1/* 2 * CCCryptorTestFuncs.c 3 * CCRegressions 4 * 5 * 6 */ 7 8 9#include <stdio.h> 10#include "CCCryptorTestFuncs.h" 11#include "testbyteBuffer.h" 12#include "testmore.h" 13#include "capabilities.h" 14 15 16CCCryptorStatus 17CCCryptWithMode(CCOperation op, CCMode mode, CCAlgorithm alg, CCPadding padding, const void *iv, 18 const void *key, size_t keyLength, const void *tweak, size_t tweakLength, 19 int numRounds, CCModeOptions options, 20 const void *dataIn, size_t dataInLength, 21 void *dataOut, size_t dataOutAvailable, size_t *dataOutMoved) 22#ifdef CRYPTORWITHMODE 23{ 24 CCCryptorRef cref; 25 CCCryptorStatus retval; 26 size_t moved; 27 28 if((retval = CCCryptorCreateWithMode(op, mode, alg, padding, iv, key, keyLength, tweak, tweakLength, numRounds, options, &cref)) != kCCSuccess) { 29 return retval; 30 } 31 32 if((retval = CCCryptorUpdate(cref, dataIn, dataInLength, dataOut, dataOutAvailable, &moved)) != kCCSuccess) { 33 return retval; 34 } 35 36 dataOut += moved; 37 dataOutAvailable -= moved; 38 *dataOutMoved = moved; 39 40 if((retval = CCCryptorFinal(cref, dataOut, dataOutAvailable, &moved)) != kCCSuccess) { 41 return retval; 42 } 43 44 *dataOutMoved += moved; 45 46 CCCryptorRelease(cref); 47 48 return kCCSuccess; 49} 50#else 51{ 52 return kCCSuccess; 53} 54#endif 55 56 57 58CCCryptorStatus 59CCMultiCrypt(CCOperation op, CCAlgorithm alg, CCOptions options, const void *key, size_t keyLength, const void *iv, const void *dataIn, size_t dataInLength, 60 void *dataOut, size_t dataOutAvailable, size_t *dataOutMoved) 61{ 62 CCCryptorRef cref; 63 CCCryptorStatus retval; 64 size_t p1, p2; 65 size_t newmoved; 66 size_t finalSize; 67 68 retval = CCCryptorCreate(op, alg, options, key, keyLength, iv, &cref); 69 if(retval != kCCSuccess) { 70 diag("Cryptor Create Failed\n"); 71 return retval; 72 } 73 p1 = ( dataInLength / 16 ) * 16 - 1; 74 if(p1 > 16) p1 = dataInLength; 75 p2 = dataInLength - p1; 76 // diag("Processing length %d in two parts %d and %d\n", (int) dataInLength, (int) p1, (int) p2); 77 78 *dataOutMoved = 0; 79 80 if(p1) { 81 retval = CCCryptorUpdate(cref, dataIn, p1, dataOut, dataOutAvailable, dataOutMoved); 82 if(retval) { 83 diag("P1 - Tried to move %d - failed retval = %d\n", (int) p1, (int) retval); 84 return retval; 85 } 86 dataIn += p1; 87 dataOut += *dataOutMoved; 88 dataOutAvailable -= *dataOutMoved; 89 } 90 if(p2) { 91 92 retval = CCCryptorUpdate(cref, dataIn, p2, dataOut, dataOutAvailable, &newmoved); 93 if(retval) { 94 diag("P2 - Tried to move %d - failed\n", (int) p2); 95 return retval; 96 } 97 dataOut += newmoved; 98 dataOutAvailable -= newmoved; 99 *dataOutMoved += newmoved; 100 } 101 102 /* We've had reports that Final fails on some platforms if it's only cipher blocksize. */ 103 switch(alg) { 104 case kCCAlgorithmDES: /* fallthrough */ 105 case kCCAlgorithm3DES: finalSize = kCCBlockSizeDES; break; 106 case kCCAlgorithmAES128: finalSize = kCCBlockSizeAES128; break; 107 case kCCAlgorithmCAST: finalSize = kCCBlockSizeCAST; break; 108 case kCCAlgorithmRC2: finalSize = kCCBlockSizeRC2; break; 109 default: finalSize = dataOutAvailable; 110 } 111 112 retval = CCCryptorFinal(cref, dataOut, finalSize, &newmoved); 113 if(retval) { 114 diag("Final - failed %d\n", (int) retval); 115 return retval; 116 } 117 retval = CCCryptorRelease(cref); 118 if(retval) { 119 diag("Final - release