* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "hks_test_aes.h"
#include "hks_api.h"
#include "hks_param.h"
#include "hks_test_common.h"
#include "hks_test_log.h"
#define TEST_PLAIN_TEST "This is a plain text! Hello world and thanks for watching AES^^"
#define TEST_AES_12 12
#define TEST_AES_16 16
#define TEST_AES_32 32
#define TEST_AES_128 128
#define TEST_AES_256 256
static uint8_t g_buffer[TEST_AES_256];
static uint32_t g_bufferSize = TEST_AES_256;
uint8_t g_nonce[TEST_AES_12] = "hahahahahah";
uint8_t g_aad[TEST_AES_16] = "bababababababab";
uint8_t g_iv[TEST_AES_16] = "aabaabaabaabaab";
static int32_t ConstructParamSetEncryptDecryptAesPre(uint32_t mode, uint32_t padding, bool isEncrypt,
struct HksParamSet **paramSet)
{
int32_t ret = HksInitParamSet(paramSet);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParamInit failed!\n");
return ret;
}
do {
struct HksParam algParam = {0};
algParam.tag = HKS_TAG_ALGORITHM;
algParam.uint32Param = HKS_ALG_AES;
ret = HksAddParams(*paramSet, (const struct HksParam *)&algParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam algParam failed!\n");
break;
}
struct HksParam modeParam = {0};
modeParam.tag = HKS_TAG_BLOCK_MODE;
modeParam.uint32Param = mode;
ret = HksAddParams(*paramSet, (const struct HksParam *)&modeParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam algParam failed!\n");
break;
}
struct HksParam padParam = {0};
padParam.tag = HKS_TAG_PADDING;
padParam.uint32Param = padding;
ret = HksAddParams(*paramSet, (const struct HksParam *)&padParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam algParam failed!\n");
break;
}
struct HksParam purposeParam = {0};
purposeParam.tag = HKS_TAG_PURPOSE;
if (isEncrypt) {
purposeParam.uint32Param = HKS_KEY_PURPOSE_ENCRYPT;
} else {
purposeParam.uint32Param = HKS_KEY_PURPOSE_DECRYPT;
}
ret = HksAddParams(*paramSet, (const struct HksParam *)&purposeParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam algParam failed!\n");
break;
}
} while (0);
return ret;
}
static int32_t ConstructParamSetEncryptDecryptAesPost(uint32_t mode, struct HksParamSet **paramSet)
{
int32_t ret;
do {
struct HksParam aadParam = {0};
aadParam.tag = HKS_TAG_ASSOCIATED_DATA;
aadParam.blob.data = g_aad;
aadParam.blob.size = sizeof(g_aad);
ret = HksAddParams(*paramSet, (const struct HksParam *)&aadParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam aadParam failed!\n");
break;
}
if (mode == HKS_MODE_CBC) {
struct HksParam ivParam = {0};
ivParam.tag = HKS_TAG_IV;
ivParam.blob.data = g_iv;
ivParam.blob.size = sizeof(g_iv);
ret = HksAddParams(*paramSet, (const struct HksParam *)&ivParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam ivParam failed!\n");
break;
}
} else {
struct HksParam nonceParam = {0};
nonceParam.tag = HKS_TAG_NONCE;
nonceParam.blob.data = g_nonce;
nonceParam.blob.size = sizeof(g_nonce);
ret = HksAddParams(*paramSet, (const struct HksParam *)&nonceParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam nonceParam failed!\n");
break;
}
}
ret = HksBuildParamSet(paramSet);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParamFinal failed!\n");
break;
}
} while (0);
return ret;
}
static int32_t ConstructParamSetEncryptDecryptAes(uint32_t mode, uint32_t padding, bool isEncrypt,
struct HksParamSet **paramSet)
{
int32_t ret = ConstructParamSetEncryptDecryptAesPre(mode, padding, isEncrypt, paramSet);
HKS_TEST_ASSERT(ret == 0);
ret = ConstructParamSetEncryptDecryptAesPost(mode, paramSet);
HKS_TEST_ASSERT(ret == 0);
return ret;
}
#define TEST_KEY_AUTH_ID "This is a test auth id for generate ed25519 key, keyauthIdvalid!"
