git a/test/core/tsi/alts/crypt/BUILD b/test/core/tsi/alts/crypt/BUILD new file mode 100644 index 0000000000..0057d7f6e6 --- /dev/null +++ b/test/core/tsi/alts/crypt/BUILD @@ -0,0 +1,38 @@ +# Copyright 2018 gRPC authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package") + +licenses(["notice"]) # Apache v2 + +grpc_package(name = "crypt", visibility = "public") + +grpc_cc_library( + name = "alts_crypt_test_util", + srcs = ["gsec_test_util.cc"], + hdrs = ["gsec_test_util.h"], + deps = [ + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_crypt_test", + srcs = ["aes_gcm_test.cc"], + language = "C++", + deps = [ + ":alts_crypt_test_util", + "//:grpc", + ], +) diff --git a/test/core/tsi/alts/crypt/aes_gcm_test.cc b/test/core/tsi/alts/crypt/aes_gcm_test.cc new file mode 100644 index 0000000000..576dd8f27b --- /dev/null +++ b/test/core/tsi/alts/crypt/aes_gcm_test.cc @@ -0,0 +1,2105 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "src/core/tsi/alts/crypt/gsec.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +const size_t kTestMinTagLengthForCorruption = 8; +const size_t kTestNumCrypters = 3; +const size_t kTestMaxSlices = 5; +const size_t kTestMaxLength = 1024; +const size_t kTestNumEncryptions = 100; + +/* Struct for pre-generated test vector */ +typedef struct gsec_aead_test_vector { + uint8_t* nonce; + uint8_t* aad; + uint8_t* key; + uint8_t* plaintext; + uint8_t* ciphertext_and_tag; + size_t nonce_length; + size_t aad_length; + size_t key_length; + size_t plaintext_length; + size_t ciphertext_and_tag_length; +} gsec_aead_test_vector; + +static void gsec_randomly_slice(uint8_t* input, size_t input_length, + struct iovec** output, size_t* output_length) { + if (input_length == 0) { + *output = nullptr; + *output_length = 0; + return; + } + *output_length = gsec_test_bias_random_uint32(kTestMaxSlices) + 1; + *output = + static_cast<struct iovec*>(malloc(*output_length * sizeof(**output))); + size_t i; + for (i = 0; i < *output_length - 1; i++) { + size_t slice_length = + gsec_test_bias_random_uint32(static_cast<uint32_t>(input_length)); + struct iovec slice = {input, slice_length}; + (*output)[i] = slice; + input += slice_length; + input_length -= slice_length; + } + struct iovec slice = {input, input_length}; + (*output)[*output_length - 1] = slice; +} + +static void gsec_assert_ok(grpc_status_code status, const char* error_detail) { + char empty_string[] = ""; + if (error_detail == nullptr) { + error_detail = empty_string; + } + if (status != GRPC_STATUS_OK) { + fprintf(stderr, "Status is not ok: %s\n", error_detail); + } + GPR_ASSERT(status == GRPC_STATUS_OK); +} + +static void gsec_test_random_encrypt_decrypt(gsec_aead_crypter* crypter, + size_t aad_length, + size_t message_length) { + GPR_ASSERT(crypter != nullptr); + size_t nonce_length, tag_length; + uint8_t *nonce, *aad, *message; + gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr); + gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr); + + gsec_test_random_array(&nonce, nonce_length); + gsec_test_random_array(&aad, aad_length); + gsec_test_random_array(&message, message_length); + + /* Test encryption */ + size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, message_length, &ciphertext_and_tag_length, nullptr); + + uint8_t* ciphertext_and_tag = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length)); + + char* error_buffer = nullptr; + gsec_assert_ok( + gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, aad, aad_length, + message, message_length, ciphertext_and_tag, + ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_buffer), + error_buffer); + GPR_ASSERT(message_length + tag_length == ciphertext_and_tag_length); + GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length); + + /* Test decryption */ + size_t plaintext_length, plaintext_bytes_written = 0; + gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_bytes_written, + &plaintext_length, nullptr); + uint8_t* plaintext = static_cast<uint8_t*>(gpr_malloc(plaintext_length)); + grpc_status_code status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag, + ciphertext_bytes_written, plaintext, plaintext_length, + &plaintext_bytes_written, nullptr); + + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(message_length == plaintext_bytes_written); + GPR_ASSERT(memcmp(message, plaintext, message_length) == 0); + + /** + * The returned plaintext will be zeroed if there was an authentication error. + */ + uint8_t* zero_message = static_cast<uint8_t*>(gpr_zalloc(plaintext_length)); + if (tag_length >= kTestMinTagLengthForCorruption) { + char* error_message; + /* Corrupt nonce */ + if (nonce_length > 0) { + plaintext_bytes_written = 0; + uint8_t* corrupt_nonce; + gsec_test_copy_and_alter_random_byte(nonce, &corrupt_nonce, nonce_length); + status = gsec_aead_crypter_decrypt( + crypter, corrupt_nonce, nonce_length, aad, aad_length, + ciphertext_and_tag, ciphertext_bytes_written, plaintext, + plaintext_length, &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, "Checking tag failed.", + error_message)); + GPR_ASSERT(plaintext_bytes_written == 0); + GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0); + gpr_free(corrupt_nonce); + gpr_free(error_message); + } + + /* Corrupt ciphertext_and_tag */ + plaintext_bytes_written = 0; + uint8_t* corrupt_ciphertext_and_tag; + gsec_test_copy_and_alter_random_byte(ciphertext_and_tag, + &corrupt_ciphertext_and_tag, + ciphertext_and_tag_length); + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, + corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext, + plaintext_length, &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(plaintext_bytes_written == 0); + GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0); + gpr_free(error_message); + gpr_free(corrupt_ciphertext_and_tag); + + /* Corrupt start of ciphertext_and_tag */ + plaintext_bytes_written = 0; + gsec_test_copy(ciphertext_and_tag, &corrupt_ciphertext_and_tag, + ciphertext_and_tag_length); + (*corrupt_ciphertext_and_tag)++; + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, + corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext, + plaintext_length, &plaintext_bytes_written, &error_message); + GPR_ASSERT(plaintext_bytes_written == 0); + GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + gpr_free(error_message); + gpr_free(corrupt_ciphertext_and_tag); + + /* Corrupt end of ciphertext_and_tag */ + plaintext_bytes_written = 0; + gsec_test_copy(ciphertext_and_tag, &corrupt_ciphertext_and_tag, + ciphertext_and_tag_length); + (*(corrupt_ciphertext_and_tag + ciphertext_and_tag_length - 1))++; + + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, + corrupt_ciphertext_and_tag, ciphertext_bytes_written, plaintext, + plaintext_length, &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(plaintext_bytes_written == 0); + GPR_ASSERT(memcmp(zero_message, plaintext, plaintext_length) == 0); + gpr_free(error_message); + gpr_free(corrupt_ciphertext_and_tag); + } + + gpr_free(zero_message); + gpr_free(nonce); + gpr_free(aad); + gpr_free(message); + gpr_free(plaintext); + gpr_free(ciphertext_and_tag); +} + +static void gsec_test_encrypt_decrypt(gsec_aead_crypter* crypter) { + GPR_ASSERT(crypter != nullptr); + size_t aad_length, message_length; + aad_length = gsec_test_bias_random_uint32(kTestMaxLength); + message_length = gsec_test_bias_random_uint32(kTestMaxLength); + gsec_test_random_encrypt_decrypt(crypter, aad_length, message_length); + gsec_test_random_encrypt_decrypt(crypter, 0, message_length); + gsec_test_random_encrypt_decrypt(crypter, aad_length, 0); +} + +static void gsec_test_multiple_random_encrypt_decrypt( + gsec_aead_crypter* crypter, size_t* aad_lengths, size_t* message_lengths, + size_t count) { + GPR_ASSERT(crypter != nullptr); + size_t nonce_length, tag_length; + uint8_t **nonces, **aads, **messages; + nonces = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + aads = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + messages = static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + + gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr); + gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr); + + size_t ind; + for (ind = 0; ind < count; ind++) { + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + gsec_test_random_array(&(nonces[ind]), nonce_length); + gsec_test_random_array(&(aads[ind]), aad_length); + gsec_test_random_array(&(messages[ind]), message_length); + } + + size_t* ciphertext_and_tag_lengths = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t* ciphertext_bytes_writtens = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t* plaintext_lengths = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t* plaintext_bytes_writtens = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + uint8_t** ciphertext_and_tags = + static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + uint8_t** plaintexts = + static_cast<uint8_t**>(gpr_malloc(sizeof(uint8_t*) * count)); + + /* Do encryption */ + for (ind = 0; ind < count; ind++) { + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, message_length, &(ciphertext_and_tag_lengths[ind]), nullptr); + ciphertext_and_tags[ind] = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_lengths[ind])); + grpc_status_code status = gsec_aead_crypter_encrypt( + crypter, nonces[ind], nonce_length, aads[ind], aad_length, + messages[ind], message_length, ciphertext_and_tags[ind], + ciphertext_and_tag_lengths[ind], &(ciphertext_bytes_writtens[ind]), + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(message_length + tag_length == ciphertext_and_tag_lengths[ind]); + GPR_ASSERT(ciphertext_bytes_writtens[ind] == + ciphertext_and_tag_lengths[ind]); + } + /* Do Decryption */ + for (ind = 0; ind < count; ind++) { + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + gsec_aead_crypter_max_plaintext_length(crypter, + ciphertext_bytes_writtens[ind], + &(plaintext_lengths[ind]), nullptr); + plaintexts[ind] = static_cast<uint8_t*>(gpr_malloc(plaintext_lengths[ind])); + grpc_status_code status = gsec_aead_crypter_decrypt( + crypter, nonces[ind], nonce_length, aads[ind], aad_length, + ciphertext_and_tags[ind], ciphertext_bytes_writtens[ind], + plaintexts[ind], plaintext_lengths[ind], + &(plaintext_bytes_writtens[ind]), nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(message_length == plaintext_bytes_writtens[ind]); + GPR_ASSERT(memcmp(messages[ind], plaintexts[ind], message_length) == 0); + } + + /* Slice the plaintext and encrypt with iovecs */ + for (ind = 0; ind < count; ind++) { + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + struct iovec* aad_vecs = nullptr; + size_t aad_vecs_length = 0; + gsec_randomly_slice(aads[ind], aad_length, &aad_vecs, &aad_vecs_length); + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + struct iovec* message_vecs = nullptr; + size_t message_vecs_length = 0; + gsec_randomly_slice(messages[ind], message_length, &message_vecs, + &message_vecs_length); + + size_t ciphertext_length = ciphertext_and_tag_lengths[ind]; + uint8_t* another_ciphertext = + static_cast<uint8_t*>(malloc(ciphertext_length)); + struct iovec another_ciphertext_vec = {another_ciphertext, + ciphertext_length}; + + char* error_details = nullptr; + size_t ciphertext_bytes_written = 0; + gsec_assert_ok( + gsec_aead_crypter_encrypt_iovec( + crypter, nonces[ind], nonce_length, aad_vecs, aad_vecs_length, + message_vecs, message_vecs_length, another_ciphertext_vec, + &ciphertext_bytes_written, &error_details), + error_details); + GPR_ASSERT(memcmp(ciphertext_and_tags[ind], another_ciphertext_vec.iov_base, + ciphertext_length) == 0); + free(another_ciphertext); + free(aad_vecs); + free(message_vecs); + } + + /* Slice the ciphertext and decrypt with iovecs */ + for (ind = 0; ind < count; ind++) { + size_t message_length = + (message_lengths == nullptr) ? 0 : message_lengths[ind]; + message_length = message_length + 0; + + size_t aad_length = (aad_lengths == nullptr) ? 0 : aad_lengths[ind]; + + struct iovec* aad_vecs = nullptr; + size_t aad_vecs_length = 0; + gsec_randomly_slice(aads[ind], aad_length, &aad_vecs, &aad_vecs_length); + + struct iovec* ciphertext_vecs = nullptr; + size_t ciphertext_vecs_length = 0; + gsec_randomly_slice(ciphertext_and_tags[ind], + ciphertext_bytes_writtens[ind], &ciphertext_vecs, + &ciphertext_vecs_length); + + size_t decrypted_length = plaintext_lengths[ind]; + uint8_t* decrypted = static_cast<uint8_t*>(malloc(decrypted_length)); + struct iovec decrypted_vec = {decrypted, decrypted_length}; + + char* error_details = nullptr; + gsec_assert_ok(gsec_aead_crypter_decrypt_iovec( + crypter, nonces[ind], nonce_length, aad_vecs, + aad_vecs_length, ciphertext_vecs, ciphertext_vecs_length, + decrypted_vec, &decrypted_length, &error_details), + error_details); + GPR_ASSERT(decrypted_vec.iov_len == message_length); + GPR_ASSERT(memcmp(decrypted_vec.iov_base, messages[ind], message_length) == + 0); + free(decrypted); + free(aad_vecs); + free(ciphertext_vecs); + } + + for (ind = 0; ind < count; ind++) { + gpr_free(nonces[ind]); + gpr_free(aads[ind]); + gpr_free(messages[ind]); + gpr_free(ciphertext_and_tags[ind]); + gpr_free(plaintexts[ind]); + } + gpr_free(nonces); + gpr_free(aads); + gpr_free(messages); + gpr_free(ciphertext_and_tag_lengths); + gpr_free(ciphertext_bytes_writtens); + gpr_free(plaintext_lengths); + gpr_free(plaintext_bytes_writtens); + gpr_free(ciphertext_and_tags); + gpr_free(plaintexts); +} + +static void gsec_test_multiple_encrypt_decrypt(gsec_aead_crypter* crypter) { + GPR_ASSERT(crypter != nullptr); + size_t count = kTestNumEncryptions; + size_t* aad_lengths = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t* message_lengths = + static_cast<size_t*>(gpr_malloc(sizeof(size_t) * count)); + size_t ind; + for (ind = 0; ind < count; ind++) { + aad_lengths[ind] = gsec_test_bias_random_uint32(kTestMaxLength); + message_lengths[ind] = gsec_test_bias_random_uint32(kTestMaxLength); + } + gsec_test_multiple_random_encrypt_decrypt(crypter, aad_lengths, + message_lengths, count); + gsec_test_multiple_random_encrypt_decrypt(crypter, aad_lengths, nullptr, + count); + gsec_test_multiple_random_encrypt_decrypt(crypter, nullptr, message_lengths, + count); + gpr_free(aad_lengths); + gpr_free(message_lengths); +} + +static void gsec_test_encryption_failure(gsec_aead_crypter* crypter) { + GPR_ASSERT(crypter != nullptr); + size_t aad_length = kTestMaxLength; + size_t message_length = kTestMaxLength; + size_t nonce_length; + + char* error_message; + uint8_t *nonce, *aad, *message; + + gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr); + gsec_test_random_array(&nonce, nonce_length); + gsec_test_random_array(&aad, aad_length); + gsec_test_random_array(&message, message_length); + + size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, message_length, &ciphertext_and_tag_length, nullptr); + uint8_t* ciphertext_and_tag = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length)); + + /* nullptr nonce */ + grpc_status_code status = gsec_aead_crypter_encrypt( + crypter, nullptr, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer is nullptr.")); + gpr_free(error_message); + + /* Big nonce */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length + 1, aad, aad_length, message, + message_length, ciphertext_and_tag, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer has the wrong length.")); + gpr_free(error_message); + + /* Small nonce */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length - 1, aad, aad_length, message, + message_length, ciphertext_and_tag, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer has the wrong length.")); + gpr_free(error_message); + + /* nullptr aad */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, nullptr, aad_length, message, + message_length, ciphertext_and_tag, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "aad is nullptr.")); + gpr_free(error_message); + + /* nullptr aad with zero length */ + gsec_assert_ok( + gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, nullptr, 0, + message, message_length, ciphertext_and_tag, + ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message), + error_message); + + /* nullptr plaintext */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, nullptr, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "plaintext is nullptr.")); + gpr_free(error_message); + + /* nullptr ciphertext */ + status = gsec_aead_crypter_encrypt(crypter, nonce, nonce_length, aad, + aad_length, message, message_length, + nullptr, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "ciphertext is nullptr.")); + gpr_free(error_message); + + /* Short ciphertext */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length - 1, + &ciphertext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "ciphertext is too small to hold a tag.")); + gpr_free(error_message); + + /* nullptr ciphertext_bytes_written */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, nullptr, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "bytes_written is nullptr.")); + gpr_free(error_message); + + /* nullptr plaintext/ciphertext encrypt with zero length */ + gsec_assert_ok(gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, nullptr, 0, + ciphertext_and_tag, ciphertext_and_tag_length, + &ciphertext_bytes_written, &error_message), + error_message); + + /* Success */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + &error_message); + GPR_ASSERT(status == GRPC_STATUS_OK); + + gpr_free(message); + gpr_free(aad); + gpr_free(nonce); + gpr_free(ciphertext_and_tag); +} + +static void gsec_test_decryption_failure(gsec_aead_crypter* crypter) { + GPR_ASSERT(crypter != nullptr); + size_t aad_length = kTestMaxLength; + size_t message_length = kTestMaxLength; + size_t nonce_length, tag_length; + uint8_t *nonce, *aad, *message; + + gsec_aead_crypter_nonce_length(crypter, &nonce_length, nullptr); + gsec_aead_crypter_tag_length(crypter, &tag_length, nullptr); + gsec_test_random_array(&nonce, nonce_length); + gsec_test_random_array(&aad, aad_length); + gsec_test_random_array(&message, message_length); + + /* Test encryption */ + size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, message_length, &ciphertext_and_tag_length, nullptr); + uint8_t* ciphertext_and_tag = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length)); + + grpc_status_code status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, aad, aad_length, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length); + + size_t plaintext_length, plaintext_bytes_written = 0; + gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_bytes_written, + &plaintext_length, nullptr); + uint8_t* plaintext = static_cast<uint8_t*>(gpr_malloc(plaintext_length)); + + char* error_message; + /* nullptr nonce */ + status = gsec_aead_crypter_decrypt( + crypter, nullptr, nonce_length, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer is nullptr.")); + gpr_free(error_message); + + /* Big nonce */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length + 1, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer has the wrong length.")); + gpr_free(error_message); + + /* Small nonce */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length - 1, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Nonce buffer has the wrong length.")); + gpr_free(error_message); + + /* nullptr aad */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, nullptr, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "aad is nullptr.")); + gpr_free(error_message); + + /* nullptr aad with zero length */ + status = gsec_aead_crypter_encrypt( + crypter, nonce, nonce_length, nullptr, 0, message, message_length, + ciphertext_and_tag, ciphertext_and_tag_length, &ciphertext_bytes_written, + &error_message); + GPR_ASSERT(status == GRPC_STATUS_OK); + + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, nullptr, 0, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + GPR_ASSERT(status == GRPC_STATUS_OK); + + /* Small ciphertext */ + if (tag_length > 0) { + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag, + tag_length - 1, plaintext, plaintext_length, &plaintext_bytes_written, + &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "ciphertext is too small to hold a tag.")); + gpr_free(error_message); + } + + /* nullptr ciphertext */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, nullptr, + ciphertext_and_tag_length, plaintext, plaintext_length, + &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "ciphertext is nullptr.")); + gpr_free(error_message); + + /* nullptr plaintext */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, nullptr, plaintext_length, + &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "plaintext is nullptr, but plaintext_length is positive.")); + gpr_free(error_message); + + /* Short plaintext */ + status = gsec_aead_crypter_decrypt( + crypter, nonce, nonce_length, aad, aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, plaintext_length - 1, + &plaintext_bytes_written, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Not enough plaintext buffer to hold encrypted ciphertext.")); + gpr_free(error_message); + + /* nullptr plaintext_bytes_written */ + status = gsec_aead_crypter_decrypt(crypter, nonce, nonce_length, aad, + aad_length, ciphertext_and_tag, + ciphertext_and_tag_length, plaintext, + plaintext_length, nullptr, &error_message); + + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "bytes_written is nullptr.")); + gpr_free(error_message); + + gpr_free(message); + gpr_free(plaintext); + gpr_free(ciphertext_and_tag); + gpr_free(aad); + gpr_free(nonce); +} + +static void gsec_test_encrypt_decrypt_test_vector( + gsec_aead_crypter* crypter, gsec_aead_test_vector* test_vector) { + GPR_ASSERT(crypter != nullptr); + /* Test byte-based encryption interface. */ + size_t ciphertext_and_tag_length, ciphertext_bytes_written = 0; + gsec_aead_crypter_max_ciphertext_and_tag_length( + crypter, test_vector->plaintext_length, &ciphertext_and_tag_length, + nullptr); + uint8_t* ciphertext_and_tag_bytes = + static_cast<uint8_t*>(gpr_malloc(ciphertext_and_tag_length)); + grpc_status_code status = gsec_aead_crypter_encrypt( + crypter, test_vector->nonce, test_vector->nonce_length, test_vector->aad, + test_vector->aad_length, test_vector->plaintext, + test_vector->plaintext_length, ciphertext_and_tag_bytes, + ciphertext_and_tag_length, &ciphertext_bytes_written, nullptr); + + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(ciphertext_bytes_written == ciphertext_and_tag_length); + GPR_ASSERT(memcmp(test_vector->ciphertext_and_tag, ciphertext_and_tag_bytes, + ciphertext_and_tag_length) == 0); + + /* Test byte-based decryption interface */ + size_t plaintext_length, plaintext_bytes_written = 0; + gsec_aead_crypter_max_plaintext_length(crypter, ciphertext_and_tag_length, + &plaintext_length, nullptr); + uint8_t* plaintext_bytes = + static_cast<uint8_t*>(gpr_malloc(plaintext_length)); + status = gsec_aead_crypter_decrypt( + crypter, test_vector->nonce, test_vector->nonce_length, test_vector->aad, + test_vector->aad_length, test_vector->ciphertext_and_tag, + test_vector->ciphertext_and_tag_length, plaintext_bytes, plaintext_length, + &plaintext_bytes_written, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(test_vector->plaintext, plaintext_bytes, + plaintext_bytes_written) == 0); + + gpr_free(ciphertext_and_tag_bytes); + gpr_free(plaintext_bytes); +} + +static void gsec_test_get_crypter_from_test_vector( + gsec_aead_crypter** crypter, gsec_aead_test_vector* test_vector, + bool rekey = false) { + size_t key_length = test_vector->key_length; + GPR_ASSERT(key_length == kAes128GcmKeyLength || + key_length == kAes256GcmKeyLength || + key_length == kAes128GcmRekeyKeyLength); + size_t nonce_length = test_vector->nonce_length; + GPR_ASSERT(nonce_length == kAesGcmNonceLength); + size_t plaintext_length = test_vector->plaintext_length; + size_t ciphertext_and_tag_length = test_vector->ciphertext_and_tag_length; + GPR_ASSERT(ciphertext_and_tag_length == plaintext_length + kAesGcmTagLength); + size_t tag_length = ciphertext_and_tag_length - plaintext_length; + gsec_aes_gcm_aead_crypter_create(test_vector->key, key_length, nonce_length, + tag_length, rekey, crypter, nullptr); +} + +static void gsec_test_verify_crypter_on_test_vector( + gsec_aead_test_vector* test_vector, bool rekey = false) { + gsec_aead_crypter* crypter; + gsec_test_get_crypter_from_test_vector(&crypter, test_vector, rekey); + gsec_test_encrypt_decrypt_test_vector(crypter, test_vector); + gsec_aead_crypter_destroy(crypter); +} + +static void gsec_aead_malloc_test_vector( + gsec_aead_test_vector** test_vector, const uint8_t* key, size_t key_length, + const uint8_t* nonce, size_t nonce_length, const uint8_t* aad, + size_t aad_length, const uint8_t* plaintext, size_t plaintext_length, + const uint8_t* ciphertext_and_tag, size_t ciphertext_and_tag_length) { + *test_vector = static_cast<gsec_aead_test_vector*>( + gpr_malloc(sizeof(gsec_aead_test_vector))); + (*test_vector)->key_length = key_length; + (*test_vector)->nonce_length = nonce_length; + (*test_vector)->aad_length = aad_length; + (*test_vector)->plaintext_length = plaintext_length; + (*test_vector)->ciphertext_and_tag_length = ciphertext_and_tag_length; + gsec_test_copy(key, &((*test_vector)->key), key_length); + gsec_test_copy(nonce, &((*test_vector)->nonce), nonce_length); + gsec_test_copy(aad, &((*test_vector)->aad), aad_length); + gsec_test_copy(plaintext, &((*test_vector)->plaintext), plaintext_length); + gsec_test_copy(ciphertext_and_tag, &((*test_vector)->ciphertext_and_tag), + ciphertext_and_tag_length); +} + +static void gsec_aead_free_test_vector(gsec_aead_test_vector* test_vector) { + gpr_free(test_vector->key); + gpr_free(test_vector->nonce); + gpr_free(test_vector->aad); + gpr_free(test_vector->plaintext); + gpr_free(test_vector->ciphertext_and_tag); + gpr_free(test_vector); +} + +static void gsec_test_create_random_aes_gcm_crypter(gsec_aead_crypter** crypter, + size_t key_length, + size_t nonce_length, + size_t tag_length, + bool rekey) { + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aes_gcm_aead_crypter_create(key, key_length, nonce_length, tag_length, + rekey, crypter, nullptr); + gpr_free(key); +} + +static void gsec_test_get_random_aes_gcm_crypters( + gsec_aead_crypter*** crypters) { + *crypters = static_cast<gsec_aead_crypter**>( + gpr_malloc(sizeof(gsec_aead_crypter*) * kTestNumCrypters)); + gsec_test_create_random_aes_gcm_crypter( + &((*crypters)[0]), kAes128GcmKeyLength, kAesGcmNonceLength, + kAesGcmTagLength, /*rekey=*/false); + gsec_test_create_random_aes_gcm_crypter( + &((*crypters)[1]), kAes256GcmKeyLength, kAesGcmNonceLength, + kAesGcmTagLength, /*rekey=*/false); + gsec_test_create_random_aes_gcm_crypter( + &((*crypters)[2]), kAes128GcmRekeyKeyLength, kAesGcmNonceLength, + kAesGcmTagLength, /*rekey=*/true); +} + +static void gsec_test_do_generic_crypter_tests() { + gsec_aead_crypter** crypters; + gsec_test_get_random_aes_gcm_crypters(&crypters); + size_t ind; + for (ind = 0; ind < kTestNumCrypters; ind++) { + gsec_test_encrypt_decrypt(crypters[ind]); + gsec_test_multiple_encrypt_decrypt(crypters[ind]); + gsec_test_encryption_failure(crypters[ind]); + gsec_test_decryption_failure(crypters[ind]); + } + for (ind = 0; ind < kTestNumCrypters; ind++) { + gsec_aead_crypter_destroy(crypters[ind]); + } + gpr_free(crypters); +} + +static void gsec_test_do_vector_tests_rekey_nist() { + // NIST vectors from: + // http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf + // + // IEEE vectors from: + // http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf + // + // Key expanded by setting expandedKey = (key||(key ^ {0x01, .., 0x01})||key ^ + // {0x02,..,0x02}))[0:44]. + + gsec_aead_test_vector vec; + + // Derived from NIST test vector 1 + uint8_t nonce_0[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; + uint8_t aad_0[1] = {}; + uint8_t key_0[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, + 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2, + 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2}; + uint8_t plaintext_0[1] = {}; + uint8_t ciphertext_0[] = {0x85, 0xE8, 0x73, 0xE0, 0x2, 0xF6, 0xEB, 0xDC, + 0x40, 0x60, 0x95, 0x4E, 0xB8, 0x67, 0x55, 0x8}; + vec = {nonce_0, aad_0, key_0, plaintext_0, ciphertext_0, 12, 0, 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from NIST test vector 2 + uint8_t nonce_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; + uint8_t aad_1[1] = {}; + uint8_t key_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, + 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2, + 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2, 0x2}; + uint8_t plaintext_1[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; + uint8_t ciphertext_1[] = {0x51, 0xE9, 0xA8, 0xCB, 0x23, 0xCA, 0x25, 0x12, + 0xC8, 0x25, 0x6A, 0xFF, 0xF8, 0xE7, 0x2D, 0x68, + 0x1A, 0xCA, 0x19, 0xA1, 0x14, 0x8A, 0xC1, 0x15, + 0xE8, 0x3D, 0xF4, 0x88, 0x8C, 0xC0, 0xD, 0x11}; + vec = {nonce_1, aad_1, key_1, plaintext_1, ciphertext_1, 12, 0, 44, 16, 32}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from NIST test vector 3 + uint8_t nonce_2[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_2[1] = {}; + uint8_t key_2[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_2[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, + 0xC5, 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, + 0xF7, 0xDA, 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, + 0x3C, 0xC, 0x95, 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, + 0x49, 0xA6, 0xB5, 0x25, 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, + 0x57, 0xBA, 0x63, 0x7B, 0x39, 0x1A, 0xAF, 0xD2, 0x55}; + uint8_t ciphertext_2[] = { + 0x10, 0x18, 0xED, 0x5A, 0x14, 0x2, 0xA8, 0x65, 0x16, 0xD6, 0x57, 0x6D, + 0x70, 0xB2, 0xFF, 0xCC, 0xCA, 0x26, 0x1B, 0x94, 0xDF, 0x88, 0xB5, 0x8F, + 0x53, 0xB6, 0x4D, 0xFB, 0xA4, 0x35, 0xD1, 0x8B, 0x2F, 0x6E, 0x3B, 0x78, + 0x69, 0xF9, 0x35, 0x3D, 0x4A, 0xC8, 0xCF, 0x9, 0xAF, 0xB1, 0x66, 0x3D, + 0xAA, 0x7B, 0x40, 0x17, 0xE6, 0xFC, 0x2C, 0x17, 0x7C, 0xC, 0x8, 0x7C, + 0xD, 0xF1, 0x16, 0x21, 0x29, 0x95, 0x22, 0x13, 0xCE, 0xE1, 0xBC, 0x6E, + 0x9C, 0x84, 0x95, 0xDD, 0x70, 0x5E, 0x1F, 0x3D}; + vec = {nonce_2, aad_2, key_2, plaintext_2, ciphertext_2, 12, 0, 44, 64, 80}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from NIST test vector 4 + uint8_t nonce_3[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_3[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_3[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_3[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_3[] = { + 0x10, 0x18, 0xED, 0x5A, 0x14, 0x2, 0xA8, 0x65, 0x16, 0xD6, 0x57, + 0x6D, 0x70, 0xB2, 0xFF, 0xCC, 0xCA, 0x26, 0x1B, 0x94, 0xDF, 0x88, + 0xB5, 0x8F, 0x53, 0xB6, 0x4D, 0xFB, 0xA4, 0x35, 0xD1, 0x8B, 0x2F, + 0x6E, 0x3B, 0x78, 0x69, 0xF9, 0x35, 0x3D, 0x4A, 0xC8, 0xCF, 0x9, + 0xAF, 0xB1, 0x66, 0x3D, 0xAA, 0x7B, 0x40, 0x17, 0xE6, 0xFC, 0x2C, + 0x17, 0x7C, 0xC, 0x8, 0x7C, 0x47, 0x64, 0x56, 0x5D, 0x7, 0x7E, + 0x91, 0x24, 0x0, 0x1D, 0xDB, 0x27, 0xFC, 0x8, 0x48, 0xC5}; + vec = {nonce_3, aad_3, key_3, plaintext_3, ciphertext_3, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from adapted NIST test vector 4 for KDF counter boundary (flip + // nonce bit 15) + uint8_t nonce_4[] = {0xCA, 0x7E, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_4[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_4[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_4[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_4[] = { + 0xE6, 0x50, 0xD3, 0xC0, 0xFB, 0x87, 0x93, 0x27, 0xF2, 0xD0, 0x32, + 0x87, 0xFA, 0x93, 0xCD, 0x7, 0x34, 0x2B, 0x13, 0x62, 0x15, 0xAD, + 0xBC, 0xA0, 0xC, 0x3B, 0xD5, 0x9, 0x9E, 0xC4, 0x18, 0x32, 0xB1, + 0xD1, 0x8E, 0x4, 0x23, 0xED, 0x26, 0xBB, 0x12, 0xC6, 0xCD, 0x9, + 0xDE, 0xBB, 0x29, 0x23, 0xA, 0x94, 0xC0, 0xCE, 0xE1, 0x59, 0x3, + 0x65, 0x6F, 0x85, 0xED, 0xB6, 0xFC, 0x50, 0x9B, 0x1B, 0x28, 0x21, + 0x63, 0x82, 0x17, 0x2E, 0xCB, 0xCC, 0x31, 0xE1, 0xE9, 0xB1}; + vec = {nonce_4, aad_4, key_4, plaintext_4, ciphertext_4, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from adapted NIST test vector 4 for KDF counter boundary (flip + // nonce bit 16) + uint8_t nonce_5[] = {0xCA, 0xFE, 0xBB, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_5[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_5[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_5[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_5[] = { + 0xC0, 0x12, 0x1E, 0x6C, 0x95, 0x4D, 0x7, 0x67, 0xF9, 0x66, 0x30, + 0xC3, 0x34, 0x50, 0x99, 0x97, 0x91, 0xB2, 0xDA, 0x2A, 0xD0, 0x5C, + 0x41, 0x90, 0x16, 0x9C, 0xCA, 0xD9, 0xAC, 0x86, 0xFF, 0x1C, 0x72, + 0x1E, 0x3D, 0x82, 0xF2, 0xAD, 0x22, 0xAB, 0x46, 0x3B, 0xAB, 0x4A, + 0x7, 0x54, 0xB7, 0xDD, 0x68, 0xCA, 0x4D, 0xE7, 0xEA, 0x25, 0x31, + 0xB6, 0x25, 0xED, 0xA0, 0x1F, 0x89, 0x31, 0x2B, 0x2A, 0xB9, 0x57, + 0xD5, 0xC7, 0xF8, 0x56, 0x8D, 0xD9, 0x5F, 0xCD, 0xCD, 0x1F}; + vec = {nonce_5, aad_5, key_5, plaintext_5, ciphertext_5, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from adapted NIST test vector 4 for KDF counter boundary (flip + // nonce bit 63) + uint8_t nonce_6[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0x2D, 0xDE, 0xCA, 0xF8, 0x88}; + uint8_t aad_6[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_6[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_6[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_6[] = { + 0x8A, 0xF3, 0x7E, 0xA5, 0x68, 0x4A, 0x4D, 0x81, 0xD4, 0xFD, 0x81, + 0x72, 0x61, 0xFD, 0x97, 0x43, 0x9, 0x9E, 0x7E, 0x6A, 0x2, 0x5E, + 0xAA, 0xCF, 0x8E, 0x54, 0xB1, 0x24, 0xFB, 0x57, 0x43, 0x14, 0x9E, + 0x5, 0xCB, 0x89, 0xF4, 0xA4, 0x94, 0x67, 0xFE, 0x2E, 0x5E, 0x59, + 0x65, 0xF2, 0x9A, 0x19, 0xF9, 0x94, 0x16, 0xB0, 0x1, 0x6B, 0x54, + 0x58, 0x5D, 0x12, 0x55, 0x37, 0x83, 0xBA, 0x59, 0xE9, 0xF7, 0x82, + 0xE8, 0x2E, 0x9, 0x7C, 0x33, 0x6B, 0xF7, 0x98, 0x9F, 0x8}; + vec = {nonce_6, aad_6, key_6, plaintext_6, ciphertext_6, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from adapted NIST test vector 4 for KDF counter boundary (flip + // nonce bit 64) + uint8_t nonce_7[] = {0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDF, 0xCA, 0xF8, 0x88}; + uint8_t aad_7[] = {0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, + 0xEF, 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, + 0xBE, 0xEF, 0xAB, 0xAD, 0xDA, 0xD2}; + uint8_t key_7[] = {0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C, 0x6D, + 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x8, 0xFF, 0xFE, + 0xE8, 0x93, 0x87, 0x64, 0x72, 0x1D, 0x6C, 0x6B, 0x8E, + 0x95, 0x66, 0x31, 0x82, 0x9, 0xFC, 0xFD, 0xEB, 0x90, + 0x84, 0x67, 0x71, 0x1E, 0x6F, 0x68, 0x8D, 0x96}; + uint8_t plaintext_7[] = { + 0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x6, 0xE5, 0xA5, 0x59, 0x9, 0xC5, + 0xAF, 0xF5, 0x26, 0x9A, 0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA, + 0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72, 0x1C, 0x3C, 0xC, 0x95, + 0x95, 0x68, 0x9, 0x53, 0x2F, 0xCF, 0xE, 0x24, 0x49, 0xA6, 0xB5, 0x25, + 0xB1, 0x6A, 0xED, 0xF5, 0xAA, 0xD, 0xE6, 0x57, 0xBA, 0x63, 0x7B, 0x39}; + uint8_t ciphertext_7[] = { + 0xFB, 0xD5, 0x28, 0x44, 0x8D, 0x3, 0x46, 0xBF, 0xA8, 0x78, 0x63, + 0x48, 0x64, 0xD4, 0x7, 0xA3, 0x5A, 0x3, 0x9D, 0xE9, 0xDB, 0x2F, + 0x1F, 0xEB, 0x8E, 0x96, 0x5B, 0x3A, 0xE9, 0x35, 0x6C, 0xE6, 0x28, + 0x94, 0x41, 0xD7, 0x7F, 0x8F, 0xD, 0xF2, 0x94, 0x89, 0x1F, 0x37, + 0xEA, 0x43, 0x8B, 0x22, 0x3E, 0x3B, 0xF2, 0xBD, 0xC5, 0x3D, 0x4C, + 0x5A, 0x74, 0xFB, 0x68, 0xB, 0xB3, 0x12, 0xA8, 0xDE, 0xC6, 0xF7, + 0x25, 0x2C, 0xBC, 0xD7, 0xF5, 0x79, 0x97, 0x50, 0xAD, 0x78}; + vec = {nonce_7, aad_7, key_7, plaintext_7, ciphertext_7, 12, 20, 44, 60, 76}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); +} + +static void gsec_test_do_vector_tests_rekey_ieee() { + // IEEE vectors from: + // http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf + // + // Key expanded by setting expandedKey = (key||(key ^ {0x01, .., 0x01})||key ^ + // {0x02,..,0x02}))[0:44]. + + gsec_aead_test_vector vec; + + // Derived from IEEE 2.1.1 54-byte auth + uint8_t nonce_8[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, + 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65}; + uint8_t aad_8[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, 0xD, 0x46, 0xDF, + 0x99, 0x8D, 0x88, 0xE5, 0x22, 0x2A, 0xB2, 0xC2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, 0x8, 0x0, + 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x1}; + uint8_t key_8[] = {0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, 0x6F, + 0x62, 0xF, 0xDC, 0xB5, 0x6, 0xB3, 0x45, 0xAC, 0x7B, + 0x2A, 0xD1, 0x3F, 0xAD, 0x82, 0x5B, 0x6E, 0x63, 0xE, + 0xDD, 0xB4, 0x7, 0xB2, 0x44, 0xAF, 0x78, 0x29, 0xD2, + 0x3C, 0xAE, 0x81, 0x58, 0x6D, 0x60, 0xD, 0xDE}; + uint8_t plaintext_8[1] = {}; + uint8_t ciphertext_8[] = {0x3E, 0xA0, 0xB5, 0x84, 0xF3, 0xC8, 0x5E, 0x93, + 0xF9, 0x32, 0xE, 0xA5, 