failed %d\n", (int) retval); 120 return retval; 121 } 122 *dataOutMoved += newmoved; 123 return kCCSuccess; 124 125 126} 127 128CCCryptorStatus 129CCMultiCryptWithMode(CCOperation op, CCMode mode, CCAlgorithm alg, CCPadding padding, const void *iv, 130 const void *key, size_t keyLength, const void *tweak, size_t tweakLength, 131 int numRounds, CCModeOptions options, 132 const void *dataIn, size_t dataInLength, 133 void *dataOut, size_t dataOutAvailable, size_t *dataOutMoved) 134#ifdef CRYPTORWITHMODE 135{ 136 CCCryptorRef cref; 137 CCCryptorStatus retval; 138 size_t p1, p2; 139 size_t newmoved; 140 141 if((retval = CCCryptorCreateWithMode(op, mode, alg, padding, iv, key, keyLength, tweak, tweakLength, numRounds, options, &cref)) != kCCSuccess) { 142 return retval; 143 } 144 p1 = ( dataInLength / 16 ) * 16 - 1; 145 if(p1 > 16) p1 = dataInLength; 146 p2 = dataInLength - p1; 147 // diag("Processing length %d in two parts %d and %d\n", (int) dataInLength, (int) p1, (int) p2); 148 149 *dataOutMoved = 0; 150 151 if(p1) { 152 retval = CCCryptorUpdate(cref, dataIn, p1, dataOut, dataOutAvailable, dataOutMoved); 153 if(retval) { 154 diag("P1 - Tried to move %d - failed retval = %d\n", (int) p1, (int) retval); 155 return retval; 156 } 157 dataIn += p1; 158 dataOut += *dataOutMoved; 159 dataOutAvailable -= *dataOutMoved; 160 } 161 if(p2) { 162 163 retval = CCCryptorUpdate(cref, dataIn, p2, dataOut, dataOutAvailable, &newmoved); 164 if(retval) { 165 diag("P2 - Tried to move %d - failed\n", (int) p2); 166 return retval; 167 } 168 dataOut += newmoved; 169 dataOutAvailable -= newmoved; 170 *dataOutMoved += newmoved; 171 } 172 retval = CCCryptorFinal(cref, dataOut, dataOutAvailable, &newmoved); 173 if(retval) { 174 diag("Final - failed %d\n", (int) retval); 175 return retval; 176 } 177 retval = CCCryptorRelease(cref); 178 if(retval) { 179 diag("Final - release failed %d\n", (int) retval); 180 return retval; 181 } 182 *dataOutMoved += newmoved; 183 return kCCSuccess; 184} 185#else 186{ 187 return kCCSuccess; 188} 189#endif 190 191 192static byteBuffer 193ccConditionalTextBuffer(char *inputText) 194{ 195 byteBuffer ret; 196 197 if(inputText) ret = hexStringToBytes(inputText); 198 else { 199 ret = hexStringToBytes(""); 200 ret->bytes = NULL; 201 } 202 return ret; 203} 204 205int 206CCCryptTestCase(char *keyStr, char *ivStr, CCAlgorithm alg, CCOptions options, char *cipherText, char *plainText) 207{ 208 byteBuffer key, iv; 209 byteBuffer pt, ct; 210 211 212 CCCryptorStatus retval; 213 char cipherDataOut[4096]; 214 char plainDataOut[4096]; 215 size_t dataOutMoved; 216 byteBuffer bb; 217 218 key = hexStringToBytes(keyStr); 219 pt = ccConditionalTextBuffer(plainText); 220 ct = ccConditionalTextBuffer(cipherText); 221 iv = ccConditionalTextBuffer(ivStr); 222 223 224 if((retval = CCCrypt(kCCEncrypt, alg, options, key->bytes, key->len, iv->bytes, pt->bytes, pt->len, cipherDataOut, 4096, &dataOutMoved)) != kCCSuccess) { 225 diag("Encrypt Failed %d\n", retval); 226 return 1; 227 } 228 229 bb = bytesToBytes(cipherDataOut, dataOutMoved); 230 231 // If ct isn't defined we're gathering data - print the ciphertext result 232 if(!ct->bytes) { 233 diag("Input Length %d Result: %s\n", (int) pt->len, bytesToHexString(bb)); 234 } else { 235 if (!bytesAreEqual(ct, bb)) { 236 diag("FAIL Encrypt Output %s\nEncrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(ct)); 