diff options
| author | Miloslav Trmač <mitr@redhat.com> | 2010-11-15 21:19:21 +0100 |
|---|---|---|
| committer | Miloslav Trmač <mitr@redhat.com> | 2010-11-15 21:19:21 +0100 |
| commit | 9d339f288eda10e5334bbf4ccdfd068eaee95c0e (patch) | |
| tree | b8816403c73a6bd0109631b54d563448bc52dd8c | |
| parent | 52c69fc0152b6d63644bbdab8aa5b07892255436 (diff) | |
| download | ncrypto-9d339f288eda10e5334bbf4ccdfd068eaee95c0e.tar.gz ncrypto-9d339f288eda10e5334bbf4ccdfd068eaee95c0e.tar.xz ncrypto-9d339f288eda10e5334bbf4ccdfd068eaee95c0e.zip | |
Add ncr_symm_cipher_change_iv
| -rw-r--r-- | include/ncrypto/ncrypto.h | 2 | ||||
| -rw-r--r-- | lib/ncrypto_local.c | 19 | ||||
| -rw-r--r-- | tests/symm_ciphers.c | 56 |
3 files changed, 77 insertions, 0 deletions
diff --git a/include/ncrypto/ncrypto.h b/include/ncrypto/ncrypto.h index 024d5a7..a09d451 100644 --- a/include/ncrypto/ncrypto.h +++ b/include/ncrypto/ncrypto.h @@ -158,6 +158,8 @@ struct ncr_symm_cipher_session; CK_RV ncr_symm_cipher_alloc (struct ncr_symm_cipher_session **sess, CK_MECHANISM_TYPE mech); CK_RV ncr_symm_cipher_free (struct ncr_symm_cipher_session *sess); +CK_RV ncr_symm_cipher_change_iv (struct ncr_symm_cipher_session *sess, + const void *iv, size_t iv_size); /* Use either ncr_symm_cipher_encrypt_{init,update,final} (), or ncr_symm_cipher_{encrypt_init,encrypt} (). After finishing such a call sequence, a new sequence can be started within the same session. Same for diff --git a/lib/ncrypto_local.c b/lib/ncrypto_local.c index da1ccab..537aaac 100644 --- a/lib/ncrypto_local.c +++ b/lib/ncrypto_local.c @@ -501,6 +501,25 @@ ncr_symm_cipher_free (struct ncr_symm_cipher_session *sess) return CKR_OK; } +CK_RV +ncr_symm_cipher_change_iv (struct ncr_symm_cipher_session *sess, const void *iv, + size_t iv_size) +{ + g_return_val_if_fail (sess != NULL, CKR_SESSION_HANDLE_INVALID); + g_return_val_if_fail (sess->state == NSCS_INITIALIZED + || sess->state == NSCS_UPDATED, + CKR_OPERATION_NOT_INITIALIZED); + g_return_val_if_fail (iv != NULL || iv_size == 0, CKR_ARGUMENTS_BAD); + + g_return_val_if_fail (iv_size + == (unsigned)EVP_CIPHER_CTX_iv_length (&sess->ctx), + CKR_MECHANISM_PARAM_INVALID); + g_assert (iv_size <= sizeof (sess->ctx.iv)); + + memcpy (sess->ctx.iv, iv, iv_size); + return CKR_OK; +} + static CK_RV symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt, struct ncr_symm_key *key, const void *param, diff --git a/tests/symm_ciphers.c b/tests/symm_ciphers.c index a6f3570..2c2cd92 100644 --- a/tests/symm_ciphers.c +++ b/tests/symm_ciphers.c @@ -209,6 +209,62 @@ main (void) res = ncr_symm_cipher_alloc (&sess, tvs[i].mech); assert (res == CKR_OK); + res = ncr_symm_key_create (&key, tvs[i].key_type, true, tvs[i].key, + tvs[i].key_size); + assert (res == CKR_OK); + + res = ncr_symm_cipher_encrypt_init (sess, key, tvs[i].iv, tvs[i].iv_size); + assert (res == CKR_OK); + + dest_size = sizeof (dest); + res = ncr_symm_cipher_encrypt_update (sess, dest, &dest_size, + tvs[i].input, tvs[i].input_size); + assert (res == CKR_OK); + assert (dest_size == tvs[i].output_size); + assert (memcmp (dest, tvs[i].output, dest_size) == 0); + + res = ncr_symm_cipher_change_iv (sess, tvs[i].iv, tvs[i].iv_size); + assert (res == CKR_OK); + + dest_size = sizeof (dest); + res = ncr_symm_cipher_encrypt_final (sess, dest, &dest_size, tvs[i].input, + tvs[i].input_size); + assert (res == CKR_OK); + assert (dest_size == tvs[i].output_size); + assert (memcmp (dest, tvs[i].output, dest_size) == 0); + + res = ncr_symm_cipher_decrypt_init (sess, key, tvs[i].iv, tvs[i].iv_size); + assert (res == CKR_OK); + + dest_size = sizeof (dest); + res = ncr_symm_cipher_decrypt_update (sess, dest, &dest_size, + tvs[i].output, tvs[i].output_size); + assert (res == CKR_OK); + assert (dest_size == tvs[i].input_size); + assert (memcmp (dest, tvs[i].input, dest_size) == 0); + + res = ncr_symm_cipher_change_iv (sess, tvs[i].iv, tvs[i].iv_size); + assert (res == CKR_OK); + + dest_size = sizeof (dest); + res = ncr_symm_cipher_decrypt_final (sess, dest, &dest_size, + tvs[i].output, tvs[i].output_size); + assert (res == CKR_OK); + assert (dest_size == tvs[i].input_size); + assert (memcmp (dest, tvs[i].input, dest_size) == 0); + + res = ncr_symm_key_destroy (key); + assert (res == CKR_OK); + + res = ncr_symm_cipher_free (sess); + assert (res == CKR_OK); + } + + for (i = 0; i < G_N_ELEMENTS (tvs); i++) + { + res = ncr_symm_cipher_alloc (&sess, tvs[i].mech); + assert (res == CKR_OK); + res = ncr_symm_key_generate (&key, tvs[i].key_gen_mech, true, tvs[i].key_size); assert (res == CKR_OK); |