void GenerateBaseKey(const struct HksBlob *alias)
{
HKS_TEST_LOG_I("Test_Aes_gen_by_derive BASEKEY!\n");
struct HksParamSet *paramSet = NULL;
HKS_TEST_ASSERT(HksInitParamSet(¶mSet) == 0);
struct HksBlob authId = { strlen(TEST_KEY_AUTH_ID), (uint8_t *)TEST_KEY_AUTH_ID };
struct HksParam tmpParams[] = {
{ .tag = HKS_TAG_ALGORITHM,
.uint32Param = HKS_ALG_ED25519 },
{ .tag = HKS_TAG_KEY_SIZE,
.uint32Param = TEST_AES_256 },
{ .tag = HKS_TAG_PURPOSE,
.uint32Param = HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY },
{ .tag = HKS_TAG_DIGEST,
.uint32Param = HKS_DIGEST_SHA512 },
{ .tag = HKS_TAG_PADDING,
.uint32Param = HKS_PADDING_NONE },
{ .tag = HKS_TAG_KEY_AUTH_ID,
.blob = authId },
{ .tag = HKS_TAG_KEY_GENERATE_TYPE,
.uint32Param = HKS_KEY_GENERATE_TYPE_AGREE },
};
HKS_TEST_ASSERT(HksAddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0])) == 0);
HKS_TEST_ASSERT(HksBuildParamSet(¶mSet) == 0);
HKS_TEST_ASSERT(HksGenerateKey(alias, paramSet, NULL) == 0);
HksFreeParamSet(¶mSet);
}
#define TEST_AES_KEY_BASE_NAME_1 "test_aes_key_by_derive_base_name_ed25519_1"
#define TEST_AES_KEY_BASE_NAME_2 "test_aes_key_by_derive_base_name_ed25519_2"
#define TEST_AES_KEY_BASE_NAME_1_PUBKEY "test_aes_key_by_derive_base_name_ed25519_1_pubkey"
#define TEST_AES_KEY_BASE_NAME_2_PUBKEY "test_aes_key_by_derive_base_name_ed25519_2_pubkey"
#define TEST_AES_KEY_AGREE_NAME1 "test_aes_key_by_agree_name_keyAlias1"
#define TEST_AES_KEY_AGREE_NAME2 "test_aes_key_by_agree_name_keyAlias2"
static void PlainPubKey(const struct HksBlob *baseKey, const struct HksBlob *peerPubKey,
struct HksParamSet *paramSet)
{
struct HksParam tmpParams[] = {
{ .tag = HKS_TAG_ALGORITHM,
.uint32Param = HKS_ALG_AES },
{ .tag = HKS_TAG_KEY_SIZE,
.uint32Param = TEST_AES_256 },
{ .tag = HKS_TAG_PURPOSE,
.uint32Param = HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT },
{ .tag = HKS_TAG_BLOCK_MODE,
.uint32Param = HKS_MODE_GCM },
{ .tag = HKS_TAG_PADDING,
.uint32Param = HKS_PADDING_NONE },
{ .tag = HKS_TAG_KEY_GENERATE_TYPE,
.uint32Param = HKS_KEY_GENERATE_TYPE_AGREE },
{ .tag = HKS_TAG_AGREE_PRIVATE_KEY_ALIAS,
.blob = *baseKey },
{ .tag = HKS_TAG_AGREE_PUBLIC_KEY,
.blob = *peerPubKey },
{ .tag = HKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS,
.boolParam = false },
{ .tag = HKS_TAG_AGREE_ALG,
.uint32Param = HKS_ALG_ED25519 },
};
HKS_TEST_ASSERT(HksAddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0])) == 0);
}
static void SetKeyAliasTrue(const struct HksBlob *baseKey, const struct HksBlob *peerPubKey,
struct HksParamSet *paramSet)