237 return 1; 238 } 239 } 240 241 free(bb); 242 243 if((retval = CCCrypt(kCCDecrypt, alg, options, key->bytes, key->len, iv->bytes, cipherDataOut, dataOutMoved, plainDataOut, 4096, &dataOutMoved)) != kCCSuccess) { 244 diag("Decrypt Failed\n"); 245 return 1; 246 } 247 248 bb = bytesToBytes(plainDataOut, dataOutMoved); 249 250 if (!bytesAreEqual(pt, bb)) { 251 diag("FAIL Decrypt Output %s\nDecrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(pt)); 252 return 1; 253 } 254 255 // if(ct->bytes && iv->bytes) diag("PASS Test for length %d\n", (int) pt->len); 256 // if(ct && (iv->bytes == NULL)) diag("PASS NULL IV Test for length %d\n", (int) pt->len); 257 258 free(pt); 259 free(ct); 260 free(key); 261 free(iv); 262 return 0; 263} 264 265 266 267 268int 269CCMultiCryptTestCase(char *keyStr, char *ivStr, CCAlgorithm alg, CCOptions options, char *cipherText, char *plainText) 270{ 271 byteBuffer key, iv; 272 byteBuffer pt, ct; 273 274 275 CCCryptorStatus retval; 276 char cipherDataOut[4096]; 277 char plainDataOut[4096]; 278 size_t dataOutMoved; 279 byteBuffer bb; 280 281 key = hexStringToBytes(keyStr); 282 pt = ccConditionalTextBuffer(plainText); 283 ct = ccConditionalTextBuffer(cipherText); 284 iv = ccConditionalTextBuffer(ivStr); 285 286 287 if((retval = CCMultiCrypt(kCCEncrypt, alg, options, key->bytes, key->len, iv->bytes, pt->bytes, pt->len, cipherDataOut, 4096, &dataOutMoved)) != kCCSuccess) { 288 diag("Encrypt Failed\n"); 289 return 1; 290 } 291 292 bb = bytesToBytes(cipherDataOut, dataOutMoved); 293 294 // If ct isn't defined we're gathering data - print the ciphertext result 295 if(!ct->bytes) { 296 diag("Input Length %d Result: %s\n", (int) pt->len, bytesToHexString(bb)); 297 } else { 298 if (!bytesAreEqual(ct, bb)) { 299 diag("FAIL Encrypt Output %s\nEncrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(ct)); 300 return 1; 301 } 302 } 303 304 free(bb); 305 306 if((retval = CCMultiCrypt(kCCDecrypt, alg, options, key->bytes, key->len, iv->bytes, cipherDataOut, dataOutMoved, plainDataOut, 4096, &dataOutMoved)) != kCCSuccess) { 307 diag("Decrypt Failed\n"); 308 return 1; 309 } 310 311 bb = bytesToBytes(plainDataOut, dataOutMoved); 312 313 if (!bytesAreEqual(pt, bb)) { 314 diag("FAIL Decrypt Output %s\nDecrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(pt)); 315 return 1; 316 } 317 318 // if(ct && iv->bytes) diag("PASS Test for length %d\n", (int) pt->len); 319 // if(ct && (iv->bytes == NULL)) diag("PASS NULL IV Test for length %d\n", (int) pt->len); 320 321 free(pt); 322 free(ct); 323 free(key); 324 free(iv); 325 return 0; 326} 327 328 329 330 331int 332CCModeTestCase(char *keyStr, char *ivStr, CCMode mode, CCAlgorithm alg, CCPadding padding, char *cipherText, char *plainText) 333#ifdef CRYPTORWITHMODE 334{ 335 byteBuffer key, iv; 336 byteBuffer pt, ct; 337 338 CCCryptorStatus retval; 339 char cipherDataOut[4096]; 340 char plainDataOut[4096]; 341 size_t dataOutMoved; 342 byteBuffer bb; 343 344 key = hexStringToBytes(keyStr); 345 pt = ccConditionalTextBuffer(plainText); 346 ct = ccConditionalTextBuffer(cipherText); 347 iv = ccConditionalTextBuffer(ivStr); 348 349 if((retval = CCCryptWithMode(kCCEncrypt, mode, alg, padding, iv->bytes, key->bytes, key->len, NULL, 0, 0, 0, pt->bytes, pt->len, 350 cipherDataOut, 4096, &dataOutMoved)) != kCCSuccess) { 351 