0x91, 0x69, 0x9E, 0xFB}; + vec = {nonce_8, aad_8, key_8, plaintext_8, ciphertext_8, 12, 70, 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.1.2 54-byte auth + uint8_t nonce_9[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, + 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65}; + uint8_t aad_9[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, 0xD, 0x46, 0xDF, + 0x99, 0x8D, 0x88, 0xE5, 0x22, 0x2A, 0xB2, 0xC2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, 0x8, 0x0, + 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x1}; + uint8_t key_9[] = {0xE3, 0xC0, 0x8A, 0x8F, 0x6, 0xC6, 0xE3, 0xAD, 0x95, + 0xA7, 0x5, 0x57, 0xB2, 0x3F, 0x75, 0x48, 0x3C, 0xE3, + 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, 0x25, 0x66, 0x62, + 0x4, 0xC6, 0x9C, 0xB, 0x72, 0xE1, 0xC2, 0x88, 0x8D, + 0x4, 0xC4, 0xE1, 0xAF, 0x97, 0xA5, 0x7, 0x55}; + uint8_t plaintext_9[1] = {}; + uint8_t ciphertext_9[] = {0x29, 0x4E, 0x2, 0x8B, 0xF1, 0xFE, 0x6F, 0x14, + 0xC4, 0xE8, 0xF7, 0x30, 0x5C, 0x93, 0x3E, 0xB5}; + vec = {nonce_9, aad_9, key_9, plaintext_9, ciphertext_9, 12, 70, 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.2.1 60-byte crypt + uint8_t nonce_10[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, + 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65}; + uint8_t aad_10[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, + 0xD, 0x46, 0xDF, 0x99, 0x8D, 0x88, 0xE5, + 0x2E, 0x0, 0xB2, 0xC2, 0x84, 0x65, 0x12, + 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81}; + uint8_t key_10[] = {0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, 0x6F, + 0x62, 0xF, 0xDC, 0xB5, 0x6, 0xB3, 0x45, 0xAC, 0x7B, + 0x2A, 0xD1, 0x3F, 0xAD, 0x82, 0x5B, 0x6E, 0x63, 0xE, + 0xDD, 0xB4, 0x7, 0xB2, 0x44, 0xAF, 0x78, 0x29, 0xD2, + 0x3C, 0xAE, 0x81, 0x58, 0x6D, 0x60, 0xD, 0xDE}; + uint8_t plaintext_10[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x2}; + uint8_t ciphertext_10[] = { + 0xDB, 0x3D, 0x25, 0x71, 0x9C, 0x6B, 0xA, 0x3C, 0xA6, 0x14, 0x5C, + 0x15, 0x9D, 0x5C, 0x6E, 0xD9, 0xAF, 0xF9, 0xC6, 0xE0, 0xB7, 0x9F, + 0x17, 0x1, 0x9E, 0xA9, 0x23, 0xB8, 0x66, 0x5D, 0xDF, 0x52, 0x13, + 0x7A, 0xD6, 0x11, 0xF0, 0xD1, 0xBF, 0x41, 0x7A, 0x7C, 0xA8, 0x5E, + 0x45, 0xAF, 0xE1, 0x6, 0xFF, 0x9C, 0x75, 0x69, 0xD3, 0x35, 0xD0, + 0x86, 0xAE, 0x6C, 0x3, 0xF0, 0x9, 0x87, 0xCC, 0xD6}; + vec = {nonce_10, aad_10, key_10, plaintext_10, ciphertext_10, + 12, 28, 44, 48, 64}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.2.2 60-byte crypt + uint8_t nonce_11[] = {0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, + 0x5E, 0x81, 0xB2, 0xC2, 0x84, 0x65}; + uint8_t aad_11[] = {0xD6, 0x9, 0xB1, 0xF0, 0x56, 0x63, 0x7A, + 0xD, 0x46, 0xDF, 0x99, 0x8D, 0x88, 0xE5, + 0x2E, 0x0, 0xB2, 0xC2, 0x84, 0x65, 0x12, + 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81}; + uint8_t key_11[] = {0xE3, 0xC0, 0x8A, 0x8F, 0x6, 0xC6, 0xE3, 0xAD, 0x95, + 0xA7, 0x5, 0x57, 0xB2, 0x3F, 0x75, 0x48, 0x3C, 0xE3, + 0x30, 0x21, 0xA9, 0xC7, 0x2B, 0x70, 0x25, 0x66, 0x62, + 0x4, 0xC6, 0x9C, 0xB, 0x72, 0xE1, 0xC2, 0x88, 0x8D, + 0x4, 0xC4, 0xE1, 0xAF, 0x97, 0xA5, 0x7, 0x55}; + uint8_t plaintext_11[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x2}; + uint8_t ciphertext_11[] = { + 0x16, 0x41, 0xF2, 0x8E, 0xC1, 0x3A, 0xFC, 0xC8, 0xF7, 0x90, 0x33, + 0x89, 0x78, 0x72, 0x1, 0x5, 0x16, 0x44, 0x91, 0x49, 0x33, 0xE9, + 0x20, 0x2B, 0xB9, 0xD0, 0x6A, 0xA0, 0x20, 0xC2, 0xA6, 0x7E, 0xF5, + 0x1D, 0xFE, 0x7B, 0xC0, 0xA, 0x85, 0x6C, 0x55, 0xB8, 0xF8, 0x13, + 0x3E, 0x77, 0xF6, 0x59, 0x13, 0x25, 0x2, 0xBA, 0xD6, 0x3F, 0x57, + 0x13, 0xD5, 0x7D, 0xC, 0x11, 0xE0, 0xF8, 0x71, 0xED}; + vec = {nonce_11, aad_11, key_11, plaintext_11, ciphertext_11, + 12, 28, 44, 48, 64}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.3.1 60-byte auth + uint8_t nonce_12[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED}; + uint8_t aad_12[] = { + 0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x88, 0xE5, 0x40, 0x0, 0x76, 0xD4, 0x57, 0xED, 0x8, 0x0, 0xF, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x3}; + uint8_t key_12[] = {0x7, 0x1B, 0x11, 0x3B, 0xC, 0xA7, 0x43, 0xFE, 0xCC, + 0xCF, 0x3D, 0x5, 0x1F, 0x73, 0x73, 0x82, 0x6, 0x1A, + 0x10, 0x3A, 0xD, 0xA6, 0x42, 0xFF, 0xCD, 0xCE, 0x3C, + 0x4, 0x1E, 0x72, 0x72, 0x83, 0x5, 0x19, 0x13, 0x39, + 0xE, 0xA5, 0x41, 0xFC, 0xCE, 0xCD, 0x3F, 0x7}; + uint8_t plaintext_12[1] = {}; + uint8_t ciphertext_12[] = {0x58, 0x83, 0x7A, 0x10, 0x56, 0x2B, 0xF, 0x1F, + 0x8E, 0xDB, 0xE5, 0x8C, 0xA5, 0x58, 0x11, 0xD3}; + vec = {nonce_12, aad_12, key_12, plaintext_12, ciphertext_12, 12, 68, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.3.2 60-byte auth + uint8_t nonce_13[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED}; + uint8_t aad_13[] = { + 0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x88, 0xE5, 0x40, 0x0, 0x76, 0xD4, 0x57, 0xED, 0x8, 0x0, 0xF, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x0, 0x3}; + uint8_t key_13[] = {0x69, 0x1D, 0x3E, 0xE9, 0x9, 0xD7, 0xF5, 0x41, 0x67, + 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x8, 0x1F, 0x2B, + 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, 0xAB, 0x80, 0xBD, + 0x52, 0x95, 0xAE, 0x6B, 0xE7, 0x6B, 0x1F, 0x3C, 0xEB, + 0xB, 0xD5, 0xF7, 0x43, 0x65, 0xFF, 0x1E, 0xA2}; + uint8_t plaintext_13[1] = {}; + uint8_t ciphertext_13[] = {0xC2, 0x72, 0x2F, 0xF6, 0xCA, 0x29, 0xA2, 0x57, + 0x71, 0x8A, 0x52, 0x9D, 0x1F, 0xC, 0x6A, 0x3B}; + vec = {nonce_13, aad_13, key_13, plaintext_13, ciphertext_13, 12, 68, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.4.1 54-byte crypt + uint8_t nonce_14[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED}; + uint8_t aad_14[] = {0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, + 0x76, 0x1E, 0x8D, 0xCD, 0x3D, 0x88, 0xE5, + 0x4C, 0x2A, 0x76, 0xD4, 0x57, 0xED}; + uint8_t key_14[] = {0x7, 0x1B, 0x11, 0x3B, 0xC, 0xA7, 0x43, 0xFE, 0xCC, + 0xCF, 0x3D, 0x5, 0x1F, 0x73, 0x73, 0x82, 0x6, 0x1A, + 0x10, 0x3A, 0xD, 0xA6, 0x42, 0xFF, 0xCD, 0xCE, 0x3C, + 0x4, 0x1E, 0x72, 0x72, 0x83, 0x5, 0x19, 0x13, 0x39, + 0xE, 0xA5, 0x41, 0xFC, 0xCE, 0xCD, 0x3F, 0x7}; + uint8_t plaintext_14[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x4}; + uint8_t ciphertext_14[] = { + 0xFD, 0x96, 0xB7, 0x15, 0xB9, 0x3A, 0x13, 0x34, 0x6A, 0xF5, 0x1E, 0x8A, + 0xCD, 0xF7, 0x92, 0xCD, 0xC7, 0xB2, 0x68, 0x6F, 0x85, 0x74, 0xC7, 0xE, + 0x6B, 0xC, 0xBF, 0x16, 0x29, 0x1D, 0xED, 0x42, 0x7A, 0xD7, 0x3F, 0xEC, + 0x48, 0xCD, 0x29, 0x8E, 0x5, 0x28, 0xA1, 0xF4, 0xC6, 0x44, 0xA9, 0x49, + 0xFC, 0x31, 0xDC, 0x92, 0x79, 0x70, 0x6D, 0xDB, 0xA3, 0x3F}; + vec = {nonce_14, aad_14, key_14, plaintext_14, ciphertext_14, + 12, 20, 44, 42, 58}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.4.2 54-byte crypt + uint8_t nonce_15[] = {0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, + 0x0, 0x1, 0x76, 0xD4, 0x57, 0xED}; + uint8_t aad_15[] = {0xE2, 0x1, 0x6, 0xD7, 0xCD, 0xD, 0xF0, + 0x76, 0x1E, 0x8D, 0xCD, 0x3D, 0x88, 0xE5, + 0x4C, 0x2A, 0x76, 0xD4, 0x57, 0xED}; + uint8_t key_15[] = {0x69, 0x1D, 0x3E, 0xE9, 0x9, 0xD7, 0xF5, 0x41, 0x67, + 0xFD, 0x1C, 0xA0, 0xB5, 0xD7, 0x69, 0x8, 0x1F, 0x2B, + 0xDE, 0x1A, 0xEE, 0x65, 0x5F, 0xDB, 0xAB, 0x80, 0xBD, + 0x52, 0x95, 0xAE, 0x6B, 0xE7, 0x6B, 0x1F, 0x3C, 0xEB, + 0xB, 0xD5, 0xF7, 0x43, 0x65, 0xFF, 0x1E, 0xA2}; + uint8_t plaintext_15[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x0, 0x4}; + uint8_t ciphertext_15[] = { + 0xB6, 0x8F, 0x63, 0x0, 0xC2, 0xE9, 0xAE, 0x83, 0x3B, 0xDC, 0x7, 0xE, + 0x24, 0x2, 0x1A, 0x34, 0x77, 0x11, 0x8E, 0x78, 0xCC, 0xF8, 0x4E, 0x11, + 0xA4, 0x85, 0xD8, 0x61, 0x47, 0x6C, 0x30, 0xF, 0x17, 0x53, 0x53, 0xD5, + 0xCD, 0xF9, 0x20, 0x8, 0xA4, 0xF8, 0x78, 0xE6, 0xCC, 0x35, 0x77, 0x76, + 0x80, 0x85, 0xC5, 0xA, 0xE, 0x98, 0xFD, 0xA6, 0xCB, 0xB8}; + vec = {nonce_15, aad_15, key_15, plaintext_15, ciphertext_15, + 12, 20, 44, 42, 58}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.5.1 65-byte auth + uint8_t nonce_16[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, + 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12}; + uint8_t aad_16[] = { + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + 0x88, 0xE5, 0x23, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, 0xFD, 0xE9, 0xF9, + 0xE3, 0x37, 0x24, 0xC6, 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x0, 0x5}; + uint8_t key_16[] = {0x1, 0x3F, 0xE0, 0xB, 0x5F, 0x11, 0xBE, 0x7F, 0x86, + 0x6D, 0xC, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, 0x0, 0x3E, + 0xE1, 0xA, 0x5E, 0x10, 0xBF, 0x7E, 0x87, 0x6C, 0xD, + 0xBA, 0xC4, 0x5B, 0x7B, 0x91, 0x3, 0x3D, 0xE2, 0x9, + 0x5D, 0x13, 0xBC, 0x7D, 0x84, 0x6F, 0xE, 0xB9}; + uint8_t plaintext_16[1] = {}; + uint8_t ciphertext_16[] = {0xCC, 0xA2, 0xE, 0xEC, 0xDA, 0x62, 0x83, 0xF0, + 0x9B, 0xB3, 0x54, 0x3D, 0xD9, 0x9E, 0xDB, 0x9B}; + vec = {nonce_16, aad_16, key_16, plaintext_16, ciphertext_16, 12, 81, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.5.2 65-byte auth + uint8_t nonce_17[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, + 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12}; + uint8_t aad_17[] = { + 0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, 0xE5, 0xBB, 0xD2, 0x72, 0x77, + 0x88, 0xE5, 0x23, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, 0xFD, 0xE9, 0xF9, + 0xE3, 0x37, 0x24, 0xC6, 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x0, 0x5}; + uint8_t key_17[] = {0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, 0xC0, + 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, 0x9A, 0xC1, + 0xC8, 0xF, 0xEE, 0x1B, 0x62, 0x44, 0x97, 0xEF, 0x94, + 0x2E, 0x2F, 0x79, 0xA8, 0x23, 0x81, 0xC2, 0x91, 0xB7, + 0x8F, 0xE5, 0xFD, 0xE3, 0xC2, 0xD8, 0x90, 0x68}; + uint8_t plaintext_17[1] = {}; + uint8_t ciphertext_17[] = {0xB2, 0x32, 0xCC, 0x1D, 0xA5, 0x11, 0x7B, 0xF1, + 0x50, 0x3, 0x73, 0x4F, 0xA5, 0x99, 0xD2, 0x71}; + vec = {nonce_17, aad_17, key_17, plaintext_17, ciphertext_17, 12, 81, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.6.1 61-byte crypt + uint8_t nonce_18[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, + 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12}; + uint8_t aad_18[] = {0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, + 0xE5, 0xBB, 0xD2, 0x72, 0x77, 0x88, 0xE5, + 0x2F, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, + 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6}; + uint8_t key_18[] = {0x1, 0x3F, 0xE0, 0xB, 0x5F, 0x11, 0xBE, 0x7F, 0x86, + 0x6D, 0xC, 0xBB, 0xC5, 0x5A, 0x7A, 0x90, 0x0, 0x3E, + 0xE1, 0xA, 0x5E, 0x10, 0xBF, 0x7E, 0x87, 0x6C, 0xD, + 0xBA, 0xC4, 0x5B, 0x7B, 0x91, 0x3, 0x3D, 0xE2, 0x9, + 0x5D, 0x13, 0xBC, 0x7D, 0x84, 0x6F, 0xE, 0xB9}; + uint8_t plaintext_18[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, + 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x0, 0x6}; + uint8_t ciphertext_18[] = { + 0xFF, 0x19, 0x10, 0xD3, 0x5A, 0xD7, 0xE5, 0x65, 0x78, 0x90, 0xC7, + 0xC5, 0x60, 0x14, 0x6F, 0xD0, 0x38, 0x70, 0x7F, 0x20, 0x4B, 0x66, + 0xED, 0xBC, 0x3D, 0x16, 0x1F, 0x8A, 0xCE, 0x24, 0x4B, 0x98, 0x59, + 0x21, 0x2, 0x3C, 0x43, 0x6E, 0x3A, 0x1C, 0x35, 0x32, 0xEC, 0xD5, + 0xD0, 0x9A, 0x5, 0x6D, 0x70, 0xBE, 0x58, 0x3F, 0xD, 0x10, 0x82, + 0x9D, 0x93, 0x87, 0xD0, 0x7D, 0x33, 0xD8, 0x72, 0xE4, 0x90}; + vec = {nonce_18, aad_18, key_18, plaintext_18, ciphertext_18, + 12, 28, 44, 49, 65}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.6.2 61-byte crypt + uint8_t nonce_19[] = {0x7C, 0xFD, 0xE9, 0xF9, 0xE3, 0x37, + 0x24, 0xC6, 0x89, 0x32, 0xD6, 0x12}; + uint8_t aad_19[] = {0x84, 0xC5, 0xD5, 0x13, 0xD2, 0xAA, 0xF6, + 0xE5, 0xBB, 0xD2, 0x72, 0x77, 0x88, 0xE5, + 0x2F, 0x0, 0x89, 0x32, 0xD6, 0x12, 0x7C, + 0xFD, 0xE9, 0xF9, 0xE3, 0x37, 0x24, 0xC6}; + uint8_t key_19[] = {0x83, 0xC0, 0x93, 0xB5, 0x8D, 0xE7, 0xFF, 0xE1, 0xC0, + 0xDA, 0x92, 0x6A, 0xC4, 0x3F, 0xB3, 0x60, 0x9A, 0xC1, + 0xC8, 0xF, 0xEE, 0x1B, 0x62, 0x44, 0x97, 0xEF, 0x94, + 0x2E, 0x2F, 0x79, 0xA8, 0x23, 0x81, 0xC2, 0x91, 0xB7, + 0x8F, 0xE5, 0xFD, 0xE3, 0xC2, 0xD8, 0x90, 0x68}; + uint8_t plaintext_19[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, + 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x0, 0x6}; + uint8_t ciphertext_19[] = { + 0xD, 0xB4, 0xCF, 0x95, 0x6B, 0x5F, 0x97, 0xEC, 0xA4, 0xEA, 0xB8, + 0x2A, 0x69, 0x55, 0x30, 0x7F, 0x9A, 0xE0, 0x2A, 0x32, 0xDD, 0x7D, + 0x93, 0xF8, 0x3D, 0x66, 0xAD, 0x4, 0xE1, 0xCF, 0xDC, 0x51, 0x82, + 0xAD, 0x12, 0xAB, 0xDE, 0xA5, 0xBB, 0xB6, 0x19, 0xA1, 0xBD, 0x5F, + 0xB9, 0xA5, 0x73, 0x59, 0xF, 0xBA, 0x90, 0x8E, 0x9C, 0x7A, 0x46, + 0xC1, 0xF7, 0xBA, 0x9, 0x5, 0xD1, 0xB5, 0x5F, 0xFD, 0xA4}; + vec = {nonce_19, aad_19, key_19, plaintext_19, ciphertext_19, + 12, 28, 44, 49, 65}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.7.1 79-byte crypt + uint8_t nonce_20[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t aad_20[] = { + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, + 0xC5, 0x88, 0xE5, 0x41, 0x0, 0x2E, 0x58, 0x49, 0x5C, 0x8, 0x0, + 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, + 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, + 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x0, 0x7}; + uint8_t key_20[] = {0x88, 0xEE, 0x8, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, 0xF6, + 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, 0x89, 0xEF, + 0x9, 0x7E, 0xD8, 0x5C, 0xA8, 0xFA, 0xF7, 0x73, 0x5B, + 0xA8, 0xD6, 0x56, 0xB1, 0xCC, 0x8A, 0xEC, 0xA, 0x7D, + 0xDB, 0x5F, 0xAB, 0xF9, 0xF4, 0x70, 0x58, 0xAB}; + uint8_t plaintext_20[1] = {}; + uint8_t ciphertext_20[] = {0x81, 0x3F, 0xE, 0x63, 0xF, 0x96, 0xFB, 0x2D, + 0x3, 0xF, 0x58, 0xD8, 0x3F, 0x5C, 0xDF, 0xD0}; + vec = {nonce_20, aad_20, key_20, plaintext_20, ciphertext_20, 12, 87, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.7.2 79-byte crypt + uint8_t nonce_21[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t aad_21[] = { + 0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, 0xE8, 0xE2, 0xCA, 0x4E, + 0xC5, 0x88, 0xE5, 0x41, 0x0, 0x2E, 0x58, 0x49, 0x5C, 0x8, 0x0, + 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, + 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, + 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x0, 0x7}; + uint8_t key_21[] = {0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, 0x74, + 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, 0x1F, 0xCE, + 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, 0x1A, 0x2C, 0xAA, + 0xF, 0xFE, 0x4, 0x7, 0xE5, 0x4E, 0x95, 0x3F, 0xBE, + 0x71, 0x66, 0x60, 0x14, 0x76, 0xFA, 0xB7, 0xBA}; + uint8_t plaintext_21[1] = {}; + uint8_t ciphertext_21[] = {0x77, 0xE5, 0xA4, 0x4C, 0x21, 0xEB, 0x7, 0x18, + 0x8A, 0xAC, 0xBD, 0x74, 0xD1, 0x98, 0xE, 0x97}; + vec = {nonce_21, aad_21, key_21, plaintext_21, ciphertext_21, 12, 87, + 44, 0, 16}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.8.1 61-byte crypt + uint8_t nonce_22[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t aad_22[] = {0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, + 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, 0x88, 0xE5, + 0x4D, 0x0, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t key_22[] = {0x88, 0xEE, 0x8, 0x7F, 0xD9, 0x5D, 0xA9, 0xFB, 0xF6, + 0x72, 0x5A, 0xA9, 0xD7, 0x57, 0xB0, 0xCD, 0x89, 0xEF, + 0x9, 0x7E, 0xD8, 0x5C, 0xA8, 0xFA, 0xF7, 0x73, 0x5B, + 0xA8, 0xD6, 0x56, 0xB1, 0xCC, 0x8A, 0xEC, 0xA, 0x7D, + 0xDB, 0x5F, 0xAB, 0xF9, 0xF4, 0x70, 0x58, 0xAB}; + uint8_t plaintext_22[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x0, 0x8}; + uint8_t ciphertext_22[] = { + 0x95, 0x8E, 0xC3, 0xF6, 0xD6, 0xA, 0xFE, 0xDA, 0x99, 0xEF, 0xD8, 0x88, + 0xF1, 0x75, 0xE5, 0xFC, 0xD4, 0xC8, 0x7B, 0x9B, 0xCC, 0x5C, 0x2F, 0x54, + 0x26, 0x25, 0x3A, 0x8B, 0x50, 0x62, 0x96, 0xC8, 0xC4, 0x33, 0x9, 0xAB, + 0x2A, 0xDB, 0x59, 0x39, 0x46, 0x25, 0x41, 0xD9, 0x5E, 0x80, 0x81, 0x1E, + 0x4, 0xE7, 0x6, 0xB1, 0x49, 0x8F, 0x2C, 0x40, 0x7C, 0x7F, 0xB2, 0x34, + 0xF8, 0xCC, 0x1, 0xA6, 0x47, 0x55, 0xE, 0xE6, 0xB5, 0x57, 0xB3, 0x5A, + 0x7E, 0x39, 0x45, 0x38, 0x18, 0x21, 0xF4}; + vec = {nonce_22, aad_22, key_22, plaintext_22, ciphertext_22, + 12, 20, 44, 63, 79}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); + + // Derived from IEEE 2.8.2 61-byte crypt + uint8_t nonce_23[] = {0x7A, 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, + 0x0, 0x1, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t aad_23[] = {0x68, 0xF2, 0xE7, 0x76, 0x96, 0xCE, 0x7A, + 0xE8, 0xE2, 0xCA, 0x4E, 0xC5, 0x88, 0xE5, + 0x4D, 0x0, 0x2E, 0x58, 0x49, 0x5C}; + uint8_t key_23[] = {0x4C, 0x97, 0x3D, 0xBC, 0x73, 0x64, 0x62, 0x16, 0x74, + 0xF8, 0xB5, 0xB8, 0x9E, 0x5C, 0x15, 0x51, 0x1F, 0xCE, + 0xD9, 0x21, 0x64, 0x90, 0xFB, 0x1C, 0x1A, 0x2C, 0xAA, + 0xF, 0xFE, 0x4, 0x7, 0xE5, 0x4E, 0x95, 0x3F, 0xBE, + 0x71, 0x66, 0x60, 0x14, 0x76, 0xFA, 0xB7, 0xBA}; + uint8_t plaintext_23[] = { + 0x8, 0x0, 0xF, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x0, 0x8}; + uint8_t ciphertext_23[] = { + 0xB4, 0x4D, 0x7, 0x20, 0x11, 0xCD, 0x36, 0xD2, 0x72, 0xA9, 0xB7, 0xA9, + 0x8D, 0xB9, 0xAA, 0x90, 0xCB, 0xC5, 0xC6, 0x7B, 0x93, 0xDD, 0xCE, 0x67, + 0xC8, 0x54, 0x50, 0x32, 0x14, 0xE2, 0xE8, 0x96, 0xEC, 0x7E, 0x9D, 0xB6, + 0x49, 0xED, 0x4B, 0xCF, 0x6F, 0x85, 0xA, 0xAC, 0x2, 0x23, 0xD0, 0xCF, + 0x92, 0xC8, 0x3D, 0xB8, 0x7, 0x95, 0xC3, 0xA1, 0x7E, 0xCC, 0x12, 0x48, + 0xBB, 0x0, 0x59, 0x17, 0x12, 0xB1, 0xAE, 0x71, 0xE2, 0x68, 0x16, 0x41, + 0x96, 0x25, 0x21, 0x62, 0x81, 0xB, 0x0}; + vec = {nonce_23, aad_23, key_23, plaintext_23, ciphertext_23, + 12, 20, 44, 63, 79}; + gsec_test_verify_crypter_on_test_vector(&vec, /*rekey=*/true); +} + +static void gsec_test_do_vector_tests_nist() { + /** + * From: + * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/ + * gcm-revised-spec.pdf + */ + + /* Test vector 1 */ + gsec_aead_test_vector* test_vector_1; + const uint8_t test_vector_1_key[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_1_nonce[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_1_aad[1] = {}; + const uint8_t test_vector_1_plaintext[1] = {}; + const uint8_t test_vector_1_ciphertext_and_tag[] = { + 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, + 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a}; + gsec_aead_malloc_test_vector( + &test_vector_1, test_vector_1_key, + sizeof(test_vector_1_key) / sizeof(uint8_t), test_vector_1_nonce, + sizeof(test_vector_1_nonce) / sizeof(uint8_t), test_vector_1_aad, 0, + test_vector_1_plaintext, 0, test_vector_1_ciphertext_and_tag, + sizeof(test_vector_1_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_1); + gsec_aead_free_test_vector(test_vector_1); + + /* Test vector 2 */ + gsec_aead_test_vector* test_vector_2; + const uint8_t test_vector_2_key[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_2_nonce[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_2_aad[1] = {}; + const uint8_t test_vector_2_plaintext[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00}; + const uint8_t test_vector_2_ciphertext_and_tag[] = { + 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, 0xf3, 0x28, 0xc2, + 0xb9, 0x71, 0xb2, 0xfe, 0x78, 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, + 0x13, 0xbd, 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf}; + gsec_aead_malloc_test_vector( + &test_vector_2, test_vector_2_key, + sizeof(test_vector_2_key) / sizeof(uint8_t), test_vector_2_nonce, + sizeof(test_vector_2_nonce) / sizeof(uint8_t), test_vector_2_aad, 0, + test_vector_2_plaintext, + sizeof(test_vector_2_plaintext) / sizeof(uint8_t), + test_vector_2_ciphertext_and_tag, + sizeof(test_vector_2_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_2); + gsec_aead_free_test_vector(test_vector_2); + + /* Test vector 3 */ + gsec_aead_test_vector* test_vector_3; + const uint8_t test_vector_3_key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, + 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, + 0x67, 0x30, 0x83, 0x08}; + const uint8_t test_vector_3_nonce[] = {0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, + 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88}; + const uint8_t test_vector_3_aad[1] = {}; + const uint8_t test_vector_3_plaintext[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, + 0xc5, 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, + 0xf7, 0xda, 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, + 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, + 0x49, 0xa6, 0xb5, 0x25, 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, + 0x57, 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55}; + const uint8_t test_vector_3_ciphertext_and_tag[] = { + 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, 0xb7, + 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, + 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21, 0xd5, 0x14, 0xb2, + 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, + 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, 0x3d, 0x58, 0xe0, 0x91, + 0x47, 0x3f, 0x59, 0x85, 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, + 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4}; + gsec_aead_malloc_test_vector( + &test_vector_3, test_vector_3_key, + sizeof(test_vector_3_key) / sizeof(uint8_t), test_vector_3_nonce, + sizeof(test_vector_3_nonce) / sizeof(uint8_t), test_vector_3_aad, 0, + test_vector_3_plaintext, + sizeof(test_vector_3_plaintext) / sizeof(uint8_t), + test_vector_3_ciphertext_and_tag, + sizeof(test_vector_3_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_3); + gsec_aead_free_test_vector(test_vector_3); + + /* Test vector 4 */ + gsec_aead_test_vector* test_vector_4; + const uint8_t test_vector_4_key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, + 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, + 0x67, 0x30, 0x83, 0x08}; + const uint8_t test_vector_4_nonce[] = {0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, + 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88}; + const uint8_t test_vector_4_aad[] = {0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, + 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, + 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2}; + const uint8_t test_vector_4_plaintext[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, + 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95, + 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39}; + const uint8_t test_vector_4_ciphertext_and_tag[] = { + 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, + 0xb7, 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, + 0xa4, 0xe0, 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21, + 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a, + 0xac, 0x84, 0xaa, 0x05, 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, + 0x97, 0x3d, 0x58, 0xe0, 0x91, 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, + 0xa5, 0xdb, 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47}; + gsec_aead_malloc_test_vector( + &test_vector_4, test_vector_4_key, + sizeof(test_vector_4_key) / sizeof(uint8_t), test_vector_4_nonce, + sizeof(test_vector_4_nonce) / sizeof(uint8_t), test_vector_4_aad, + sizeof(test_vector_4_aad) / sizeof(uint8_t), test_vector_4_plaintext, + sizeof(test_vector_4_plaintext) / sizeof(uint8_t), + test_vector_4_ciphertext_and_tag, + sizeof(test_vector_4_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_4); + gsec_aead_free_test_vector(test_vector_4); +} + +static void gsec_test_do_vector_tests_ieee() { + /** + * From: + * http://www.ieee802.org/1/files/public/docs2011/ + * bn-randall-test-vectors-0511-v1.pdf + */ + + /* 2.1.1 54-byte auth */ + gsec_aead_test_vector* test_vector_5; + const uint8_t test_vector_5_key[] = {0xad, 0x7a, 0x2b, 0xd0, 0x3e, 0xac, + 0x83, 0x5a, 0x6f, 0x62, 0x0f, 0xdc, + 0xb5, 0x06, 0xb3, 0x45}; + const uint8_t test_vector_5_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, + 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65}; + const uint8_t test_vector_5_aad[] = { + 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, 0x99, 0x8d, + 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65, 0x12, 0x15, 0x35, 0x24, + 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, + 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x01}; + const uint8_t test_vector_5_plaintext[1] = {}; + const uint8_t test_vector_5_ciphertext_and_tag[] = { + 0xf0, 0x94, 0x78, 0xa9, 0xb0, 0x90, 0x07, 0xd0, + 0x6f, 0x46, 0xe9, 0xb6, 0xa1, 0xda, 0x25, 0xdd}; + gsec_aead_malloc_test_vector( + &test_vector_5, test_vector_5_key, + sizeof(test_vector_5_key) / sizeof(uint8_t), test_vector_5_nonce, + sizeof(test_vector_5_nonce) / sizeof(uint8_t), test_vector_5_aad, + sizeof(test_vector_5_aad) / sizeof(uint8_t), test_vector_5_plaintext, 0, + test_vector_5_ciphertext_and_tag, + sizeof(test_vector_5_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_5); + gsec_aead_free_test_vector(test_vector_5); + + /* 2.1.2 54-byte auth */ + gsec_aead_test_vector* test_vector_6; + const uint8_t test_vector_6_key[] = { + 0xe3, 0xc0, 0x8a, 0x8f, 0x06, 0xc6, 0xe3, 0xad, 0x95, 0xa7, 0x05, + 0x57, 0xb2, 0x3f, 0x75, 0x48, 0x3c, 0xe3, 0x30, 0x21, 0xa9, 0xc7, + 0x2b, 0x70, 0x25, 0x66, 0x62, 0x04, 0xc6, 0x9c, 0x0b, 0x72}; + + const uint8_t test_vector_6_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, + 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65}; + const uint8_t test_vector_6_aad[] = { + 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, 0x99, 0x8d, + 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65, 0x12, 0x15, 0x35, 0x24, + 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, + 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x01}; + const uint8_t test_vector_6_plaintext[1] = {}; + const uint8_t test_vector_6_ciphertext_and_tag[] = { + 0x2f, 0x0b, 0xc5, 0xaf, 0x40, 0x9e, 0x06, 0xd6, + 0x09, 0xea, 0x8b, 0x7d, 0x0f, 0xa5, 0xea, 0x50}; + gsec_aead_malloc_test_vector( + &test_vector_6, test_vector_6_key, + sizeof(test_vector_6_key) / sizeof(uint8_t), test_vector_6_nonce, + sizeof(test_vector_6_nonce) / sizeof(uint8_t), test_vector_6_aad, + sizeof(test_vector_6_aad) / sizeof(uint8_t), test_vector_6_plaintext, 0, + test_vector_6_ciphertext_and_tag, + sizeof(test_vector_6_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_6); + gsec_aead_free_test_vector(test_vector_6); + + /* 2.2.1 60-byte crypt */ + gsec_aead_test_vector* test_vector_7; + const uint8_t test_vector_7_key[] = {0xad, 0x7a, 0x2b, 0xd0, 0x3e, 0xac, + 0x83, 0x5a, 0x6f, 0x62, 0x0f, 0xdc, + 0xb5, 0x06, 0xb3, 0x45}; + + const uint8_t test_vector_7_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, + 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65}; + const uint8_t test_vector_7_aad[] = { + 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, + 0x99, 0x8d, 0x88, 0xe5, 0x2e, 0x00, 0xb2, 0xc2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81}; + const uint8_t test_vector_7_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x02}; + const uint8_t test_vector_7_ciphertext_and_tag[] = { + 0x70, 0x1a, 0xfa, 0x1c, 0xc0, 0x39, 0xc0, 0xd7, 0x65, 0x12, 0x8a, + 0x66, 0x5d, 0xab, 0x69, 0x24, 0x38, 0x99, 0xbf, 0x73, 0x18, 0xcc, + 0xdc, 0x81, 0xc9, 0x93, 0x1d, 0xa1, 0x7f, 0xbe, 0x8e, 0xdd, 0x7d, + 0x17, 0xcb, 0x8b, 0x4c, 0x26, 0xfc, 0x81, 0xe3, 0x28, 0x4f, 0x2b, + 0x7f, 0xba, 0x71, 0x3d, 0x4f, 0x8d, 0x55, 0xe7, 0xd3, 0xf0, 0x6f, + 0xd5, 0xa1, 0x3c, 0x0c, 0x29, 0xb9, 0xd5, 0xb8, 0x80}; + gsec_aead_malloc_test_vector( + &test_vector_7, test_vector_7_key, + sizeof(test_vector_7_key) / sizeof(uint8_t), test_vector_7_nonce, + sizeof(test_vector_7_nonce) / sizeof(uint8_t), test_vector_7_aad, + sizeof(test_vector_7_aad) / sizeof(uint8_t), test_vector_7_plaintext, + sizeof(test_vector_7_plaintext) / sizeof(uint8_t), + test_vector_7_ciphertext_and_tag, + sizeof(test_vector_7_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_7); + gsec_aead_free_test_vector(test_vector_7); + + /* 2.2.2 60-byte crypt */ + gsec_aead_test_vector* test_vector_8; + const uint8_t test_vector_8_key[] = { + 0xe3, 0xc0, 0x8a, 0x8f, 0x06, 0xc6, 0xe3, 0xad, 0x95, 0xa7, 0x05, + 0x57, 0xb2, 0x3f, 0x75, 0x48, 0x3c, 0xe3, 0x30, 0x21, 0xa9, 0xc7, + 0x2b, 0x70, 0x25, 0x66, 0x62, 0x04, 0xc6, 0x9c, 0x0b, 0x72}; + const uint8_t test_vector_8_nonce[] = {0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, + 0x5e, 0x81, 0xb2, 0xc2, 0x84, 0x65}; + const uint8_t test_vector_8_aad[] = { + 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, 0x46, 0xdf, + 0x99, 0x8d, 0x88, 0xe5, 0x2e, 0x00, 0xb2, 0xc2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81}; + const uint8_t test_vector_8_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x02}; + const uint8_t test_vector_8_ciphertext_and_tag[] = { + 0xe2, 0x00, 0x6e, 0xb4, 0x2f, 0x52, 0x77, 0x02, 0x2d, 0x9b, 0x19, + 0x92, 0x5b, 0xc4, 0x19, 0xd7, 0xa5, 0x92, 0x66, 0x6c, 0x92, 0x5f, + 0xe2, 0xef, 0x71, 0x8e, 0xb4, 0xe3, 0x08, 0xef, 0xea, 0xa7, 0xc5, + 0x27, 0x3b, 0x39, 0x41, 0x18, 0x86, 0x0a, 0x5b, 0xe2, 0xa9, 0x7f, + 0x56, 0xab, 0x78, 0x36, 0x5c, 0xa5, 0x97, 0xcd, 0xbb, 0x3e, 0xdb, + 0x8d, 0x1a, 0x11, 0x51, 0xea, 0x0a, 0xf7, 0xb4, 0x36}; + gsec_aead_malloc_test_vector( + &test_vector_8, test_vector_8_key, + sizeof(test_vector_8_key) / sizeof(uint8_t), test_vector_8_nonce, + sizeof(test_vector_8_nonce) / sizeof(uint8_t), test_vector_8_aad, + sizeof(test_vector_8_aad) / sizeof(uint8_t), test_vector_8_plaintext, + sizeof(test_vector_8_plaintext) / sizeof(uint8_t), + test_vector_8_ciphertext_and_tag, + sizeof(test_vector_8_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_8); + gsec_aead_free_test_vector(test_vector_8); + + /* 2.3.1 60-byte auth */ + gsec_aead_test_vector* test_vector_9; + const uint8_t test_vector_9_key[] = {0x07, 0x1b, 0x11, 0x3b, 0x0c, 0xa7, + 0x43, 0xfe, 0xcc, 0xcf, 0x3d, 0x05, + 0x1f, 0x73, 0x73, 0x82}; + const uint8_t test_vector_9_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_9_aad[] = { + 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x88, 0xe5, 0x40, 0x00, 0x76, 0xd4, 0x57, 0xed, 0x08, 0x00, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, + 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x03}; + const uint8_t test_vector_9_plaintext[1] = {}; + const uint8_t test_vector_9_ciphertext_and_tag[] = { + 0x0c, 0x01, 0x7b, 0xc7, 0x3b, 0x22, 0x7d, 0xfc, + 0xc9, 0xba, 0xfa, 0x1c, 0x41, 0xac, 0xc3, 0x53}; + gsec_aead_malloc_test_vector( + &test_vector_9, test_vector_9_key, + sizeof(test_vector_9_key) / sizeof(uint8_t), test_vector_9_nonce, + sizeof(test_vector_9_nonce) / sizeof(uint8_t), test_vector_9_aad, + sizeof(test_vector_9_aad) / sizeof(uint8_t), test_vector_9_plaintext, 0, + test_vector_9_ciphertext_and_tag, + sizeof(test_vector_9_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_9); + gsec_aead_free_test_vector(test_vector_9); + + /* 2.3.2 60-byte auth */ + gsec_aead_test_vector* test_vector_10; + const uint8_t test_vector_10_key[] = { + 0x69, 0x1d, 0x3e, 0xe9, 0x09, 0xd7, 0xf5, 0x41, 0x67, 0xfd, 0x1c, + 0xa0, 0xb5, 0xd7, 0x69, 0x08, 0x1f, 0x2b, 0xde, 0x1a, 0xee, 0x65, + 0x5f, 0xdb, 0xab, 0x80, 0xbd, 0x52, 0x95, 0xae, 0x6b, 0xe7}; + const uint8_t test_vector_10_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_10_aad[] = { + 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x88, 0xe5, 0x40, 0x00, 0x76, 0xd4, 0x57, 0xed, 0x08, 0x00, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, + 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x00, 0x03}; + const uint8_t test_vector_10_plaintext[1] = {}; + const uint8_t test_vector_10_ciphertext_and_tag[] = { + 0x35, 0x21, 0x7c, 0x77, 0x4b, 0xbc, 0x31, 0xb6, + 0x31, 0x66, 0xbc, 0xf9, 0xd4, 0xab, 0xed, 0x07}; + gsec_aead_malloc_test_vector( + &test_vector_10, test_vector_10_key, + sizeof(test_vector_10_key) / sizeof(uint8_t), test_vector_10_nonce, + sizeof(test_vector_10_nonce) / sizeof(uint8_t), test_vector_10_aad, + sizeof(test_vector_10_aad) / sizeof(uint8_t), test_vector_10_plaintext, 0, + test_vector_10_ciphertext_and_tag, + sizeof(test_vector_10_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_10); + gsec_aead_free_test_vector(test_vector_10); + + /* 2.4.1 54-byte crypt */ + gsec_aead_test_vector* test_vector_11; + const uint8_t test_vector_11_key[] = {0x07, 0x1b, 0x11, 0x3b, 0x0c, 0xa7, + 0x43, 0xfe, 0xcc, 0xcf, 0x3d, 0x05, + 0x1f, 0x73, 0x73, 0x82}; + const uint8_t test_vector_11_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_11_aad[] = { + 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, + 0xcd, 0x3d, 0x88, 0xe5, 0x4c, 0x2a, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_11_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, + 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x04}; + const uint8_t test_vector_11_ciphertext_and_tag[] = { + 0x13, 0xb4, 0xc7, 0x2b, 0x38, 0x9d, 0xc5, 0x01, 0x8e, 0x72, 0xa1, 0x71, + 0xdd, 0x85, 0xa5, 0xd3, 0x75, 0x22, 0x74, 0xd3, 0xa0, 0x19, 0xfb, 0xca, + 0xed, 0x09, 0xa4, 0x25, 0xcd, 0x9b, 0x2e, 0x1c, 0x9b, 0x72, 0xee, 0xe7, + 0xc9, 0xde, 0x7d, 0x52, 0xb3, 0xf3, 0xd6, 0xa5, 0x28, 0x4f, 0x4a, 0x6d, + 0x3f, 0xe2, 0x2a, 0x5d, 0x6c, 0x2b, 0x96, 0x04, 0x94, 0xc3}; + gsec_aead_malloc_test_vector( + &test_vector_11, test_vector_11_key, + sizeof(test_vector_11_key) / sizeof(uint8_t), test_vector_11_nonce, + sizeof(test_vector_11_nonce) / sizeof(uint8_t), test_vector_11_aad, + sizeof(test_vector_11_aad) / sizeof(uint8_t), test_vector_11_plaintext, + sizeof(test_vector_11_plaintext) / sizeof(uint8_t), + test_vector_11_ciphertext_and_tag, + sizeof(test_vector_11_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_11); + gsec_aead_free_test_vector(test_vector_11); + + /* 2.4.2 54-byte crypt */ + gsec_aead_test_vector* test_vector_12; + const uint8_t test_vector_12_key[] = { + 0x69, 0x1d, 0x3e, 0xe9, 0x09, 0xd7, 0xf5, 0x41, 0x67, 0xfd, 0x1c, + 0xa0, 0xb5, 0xd7, 0x69, 0x08, 0x1f, 0x2b, 0xde, 0x1a, 0xee, 0x65, + 0x5f, 0xdb, 0xab, 0x80, 0xbd, 0x52, 0x95, 0xae, 0x6b, 0xe7}; + const uint8_t test_vector_12_nonce[] = {0xf0, 0x76, 0x1e, 0x8d, 0xcd, 0x3d, + 0x00, 0x01, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_12_aad[] = { + 0xe2, 0x01, 0x06, 0xd7, 0xcd, 0x0d, 0xf0, 0x76, 0x1e, 0x8d, + 0xcd, 0x3d, 0x88, 0xe5, 0x4c, 0x2a, 0x76, 0xd4, 0x57, 0xed}; + const uint8_t test_vector_12_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, + 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x00, 0x04}; + const uint8_t test_vector_12_ciphertext_and_tag[] = { + 0xc1, 0x62, 0x3f, 0x55, 0x73, 0x0c, 0x93, 0x53, 0x30, 0x97, 0xad, 0xda, + 0xd2, 0x56, 0x64, 0x96, 0x61, 0x25, 0x35, 0x2b, 0x43, 0xad, 0xac, 0xbd, + 0x61, 0xc5, 0xef, 0x3a, 0xc9, 0x0b, 0x5b, 0xee, 0x92, 0x9c, 0xe4, 0x63, + 0x0e, 0xa7, 0x9f, 0x6c, 0xe5, 0x19, 0x12, 0xaf, 0x39, 0xc2, 0xd1, 0xfd, + 0xc2, 0x05, 0x1f, 0x8b, 0x7b, 0x3c, 0x9d, 0x39, 0x7e, 0xf2}; + gsec_aead_malloc_test_vector( + &test_vector_12, test_vector_12_key, + sizeof(test_vector_12_key) / sizeof(uint8_t), test_vector_12_nonce, + sizeof(test_vector_12_nonce) / sizeof(uint8_t), test_vector_12_aad, + sizeof(test_vector_12_aad) / sizeof(uint8_t), test_vector_12_plaintext, + sizeof(test_vector_12_plaintext) / sizeof(uint8_t), + test_vector_12_ciphertext_and_tag, + sizeof(test_vector_12_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_12); + gsec_aead_free_test_vector(test_vector_12); + + /* 2.5.1 65-byte auth */ + gsec_aead_test_vector* test_vector_13; + const uint8_t test_vector_13_key[] = {0x01, 0x3f, 0xe0, 0x0b, 0x5f, 0x11, + 0xbe, 0x7f, 0x86, 0x6d, 0x0c, 0xbb, + 0xc5, 0x5a, 0x7a, 0x90}; + const uint8_t test_vector_13_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, + 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12}; + const uint8_t test_vector_13_aad[] = { + 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, 0x72, 0x77, + 0x88, 0xe5, 0x23, 0x00, 0x89, 0x32, 0xd6, 0x12, 0x7c, 0xfd, 0xe9, 0xf9, + 0xe3, 0x37, 0x24, 0xc6, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, + 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x00, 0x05}; + const uint8_t test_vector_13_plaintext[1] = {}; + const uint8_t test_vector_13_ciphertext_and_tag[] = { + 0x21, 0x78, 0x67, 0xe5, 0x0c, 0x2d, 0xad, 0x74, + 0xc2, 0x8c, 0x3b, 0x50, 0xab, 0xdf, 0x69, 0x5a}; + gsec_aead_malloc_test_vector( + &test_vector_13, test_vector_13_key, + sizeof(test_vector_13_key) / sizeof(uint8_t), test_vector_13_nonce, + sizeof(test_vector_13_nonce) / sizeof(uint8_t), test_vector_13_aad, + sizeof(test_vector_13_aad) / sizeof(uint8_t), test_vector_13_plaintext, 0, + test_vector_13_ciphertext_and_tag, + sizeof(test_vector_13_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_13); + gsec_aead_free_test_vector(test_vector_13); + + /* 2.5.2 65-byte auth */ + gsec_aead_test_vector* test_vector_14; + const uint8_t test_vector_14_key[] = { + 0x83, 0xc0, 0x93, 0xb5, 0x8d, 0xe7, 0xff, 0xe1, 0xc0, 0xda, 0x92, + 0x6a, 0xc4, 0x3f, 0xb3, 0x60, 0x9a, 0xc1, 0xc8, 0x0f, 0xee, 0x1b, + 0x62, 0x44, 0x97, 0xef, 0x94, 0x2e, 0x2f, 0x79, 0xa8, 0x23}; + const uint8_t test_vector_14_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, + 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12}; + const uint8_t test_vector_14_aad[] = { + 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, 0x72, 0x77, + 