public void TestMaxInputLengthManaged()
{
var key = new byte[32];
var nonce = new byte[12];
var plaintext = new byte[0x7fffffc7];
var tag = new byte[16];
var empty = new byte[0];
using (var siv = new AesGcmSiv(key))
{
siv.Encrypt(nonce, plaintext, plaintext, tag);
Assert.Equal("b8f9d292c80c757ce0639ee04dba3ebd", Hex.Encode(tag));
siv.Decrypt(nonce, plaintext, tag, plaintext);
siv.Encrypt(nonce, empty, empty, tag, plaintext);
Assert.Equal("a6126fd232ed46bfa639cef6418b14fd", Hex.Encode(tag));
siv.Decrypt(nonce, empty, tag, empty, plaintext);
siv.Encrypt(nonce, plaintext, plaintext, tag, plaintext);
Assert.Equal("6d15c063e7c3d68db84201d887ddde46", Hex.Encode(tag));
siv.Decrypt(nonce, plaintext, tag, plaintext, plaintext);
Assert.True(plaintext.All(item => item == 0));
}
}
public void TestDecrypt()
{
var files = new string[]
{
Aes256GcmSiv,
Authentication1000,
CounterWrap,
Encryption1000,
RandomKeys10000
};
foreach (var vector in files.SelectMany(LoadVectors))
{
using (var siv = new AesGcmSiv(vector.Key))
{
TestDecryptSingle(siv, vector);
threshold.SetValue(siv, -1);
TestDecryptSingle(siv, vector);
threshold.SetValue(siv, Int32.MaxValue);
TestDecryptSingle(siv, vector);
}
}
}
private void TestEncryptSingle(AesGcmSiv siv, Vector vector)
{
var tag = new byte[16];
var ciphertext = new byte[vector.Plaintext.Length];
siv.Encrypt(vector.Nonce, vector.Plaintext, ciphertext, tag, vector.Aad);
Assert.Equal(Hex.Encode(vector.Result), Hex.Encode(Concat(ciphertext, tag)));
siv.Encrypt((ReadOnlySpan <byte>)vector.Nonce, vector.Plaintext, ciphertext, tag, vector.Aad);
Assert.Equal(Hex.Encode(vector.Result), Hex.Encode(Concat(ciphertext, tag)));
}
private void TestDecryptSingle(AesGcmSiv siv, Vector vector)
{
var ciphertext = new byte[vector.Plaintext.Length];
var tag = new byte[16];
Array.Copy(vector.Result, ciphertext, vector.Plaintext.Length);
Array.Copy(vector.Result, vector.Plaintext.Length, tag, 0, tag.Length);
siv.Decrypt(vector.Nonce, ciphertext, tag, ciphertext, vector.Aad);
Assert.Equal(Hex.Encode(vector.Plaintext), Hex.Encode(ciphertext));
Array.Copy(vector.Result, ciphertext, vector.Plaintext.Length);
Array.Copy(vector.Result, vector.Plaintext.Length, tag, 0, tag.Length);
siv.Decrypt((ReadOnlySpan <byte>)vector.Nonce, ciphertext, tag, ciphertext, vector.Aad);
Assert.Equal(Hex.Encode(vector.Plaintext), Hex.Encode(ciphertext));
}
public unsafe void TestMaxInputLengthUnmanaged()
{
var length = Int32.MaxValue;
var buffer = Marshal.AllocHGlobal(length);
try
{
var key = new byte[32];
var nonce = new byte[12];
var plaintext = new Span <byte>(buffer.ToPointer(), length);
var tag = new byte[16];
using (var siv = new AesGcmSiv(key))
{
siv.Encrypt(nonce, plaintext, plaintext, tag, default);
Assert.Equal("b8246fbcb073f59dbf963b46a19db688", Hex.Encode(tag));
siv.Decrypt(nonce, plaintext, tag, plaintext, default);
siv.Encrypt(nonce, default, default, tag, plaintext);
public void GlobalSetup()
{
key = new byte[32];
nonce = new byte[12];
plaintext = new byte[Size];
ciphertext = new byte[Size];
tag = new byte[16];
empty = new byte[0];
ciphertextGcm = new byte[Size];
ciphertextSiv = new byte[Size];
tagGcm = new byte[16];
tagSiv = new byte[16];
gcm = new AesGcm(key);
siv = new AesGcmSiv(key);
gcm.Encrypt(nonce, plaintext, ciphertextGcm, tagGcm);
siv.Encrypt(nonce, plaintext, ciphertextSiv, tagSiv);
}
public static void Main(string[] args)
{
// Plaintext to encrypt.
var plaintext = "I'm cooking MC's like a pound of bacon";
// Create a 32-byte key.
var key = new byte[32];
RandomNumberGenerator.Fill(key);
// Create a 12-byte nonce.
var nonce = new byte[12];
RandomNumberGenerator.Fill(nonce);
// Create a new AesGcmSiv instance. It implements the IDisposable
// interface, so it's best to create it inside using statement.
using (var siv = new AesGcmSiv(key))
{
// If the message is string, convert it to byte array first.
var bytes = Encoding.UTF8.GetBytes(plaintext);
// Encrypt the message.
var ciphertext = new byte[bytes.Length];
var tag = new byte[16];
siv.Encrypt(nonce, bytes, ciphertext, tag);
// To decrypt the message, call the Decrypt method with the
// ciphertext and the same nonce that you generated previously.
siv.Decrypt(nonce, ciphertext, tag, bytes);
// If the message was originally string,
// convert if from byte array to string.
plaintext = Encoding.UTF8.GetString(bytes);
// Print the decrypted message to the standard output.
Console.WriteLine(plaintext);
}
}
public void TestDecryptFailure()
{
var files = new string[]
{
Aes256GcmSiv,
Authentication1000,
CounterWrap,
Encryption1000,
RandomKeys10000
};
foreach (var vector in files.SelectMany(LoadVectors))
{
using (var siv = new AesGcmSiv(vector.Key))
{
var ciphertext = vector.Result.AsSpan(0, vector.Plaintext.Length);
var tag = vector.Result.AsSpan(vector.Plaintext.Length);
for (int i = 0; i < ciphertext.Length; ++i)
{
var value = ciphertext[i];
for (int j = 0; j < 8; ++j)
{
ciphertext[i] ^= (byte)(1 << j);
Assert.Throws <CryptographicException>(() => TestDecryptSingle(siv, vector));
ciphertext[i] ^= (byte)(1 << j);
Assert.Equal(value, ciphertext[i]);
}
}
for (int i = 0; i < vector.Aad.Length; ++i)
{
var value = vector.Aad[i];
for (int j = 0; j < 8; ++j)
{
vector.Aad[i] ^= (byte)(1 << j);
Assert.Throws <CryptographicException>(() => TestDecryptSingle(siv, vector));
vector.Aad[i] ^= (byte)(1 << j);
Assert.Equal(value, vector.Aad[i]);
}
}
for (int i = 0; i < tag.Length; ++i)
{
var value = tag[i];
for (int j = 0; j < 8; ++j)
{
tag[i] ^= (byte)(1 << j);
Assert.Throws <CryptographicException>(() => TestDecryptSingle(siv, vector));
tag[i] ^= (byte)(1 << j);
Assert.Equal(value, tag[i]);
}
}
}
}
}
