Add test vectors for CTR and GCM

Author: MatthiasValvekens

tests/test_aes.py

@@ -611,3 +611,136 @@ def test_encrypt_ctr_nonce_mismatch(self):
             crypttext, mechanism=Mechanism.AES_CTR, mechanism_param=CTRParams(b"1" * 12)
         )
         self.assertNotEqual(data, text)
+
+    @parameterized.expand(
+        [
+            (
+                "ae6852f8121067cc4bf7a5765577f39e",
+                b"Single block msg",
+                "00000030",
+                "0000000000000000",
+                "e4095d4fb7a7b3792d6175a3261311b8",
+            ),
+            (
+                "7e24067817fae0d743d6ce1f32539163",
+                bytes(range(0x20)),
+                "006cb6db",
+                "c0543b59da48d90b",
+                "5104a106168a72d9790d41ee8edad388eb2e1efc46da57c8fce630df9141be28",
+            ),
+            (
+                "7691be035e5020a8ac6e618529f9a0dc",
+                bytes(range(0x24)),
+                "00e0017b",
+                "27777f3f4a1786f0",
+                "c1cf48a89f2ffdd9cf4652e9efdb72d74540a42bde6d7836d59a5ceaaef3105325b2072f",
+            ),
+            (
+                "16af5b145fc9f579c175f93e3bfb0eed863d06ccfdb78515",
+                b"Single block msg",
+                "00000048",
+                "36733c147d6d93cb",
+                "4b55384fe259c9c84e7935a003cbe928",
+            ),
+            (
+                "7c5cb2401b3dc33c19e7340819e0f69c678c3db8e6f6a91a",
+                bytes(range(0x20)),
+                "0096b03b",
+                "020c6eadc2cb500d",
+                "453243fc609b23327edfaafa7131cd9f8490701c5ad4a79cfc1fe0ff42f4fb00",
+            ),
+            (
+                "02bf391ee8ecb159b959617b0965279bf59b60a786d3e0fe",
+                bytes(range(0x24)),
+                "0007bdfd",
+                "5cbd60278dcc0912",
+                "96893fc55e5c722f540b7dd1ddf7e758d288bc95c69165884536c811662f2188abee0935",
+            ),
+            (
+                "776beff2851db06f4c8a0542c8696f6c6a81af1eec96b4d37fc1d689e6c1c104",
+                b"Single block msg",
+                "00000060",
+                "db5672c97aa8f0b2",
+                "145ad01dbf824ec7560863dc71e3e0c0",
+            ),
+            (
+                "f6d66d6bd52d59bb0796365879eff886c66dd51a5b6a99744b50590c87a23884",
+                bytes(range(0x20)),
+                "00faac24",
+                "c1585ef15a43d875",
+                "f05e231b3894612c49ee000b804eb2a9b8306b508f839d6a5530831d9344af1c",
+            ),
+        ]
+    )
+    # https://github.com/opencryptoki/opencryptoki/issues/881
+    @FIXME.opencryptoki
+    @requires(Mechanism.AES_CTR)
+    def test_aes_ctr_test_vector(self, key, plaintext, nonce, iv, expected_ciphertext):
+        """Official test vectors from RFC 3686"""
+        key = self.session.create_object(
+            {
+                pkcs11.Attribute.CLASS: pkcs11.ObjectClass.SECRET_KEY,
+                pkcs11.Attribute.KEY_TYPE: pkcs11.KeyType.AES,
+                pkcs11.Attribute.VALUE: bytes.fromhex(key),
+            }
+        )
+
+        params = CTRParams(bytes.fromhex(nonce) + bytes.fromhex(iv))
+        ciphertext = key.encrypt(plaintext, mechanism_param=params, mechanism=Mechanism.AES_CTR)
+        self.assertEqual(bytes.fromhex(expected_ciphertext), ciphertext)
+
+    @parameterized.expand(
+        [
+            (
+                "00000000000000000000000000000000",
+                "",
+                "",
+                "000000000000000000000000",
+                "",
+                "58e2fccefa7e3061367f1d57a4e7455a",
+            ),
+            (
+                "00000000000000000000000000000000",
+                "00000000000000000000000000000000",
+                "",
+                "000000000000000000000000",
+                "0388dace60b6a392f328c2b971b2fe78",
+                "ab6e47d42cec13bdf53a67b21257bddf",
+            ),
+            (
+                "feffe9928665731c6d6a8f9467308308",
+                "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
+                "",
+                "cafebabefacedbaddecaf888",
+                "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
+                "4d5c2af327cd64a62cf35abd2ba6fab4",
+            ),
+            (
+                "feffe9928665731c6d6a8f9467308308",
+                "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
+                "feedfacedeadbeeffeedfacedeadbeefabaddad2",
+                "cafebabefacedbaddecaf888",
+                "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
+                "5bc94fbc3221a5db94fae95ae7121a47",
+            ),
+        ],
+    )
+    @requires(Mechanism.AES_GCM)
+    def test_aes_gcm_test_vector(
+        self, key, plaintext, aad, nonce, expected_ciphertext, expected_tag
+    ):
+        """Some test vectors from McGrew-Viega"""
+        key = self.session.create_object(
+            {
+                pkcs11.Attribute.CLASS: pkcs11.ObjectClass.SECRET_KEY,
+                pkcs11.Attribute.KEY_TYPE: pkcs11.KeyType.AES,
+                pkcs11.Attribute.VALUE: bytes.fromhex(key),
+            }
+        )
+
+        params = GCMParams(nonce=bytes.fromhex(nonce), aad=bytes.fromhex(aad))
+        result = key.encrypt(
+            bytes.fromhex(plaintext), mechanism_param=params, mechanism=Mechanism.AES_GCM
+        )
+        expected_output = bytes.fromhex(expected_ciphertext) + bytes.fromhex(expected_tag)
+        self.assertEqual(expected_output, result)