0x88, 0xe5, 0x23, 0x00, 0x89, 0x32, 0xd6, 0x12, 0x7c, 0xfd, 0xe9, 0xf9, + 0xe3, 0x37, 0x24, 0xc6, 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, + 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x00, 0x05}; + const uint8_t test_vector_14_plaintext[1] = {}; + const uint8_t test_vector_14_ciphertext_and_tag[] = { + 0x6e, 0xe1, 0x60, 0xe8, 0xfa, 0xec, 0xa4, 0xb3, + 0x6c, 0x86, 0xb2, 0x34, 0x92, 0x0c, 0xa9, 0x75}; + gsec_aead_malloc_test_vector( + &test_vector_14, test_vector_14_key, + sizeof(test_vector_14_key) / sizeof(uint8_t), test_vector_14_nonce, + sizeof(test_vector_14_nonce) / sizeof(uint8_t), test_vector_14_aad, + sizeof(test_vector_14_aad) / sizeof(uint8_t), test_vector_14_plaintext, 0, + test_vector_14_ciphertext_and_tag, + sizeof(test_vector_14_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_14); + gsec_aead_free_test_vector(test_vector_14); + + /* 2.6.1 61-byte crypt */ + gsec_aead_test_vector* test_vector_15; + const uint8_t test_vector_15_key[] = {0x01, 0x3f, 0xe0, 0x0b, 0x5f, 0x11, + 0xbe, 0x7f, 0x86, 0x6d, 0x0c, 0xbb, + 0xc5, 0x5a, 0x7a, 0x90}; + const uint8_t test_vector_15_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, + 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12}; + const uint8_t test_vector_15_aad[] = { + 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, + 0x72, 0x77, 0x88, 0xe5, 0x2f, 0x00, 0x89, 0x32, 0xd6, 0x12, + 0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, 0x24, 0xc6}; + const uint8_t test_vector_15_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, + 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x00, 0x06}; + const uint8_t test_vector_15_ciphertext_and_tag[] = { + 0x3a, 0x4d, 0xe6, 0xfa, 0x32, 0x19, 0x10, 0x14, 0xdb, 0xb3, 0x03, + 0xd9, 0x2e, 0xe3, 0xa9, 0xe8, 0xa1, 0xb5, 0x99, 0xc1, 0x4d, 0x22, + 0xfb, 0x08, 0x00, 0x96, 0xe1, 0x38, 0x11, 0x81, 0x6a, 0x3c, 0x9c, + 0x9b, 0xcf, 0x7c, 0x1b, 0x9b, 0x96, 0xda, 0x80, 0x92, 0x04, 0xe2, + 0x9d, 0x0e, 0x2a, 0x76, 0x42, 0xbf, 0xd3, 0x10, 0xa4, 0x83, 0x7c, + 0x81, 0x6c, 0xcf, 0xa5, 0xac, 0x23, 0xab, 0x00, 0x39, 0x88}; + gsec_aead_malloc_test_vector( + &test_vector_15, test_vector_15_key, + sizeof(test_vector_15_key) / sizeof(uint8_t), test_vector_15_nonce, + sizeof(test_vector_15_nonce) / sizeof(uint8_t), test_vector_15_aad, + sizeof(test_vector_15_aad) / sizeof(uint8_t), test_vector_15_plaintext, + sizeof(test_vector_15_plaintext) / sizeof(uint8_t), + test_vector_15_ciphertext_and_tag, + sizeof(test_vector_15_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_15); + gsec_aead_free_test_vector(test_vector_15); + + /* 2.6.2 61-byte crypt */ + gsec_aead_test_vector* test_vector_16; + const uint8_t test_vector_16_key[] = { + 0x83, 0xc0, 0x93, 0xb5, 0x8d, 0xe7, 0xff, 0xe1, 0xc0, 0xda, 0x92, + 0x6a, 0xc4, 0x3f, 0xb3, 0x60, 0x9a, 0xc1, 0xc8, 0x0f, 0xee, 0x1b, + 0x62, 0x44, 0x97, 0xef, 0x94, 0x2e, 0x2f, 0x79, 0xa8, 0x23}; + const uint8_t test_vector_16_nonce[] = {0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, + 0x24, 0xc6, 0x89, 0x32, 0xd6, 0x12}; + const uint8_t test_vector_16_aad[] = { + 0x84, 0xc5, 0xd5, 0x13, 0xd2, 0xaa, 0xf6, 0xe5, 0xbb, 0xd2, + 0x72, 0x77, 0x88, 0xe5, 0x2f, 0x00, 0x89, 0x32, 0xd6, 0x12, + 0x7c, 0xfd, 0xe9, 0xf9, 0xe3, 0x37, 0x24, 0xc6}; + const uint8_t test_vector_16_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, + 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x00, 0x06}; + const uint8_t test_vector_16_ciphertext_and_tag[] = { + 0x11, 0x02, 0x22, 0xff, 0x80, 0x50, 0xcb, 0xec, 0xe6, 0x6a, 0x81, + 0x3a, 0xd0, 0x9a, 0x73, 0xed, 0x7a, 0x9a, 0x08, 0x9c, 0x10, 0x6b, + 0x95, 0x93, 0x89, 0x16, 0x8e, 0xd6, 0xe8, 0x69, 0x8e, 0xa9, 0x02, + 0xeb, 0x12, 0x77, 0xdb, 0xec, 0x2e, 0x68, 0xe4, 0x73, 0x15, 0x5a, + 0x15, 0xa7, 0xda, 0xee, 0xd4, 0xa1, 0x0f, 0x4e, 0x05, 0x13, 0x9c, + 0x23, 0xdf, 0x00, 0xb3, 0xaa, 0xdc, 0x71, 0xf0, 0x59, 0x6a}; + gsec_aead_malloc_test_vector( + &test_vector_16, test_vector_16_key, + sizeof(test_vector_16_key) / sizeof(uint8_t), test_vector_16_nonce, + sizeof(test_vector_16_nonce) / sizeof(uint8_t), test_vector_16_aad, + sizeof(test_vector_16_aad) / sizeof(uint8_t), test_vector_16_plaintext, + sizeof(test_vector_16_plaintext) / sizeof(uint8_t), + test_vector_16_ciphertext_and_tag, + sizeof(test_vector_16_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_16); + gsec_aead_free_test_vector(test_vector_16); + + /* 2.7.1 79-byte crypt */ + gsec_aead_test_vector* test_vector_17; + const uint8_t test_vector_17_key[] = {0x88, 0xee, 0x08, 0x7f, 0xd9, 0x5d, + 0xa9, 0xfb, 0xf6, 0x72, 0x5a, 0xa9, + 0xd7, 0x57, 0xb0, 0xcd}; + const uint8_t test_vector_17_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5, + 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_17_aad[] = { + 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, 0x4e, + 0xc5, 0x88, 0xe5, 0x41, 0x00, 0x2e, 0x58, 0x49, 0x5c, 0x08, 0x00, + 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, + 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, + 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x00, 0x07}; + const uint8_t test_vector_17_plaintext[1] = {}; + const uint8_t test_vector_17_ciphertext_and_tag[] = { + 0x07, 0x92, 0x2b, 0x8e, 0xbc, 0xf1, 0x0b, 0xb2, + 0x29, 0x75, 0x88, 0xca, 0x4c, 0x61, 0x45, 0x23}; + gsec_aead_malloc_test_vector( + &test_vector_17, test_vector_17_key, + sizeof(test_vector_17_key) / sizeof(uint8_t), test_vector_17_nonce, + sizeof(test_vector_17_nonce) / sizeof(uint8_t), test_vector_17_aad, + sizeof(test_vector_17_aad) / sizeof(uint8_t), test_vector_17_plaintext, 0, + test_vector_17_ciphertext_and_tag, + sizeof(test_vector_17_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_17); + gsec_aead_free_test_vector(test_vector_17); + + /* 2.7.2 79-byte crypt */ + gsec_aead_test_vector* test_vector_18; + const uint8_t test_vector_18_key[] = { + 0x4c, 0x97, 0x3d, 0xbc, 0x73, 0x64, 0x62, 0x16, 0x74, 0xf8, 0xb5, + 0xb8, 0x9e, 0x5c, 0x15, 0x51, 0x1f, 0xce, 0xd9, 0x21, 0x64, 0x90, + 0xfb, 0x1c, 0x1a, 0x2c, 0xaa, 0x0f, 0xfe, 0x04, 0x07, 0xe5}; + const uint8_t test_vector_18_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5, + 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_18_aad[] = { + 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, 0x4e, + 0xc5, 0x88, 0xe5, 0x41, 0x00, 0x2e, 0x58, 0x49, 0x5c, 0x08, 0x00, + 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, + 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, + 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x00, 0x07}; + const uint8_t test_vector_18_plaintext[1] = {}; + const uint8_t test_vector_18_ciphertext_and_tag[] = { + 0x00, 0xbd, 0xa1, 0xb7, 0xe8, 0x76, 0x08, 0xbc, + 0xbf, 0x47, 0x0f, 0x12, 0x15, 0x7f, 0x4c, 0x07}; + gsec_aead_malloc_test_vector( + &test_vector_18, test_vector_18_key, + sizeof(test_vector_18_key) / sizeof(uint8_t), test_vector_18_nonce, + sizeof(test_vector_18_nonce) / sizeof(uint8_t), test_vector_18_aad, + sizeof(test_vector_18_aad) / sizeof(uint8_t), test_vector_18_plaintext, 0, + test_vector_18_ciphertext_and_tag, + sizeof(test_vector_18_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_18); + gsec_aead_free_test_vector(test_vector_18); + + /* 2.8.1 61-byte crypt */ + gsec_aead_test_vector* test_vector_19; + const uint8_t test_vector_19_key[] = {0x88, 0xee, 0x08, 0x7f, 0xd9, 0x5d, + 0xa9, 0xfb, 0xf6, 0x72, 0x5a, 0xa9, + 0xd7, 0x57, 0xb0, 0xcd}; + const uint8_t test_vector_19_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5, + 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_19_aad[] = { + 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, + 0x4e, 0xc5, 0x88, 0xe5, 0x4d, 0x00, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_19_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, + 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08}; + const uint8_t test_vector_19_ciphertext_and_tag[] = { + 0xc3, 0x1f, 0x53, 0xd9, 0x9e, 0x56, 0x87, 0xf7, 0x36, 0x51, 0x19, 0xb8, + 0x32, 0xd2, 0xaa, 0xe7, 0x07, 0x41, 0xd5, 0x93, 0xf1, 0xf9, 0xe2, 0xab, + 0x34, 0x55, 0x77, 0x9b, 0x07, 0x8e, 0xb8, 0xfe, 0xac, 0xdf, 0xec, 0x1f, + 0x8e, 0x3e, 0x52, 0x77, 0xf8, 0x18, 0x0b, 0x43, 0x36, 0x1f, 0x65, 0x12, + 0xad, 0xb1, 0x6d, 0x2e, 0x38, 0x54, 0x8a, 0x2c, 0x71, 0x9d, 0xba, 0x72, + 0x28, 0xd8, 0x40, 0x88, 0xf8, 0x75, 0x7a, 0xdb, 0x8a, 0xa7, 0x88, 0xd8, + 0xf6, 0x5a, 0xd6, 0x68, 0xbe, 0x70, 0xe7}; + gsec_aead_malloc_test_vector( + &test_vector_19, test_vector_19_key, + sizeof(test_vector_19_key) / sizeof(uint8_t), test_vector_19_nonce, + sizeof(test_vector_19_nonce) / sizeof(uint8_t), test_vector_19_aad, + sizeof(test_vector_19_aad) / sizeof(uint8_t), test_vector_19_plaintext, + sizeof(test_vector_19_plaintext) / sizeof(uint8_t), + test_vector_19_ciphertext_and_tag, + sizeof(test_vector_19_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_19); + gsec_aead_free_test_vector(test_vector_19); + + /* 2.8.2 61-byte crypt */ + gsec_aead_test_vector* test_vector_20; + const uint8_t test_vector_20_key[] = { + 0x4c, 0x97, 0x3d, 0xbc, 0x73, 0x64, 0x62, 0x16, 0x74, 0xf8, 0xb5, + 0xb8, 0x9e, 0x5c, 0x15, 0x51, 0x1f, 0xce, 0xd9, 0x21, 0x64, 0x90, + 0xfb, 0x1c, 0x1a, 0x2c, 0xaa, 0x0f, 0xfe, 0x04, 0x07, 0xe5}; + const uint8_t test_vector_20_nonce[] = {0x7a, 0xe8, 0xe2, 0xca, 0x4e, 0xc5, + 0x00, 0x01, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_20_aad[] = { + 0x68, 0xf2, 0xe7, 0x76, 0x96, 0xce, 0x7a, 0xe8, 0xe2, 0xca, + 0x4e, 0xc5, 0x88, 0xe5, 0x4d, 0x00, 0x2e, 0x58, 0x49, 0x5c}; + const uint8_t test_vector_20_plaintext[] = { + 0x08, 0x00, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, + 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x00, 0x08}; + const uint8_t test_vector_20_ciphertext_and_tag[] = { + 0xba, 0x8a, 0xe3, 0x1b, 0xc5, 0x06, 0x48, 0x6d, 0x68, 0x73, 0xe4, 0xfc, + 0xe4, 0x60, 0xe7, 0xdc, 0x57, 0x59, 0x1f, 0xf0, 0x06, 0x11, 0xf3, 0x1c, + 0x38, 0x34, 0xfe, 0x1c, 0x04, 0xad, 0x80, 0xb6, 0x68, 0x03, 0xaf, 0xcf, + 0x5b, 0x27, 0xe6, 0x33, 0x3f, 0xa6, 0x7c, 0x99, 0xda, 0x47, 0xc2, 0xf0, + 0xce, 0xd6, 0x8d, 0x53, 0x1b, 0xd7, 0x41, 0xa9, 0x43, 0xcf, 0xf7, 0xa6, + 0x71, 0x3b, 0xd0, 0x26, 0x11, 0xcd, 0x7d, 0xaa, 0x01, 0xd6, 0x1c, 0x5c, + 0x88, 0x6d, 0xc1, 0xa8, 0x17, 0x01, 0x07}; + gsec_aead_malloc_test_vector( + &test_vector_20, test_vector_20_key, + sizeof(test_vector_20_key) / sizeof(uint8_t), test_vector_20_nonce, + sizeof(test_vector_20_nonce) / sizeof(uint8_t), test_vector_20_aad, + sizeof(test_vector_20_aad) / sizeof(uint8_t), test_vector_20_plaintext, + sizeof(test_vector_20_plaintext) / sizeof(uint8_t), + test_vector_20_ciphertext_and_tag, + sizeof(test_vector_20_ciphertext_and_tag) / sizeof(uint8_t)); + gsec_test_verify_crypter_on_test_vector(test_vector_20); + gsec_aead_free_test_vector(test_vector_20); +} + +int main(int argc, char** argv) { + grpc_init(); + gsec_test_do_generic_crypter_tests(); + gsec_test_do_vector_tests_nist(); + gsec_test_do_vector_tests_ieee(); + gsec_test_do_vector_tests_rekey_nist(); + gsec_test_do_vector_tests_rekey_ieee(); + grpc_shutdown(); + return 0; +} diff --git a/test/core/tsi/alts/crypt/gsec_test_util.cc b/test/core/tsi/alts/crypt/gsec_test_util.cc new file mode 100644 index 0000000000..992c91e6bc --- /dev/null +++ b/test/core/tsi/alts/crypt/gsec_test_util.cc @@ -0,0 +1,87 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +#include <grpc/support/alloc.h> + +void gsec_test_random_bytes(uint8_t* bytes, size_t length) { + if (!RAND_bytes(bytes, static_cast<int>(length))) { + fprintf(stderr, + "Random bytes generation failed in gsec_test_random_bytes()."); + abort(); + } +} + +void gsec_test_random_array(uint8_t** bytes, size_t length) { + if (bytes != nullptr) { + *bytes = static_cast<uint8_t*>(gpr_malloc(length)); + gsec_test_random_bytes(*bytes, length); + } else { + fprintf(stderr, "bytes buffer is nullptr in gsec_test_random_array()."); + abort(); + } +} + +uint32_t gsec_test_bias_random_uint32(uint32_t max_length) { + uint32_t value; + gsec_test_random_bytes((uint8_t*)(&value), sizeof(value)); + return value % max_length; +} + +void gsec_test_copy(const uint8_t* src, uint8_t** des, size_t source_len) { + if (src != nullptr && des != nullptr) { + *des = static_cast<uint8_t*>(gpr_malloc(source_len)); + memcpy(*des, src, source_len); + } else { + fprintf(stderr, "Either src or des buffer is nullptr in gsec_test_copy()."); + abort(); + } +} + +void gsec_test_copy_and_alter_random_byte(const uint8_t* src, uint8_t** des, + size_t source_len) { + if (src != nullptr && des != nullptr) { + *des = static_cast<uint8_t*>(gpr_malloc(source_len)); + memcpy(*des, src, source_len); + uint32_t offset; + offset = gsec_test_bias_random_uint32(static_cast<uint32_t>(source_len)); + (*(*des + offset))++; + } else { + fprintf(stderr, + "Either src or des is nullptr in " + "gsec_test_copy_and_alter_random_byte()."); + abort(); + } +} + +int gsec_test_expect_compare_code_and_substr(grpc_status_code status1, + grpc_status_code status2, + const char* msg1, + const char* msg2) { + int failure = 1; + if (status1 != status2) { + fprintf(stderr, "Status %d does not equal %d.\n", status1, status2); + failure = 0; + } + if (strstr(msg1, msg2) == nullptr) { + fprintf(stderr, "Status message <%s> does not contain <%s>.\n", msg1, msg2); + failure = 0; + } + return failure; +} diff --git a/test/core/tsi/alts/crypt/gsec_test_util.h b/test/core/tsi/alts/crypt/gsec_test_util.h new file mode 100644 index 0000000000..206ae2fda8 --- /dev/null +++ b/test/core/tsi/alts/crypt/gsec_test_util.h @@ -0,0 +1,91 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_ +#define GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_ + +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <openssl/rand.h> + +#include <grpc/grpc.h> + +/** + * This method returns random bytes of certain length. + * + * - bytes: buffer to hold random bytes. + * - length: length of buffer to be populated. + */ +void gsec_test_random_bytes(uint8_t* bytes, size_t length); + +/** + * This method returns an array of random bytes. + * + * - bytes: array to hold random bytes. + * - length: length of array to be populated. + */ +void gsec_test_random_array(uint8_t** bytes, size_t length); + +/** + * This method returns a uint32 that's not quite uniformly random, but good + * enough for tests. + * + * - max_length: a max value the returned random number can choose. + */ +uint32_t gsec_test_bias_random_uint32(uint32_t max_length); + +/** + * This method copies data from a source to a destination buffer. + * + * - src: a source buffer. + * - des: a destination buffer. + * - length: the length of source buffer to be copied from its beginning. + */ +void gsec_test_copy(const uint8_t* src, uint8_t** des, size_t length); + +/** + * This method copies data from a source to a destination buffer, and flips one + * byte in the destination buffer randomly. + * + * - src: a source buffer. + * - des: a destination buffer. + * - length: the length of source buffer to be copied from its beginning. + */ +void gsec_test_copy_and_alter_random_byte(const uint8_t* src, uint8_t** des, + size_t source_len); + +/** + * This method compares two grpc_status_code values, and verifies if one string + * is a substring of the other. + * + * - status1: the first grpc_status_code to be compared. + * - status2: the second grpc_status_code to be compared. + * - msg1: a string to be scanned. + * - msg2: a small string to be searched within msg1. + * + * If both checks succeed, the method returns 1 and otherwise, it returns 0. + */ +int gsec_test_expect_compare_code_and_substr(grpc_status_code status1, + grpc_status_code status2, + const char* msg1, + const char* msg2); + +#endif // GRPC_TEST_CORE_TSI_ALTS_CRYPT_GSEC_TEST_UTIL_H_ */ diff --git a/test/core/tsi/alts/frame_protector/BUILD b/test/core/tsi/alts/frame_protector/BUILD new file mode 100644 index 0000000000..8bbc8c6e5e --- /dev/null +++ b/test/core/tsi/alts/frame_protector/BUILD @@ -0,0 +1,60 @@ +# Copyright 2018 gRPC authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package") + +licenses(["notice"]) # Apache v2 + +grpc_package(name = "frame_protector") + +grpc_cc_test( + name = "alts_counter_test", + srcs = ["alts_counter_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) + +grpc_cc_test( + name = "alts_crypter_test", + srcs = ["alts_crypter_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) + +grpc_cc_test( + name = "alts_frame_protector_test", + srcs = ["alts_frame_protector_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + "//test/core/tsi:transport_security_test_lib", + ], +) + +grpc_cc_test( + name = "frame_handler_test", + srcs = ["frame_handler_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) diff --git a/test/core/tsi/alts/frame_protector/alts_counter_test.cc b/test/core/tsi/alts/frame_protector/alts_counter_test.cc new file mode 100644 index 0000000000..49ff82108b --- /dev/null +++ b/test/core/tsi/alts/frame_protector/alts_counter_test.cc @@ -0,0 +1,180 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/frame_protector/alts_counter.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +const size_t kSmallCounterSize = 4; +const size_t kSmallOverflowSize = 1; +const size_t kGcmCounterSize = 12; +const size_t kGcmOverflowSize = 5; + +static bool do_bytes_represent_client(alts_counter* ctr, unsigned char* counter, + size_t size) { + return (ctr->counter[size - 1] & 0x80) == 0x80; +} + +static void alts_counter_test_input_sanity_check(size_t counter_size, + size_t overflow_size) { + alts_counter* ctr = nullptr; + char* error_details = nullptr; + + /* Input sanity check on alts_counter_create(). */ + /* Invalid counter size. */ + grpc_status_code status = + alts_counter_create(true, 0, overflow_size, &ctr, &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "counter_size is invalid.")); + gpr_free(error_details); + + /* Invalid overflow size. */ + status = alts_counter_create(true, counter_size, 0, &ctr, &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "overflow_size is invalid.")); + gpr_free(error_details); + + /* alts_counter is nullptr. */ + status = alts_counter_create(true, counter_size, overflow_size, nullptr, + &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "crypter_counter is nullptr.")); + gpr_free(error_details); + + status = alts_counter_create(true, counter_size, overflow_size, &ctr, + &error_details); + GPR_ASSERT(status == GRPC_STATUS_OK); + + /* Input sanity check on alts_counter_increment(). */ + /* crypter_counter is nullptr. */ + bool is_overflow = false; + status = alts_counter_increment(nullptr, &is_overflow, &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "crypter_counter is nullptr.")); + gpr_free(error_details); + /* is_overflow is nullptr. */ + status = alts_counter_increment(ctr, nullptr, &error_details); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_details, + "is_overflow is nullptr.")); + gpr_free(error_details); + alts_counter_destroy(ctr); +} + +static void alts_counter_test_overflow_full_range(bool is_client, + size_t counter_size, + size_t overflow_size) { + alts_counter* ctr = nullptr; + char* error_details = nullptr; + grpc_status_code status = alts_counter_create( + is_client, counter_size, overflow_size, &ctr, &error_details); + GPR_ASSERT(status == GRPC_STATUS_OK); + unsigned char* expected = + static_cast<unsigned char*>(gpr_zalloc(counter_size)); + if (is_client) { + expected[counter_size - 1] = 0x80; + } + /* Do a single iteration to ensure the counter is initialized as expected. */ + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + GPR_ASSERT(memcmp(alts_counter_get_counter(ctr), expected, counter_size) == + 0); + bool is_overflow = false; + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_OK); + GPR_ASSERT(!is_overflow); + /** + * The counter can return 2^{overflow_size * 8} counters. The + * high-order bit is fixed to the client/server. The last call will yield a + * useable counter, but overflow the counter object. + */ + int iterations = 1 << (overflow_size * 8); + int ind = 1; + for (ind = 1; ind < iterations - 1; ind++) { + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_OK); + GPR_ASSERT(!is_overflow); + } + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_FAILED_PRECONDITION); + GPR_ASSERT(is_overflow); + gpr_free(expected); + alts_counter_destroy(ctr); +} + +/* Set the counter manually and make sure it overflows as expected. */ +static void alts_counter_test_overflow_single_increment(bool is_client, + size_t counter_size, + size_t overflow_size) { + alts_counter* ctr = nullptr; + char* error_details = nullptr; + grpc_status_code status = alts_counter_create( + is_client, counter_size, overflow_size, &ctr, &error_details); + GPR_ASSERT(status == GRPC_STATUS_OK); + unsigned char* expected = + static_cast<unsigned char*>(gpr_zalloc(counter_size)); + memset(expected, 0xFF, overflow_size); + expected[0] = 0xFE; + + if (is_client) { + expected[counter_size - 1] = 0x80; + } + memcpy(ctr->counter, expected, counter_size); + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) == + 0); + bool is_overflow = false; + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_OK); + GPR_ASSERT(!is_overflow); + GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr), + counter_size) == is_client); + expected[0] = static_cast<unsigned char>(expected[0] + 1); + GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) == + 0); + GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) == + GRPC_STATUS_FAILED_PRECONDITION); + GPR_ASSERT(is_overflow); + gpr_free(expected); + alts_counter_destroy(ctr); +} + +int main(int argc, char** argv) { + alts_counter_test_input_sanity_check(kGcmCounterSize, kGcmOverflowSize); + alts_counter_test_overflow_full_range(true, kSmallCounterSize, + kSmallOverflowSize); + alts_counter_test_overflow_full_range(false, kSmallCounterSize, + kSmallOverflowSize); + alts_counter_test_overflow_single_increment(true, kGcmCounterSize, + kGcmOverflowSize); + alts_counter_test_overflow_single_increment(false, kGcmCounterSize, + kGcmOverflowSize); + + return 0; +} diff --git a/test/core/tsi/alts/frame_protector/alts_crypter_test.cc b/test/core/tsi/alts/frame_protector/alts_crypter_test.cc new file mode 100644 index 0000000000..0ad616bcd6 --- /dev/null +++ b/test/core/tsi/alts/frame_protector/alts_crypter_test.cc @@ -0,0 +1,493 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/frame_protector/alts_crypter.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +static void alts_crypter_test_random_seal_unseal(alts_crypter* server_seal, + alts_crypter* server_unseal, + alts_crypter* client_seal, + alts_crypter* client_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + uint8_t* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + gsec_test_random_bytes(data_buffer, data_size); + uint8_t* duplicate_buffer = nullptr; + gsec_test_copy(data_buffer, &duplicate_buffer, data_size); + + /* Client seal and server unseal */ + size_t size = data_size; + grpc_status_code status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + status = alts_crypter_process_in_place( + server_unseal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer, duplicate_buffer, data_size) == 0); + GPR_ASSERT(size == data_size); + /* Server seal and client unseal */ + status = alts_crypter_process_in_place( + server_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + status = alts_crypter_process_in_place( + client_unseal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer, duplicate_buffer, data_size) == 0); + GPR_ASSERT(size == data_size); + gpr_free(data_buffer); + gpr_free(duplicate_buffer); +} + +static void alts_crypter_test_multiple_random_seal_unseal( + alts_crypter* server_seal, alts_crypter* server_unseal, + alts_crypter* client_seal, alts_crypter* client_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + + uint8_t* data_buffer1 = + static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + uint8_t* data_buffer2 = + static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + uint8_t* duplicate_buffer1 = nullptr; + uint8_t* duplicate_buffer2 = nullptr; + gsec_test_random_bytes(data_buffer1, data_size); + gsec_test_random_bytes(data_buffer2, data_size); + gsec_test_copy(data_buffer1, &duplicate_buffer1, data_size); + gsec_test_copy(data_buffer2, &duplicate_buffer2, data_size); + + /* Client seal and server unseal */ + size_t size1 = data_size, size2 = data_size; + grpc_status_code status = alts_crypter_process_in_place( + client_seal, data_buffer1, protected_data_size, size1, &size1, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size1 == protected_data_size); + status = alts_crypter_process_in_place( + client_seal, data_buffer2, protected_data_size, size2, &size2, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size2 == protected_data_size); + status = alts_crypter_process_in_place( + server_unseal, data_buffer1, protected_data_size, size1, &size1, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer1, duplicate_buffer1, data_size) == 0); + GPR_ASSERT(size1 == data_size); + status = alts_crypter_process_in_place( + server_unseal, data_buffer2, protected_data_size, size2, &size2, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer2, duplicate_buffer2, data_size) == 0); + GPR_ASSERT(size2 == data_size); + + /* Server seal and client unseal */ + status = alts_crypter_process_in_place( + server_seal, data_buffer1, protected_data_size, size1, &size1, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size1 == protected_data_size); + status = alts_crypter_process_in_place( + server_seal, data_buffer2, protected_data_size, size2, &size2, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size2 == protected_data_size); + status = alts_crypter_process_in_place( + client_unseal, data_buffer1, protected_data_size, size1, &size1, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer1, duplicate_buffer1, data_size) == 0); + GPR_ASSERT(size1 == data_size); + status = alts_crypter_process_in_place( + client_unseal, data_buffer2, protected_data_size, size2, &size2, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(data_buffer2, duplicate_buffer2, data_size) == 0); + GPR_ASSERT(size2 == data_size); + + gpr_free(data_buffer1); + gpr_free(data_buffer2); + gpr_free(duplicate_buffer1); + gpr_free(duplicate_buffer2); +} + +static void alts_crypter_test_corrupted_unseal(alts_crypter* server_seal, + alts_crypter* server_unseal, + alts_crypter* client_seal, + alts_crypter* client_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + auto* zero_buffer = static_cast<uint8_t*>(gpr_zalloc(data_size)); + + /* Corrupt a random byte in protected data. */ + size_t size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + grpc_status_code status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + uint8_t* corrupted_data_buffer; + char* error_message = nullptr; + gsec_test_copy_and_alter_random_byte(data_buffer, &corrupted_data_buffer, + protected_data_size); + status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0); + gpr_free(corrupted_data_buffer); + gpr_free(error_message); + + /* Corrupt the beginning of protected data. */ + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + gsec_test_copy(data_buffer, &corrupted_data_buffer, protected_data_size); + (*corrupted_data_buffer)++; + status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0); + gpr_free(corrupted_data_buffer); + gpr_free(error_message); + + /* Corrupt the end of protected data. */ + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + gsec_test_copy(data_buffer, &corrupted_data_buffer, protected_data_size); + (*(corrupted_data_buffer + protected_data_size - 1))++; + status = alts_crypter_process_in_place(server_unseal, corrupted_data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(corrupted_data_buffer, zero_buffer, data_size) == 0); + gpr_free(corrupted_data_buffer); + gpr_free(error_message); + + gpr_free(data_buffer); + gpr_free(zero_buffer); +} + +static void alts_crypter_test_unsync_seal_unseal(alts_crypter* server_seal, + alts_crypter* server_unseal, + alts_crypter* client_seal, + alts_crypter* client_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(server_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + auto* zero_buffer = static_cast<uint8_t*>(gpr_zalloc(data_size)); + + /* Perform two seals at client, one unseal at server. */ + size_t size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + grpc_status_code status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + client_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + + char* error_message = nullptr; + status = alts_crypter_process_in_place(server_unseal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(data_buffer, zero_buffer, data_size) == 0); + gpr_free(error_message); + + /* Perform two seals at server, one unseal at client. */ + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + server_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + + size = data_size; + gsec_test_random_bytes(data_buffer, data_size); + status = alts_crypter_process_in_place( + server_seal, data_buffer, protected_data_size, size, &size, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(size == protected_data_size); + + status = alts_crypter_process_in_place(client_unseal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Checking tag failed")); + GPR_ASSERT(memcmp(data_buffer, zero_buffer, data_size) == 0); + gpr_free(error_message); + gpr_free(data_buffer); + gpr_free(zero_buffer); +} + +static void alts_crypter_test_input_sanity_check(alts_crypter* crypter_seal, + alts_crypter* crypter_unseal) { + size_t data_size = gsec_test_bias_random_uint32(1024) + 1; + size_t num_overhead_bytes = alts_crypter_num_overhead_bytes(crypter_seal); + size_t protected_data_size = data_size + num_overhead_bytes; + auto* data_buffer = static_cast<uint8_t*>(gpr_malloc(protected_data_size)); + gsec_test_random_bytes(data_buffer, data_size); + char* error_message = nullptr; + size_t size = data_size; + + /* Crypter is nullptr. */ + grpc_status_code status = alts_crypter_process_in_place( + nullptr, data_buffer, protected_data_size, size, &size, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "crypter or crypter->vtable has not been initialized properly.")); + gpr_free(error_message); + + /* Seal data is nullptr. */ + size = data_size; + status = alts_crypter_process_in_place( + crypter_seal, nullptr, protected_data_size, size, &size, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "data is nullptr.")); + gpr_free(error_message); + + /* Seal data size is 0. */ + size = 0; + status = alts_crypter_process_in_place(crypter_seal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "data_size is zero.")); + gpr_free(error_message); + + /* Seal data buffer has a size smaller than the required. */ + size = data_size; + status = alts_crypter_process_in_place(crypter_seal, data_buffer, + protected_data_size - 1, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "data_allocated_size is smaller than sum of data_size and " + "num_overhead_bytes.")); + gpr_free(error_message); + + /* Unseal data is nullptr. */ + size = data_size; + status = alts_crypter_process_in_place(crypter_unseal, nullptr, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "data is nullptr.")); + gpr_free(error_message); + + /* Unseal data size is 0. */ + size = 0; + status = alts_crypter_process_in_place(crypter_unseal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "data_size is smaller than num_overhead_bytes.")); + gpr_free(error_message); + + /* Unseal data size is smaller than number of overhead bytes. */ + size = num_overhead_bytes - 1; + status = alts_crypter_process_in_place(crypter_unseal, data_buffer, + protected_data_size, size, &size, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "data_size is smaller than num_overhead_bytes.")); + gpr_free(error_message); + gpr_free(data_buffer); +} + +static void create_random_alts_seal_crypter( + alts_crypter** server_seal, alts_crypter** server_unseal, + alts_crypter** client_seal, alts_crypter** client_unseal, + gsec_aead_crypter** server_crypter_seal, + gsec_aead_crypter** server_crypter_unseal, + gsec_aead_crypter** client_crypter_seal, + gsec_aead_crypter** client_crypter_unseal, bool rekey) { + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength, + kAesGcmTagLength, rekey, server_crypter_seal, + nullptr); + gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength, + kAesGcmTagLength, rekey, + server_crypter_unseal, nullptr); + gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength, + kAesGcmTagLength, rekey, client_crypter_seal, + nullptr); + gsec_aes_gcm_aead_crypter_create(key, key_length, kAesGcmNonceLength, + kAesGcmTagLength, rekey, + client_crypter_unseal, nullptr); + + size_t overflow_size = rekey ? 8 : 5; + alts_seal_crypter_create(*client_crypter_seal, /*is_client=*/true, + overflow_size, client_seal, nullptr); + alts_unseal_crypter_create(*client_crypter_unseal, /*is_client=*/true, + overflow_size, client_unseal, nullptr); + alts_seal_crypter_create(*server_crypter_seal, /*is_client=*/false, + overflow_size, server_seal, nullptr); + alts_unseal_crypter_create(*server_crypter_unseal, /*is_client=*/false, + overflow_size, server_unseal, nullptr); + gpr_free(key); +} + +static void destroy_random_alts_seal_crypter(alts_crypter* server_seal, + alts_crypter* server_unseal, + alts_crypter* client_seal, + alts_crypter* client_unseal) { + alts_crypter_destroy(server_seal); + alts_crypter_destroy(server_unseal); + alts_crypter_destroy(client_seal); + alts_crypter_destroy(client_unseal); +} + +static void alts_crypter_do_generic_tests() { + alts_crypter *server_seal = nullptr, *server_unseal = nullptr, + *client_seal = nullptr, *client_unseal = nullptr; + gsec_aead_crypter *server_crypter_seal = nullptr, + *server_crypter_unseal = nullptr, + *client_crypter_seal = nullptr, + *client_crypter_unseal = nullptr; + /* Random seal and unseal tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_random_seal_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_random_seal_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + /* Multiple random seal and unseal tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_multiple_random_seal_unseal(server_seal, server_unseal, + client_seal, client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_multiple_random_seal_unseal(server_seal, server_unseal, + client_seal, client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + /* Corrupted unseal tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_corrupted_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_corrupted_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + /* Unsync seal and unseal tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_unsync_seal_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_unsync_seal_unseal(server_seal, server_unseal, client_seal, + client_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + /* Input sanity check tests */ + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/false); + alts_crypter_test_input_sanity_check(server_seal, server_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); + + create_random_alts_seal_crypter(&server_seal, &server_unseal, &client_seal, + &client_unseal, &server_crypter_seal, + &server_crypter_unseal, &client_crypter_seal, + &client_crypter_unseal, /*rekey=*/true); + alts_crypter_test_input_sanity_check(server_seal, server_unseal); + destroy_random_alts_seal_crypter(server_seal, server_unseal, client_seal, + client_unseal); +} + +int main(int argc, char** argv) { + alts_crypter_do_generic_tests(); + return 0; +} diff --git a/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc b/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc new file mode 100644 index 0000000000..2bd4958763 --- /dev/null +++ b/test/core/tsi/alts/frame_protector/alts_frame_protector_test.cc @@ -0,0 +1,394 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include <stdbool.h> + +#include "src/core/tsi/alts/crypt/gsec.h" +#include "src/core/tsi/alts/frame_protector/alts_frame_protector.h" +#include "src/core/tsi/transport_security_interface.