{
struct HksParam tmpParams[] = {
{ .tag = HKS_TAG_ALGORITHM,
.uint32Param = HKS_ALG_AES },
{ .tag = HKS_TAG_KEY_SIZE,
.uint32Param = TEST_AES_256 },
{ .tag = HKS_TAG_PURPOSE,
.uint32Param = HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT },
{ .tag = HKS_TAG_BLOCK_MODE,
.uint32Param = HKS_MODE_GCM },
{ .tag = HKS_TAG_PADDING,
.uint32Param = HKS_PADDING_NONE },
{ .tag = HKS_TAG_KEY_GENERATE_TYPE,
.uint32Param = HKS_KEY_GENERATE_TYPE_AGREE },
{ .tag = HKS_TAG_AGREE_PRIVATE_KEY_ALIAS,
.blob = *baseKey },
{ .tag = HKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS,
.boolParam = true },
{ .tag = HKS_TAG_AGREE_PUBLIC_KEY,
.blob = *peerPubKey },
{ .tag = HKS_TAG_AGREE_ALG,
.uint32Param = HKS_ALG_ED25519 },
};
HKS_TEST_ASSERT(HksAddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0])) == 0);
}
static void SetKeyAliasWrong(const struct HksBlob *baseKey, const struct HksBlob *peerPubKey,
struct HksParamSet *paramSet)
{
struct HksParam tmpParams[] = {
{ .tag = HKS_TAG_ALGORITHM,
.uint32Param = HKS_ALG_AES },
{ .tag = HKS_TAG_KEY_SIZE,
.uint32Param = TEST_AES_256 },
{ .tag = HKS_TAG_PURPOSE,
.uint32Param = HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT },
{ .tag = HKS_TAG_BLOCK_MODE,
.uint32Param = HKS_MODE_GCM },
{ .tag = HKS_TAG_PADDING,
.uint32Param = HKS_PADDING_NONE },
{ .tag = HKS_TAG_KEY_GENERATE_TYPE,
.uint32Param = HKS_KEY_GENERATE_TYPE_AGREE },
{ .tag = HKS_TAG_AGREE_PRIVATE_KEY_ALIAS,
.blob = *baseKey },
{ .tag = HKS_TAG_AGREE_PUBLIC_KEY,
.blob = *peerPubKey },
{ .tag = HKS_TAG_AGREE_ALG,
.uint32Param = HKS_ALG_ED25519 },
};
HKS_TEST_ASSERT(HksAddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0])) == 0);
}
static void GenerateAesAgreeKey(const struct HksBlob *alias, const struct HksBlob *baseKey,
const struct HksBlob *peerPubKey, bool isPlainPubKey, bool isSetKeyAliasTrue)
{
HKS_TEST_LOG_I("Test_Aes_gen_by_agree key!\n");
struct HksParamSet *paramSet = NULL;
HKS_TEST_ASSERT(HksInitParamSet(¶mSet) == 0);
if (isPlainPubKey) {
PlainPubKey(baseKey, peerPubKey, paramSet);
} else {
if (isSetKeyAliasTrue) {
SetKeyAliasTrue(baseKey, peerPubKey, paramSet);
} else {
SetKeyAliasWrong(baseKey, peerPubKey, paramSet);
}
}
HKS_TEST_ASSERT(HksBuildParamSet(¶mSet) == 0);
HKS_TEST_ASSERT(HksGenerateKey(alias, paramSet, NULL) == 0);
HKS_TEST_LOG_I("End Test_Aes_gen_by_agree key!\n");
HksFreeParamSet(¶mSet);
}
static void ExportPubKey(const struct HksBlob *alias, struct HksBlob *pubKey)
{
HKS_TEST_ASSERT(HksExportPublicKey(alias, NULL, pubKey) == 0);
}
