aboutsummaryrefslogtreecommitdiff
path: root/tests/test.c
diff options
context:
space:
mode:
Diffstat (limited to 'tests/test.c')
-rw-r--r--tests/test.c296
1 files changed, 236 insertions, 60 deletions
diff --git a/tests/test.c b/tests/test.c
index 6e3851e..e8b064b 100644
--- a/tests/test.c
+++ b/tests/test.c
@@ -101,6 +101,10 @@ static int InitKepair(const NCContext* context, NCSecretKey* secKey, NCPublicKey
static int TestKnownKeys(const NCContext* context);
static int TestCorrectEncryption(const NCContext* context);
+#ifdef NC_ENABLE_UTILS
+static int TestUtilFunctions(const NCContext * libCtx);
+#endif
+
#ifndef NC_INPUT_VALIDATION_OFF
static int TestPublicApiArgumentValidation(void);
#endif
@@ -167,6 +171,13 @@ static int RunTests(void)
return 1;
}
+#ifdef NC_ENABLE_UTILS
+ if (TestUtilFunctions(ctx) != 0)
+ {
+ return 1;
+ }
+#endif
+
TEST(NCDestroyContext(ctx), NC_SUCCESS)
PRINTL("\nSUCCESS All tests passed")
@@ -202,7 +213,7 @@ static int TestEcdsa(const NCContext* context, NCSecretKey* secKey, NCPublicKey*
uint8_t sigEntropy[32];
uint8_t invalidSig[64];
- HexBytes* digestHex;
+ span_t digestHex;
PRINTL("TEST: Ecdsa")
@@ -216,8 +227,8 @@ static int TestEcdsa(const NCContext* context, NCSecretKey* secKey, NCPublicKey*
/* Test signing just the message digest */
{
uint8_t sig[64];
- TEST(NCSignDigest(context, secKey, sigEntropy, digestHex->data, sig), NC_SUCCESS);
- TEST(NCVerifyDigest(context, pubKey, digestHex->data, sig), NC_SUCCESS);
+ TEST(NCSignDigest(context, secKey, sigEntropy, digestHex.data, sig), NC_SUCCESS);
+ TEST(NCVerifyDigest(context, pubKey, digestHex.data, sig), NC_SUCCESS);
}
/* Sign and verify the raw message */
@@ -234,7 +245,7 @@ static int TestEcdsa(const NCContext* context, NCSecretKey* secKey, NCPublicKey*
/* Ensure operations succeed but dont print them as test cases */
ENSURE(NCSignData(context, secKey, sigEntropy, (uint8_t*)message, strlen32(message), sig1) == NC_SUCCESS);
- ENSURE(NCSignDigest(context, secKey, sigEntropy, digestHex->data, sig2) == NC_SUCCESS);
+ ENSURE(NCSignDigest(context, secKey, sigEntropy, digestHex.data, sig2) == NC_SUCCESS);
/* Perform test */
TEST(memcmp(sig1, sig2, 64), 0);
@@ -245,18 +256,18 @@ static int TestEcdsa(const NCContext* context, NCSecretKey* secKey, NCPublicKey*
uint8_t sig[64];
ENSURE(NCSignData(context, secKey, sigEntropy, (uint8_t*)message, strlen32(message), sig) == NC_SUCCESS);
- TEST(NCVerifyDigest(context, pubKey, digestHex->data, sig), NC_SUCCESS);
+ TEST(NCVerifyDigest(context, pubKey, digestHex.data, sig), NC_SUCCESS);
/* Now invert test, zero signature to ensure its overwritten */
ZERO_FILL(sig, sizeof(sig));
- ENSURE(NCSignDigest(context, secKey, sigEntropy, digestHex->data, sig) == NC_SUCCESS);
+ ENSURE(NCSignDigest(context, secKey, sigEntropy, digestHex.data, sig) == NC_SUCCESS);
TEST(NCVerifyData(context, pubKey, (uint8_t*)message, strlen32(message), sig), NC_SUCCESS);
}
/* test verification of invalid signature */
{
- TEST(NCVerifyDigest(context, pubKey, digestHex->data, invalidSig), E_INVALID_ARG);
+ TEST(NCVerifyDigest(context, pubKey, digestHex.data, invalidSig), E_INVALID_ARG);
}
PRINTL("\nPASSED: Ecdsa tests completed")