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" +#include "test/core/tsi/transport_security_test_lib.h" + +const size_t kChannelSize = 32768; + +static void alts_test_do_round_trip_check_frames( + tsi_test_frame_protector_fixture* fixture, const uint8_t* key, + const size_t key_size, bool rekey, const uint8_t* client_message, + const size_t client_message_size, const uint8_t* client_expected_frames, + const size_t client_frame_size, const uint8_t* server_message, + const size_t server_message_size, const uint8_t* server_expected_frames, + const size_t server_frame_size) { + GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(fixture->config != nullptr); + tsi_frame_protector* client_frame_protector = nullptr; + tsi_frame_protector* server_frame_protector = nullptr; + tsi_test_frame_protector_config* config = fixture->config; + tsi_test_channel* channel = fixture->channel; + /* Create a client frame protector. */ + size_t client_max_output_protected_frame_size = + config->client_max_output_protected_frame_size; + GPR_ASSERT( + alts_create_frame_protector(key, key_size, /*is_client=*/true, rekey, + client_max_output_protected_frame_size == 0 + ? nullptr + : &client_max_output_protected_frame_size, + &client_frame_protector) == TSI_OK); + /* Create a server frame protector. */ + size_t server_max_output_protected_frame_size = + config->server_max_output_protected_frame_size; + GPR_ASSERT( + alts_create_frame_protector(key, key_size, /*is_client=*/false, rekey, + server_max_output_protected_frame_size == 0 + ? nullptr + : &server_max_output_protected_frame_size, + &server_frame_protector) == TSI_OK); + tsi_test_frame_protector_fixture_init(fixture, client_frame_protector, + server_frame_protector); + /* Client sends a message to server. */ + uint8_t* saved_client_message = config->client_message; + config->client_message = const_cast<uint8_t*>(client_message); + config->client_message_size = client_message_size; + tsi_test_frame_protector_send_message_to_peer(config, channel, + client_frame_protector, + /*is_client=*/true); + /* Verify if the generated frame is the same as the expected. */ + GPR_ASSERT(channel->bytes_written_to_server_channel == client_frame_size); + GPR_ASSERT(memcmp(client_expected_frames, channel->server_channel, + client_frame_size) == 0); + unsigned char* server_received_message = + static_cast<unsigned char*>(gpr_malloc(kChannelSize)); + size_t server_received_message_size = 0; + tsi_test_frame_protector_receive_message_from_peer( + config, channel, server_frame_protector, server_received_message, + &server_received_message_size, /*is_client=*/false); + GPR_ASSERT(config->client_message_size == server_received_message_size); + GPR_ASSERT(memcmp(config->client_message, server_received_message, + server_received_message_size) == 0); + /* Server sends a message to client. */ + uint8_t* saved_server_message = config->server_message; + config->server_message = const_cast<uint8_t*>(server_message); + config->server_message_size = server_message_size; + tsi_test_frame_protector_send_message_to_peer(config, channel, + server_frame_protector, + /*is_client=*/false); + /* Verify if the generated frame is the same as the expected. */ + GPR_ASSERT(channel->bytes_written_to_client_channel == server_frame_size); + GPR_ASSERT(memcmp(server_expected_frames, channel->client_channel, + server_frame_size) == 0); + unsigned char* client_received_message = + static_cast<unsigned char*>(gpr_malloc(kChannelSize)); + size_t client_received_message_size = 0; + tsi_test_frame_protector_receive_message_from_peer( + config, channel, client_frame_protector, client_received_message, + &client_received_message_size, + /*is_client=*/true); + GPR_ASSERT(config->server_message_size == client_received_message_size); + GPR_ASSERT(memcmp(config->server_message, client_received_message, + client_received_message_size) == 0); + config->client_message = saved_client_message; + config->server_message = saved_server_message; + /* Destroy server and client frame protectors. */ + gpr_free(server_received_message); + gpr_free(client_received_message); +} + +static void alts_test_do_round_trip_vector_tests() { + const uint8_t key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08}; + const char small_message[] = {'C', 'h', 'a', 'p', 'i', ' ', + 'C', 'h', 'a', 'p', 'o'}; + const uint8_t large_message[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, + 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95, + 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39, + 0x1a, 0xaf, 0xd2, 0x55, 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d, + 0x46, 0xdf, 0x99, 0x8d, 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65, + 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x06, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, + 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30}; + const size_t small_message_size = sizeof(small_message) / sizeof(uint8_t); + const size_t large_message_size = sizeof(large_message) / sizeof(uint8_t); + /* Test small client message and large server message. */ + const uint8_t client_expected_frame1[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92, + 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94, + 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a}; + const uint8_t server_expected_frame1[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8, + 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e, + 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06, + 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84, + 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5, + 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde, + 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a, + 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd, + 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b, + 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f, + 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84, + 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4, + 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64}; + const size_t client_frame_size1 = + sizeof(client_expected_frame1) / sizeof(uint8_t); + const size_t server_frame_size1 = + sizeof(server_expected_frame1) / sizeof(uint8_t); + tsi_test_frame_protector_fixture* fixture = + tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + client_expected_frame1, client_frame_size1, large_message, + large_message_size, server_expected_frame1, server_frame_size1); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test large client message, small server message, and small + * message_buffer_allocated_size. + */ + const uint8_t client_expected_frame2[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7, + 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37, + 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13, + 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31, + 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72, + 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f, + 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e, + 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54, + 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94, + 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56, + 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d, + 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb, + 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7}; + const uint8_t server_expected_frame2[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d, + 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1, + 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73}; + const size_t client_frame_size2 = + sizeof(client_expected_frame2) / sizeof(uint8_t); + const size_t server_frame_size2 = + sizeof(server_expected_frame2) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message, + large_message_size, client_expected_frame2, client_frame_size2, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + server_expected_frame2, server_frame_size2); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test large client message, small server message, and small + * protected_buffer_size. + */ + const uint8_t client_expected_frame3[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7, + 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37, + 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13, + 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31, + 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72, + 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f, + 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e, + 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54, + 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94, + 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56, + 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d, + 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb, + 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7}; + const uint8_t server_expected_frame3[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d, + 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1, + 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73}; + const size_t client_frame_size3 = + sizeof(client_expected_frame3) / sizeof(uint8_t); + const size_t server_frame_size3 = + sizeof(server_expected_frame3) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message, + large_message_size, client_expected_frame3, client_frame_size3, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + server_expected_frame3, server_frame_size3); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test large client message, small server message, and small + * read_buffer_allocated_size. + */ + const uint8_t client_expected_frame4[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7, + 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37, + 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13, + 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31, + 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72, + 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f, + 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e, + 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54, + 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94, + 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56, + 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d, + 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb, + 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7}; + const uint8_t server_expected_frame4[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d, + 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1, + 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73}; + const size_t client_frame_size4 = + sizeof(client_expected_frame4) / sizeof(uint8_t); + const size_t server_frame_size4 = + sizeof(server_expected_frame4) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message, + large_message_size, client_expected_frame4, client_frame_size4, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + server_expected_frame4, server_frame_size4); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test large client message, small server message, and small + * client_max_output_protected_frame_size. + */ + const uint8_t client_expected_frame5[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7, + 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37, + 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13, + 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31, + 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72, + 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f, + 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e, + 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54, + 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94, + 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56, + 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d, + 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb, + 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7}; + const uint8_t server_expected_frame5[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d, + 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1, + 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73}; + const size_t client_frame_size5 = + sizeof(client_expected_frame5) / sizeof(uint8_t); + const size_t server_frame_size5 = + sizeof(server_expected_frame5) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message, + large_message_size, client_expected_frame5, client_frame_size5, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + server_expected_frame5, server_frame_size5); + tsi_test_frame_protector_fixture_destroy(fixture); + /** + * Test small client message, large server message, and small + * server_max_output_protected_frame_size. + */ + const uint8_t client_expected_frame6[] = { + 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92, + 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94, + 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a}; + const uint8_t server_expected_frame6[] = { + 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8, + 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e, + 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06, + 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84, + 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5, + 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde, + 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a, + 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd, + 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b, + 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f, + 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84, + 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4, + 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64}; + const size_t client_frame_size6 = + sizeof(client_expected_frame6) / sizeof(uint8_t); + const size_t server_frame_size6 = + sizeof(server_expected_frame6) / sizeof(uint8_t); + fixture = tsi_test_frame_protector_fixture_create(); + alts_test_do_round_trip_check_frames( + fixture, key, kAes128GcmKeyLength, /*rekey=*/false, + reinterpret_cast<const uint8_t*>(small_message), small_message_size, + client_expected_frame6, client_frame_size6, large_message, + large_message_size, server_expected_frame6, server_frame_size6); + tsi_test_frame_protector_fixture_destroy(fixture); +} + +static void alts_test_do_round_trip(tsi_test_frame_protector_fixture* fixture, + bool rekey) { + GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(fixture->config != nullptr); + tsi_frame_protector* client_frame_protector = nullptr; + tsi_frame_protector* server_frame_protector = nullptr; + tsi_test_frame_protector_config* config = fixture->config; + /* Create a key to be used by both client and server. */ + uint8_t* key = nullptr; + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + gsec_test_random_array(&key, key_length); + /* Create a client frame protector. */ + size_t client_max_output_protected_frame_size = + config->client_max_output_protected_frame_size; + GPR_ASSERT( + alts_create_frame_protector(key, key_length, /*is_client=*/true, rekey, + client_max_output_protected_frame_size == 0 + ? nullptr + : &client_max_output_protected_frame_size, + &client_frame_protector) == TSI_OK); + /* Create a server frame protector. */ + size_t server_max_output_protected_frame_size = + config->server_max_output_protected_frame_size; + GPR_ASSERT( + alts_create_frame_protector(key, key_length, /*is_client=*/false, rekey, + server_max_output_protected_frame_size == 0 + ? nullptr + : &server_max_output_protected_frame_size, + &server_frame_protector) == TSI_OK); + tsi_test_frame_protector_fixture_init(fixture, client_frame_protector, + server_frame_protector); + tsi_test_frame_protector_do_round_trip_no_handshake(fixture); + gpr_free(key); +} + +/* Run all combinations of different arguments of test config. */ +static void alts_test_do_round_trip_all(bool rekey) { + unsigned int* bit_array = static_cast<unsigned int*>( + gpr_malloc(sizeof(unsigned int) * TSI_TEST_NUM_OF_ARGUMENTS)); + unsigned int mask = 1U << (TSI_TEST_NUM_OF_ARGUMENTS - 1); + unsigned int val = 0, ind = 0; + for (val = 0; val < TSI_TEST_NUM_OF_COMBINATIONS; val++) { + unsigned int v = val; + for (ind = 0; ind < TSI_TEST_NUM_OF_ARGUMENTS; ind++) { + bit_array[ind] = (v & mask) ? 1 : 0; + v <<= 1; + } + tsi_test_frame_protector_fixture* fixture = + tsi_test_frame_protector_fixture_create(); + tsi_test_frame_protector_config_destroy(fixture->config); + fixture->config = tsi_test_frame_protector_config_create( + bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4], + bit_array[5], bit_array[6]); + alts_test_do_round_trip(fixture, rekey); + tsi_test_frame_protector_fixture_destroy(fixture); + } + gpr_free(bit_array); +} + +int main(int argc, char** argv) { + alts_test_do_round_trip_vector_tests(); + alts_test_do_round_trip_all(/*rekey=*/false); + alts_test_do_round_trip_all(/*rekey=*/true); + return 0; +} diff --git a/test/core/tsi/alts/frame_protector/frame_handler_test.cc b/test/core/tsi/alts/frame_protector/frame_handler_test.cc new file mode 100644 index 0000000000..6434ea1d31 --- /dev/null +++ b/test/core/tsi/alts/frame_protector/frame_handler_test.cc @@ -0,0 +1,244 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdint.h> +#include <stdio.h> +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/gpr/useful.h" +#include "src/core/tsi/alts/frame_protector/frame_handler.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +const size_t kFrameHandlerTestBufferSize = 1024; + +typedef struct frame_handler { + alts_frame_writer* writer; + alts_frame_reader* reader; + unsigned char* buffer; + size_t buffer_size; +} frame_handler; + +static size_t frame_length(size_t payload_length) { + return payload_length + kFrameHeaderSize; +} + +static frame_handler* create_frame_handler() { + frame_handler* handler = + static_cast<frame_handler*>(gpr_malloc(sizeof(frame_handler))); + handler->writer = alts_create_frame_writer(); + handler->reader = alts_create_frame_reader(); + handler->buffer = nullptr; + handler->buffer_size = 0; + return handler; +} + +static void destroy_frame_handler(frame_handler* handler) { + if (handler != nullptr) { + alts_destroy_frame_reader(handler->reader); + alts_destroy_frame_writer(handler->writer); + if (handler->buffer != nullptr) gpr_free(handler->buffer); + gpr_free(handler); + } +} + +static void frame(frame_handler* handler, unsigned char* payload, + size_t payload_length, size_t write_length) { + handler->buffer_size = frame_length(payload_length); + handler->buffer = + static_cast<unsigned char*>(gpr_malloc(handler->buffer_size)); + GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length)); + size_t offset = 0; + while (offset < handler->buffer_size && + !alts_is_frame_writer_done(handler->writer)) { + size_t bytes_written = GPR_MIN(write_length, handler->buffer_size - offset); + GPR_ASSERT(alts_write_frame_bytes(handler->writer, handler->buffer + offset, + &bytes_written)); + offset += bytes_written; + } + GPR_ASSERT(alts_is_frame_writer_done(handler->writer)); + GPR_ASSERT(handler->buffer_size == offset); +} + +static size_t deframe(frame_handler* handler, unsigned char* bytes, + size_t read_length) { + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + size_t offset = 0; + while (offset < handler->buffer_size && + !alts_is_frame_reader_done(handler->reader)) { + size_t bytes_read = GPR_MIN(read_length, handler->buffer_size - offset); + GPR_ASSERT(alts_read_frame_bytes(handler->reader, handler->buffer + offset, + &bytes_read)); + offset += bytes_read; + } + GPR_ASSERT(alts_is_frame_reader_done(handler->reader)); + GPR_ASSERT(handler->buffer_size == offset); + return offset - handler->reader->header_bytes_read; +} + +static void frame_n_deframe(frame_handler* handler, unsigned char* payload, + size_t payload_length, size_t write_length, + size_t read_length) { + frame(handler, payload, payload_length, write_length); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + size_t deframed_payload_length = deframe(handler, bytes, read_length); + GPR_ASSERT(payload_length == deframed_payload_length); + GPR_ASSERT(memcmp(payload, bytes, payload_length) == 0); + gpr_free(bytes); +} + +static void frame_handler_test_frame_deframe() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen((char*)payload) + 1; + frame_handler* handler = create_frame_handler(); + frame_n_deframe(handler, payload, payload_length, + frame_length(payload_length), frame_length(payload_length)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_small_buffer() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame_n_deframe(handler, payload, payload_length, 1, 1); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_input_stream() { + frame_handler* handler = create_frame_handler(); + GPR_ASSERT(!alts_reset_frame_writer(handler->writer, nullptr, 0)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_bad_input_length() { + unsigned char payload[] = "hello world"; + frame_handler* handler = create_frame_handler(); + GPR_ASSERT(!alts_reset_frame_writer(handler->writer, payload, SIZE_MAX)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_writer_byte_length() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length)); + GPR_ASSERT( + !alts_write_frame_bytes(handler->writer, handler->buffer, nullptr)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_writer_bytes() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + GPR_ASSERT(alts_reset_frame_writer(handler->writer, payload, payload_length)); + GPR_ASSERT( + !alts_write_frame_bytes(handler->writer, nullptr, &payload_length)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_bad_frame_length() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + memset(handler->buffer, 0x00, kFrameLengthFieldSize); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + size_t bytes_read = handler->buffer_size; + GPR_ASSERT( + !alts_read_frame_bytes(handler->reader, handler->buffer, &bytes_read)); + GPR_ASSERT(alts_is_frame_reader_done(handler->reader)); + GPR_ASSERT(bytes_read == 0); + gpr_free(bytes); + destroy_frame_handler(handler); +} + +static void frame_handler_test_unsupported_message_type() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + memset(handler->buffer + kFrameLengthFieldSize, 0x00, + kFrameMessageTypeFieldSize); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + size_t bytes_read = handler->buffer_size; + GPR_ASSERT( + !alts_read_frame_bytes(handler->reader, handler->buffer, &bytes_read)); + GPR_ASSERT(alts_is_frame_reader_done(handler->reader)); + GPR_ASSERT(bytes_read == 0); + gpr_free(bytes); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_output_stream() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + GPR_ASSERT(!alts_reset_frame_reader(handler->reader, nullptr)); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_reader_byte_length() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + GPR_ASSERT(!alts_read_frame_bytes(handler->reader, handler->buffer, nullptr)); + gpr_free(bytes); + destroy_frame_handler(handler); +} + +static void frame_handler_test_null_reader_bytes() { + unsigned char payload[] = "hello world"; + size_t payload_length = strlen(reinterpret_cast<char*>(payload)) + 1; + frame_handler* handler = create_frame_handler(); + frame(handler, payload, payload_length, payload_length); + unsigned char* bytes = + static_cast<unsigned char*>(gpr_malloc(kFrameHandlerTestBufferSize)); + GPR_ASSERT(alts_reset_frame_reader(handler->reader, bytes)); + size_t bytes_read = handler->buffer_size; + GPR_ASSERT(!alts_read_frame_bytes(handler->reader, nullptr, &bytes_read)); + gpr_free(bytes); + destroy_frame_handler(handler); +} + +int main(int argc, char** argv) { + frame_handler_test_frame_deframe(); + frame_handler_test_small_buffer(); + frame_handler_test_null_input_stream(); + frame_handler_test_bad_input_length(); + frame_handler_test_null_writer_byte_length(); + frame_handler_test_null_writer_bytes(); + frame_handler_test_bad_frame_length(); + frame_handler_test_unsupported_message_type(); + frame_handler_test_null_output_stream(); + frame_handler_test_null_reader_byte_length(); + frame_handler_test_null_reader_bytes(); + return 0; +} diff --git a/test/core/tsi/alts/handshaker/BUILD b/test/core/tsi/alts/handshaker/BUILD new file mode 100644 index 0000000000..db39732c43 --- /dev/null +++ b/test/core/tsi/alts/handshaker/BUILD @@ -0,0 +1,78 @@ +# Copyright 2018 gRPC authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +load("//bazel:grpc_build_system.bzl", "grpc_cc_library", "grpc_cc_test", "grpc_package") + +licenses(["notice"]) # Apache v2 + +grpc_package(name = "handshaker") + +grpc_cc_library( + name = "alts_handshaker_service_api_test_lib", + srcs = ["alts_handshaker_service_api_test_lib.cc"], + hdrs = ["alts_handshaker_service_api_test_lib.h"], + deps = [ + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_handshaker_client_test", + srcs = ["alts_handshaker_client_test.cc"], + language = "C++", + deps = [ + ":alts_handshaker_service_api_test_lib", + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_handshaker_service_api_test", + srcs = ["alts_handshaker_service_api_test.cc"], + language = "C++", + deps = [ + ":alts_handshaker_service_api_test_lib", + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_tsi_handshaker_test", + srcs = ["alts_tsi_handshaker_test.cc"], + language = "C++", + deps = [ + ":alts_handshaker_service_api_test_lib", + "//:grpc", + ], +) + +grpc_cc_test( + name = "alts_tsi_utils_test", + srcs = ["alts_tsi_utils_test.cc"], + language = "C++", + deps = [ + ":alts_handshaker_service_api_test_lib", + "//:grpc", + ], +) + +grpc_cc_test( + name = "transport_security_common_api_test", + srcs = ["transport_security_common_api_test.cc"], + language = "C++", + deps = [ + "//:grpc", + ], +) + diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc new file mode 100644 index 0000000000..7072be6e3a --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc @@ -0,0 +1,412 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/grpc.h> + +#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_event.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" +#include "src/core/tsi/transport_security.h" +#include "src/core/tsi/transport_security_interface.h" +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +#define ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME "Hello Google" +#define ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL "lame" +#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME "bigtable.google.api.com" +#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1 "A@google.com" +#define ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2 "B@google.com" + +const size_t kHandshakerClientOpNum = 4; +const size_t kMaxRpcVersionMajor = 3; +const size_t kMaxRpcVersionMinor = 2; +const size_t kMinRpcVersionMajor = 2; +const size_t kMinRpcVersionMinor = 1; + +using grpc_core::internal::alts_handshaker_client_set_grpc_caller_for_testing; + +typedef struct alts_handshaker_client_test_config { + grpc_channel* channel; + grpc_completion_queue* cq; + alts_handshaker_client* client; + grpc_slice out_frame; +} alts_handshaker_client_test_config; + +static alts_tsi_event* alts_tsi_event_create_for_testing(bool is_client) { + alts_tsi_event* e = static_cast<alts_tsi_event*>(gpr_zalloc(sizeof(*e))); + grpc_metadata_array_init(&e->initial_metadata); + grpc_metadata_array_init(&e->trailing_metadata); + e->options = is_client ? grpc_alts_credentials_client_options_create() + : grpc_alts_credentials_server_options_create(); + if (is_client) { + grpc_alts_credentials_client_options_add_target_service_account( + reinterpret_cast<grpc_alts_credentials_client_options*>(e->options), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1); + grpc_alts_credentials_client_options_add_target_service_account( + reinterpret_cast<grpc_alts_credentials_client_options*>(e->options), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2); + } + grpc_gcp_rpc_protocol_versions* versions = &e->options->rpc_versions; + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max( + versions, kMaxRpcVersionMajor, kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min( + versions, kMinRpcVersionMajor, kMinRpcVersionMinor)); + e->target_name = + grpc_slice_from_static_string(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME); + return e; +} + +static void validate_rpc_protocol_versions( + grpc_gcp_rpc_protocol_versions* versions) { + GPR_ASSERT(versions != nullptr); + GPR_ASSERT(versions->max_rpc_version.major == kMaxRpcVersionMajor); + GPR_ASSERT(versions->max_rpc_version.minor == kMaxRpcVersionMinor); + GPR_ASSERT(versions->min_rpc_version.major == kMinRpcVersionMajor); + GPR_ASSERT(versions->min_rpc_version.minor == kMinRpcVersionMinor); +} + +static void validate_target_identities( + const repeated_field* target_identity_head) { + grpc_gcp_identity* target_identity1 = static_cast<grpc_gcp_identity*>( + const_cast<void*>(target_identity_head->next->data)); + grpc_gcp_identity* target_identity2 = static_cast<grpc_gcp_identity*>( + const_cast<void*>(target_identity_head->data)); + grpc_slice* service_account1 = + static_cast<grpc_slice*>(target_identity1->service_account.arg); + grpc_slice* service_account2 = + static_cast<grpc_slice*>(target_identity2->service_account.arg); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*service_account1), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1, + GRPC_SLICE_LENGTH(*service_account1)) == 0); + GPR_ASSERT(strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT1) == + GRPC_SLICE_LENGTH(*service_account1)); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*service_account2), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2, + GRPC_SLICE_LENGTH(*service_account2)) == 0); + GPR_ASSERT(strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_SERVICE_ACCOUNT2) == + GRPC_SLICE_LENGTH(*service_account2)); +} + +/** + * Validate if grpc operation data is correctly populated with the fields of + * ALTS TSI event. + */ +static bool validate_op(alts_tsi_event* event, const grpc_op* op, size_t nops, + bool is_start) { + GPR_ASSERT(event != nullptr && op != nullptr && nops != 0); + bool ok = true; + grpc_op* start_op = const_cast<grpc_op*>(op); + if (is_start) { + ok &= (op->op == GRPC_OP_SEND_INITIAL_METADATA); + ok &= (op->data.send_initial_metadata.count == 0); + op++; + GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum); + + ok &= (op->op == GRPC_OP_RECV_INITIAL_METADATA); + ok &= (op->data.recv_initial_metadata.recv_initial_metadata == + &event->initial_metadata); + op++; + GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum); + } + ok &= (op->op == GRPC_OP_SEND_MESSAGE); + ok &= (op->data.send_message.send_message == event->send_buffer); + op++; + GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum); + + ok &= (op->op == GRPC_OP_RECV_MESSAGE); + ok &= (op->data.recv_message.recv_message == &event->recv_buffer); + op++; + GPR_ASSERT((size_t)(op - start_op) <= kHandshakerClientOpNum); + + return ok; +} + +static grpc_gcp_handshaker_req* deserialize_handshaker_req( + grpc_gcp_handshaker_req_type type, grpc_byte_buffer* buffer) { + GPR_ASSERT(buffer != nullptr); + grpc_gcp_handshaker_req* req = grpc_gcp_handshaker_decoded_req_create(type); + grpc_byte_buffer_reader bbr; + GPR_ASSERT(grpc_byte_buffer_reader_init(&bbr, buffer)); + grpc_slice slice = grpc_byte_buffer_reader_readall(&bbr); + GPR_ASSERT(grpc_gcp_handshaker_req_decode(slice, req)); + grpc_slice_unref(slice); + grpc_byte_buffer_reader_destroy(&bbr); + return req; +} + +/** + * A mock grpc_caller used to check if client_start, server_start, and next + * operations correctly handle invalid arguments. It should not be called. + */ +static grpc_call_error check_must_not_be_called(grpc_call* call, + const grpc_op* ops, size_t nops, + void* tag) { + GPR_ASSERT(0); +} + +/** + * A mock grpc_caller used to check correct execution of client_start operation. + * It checks if the client_start handshaker request is populated with correct + * handshake_security_protocol, application_protocol, and record_protocol, and + * op is correctly populated. + */ +static grpc_call_error check_client_start_success(grpc_call* call, + const grpc_op* op, + size_t nops, void* tag) { + alts_tsi_event* event = static_cast<alts_tsi_event*>(tag); + grpc_gcp_handshaker_req* req = + deserialize_handshaker_req(CLIENT_START_REQ, event->send_buffer); + GPR_ASSERT(req->client_start.handshake_security_protocol == + grpc_gcp_HandshakeProtocol_ALTS); + const void* data = (static_cast<repeated_field*>( + req->client_start.application_protocols.arg)) + ->data; + GPR_ASSERT(data != nullptr); + grpc_slice* application_protocol = (grpc_slice*)data; + data = (static_cast<repeated_field*>(req->client_start.record_protocols.arg)) + ->data; + grpc_slice* record_protocol = (grpc_slice*)data; + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*application_protocol), + ALTS_APPLICATION_PROTOCOL, + GRPC_SLICE_LENGTH(*application_protocol)) == 0); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*record_protocol), + ALTS_RECORD_PROTOCOL, + GRPC_SLICE_LENGTH(*record_protocol)) == 0); + validate_rpc_protocol_versions(&req->client_start.rpc_versions); + validate_target_identities( + static_cast<repeated_field*>(req->client_start.target_identities.arg)); + grpc_slice* target_name = + static_cast<grpc_slice*>(req->client_start.target_name.arg); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*target_name), + ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME, + GRPC_SLICE_LENGTH(*target_name)) == 0); + GPR_ASSERT(GRPC_SLICE_LENGTH(*target_name) == + strlen(ALTS_HANDSHAKER_CLIENT_TEST_TARGET_NAME)); + GPR_ASSERT(validate_op(event, op, nops, true /* is_start */)); + grpc_gcp_handshaker_req_destroy(req); + return GRPC_CALL_OK; +} + +/** + * A mock grpc_caller used to check correct execution of server_start operation. + * It checks if the server_start handshaker request is populated with correct + * handshake_security_protocol, application_protocol, and record_protocol, and + * op is correctly populated. + */ +static grpc_call_error check_server_start_success(grpc_call* call, + const grpc_op* op, + size_t nops, void* tag) { + alts_tsi_event* event = static_cast<alts_tsi_event*>(tag); + grpc_gcp_handshaker_req* req = + deserialize_handshaker_req(SERVER_START_REQ, event->send_buffer); + const void* data = (static_cast<repeated_field*>( + req->server_start.application_protocols.arg)) + ->data; + GPR_ASSERT(data != nullptr); + grpc_slice* application_protocol = (grpc_slice*)data; + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*application_protocol), + ALTS_APPLICATION_PROTOCOL, + GRPC_SLICE_LENGTH(*application_protocol)) == 0); + GPR_ASSERT(req->server_start.handshake_parameters_count == 1); + GPR_ASSERT(req->server_start.handshake_parameters[0].key == + grpc_gcp_HandshakeProtocol_ALTS); + data = (static_cast<repeated_field*>(req->server_start.handshake_parameters[0] + .value.record_protocols.arg)) + ->data; + GPR_ASSERT(data != nullptr); + grpc_slice* record_protocol = (grpc_slice*)data; + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*record_protocol), + ALTS_RECORD_PROTOCOL, + GRPC_SLICE_LENGTH(*record_protocol)) == 0); + validate_rpc_protocol_versions(&req->server_start.rpc_versions); + GPR_ASSERT(validate_op(event, op, nops, true /* is_start */)); + grpc_gcp_handshaker_req_destroy(req); + return GRPC_CALL_OK; +} + +/** + * A mock grpc_caller used to check correct execution of next operation. It + * checks if the next handshaker request is populated with correct information, + * and op is correctly populated. + */ +static grpc_call_error check_next_success(grpc_call* call, const grpc_op* op, + size_t nops, void* tag) { + alts_tsi_event* event = static_cast<alts_tsi_event*>(tag); + grpc_gcp_handshaker_req* req = + deserialize_handshaker_req(NEXT_REQ, event->send_buffer); + grpc_slice* in_bytes = static_cast<grpc_slice*>(req->next.in_bytes.arg); + GPR_ASSERT(in_bytes != nullptr); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*in_bytes), + ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME, + GRPC_SLICE_LENGTH(*in_bytes)) == 0); + GPR_ASSERT(validate_op(event, op, nops, false /* is_start */)); + grpc_gcp_handshaker_req_destroy(req); + return GRPC_CALL_OK; +} +/** + * A mock grpc_caller used to check if client_start, server_start, and next + * operations correctly handle the situation when the grpc call made to the + * handshaker service fails. + */ +static grpc_call_error check_grpc_call_failure(grpc_call* call, + const grpc_op* op, size_t nops, + void* tag) { + return GRPC_CALL_ERROR; +} + +static alts_handshaker_client_test_config* create_config() { + alts_handshaker_client_test_config* config = + static_cast<alts_handshaker_client_test_config*>( + gpr_zalloc(sizeof(*config))); + config->channel = grpc_insecure_channel_create( + ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL, nullptr, nullptr); + config->cq = grpc_completion_queue_create_for_next(nullptr); + config->client = alts_grpc_handshaker_client_create( + config->channel, config->cq, + ALTS_HANDSHAKER_CLIENT_TEST_HANDSHAKER_SERVICE_URL); + GPR_ASSERT(config->client != nullptr); + config->out_frame = + grpc_slice_from_static_string(ALTS_HANDSHAKER_CLIENT_TEST_OUT_FRAME); + return config; +} + +static void destroy_config(alts_handshaker_client_test_config* config) { + if (config == nullptr) { + return; + } + grpc_completion_queue_destroy(config->cq); + grpc_channel_destroy(config->channel); + alts_handshaker_client_destroy(config->client); + grpc_slice_unref(config->out_frame); + gpr_free(config); +} + +static void schedule_request_invalid_arg_test() { + /* Initialization. */ + alts_handshaker_client_test_config* config = create_config(); + alts_tsi_event* event = nullptr; + + /* Tests. */ + alts_handshaker_client_set_grpc_caller_for_testing(config->client, + check_must_not_be_called); + event = alts_tsi_event_create_for_testing(true /* is_client */); + /* Check client_start. */ + GPR_ASSERT(alts_handshaker_client_start_client(nullptr, event) == + TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_start_client(config->client, nullptr) == + TSI_INVALID_ARGUMENT); + + /* Check server_start. */ + GPR_ASSERT(alts_handshaker_client_start_server( + config->client, event, nullptr) == TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_start_server(config->client, nullptr, + &config->out_frame) == + TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_start_server( + nullptr, event, &config->out_frame) == TSI_INVALID_ARGUMENT); + + /* Check next. */ + GPR_ASSERT(alts_handshaker_client_next(config->client, event, nullptr) == + TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_next(config->client, nullptr, + &config->out_frame) == + TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_handshaker_client_next(nullptr, event, &config->out_frame) == + TSI_INVALID_ARGUMENT); + + /* Cleanup. */ + alts_tsi_event_destroy(event); + destroy_config(config); +} + +static void schedule_request_success_test() { + /* Initialization. */ + alts_handshaker_client_test_config* config = create_config(); + alts_tsi_event* event = nullptr; + + /* Check client_start success. */ + alts_handshaker_client_set_grpc_caller_for_testing( + config->client, check_client_start_success); + event = alts_tsi_event_create_for_testing(true /* is_client. */); + GPR_ASSERT(alts_handshaker_client_start_client(config->client, event) == + TSI_OK); + alts_tsi_event_destroy(event); + + /* Check server_start success. */ + alts_handshaker_client_set_grpc_caller_for_testing( + config->client, check_server_start_success); + event = alts_tsi_event_create_for_testing(false /* is_client. */); + GPR_ASSERT(alts_handshaker_client_start_server(config->client, event, + &config->out_frame) == TSI_OK); + alts_tsi_event_destroy(event); + + /* Check next success. */ + alts_handshaker_client_set_grpc_caller_for_testing(config->client, + check_next_success); + event = alts_tsi_event_create_for_testing(true /* is_client. */); + GPR_ASSERT(alts_handshaker_client_next(config->client, event, + &config->out_frame) == TSI_OK); + alts_tsi_event_destroy(event); + + /* Cleanup. */ + destroy_config(config); +} + +static void schedule_request_grpc_call_failure_test() { + /* Initialization. */ + alts_handshaker_client_test_config* config = create_config(); + alts_tsi_event* event = nullptr; + + /* Check client_start failure. */ + alts_handshaker_client_set_grpc_caller_for_testing(config->client, + check_grpc_call_failure); + event = alts_tsi_event_create_for_testing(true /* is_client. */); + GPR_ASSERT(alts_handshaker_client_start_client(config->client, event) == + TSI_INTERNAL_ERROR); + alts_tsi_event_destroy(event); + + /* Check server_start failure. */ + event = alts_tsi_event_create_for_testing(false /* is_client. */); + GPR_ASSERT(alts_handshaker_client_start_server(config->client, event, + &config->out_frame) == + TSI_INTERNAL_ERROR); + alts_tsi_event_destroy(event); + + /* Check next failure. */ + event = alts_tsi_event_create_for_testing(true /* is_cleint. */); + GPR_ASSERT( + alts_handshaker_client_next(config->client, event, &config->out_frame) == + TSI_INTERNAL_ERROR); + alts_tsi_event_destroy(event); + + /* Cleanup. */ + destroy_config(config); +} + +int main(int argc, char** argv) { + /* Initialization. */ + grpc_init(); + + /* Tests. */ + schedule_request_invalid_arg_test(); + schedule_request_success_test(); + schedule_request_grpc_call_failure_test(); + + /* Cleanup. */ + grpc_shutdown(); + return 0; +} diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc new file mode 100644 index 0000000000..3506264f52 --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test.cc @@ -0,0 +1,149 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdbool.h> +#include <stdio.h> +#include <stdlib.h> + +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +int main(int argc, char** argv) { + const char in_bytes[] = "HELLO GOOGLE!"; + const char out_frames[] = "HELLO WORLD!"; + const char key_data[] = "THIS IS KEY DATA."; + const char details[] = "DETAILS NEED TO BE POPULATED"; + const uint32_t max_rpc_version_major = 3; + const uint32_t max_rpc_version_minor = 2; + const uint32_t min_rpc_version_major = 2; + const uint32_t min_rpc_version_minor = 1; + + /* handshaker_req_next. */ + grpc_gcp_handshaker_req* req = grpc_gcp_handshaker_req_create(NEXT_REQ); + grpc_gcp_handshaker_req* decoded_req = + grpc_gcp_handshaker_decoded_req_create(NEXT_REQ); + GPR_ASSERT( + grpc_gcp_handshaker_req_set_in_bytes(req, in_bytes, strlen(in_bytes))); + grpc_slice encoded_req; + GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req)); + grpc_gcp_handshaker_req_destroy(req); + grpc_gcp_handshaker_req_destroy(decoded_req); + grpc_slice_unref(encoded_req); + + /* handshaker_req_client_start. */ + req = grpc_gcp_handshaker_req_create(CLIENT_START_REQ); + decoded_req = grpc_gcp_handshaker_decoded_req_create(CLIENT_START_REQ); + GPR_ASSERT(grpc_gcp_handshaker_req_set_handshake_protocol( + req, grpc_gcp_HandshakeProtocol_TLS)); + GPR_ASSERT(grpc_gcp_handshaker_req_set_local_identity_hostname( + req, "www.google.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_local_endpoint( + req, "2001:db8::8:800:200C:417a", 9876, grpc_gcp_NetworkProtocol_TCP)); + GPR_ASSERT(grpc_gcp_handshaker_req_set_remote_endpoint( + req, "2001:db8::bac5::fed0:84a2", 1234, grpc_gcp_NetworkProtocol_TCP)); + GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "grpc")); + GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "http2")); + GPR_ASSERT( + grpc_gcp_handshaker_req_add_record_protocol(req, "ALTSRP_GCM_AES256")); + GPR_ASSERT( + grpc_gcp_handshaker_req_add_record_protocol(req, "ALTSRP_GCM_AES384")); + GPR_ASSERT(grpc_gcp_handshaker_req_add_target_identity_service_account( + req, "foo@google.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_target_name( + req, "google.example.library.service")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_rpc_versions( + req, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major, + min_rpc_version_minor)); + GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req)); + grpc_gcp_handshaker_req_destroy(req); + grpc_gcp_handshaker_req_destroy(decoded_req); + grpc_slice_unref(encoded_req); + + /* handshaker_req_server_start. */ + req = grpc_gcp_handshaker_req_create(SERVER_START_REQ); + decoded_req = grpc_gcp_handshaker_decoded_req_create(SERVER_START_REQ); + GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "grpc")); + GPR_ASSERT(grpc_gcp_handshaker_req_add_application_protocol(req, "http2")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_local_endpoint( + req, "2001:db8::8:800:200C:417a", 9876, grpc_gcp_NetworkProtocol_TCP)); + GPR_ASSERT(grpc_gcp_handshaker_req_set_remote_endpoint( + req, "2001:db8::bac5::fed0:84a2", 1234, grpc_gcp_NetworkProtocol_UDP)); + GPR_ASSERT( + grpc_gcp_handshaker_req_set_in_bytes(req, in_bytes, strlen(in_bytes))); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_record_protocol( + req, grpc_gcp_HandshakeProtocol_TLS, "ALTSRP_GCM_AES128")); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_service_account( + req, grpc_gcp_HandshakeProtocol_TLS, "foo@google.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_hostname( + req, grpc_gcp_HandshakeProtocol_TLS, "yihuaz0.mtv.corp.google.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_record_protocol( + req, grpc_gcp_HandshakeProtocol_ALTS, "ALTSRP_GCM_AES128")); + GPR_ASSERT(grpc_gcp_handshaker_req_param_add_local_identity_hostname( + req, grpc_gcp_HandshakeProtocol_ALTS, "www.amazon.com")); + GPR_ASSERT(grpc_gcp_handshaker_req_set_rpc_versions( + req, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major, + min_rpc_version_minor)); + + GPR_ASSERT(grpc_gcp_handshaker_req_encode(req, &encoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_decode(encoded_req, decoded_req)); + GPR_ASSERT(grpc_gcp_handshaker_req_equals(req, decoded_req)); + grpc_gcp_handshaker_req_destroy(req); + grpc_gcp_handshaker_req_destroy(decoded_req); + grpc_slice_unref(encoded_req); + + /* handshaker_resp. */ + grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create(); + grpc_gcp_handshaker_resp* decoded_resp = grpc_gcp_handshaker_resp_create(); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames(resp, out_frames, + strlen(out_frames))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed(resp, 1024)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_application_protocol(resp, "http")); + GPR_ASSERT( + grpc_gcp_handshaker_resp_set_record_protocol(resp, "ALTSRP_GCM_AES128")); + GPR_ASSERT( + grpc_gcp_handshaker_resp_set_key_data(resp, key_data, strlen(key_data))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_local_identity_hostname( + resp, "www.faceboook.com")); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_hostname( + resp, "www.amazon.com")); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_channel_open( + resp, false /* channel_open */)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_code(resp, 1023)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_details(resp, details)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions( + resp, max_rpc_version_major, max_rpc_version_minor, min_rpc_version_major, + min_rpc_version_minor)); + grpc_slice encoded_resp; + GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &encoded_resp)); + GPR_ASSERT(grpc_gcp_handshaker_resp_decode(encoded_resp, decoded_resp)); + GPR_ASSERT(grpc_gcp_handshaker_resp_equals(resp, decoded_resp)); + grpc_gcp_handshaker_resp_destroy(resp); + grpc_gcp_handshaker_resp_destroy(decoded_resp); + grpc_slice_unref(encoded_resp); + /* Test invalid arguments. */ + GPR_ASSERT(!grpc_gcp_handshaker_req_set_in_bytes(nullptr, in_bytes, + strlen(in_bytes))); + GPR_ASSERT(!grpc_gcp_handshaker_req_param_add_record_protocol( + req, grpc_gcp_HandshakeProtocol_TLS, nullptr)); + GPR_ASSERT(!grpc_gcp_handshaker_req_param_add_local_identity_service_account( + nullptr, grpc_gcp_HandshakeProtocol_TLS, nullptr)); + GPR_ASSERT(!grpc_gcp_handshaker_resp_set_record_protocol(nullptr, nullptr)); +} diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc new file mode 100644 index 0000000000..ecca04defa --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.cc @@ -0,0 +1,642 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +const size_t kHandshakeProtocolNum = 3; + +grpc_gcp_handshaker_req* grpc_gcp_handshaker_decoded_req_create( + grpc_gcp_handshaker_req_type type) { + grpc_gcp_handshaker_req* req = + static_cast<grpc_gcp_handshaker_req*>(gpr_zalloc(sizeof(*req))); + switch (type) { + case CLIENT_START_REQ: + req->has_client_start = true; + req->client_start.target_identities.funcs.decode = + decode_repeated_identity_cb; + req->client_start.application_protocols.funcs.decode = + decode_repeated_string_cb; + req->client_start.record_protocols.funcs.decode = + decode_repeated_string_cb; + req->client_start.local_identity.hostname.funcs.decode = + decode_string_or_bytes_cb; + req->client_start.local_identity.service_account.funcs.decode = + decode_string_or_bytes_cb; + req->client_start.local_endpoint.ip_address.funcs.decode = + decode_string_or_bytes_cb; + req->client_start.remote_endpoint.ip_address.funcs.decode = + decode_string_or_bytes_cb; + req->client_start.target_name.funcs.decode = decode_string_or_bytes_cb; + break; + case SERVER_START_REQ: + req->has_server_start = true; + req->server_start.application_protocols.funcs.decode = + &decode_repeated_string_cb; + for (size_t i = 0; i < kHandshakeProtocolNum; i++) { + req->server_start.handshake_parameters[i] + .value.local_identities.funcs.decode = &decode_repeated_identity_cb; + req->server_start.handshake_parameters[i] + .value.record_protocols.funcs.decode = &decode_repeated_string_cb; + } + req->server_start.in_bytes.funcs.decode = decode_string_or_bytes_cb; + req->server_start.local_endpoint.ip_address.funcs.decode = + decode_string_or_bytes_cb; + req->server_start.remote_endpoint.ip_address.funcs.decode = + decode_string_or_bytes_cb; + break; + case NEXT_REQ: + req->has_next = true; + break; + } + return req; +} + +bool grpc_gcp_handshaker_resp_set_application_protocol( + grpc_gcp_handshaker_resp* resp, const char* application_protocol) { + if (resp == nullptr || application_protocol == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "handshaker_resp_set_application_protocol()."); + return false; + } + resp->has_result = true; + grpc_slice* slice = + create_slice(application_protocol, strlen(application_protocol)); + resp->result.application_protocol.arg = slice; + resp->result.application_protocol.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_resp_set_record_protocol( + grpc_gcp_handshaker_resp* resp, const char* record_protocol) { + if (resp == nullptr || record_protocol == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "handshaker_resp_set_record_protocol()."); + return false; + } + resp->has_result = true; + grpc_slice* slice = create_slice(record_protocol, strlen(record_protocol)); + resp->result.record_protocol.arg = slice; + resp->result.record_protocol.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_resp_set_key_data(grpc_gcp_handshaker_resp* resp, + const char* key_data, size_t size) { + if (resp == nullptr || key_data == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to handshaker_resp_set_key_data()."); + return false; + } + resp->has_result = true; + grpc_slice* slice = create_slice(key_data, size); + resp->result.key_data.arg = slice; + resp->result.key_data.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +static void set_identity_hostname(grpc_gcp_identity* identity, + const char* hostname) { + grpc_slice* slice = create_slice(hostname, strlen(hostname)); + identity->hostname.arg = slice; + identity->hostname.funcs.encode = encode_string_or_bytes_cb; +} + +static void set_identity_service_account(grpc_gcp_identity* identity, + const char* service_account) { + grpc_slice* slice = create_slice(service_account, strlen(service_account)); + identity->service_account.arg = slice; + identity->service_account.funcs.encode = encode_string_or_bytes_cb; +} + +bool grpc_gcp_handshaker_resp_set_local_identity_hostname( + grpc_gcp_handshaker_resp* resp, const char* hostname) { + if (resp == nullptr || hostname == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_local_identity_hostname()."); + return false; + } + resp->has_result = true; + resp->result.has_local_identity = true; + set_identity_hostname(&resp->result.local_identity, hostname); + return true; +} + +bool grpc_gcp_handshaker_resp_set_local_identity_service_account( + grpc_gcp_handshaker_resp* resp, const char* service_account) { + if (resp == nullptr || service_account == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_local_identity_service_account()."); + return false; + } + resp->has_result = true; + resp->result.has_local_identity = true; + set_identity_service_account(&resp->result.local_identity, service_account); + return true; +} + +bool grpc_gcp_handshaker_resp_set_peer_identity_hostname( + grpc_gcp_handshaker_resp* resp, const char* hostname) { + if (resp == nullptr || hostname == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_peer_identity_hostname()."); + return false; + } + resp->has_result = true; + resp->result.has_peer_identity = true; + set_identity_hostname(&resp->result.peer_identity, hostname); + return true; +} + +bool grpc_gcp_handshaker_resp_set_peer_identity_service_account( + grpc_gcp_handshaker_resp* resp, const char* service_account) { + if (resp == nullptr || service_account == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_peer_identity_service_account()."); + return false; + } + resp->has_result = true; + resp->result.has_peer_identity = true; + set_identity_service_account(&resp->result.peer_identity, service_account); + return true; +} + +bool grpc_gcp_handshaker_resp_set_channel_open(grpc_gcp_handshaker_resp* resp, + bool keep_channel_open) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to " + "grpc_gcp_handshaker_resp_set_channel_open()."); + return false; + } + resp->has_result = true; + resp->result.has_keep_channel_open = true; + resp->result.keep_channel_open = keep_channel_open; + return true; +} + +bool grpc_gcp_handshaker_resp_set_code(grpc_gcp_handshaker_resp* resp, + uint32_t code) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to grpc_gcp_handshaker_resp_set_code()."); + return false; + } + resp->has_status = true; + resp->status.has_code = true; + resp->status.code = code; + return true; +} + +bool grpc_gcp_handshaker_resp_set_details(grpc_gcp_handshaker_resp* resp, + const char* details) { + if (resp == nullptr || details == nullptr) { + gpr_log( + GPR_ERROR, + "Invalid nullptr arguments to grpc_gcp_handshaker_resp_set_details()."); + return false; + } + resp->has_status = true; + grpc_slice* slice = create_slice(details, strlen(details)); + resp->status.details.arg = slice; + resp->status.details.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_resp_set_out_frames(grpc_gcp_handshaker_resp* resp, + const char* out_frames, + size_t size) { + if (resp == nullptr || out_frames == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to " + "grpc_gcp_handshaker_resp_set_out_frames()."); + return false; + } + grpc_slice* slice = create_slice(out_frames, size); + resp->out_frames.arg = slice; + resp->out_frames.funcs.encode = encode_string_or_bytes_cb; + return true; +} + +bool grpc_gcp_handshaker_resp_set_bytes_consumed(grpc_gcp_handshaker_resp* resp, + int32_t bytes_consumed) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to " + "grpc_gcp_handshaker_resp_set_bytes_consumed()."); + return false; + } + resp->has_bytes_consumed = true; + resp->bytes_consumed = bytes_consumed; + return true; +} + +bool grpc_gcp_handshaker_resp_set_peer_rpc_versions( + grpc_gcp_handshaker_resp* resp, uint32_t max_major, uint32_t max_minor, + uint32_t min_major, uint32_t min_minor) { + if (resp == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to " + "grpc_gcp_handshaker_resp_set_peer_rpc_versions()."); + return false; + } + resp->has_result = true; + resp->result.has_peer_rpc_versions = true; + grpc_gcp_rpc_protocol_versions* versions = &resp->result.peer_rpc_versions; + versions->has_max_rpc_version = true; + versions->has_min_rpc_version = true; + versions->max_rpc_version.has_major = true; + versions->max_rpc_version.has_minor = true; + versions->min_rpc_version.has_major = true; + versions->min_rpc_version.has_minor = true; + versions->max_rpc_version.major = max_major; + versions->max_rpc_version.minor = max_minor; + versions->min_rpc_version.major = min_major; + versions->min_rpc_version.minor = min_minor; + return true; +} + +bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp, + grpc_slice* slice) { + if (resp == nullptr || slice == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr arguments to grpc_gcp_handshaker_resp_encode()."); + return false; + } + pb_ostream_t size_stream; + memset(&size_stream, 0, sizeof(pb_ostream_t)); + if (!pb_encode(&size_stream, grpc_gcp_HandshakerResp_fields, resp)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream)); + return false; + } + size_t encoded_length = size_stream.bytes_written; + *slice = grpc_slice_malloc(encoded_length); + pb_ostream_t output_stream = + pb_ostream_from_buffer(GRPC_SLICE_START_PTR(*slice), encoded_length); + if (!pb_encode(&output_stream, grpc_gcp_HandshakerResp_fields, resp)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&size_stream)); + return false; + } + return true; +} + +bool grpc_gcp_handshaker_req_decode(grpc_slice slice, + grpc_gcp_handshaker_req* req) { + if (req == nullptr) { + gpr_log(GPR_ERROR, + "Invalid nullptr argument to grpc_gcp_handshaker_req_decode()."); + return false; + } + pb_istream_t stream = pb_istream_from_buffer(GRPC_SLICE_START_PTR(slice), + GRPC_SLICE_LENGTH(slice)); + req->next.in_bytes.funcs.decode = decode_string_or_bytes_cb; + if (!pb_decode(&stream, grpc_gcp_HandshakerReq_fields, req)) { + gpr_log(GPR_ERROR, "nanopb error: %s", PB_GET_ERROR(&stream)); + return false; + } + return true; +} + +/* Check equality of a pair of grpc_slice fields. */ +static bool slice_equals(grpc_slice* l_slice, grpc_slice* r_slice) { + if (l_slice == nullptr && r_slice == nullptr) { + return true; + } + if (l_slice != nullptr && r_slice != nullptr) { + return grpc_slice_eq(*l_slice, *r_slice); + } + return false; +} + +/* Check equality of a pair of grpc_gcp_identity fields. */ +static bool handshaker_identity_equals(const grpc_gcp_identity* l_id, + const grpc_gcp_identity* r_id) { + if (!((l_id->hostname.arg != nullptr) != (r_id->hostname.arg != nullptr))) { + if (l_id->hostname.arg != nullptr) { + return slice_equals(static_cast<grpc_slice*>(l_id->hostname.arg), + static_cast<grpc_slice*>(r_id->hostname.arg)); + } + } else { + return false; + } + if (!((l_id->service_account.arg != nullptr) != + (r_id->service_account.arg != nullptr))) { + if (l_id->service_account.arg != nullptr) { + return slice_equals(static_cast<grpc_slice*>(l_id->service_account.arg), + static_cast<grpc_slice*>(r_id->service_account.arg)); + } + } else { + return false; + } + return true; +} + +static bool handshaker_rpc_versions_equals( + const grpc_gcp_rpc_protocol_versions* l_version, + const grpc_gcp_rpc_protocol_versions* r_version) { + bool result = true; + result &= + (l_version->max_rpc_version.major == r_version->max_rpc_version.major); + result &= + (l_version->max_rpc_version.minor == r_version->max_rpc_version.minor); + result &= + (l_version->min_rpc_version.major == r_version->min_rpc_version.major); + result &= + (l_version->min_rpc_version.minor == r_version->min_rpc_version.minor); + return result; +} + +/* Check equality of a pair of grpc_gcp_endpoint fields. */ +static bool handshaker_endpoint_equals(const grpc_gcp_endpoint* l_end, + const grpc_gcp_endpoint* r_end) { + bool result = true; + result &= (l_end->port == r_end->port); + result &= (l_end->protocol == r_end->protocol); + if (!((l_end->ip_address.arg != nullptr) != + (r_end->ip_address.arg != nullptr))) { + if (l_end->ip_address.arg != nullptr) { + result &= slice_equals(static_cast<grpc_slice*>(l_end->ip_address.arg), + static_cast<grpc_slice*>(r_end->ip_address.arg)); + } + } else { + return false; + } + return result; +} +/** + * Check if a specific repeated field (i.e., target) is contained in a repeated + * field list (i.e., head). + */ +static bool repeated_field_list_contains_identity( + const repeated_field* head, const repeated_field* target) { + repeated_field* field = const_cast<repeated_field*>(head); + while (field != nullptr) { + if (handshaker_identity_equals( + static_cast<const grpc_gcp_identity*>(field->data), + static_cast<const grpc_gcp_identity*>(target->data))) { + return true; + } + field = field->next; + } + return false; +} + +static bool repeated_field_list_contains_string(const repeated_field* head, + const repeated_field* target) { + repeated_field* field = const_cast<repeated_field*>(head); + while (field != nullptr) { + if (slice_equals((grpc_slice*)field->data, (grpc_slice*)target->data)) { + return true; + } + field = field->next; + } + return false; +} + +/* Return a length of repeated field list. */ +static size_t repeated_field_list_get_length(const repeated_field* head) { + repeated_field* field = const_cast<repeated_field*>(head); + size_t len = 0; + while (field != nullptr) { + len++; + field = field->next; + } + return len; +} + +/** + * Check if a pair of repeated field lists contain the same set of repeated + * fields. + */ +static bool repeated_field_list_equals_identity(const repeated_field* l_head, + const repeated_field* r_head) { + if (repeated_field_list_get_length(l_head) != + repeated_field_list_get_length(r_head)) { + return false; + } + repeated_field* field = const_cast<repeated_field*>(l_head); + repeated_field* head = const_cast<repeated_field*>(r_head); + while (field != nullptr) { + if (!repeated_field_list_contains_identity(head, field)) { + return false; + } + field = field->next; + } + return true; +} + +static bool repeated_field_list_equals_string(const repeated_field* l_head, + const repeated_field* r_head) { + if (repeated_field_list_get_length(l_head) != + repeated_field_list_get_length(r_head)) { + return false; + } + repeated_field* field = const_cast<repeated_field*>(l_head); + repeated_field* head = const_cast<repeated_field*>(r_head); + while (field != nullptr) { + if (!repeated_field_list_contains_string(head, field)) { + return false; + } + field = field->next; + } + return true; +} + +/* Check equality of a pair of ALTS client_start handshake requests. */ +bool grpc_gcp_handshaker_client_start_req_equals( + grpc_gcp_start_client_handshake_req* l_req, + grpc_gcp_start_client_handshake_req* r_req) { + bool result = true; + /* Compare handshake_security_protocol. */ + result &= + l_req->handshake_security_protocol == r_req->handshake_security_protocol; + /* Compare application_protocols, record_protocols, and target_identities. */ + result &= repeated_field_list_equals_string( + static_cast<const repeated_field*>(l_req->application_protocols.arg), + static_cast<const repeated_field*>(r_req->application_protocols.arg)); + result &= repeated_field_list_equals_string( + static_cast<const repeated_field*>(l_req->record_protocols.arg), + static_cast<const repeated_field*>(r_req->record_protocols.arg)); + result &= repeated_field_list_equals_identity( + static_cast<const repeated_field*>(l_req->target_identities.arg), + static_cast<const repeated_field*>(r_req->target_identities.arg)); + if ((l_req->has_local_identity ^ r_req->has_local_identity) | + (l_req->has_local_endpoint ^ r_req->has_local_endpoint) | + ((l_req->has_remote_endpoint ^ r_req->has_remote_endpoint)) | + (l_req->has_rpc_versions ^ r_req->has_rpc_versions)) { + return false; + } + /* Compare local_identity, local_endpoint, and remote_endpoint. */ + if (l_req->has_local_identity) { + result &= handshaker_identity_equals(&l_req->local_identity, + &r_req->local_identity); + } + if (l_req->has_local_endpoint) { + result &= handshaker_endpoint_equals(&l_req->local_endpoint, + &r_req->local_endpoint); + } + if (l_req->has_remote_endpoint) { + result &= handshaker_endpoint_equals(&l_req->remote_endpoint, + &r_req->remote_endpoint); + } + if (l_req->has_rpc_versions) { + result &= handshaker_rpc_versions_equals(&l_req->rpc_versions, + &r_req->rpc_versions); + } + return result; +} + +/* Check equality of a pair of ALTS server_start handshake requests. */ +bool grpc_gcp_handshaker_server_start_req_equals( + grpc_gcp_start_server_handshake_req* l_req, + grpc_gcp_start_server_handshake_req* r_req) { + bool result = true; + /* Compare application_protocols. */ + result &= repeated_field_list_equals_string( + static_cast<const repeated_field*>(l_req->application_protocols.arg), + static_cast<const repeated_field*>(r_req->application_protocols.arg)); + /* Compare handshake_parameters. */ + size_t i = 0, j = 0; + result &= + (l_req->handshake_parameters_count == r_req->handshake_parameters_count); + for (i = 0; i < l_req->handshake_parameters_count; i++) { + bool found = false; + for (j = 0; j < r_req->handshake_parameters_count; j++) { + if (l_req->handshake_parameters[i].key == + r_req->handshake_parameters[j].key) { + found = true; + result &= repeated_field_list_equals_string( + static_cast<const repeated_field*>( + l_req->handshake_parameters[i].value.record_protocols.arg), + static_cast<const repeated_field*>( + r_req->handshake_parameters[j].value.record_protocols.arg)); + result &= repeated_field_list_equals_identity( + static_cast<const repeated_field*>( + l_req->handshake_parameters[i].value.local_identities.arg), + static_cast<const repeated_field*>( + r_req->handshake_parameters[j].value.local_identities.arg)); + } + } + if (!found) { + return false; + } + } + /* Compare in_bytes, local_endpoint, remote_endpoint. */ + result &= slice_equals(static_cast<grpc_slice*>(l_req->in_bytes.arg), + static_cast<grpc_slice*>(r_req->in_bytes.arg)); + if ((l_req->has_local_endpoint ^ r_req->has_local_endpoint) | + (l_req->has_remote_endpoint ^ r_req->has_remote_endpoint) | + (l_req->has_rpc_versions ^ r_req->has_rpc_versions)) + return false; + if (l_req->has_local_endpoint) { + result &= handshaker_endpoint_equals(&l_req->local_endpoint, + &r_req->local_endpoint); + } + if (l_req->has_remote_endpoint) { + result &= handshaker_endpoint_equals(&l_req->remote_endpoint, + &r_req->remote_endpoint); + } + if (l_req->has_rpc_versions) { + result &= handshaker_rpc_versions_equals(&l_req->rpc_versions, + &r_req->rpc_versions); + } + return result; +} + +/* Check equality of a pair of ALTS handshake requests. */ +bool grpc_gcp_handshaker_req_equals(grpc_gcp_handshaker_req* l_req, + grpc_gcp_handshaker_req* r_req) { + if (l_req->has_next && r_req->has_next) { + return slice_equals(static_cast<grpc_slice*>(l_req->next.in_bytes.arg), + static_cast<grpc_slice*>(r_req->next.in_bytes.arg)); + } else if (l_req->has_client_start && r_req->has_client_start) { + return grpc_gcp_handshaker_client_start_req_equals(&l_req->client_start, + &r_req->client_start); + } else if (l_req->has_server_start && r_req->has_server_start) { + return grpc_gcp_handshaker_server_start_req_equals(&l_req->server_start, + &r_req->server_start); + } + return false; +} + +/* Check equality of a pair of ALTS handshake results. */ +bool grpc_gcp_handshaker_resp_result_equals( + grpc_gcp_handshaker_result* l_result, + grpc_gcp_handshaker_result* r_result) { + bool result = true; + /* Compare application_protocol, record_protocol, and key_data. */ + result &= slice_equals( + static_cast<grpc_slice*>(l_result->application_protocol.arg), + static_cast<grpc_slice*>(r_result->application_protocol.arg)); + result &= + slice_equals(static_cast<grpc_slice*>(l_result->record_protocol.arg), + static_cast<grpc_slice*>(r_result->record_protocol.arg)); + result &= slice_equals(static_cast<grpc_slice*>(l_result->key_data.arg), + static_cast<grpc_slice*>(r_result->key_data.arg)); + /* Compare local_identity, peer_identity, and keep_channel_open. */ + if ((l_result->has_local_identity ^ r_result->has_local_identity) | + (l_result->has_peer_identity ^ r_result->has_peer_identity) | + (l_result->has_peer_rpc_versions ^ r_result->has_peer_rpc_versions)) { + return false; + } + if (l_result->has_local_identity) { + result &= handshaker_identity_equals(&l_result->local_identity, + &r_result->local_identity); + } + if (l_result->has_peer_identity) { + result &= handshaker_identity_equals(&l_result->peer_identity, + &r_result->peer_identity); + } + if (l_result->has_peer_rpc_versions) { + result &= handshaker_rpc_versions_equals(&l_result->peer_rpc_versions, + &r_result->peer_rpc_versions); + } + result &= (l_result->keep_channel_open == r_result->keep_channel_open); + return result; +} + +/* Check equality of a pair of ALTS handshake responses. */ +bool grpc_gcp_handshaker_resp_equals(grpc_gcp_handshaker_resp* l_resp, + grpc_gcp_handshaker_resp* r_resp) { + bool result = true; + /* Compare out_frames and bytes_consumed. */ + result &= slice_equals(static_cast<grpc_slice*>(l_resp->out_frames.arg), + static_cast<grpc_slice*>(r_resp->out_frames.arg)); + result &= (l_resp->bytes_consumed == r_resp->bytes_consumed); + /* Compare result and status. */ + if ((l_resp->has_result ^ r_resp->has_result) | + (l_resp->has_status ^ r_resp->has_status)) { + return false; + } + if (l_resp->has_result) { + result &= grpc_gcp_handshaker_resp_result_equals(&l_resp->result, + &r_resp->result); + } + if (l_resp->has_status) { + result &= (l_resp->status.code == r_resp->status.code); + result &= + slice_equals(static_cast<grpc_slice*>(l_resp->status.details.arg), + static_cast<grpc_slice*>(r_resp->status.details.arg)); + } + return result; +} diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h new file mode 100644 index 0000000000..2fcbb4ea99 --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h @@ -0,0 +1,143 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H +#define GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H + +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api.h" +#include "src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h" +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +/** + * The first part of this file contains function signatures for de-serializing + * ALTS handshake requests and setting/serializing ALTS handshake responses, + * which simulate the behaviour of grpc server that runs ALTS handshaker + * service. + */ + +/** + * This method creates a ALTS handshaker request that is used to hold + * de-serialized result. + */ +grpc_gcp_handshaker_req* grpc_gcp_handshaker_decoded_req_create( + grpc_gcp_handshaker_req_type type); + +/* This method de-serializes a ALTS handshaker request. */ +bool grpc_gcp_handshaker_req_decode(grpc_slice slice, + grpc_gcp_handshaker_req* req); + +/* This method serializes a ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp, + grpc_slice* slice); + +/* This method sets application protocol of ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_application_protocol( + grpc_gcp_handshaker_resp* resp, const char* application_protocol); + +/* This method sets record protocol of ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_record_protocol( + grpc_gcp_handshaker_resp* resp, const char* record_protocol); + +/* This method sets key_data of ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_key_data(grpc_gcp_handshaker_resp* resp, + const char* key_data, size_t size); + +/* This method sets local identity's hostname for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_local_identity_hostname( + grpc_gcp_handshaker_resp* resp, const char* hostname); + +/** + * This method sets local identity's service account for ALTS handshaker + * response. + */ +bool grpc_gcp_handshaker_resp_set_local_identity_service_account( + grpc_gcp_handshaker_resp* resp, const char* service_account); + +/* This method sets peer identity's hostname for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_peer_identity_hostname( + grpc_gcp_handshaker_resp* resp, const char* hostname); + +/** + * This method sets peer identity's service account for ALTS handshaker + * response. + */ +bool grpc_gcp_handshaker_resp_set_peer_identity_service_account( + grpc_gcp_handshaker_resp* resp, const char* service_account); + +/* This method sets keep_channel_open for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_channel_open(grpc_gcp_handshaker_resp* resp, + bool keep_channel_open); + +/* This method sets code for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_code(grpc_gcp_handshaker_resp* resp, + uint32_t code); + +/* This method sets details for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_details(grpc_gcp_handshaker_resp* resp, + const char* details); + +/* This method sets out_frames for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_out_frames(grpc_gcp_handshaker_resp* resp, + const char* out_frames, + size_t size); + +/* This method sets peer_rpc_versions for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_peer_rpc_versions( + grpc_gcp_handshaker_resp* resp, uint32_t max_major, uint32_t max_minor, + uint32_t min_major, uint32_t min_minor); + +/* This method sets bytes_consumed for ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_set_bytes_consumed(grpc_gcp_handshaker_resp* resp, + int32_t bytes_consumed); + +/* This method serializes ALTS handshaker response. */ +bool grpc_gcp_handshaker_resp_encode(grpc_gcp_handshaker_resp* resp, + grpc_slice* slice); + +/* This method de-serializes ALTS handshaker request. */ +bool grpc_gcp_handshaker_req_decode(grpc_slice slice, + grpc_gcp_handshaker_req* req); + +/** + * The second part contains function signatures for checking equality of a pair + * of ALTS handshake requests/responses. + */ + +/* This method checks equality of two client_start handshaker requests. */ +bool grpc_gcp_handshaker_client_start_req_equals( + grpc_gcp_start_client_handshake_req* l_req, + grpc_gcp_start_client_handshake_req* r_req); + +/* This method checks equality of two server_start handshaker requests. */ +bool grpc_gcp_handshaker_server_start_req_equals( + grpc_gcp_start_server_handshake_req* l_req, + grpc_gcp_start_server_handshake_req* r_req); + +/* This method checks equality of two ALTS handshaker requests. */ +bool grpc_gcp_handshaker_req_equals(grpc_gcp_handshaker_req* l_req, + grpc_gcp_handshaker_req* r_req); + +/* This method checks equality of two handshaker response results. */ +bool grpc_gcp_handshaker_resp_result_equals( + grpc_gcp_handshaker_result* l_result, grpc_gcp_handshaker_result* r_result); + +/* This method checks equality of two ALTS handshaker responses. */ +bool grpc_gcp_handshaker_resp_equals(grpc_gcp_handshaker_resp* l_resp, + grpc_gcp_handshaker_resp* r_resp); + +#endif // GRPC_TEST_CORE_TSI_ALTS_HANDSHAKER_ALTS_HANDSHAKER_SERVICE_API_TEST_LIB_H diff --git a/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc b/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc new file mode 100644 index 0000000000..95724f84f4 --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_tsi_handshaker_test.cc @@ -0,0 +1,682 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdio.h> +#include <stdlib.h> + +#include <grpc/grpc.h> +#include <grpc/support/sync.h> + +#include "src/core/lib/gprpp/thd.h" +#include "src/core/tsi/alts/handshaker/alts_handshaker_client.