/* SK_ai/SK_ar used for integrity protection */
if (!proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &algo))
{
- this->logger->log(this->logger, ERROR|LEVEL2, "No integrity algoithm selected?!");
+ this->logger->log(this->logger, ERROR, "No integrity algoithm selected?!");
return FAILED;
}
if (this->signer_initiator != NULL)
this->signer_responder = signer_create(algo->algorithm);
if (this->signer_initiator == NULL || this->signer_responder == NULL)
{
- this->logger->log(this->logger, ERROR|LEVEL1,
+ this->logger->log(this->logger, ERROR,
"INTEGRITY_ALGORITHM %s not supported!",
mapping_find(integrity_algorithm_m,algo->algorithm));
return FAILED;
key_size = this->signer_initiator->get_key_size(this->signer_initiator);
prf_plus->allocate_bytes(prf_plus, key_size, &key);
- this->logger->log_chunk(this->logger, PRIVATE, "Sk_ai secret", key);
+ this->logger->log_chunk(this->logger, CONTROL|LEVEL1, "Sk_ai secret", key);
this->signer_initiator->set_key(this->signer_initiator, key);
chunk_free(&key);
prf_plus->allocate_bytes(prf_plus, key_size, &key);
- this->logger->log_chunk(this->logger, PRIVATE, "Sk_ar secret", key);
+ this->logger->log_chunk(this->logger, CONTROL|LEVEL1, "Sk_ar secret", key);
this->signer_responder->set_key(this->signer_responder, key);
chunk_free(&key);
/* SK_ei/SK_er used for encryption */
if (!proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &algo))
{
- this->logger->log(this->logger, ERROR|LEVEL2, "No encryption algoithm selected!?");
+ this->logger->log(this->logger, ERROR, "No encryption algoithm selected!?");
return FAILED;
}
if (this->crypter_initiator != NULL)
this->crypter_responder = crypter_create(algo->algorithm, algo->key_size / 8);
if (this->crypter_initiator == NULL || this->crypter_responder == NULL)
{
- this->logger->log(this->logger, ERROR|LEVEL1,
+ this->logger->log(this->logger, ERROR,
"ENCRYPTION_ALGORITHM %s (key size %d) not supported!",
mapping_find(encryption_algorithm_m, algo->algorithm),
algo->key_size);
chunk_free(&decrypted3);
crypter->destroy(crypter);
+
+ /**
+ * Test4: Own en-/decrypt test using AES-256
+ *
+ * PLAINTEXT: 00112233445566778899aabbccddeeff
+ * KEY: 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+ * INPUT: 00112233445566778899aabbccddeeff
+ * OUTPUT: 8ea2b7ca516745bfeafc49904b496089
+ */
+ u_int8_t key4[] = {
+ 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+ 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+ 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
+ 0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f
+ };
+ chunk_t key4_chunk = {ptr: key4, len : 32};
+ u_int8_t iv4[] = {
+ 0x8c,0xe8,0x2e,0xef,0xbe,0xa0,0xda,0x3c,
+ 0x44,0x69,0x9e,0xd7,0xdb,0x51,0xb7,0xd9
+ };
+ chunk_t iv4_chunk = {ptr: iv4, len : 16};
+ u_int8_t plaintext4[] = {
+ 0xa0,0xa1,0xa2,0xa3,0xa4,0xa5,0xa6,0xa7,
+ 0xa8,0xa9,0xaa,0xab,0xac,0xad,0xae,0xaf,
+ 0xb0,0xb1,0xb2,0xb3,0xb4,0xb5,0xb6,0xb7,
+ 0xb8,0xb9,0xba,0xbb,0xbc,0xbd,0xbe,0xbf,