diag("Encrypt Failed\n"); 352 return 1; 353 } 354 355 bb = bytesToBytes(cipherDataOut, dataOutMoved); 356 357 // If ct isn't defined we're gathering data - print the ciphertext result 358 if(!ct->bytes) { 359 diag("Input Length %d Result: %s\n", (int) pt->len, bytesToHexString(bb)); 360 } else { 361 if (!bytesAreEqual(ct, bb)) { 362 diag("FAIL\nEncrypt Output %s\nEncrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(ct)); 363 return 1; 364 } 365 } 366 367 free(bb); 368 369 if((retval = CCCryptWithMode(kCCDecrypt, mode, alg, padding, iv->bytes, key->bytes, key->len, NULL, 0, 0, 0, cipherDataOut, dataOutMoved, 370 plainDataOut, 4096, &dataOutMoved)) != kCCSuccess) { 371 diag("Decrypt Failed\n"); 372 return 1; 373 } 374 375 bb = bytesToBytes(plainDataOut, dataOutMoved); 376 377 if (!bytesAreEqual(pt, bb)) { 378 diag("FAIL Decrypt Output %s\nDecrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(pt)); 379 return 1; 380 } 381 382 // if(ct->bytes && iv->bytes) diag("PASS Test for length %d\n", (int) pt->len); 383 // if(ct->bytes && (iv->bytes == NULL)) diag("PASS NULL IV Test for length %d\n", (int) pt->len); 384 385 free(pt); 386 free(ct); 387 free(key); 388 free(iv); 389 return 0; 390} 391#else 392{ 393 return 0; 394} 395#endif 396 397 398 399 400int 401CCMultiModeTestCase(char *keyStr, char *ivStr, CCMode mode, CCAlgorithm alg, CCPadding padding, char *cipherText, char *plainText) 402#ifdef CRYPTORWITHMODE 403{ 404 byteBuffer key, iv; 405 byteBuffer pt, ct; 406 CCCryptorStatus retval; 407 char cipherDataOut[4096]; 408 char plainDataOut[4096]; 409 size_t dataOutMoved; 410 byteBuffer bb; 411 412 key = hexStringToBytes(keyStr); 413 pt = ccConditionalTextBuffer(plainText); 414 ct = ccConditionalTextBuffer(cipherText); 415 iv = ccConditionalTextBuffer(ivStr); 416 417 if((retval = CCMultiCryptWithMode(kCCEncrypt, mode, alg, padding, iv->bytes,key->bytes, key->len, NULL, 0,0, 0, pt->bytes, pt->len, 418 cipherDataOut, 4096, &dataOutMoved)) != kCCSuccess) { 419 diag("Encrypt Failed\n"); 420 return 1; 421 } 422 423 bb = bytesToBytes(cipherDataOut, dataOutMoved); 424 425 // If ct isn't defined we're gathering data - print the ciphertext result 426 if(!ct->bytes) { 427 diag("Input Length %d Result: %s\n", (int) pt->len, bytesToHexString(bb)); 428 } else { 429 if (!bytesAreEqual(ct, bb)) { 430 diag("FAIL\nEncrypt Output %s\nEncrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(ct)); 431 return 1; 432 } 433 } 434 435 free(bb); 436 437 if((retval = CCMultiCryptWithMode(kCCEncrypt, mode, alg, padding, iv->bytes, key->bytes, key->len, NULL, 0, 0, 0, 438 cipherDataOut, dataOutMoved, plainDataOut, 4096, &dataOutMoved)) != kCCSuccess) { 439 diag("Decrypt Failed\n"); 440 return 1; 441 } 442 443 bb = bytesToBytes(plainDataOut, dataOutMoved); 444 445 if (!bytesAreEqual(pt, bb)) { 446 diag("FAIL Decrypt Output %s\nDecrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(pt)); 447 return 1; 448 } 449 450 // if(ct && iv->bytes) diag("PASS Test for length %d\n", (int) pt->len); 451 // if(ct && (iv->bytes == NULL)) diag("PASS NULL IV Test for length %d\n", (int) pt->len); 452 453 free(pt); 454 free(ct); 455 free(key); 456 free(iv); 457 return 0; 458} 459#else 460{ 461 return kCCSuccess; 462} 463#endif 464 465#ifdef CCSYMGCM 466 467static CCCryptorStatus 468CCCryptorGCMDiscreet( 469 CCOperation op, /* kCCEncrypt, kCCDecrypt */ 470 CCAlgorithm alg, 471 const void *key, /* raw key material */ 472 size_t keyLength, 473 const void *iv, 474 size_t ivLen, 475 const void *aData, 476 size_t aDataLen, 477 const void *dataIn, 478 size_t dataInLength, 479 void *dataOut, 480 const void *tag, 481 size_t *tagLength) 482{ 483 CCCryptorStatus retval; 484 CCCryptorRef cref; 485 486 retval = CCCryptorCreateWithMode(op, kCCModeGCM, alg, ccNoPadding, NULL, key, keyLength, NULL, 0, 0, 0, &cref); 487 if(retval != kCCSuccess) return retval; 488 489 retval = CCCryptorGCMAddIV(cref, iv, ivLen); 490 if(retval != kCCSuccess) { 491 printf("Failed to add IV\n"); 492 goto out; 493 } 494 495 retval = CCCryptorGCMaddAAD(cref, aData, aDataLen); 496 if(retval != kCCSuccess) { 497 printf("Failed to add ADD\n"); 498 goto out; 499 } 500 501 502 if(kCCEncrypt == op) { 503 retval = CCCryptorGCMEncrypt(cref, dataIn, dataInLength, dataOut); 504 if(retval != kCCSuccess) { 505 printf("Failed to Encrypt\n"); 506 goto out; 507 } 508 } else { 509 retval = CCCryptorGCMDecrypt(cref, dataIn, dataInLength, dataOut); 510 if(retval != kCCSuccess) { 511 printf("Failed to Decrypt\n"); 512 goto out; 513 } 514 } 515 516 517 retval = CCCryptorGCMFinal(cref, tag, tagLength); 518 if(retval != kCCSuccess) { 519 printf("Failed to Finalize and get tag\n"); 520 goto out; 521 } 522 retval = CCCryptorGCMReset(cref); 523 if(retval != kCCSuccess) { 524 printf("Failed to Reset\n"); 525 } 526 527 528out: 529 530 CCCryptorRelease(cref); 531 return retval; 532} 533 534 535int 536CCCryptorGCMTestCase(char *keyStr, char *ivStr, char *aDataStr, char *tagStr, CCAlgorithm alg, char *cipherText, char *plainText) 537{ 538 byteBuffer key, iv; 539 byteBuffer pt, ct; 540 byteBuffer adata, tag; 541 byteBuffer bb; 542 543 544 CCCryptorStatus retval; 545 char cipherDataOut[4096]; 546 char plainDataOut[4096]; 547 char tagDataOut[4096]; 548 size_t tagDataOutlen; 549 size_t dataLen; 550 551 552 key = hexStringToBytes(keyStr); 553 adata = ccConditionalTextBuffer(aDataStr); 554 tag = hexStringToBytes(tagStr); 555 pt = ccConditionalTextBuffer(plainText); 556 ct = ccConditionalTextBuffer(cipherText); 557 iv = ccConditionalTextBuffer(ivStr); 558 559 dataLen = pt->len; 560 561 tagDataOutlen = tag->len; 562 memset(tagDataOut, 0, 16); 563 if((retval = CCCryptorGCM(kCCEncrypt, alg, key->bytes, key->len, iv->bytes, iv->len, adata->bytes, adata->len, pt->bytes, dataLen, cipherDataOut, tagDataOut, &tagDataOutlen)) != kCCSuccess) { 564 diag("Encrypt Failed\n"); 565 return 1; 566 } 567 568 bb = bytesToBytes(cipherDataOut, dataLen); 569 570 // If ct isn't defined we're gathering data - print the ciphertext result 571 if(!ct->bytes) { 572 diag("Input Length %d Result: %s\n", (int) dataLen, bytesToHexString(bb)); 573 } else { 574 if (!bytesAreEqual(ct, bb)) { 575 diag("FAIL Encrypt Output %s\nEncrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(ct)); 576 return 1; 577 } 578 } 579 580 free(bb); 581#if NEVER 582 bb = bytesToBytes(tagDataOut, tagDataOutlen); 583 if (!bytesAreEqual(tag, bb)) { 584 diag("FAIL Tag on plaintext is wrong\n got %s\n expected %s\n", bytesToHexString(bb), bytesToHexString(tag)); 585 return 1; 586 } 587#endif 588 589 tagDataOutlen = tag->len; 590 memset(tagDataOut, 0, 16); 591 if((retval = CCCryptorGCM(kCCDecrypt, alg, key->bytes, key->len, iv->bytes, iv->len, adata->bytes, adata->len, cipherDataOut, dataLen, plainDataOut, tagDataOut, &tagDataOutlen)) != kCCSuccess) { 592 diag("Decrypt Failed\n"); 593 return 1; 594 } 595 596 bb = bytesToBytes(plainDataOut, dataLen); 597 598 if (!bytesAreEqual(pt, bb)) { 599 diag("FAIL Decrypt Output %s\nDecrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(pt)); 600 return 1; 601 } 602 603 free(bb); 604 605 bb = bytesToBytes(tagDataOut, tagDataOutlen); 606 if (!bytesAreEqual(tag, bb)) { 607 diag("FAIL Tag on ciphertext is wrong\n got %s\n expected %s\n", bytesToHexString(bb), bytesToHexString(tag)); 608 return 1; 609 } 610 611 free(bb); 612 free(pt); 613 free(ct); 614 free(key); 615 free(iv); 616 // diag("Pass One-Shot GCM Test\n"); 617 return 0; 618} 619 620int 621CCCryptorGCMDiscreetTestCase(char *keyStr, char *ivStr, char *aDataStr, char *tagStr, CCAlgorithm alg, char *cipherText, char *plainText) 622{ 623 byteBuffer key, iv; 624 byteBuffer pt, ct; 625 byteBuffer adata, tag; 626 byteBuffer bb; 627 628 629 CCCryptorStatus retval; 630 char cipherDataOut[4096]; 631 char plainDataOut[4096]; 632 char tagDataOut[4096]; 633 size_t tagDataOutlen; 634 size_t dataLen; 635 636 637 key = hexStringToBytes(keyStr); 638 adata = ccConditionalTextBuffer(aDataStr); 639 tag = hexStringToBytes(tagStr); 640 pt = ccConditionalTextBuffer(plainText); 641 ct = ccConditionalTextBuffer(cipherText); 642 iv = ccConditionalTextBuffer(ivStr); 643 644 dataLen = pt->len; 645 646 tagDataOutlen = tag->len; 647 memset(tagDataOut, 0, 4096); 648 if((retval = CCCryptorGCMDiscreet(kCCEncrypt, alg, key->bytes, key->len, iv->bytes, iv->len, adata->bytes, adata->len, pt->bytes, dataLen, cipherDataOut, tagDataOut, &tagDataOutlen)) != kCCSuccess) { 649 diag("Encrypt Failed\n"); 650 return 1; 651 } 652 653 bb = bytesToBytes(cipherDataOut, dataLen); 654 655 // If ct isn't defined we're gathering data - print the ciphertext result 656 if(!ct->bytes) { 657 diag("Input Length %d Result: %s\n", (int) dataLen, bytesToHexString(bb)); 658 } else { 659 if (!bytesAreEqual(ct, bb)) { 660 diag("FAIL Encrypt Output %s\nEncrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(ct)); 661 return 1; 662 } 663 } 664 665 free(bb); 666 667#ifdef NEVER 668 bb = bytesToBytes(tagDataOut, tagDataOutlen); 669 if (!bytesAreEqual(tag, bb)) { 670 diag("FAIL Tag on plaintext is wrong\n got %s\n expected %s\n", bytesToHexString(bb), bytesToHexString(tag)); 671 return 1; 672 } 673#endif 674 675 tagDataOutlen = tag->len; 676 memset(tagDataOut, 0, 4096); 677 if((retval = CCCryptorGCMDiscreet(kCCDecrypt, alg, key->bytes, key->len, iv->bytes, iv->len, adata->bytes, adata->len, cipherDataOut, dataLen, plainDataOut, tagDataOut, &tagDataOutlen)) != kCCSuccess) { 678 diag("Decrypt Failed\n"); 679 return 1; 680 } 681 682 bb = bytesToBytes(plainDataOut, dataLen); 683 684 if (!bytesAreEqual(pt, bb)) { 685 diag("FAIL Decrypt Output %s\nDecrypt Expect %s\n", bytesToHexString(bb), bytesToHexString(pt)); 686 return 1; 687 } 688 689 free(bb); 690 691 bb = bytesToBytes(tagDataOut, tagDataOutlen); 692 if (!bytesAreEqual(tag, bb)) { 693 diag("FAIL Tag on ciphertext is wrong\n got %s\n expected %s\n", bytesToHexString(bb), bytesToHexString(tag)); 694 return 1; 695 } 696 697 free(bb); 698 free(pt); 699 free(ct); 700 free(key); 701 free(iv); 702 // diag("Pass Discreet GCM Test\n"); 703 704 return 0; 705} 706 707#endif 708