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_event.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h" +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +#define ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES "Hello World" +#define ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME "Hello Google" +#define ALTS_TSI_HANDSHAKER_TEST_CONSUMED_BYTES "Hello " +#define ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES "Google" +#define ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY "chapi@service.google.com" +#define ALTS_TSI_HANDSHAKER_TEST_KEY_DATA \ + "ABCDEFGHIJKLMNOPABCDEFGHIJKLMNOPABCDEFGHIJKL" +#define ALTS_TSI_HANDSHAKER_TEST_BUFFER_SIZE 100 +#define ALTS_TSI_HANDSHAKER_TEST_SLEEP_TIME_IN_SECONDS 2 +#define ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR 3 +#define ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR 2 +#define ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR 2 +#define ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR 1 + +using grpc_core::internal:: + alts_tsi_handshaker_get_has_sent_start_message_for_testing; +using grpc_core::internal::alts_tsi_handshaker_get_is_client_for_testing; +using grpc_core::internal::alts_tsi_handshaker_get_recv_bytes_for_testing; +using grpc_core::internal::alts_tsi_handshaker_set_client_for_testing; +using grpc_core::internal::alts_tsi_handshaker_set_recv_bytes_for_testing; + +/* ALTS mock notification. */ +typedef struct notification { + gpr_cv cv; + gpr_mu mu; + bool notified; +} notification; + +/* ALTS mock handshaker client. */ +typedef struct alts_mock_handshaker_client { + alts_handshaker_client base; + bool used_for_success_test; +} alts_mock_handshaker_client; + +/* Type of ALTS handshaker response. */ +typedef enum { + INVALID, + FAILED, + CLIENT_START, + SERVER_START, + CLIENT_NEXT, + SERVER_NEXT, +} alts_handshaker_response_type; + +static alts_tsi_event* client_start_event; +static alts_tsi_event* client_next_event; +static alts_tsi_event* server_start_event; +static alts_tsi_event* server_next_event; +static notification caller_to_tsi_notification; +static notification tsi_to_caller_notification; + +static void notification_init(notification* n) { + gpr_mu_init(&n->mu); + gpr_cv_init(&n->cv); + n->notified = false; +} + +static void notification_destroy(notification* n) { + gpr_mu_destroy(&n->mu); + gpr_cv_destroy(&n->cv); +} + +static void signal(notification* n) { + gpr_mu_lock(&n->mu); + n->notified = true; + gpr_cv_signal(&n->cv); + gpr_mu_unlock(&n->mu); +} + +static void wait(notification* n) { + gpr_mu_lock(&n->mu); + while (!n->notified) { + gpr_cv_wait(&n->cv, &n->mu, gpr_inf_future(GPR_CLOCK_REALTIME)); + } + n->notified = false; + gpr_mu_unlock(&n->mu); +} + +/** + * This method mocks ALTS handshaker service to generate handshaker response + * for a specific request. + */ +static grpc_byte_buffer* generate_handshaker_response( + alts_handshaker_response_type type) { + grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create(); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_code(resp, 0)); + switch (type) { + case INVALID: + break; + case CLIENT_START: + case SERVER_START: + GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames( + resp, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME))); + break; + case CLIENT_NEXT: + GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames( + resp, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_service_account( + resp, ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed( + resp, strlen(ALTS_TSI_HANDSHAKER_TEST_CONSUMED_BYTES))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_key_data( + resp, ALTS_TSI_HANDSHAKER_TEST_KEY_DATA, + strlen(ALTS_TSI_HANDSHAKER_TEST_KEY_DATA))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions( + resp, ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR, + ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR, + ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR, + ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR)); + break; + case SERVER_NEXT: + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_identity_service_account( + resp, ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY)); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_bytes_consumed( + resp, strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_key_data( + resp, ALTS_TSI_HANDSHAKER_TEST_KEY_DATA, + strlen(ALTS_TSI_HANDSHAKER_TEST_KEY_DATA))); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_peer_rpc_versions( + resp, ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MAJOR, + ALTS_TSI_HANDSHAKER_TEST_MAX_RPC_VERSION_MINOR, + ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MAJOR, + ALTS_TSI_HANDSHAKER_TEST_MIN_RPC_VERSION_MINOR)); + break; + case FAILED: + GPR_ASSERT( + grpc_gcp_handshaker_resp_set_code(resp, 3 /* INVALID ARGUMENT */)); + break; + } + grpc_slice slice; + GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &slice)); + if (type == INVALID) { + grpc_slice bad_slice = + grpc_slice_split_head(&slice, GRPC_SLICE_LENGTH(slice) - 1); + grpc_slice_unref(slice); + slice = grpc_slice_ref(bad_slice); + grpc_slice_unref(bad_slice); + } + grpc_byte_buffer* buffer = + grpc_raw_byte_buffer_create(&slice, 1 /* number of slices */); + grpc_slice_unref(slice); + grpc_gcp_handshaker_resp_destroy(resp); + return buffer; +} + +static void check_must_not_be_called(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(0); +} + +static void on_client_start_success_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)); + GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + bytes_to_send_size) == 0); + GPR_ASSERT(result == nullptr); + /* Validate peer identity. */ + tsi_peer peer; + GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == + TSI_INVALID_ARGUMENT); + /* Validate frame protector. */ + tsi_frame_protector* protector = nullptr; + GPR_ASSERT(tsi_handshaker_result_create_frame_protector( + result, nullptr, &protector) == TSI_INVALID_ARGUMENT); + /* Validate unused bytes. */ + const unsigned char* unused_bytes = nullptr; + size_t unused_bytes_size = 0; + GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &unused_bytes, + &unused_bytes_size) == + TSI_INVALID_ARGUMENT); + signal(&tsi_to_caller_notification); +} + +static void on_server_start_success_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)); + GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + bytes_to_send_size) == 0); + GPR_ASSERT(result == nullptr); + /* Validate peer identity. */ + tsi_peer peer; + GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == + TSI_INVALID_ARGUMENT); + /* Validate frame protector. */ + tsi_frame_protector* protector = nullptr; + GPR_ASSERT(tsi_handshaker_result_create_frame_protector( + result, nullptr, &protector) == TSI_INVALID_ARGUMENT); + /* Validate unused bytes. */ + const unsigned char* unused_bytes = nullptr; + size_t unused_bytes_size = 0; + GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &unused_bytes, + &unused_bytes_size) == + TSI_INVALID_ARGUMENT); + signal(&tsi_to_caller_notification); +} + +static void on_client_next_success_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send_size == strlen(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME)); + GPR_ASSERT(memcmp(bytes_to_send, ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME, + bytes_to_send_size) == 0); + GPR_ASSERT(result != nullptr); + /* Validate peer identity. */ + tsi_peer peer; + GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == TSI_OK); + GPR_ASSERT(peer.property_count == kTsiAltsNumOfPeerProperties); + GPR_ASSERT(memcmp(TSI_ALTS_CERTIFICATE_TYPE, peer.properties[0].value.data, + peer.properties[0].value.length) == 0); + GPR_ASSERT(memcmp(ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY, + peer.properties[1].value.data, + peer.properties[1].value.length) == 0); + tsi_peer_destruct(&peer); + /* Validate unused bytes. */ + const unsigned char* bytes = nullptr; + size_t bytes_size = 0; + GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &bytes, + &bytes_size) == TSI_OK); + GPR_ASSERT(bytes_size == strlen(ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES)); + GPR_ASSERT(memcmp(bytes, ALTS_TSI_HANDSHAKER_TEST_REMAIN_BYTES, bytes_size) == + 0); + /* Validate frame protector. */ + tsi_frame_protector* protector = nullptr; + GPR_ASSERT(tsi_handshaker_result_create_frame_protector( + result, nullptr, &protector) == TSI_OK); + GPR_ASSERT(protector != nullptr); + tsi_frame_protector_destroy(protector); + tsi_handshaker_result_destroy(result); + signal(&tsi_to_caller_notification); +} + +static void on_server_next_success_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(result != nullptr); + /* Validate peer identity. */ + tsi_peer peer; + GPR_ASSERT(tsi_handshaker_result_extract_peer(result, &peer) == TSI_OK); + GPR_ASSERT(peer.property_count == kTsiAltsNumOfPeerProperties); + GPR_ASSERT(memcmp(TSI_ALTS_CERTIFICATE_TYPE, peer.properties[0].value.data, + peer.properties[0].value.length) == 0); + GPR_ASSERT(memcmp(ALTS_TSI_HANDSHAKER_TEST_PEER_IDENTITY, + peer.properties[1].value.data, + peer.properties[1].value.length) == 0); + tsi_peer_destruct(&peer); + /* Validate unused bytes. */ + const unsigned char* bytes = nullptr; + size_t bytes_size = 0; + GPR_ASSERT(tsi_handshaker_result_get_unused_bytes(result, &bytes, + &bytes_size) == TSI_OK); + GPR_ASSERT(bytes_size == 0); + GPR_ASSERT(bytes == nullptr); + /* Validate frame protector. */ + tsi_frame_protector* protector = nullptr; + GPR_ASSERT(tsi_handshaker_result_create_frame_protector( + result, nullptr, &protector) == TSI_OK); + GPR_ASSERT(protector != nullptr); + tsi_frame_protector_destroy(protector); + tsi_handshaker_result_destroy(result); + signal(&tsi_to_caller_notification); +} + +static tsi_result mock_client_start(alts_handshaker_client* self, + alts_tsi_event* event) { + alts_mock_handshaker_client* client = + reinterpret_cast<alts_mock_handshaker_client*>(self); + if (!client->used_for_success_test) { + alts_tsi_event_destroy(event); + return TSI_INTERNAL_ERROR; + } + GPR_ASSERT(event->cb == on_client_start_success_cb); + GPR_ASSERT(event->user_data == nullptr); + GPR_ASSERT(!alts_tsi_handshaker_get_has_sent_start_message_for_testing( + event->handshaker)); + /* Populate handshaker response for client_start request. */ + event->recv_buffer = generate_handshaker_response(CLIENT_START); + client_start_event = event; + signal(&caller_to_tsi_notification); + return TSI_OK; +} + +static tsi_result mock_server_start(alts_handshaker_client* self, + alts_tsi_event* event, + grpc_slice* bytes_received) { + alts_mock_handshaker_client* client = + reinterpret_cast<alts_mock_handshaker_client*>(self); + if (!client->used_for_success_test) { + alts_tsi_event_destroy(event); + return TSI_INTERNAL_ERROR; + } + GPR_ASSERT(event->cb == on_server_start_success_cb); + GPR_ASSERT(event->user_data == nullptr); + grpc_slice slice = grpc_empty_slice(); + GPR_ASSERT(grpc_slice_cmp(*bytes_received, slice) == 0); + GPR_ASSERT(!alts_tsi_handshaker_get_has_sent_start_message_for_testing( + event->handshaker)); + /* Populate handshaker response for server_start request. */ + event->recv_buffer = generate_handshaker_response(SERVER_START); + server_start_event = event; + grpc_slice_unref(slice); + signal(&caller_to_tsi_notification); + return TSI_OK; +} + +static tsi_result mock_next(alts_handshaker_client* self, alts_tsi_event* event, + grpc_slice* bytes_received) { + alts_mock_handshaker_client* client = + reinterpret_cast<alts_mock_handshaker_client*>(self); + if (!client->used_for_success_test) { + alts_tsi_event_destroy(event); + return TSI_INTERNAL_ERROR; + } + bool is_client = + alts_tsi_handshaker_get_is_client_for_testing(event->handshaker); + if (is_client) { + GPR_ASSERT(event->cb == on_client_next_success_cb); + } else { + GPR_ASSERT(event->cb == on_server_next_success_cb); + } + GPR_ASSERT(event->user_data == nullptr); + GPR_ASSERT(bytes_received != nullptr); + GPR_ASSERT(memcmp(GRPC_SLICE_START_PTR(*bytes_received), + ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + GRPC_SLICE_LENGTH(*bytes_received)) == 0); + GPR_ASSERT(grpc_slice_cmp(alts_tsi_handshaker_get_recv_bytes_for_testing( + event->handshaker), + *bytes_received) == 0); + GPR_ASSERT(alts_tsi_handshaker_get_has_sent_start_message_for_testing( + event->handshaker)); + /* Populate handshaker response for next request. */ + grpc_slice out_frame = + grpc_slice_from_static_string(ALTS_TSI_HANDSHAKER_TEST_OUT_FRAME); + if (is_client) { + event->recv_buffer = generate_handshaker_response(CLIENT_NEXT); + } else { + event->recv_buffer = generate_handshaker_response(SERVER_NEXT); + } + alts_tsi_handshaker_set_recv_bytes_for_testing(event->handshaker, &out_frame); + if (is_client) { + client_next_event = event; + } else { + server_next_event = event; + } + signal(&caller_to_tsi_notification); + grpc_slice_unref(out_frame); + return TSI_OK; +} + +static void mock_destruct(alts_handshaker_client* client) {} + +static const alts_handshaker_client_vtable vtable = { + mock_client_start, mock_server_start, mock_next, mock_destruct}; + +static alts_handshaker_client* alts_mock_handshaker_client_create( + bool used_for_success_test) { + alts_mock_handshaker_client* client = + static_cast<alts_mock_handshaker_client*>(gpr_zalloc(sizeof(*client))); + client->base.vtable = &vtable; + client->used_for_success_test = used_for_success_test; + return &client->base; +} + +static tsi_handshaker* create_test_handshaker(bool used_for_success_test, + bool is_client) { + tsi_handshaker* handshaker = nullptr; + alts_handshaker_client* client = + alts_mock_handshaker_client_create(used_for_success_test); + grpc_alts_credentials_options* options = + grpc_alts_credentials_client_options_create(); + alts_tsi_handshaker_create(options, "target_name", "lame", is_client, + &handshaker); + alts_tsi_handshaker* alts_handshaker = + reinterpret_cast<alts_tsi_handshaker*>(handshaker); + alts_tsi_handshaker_set_client_for_testing(alts_handshaker, client); + grpc_alts_credentials_options_destroy(options); + return handshaker; +} + +static void check_handshaker_next_invalid_input() { + /* Initialization. */ + tsi_handshaker* handshaker = create_test_handshaker(true, true); + /* Check nullptr handshaker. */ + GPR_ASSERT(tsi_handshaker_next(nullptr, nullptr, 0, nullptr, nullptr, nullptr, + check_must_not_be_called, + nullptr) == TSI_INVALID_ARGUMENT); + /* Check nullptr callback. */ + GPR_ASSERT(tsi_handshaker_next(handshaker, nullptr, 0, nullptr, nullptr, + nullptr, nullptr, + nullptr) == TSI_INVALID_ARGUMENT); + /* Cleanup. */ + tsi_handshaker_destroy(handshaker); +} + +static void check_handshaker_next_success() { + /** + * Create handshakers for which internal mock client is going to do + * correctness check. + */ + tsi_handshaker* client_handshaker = create_test_handshaker( + true /* used_for_success_test */, true /* is_client */); + tsi_handshaker* server_handshaker = create_test_handshaker( + true /* used_for_success_test */, false /* is_client */); + /* Client start. */ + GPR_ASSERT(tsi_handshaker_next(client_handshaker, nullptr, 0, nullptr, + nullptr, nullptr, on_client_start_success_cb, + nullptr) == TSI_ASYNC); + wait(&tsi_to_caller_notification); + /* Client next. */ + GPR_ASSERT(tsi_handshaker_next( + client_handshaker, + (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr, + nullptr, on_client_next_success_cb, nullptr) == TSI_ASYNC); + wait(&tsi_to_caller_notification); + /* Server start. */ + GPR_ASSERT(tsi_handshaker_next(server_handshaker, nullptr, 0, nullptr, + nullptr, nullptr, on_server_start_success_cb, + nullptr) == TSI_ASYNC); + wait(&tsi_to_caller_notification); + /* Server next. */ + GPR_ASSERT(tsi_handshaker_next( + server_handshaker, + (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr, + nullptr, on_server_next_success_cb, nullptr) == TSI_ASYNC); + wait(&tsi_to_caller_notification); + /* Cleanup. */ + tsi_handshaker_destroy(server_handshaker); + tsi_handshaker_destroy(client_handshaker); +} + +static void check_handshaker_next_failure() { + /** + * Create handshakers for which internal mock client is always going to fail. + */ + tsi_handshaker* client_handshaker = create_test_handshaker( + false /* used_for_success_test */, true /* is_client */); + tsi_handshaker* server_handshaker = create_test_handshaker( + false /* used_for_success_test */, false /* is_client */); + /* Client start. */ + GPR_ASSERT(tsi_handshaker_next(client_handshaker, nullptr, 0, nullptr, + nullptr, nullptr, check_must_not_be_called, + nullptr) == TSI_INTERNAL_ERROR); + /* Server start. */ + GPR_ASSERT(tsi_handshaker_next(server_handshaker, nullptr, 0, nullptr, + nullptr, nullptr, check_must_not_be_called, + nullptr) == TSI_INTERNAL_ERROR); + /* Server next. */ + GPR_ASSERT(tsi_handshaker_next( + server_handshaker, + (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr, + nullptr, check_must_not_be_called, + nullptr) == TSI_INTERNAL_ERROR); + /* Client next. */ + GPR_ASSERT(tsi_handshaker_next( + client_handshaker, + (const unsigned char*)ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES, + strlen(ALTS_TSI_HANDSHAKER_TEST_RECV_BYTES), nullptr, nullptr, + nullptr, check_must_not_be_called, + nullptr) == TSI_INTERNAL_ERROR); + /* Cleanup. */ + tsi_handshaker_destroy(server_handshaker); + tsi_handshaker_destroy(client_handshaker); +} + +static void on_invalid_input_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_INTERNAL_ERROR); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(result == nullptr); +} + +static void on_failed_grpc_call_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_INTERNAL_ERROR); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(result == nullptr); +} + +static void check_handle_response_invalid_input() { + /** + * Create a handshaker at the client side, for which internal mock client is + * always going to fail. + */ + tsi_handshaker* handshaker = create_test_handshaker( + false /* used_for_success_test */, true /* is_client */); + alts_tsi_handshaker* alts_handshaker = + reinterpret_cast<alts_tsi_handshaker*>(handshaker); + grpc_byte_buffer recv_buffer; + /* Check nullptr handshaker. */ + alts_tsi_handshaker_handle_response(nullptr, &recv_buffer, GRPC_STATUS_OK, + nullptr, on_invalid_input_cb, nullptr, + true); + /* Check nullptr recv_bytes. */ + alts_tsi_handshaker_handle_response(alts_handshaker, nullptr, GRPC_STATUS_OK, + nullptr, on_invalid_input_cb, nullptr, + true); + /* Check failed grpc call made to handshaker service. */ + alts_tsi_handshaker_handle_response(alts_handshaker, &recv_buffer, + GRPC_STATUS_UNKNOWN, nullptr, + on_failed_grpc_call_cb, nullptr, true); + + alts_tsi_handshaker_handle_response(alts_handshaker, &recv_buffer, + GRPC_STATUS_OK, nullptr, + on_failed_grpc_call_cb, nullptr, false); + + /* Cleanup. */ + tsi_handshaker_destroy(handshaker); +} + +static void on_invalid_resp_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_DATA_CORRUPTED); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(result == nullptr); +} + +static void check_handle_response_invalid_resp() { + /** + * Create a handshaker at the client side, for which internal mock client is + * always going to fail. + */ + tsi_handshaker* handshaker = create_test_handshaker( + false /* used_for_success_test */, true /* is_client */); + alts_tsi_handshaker* alts_handshaker = + reinterpret_cast<alts_tsi_handshaker*>(handshaker); + /* Tests. */ + grpc_byte_buffer* recv_buffer = generate_handshaker_response(INVALID); + alts_tsi_handshaker_handle_response(alts_handshaker, recv_buffer, + GRPC_STATUS_OK, nullptr, + on_invalid_resp_cb, nullptr, true); + /* Cleanup. */ + grpc_byte_buffer_destroy(recv_buffer); + tsi_handshaker_destroy(handshaker); +} + +static void check_handle_response_success(void* unused) { + /* Client start. */ + wait(&caller_to_tsi_notification); + alts_tsi_event_dispatch_to_handshaker(client_start_event, true /* is_ok */); + alts_tsi_event_destroy(client_start_event); + /* Client next. */ + wait(&caller_to_tsi_notification); + alts_tsi_event_dispatch_to_handshaker(client_next_event, true /* is_ok */); + alts_tsi_event_destroy(client_next_event); + /* Server start. */ + wait(&caller_to_tsi_notification); + alts_tsi_event_dispatch_to_handshaker(server_start_event, true /* is_ok */); + alts_tsi_event_destroy(server_start_event); + /* Server next. */ + wait(&caller_to_tsi_notification); + alts_tsi_event_dispatch_to_handshaker(server_next_event, true /* is_ok */); + alts_tsi_event_destroy(server_next_event); +} + +static void on_failed_resp_cb(tsi_result status, void* user_data, + const unsigned char* bytes_to_send, + size_t bytes_to_send_size, + tsi_handshaker_result* result) { + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + GPR_ASSERT(user_data == nullptr); + GPR_ASSERT(bytes_to_send == nullptr); + GPR_ASSERT(bytes_to_send_size == 0); + GPR_ASSERT(result == nullptr); +} + +static void check_handle_response_failure() { + /** + * Create a handshaker at the client side, for which internal mock client is + * always going to fail. + */ + tsi_handshaker* handshaker = create_test_handshaker( + false /* used_for_success_test */, true /* is_client */); + alts_tsi_handshaker* alts_handshaker = + reinterpret_cast<alts_tsi_handshaker*>(handshaker); + /* Tests. */ + grpc_byte_buffer* recv_buffer = generate_handshaker_response(FAILED); + alts_tsi_handshaker_handle_response(alts_handshaker, recv_buffer, + GRPC_STATUS_OK, nullptr, + on_failed_resp_cb, nullptr, true); + grpc_byte_buffer_destroy(recv_buffer); + /* Cleanup. */ + tsi_handshaker_destroy(handshaker); +} + +void check_handshaker_success() { + /* Initialization. */ + notification_init(&caller_to_tsi_notification); + notification_init(&tsi_to_caller_notification); + client_start_event = nullptr; + client_next_event = nullptr; + server_start_event = nullptr; + server_next_event = nullptr; + /* Tests. */ + grpc_core::Thread thd("alts_tsi_handshaker_test", + &check_handle_response_success, nullptr); + thd.Start(); + check_handshaker_next_success(); + thd.Join(); + /* Cleanup. */ + notification_destroy(&caller_to_tsi_notification); + notification_destroy(&tsi_to_caller_notification); +} + +int main(int argc, char** argv) { + /* Initialization. */ + grpc_init(); + /* Tests. */ + check_handshaker_success(); + check_handshaker_next_invalid_input(); + check_handshaker_next_failure(); + check_handle_response_invalid_input(); + check_handle_response_invalid_resp(); + check_handle_response_failure(); + /* Cleanup. */ + grpc_shutdown(); + return 0; +} diff --git a/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc b/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc new file mode 100644 index 0000000000..98c5d23641 --- /dev/null +++ b/test/core/tsi/alts/handshaker/alts_tsi_utils_test.cc @@ -0,0 +1,73 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "src/core/tsi/alts/handshaker/alts_tsi_utils.h" +#include "test/core/tsi/alts/handshaker/alts_handshaker_service_api_test_lib.h" + +#define ALTS_TSI_UTILS_TEST_OUT_FRAME "Hello Google" + +static void convert_to_tsi_result_test() { + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_OK) == TSI_OK); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_UNKNOWN) == + TSI_UNKNOWN_ERROR); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result( + GRPC_STATUS_INVALID_ARGUMENT) == TSI_INVALID_ARGUMENT); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_OUT_OF_RANGE) == + TSI_UNKNOWN_ERROR); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_INTERNAL) == + TSI_INTERNAL_ERROR); + GPR_ASSERT(alts_tsi_utils_convert_to_tsi_result(GRPC_STATUS_NOT_FOUND) == + TSI_NOT_FOUND); +} + +static void deserialize_response_test() { + grpc_gcp_handshaker_resp* resp = grpc_gcp_handshaker_resp_create(); + GPR_ASSERT(grpc_gcp_handshaker_resp_set_out_frames( + resp, ALTS_TSI_UTILS_TEST_OUT_FRAME, + strlen(ALTS_TSI_UTILS_TEST_OUT_FRAME))); + grpc_slice slice; + GPR_ASSERT(grpc_gcp_handshaker_resp_encode(resp, &slice)); + + /* Valid serialization. */ + grpc_byte_buffer* buffer = + grpc_raw_byte_buffer_create(&slice, 1 /* number of slices */); + grpc_gcp_handshaker_resp* decoded_resp = + alts_tsi_utils_deserialize_response(buffer); + GPR_ASSERT(grpc_gcp_handshaker_resp_equals(resp, decoded_resp)); + grpc_byte_buffer_destroy(buffer); + + /* Invalid serializaiton. */ + grpc_slice bad_slice = + grpc_slice_split_head(&slice, GRPC_SLICE_LENGTH(slice) - 1); + buffer = grpc_raw_byte_buffer_create(&bad_slice, 1 /* number of slices */); + GPR_ASSERT(alts_tsi_utils_deserialize_response(buffer) == nullptr); + + /* Clean up. */ + grpc_slice_unref(slice); + grpc_slice_unref(bad_slice); + grpc_byte_buffer_destroy(buffer); + grpc_gcp_handshaker_resp_destroy(resp); + grpc_gcp_handshaker_resp_destroy(decoded_resp); +} + +int main(int argc, char** argv) { + /* Tests. */ + deserialize_response_test(); + convert_to_tsi_result_test(); + return 0; +} diff --git a/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc b/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc new file mode 100644 index 0000000000..6ff1357c27 --- /dev/null +++ b/test/core/tsi/alts/handshaker/transport_security_common_api_test.cc @@ -0,0 +1,196 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <stdbool.h> +#include <stdio.h> +#include <stdlib.h> + +#include "src/core/tsi/alts/handshaker/transport_security_common_api.h" + +const size_t kMaxRpcVersionMajor = 3; +const size_t kMaxRpcVersionMinor = 2; +const size_t kMinRpcVersionMajor = 2; +const size_t kMinRpcVersionMinor = 1; + +static bool grpc_gcp_rpc_protocol_versions_equal( + grpc_gcp_rpc_protocol_versions* l_versions, + grpc_gcp_rpc_protocol_versions* r_versions) { + GPR_ASSERT(l_versions != nullptr && r_versions != nullptr); + if ((l_versions->has_max_rpc_version ^ r_versions->has_max_rpc_version) | + (l_versions->has_min_rpc_version ^ r_versions->has_min_rpc_version)) { + return false; + } + if (l_versions->has_max_rpc_version) { + if ((l_versions->max_rpc_version.major != + r_versions->max_rpc_version.major) || + (l_versions->max_rpc_version.minor != + r_versions->max_rpc_version.minor)) { + return false; + } + } + if (l_versions->has_min_rpc_version) { + if ((l_versions->min_rpc_version.major != + r_versions->min_rpc_version.major) || + (l_versions->min_rpc_version.minor != + r_versions->min_rpc_version.minor)) { + return false; + } + } + return true; +} + +static void test_success() { + grpc_gcp_rpc_protocol_versions version; + grpc_gcp_rpc_protocol_versions decoded_version; + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max( + &version, kMaxRpcVersionMajor, kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min( + &version, kMinRpcVersionMajor, kMinRpcVersionMinor)); + /* Serializes to raw bytes. */ + size_t encoded_length = + grpc_gcp_rpc_protocol_versions_encode_length(&version); + uint8_t* encoded_bytes = static_cast<uint8_t*>(gpr_malloc(encoded_length)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + &version, encoded_bytes, encoded_length)); + grpc_slice encoded_slice; + /* Serializes to grpc slice. */ + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode(&version, &encoded_slice)); + /* Checks serialized raw bytes and serialized grpc slice have same content. */ + GPR_ASSERT(encoded_length == GRPC_SLICE_LENGTH(encoded_slice)); + GPR_ASSERT(memcmp(encoded_bytes, GRPC_SLICE_START_PTR(encoded_slice), + encoded_length) == 0); + /* Deserializes and compares with the original version. */ + GPR_ASSERT( + grpc_gcp_rpc_protocol_versions_decode(encoded_slice, &decoded_version)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_equal(&version, &decoded_version)); + grpc_slice_unref(encoded_slice); + gpr_free(encoded_bytes); +} + +static void test_failure() { + grpc_gcp_rpc_protocol_versions version, decoded_version; + grpc_slice encoded_slice; + /* Test for invalid arguments. */ + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_set_max( + nullptr, kMaxRpcVersionMajor, kMaxRpcVersionMinor)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_set_min( + nullptr, kMinRpcVersionMajor, kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode_length(nullptr) == 0); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max( + &version, kMaxRpcVersionMajor, kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min( + &version, kMinRpcVersionMajor, kMinRpcVersionMinor)); + size_t encoded_length = + grpc_gcp_rpc_protocol_versions_encode_length(&version); + uint8_t* encoded_bytes = static_cast<uint8_t*>(gpr_malloc(encoded_length)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + nullptr, encoded_bytes, encoded_length)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + &version, nullptr, encoded_length)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode_to_raw_bytes( + &version, encoded_bytes, 0)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode(nullptr, &encoded_slice)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_encode(&version, nullptr)); + GPR_ASSERT(!grpc_gcp_rpc_protocol_versions_decode(encoded_slice, nullptr)); + /* Test for nanopb decode. */ + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_encode(&version, &encoded_slice)); + grpc_slice bad_slice = grpc_slice_split_head( + &encoded_slice, GRPC_SLICE_LENGTH(encoded_slice) - 1); + grpc_slice_unref(encoded_slice); + GPR_ASSERT( + !grpc_gcp_rpc_protocol_versions_decode(bad_slice, &decoded_version)); + grpc_slice_unref(bad_slice); + gpr_free(encoded_bytes); +} + +static void test_copy() { + grpc_gcp_rpc_protocol_versions src; + grpc_gcp_rpc_protocol_versions des; + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&src, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&src, kMinRpcVersionMajor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_copy(&src, &des)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_equal(&src, &des)); +} + +static void test_check_success() { + grpc_gcp_rpc_protocol_versions v1; + grpc_gcp_rpc_protocol_versions v2; + grpc_gcp_rpc_protocol_versions_version highest_common_version; + /* test equality. */ + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check( + (const grpc_gcp_rpc_protocol_versions*)&v1, + (const grpc_gcp_rpc_protocol_versions*)&v2, + &highest_common_version) == 1); + GPR_ASSERT(grpc_core::internal::grpc_gcp_rpc_protocol_version_compare( + &highest_common_version, &v1.max_rpc_version) == 0); + + /* test inequality. */ + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMinRpcVersionMinor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMinRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check( + (const grpc_gcp_rpc_protocol_versions*)&v1, + (const grpc_gcp_rpc_protocol_versions*)&v2, + &highest_common_version) == 1); + GPR_ASSERT(grpc_core::internal::grpc_gcp_rpc_protocol_version_compare( + &highest_common_version, &v2.max_rpc_version) == 0); +} + +static void test_check_failure() { + grpc_gcp_rpc_protocol_versions v1; + grpc_gcp_rpc_protocol_versions v2; + grpc_gcp_rpc_protocol_versions_version highest_common_version; + + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v1, kMinRpcVersionMajor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v1, kMinRpcVersionMajor, + kMinRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_max(&v2, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_set_min(&v2, kMaxRpcVersionMajor, + kMaxRpcVersionMinor)); + GPR_ASSERT(grpc_gcp_rpc_protocol_versions_check( + (const grpc_gcp_rpc_protocol_versions*)&v1, + (const grpc_gcp_rpc_protocol_versions*)&v2, + &highest_common_version) == 0); +} + +int main(int argc, char** argv) { + /* Run tests. */ + test_success(); + test_failure(); + test_copy(); + test_check_success(); + test_check_failure(); + return 0; +} diff --git a/test/core/tsi/alts/zero_copy_frame_protector/BUILD b/test/core/tsi/alts/zero_copy_frame_protector/BUILD new file mode 100644 index 0000000000..80f4572d94 --- /dev/null +++ b/test/core/tsi/alts/zero_copy_frame_protector/BUILD @@ -0,0 +1,49 @@ +# Copyright 2018 gRPC authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +load("//bazel:grpc_build_system.bzl", "grpc_cc_test", "grpc_package") + +licenses(["notice"]) # Apache v2 + +grpc_package(name = "zero_copy_frame_protector") + +grpc_cc_test( + name = "alts_grpc_record_protocol_test", + srcs = ["alts_grpc_record_protocol_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) + +grpc_cc_test( + name = "alts_iovec_record_protocol_test", + srcs = ["alts_iovec_record_protocol_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) + +grpc_cc_test( + name = "alts_zero_copy_grpc_protector_test", + srcs = ["alts_zero_copy_grpc_protector_test.cc"], + language = "C++", + deps = [ + "//:grpc", + "//test/core/tsi/alts/crypt:alts_crypt_test_util", + ], +) diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc new file mode 100644 index 0000000000..fbbea71cb7 --- /dev/null +++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_test.cc @@ -0,0 +1,449 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/slice/slice_internal.