+ 0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,0xc6,0xc7,
+ 0xc8,0xc9,0xca,0xcb,0xcc,0xcd,0xce,0xcf,
+ 0xd0,0xd1,0xd2,0xd3,0xd4,0xd5,0xd6,0xd7,
+ 0xd8,0xd9,0xda,0xdb,0xdc,0xdd,0xde,0xdf
+ };
+ chunk_t data4 = {ptr: plaintext4, len : 64};
+ chunk_t encrypted4;
+ chunk_t decrypted4;
+
+ crypter = (crypter_t *) aes_cbc_crypter_create(32);
+ tester->assert_true(tester, (crypter != NULL), "create call test");
+
+ tester->assert_true(tester, (crypter->set_key(crypter,key4_chunk) == SUCCESS), "set_key call test");
+
+ tester->assert_true(tester, (crypter->encrypt(crypter,data4,iv4_chunk,&encrypted4) == SUCCESS), "encrypt call test");
+
+ tester->assert_true(tester, (crypter->decrypt(crypter,encrypted4,iv4_chunk,&decrypted4) == SUCCESS), "decrypt call test");
+ chunk_free(&encrypted4);
+
+ logger->log_chunk(logger,RAW,"expected decrypted :", data4);
+ logger->log_chunk(logger,RAW,"decrypted :", decrypted4);
+ tester->assert_true(tester, (memcmp(decrypted4.ptr, plaintext4, 64) == 0), "decrypted value");
+
+ chunk_free(&decrypted4);
+ crypter->destroy(crypter);
+
+ /**
+ * Test4: Own en-/decrypt test using AES-192
+ *
+ * PLAINTEXT: 00112233445566778899aabbccddeeff
+ * KEY: 000102030405060708090a0b0c0d0e0f1011121314151617
+ * INPUT: 00112233445566778899aabbccddeeff
+ * OUTPUT: 8ea2b7ca516745bfeafc49904b496089
+ */
+ u_int8_t key5[] = {
+ 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+ 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+ 0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17
+ };
+ chunk_t key5_chunk = {ptr: key5, len : 24};
+ u_int8_t iv5[] = {
+ 0x8c,0xe8,0x2e,0xef,0xbe,0xa0,0xda,0x3c,
+ 0x44,0x69,0x9e,0xd7,0xdb,0x51,0xb7,0xd9
+ };
+ chunk_t iv5_chunk = {ptr: iv5, len : 16};
+ u_int8_t plaintext5[] = {
+ 0xa0,0xa1,0xa2,0xa3,0xa4,0xa5,0xa6,0xa7,
+ 0xa8,0xa9,0xaa,0xab,0xac,0xad,0xae,0xaf,
+ 0xb0,0xb1,0xb2,0xb3,0xb4,0xb5,0xb6,0xb7,
+ 0xb8,0xb9,0xba,0xbb,0xbc,0xbd,0xbe,0xbf,
+ 0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,0xc6,0xc7,
+ 0xc8,0xc9,0xca,0xcb,0xcc,0xcd,0xce,0xcf,
+ 0xd0,0xd1,0xd2,0xd3,0xd4,0xd5,0xd6,0xd7,
+ 0xd8,0xd9,0xda,0xdb,0xdc,0xdd,0xde,0xdf
+ };
+ chunk_t data5 = {ptr: plaintext5, len : 64};
+ chunk_t encrypted5;
+ chunk_t decrypted5;
+
+ crypter = (crypter_t *) aes_cbc_crypter_create(24);
+ tester->assert_true(tester, (crypter != NULL), "create call test");
+
+ tester->assert_true(tester, (crypter->set_key(crypter,key5_chunk) == SUCCESS), "set_key call test");
+
+ tester->assert_true(tester, (crypter->encrypt(crypter,data5,iv5_chunk,&encrypted5) == SUCCESS), "encrypt call test");
+
+ tester->assert_true(tester, (crypter->decrypt(crypter,encrypted5,iv5_chunk,&decrypted5) == SUCCESS), "decrypt call test");
+ chunk_free(&encrypted4);
+
+ logger->log_chunk(logger,RAW,"expected decrypted :", data5);
+ logger->log_chunk(logger,RAW,"decrypted :", decrypted5);
+ tester->assert_true(tester, (memcmp(decrypted5.ptr, plaintext5, 64) == 0), "decrypted value");
+
+ chunk_free(&decrypted5);
+ crypter->destroy(crypter);
}