static void ImportPubKey(const struct HksBlob *alias, const struct HksBlob *pubKey)
{
HKS_TEST_LOG_I("Test_Import pubKey!\n");
struct HksParamSet *paramSet = NULL;
HKS_TEST_ASSERT(HksInitParamSet(¶mSet) == 0);
struct HksBlob authId = { strlen(TEST_KEY_AUTH_ID), (uint8_t *)TEST_KEY_AUTH_ID };
struct HksParam tmpParams[] = {
{ .tag = HKS_TAG_ALGORITHM,
.uint32Param = HKS_ALG_ED25519 },
{ .tag = HKS_TAG_KEY_SIZE,
.uint32Param = TEST_AES_256 },
{ .tag = HKS_TAG_PURPOSE,
.uint32Param = HKS_KEY_PURPOSE_VERIFY },
{ .tag = HKS_TAG_DIGEST,
.uint32Param = HKS_DIGEST_SHA512 },
{ .tag = HKS_TAG_PADDING,
.uint32Param = HKS_PADDING_NONE },
{ .tag = HKS_TAG_KEY_AUTH_ID,
.blob = authId },
{ .tag = HKS_TAG_KEY_GENERATE_TYPE,
.uint32Param = HKS_KEY_GENERATE_TYPE_DEFAULT },
};
HKS_TEST_ASSERT(HksAddParams(paramSet, tmpParams, sizeof(tmpParams) / sizeof(tmpParams[0])) == 0);
HKS_TEST_ASSERT(HksBuildParamSet(¶mSet) == 0);
HKS_TEST_ASSERT(HksImportKey(alias, paramSet, pubKey) == 0);
HksFreeParamSet(¶mSet);
}
#define TEST_AES_KEY_BASE_NAME "test_aes_key_by_derive_base_name_ed25519"
#define TEST_AES_KEY_DERIVE_NAME1 "test_aes_key_by_derive_name_keyAlias1"
#define TEST_AES_KEY_DERIVE_NAME2 "test_aes_key_by_derive_name_keyAlias2"
int32_t TestAes256ByAgree()
{
HKS_TEST_LOG_I("enter");
struct HksBlob baseKeyAlias1 = { strlen(TEST_AES_KEY_BASE_NAME_1), (uint8_t *)TEST_AES_KEY_BASE_NAME_1 };
GenerateBaseKey(&baseKeyAlias1);
struct HksBlob baseKeyAlias2 = { strlen(TEST_AES_KEY_BASE_NAME_2), (uint8_t *)TEST_AES_KEY_BASE_NAME_2 };
GenerateBaseKey(&baseKeyAlias2);
uint8_t pubKey1[TEST_AES_128] = {0};
uint8_t pubKey2[TEST_AES_128] = {0};
struct HksBlob pubKeyBlob1 = { TEST_AES_128, pubKey1 };
struct HksBlob pubKeyBlob2 = { TEST_AES_128, pubKey2 };
ExportPubKey(&baseKeyAlias1, &pubKeyBlob1);
ExportPubKey(&baseKeyAlias2, &pubKeyBlob2);
struct HksBlob pubKeyAlias1 = {
strlen(TEST_AES_KEY_BASE_NAME_1_PUBKEY), (uint8_t *)TEST_AES_KEY_BASE_NAME_1_PUBKEY
};
struct HksBlob pubKeyAlias2 = {
strlen(TEST_AES_KEY_BASE_NAME_2_PUBKEY), (uint8_t *)TEST_AES_KEY_BASE_NAME_2_PUBKEY
};
ImportPubKey(&pubKeyAlias1, &pubKeyBlob1);
ImportPubKey(&pubKeyAlias2, &pubKeyBlob2);
struct HksBlob aesKeyAlias1 = { strlen(TEST_AES_KEY_AGREE_NAME1), (uint8_t *)TEST_AES_KEY_AGREE_NAME1 };
GenerateAesAgreeKey(&aesKeyAlias1, &baseKeyAlias1, &pubKeyAlias2, false, false);
struct HksBlob aesKeyAlias2 = { strlen(TEST_AES_KEY_DERIVE_NAME2), (uint8_t *)TEST_AES_KEY_DERIVE_NAME2 };
GenerateAesAgreeKey(&aesKeyAlias2, &baseKeyAlias2, &pubKeyAlias1, false, false);
struct HksParamSet *paramSet = NULL;