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +constexpr size_t kMaxSliceLength = 256; +constexpr size_t kMaxSlices = 10; +constexpr size_t kSealRepeatTimes = 5; +constexpr size_t kTagLength = 16; + +/* Test fixtures for each test cases. */ +struct alts_grpc_record_protocol_test_fixture { + alts_grpc_record_protocol* client_protect; + alts_grpc_record_protocol* client_unprotect; + alts_grpc_record_protocol* server_protect; + alts_grpc_record_protocol* server_unprotect; +}; + +/* Test input variables for protect/unprotect operations. */ +struct alts_grpc_record_protocol_test_var { + size_t header_length; + size_t tag_length; + grpc_slice_buffer original_sb; + grpc_slice_buffer duplicate_sb; + grpc_slice_buffer protected_sb; + grpc_slice_buffer unprotected_sb; +}; + +/* --- Test utility functions. --- */ + +static void create_random_slice_buffer(grpc_slice_buffer* sb) { + GPR_ASSERT(sb != nullptr); + size_t slice_count = gsec_test_bias_random_uint32(kMaxSlices) + 1; + for (size_t i = 0; i < slice_count; i++) { + size_t slice_length = gsec_test_bias_random_uint32(kMaxSliceLength) + 1; + grpc_slice slice = GRPC_SLICE_MALLOC(slice_length); + gsec_test_random_bytes(GRPC_SLICE_START_PTR(slice), slice_length); + grpc_slice_buffer_add(sb, slice); + } +} + +static uint8_t* pointer_to_nth_byte(grpc_slice_buffer* sb, size_t index) { + GPR_ASSERT(sb != nullptr); + GPR_ASSERT(index < sb->length); + for (size_t i = 0; i < sb->count; i++) { + if (index < GRPC_SLICE_LENGTH(sb->slices[i])) { + return GRPC_SLICE_START_PTR(sb->slices[i]) + index; + } else { + index -= GRPC_SLICE_LENGTH(sb->slices[i]); + } + } + return nullptr; +} + +/* Checks if two slice buffer contents are the same. It is not super efficient, + * but OK for testing. */ +static bool are_slice_buffers_equal(grpc_slice_buffer* first, + grpc_slice_buffer* second) { + GPR_ASSERT(first != nullptr); + GPR_ASSERT(second != nullptr); + if (first->length != second->length) { + return false; + } + for (size_t i = 0; i < first->length; i++) { + uint8_t* first_ptr = pointer_to_nth_byte(first, i); + uint8_t* second_ptr = pointer_to_nth_byte(second, i); + GPR_ASSERT(first_ptr != nullptr); + GPR_ASSERT(second_ptr != nullptr); + if ((*first_ptr) != (*second_ptr)) { + return false; + } + } + return true; +} + +static void alter_random_byte(grpc_slice_buffer* sb) { + GPR_ASSERT(sb != nullptr); + if (sb->length == 0) { + return; + } + uint32_t offset = + gsec_test_bias_random_uint32(static_cast<uint32_t>(sb->length)); + uint8_t* ptr = pointer_to_nth_byte(sb, offset); + (*ptr)++; +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_integrity_only_create(bool rekey) { + alts_grpc_record_protocol_test_fixture* fixture = + static_cast<alts_grpc_record_protocol_test_fixture*>( + gpr_zalloc(sizeof(alts_grpc_record_protocol_test_fixture))); + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aead_crypter* crypter = nullptr; + + /* Create client record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create( + crypter, 8, /*is_client=*/true, /*is_protect=*/true, + &fixture->client_protect) == TSI_OK); + /* Create client record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create( + crypter, 8, /*is_client=*/true, /*is_protect=*/false, + &fixture->client_unprotect) == TSI_OK); + /* Create server record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create( + crypter, 8, /*is_client=*/false, /*is_protect=*/true, + &fixture->server_protect) == TSI_OK); + /* Create server record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_integrity_only_record_protocol_create( + crypter, 8, /*is_client=*/false, /*is_protect=*/false, + &fixture->server_unprotect) == TSI_OK); + + gpr_free(key); + return fixture; +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_integrity_only_no_rekey_create() { + return test_fixture_integrity_only_create(false); +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_integrity_only_rekey_create() { + return test_fixture_integrity_only_create(true); +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_privacy_integrity_create(bool rekey) { + alts_grpc_record_protocol_test_fixture* fixture = + static_cast<alts_grpc_record_protocol_test_fixture*>( + gpr_zalloc(sizeof(alts_grpc_record_protocol_test_fixture))); + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aead_crypter* crypter = nullptr; + + /* Create client record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create( + crypter, 8, /*is_client=*/true, /*is_protect=*/true, + &fixture->client_protect) == TSI_OK); + /* Create client record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create( + crypter, 8, /*is_client=*/true, /*is_protect=*/false, + &fixture->client_unprotect) == TSI_OK); + /* Create server record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create( + crypter, 8, /*is_client=*/false, /*is_protect=*/true, + &fixture->server_protect) == TSI_OK); + /* Create server record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_grpc_privacy_integrity_record_protocol_create( + crypter, 8, /*is_client=*/false, /*is_protect=*/false, + &fixture->server_unprotect) == TSI_OK); + + gpr_free(key); + return fixture; +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_privacy_integrity_no_rekey_create() { + return test_fixture_privacy_integrity_create(false); +} + +static alts_grpc_record_protocol_test_fixture* +test_fixture_privacy_integrity_rekey_create() { + return test_fixture_privacy_integrity_create(true); +} + +static void alts_grpc_record_protocol_test_fixture_destroy( + alts_grpc_record_protocol_test_fixture* fixture) { + if (fixture == nullptr) { + return; + } + grpc_core::ExecCtx exec_ctx; + alts_grpc_record_protocol_destroy(fixture->client_protect); + alts_grpc_record_protocol_destroy(fixture->client_unprotect); + alts_grpc_record_protocol_destroy(fixture->server_protect); + alts_grpc_record_protocol_destroy(fixture->server_unprotect); + grpc_core::ExecCtx::Get()->Flush(); + gpr_free(fixture); +} + +static alts_grpc_record_protocol_test_var* +alts_grpc_record_protocol_test_var_create() { + alts_grpc_record_protocol_test_var* var = + static_cast<alts_grpc_record_protocol_test_var*>( + gpr_zalloc(sizeof(alts_grpc_record_protocol_test_var))); + var->header_length = alts_iovec_record_protocol_get_header_length(); + var->tag_length = kTagLength; + /* Initialized slice buffers. */ + grpc_slice_buffer_init(&var->original_sb); + grpc_slice_buffer_init(&var->duplicate_sb); + grpc_slice_buffer_init(&var->protected_sb); + grpc_slice_buffer_init(&var->unprotected_sb); + /* Randomly sets content of original_sb, and copies into duplicate_sb. */ + create_random_slice_buffer(&var->original_sb); + for (size_t i = 0; i < var->original_sb.count; i++) { + grpc_slice_buffer_add(&var->duplicate_sb, + grpc_slice_ref(var->original_sb.slices[i])); + } + return var; +} + +static void alts_grpc_record_protocol_test_var_destroy( + alts_grpc_record_protocol_test_var* var) { + if (var == nullptr) { + return; + } + grpc_slice_buffer_destroy_internal(&var->original_sb); + grpc_slice_buffer_destroy_internal(&var->duplicate_sb); + grpc_slice_buffer_destroy_internal(&var->protected_sb); + grpc_slice_buffer_destroy_internal(&var->unprotected_sb); + gpr_free(var); +} + +/* --- alts grpc record protocol tests. --- */ + +static void random_seal_unseal(alts_grpc_record_protocol* sender, + alts_grpc_record_protocol* receiver) { + grpc_core::ExecCtx exec_ctx; + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Seals and then unseals. */ + size_t data_length = var->original_sb.length; + tsi_result status = alts_grpc_record_protocol_protect( + sender, &var->original_sb, &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(var->protected_sb.length == + data_length + var->header_length + var->tag_length); + status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb, + &var->unprotected_sb); + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT( + are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb)); + alts_grpc_record_protocol_test_var_destroy(var); + } + grpc_core::ExecCtx::Get()->Flush(); +} + +static void empty_seal_unseal(alts_grpc_record_protocol* sender, + alts_grpc_record_protocol* receiver) { + grpc_core::ExecCtx exec_ctx; + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Seals and then unseals empty payload. */ + grpc_slice_buffer_reset_and_unref_internal(&var->original_sb); + grpc_slice_buffer_reset_and_unref_internal(&var->duplicate_sb); + tsi_result status = alts_grpc_record_protocol_protect( + sender, &var->original_sb, &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT(var->protected_sb.length == + var->header_length + var->tag_length); + status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb, + &var->unprotected_sb); + GPR_ASSERT(status == TSI_OK); + GPR_ASSERT( + are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb)); + alts_grpc_record_protocol_test_var_destroy(var); + } + grpc_core::ExecCtx::Get()->Flush(); +} + +static void unsync_seal_unseal(alts_grpc_record_protocol* sender, + alts_grpc_record_protocol* receiver) { + grpc_core::ExecCtx exec_ctx; + tsi_result status; + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Seals once. */ + status = alts_grpc_record_protocol_protect(sender, &var->original_sb, + &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + grpc_slice_buffer_reset_and_unref_internal(&var->protected_sb); + /* Seals again. */ + status = alts_grpc_record_protocol_protect(sender, &var->duplicate_sb, + &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + /* Unseals the second frame. */ + status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb, + &var->unprotected_sb); + GPR_ASSERT(status == TSI_INTERNAL_ERROR); + alts_grpc_record_protocol_test_var_destroy(var); + grpc_core::ExecCtx::Get()->Flush(); +} + +static void corrupted_data(alts_grpc_record_protocol* sender, + alts_grpc_record_protocol* receiver) { + grpc_core::ExecCtx exec_ctx; + tsi_result status; + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Seals once. */ + status = alts_grpc_record_protocol_protect(sender, &var->original_sb, + &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + /* Corrupts one byte in protected_sb and tries to unprotect. */ + alter_random_byte(&var->protected_sb); + status = alts_grpc_record_protocol_unprotect(receiver, &var->protected_sb, + &var->unprotected_sb); + GPR_ASSERT(status == TSI_INTERNAL_ERROR); + alts_grpc_record_protocol_test_var_destroy(var); + grpc_core::ExecCtx::Get()->Flush(); +} + +static void input_check(alts_grpc_record_protocol* rp) { + grpc_core::ExecCtx exec_ctx; + tsi_result status; + alts_grpc_record_protocol_test_var* var = + alts_grpc_record_protocol_test_var_create(); + /* Protects with nullptr input. */ + status = alts_grpc_record_protocol_protect(rp, nullptr, &var->protected_sb); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + status = alts_grpc_record_protocol_protect(rp, &var->original_sb, nullptr); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + /* Unprotects with nullptr input. */ + status = alts_grpc_record_protocol_protect(rp, &var->original_sb, + &var->protected_sb); + GPR_ASSERT(status == TSI_OK); + status = + alts_grpc_record_protocol_unprotect(rp, nullptr, &var->unprotected_sb); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + status = alts_grpc_record_protocol_unprotect(rp, &var->protected_sb, nullptr); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + /* Unprotects on a temporary slice buffer which length is smaller than header + * length plus tag length. */ + grpc_slice_buffer temp_sb; + grpc_slice_buffer_init(&temp_sb); + grpc_slice_buffer_move_first( + &var->protected_sb, var->header_length + var->tag_length - 1, &temp_sb); + status = + alts_grpc_record_protocol_unprotect(rp, &temp_sb, &var->unprotected_sb); + GPR_ASSERT(status == TSI_INVALID_ARGUMENT); + grpc_slice_buffer_destroy_internal(&temp_sb); + alts_grpc_record_protocol_test_var_destroy(var); + grpc_core::ExecCtx::Get()->Flush(); +} + +/* --- Test cases. --- */ + +static void alts_grpc_record_protocol_random_seal_unseal_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + random_seal_unseal(fixture->client_protect, fixture->server_unprotect); + random_seal_unseal(fixture->server_protect, fixture->client_unprotect); +} + +static void alts_grpc_record_protocol_empty_seal_unseal_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + empty_seal_unseal(fixture->client_protect, fixture->server_unprotect); + empty_seal_unseal(fixture->server_protect, fixture->client_unprotect); +} + +static void alts_grpc_record_protocol_unsync_seal_unseal_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + unsync_seal_unseal(fixture->client_protect, fixture->server_unprotect); + unsync_seal_unseal(fixture->server_protect, fixture->client_unprotect); +} + +static void alts_grpc_record_protocol_corrupted_data_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + corrupted_data(fixture->client_protect, fixture->server_unprotect); + corrupted_data(fixture->server_protect, fixture->client_unprotect); +} + +static void alts_grpc_record_protocol_input_check_tests( + alts_grpc_record_protocol_test_fixture* fixture) { + input_check(fixture->client_protect); +} + +static void alts_grpc_record_protocol_tests( + alts_grpc_record_protocol_test_fixture* (*fixture_create)()) { + auto* fixture_1 = fixture_create(); + alts_grpc_record_protocol_random_seal_unseal_tests(fixture_1); + alts_grpc_record_protocol_test_fixture_destroy(fixture_1); + + auto* fixture_2 = fixture_create(); + alts_grpc_record_protocol_empty_seal_unseal_tests(fixture_2); + alts_grpc_record_protocol_test_fixture_destroy(fixture_2); + + auto* fixture_3 = fixture_create(); + alts_grpc_record_protocol_unsync_seal_unseal_tests(fixture_3); + alts_grpc_record_protocol_test_fixture_destroy(fixture_3); + + auto* fixture_4 = fixture_create(); + alts_grpc_record_protocol_corrupted_data_tests(fixture_4); + alts_grpc_record_protocol_test_fixture_destroy(fixture_4); + + auto* fixture_5 = fixture_create(); + alts_grpc_record_protocol_input_check_tests(fixture_5); + alts_grpc_record_protocol_test_fixture_destroy(fixture_5); +} + +int main(int argc, char** argv) { + alts_grpc_record_protocol_tests(&test_fixture_integrity_only_no_rekey_create); + alts_grpc_record_protocol_tests(&test_fixture_integrity_only_rekey_create); + alts_grpc_record_protocol_tests( + &test_fixture_privacy_integrity_no_rekey_create); + alts_grpc_record_protocol_tests(&test_fixture_privacy_integrity_rekey_create); + + return 0; +} diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc new file mode 100644 index 0000000000..db1934bbae --- /dev/null +++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol_test.cc @@ -0,0 +1,928 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +constexpr size_t kMaxDataSize = 1024; +constexpr size_t kMaxSlices = 10; +constexpr size_t kSealRepeatTimes = 5; +constexpr size_t kTagLength = 16; + +/* Test fixtures for each test cases. */ +struct alts_iovec_record_protocol_test_fixture { + alts_iovec_record_protocol* client_protect; + alts_iovec_record_protocol* client_unprotect; + alts_iovec_record_protocol* server_protect; + alts_iovec_record_protocol* server_unprotect; +}; + +/* Test variables for protect/unprotect operations. */ +struct alts_iovec_record_protocol_test_var { + uint8_t* header_buf; + size_t header_length; + iovec_t header_iovec; + uint8_t* tag_buf; + size_t tag_length; + iovec_t tag_iovec; + uint8_t* data_buf; + uint8_t* dup_buf; + size_t data_length; + iovec_t* data_iovec; + size_t data_iovec_length; + uint8_t* protected_buf; + iovec_t protected_iovec; + iovec_t unprotected_iovec; +}; + +/* --- Test utility functions. --- */ + +static void randomly_slice(uint8_t* input, size_t input_length, + iovec_t** output, size_t* output_length) { + if (input_length == 0) { + *output = nullptr; + *output_length = 0; + return; + } + *output_length = gsec_test_bias_random_uint32(kMaxSlices) + 1; + *output = static_cast<iovec_t*>(gpr_malloc(*output_length * sizeof(iovec_t))); + for (size_t i = 0; i < *output_length - 1; i++) { + size_t slice_length = + gsec_test_bias_random_uint32(static_cast<uint32_t>(input_length)); + iovec_t slice = {input, slice_length}; + (*output)[i] = slice; + input += slice_length; + input_length -= slice_length; + } + iovec_t slice = {input, input_length}; + (*output)[*output_length - 1] = slice; +} + +static size_t alter_random_byte(uint8_t* buf, size_t buf_length) { + GPR_ASSERT(buf != nullptr); + uint32_t offset = + gsec_test_bias_random_uint32(static_cast<uint32_t>(buf_length)); + (*(buf + offset))++; + return offset; +} + +static void revert_back_alter(uint8_t* buf, size_t offset) { + GPR_ASSERT(buf != nullptr); + (*(buf + offset))--; +} + +static alts_iovec_record_protocol_test_fixture* +alts_iovec_record_protocol_test_fixture_create(bool rekey, + bool integrity_only) { + alts_iovec_record_protocol_test_fixture* fixture = + static_cast<alts_iovec_record_protocol_test_fixture*>( + gpr_malloc(sizeof(alts_iovec_record_protocol_test_fixture))); + size_t overflow_size = 8; + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + gsec_test_random_array(&key, key_length); + gsec_aead_crypter* crypter = nullptr; + /* Create client record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_iovec_record_protocol_create( + crypter, overflow_size, /*is_client=*/true, integrity_only, + /*is_protect=*/true, &fixture->client_protect, + nullptr) == GRPC_STATUS_OK); + /* Create client record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_iovec_record_protocol_create( + crypter, overflow_size, /*is_client=*/true, integrity_only, + /*is_protect=*/false, &fixture->client_unprotect, + nullptr) == GRPC_STATUS_OK); + /* Create server record protocol for protect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_iovec_record_protocol_create( + crypter, overflow_size, /*is_client=*/false, integrity_only, + /*is_protect=*/true, &fixture->server_protect, + nullptr) == GRPC_STATUS_OK); + /* Create server record protocol for unprotect. */ + GPR_ASSERT(gsec_aes_gcm_aead_crypter_create( + key, key_length, kAesGcmNonceLength, kAesGcmTagLength, rekey, + &crypter, nullptr) == GRPC_STATUS_OK); + GPR_ASSERT(alts_iovec_record_protocol_create( + crypter, overflow_size, /*is_client=*/false, integrity_only, + /*is_protect=*/false, &fixture->server_unprotect, + nullptr) == GRPC_STATUS_OK); + + gpr_free(key); + return fixture; +} + +static void alts_iovec_record_protocol_test_fixture_destroy( + alts_iovec_record_protocol_test_fixture* fixture) { + if (fixture == nullptr) { + return; + } + alts_iovec_record_protocol_destroy(fixture->client_protect); + alts_iovec_record_protocol_destroy(fixture->client_unprotect); + alts_iovec_record_protocol_destroy(fixture->server_protect); + alts_iovec_record_protocol_destroy(fixture->server_unprotect); + gpr_free(fixture); +} + +static alts_iovec_record_protocol_test_var* +alts_iovec_record_protocol_test_var_create() { + auto* var = static_cast<alts_iovec_record_protocol_test_var*>( + gpr_zalloc(sizeof(alts_iovec_record_protocol_test_var))); + /* Sets header buffer. */ + var->header_length = alts_iovec_record_protocol_get_header_length(); + var->header_buf = static_cast<uint8_t*>(gpr_malloc(var->header_length)); + var->header_iovec.iov_base = var->header_buf; + var->header_iovec.iov_len = var->header_length; + /* Sets tag buffer. */ + var->tag_length = kTagLength; + var->tag_buf = static_cast<uint8_t*>(gpr_malloc(var->tag_length)); + var->tag_iovec.iov_base = var->tag_buf; + var->tag_iovec.iov_len = var->tag_length; + /* Randomly sets data buffer and duplicates to dup_buf. */ + var->data_length = gsec_test_bias_random_uint32(kMaxDataSize) + 1; + var->data_buf = static_cast<uint8_t*>(gpr_malloc(var->data_length)); + gsec_test_random_bytes(var->data_buf, var->data_length); + gsec_test_copy(var->data_buf, &var->dup_buf, var->data_length); + var->data_iovec = nullptr; + var->data_iovec_length = 0; + randomly_slice(var->data_buf, var->data_length, &var->data_iovec, + &var->data_iovec_length); + /* Sets protected iovec. */ + size_t protected_buf_length = + var->header_length + var->data_length + var->tag_length; + var->protected_buf = static_cast<uint8_t*>(gpr_malloc(protected_buf_length)); + var->protected_iovec.iov_base = var->protected_buf; + var->protected_iovec.iov_len = protected_buf_length; + /* Unprotected iovec points to data_buf. */ + var->unprotected_iovec.iov_base = var->data_buf; + var->unprotected_iovec.iov_len = var->data_length; + return var; +} + +static void alts_iovec_record_protocol_test_var_destroy( + alts_iovec_record_protocol_test_var* var) { + if (var == nullptr) { + return; + } + gpr_free(var->header_buf); + gpr_free(var->tag_buf); + gpr_free(var->data_buf); + gpr_free(var->dup_buf); + gpr_free(var->data_iovec); + gpr_free(var->protected_buf); + gpr_free(var); +} + +/* --- Integrity-only protect/unprotect tests. --- */ + +static void integrity_only_random_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + /* Seals and then unseals. */ + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + sender, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + gpr_free(var->data_iovec); + /* Randomly slices data buffer again. */ + randomly_slice(var->data_buf, var->data_length, &var->data_iovec, + &var->data_iovec_length); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Makes sure data buffer has not been modified during + * seal/unseal. */ + GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0); + alts_iovec_record_protocol_test_var_destroy(var); + } +} + +static void integrity_only_empty_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + /* Seals and then unseals empty payload. */ + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + sender, nullptr, 0, var->header_iovec, var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, nullptr, 0, var->header_iovec, var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + alts_iovec_record_protocol_test_var_destroy(var); + } +} + +static void integrity_only_unsync_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + /* Seals once. */ + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + sender, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + alts_iovec_record_protocol_test_var_destroy(var); + /* Seals again. */ + var = alts_iovec_record_protocol_test_var_create(); + status = alts_iovec_record_protocol_integrity_only_protect( + sender, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Unseals the second frame. */ + char* error_message = nullptr; + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Frame tag verification failed.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void integrity_only_corrupted_data( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + /* Seals the data first. */ + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + sender, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Alter frame length field. */ + char* error_message = nullptr; + size_t offset = + alter_random_byte(var->header_buf, kZeroCopyFrameLengthFieldSize); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Bad frame length.")); + gpr_free(error_message); + revert_back_alter(var->header_buf, offset); + /* Alter message type field. */ + offset = alter_random_byte(var->header_buf + kZeroCopyFrameLengthFieldSize, + kZeroCopyFrameMessageTypeFieldSize); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Unsupported message type.")); + gpr_free(error_message); + revert_back_alter(var->header_buf + kZeroCopyFrameLengthFieldSize, offset); + /* Alter data. */ + offset = alter_random_byte(var->data_buf, var->data_length); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Frame tag verification failed.")); + gpr_free(error_message); + revert_back_alter(var->data_buf, offset); + /* Alter tag. */ + offset = alter_random_byte(var->tag_buf, var->tag_length); + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Frame tag verification failed.")); + gpr_free(error_message); + revert_back_alter(var->tag_buf, offset); + /* Reverted protected data should be verified correctly. */ + status = alts_iovec_record_protocol_integrity_only_unprotect( + receiver, var->data_iovec, var->data_iovec_length, var->header_iovec, + var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void integrity_only_protect_input_check(alts_iovec_record_protocol* rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + char* error_message = nullptr; + /* Header buffer is nullptr. */ + iovec_t header_iovec = {nullptr, var->header_length}; + grpc_status_code status = alts_iovec_record_protocol_integrity_only_protect( + rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header is nullptr.")); + gpr_free(error_message); + /* Header buffer length is 0. */ + header_iovec.iov_base = var->header_buf; + header_iovec.iov_len = 0; + status = alts_iovec_record_protocol_integrity_only_protect( + rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header length is incorrect.")); + gpr_free(error_message); + /* Tag buffer is nullptr. */ + iovec_t tag_iovec = {nullptr, var->tag_length}; + status = alts_iovec_record_protocol_integrity_only_protect( + rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "Tag is nullptr.")); + gpr_free(error_message); + /* Tag buffer length is 0. */ + tag_iovec.iov_base = var->tag_buf; + tag_iovec.iov_len = 0; + status = alts_iovec_record_protocol_integrity_only_protect( + rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Tag length is incorrect.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void integrity_only_unprotect_input_check( + alts_iovec_record_protocol* rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + char* error_message = nullptr; + /* Header buffer is nullptr. */ + iovec_t header_iovec = {nullptr, var->header_length}; + grpc_status_code status = alts_iovec_record_protocol_integrity_only_unprotect( + rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header is nullptr.")); + gpr_free(error_message); + /* Header buffer length is 0. */ + header_iovec.iov_base = var->header_buf; + header_iovec.iov_len = 0; + status = alts_iovec_record_protocol_integrity_only_unprotect( + rp, var->data_iovec, var->data_iovec_length, header_iovec, var->tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header length is incorrect.")); + gpr_free(error_message); + /* Tag buffer is nullptr. */ + iovec_t tag_iovec = {nullptr, var->tag_length}; + status = alts_iovec_record_protocol_integrity_only_unprotect( + rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, "Tag is nullptr.")); + gpr_free(error_message); + /* Tag buffer length is 0. */ + tag_iovec.iov_base = var->tag_buf; + tag_iovec.iov_len = 0; + status = alts_iovec_record_protocol_integrity_only_unprotect( + rp, var->data_iovec, var->data_iovec_length, var->header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Tag length is incorrect.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +/* --- Privacy-integrity protect/unprotect tests. --- */ + +static void privacy_integrity_random_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + /* Seals and then unseals. */ + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + sender, var->data_iovec, var->data_iovec_length, + var->protected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + iovec_t header_iovec = {var->protected_buf, var->header_length}; + gpr_free(var->data_iovec); + /* Randomly slices protected buffer, excluding the header. */ + randomly_slice(var->protected_buf + var->header_length, + var->data_length + var->tag_length, &var->data_iovec, + &var->data_iovec_length); + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, var->data_iovec, var->data_iovec_length, + var->unprotected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Makes sure unprotected data are the same as the original. */ + GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0); + alts_iovec_record_protocol_test_var_destroy(var); + } +} + +static void privacy_integrity_empty_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + size_t empty_payload_frame_size = var->header_length + var->tag_length; + auto* protected_buf = + static_cast<uint8_t*>(gpr_malloc(empty_payload_frame_size)); + for (size_t i = 0; i < kSealRepeatTimes; i++) { + iovec_t protected_iovec = {protected_buf, empty_payload_frame_size}; + iovec_t unprotected_iovec = {nullptr, 0}; + iovec_t data_iovec = {protected_buf + var->header_length, var->tag_length}; + /* Seals and then unseals empty payload. */ + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + sender, nullptr, 0, protected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + iovec_t header_iovec = {protected_buf, var->header_length}; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &data_iovec, 1, unprotected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + } + gpr_free(protected_buf); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_integrity_unsync_seal_unseal( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + /* Seals once. */ + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + sender, var->data_iovec, var->data_iovec_length, var->protected_iovec, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + alts_iovec_record_protocol_test_var_destroy(var); + /* Seals again. */ + var = alts_iovec_record_protocol_test_var_create(); + status = alts_iovec_record_protocol_privacy_integrity_protect( + sender, var->data_iovec, var->data_iovec_length, var->protected_iovec, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Unseals the second frame. */ + char* error_message = nullptr; + iovec_t header_iovec = {var->protected_buf, var->header_length}; + iovec_t protected_iovec = {var->protected_buf + var->header_length, + var->data_length + var->tag_length}; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_integrity_corrupted_data( + alts_iovec_record_protocol* sender, alts_iovec_record_protocol* receiver) { + /* Seals the data first. */ + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + sender, var->data_iovec, var->data_iovec_length, var->protected_iovec, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + char* error_message = nullptr; + uint8_t* header_buf = var->protected_buf; + size_t header_length = var->header_length; + iovec_t header_iovec = {header_buf, header_length}; + /* The following protected_buf and protected_length excludes header. */ + uint8_t* protected_buf = var->protected_buf + var->header_length; + size_t protected_length = var->data_length + var->tag_length; + iovec_t protected_iovec = {protected_buf, protected_length}; + /* Alter frame length field. */ + size_t offset = alter_random_byte(header_buf, kZeroCopyFrameLengthFieldSize); + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Bad frame length.")); + gpr_free(error_message); + revert_back_alter(header_buf, offset); + /* Alter message type field. */ + offset = alter_random_byte(header_buf + kZeroCopyFrameLengthFieldSize, + kZeroCopyFrameMessageTypeFieldSize); + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Unsupported message type.")); + gpr_free(error_message); + revert_back_alter(header_buf + kZeroCopyFrameLengthFieldSize, offset); + /* Alter protected data. */ + offset = alter_random_byte(protected_buf, protected_length); + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed.")); + gpr_free(error_message); + revert_back_alter(protected_buf, offset); + /* Reverted protected data should be verified correctly. */ + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + receiver, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + GPR_ASSERT(memcmp(var->data_buf, var->dup_buf, var->data_length) == 0); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_integrity_protect_input_check( + alts_iovec_record_protocol* rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + char* error_message = nullptr; + /* Protected output buffer is nullptr. */ + iovec_t protected_iovec = {nullptr, var->protected_iovec.iov_len}; + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_protect( + rp, var->data_iovec, var->data_iovec_length, protected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Protected frame is nullptr.")); + gpr_free(error_message); + /* Protected output buffer length incorrect. */ + protected_iovec.iov_base = var->protected_buf; + protected_iovec.iov_len = var->header_length + var->data_length; + status = alts_iovec_record_protocol_privacy_integrity_protect( + rp, var->data_iovec, var->data_iovec_length, protected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Protected frame size is incorrect.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_integrity_unprotect_input_check( + alts_iovec_record_protocol* rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + char* error_message = nullptr; + /* Header buffer is nullptr. */ + iovec_t header_iovec = {var->protected_buf, var->header_length}; + iovec_t protected_iovec = {var->protected_buf + var->header_length, + var->data_length + var->tag_length}; + header_iovec.iov_base = nullptr; + grpc_status_code status = + alts_iovec_record_protocol_privacy_integrity_unprotect( + rp, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header is nullptr.")); + gpr_free(error_message); + header_iovec.iov_base = var->protected_buf; + /* Header buffer length is 0. */ + header_iovec.iov_len = 0; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + rp, header_iovec, &protected_iovec, 1, var->unprotected_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Header length is incorrect.")); + gpr_free(error_message); + header_iovec.iov_len = var->header_length; + /* Unprotected output buffer length is incorrect. */ + iovec_t unprotected_iovec = {var->data_buf, var->data_length - 1}; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + rp, header_iovec, &protected_iovec, 1, unprotected_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INVALID_ARGUMENT, error_message, + "Unprotected data size is incorrect.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +/* --- Integrity-only and privacy-integrity mixed. --- */ + +static void record_protocol_wrong_mode( + alts_iovec_record_protocol* integrity_only_protect_rp, + alts_iovec_record_protocol* integrity_only_unprotect_rp, + alts_iovec_record_protocol* privacy_integrity_protect_rp, + alts_iovec_record_protocol* privacy_integrity_unprotect_rp) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status; + char* error_message = nullptr; + /* Call integrity-only protect on privacy-integrity record protocol. */ + status = alts_iovec_record_protocol_integrity_only_protect( + privacy_integrity_protect_rp, var->data_iovec, var->data_iovec_length, + var->header_iovec, var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Integrity-only operations are not allowed for this object.")); + gpr_free(error_message); + /* Call integrity-only unprotect on privacy-integrity record protocol. */ + status = alts_iovec_record_protocol_integrity_only_unprotect( + privacy_integrity_unprotect_rp, var->data_iovec, var->data_iovec_length, + var->header_iovec, var->tag_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Integrity-only operations are not allowed for this object.")); + gpr_free(error_message); + /* Call privacy-integrity protect on integrity-only record protocol. */ + status = alts_iovec_record_protocol_privacy_integrity_protect( + integrity_only_protect_rp, var->data_iovec, var->data_iovec_length, + var->protected_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Privacy-integrity operations are not allowed for this object.")); + gpr_free(error_message); + /* Call privacy-integrity unprotect on integrity-only record protocol. */ + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + integrity_only_unprotect_rp, var->header_iovec, var->data_iovec, + var->data_iovec_length, var->unprotected_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_FAILED_PRECONDITION, error_message, + "Privacy-integrity operations are not allowed for this object.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void integrity_seal_privacy_unseal( + alts_iovec_record_protocol* integrity_only_sender, + alts_iovec_record_protocol* privacy_integrity_receiver) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status; + char* error_message = nullptr; + /* Seals with integrity-only protect. */ + status = alts_iovec_record_protocol_integrity_only_protect( + integrity_only_sender, var->data_iovec, var->data_iovec_length, + var->header_iovec, var->tag_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Unseal with privacy-integrity unprotect. */ + memcpy(var->protected_buf, var->data_buf, var->data_length); + memcpy(var->protected_buf + var->data_length, var->tag_buf, var->tag_length); + iovec_t protected_iovec = {var->protected_buf, + var->data_length + var->tag_length}; + status = alts_iovec_record_protocol_privacy_integrity_unprotect( + privacy_integrity_receiver, var->header_iovec, &protected_iovec, 1, + var->unprotected_iovec, &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, "Frame decryption failed.