summaryrefslogtreecommitdiffstats
path: root/security/nss/gtests/pk11_gtest/pk11_des_unittest.cc
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
commit36d22d82aa202bb199967e9512281e9a53db42c9 (patch)
tree105e8c98ddea1c1e4784a60a5a6410fa416be2de /security/nss/gtests/pk11_gtest/pk11_des_unittest.cc
parentInitial commit. (diff)
downloadfirefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz
firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip
Adding upstream version 115.7.0esr.upstream/115.7.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/gtests/pk11_gtest/pk11_des_unittest.cc')
-rw-r--r--security/nss/gtests/pk11_gtest/pk11_des_unittest.cc65
1 files changed, 65 insertions, 0 deletions
diff --git a/security/nss/gtests/pk11_gtest/pk11_des_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_des_unittest.cc
new file mode 100644
index 0000000000..30f1afb8d9
--- /dev/null
+++ b/security/nss/gtests/pk11_gtest/pk11_des_unittest.cc
@@ -0,0 +1,65 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <memory>
+#include "nss.h"
+#include "pk11pub.h"
+
+#include "nss_scoped_ptrs.h"
+
+#include "gtest/gtest.h"
+
+namespace nss_test {
+
+class Pkcs11DesTest : public ::testing::Test {
+ protected:
+ SECStatus EncryptWithIV(std::vector<uint8_t>& iv,
+ const CK_MECHANISM_TYPE mech) {
+ // Generate a random key.
+ ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
+ ScopedPK11SymKey sym_key(
+ PK11_KeyGen(slot.get(), mech, nullptr, 8, nullptr));
+ EXPECT_TRUE(!!sym_key);
+
+ std::vector<uint8_t> data(16);
+ std::vector<uint8_t> output(16);
+
+ SECItem params = {siBuffer, iv.data(),
+ static_cast<unsigned int>(iv.size())};
+
+ // Try to encrypt.
+ unsigned int output_len = 0;
+ return PK11_Encrypt(sym_key.get(), mech, &params, output.data(),
+ &output_len, output.size(), data.data(), data.size());
+ }
+};
+
+TEST_F(Pkcs11DesTest, ZeroLengthIV) {
+ std::vector<uint8_t> iv(0);
+ EXPECT_EQ(SECFailure, EncryptWithIV(iv, CKM_DES_CBC));
+ EXPECT_EQ(SECFailure, EncryptWithIV(iv, CKM_DES3_CBC));
+}
+
+TEST_F(Pkcs11DesTest, IVTooShort) {
+ std::vector<uint8_t> iv(7);
+ EXPECT_EQ(SECFailure, EncryptWithIV(iv, CKM_DES_CBC));
+ EXPECT_EQ(SECFailure, EncryptWithIV(iv, CKM_DES3_CBC));
+}
+
+TEST_F(Pkcs11DesTest, WrongLengthIV) {
+ // We tolerate IVs > 8
+ std::vector<uint8_t> iv(15, 0);
+ EXPECT_EQ(SECSuccess, EncryptWithIV(iv, CKM_DES_CBC));
+ EXPECT_EQ(SECSuccess, EncryptWithIV(iv, CKM_DES3_CBC));
+}
+
+TEST_F(Pkcs11DesTest, AllGood) {
+ std::vector<uint8_t> iv(8, 0);
+ EXPECT_EQ(SECSuccess, EncryptWithIV(iv, CKM_DES_CBC));
+ EXPECT_EQ(SECSuccess, EncryptWithIV(iv, CKM_DES3_CBC));
+}
+
+} // namespace nss_test