int32_t ret = ConstructParamSetEncryptDecryptAes(HKS_MODE_GCM, HKS_PADDING_NONE, true, ¶mSet);
HKS_TEST_ASSERT(ret == 0);
struct HksBlob plainText1 = { strlen(TEST_PLAIN_TEST) + 1, (uint8_t*)TEST_PLAIN_TEST };
struct HksBlob cipherText1 = { TEST_AES_256, g_buffer };
(void)memset_s(cipherText1.data, cipherText1.size, 0, cipherText1.size);
HKS_TEST_ASSERT(HksEncrypt(&aesKeyAlias1, paramSet, &plainText1, &cipherText1) == 0);
g_bufferSize = cipherText1.size;
HksFreeParamSet(¶mSet);
ret = ConstructParamSetEncryptDecryptAes(HKS_MODE_GCM, HKS_PADDING_NONE, false, ¶mSet);
HKS_TEST_ASSERT(ret == 0);
struct HksBlob cipherText = { g_bufferSize, g_buffer };
uint8_t tmp[TEST_AES_256] = {0};
struct HksBlob plainText = { TEST_AES_256, tmp };
ret = HksDecrypt(&aesKeyAlias2, paramSet, &cipherText, &plainText);
HKS_TEST_ASSERT(ret == 0);
HKS_TEST_LOG_I("ConstructParamSetEncryptDecryptAes plainText: %s", plainText.data);
HksFreeParamSet(¶mSet);
HksDeleteKey(&baseKeyAlias1, NULL);
HksDeleteKey(&baseKeyAlias2, NULL);
HksDeleteKey(&pubKeyAlias1, NULL);
HksDeleteKey(&pubKeyAlias2, NULL);
HksDeleteKey(&aesKeyAlias1, NULL);
HksDeleteKey(&aesKeyAlias2, NULL);
HKS_TEST_LOG_I("end");
return ret;
}
int32_t TestAes256ByAgree1()
{
HKS_TEST_LOG_I("enter");
struct HksBlob baseKeyAlias1 = { strlen(TEST_AES_KEY_BASE_NAME_1), (uint8_t *)TEST_AES_KEY_BASE_NAME_1 };
GenerateBaseKey(&baseKeyAlias1);
struct HksBlob baseKeyAlias2 = { strlen(TEST_AES_KEY_BASE_NAME_2), (uint8_t *)TEST_AES_KEY_BASE_NAME_2 };
GenerateBaseKey(&baseKeyAlias2);
uint8_t pubKey1[TEST_AES_128] = {0};
uint8_t pubKey2[TEST_AES_128] = {0};
struct HksBlob pubKeyBlob1 = { TEST_AES_128, pubKey1 };
struct HksBlob pubKeyBlob2 = { TEST_AES_128, pubKey2 };
ExportPubKey(&baseKeyAlias1, &pubKeyBlob1);
ExportPubKey(&baseKeyAlias2, &pubKeyBlob2);
struct HksBlob pubKeyAlias1 = {
strlen(TEST_AES_KEY_BASE_NAME_1_PUBKEY), (uint8_t *)TEST_AES_KEY_BASE_NAME_1_PUBKEY
};
struct HksBlob pubKeyAlias2 = {
strlen(TEST_AES_KEY_BASE_NAME_2_PUBKEY), (uint8_t *)TEST_AES_KEY_BASE_NAME_2_PUBKEY
};
ImportPubKey(&pubKeyAlias1, &pubKeyBlob1);
ImportPubKey(&pubKeyAlias2, &pubKeyBlob2);
struct HksBlob aesKeyAlias1 = { strlen(TEST_AES_KEY_AGREE_NAME1), (uint8_t *)TEST_AES_KEY_AGREE_NAME1 };
GenerateAesAgreeKey(&aesKeyAlias1, &baseKeyAlias1, &pubKeyAlias2, false, true);
struct HksBlob aesKeyAlias2 = { strlen(TEST_AES_KEY_DERIVE_NAME2), (uint8_t *)TEST_AES_KEY_DERIVE_NAME2 };
GenerateAesAgreeKey(&aesKeyAlias2, &baseKeyAlias2, &pubKeyAlias1, false, true);
struct HksParamSet *paramSet = NULL;
