[Android WebView] Fix webview perf bot switchover to use org.chromium.webview_shell...
[chromium-blink-merge.git] / net / quic / crypto / chacha20_poly1305_decrypter_test.cc
blob8a4cec4a3b05ef0e2b96073d4f5f0612085c1500
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/quic/crypto/chacha20_poly1305_decrypter.h"
7 #include "net/quic/test_tools/quic_test_utils.h"
9 using base::StringPiece;
10 using std::string;
12 namespace {
14 // The test vectors come from draft-agl-tls-chacha20poly1305-04 Section 7.
16 // Each test vector consists of six strings of lowercase hexadecimal digits.
17 // The strings may be empty (zero length). A test vector with a NULL |key|
18 // marks the end of an array of test vectors.
19 struct TestVector {
20 // Input:
21 const char* key;
22 const char* iv;
23 const char* aad;
24 const char* ct;
26 // Expected output:
27 const char* pt; // An empty string "" means decryption succeeded and
28 // the plaintext is zero-length. NULL means decryption
29 // failed.
32 const TestVector test_vectors[] = {
33 { "4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd110"
34 "0a1007",
35 "cd7cf67be39c794a",
36 "87e229d4500845a079c0",
37 "e3e446f7ede9a19b62a4677dabf4e3d24b876bb28475", // "3896e1d6" truncated.
38 "86d09974840bded2a5ca"
40 // Modify the ciphertext (ChaCha20 encryption output).
41 { "4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd110"
42 "0a1007",
43 "cd7cf67be39c794a",
44 "87e229d4500845a079c0",
45 "f3e446f7ede9a19b62a4677dabf4e3d24b876bb28475", // "3896e1d6" truncated.
46 NULL // FAIL
48 // Modify the ciphertext (Poly1305 authenticator).
49 { "4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd110"
50 "0a1007",
51 "cd7cf67be39c794a",
52 "87e229d4500845a079c0",
53 "e3e446f7ede9a19b62a4677dabf4e3d24b876bb28476", // "3896e1d6" truncated.
54 NULL // FAIL
56 // Modify the associated data.
57 { "4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd110"
58 "0a1007",
59 "dd7cf67be39c794a",
60 "87e229d4500845a079c0",
61 "e3e446f7ede9a19b62a4677dabf4e3d24b876bb28475", // "3896e1d6" truncated.
62 NULL // FAIL
64 { NULL }
67 } // namespace
69 namespace net {
70 namespace test {
72 // DecryptWithNonce wraps the |Decrypt| method of |decrypter| to allow passing
73 // in an nonce and also to allocate the buffer needed for the plaintext.
74 QuicData* DecryptWithNonce(ChaCha20Poly1305Decrypter* decrypter,
75 StringPiece nonce,
76 StringPiece associated_data,
77 StringPiece ciphertext) {
78 QuicPacketSequenceNumber sequence_number;
79 StringPiece nonce_prefix(nonce.data(),
80 nonce.size() - sizeof(sequence_number));
81 decrypter->SetNoncePrefix(nonce_prefix);
82 memcpy(&sequence_number, nonce.data() + nonce_prefix.size(),
83 sizeof(sequence_number));
84 scoped_ptr<char[]> output(new char[ciphertext.length()]);
85 size_t output_length = 0;
86 const bool success = decrypter->DecryptPacket(
87 sequence_number, associated_data, ciphertext, output.get(),
88 &output_length, ciphertext.length());
89 if (!success) {
90 return nullptr;
92 return new QuicData(output.release(), output_length, true);
95 TEST(ChaCha20Poly1305DecrypterTest, Decrypt) {
96 if (!ChaCha20Poly1305Decrypter::IsSupported()) {
97 LOG(INFO) << "ChaCha20+Poly1305 not supported. Test skipped.";
98 return;
101 for (size_t i = 0; test_vectors[i].key != nullptr; i++) {
102 // If not present then decryption is expected to fail.
103 bool has_pt = test_vectors[i].pt;
105 // Decode the test vector.
106 string key;
107 string iv;
108 string aad;
109 string ct;
110 string pt;
111 ASSERT_TRUE(DecodeHexString(test_vectors[i].key, &key));
112 ASSERT_TRUE(DecodeHexString(test_vectors[i].iv, &iv));
113 ASSERT_TRUE(DecodeHexString(test_vectors[i].aad, &aad));
114 ASSERT_TRUE(DecodeHexString(test_vectors[i].ct, &ct));
115 if (has_pt) {
116 ASSERT_TRUE(DecodeHexString(test_vectors[i].pt, &pt));
119 ChaCha20Poly1305Decrypter decrypter;
120 ASSERT_TRUE(decrypter.SetKey(key));
121 scoped_ptr<QuicData> decrypted(DecryptWithNonce(
122 &decrypter, iv,
123 // This deliberately tests that the decrypter can handle an AAD that
124 // is set to nullptr, as opposed to a zero-length, non-nullptr pointer.
125 StringPiece(aad.length() ? aad.data() : nullptr, aad.length()), ct));
126 if (!decrypted.get()) {
127 EXPECT_FALSE(has_pt);
128 continue;
130 EXPECT_TRUE(has_pt);
132 ASSERT_EQ(pt.length(), decrypted->length());
133 test::CompareCharArraysWithHexError("plaintext", decrypted->data(),
134 pt.length(), pt.data(), pt.length());
138 } // namespace test
139 } // namespace net