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +static void privacy_seal_integrity_unseal( + alts_iovec_record_protocol* privacy_integrity_sender, + alts_iovec_record_protocol* integrity_only_receiver) { + alts_iovec_record_protocol_test_var* var = + alts_iovec_record_protocol_test_var_create(); + grpc_status_code status; + char* error_message = nullptr; + /* Seals with privacy-integrity protect. */ + status = alts_iovec_record_protocol_privacy_integrity_protect( + privacy_integrity_sender, var->data_iovec, var->data_iovec_length, + var->protected_iovec, nullptr); + GPR_ASSERT(status == GRPC_STATUS_OK); + /* Unseal with integrity-only unprotect. */ + iovec_t header_iovec = {var->protected_buf, var->header_length}; + iovec_t data_iovec = {var->protected_buf + var->header_length, + var->data_length}; + iovec_t tag_iovec = { + var->protected_buf + var->header_length + var->data_length, + var->tag_length}; + status = alts_iovec_record_protocol_integrity_only_unprotect( + integrity_only_receiver, &data_iovec, 1, header_iovec, tag_iovec, + &error_message); + GPR_ASSERT(gsec_test_expect_compare_code_and_substr( + status, GRPC_STATUS_INTERNAL, error_message, + "Frame tag verification failed.")); + gpr_free(error_message); + alts_iovec_record_protocol_test_var_destroy(var); +} + +/* --- Test cases. --- */ + +static void alts_iovec_record_protocol_random_seal_unseal_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_random_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_random_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_random_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_random_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_random_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_random_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_random_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_random_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_empty_seal_unseal_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_empty_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_empty_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_empty_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_empty_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_empty_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_empty_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_empty_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_empty_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_unsync_seal_unseal_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_unsync_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_unsync_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_unsync_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + integrity_only_unsync_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_unsync_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_unsync_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_unsync_seal_unseal(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_unsync_seal_unseal(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_corrupted_data_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_corrupted_data(fixture->client_protect, + fixture->server_unprotect); + integrity_only_corrupted_data(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_corrupted_data(fixture->client_protect, + fixture->server_unprotect); + integrity_only_corrupted_data(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_corrupted_data(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_corrupted_data(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_corrupted_data(fixture->client_protect, + fixture->server_unprotect); + privacy_integrity_corrupted_data(fixture->server_protect, + fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_input_check_tests() { + alts_iovec_record_protocol_test_fixture* fixture = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + integrity_only_protect_input_check(fixture->client_protect); + integrity_only_unprotect_input_check(fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + integrity_only_protect_input_check(fixture->client_protect); + integrity_only_unprotect_input_check(fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + privacy_integrity_protect_input_check(fixture->client_protect); + privacy_integrity_unprotect_input_check(fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); + + fixture = alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + privacy_integrity_protect_input_check(fixture->client_protect); + privacy_integrity_unprotect_input_check(fixture->client_unprotect); + alts_iovec_record_protocol_test_fixture_destroy(fixture); +} + +static void alts_iovec_record_protocol_mix_operations_tests() { + alts_iovec_record_protocol_test_fixture* fixture_1 = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + alts_iovec_record_protocol_test_fixture* fixture_2 = + alts_iovec_record_protocol_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + + record_protocol_wrong_mode( + fixture_1->client_protect, fixture_1->client_unprotect, + fixture_2->client_protect, fixture_2->client_unprotect); + integrity_seal_privacy_unseal(fixture_1->client_protect, + fixture_2->server_unprotect); + privacy_seal_integrity_unseal(fixture_2->client_protect, + fixture_1->server_unprotect); + + alts_iovec_record_protocol_test_fixture_destroy(fixture_1); + alts_iovec_record_protocol_test_fixture_destroy(fixture_2); +} + +int main(int argc, char** argv) { + alts_iovec_record_protocol_random_seal_unseal_tests(); + alts_iovec_record_protocol_empty_seal_unseal_tests(); + alts_iovec_record_protocol_unsync_seal_unseal_tests(); + alts_iovec_record_protocol_corrupted_data_tests(); + alts_iovec_record_protocol_input_check_tests(); + alts_iovec_record_protocol_mix_operations_tests(); + return 0; +} diff --git a/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc b/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc new file mode 100644 index 0000000000..2388be95cd --- /dev/null +++ b/test/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector_test.cc @@ -0,0 +1,289 @@ +/* + * + * Copyright 2018 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <grpc/slice_buffer.h> +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> + +#include "src/core/lib/slice/slice_internal.h" +#include "src/core/tsi/alts/crypt/gsec.h" +#include "src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h" +#include "src/core/tsi/transport_security_grpc.h" +#include "test/core/tsi/alts/crypt/gsec_test_util.h" + +/* TODO: tests zero_copy_grpc_protector under TSI test library, which + * has more comprehensive tests. */ + +constexpr size_t kSealRepeatTimes = 50; +constexpr size_t kSmallBufferSize = 16; +constexpr size_t kLargeBufferSize = 16384; +constexpr size_t kChannelMaxSize = 2048; +constexpr size_t kChannelMinSize = 128; + +/* Test fixtures for each test cases. */ +struct alts_zero_copy_grpc_protector_test_fixture { + tsi_zero_copy_grpc_protector* client; + tsi_zero_copy_grpc_protector* server; +}; + +/* Test input variables for protect/unprotect operations. */ +struct alts_zero_copy_grpc_protector_test_var { + grpc_slice_buffer original_sb; + grpc_slice_buffer duplicate_sb; + grpc_slice_buffer staging_sb; + grpc_slice_buffer protected_sb; + grpc_slice_buffer unprotected_sb; +}; + +/* --- Test utility functions. --- */ + +static void create_random_slice_buffer(grpc_slice_buffer* sb, + grpc_slice_buffer* dup_sb, + size_t length) { + GPR_ASSERT(sb != nullptr); + GPR_ASSERT(dup_sb != nullptr); + GPR_ASSERT(length > 0); + grpc_slice slice = GRPC_SLICE_MALLOC(length); + gsec_test_random_bytes(GRPC_SLICE_START_PTR(slice), length); + grpc_slice_buffer_add(sb, grpc_slice_ref(slice)); + grpc_slice_buffer_add(dup_sb, slice); +} + +static uint8_t* pointer_to_nth_byte(grpc_slice_buffer* sb, size_t index) { + GPR_ASSERT(sb != nullptr); + GPR_ASSERT(index < sb->length); + for (size_t i = 0; i < sb->count; i++) { + if (index < GRPC_SLICE_LENGTH(sb->slices[i])) { + return GRPC_SLICE_START_PTR(sb->slices[i]) + index; + } else { + index -= GRPC_SLICE_LENGTH(sb->slices[i]); + } + } + return nullptr; +} + +/* Checks if two slice buffer contents are the same. It is not super efficient, + * but OK for testing. */ +static bool are_slice_buffers_equal(grpc_slice_buffer* first, + grpc_slice_buffer* second) { + GPR_ASSERT(first != nullptr); + GPR_ASSERT(second != nullptr); + if (first->length != second->length) { + return false; + } + for (size_t i = 0; i < first->length; i++) { + uint8_t* first_ptr = pointer_to_nth_byte(first, i); + uint8_t* second_ptr = pointer_to_nth_byte(second, i); + GPR_ASSERT(first_ptr != nullptr && second_ptr != nullptr); + if ((*first_ptr) != (*second_ptr)) { + return false; + } + } + return true; +} + +static alts_zero_copy_grpc_protector_test_fixture* +alts_zero_copy_grpc_protector_test_fixture_create(bool rekey, + bool integrity_only) { + alts_zero_copy_grpc_protector_test_fixture* fixture = + static_cast<alts_zero_copy_grpc_protector_test_fixture*>( + gpr_zalloc(sizeof(alts_zero_copy_grpc_protector_test_fixture))); + grpc_core::ExecCtx exec_ctx; + size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength; + uint8_t* key; + size_t max_protected_frame_size = 1024; + gsec_test_random_array(&key, key_length); + GPR_ASSERT(alts_zero_copy_grpc_protector_create( + key, key_length, rekey, /*is_client=*/true, integrity_only, + &max_protected_frame_size, &fixture->client) == TSI_OK); + GPR_ASSERT(alts_zero_copy_grpc_protector_create( + key, key_length, rekey, /*is_client=*/false, integrity_only, + &max_protected_frame_size, &fixture->server) == TSI_OK); + gpr_free(key); + grpc_core::ExecCtx::Get()->Flush(); + return fixture; +} + +static void alts_zero_copy_grpc_protector_test_fixture_destroy( + alts_zero_copy_grpc_protector_test_fixture* fixture) { + if (fixture == nullptr) { + return; + } + grpc_core::ExecCtx exec_ctx; + tsi_zero_copy_grpc_protector_destroy(fixture->client); + tsi_zero_copy_grpc_protector_destroy(fixture->server); + grpc_core::ExecCtx::Get()->Flush(); + gpr_free(fixture); +} + +static alts_zero_copy_grpc_protector_test_var* +alts_zero_copy_grpc_protector_test_var_create() { + alts_zero_copy_grpc_protector_test_var* var = + static_cast<alts_zero_copy_grpc_protector_test_var*>( + gpr_zalloc(sizeof(alts_zero_copy_grpc_protector_test_var))); + grpc_slice_buffer_init(&var->original_sb); + grpc_slice_buffer_init(&var->duplicate_sb); + grpc_slice_buffer_init(&var->staging_sb); + grpc_slice_buffer_init(&var->protected_sb); + grpc_slice_buffer_init(&var->unprotected_sb); + return var; +} + +static void alts_zero_copy_grpc_protector_test_var_destroy( + alts_zero_copy_grpc_protector_test_var* var) { + if (var == nullptr) { + return; + } + grpc_slice_buffer_destroy_internal(&var->original_sb); + grpc_slice_buffer_destroy_internal(&var->duplicate_sb); + grpc_slice_buffer_destroy_internal(&var->staging_sb); + grpc_slice_buffer_destroy_internal(&var->protected_sb); + grpc_slice_buffer_destroy_internal(&var->unprotected_sb); + gpr_free(var); +} + +/* --- ALTS zero-copy protector tests. --- */ + +static void seal_unseal_small_buffer(tsi_zero_copy_grpc_protector* sender, + tsi_zero_copy_grpc_protector* receiver) { + grpc_core::ExecCtx exec_ctx; + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_zero_copy_grpc_protector_test_var* var = + alts_zero_copy_grpc_protector_test_var_create(); + /* Creates a random small slice buffer and calls protect(). */ + create_random_slice_buffer(&var->original_sb, &var->duplicate_sb, + kSmallBufferSize); + GPR_ASSERT(tsi_zero_copy_grpc_protector_protect( + sender, &var->original_sb, &var->protected_sb) == TSI_OK); + /* Splits protected slice buffer into two: first one is staging_sb, and + * second one is is protected_sb. */ + uint32_t staging_sb_size = + gsec_test_bias_random_uint32( + static_cast<uint32_t>(var->protected_sb.length - 1)) + + 1; + grpc_slice_buffer_move_first(&var->protected_sb, staging_sb_size, + &var->staging_sb); + /* Unprotects one by one. */ + GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect( + receiver, &var->staging_sb, &var->unprotected_sb) == TSI_OK); + GPR_ASSERT(var->unprotected_sb.length == 0); + GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect( + receiver, &var->protected_sb, &var->unprotected_sb) == + TSI_OK); + GPR_ASSERT( + are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb)); + alts_zero_copy_grpc_protector_test_var_destroy(var); + } + grpc_core::ExecCtx::Get()->Flush(); +} + +static void seal_unseal_large_buffer(tsi_zero_copy_grpc_protector* sender, + tsi_zero_copy_grpc_protector* receiver) { + grpc_core::ExecCtx exec_ctx; + for (size_t i = 0; i < kSealRepeatTimes; i++) { + alts_zero_copy_grpc_protector_test_var* var = + alts_zero_copy_grpc_protector_test_var_create(); + /* Creates a random large slice buffer and calls protect(). */ + create_random_slice_buffer(&var->original_sb, &var->duplicate_sb, + kLargeBufferSize); + GPR_ASSERT(tsi_zero_copy_grpc_protector_protect( + sender, &var->original_sb, &var->protected_sb) == TSI_OK); + /* Splits protected slice buffer into multiple pieces. Receiver unprotects + * each slice buffer one by one. */ + uint32_t channel_size = gsec_test_bias_random_uint32(static_cast<uint32_t>( + kChannelMaxSize + 1 - kChannelMinSize)) + + static_cast<uint32_t>(kChannelMinSize); + while (var->protected_sb.length > channel_size) { + grpc_slice_buffer_reset_and_unref_internal(&var->staging_sb); + grpc_slice_buffer_move_first(&var->protected_sb, channel_size, + &var->staging_sb); + GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect( + receiver, &var->staging_sb, &var->unprotected_sb) == + TSI_OK); + } + GPR_ASSERT(tsi_zero_copy_grpc_protector_unprotect( + receiver, &var->protected_sb, &var->unprotected_sb) == + TSI_OK); + GPR_ASSERT( + are_slice_buffers_equal(&var->unprotected_sb, &var->duplicate_sb)); + alts_zero_copy_grpc_protector_test_var_destroy(var); + } + grpc_core::ExecCtx::Get()->Flush(); +} + +/* --- Test cases. --- */ + +static void alts_zero_copy_protector_seal_unseal_small_buffer_tests() { + alts_zero_copy_grpc_protector_test_fixture* fixture = + alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + seal_unseal_small_buffer(fixture->client, fixture->server); + seal_unseal_small_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + seal_unseal_small_buffer(fixture->client, fixture->server); + seal_unseal_small_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + seal_unseal_small_buffer(fixture->client, fixture->server); + seal_unseal_small_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + seal_unseal_small_buffer(fixture->client, fixture->server); + seal_unseal_small_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); +} + +static void alts_zero_copy_protector_seal_unseal_large_buffer_tests() { + alts_zero_copy_grpc_protector_test_fixture* fixture = + alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/true); + seal_unseal_large_buffer(fixture->client, fixture->server); + seal_unseal_large_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/false, /*integrity_only=*/false); + seal_unseal_large_buffer(fixture->client, fixture->server); + seal_unseal_large_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/true); + seal_unseal_large_buffer(fixture->client, fixture->server); + seal_unseal_large_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); + + fixture = alts_zero_copy_grpc_protector_test_fixture_create( + /*rekey=*/true, /*integrity_only=*/false); + seal_unseal_large_buffer(fixture->client, fixture->server); + seal_unseal_large_buffer(fixture->server, fixture->client); + alts_zero_copy_grpc_protector_test_fixture_destroy(fixture); +} + +int main(int argc, char** argv) { + alts_zero_copy_protector_seal_unseal_small_buffer_tests(); + alts_zero_copy_protector_seal_unseal_large_buffer_tests(); + return 0; +} diff --git a/test/core/tsi/fake_transport_security_test.cc b/test/core/tsi/fake_transport_security_test.cc index bec81ed42f..5e6671965d 100644 --- a/test/core/tsi/fake_transport_security_test.cc +++ b/test/core/tsi/fake_transport_security_test.cc @@ -107,7 +107,7 @@ void fake_tsi_test_do_round_trip_for_all_configs() { tsi_test_frame_protector_config_destroy(fake_fixture->base.config); fake_fixture->base.config = tsi_test_frame_protector_config_create( bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4], - bit_array[5], bit_array[6], bit_array[7]); + bit_array[5], bit_array[6]); tsi_test_do_round_trip(&fake_fixture->base); tsi_test_fixture_destroy(fixture); } diff --git a/test/core/tsi/ssl_transport_security_test.cc b/test/core/tsi/ssl_transport_security_test.cc index 8f255a3d35..d9eb7470d5 100644 --- a/test/core/tsi/ssl_transport_security_test.cc +++ b/test/core/tsi/ssl_transport_security_test.cc @@ -528,7 +528,7 @@ void ssl_tsi_test_do_round_trip_for_all_configs() { tsi_test_frame_protector_config_destroy(ssl_fixture->base.config); ssl_fixture->base.config = tsi_test_frame_protector_config_create( bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4], - bit_array[5], bit_array[6], bit_array[7]); + bit_array[5], bit_array[6]); tsi_test_do_round_trip(&ssl_fixture->base); tsi_test_fixture_destroy(fixture); } diff --git a/test/core/tsi/transport_security_test_lib.cc b/test/core/tsi/transport_security_test_lib.cc index 8ea83f7088..26349dbfca 100644 --- a/test/core/tsi/transport_security_test_lib.cc +++ b/test/core/tsi/transport_security_test_lib.cc @@ -110,27 +110,29 @@ static void check_handshake_results(tsi_test_fixture* fixture) { fixture->vtable->check_handshaker_peers(fixture); /* Check unused bytes. */ if (fixture->test_unused_bytes) { + tsi_test_channel* channel = fixture->channel; if (fixture->server_result != nullptr && fixture->client_result != nullptr) { check_unused_bytes(fixture); } - fixture->bytes_written_to_server_channel = 0; - fixture->bytes_written_to_client_channel = 0; - fixture->bytes_read_from_client_channel = 0; - fixture->bytes_read_from_server_channel = 0; + channel->bytes_written_to_server_channel = 0; + channel->bytes_written_to_client_channel = 0; + channel->bytes_read_from_client_channel = 0; + channel->bytes_read_from_server_channel = 0; } } -static void send_bytes_to_peer(tsi_test_fixture* fixture, +static void send_bytes_to_peer(tsi_test_channel* test_channel, const unsigned char* buf, size_t buf_size, bool is_client) { - GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(test_channel != nullptr); GPR_ASSERT(buf != nullptr); uint8_t* channel = - is_client ? fixture->server_channel : fixture->client_channel; + is_client ? test_channel->server_channel : test_channel->client_channel; GPR_ASSERT(channel != nullptr); - size_t* bytes_written = is_client ? &fixture->bytes_written_to_server_channel - : &fixture->bytes_written_to_client_channel; + size_t* bytes_written = is_client + ? &test_channel->bytes_written_to_server_channel + : &test_channel->bytes_written_to_client_channel; GPR_ASSERT(bytes_written != nullptr); GPR_ASSERT(*bytes_written + buf_size <= TSI_TEST_DEFAULT_CHANNEL_SIZE); /* Write data to channel. */ @@ -145,7 +147,8 @@ static void maybe_append_unused_bytes(handshaker_args* args) { if (fixture->test_unused_bytes && !args->appended_unused_bytes) { args->appended_unused_bytes = true; send_bytes_to_peer( - fixture, reinterpret_cast<const unsigned char*>(TSI_TEST_UNUSED_BYTES), + fixture->channel, + reinterpret_cast<const unsigned char*>(TSI_TEST_UNUSED_BYTES), strlen(TSI_TEST_UNUSED_BYTES), args->is_client); if (fixture->client_result != nullptr && fixture->server_result == nullptr) { @@ -154,19 +157,21 @@ static void maybe_append_unused_bytes(handshaker_args* args) { } } -static void receive_bytes_from_peer(tsi_test_fixture* fixture, +static void receive_bytes_from_peer(tsi_test_channel* test_channel, unsigned char** buf, size_t* buf_size, bool is_client) { - GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(test_channel != nullptr); GPR_ASSERT(*buf != nullptr); GPR_ASSERT(buf_size != nullptr); uint8_t* channel = - is_client ? fixture->client_channel : fixture->server_channel; + is_client ? test_channel->client_channel : test_channel->server_channel; GPR_ASSERT(channel != nullptr); - size_t* bytes_read = is_client ? &fixture->bytes_read_from_client_channel - : &fixture->bytes_read_from_server_channel; - size_t* bytes_written = is_client ? &fixture->bytes_written_to_client_channel - : &fixture->bytes_written_to_server_channel; + size_t* bytes_read = is_client + ? &test_channel->bytes_read_from_client_channel + : &test_channel->bytes_read_from_server_channel; + size_t* bytes_written = is_client + ? &test_channel->bytes_written_to_client_channel + : &test_channel->bytes_written_to_server_channel; GPR_ASSERT(bytes_read != nullptr); GPR_ASSERT(bytes_written != nullptr); size_t to_read = *buf_size < *bytes_written - *bytes_read @@ -178,14 +183,13 @@ static void receive_bytes_from_peer(tsi_test_fixture* fixture, *bytes_read += to_read; } -static void send_message_to_peer(tsi_test_fixture* fixture, - tsi_frame_protector* protector, - bool is_client) { +void tsi_test_frame_protector_send_message_to_peer( + tsi_test_frame_protector_config* config, tsi_test_channel* channel, + tsi_frame_protector* protector, bool is_client) { /* Initialization. */ - GPR_ASSERT(fixture != nullptr); - GPR_ASSERT(fixture->config != nullptr); + GPR_ASSERT(config != nullptr); + GPR_ASSERT(channel != nullptr); GPR_ASSERT(protector != nullptr); - tsi_test_frame_protector_config* config = fixture->config; unsigned char* protected_buffer = static_cast<unsigned char*>(gpr_zalloc(config->protected_buffer_size)); size_t message_size = @@ -205,7 +209,7 @@ static void send_message_to_peer(tsi_test_fixture* fixture, &protected_buffer_size_to_send); GPR_ASSERT(result == TSI_OK); /* Send protected data to peer. */ - send_bytes_to_peer(fixture, protected_buffer, protected_buffer_size_to_send, + send_bytes_to_peer(channel, protected_buffer, protected_buffer_size_to_send, is_client); message_bytes += processed_message_size; message_size -= processed_message_size; @@ -218,7 +222,7 @@ static void send_message_to_peer(tsi_test_fixture* fixture, protector, protected_buffer, &protected_buffer_size_to_send, &still_pending_size); GPR_ASSERT(result == TSI_OK); - send_bytes_to_peer(fixture, protected_buffer, + send_bytes_to_peer(channel, protected_buffer, protected_buffer_size_to_send, is_client); } while (still_pending_size > 0 && result == TSI_OK); GPR_ASSERT(result == TSI_OK); @@ -228,17 +232,16 @@ static void send_message_to_peer(tsi_test_fixture* fixture, gpr_free(protected_buffer); } -static void receive_message_from_peer(tsi_test_fixture* fixture, - tsi_frame_protector* protector, - unsigned char* message, - size_t* bytes_received, bool is_client) { +void tsi_test_frame_protector_receive_message_from_peer( + tsi_test_frame_protector_config* config, tsi_test_channel* channel, + tsi_frame_protector* protector, unsigned char* message, + size_t* bytes_received, bool is_client) { /* Initialization. */ - GPR_ASSERT(fixture != nullptr); + GPR_ASSERT(config != nullptr); + GPR_ASSERT(channel != nullptr); GPR_ASSERT(protector != nullptr); GPR_ASSERT(message != nullptr); GPR_ASSERT(bytes_received != nullptr); - GPR_ASSERT(fixture->config != nullptr); - tsi_test_frame_protector_config* config = fixture->config; size_t read_offset = 0; size_t message_offset = 0; size_t read_from_peer_size = 0; @@ -253,7 +256,7 @@ static void receive_message_from_peer(tsi_test_fixture* fixture, /* Receive data from peer. */ if (read_from_peer_size == 0) { read_from_peer_size = config->read_buffer_allocated_size; - receive_bytes_from_peer(fixture, &read_buffer, &read_from_peer_size, + receive_bytes_from_peer(channel, &read_buffer, &read_from_peer_size, is_client); read_offset = 0; } @@ -314,7 +317,7 @@ grpc_error* on_handshake_next_done(tsi_result result, void* user_data, } /* Send data to peer, if needed. */ if (bytes_to_send_size > 0) { - send_bytes_to_peer(args->fixture, bytes_to_send, bytes_to_send_size, + send_bytes_to_peer(fixture->channel, bytes_to_send, bytes_to_send_size, args->is_client); args->transferred_data = true; } @@ -361,8 +364,8 @@ static void do_handshaker_next(handshaker_args* args) { /* Receive data from peer, if available. */ do { size_t buf_size = args->handshake_buffer_size; - receive_bytes_from_peer(args->fixture, &args->handshake_buffer, &buf_size, - args->is_client); + receive_bytes_from_peer(fixture->channel, &args->handshake_buffer, + &buf_size, args->is_client); if (buf_size > 0) { args->transferred_data = true; } @@ -411,6 +414,50 @@ void tsi_test_do_handshake(tsi_test_fixture* fixture) { handshaker_args_destroy(server_args); } +static void tsi_test_do_ping_pong(tsi_test_frame_protector_config* config, + tsi_test_channel* channel, + tsi_frame_protector* client_frame_protector, + tsi_frame_protector* server_frame_protector) { + GPR_ASSERT(config != nullptr); + GPR_ASSERT(channel != nullptr); + GPR_ASSERT(client_frame_protector != nullptr); + GPR_ASSERT(server_frame_protector != nullptr); + /* Client sends a message to server. */ + tsi_test_frame_protector_send_message_to_peer( + config, channel, client_frame_protector, true /* is_client */); + unsigned char* server_received_message = + static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); + size_t server_received_message_size = 0; + tsi_test_frame_protector_receive_message_from_peer( + config, channel, server_frame_protector, server_received_message, + &server_received_message_size, false /* is_client */); + GPR_ASSERT(config->client_message_size == server_received_message_size); + GPR_ASSERT(memcmp(config->client_message, server_received_message, + server_received_message_size) == 0); + /* Server sends a message to client. */ + tsi_test_frame_protector_send_message_to_peer( + config, channel, server_frame_protector, false /* is_client */); + unsigned char* client_received_message = + static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); + size_t client_received_message_size = 0; + tsi_test_frame_protector_receive_message_from_peer( + config, channel, client_frame_protector, client_received_message, + &client_received_message_size, true /* is_client */); + GPR_ASSERT(config->server_message_size == client_received_message_size); + GPR_ASSERT(memcmp(config->server_message, client_received_message, + client_received_message_size) == 0); + gpr_free(server_received_message); + gpr_free(client_received_message); +} + +void tsi_test_frame_protector_do_round_trip_no_handshake( + tsi_test_frame_protector_fixture* fixture) { + GPR_ASSERT(fixture != nullptr); + tsi_test_do_ping_pong(fixture->config, fixture->channel, + fixture->client_frame_protector, + fixture->server_frame_protector); +} + void tsi_test_do_round_trip(tsi_test_fixture* fixture) { /* Initialization. */ GPR_ASSERT(fixture != nullptr); @@ -437,33 +484,11 @@ void tsi_test_do_round_trip(tsi_test_fixture* fixture) { ? nullptr : &server_max_output_protected_frame_size, &server_frame_protector) == TSI_OK); - /* Client sends a message to server. */ - send_message_to_peer(fixture, client_frame_protector, true /* is_client */); - unsigned char* server_received_message = - static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); - size_t server_received_message_size = 0; - receive_message_from_peer( - fixture, server_frame_protector, server_received_message, - &server_received_message_size, false /* is_client */); - GPR_ASSERT(config->client_message_size == server_received_message_size); - GPR_ASSERT(memcmp(config->client_message, server_received_message, - server_received_message_size) == 0); - /* Server sends a message to client. */ - send_message_to_peer(fixture, server_frame_protector, false /* is_client */); - unsigned char* client_received_message = - static_cast<unsigned char*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); - size_t client_received_message_size = 0; - receive_message_from_peer( - fixture, client_frame_protector, client_received_message, - &client_received_message_size, true /* is_client */); - GPR_ASSERT(config->server_message_size == client_received_message_size); - GPR_ASSERT(memcmp(config->server_message, client_received_message, - client_received_message_size) == 0); + tsi_test_do_ping_pong(config, fixture->channel, client_frame_protector, + server_frame_protector); /* Destroy server and client frame protectors. */ tsi_frame_protector_destroy(client_frame_protector); tsi_frame_protector_destroy(server_frame_protector); - gpr_free(server_received_message); - gpr_free(client_received_message); } static unsigned char* generate_random_message(size_t size) { @@ -483,8 +508,7 @@ tsi_test_frame_protector_config* tsi_test_frame_protector_config_create( bool use_default_protected_buffer_size, bool use_default_client_message, bool use_default_server_message, bool use_default_client_max_output_protected_frame_size, - bool use_default_server_max_output_protected_frame_size, - bool use_default_handshake_buffer_size) { + bool use_default_server_max_output_protected_frame_size) { tsi_test_frame_protector_config* config = static_cast<tsi_test_frame_protector_config*>( gpr_zalloc(sizeof(*config))); @@ -552,24 +576,42 @@ void tsi_test_frame_protector_config_set_buffer_size( void tsi_test_frame_protector_config_destroy( tsi_test_frame_protector_config* config) { - GPR_ASSERT(config != nullptr); + if (config == nullptr) { + return; + } gpr_free(config->client_message); gpr_free(config->server_message); gpr_free(config); } +static tsi_test_channel* tsi_test_channel_create() { + tsi_test_channel* channel = + static_cast<tsi_test_channel*>(gpr_zalloc(sizeof(*channel))); + channel->client_channel = + static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); + channel->server_channel = + static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); + channel->bytes_written_to_client_channel = 0; + channel->bytes_written_to_server_channel = 0; + channel->bytes_read_from_client_channel = 0; + channel->bytes_read_from_server_channel = 0; + return channel; +} + +static void tsi_test_channel_destroy(tsi_test_channel* channel) { + if (channel == nullptr) { + return; + } + gpr_free(channel->client_channel); + gpr_free(channel->server_channel); + gpr_free(channel); +} + void tsi_test_fixture_init(tsi_test_fixture* fixture) { fixture->config = tsi_test_frame_protector_config_create( - true, true, true, true, true, true, true, true); + true, true, true, true, true, true, true); fixture->handshake_buffer_size = TSI_TEST_DEFAULT_BUFFER_SIZE; - fixture->client_channel = - static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); - fixture->server_channel = - static_cast<uint8_t*>(gpr_zalloc(TSI_TEST_DEFAULT_CHANNEL_SIZE)); - fixture->bytes_written_to_client_channel = 0; - fixture->bytes_written_to_server_channel = 0; - fixture->bytes_read_from_client_channel = 0; - fixture->bytes_read_from_server_channel = 0; + fixture->channel = tsi_test_channel_create(); fixture->test_unused_bytes = true; fixture->has_client_finished_first = false; gpr_mu_init(&fixture->mu); @@ -578,14 +620,15 @@ void tsi_test_fixture_init(tsi_test_fixture* fixture) { } void tsi_test_fixture_destroy(tsi_test_fixture* fixture) { - GPR_ASSERT(fixture != nullptr); + if (fixture == nullptr) { + return; + } tsi_test_frame_protector_config_destroy(fixture->config); tsi_handshaker_destroy(fixture->client_handshaker); tsi_handshaker_destroy(fixture->server_handshaker); tsi_handshaker_result_destroy(fixture->client_result); tsi_handshaker_result_destroy(fixture->server_result); - gpr_free(fixture->client_channel); - gpr_free(fixture->server_channel); + tsi_test_channel_destroy(fixture->channel); GPR_ASSERT(fixture->vtable != nullptr); GPR_ASSERT(fixture->vtable->destruct != nullptr); fixture->vtable->destruct(fixture); @@ -593,3 +636,34 @@ void tsi_test_fixture_destroy(tsi_test_fixture* fixture) { gpr_cv_destroy(&fixture->cv); gpr_free(fixture); } + +tsi_test_frame_protector_fixture* tsi_test_frame_protector_fixture_create() { + tsi_test_frame_protector_fixture* fixture = + static_cast<tsi_test_frame_protector_fixture*>( + gpr_zalloc(sizeof(*fixture))); + fixture->config = tsi_test_frame_protector_config_create( + true, true, true, true, true, true, true); + fixture->channel = tsi_test_channel_create(); + return fixture; +} + +void tsi_test_frame_protector_fixture_init( + tsi_test_frame_protector_fixture* fixture, + tsi_frame_protector* client_frame_protector, + tsi_frame_protector* server_frame_protector) { + GPR_ASSERT(fixture != nullptr); + fixture->client_frame_protector = client_frame_protector; + fixture->server_frame_protector = server_frame_protector; +} + +void tsi_test_frame_protector_fixture_destroy( + tsi_test_frame_protector_fixture* fixture) { + if (fixture == nullptr) { + return; + } + tsi_test_frame_protector_config_destroy(fixture->config); + tsi_test_channel_destroy(fixture->channel); + tsi_frame_protector_destroy(fixture->client_frame_protector); + tsi_frame_protector_destroy(fixture->server_frame_protector); + gpr_free(fixture); +} diff --git a/test/core/tsi/transport_security_test_lib.h b/test/core/tsi/transport_security_test_lib.h index 9b07448cc5..b6a431f5a0 100644 --- a/test/core/tsi/transport_security_test_lib.h +++ b/test/core/tsi/transport_security_test_lib.h @@ -35,8 +35,8 @@ #define TSI_TEST_DEFAULT_CHANNEL_SIZE 32768 #define TSI_TEST_BIG_MESSAGE_SIZE 17000 #define TSI_TEST_SMALL_MESSAGE_SIZE 10 -#define TSI_TEST_NUM_OF_ARGUMENTS 8 -#define TSI_TEST_NUM_OF_COMBINATIONS 256 +#define TSI_TEST_NUM_OF_ARGUMENTS 7 +#define TSI_TEST_NUM_OF_COMBINATIONS 128 #define TSI_TEST_UNUSED_BYTES "HELLO GOOGLE" /* --- tsi_test_fixture object --- @@ -46,12 +46,22 @@ protect/unprotect operations with respect to TSI implementations. */ typedef struct tsi_test_fixture tsi_test_fixture; -/* --- tsi_test_frame_protector_config object --- +/* --- tsi_test_frame_protector_fixture object --- + The object wraps all necessary information used to test correctness of TSI + frame protector implementations. */ +typedef struct tsi_test_frame_protector_fixture + tsi_test_frame_protector_fixture; +/* --- tsi_test_frame_protector_config object --- This object is used to configure different parameters of TSI frame protector APIs. */ typedef struct tsi_test_frame_protector_config tsi_test_frame_protector_config; +/* --- tsi_test_channel object --- + This object represents simulated channels between the client and server + from/to which they could read/write the exchanged information. */ +typedef struct tsi_test_channel tsi_test_channel; + /* V-table for tsi_test_fixture operations that are implemented differently in different TSI implementations. */ typedef struct tsi_test_fixture_vtable { @@ -73,17 +83,8 @@ struct tsi_test_fixture { tsi_handshaker_result* server_result; /* size of buffer used to store data received from the peer. */ size_t handshake_buffer_size; - /* simulated channels between client and server. If the server (client) - wants to send data to the client (server), he will write data to - client_channel (server_channel), which will be read by client (server). */ - uint8_t* client_channel; - uint8_t* server_channel; - /* size of data written to the client/server channel. */ - size_t bytes_written_to_client_channel; - size_t bytes_written_to_server_channel; - /* size of data read from the client/server channel */ - size_t bytes_read_from_client_channel; - size_t bytes_read_from_server_channel; + /* tsi_test_channel instance. */ + tsi_test_channel* channel; /* tsi_test_frame_protector_config instance */ tsi_test_frame_protector_config* config; /* a flag indicating if client has finished TSI handshake first (i.e., before @@ -106,6 +107,30 @@ struct tsi_test_fixture { bool notified; }; +struct tsi_test_frame_protector_fixture { + /* client/server TSI frame protectors whose ownership are transferred. */ + tsi_frame_protector* client_frame_protector; + tsi_frame_protector* server_frame_protector; + /* tsi_test_channel instance. */ + tsi_test_channel* channel; + /* tsi_test_frame_protector_config instance */ + tsi_test_frame_protector_config* config; +}; + +struct tsi_test_channel { + /* simulated channels between client and server. If the server (client) + wants to send data to the client (server), he will write data to + client_channel (server_channel), which will be read by client (server). */ + uint8_t* client_channel; + uint8_t* server_channel; + /* size of data written to the client/server channel. */ + size_t bytes_written_to_client_channel; + size_t bytes_written_to_server_channel; + /* size of data read from the client/server channel */ + size_t bytes_read_from_client_channel; + size_t bytes_read_from_server_channel; +}; + struct tsi_test_frame_protector_config { /* size of buffer used to store protected frames to be unprotected. */ size_t read_buffer_allocated_size; @@ -135,8 +160,7 @@ tsi_test_frame_protector_config* tsi_test_frame_protector_config_create( bool use_default_protected_buffer_size, bool use_default_client_message, bool use_default_server_message, bool use_default_client_max_output_protected_frame_size, - bool use_default_server_max_output_protected_frame_size, - bool use_default_handshake_buffer_size); + bool use_default_server_max_output_protected_frame_size); /* This method sets different buffer and frame sizes of a tsi_test_frame_protector_config instance with user provided values. */ @@ -160,6 +184,35 @@ void tsi_test_fixture_init(tsi_test_fixture* fixture); this function. */ void tsi_test_fixture_destroy(tsi_test_fixture* fixture); +/* This method creates a tsi_test_frame_protector_fixture instance. */ +tsi_test_frame_protector_fixture* tsi_test_frame_protector_fixture_create(); + +/* This method initializes members of tsi_test_frame_protector_fixture instance. + Note that the struct instance should be allocated before making + this call. */ +void tsi_test_frame_protector_fixture_init( + tsi_test_frame_protector_fixture* fixture, + tsi_frame_protector* client_frame_protector, + tsi_frame_protector* server_frame_protector); + +/* This method destroys a tsi_test_frame_protector_fixture instance. Note that + the fixture intance must be dynamically allocated and will be freed by this + function. */ +void tsi_test_frame_protector_fixture_destroy( + tsi_test_frame_protector_fixture* fixture); + +/* This method performs a protect opeation on raw data and sends the result to + peer. */ +void tsi_test_frame_protector_send_message_to_peer( + tsi_test_frame_protector_config* config, tsi_test_channel* channel, + tsi_frame_protector* protector, bool is_client); + +/* This method receives message from peer and unprotects it. */ +void tsi_test_frame_protector_receive_message_from_peer( + tsi_test_frame_protector_config* config, tsi_test_channel* channel, + tsi_frame_protector* protector, unsigned char* message, + size_t* bytes_received, bool is_client); + /* This method performs a full TSI handshake between a client and a server. Note that the test library will implement the new TSI handshaker API to perform handshakes. */ @@ -171,4 +224,8 @@ void tsi_test_do_handshake(tsi_test_fixture* fixture); the client and server switching its role. */ void tsi_test_do_round_trip(tsi_test_fixture* fixture); +/* This method performs the above round trip test without doing handshakes. */ +void tsi_test_frame_protector_do_round_trip_no_handshake( + tsi_test_frame_protector_fixture* fixture); + #endif // GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_ |