int32_t ret = ConstructParamSetEncryptDecryptAes(HKS_MODE_GCM, HKS_PADDING_NONE, true, ¶mSet);
HKS_TEST_ASSERT(ret == 0);
struct HksBlob plainText1 = { strlen(TEST_PLAIN_TEST) + 1, (uint8_t*)TEST_PLAIN_TEST };
struct HksBlob cipherText1 = { TEST_AES_256, g_buffer };
(void)memset_s(cipherText1.data, cipherText1.size, 0, cipherText1.size);
HKS_TEST_ASSERT(HksEncrypt(&aesKeyAlias1, paramSet, &plainText1, &cipherText1) == 0);
g_bufferSize = cipherText1.size;
HksFreeParamSet(¶mSet);
ret = ConstructParamSetEncryptDecryptAes(HKS_MODE_GCM, HKS_PADDING_NONE, false, ¶mSet);
HKS_TEST_ASSERT(ret == 0);
struct HksBlob cipherText = { g_bufferSize, g_buffer };
uint8_t tmp[TEST_AES_256] = {0};
struct HksBlob plainText = { TEST_AES_256, tmp };
ret = HksDecrypt(&aesKeyAlias2, paramSet, &cipherText, &plainText);
HKS_TEST_ASSERT(ret == 0);
HKS_TEST_LOG_I("ConstructParamSetEncryptDecryptAes plainText: %s", plainText.data);
HksFreeParamSet(¶mSet);
HksDeleteKey(&baseKeyAlias1, NULL);
HksDeleteKey(&baseKeyAlias2, NULL);
HksDeleteKey(&pubKeyAlias1, NULL);
HksDeleteKey(&pubKeyAlias2, NULL);
HksDeleteKey(&aesKeyAlias1, NULL);
HksDeleteKey(&aesKeyAlias2, NULL);
HKS_TEST_LOG_I("end");
return ret;
}
int32_t TestAes256ByAgree2()
{
HKS_TEST_LOG_I("enter");
struct HksBlob baseKeyAlias1 = { strlen(TEST_AES_KEY_BASE_NAME_1), (uint8_t *)TEST_AES_KEY_BASE_NAME_1 };
GenerateBaseKey(&baseKeyAlias1);
struct HksBlob baseKeyAlias2 = { strlen(TEST_AES_KEY_BASE_NAME_2), (uint8_t *)TEST_AES_KEY_BASE_NAME_2 };
GenerateBaseKey(&baseKeyAlias2);
uint8_t pubKey1[TEST_AES_128] = {0};
uint8_t pubKey2[TEST_AES_128] = {0};
struct HksBlob pubKeyBlob1 = { TEST_AES_128, pubKey1 };
struct HksBlob pubKeyBlob2 = { TEST_AES_128, pubKey2 };
ExportPubKey(&baseKeyAlias1, &pubKeyBlob1);
ExportPubKey(&baseKeyAlias2, &pubKeyBlob2);
struct HksBlob aesKeyAlias1 = { strlen(TEST_AES_KEY_AGREE_NAME1), (uint8_t *)TEST_AES_KEY_AGREE_NAME1 };
GenerateAesAgreeKey(&aesKeyAlias1, &baseKeyAlias1, &pubKeyBlob2, true, false);
struct HksBlob aesKeyAlias2 = { strlen(TEST_AES_KEY_DERIVE_NAME2), (uint8_t *)TEST_AES_KEY_DERIVE_NAME2 };
GenerateAesAgreeKey(&aesKeyAlias2, &baseKeyAlias2, &pubKeyBlob1, true, false);
struct HksParamSet *paramSet = NULL;
int32_t ret = ConstructParamSetEncryptDecryptAes(HKS_MODE_GCM, HKS_PADDING_NONE, true, ¶mSet);
HKS_TEST_ASSERT(ret == 0);
struct HksBlob plainText1 = { strlen(TEST_PLAIN_TEST) + 1, (uint8_t*)TEST_PLAIN_TEST };
struct HksBlob cipherText1 = { TEST_AES_256, g_buffer };
(void)memset_s(cipherText1.data, cipherText1.size, 0, cipherText1.size);
