test AEAD

microsoft · Sep 27, 2024 · 90a2ce1 · 90a2ce1
1 parent a98795c
commit 90a2ce1
Show file tree

Hide file tree

Showing 2 changed files with 424 additions and 0 deletions.
diff --git a/cng/aes_test.go b/cng/aes_test.go
@@ -409,6 +409,43 @@ func TestAESBlockMode(t *testing.T) {
 	}
 }
 
+// Test GCM against the general cipher.AEAD interface tester.
+func TestAESGCMAEAD(t *testing.T) {
+	minTagSize := 12
+
+	for _, keySize := range []int{128, 192, 256} {
+		// Use AES as underlying block cipher at different key sizes for GCM.
+		t.Run(fmt.Sprintf("AES-%d", keySize), func(t *testing.T) {
+			rng := newRandReader(t)
+
+			key := make([]byte, keySize/8)
+			rng.Read(key)
+
+			block, err := NewAESCipher(key)
+			if err != nil {
+				panic(err)
+			}
+
+			// Test GCM with the current AES block with the standard nonce and tag
+			// sizes.
+			cryptotest.TestAEAD(t, func() (cipher.AEAD, error) { return cipher.NewGCM(block) })
+
+			// Test non-standard tag sizes.
+			t.Run("MinTagSize", func(t *testing.T) {
+				cryptotest.TestAEAD(t, func() (cipher.AEAD, error) { return cipher.NewGCMWithTagSize(block, minTagSize) })
+			})
+
+			// Test non-standard nonce sizes.
+			for _, nonceSize := range []int{1, 16, 100} {
+				t.Run(fmt.Sprintf("NonceSize-%d", nonceSize), func(t *testing.T) {
+
+					cryptotest.TestAEAD(t, func() (cipher.AEAD, error) { return cipher.NewGCMWithNonceSize(block, nonceSize) })
+				})
+			}
+		})
+	}
+}
+
 func newRandReader(t *testing.T) io.Reader {
 	seed := time.Now().UnixNano()
 	t.Logf("Deterministic RNG seed: 0x%x", seed)