Add GCM tests.
git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk@1817939 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/xsec/tools/xtest/xtest.cpp b/xsec/tools/xtest/xtest.cpp
index 209d739..8ea6cd9 100644
--- a/xsec/tools/xtest/xtest.cpp
+++ b/xsec/tools/xtest/xtest.cpp
@@ -128,10 +128,11 @@
// Global variables
// --------------------------------------------------------------------------------
-bool g_printDocs = false;
-bool g_useWinCAPI = false;
-bool g_useNSS = false;
+bool g_printDocs = false;
+bool g_useWinCAPI = false;
+bool g_useNSS = false;
bool g_haveAES = true;
+bool g_testGCM = true;
// --------------------------------------------------------------------------------
@@ -2091,17 +2092,47 @@
unitTestElementContentEncrypt(impl, ks->clone(), DSIGConstants::s_unicodeStrURIAES192_CBC, false);
unitTestElementContentEncrypt(impl, ks, DSIGConstants::s_unicodeStrURIAES192_CBC, true);
- // 256 AES
+ // 256 AES
ks = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_AES_256);
ks->setKey((unsigned char *) s_keyStr, 32);
cerr << "Unit testing AES 256 bit CBC encryption" << endl;
unitTestElementContentEncrypt(impl, ks->clone(), DSIGConstants::s_unicodeStrURIAES256_CBC, false);
unitTestElementContentEncrypt(impl, ks, DSIGConstants::s_unicodeStrURIAES256_CBC, true);
+
+ if (g_testGCM) {
+ // 128 AES-GCM
+ ks = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_AES_128);
+ ks->setKey((unsigned char *)s_keyStr, 16);
+
+ cerr << "Unit testing AES 128 bit GCM encryption" << endl;
+ unitTestElementContentEncrypt(impl, ks->clone(), DSIGConstants::s_unicodeStrURIAES128_GCM, false);
+ unitTestElementContentEncrypt(impl, ks, DSIGConstants::s_unicodeStrURIAES128_GCM, true);
+
+ //192 AES-GCM
+ ks = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_AES_192);
+ ks->setKey((unsigned char *)s_keyStr, 24);
+
+ cerr << "Unit testing AES 192 bit GCM encryption" << endl;
+ unitTestElementContentEncrypt(impl, ks->clone(), DSIGConstants::s_unicodeStrURIAES192_GCM, false);
+ unitTestElementContentEncrypt(impl, ks, DSIGConstants::s_unicodeStrURIAES192_GCM, true);
+
+ // 256 AES-GCM
+ ks = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_AES_256);
+ ks->setKey((unsigned char *)s_keyStr, 32);
+
+ cerr << "Unit testing AES 256 bit GCM encryption" << endl;
+ unitTestElementContentEncrypt(impl, ks->clone(), DSIGConstants::s_unicodeStrURIAES256_GCM, false);
+ unitTestElementContentEncrypt(impl, ks, DSIGConstants::s_unicodeStrURIAES256_GCM, true);
+ }
+ else {
+ cerr << "Skipped AES-GCM Element tests" << endl;
+ }
}
- else
- cerr << "Skipped AES Element tests" << endl;
+ else {
+ cerr << "Skipped AES Element tests" << endl;
+ }
// 192 3DES
ks = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_3DES_192);
@@ -2257,7 +2288,6 @@
XSECCryptoSymmetricKey * k2;
if (g_haveAES) {
-
k2 = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_AES_128);
k2->setKey((unsigned char *) s_keyStr, 16);
}
@@ -2265,7 +2295,6 @@
else {
k2 = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_3DES_192);
k2->setKey((unsigned char *) s_keyStr, 24);
-
}
cipher2->setKEK(k2);
@@ -2424,6 +2453,8 @@
cerr << " Only run basic encryption test\n\n";
cerr << " --encryption-unit-only/-u\n";
cerr << " Only run encryption unit tests\n\n";
+ cerr << " --no-gcm\n";
+ cerr << " Exclude AES-GCM tests\n\n";
}
// --------------------------------------------------------------------------------
// Main
@@ -2501,7 +2532,11 @@
doEncryptionUnitTests = false;
paramCount++;
}
-/* else if (stricmp(argv[paramCount], "--xkms-only") == 0 || stricmp(argv[paramCount], "-x") == 0) {
+ else if (_stricmp(argv[paramCount], "--no-gcm") == 0) {
+ g_testGCM = false;
+ paramCount++;
+ }
+ /* else if (stricmp(argv[paramCount], "--xkms-only") == 0 || stricmp(argv[paramCount], "-x") == 0) {
doEncryptionTest = false;
doSignatureTest = false;
doEncryptionUnitTests = false;