HKS_TEST_ASSERT(HksEncrypt(&aesKeyAlias1, paramSet, &plainText1, &cipherText1) == 0);
g_bufferSize = cipherText1.size;
HksFreeParamSet(¶mSet);
ret = ConstructParamSetEncryptDecryptAes(HKS_MODE_GCM, HKS_PADDING_NONE, false, ¶mSet);
HKS_TEST_ASSERT(ret == 0);
struct HksBlob cipherText = { g_bufferSize, g_buffer };
uint8_t tmp[TEST_AES_256] = {0};
struct HksBlob plainText = { TEST_AES_256, tmp };
ret = HksDecrypt(&aesKeyAlias2, paramSet, &cipherText, &plainText);
HKS_TEST_ASSERT(ret == 0);
HKS_TEST_LOG_I("ConstructParamSetEncryptDecryptAes plainText: %s", plainText.data);
HksFreeParamSet(¶mSet);
HksDeleteKey(&baseKeyAlias1, NULL);
HksDeleteKey(&baseKeyAlias2, NULL);
HksDeleteKey(&aesKeyAlias1, NULL);
HksDeleteKey(&aesKeyAlias2, NULL);
HKS_TEST_LOG_I("end");
return ret;
}
int32_t TestAes256ByLocal()
{
HKS_TEST_LOG_I("enter");
char testKey[TEST_AES_32];
struct HksBlob keyBlob;
for (int i = 0; i < TEST_AES_32; ++i) {
testKey[i] = i + TEST_AES_32;
}
keyBlob.data = (uint8_t *)(testKey);
keyBlob.size = sizeof(testKey);
struct HksParamSet *paramSet = NULL;
struct HksParam algParam = {
.tag = HKS_TAG_IS_KEY_ALIAS,
.uint32Param = 0
};
int32_t ret = ConstructParamSetEncryptDecryptAes(HKS_MODE_GCM, HKS_PADDING_NONE, true, ¶mSet);
HKS_TEST_ASSERT(ret == 0);
ret = HksAddParams(paramSet, (const struct HksParam *)&algParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam algParam failed!\n");
HksFreeParamSet(¶mSet);
return ret;
}
struct HksBlob plainText1 = { strlen(TEST_PLAIN_TEST) + 1, (uint8_t*)TEST_PLAIN_TEST };
struct HksBlob cipherText1 = { TEST_AES_256, g_buffer };
(void)memset_s(cipherText1.data, cipherText1.size, 0, cipherText1.size);
HKS_TEST_ASSERT(HksEncrypt(&keyBlob, paramSet, &plainText1, &cipherText1) == 0);
g_bufferSize = cipherText1.size;
HksFreeParamSet(¶mSet);
ret = ConstructParamSetEncryptDecryptAes(HKS_MODE_GCM, HKS_PADDING_NONE, false, ¶mSet);
HKS_TEST_ASSERT(ret == 0);
algParam.tag = HKS_TAG_IS_KEY_ALIAS;
algParam.uint32Param = 0;
ret = HksAddParams(paramSet, (const struct HksParam *)&algParam, 1);
if (ret != 0) {
HKS_TEST_LOG_E("HksAddParam algParam failed!\n");
HksFreeParamSet(¶mSet);
return ret;
}
struct HksBlob cipherText = { g_bufferSize, g_buffer };
uint8_t tmp[TEST_AES_256] = {0};
struct HksBlob plainText = { TEST_AES_256, tmp };
ret = HksDecrypt(&keyBlob, paramSet, &cipherText, &plainText);
HKS_TEST_ASSERT(ret == 0);
HKS_TEST_ASSERT(memcmp(plainText.data, plainText1.data, plainText.size) == 0);
HksFreeParamSet(¶mSet);
HKS_TEST_LOG_I("end");
return ret;
}