@@ -273,80 +284,86 @@ static int TestPublicApiArgumentValidation()
NCSecretKey secKey;
NCPublicKey pubKey;
uint8_t hmacKeyOut[NC_HMAC_KEY_SIZE];
- uint8_t nonce[NC_ENCRYPTION_NONCE_SIZE];
+ uint8_t nonce[NC_NIP44_IV_SIZE];
NCEncryptionArgs cryptoData;
+ PRINTL("TEST: Public API argument validation tests")
+
{
+ TEST(NCEncryptionGetIvSize(NC_ENC_VERSION_NIP44), sizeof(nonce));
+
/*
* Test arguments for encryption properties
*/
uint8_t testBuff32[32];
- TEST(NCSetEncryptionProperty(NULL, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP44), ARG_ERROR_POS_0)
- TEST(NCSetEncryptionProperty(&cryptoData, 0, 1), E_INVALID_ARG)
+ TEST(NCEncryptionSetProperty(NULL, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP04), ARG_ERROR_POS_0)
+ TEST(NCEncryptionSetProperty(&cryptoData, 0, 1), E_INVALID_ARG)
- TEST(NCSetEncryptionData(NULL, zero32, sig64, sizeof(zero32)), ARG_ERROR_POS_0)
- TEST(NCSetEncryptionData(&cryptoData, NULL, sig64, sizeof(zero32)), ARG_ERROR_POS_1)
- TEST(NCSetEncryptionData(&cryptoData, zero32, NULL, sizeof(zero32)), ARG_ERROR_POS_2)
- TEST(NCSetEncryptionData(&cryptoData, zero32, sig64, 0), ARG_RANGE_ERROR_POS_3)
+ TEST(NCEncryptionSetData(NULL, zero32, sig64, sizeof(zero32)), ARG_ERROR_POS_0)
+ TEST(NCEncryptionSetData(&cryptoData, NULL, sig64, sizeof(zero32)), ARG_ERROR_POS_1)
+ TEST(NCEncryptionSetData(&cryptoData, zero32, NULL, sizeof(zero32)), ARG_ERROR_POS_2)
+ TEST(NCEncryptionSetData(&cryptoData, zero32, sig64, 0), ARG_RANGE_ERROR_POS_3)
- /* Setting any version specific value should fail */
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_NONCE, nonce, sizeof(nonce)), E_VERSION_NOT_SUPPORTED)
+ /* Setting the IV should fail because a version is not set*/
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, nonce, sizeof(nonce)), E_VERSION_NOT_SUPPORTED);
/* Set to nip44 to continue nip44 tests */
- TEST(NCSetEncryptionProperty(&cryptoData, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP44), NC_SUCCESS)
-
- TEST(NCSetEncryptionPropertyEx(&cryptoData, 0, nonce, sizeof(nonce)), E_INVALID_ARG)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_NONCE, NULL, sizeof(nonce)), ARG_ERROR_POS_2)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_NONCE, nonce, 0), ARG_RANGE_ERROR_POS_3)
- /* Nonce size should fail if smaller than the required nonce size */
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_NONCE, nonce, NC_ENCRYPTION_NONCE_SIZE - 1), ARG_RANGE_ERROR_POS_3)
-
- TEST(NCSetEncryptionPropertyEx(&cryptoData, 0, hmacKeyOut, sizeof(hmacKeyOut)), E_INVALID_ARG)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, NULL, sizeof(hmacKeyOut)), ARG_ERROR_POS_2)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, hmacKeyOut, 0), ARG_RANGE_ERROR_POS_3)
+ TEST(NCEncryptionSetProperty(&cryptoData, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP44), NC_SUCCESS)
+
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, 0, nonce, sizeof(nonce)), E_INVALID_ARG)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, NULL, sizeof(nonce)), ARG_ERROR_POS_2)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, nonce, 0), ARG_RANGE_ERROR_POS_3)
+ /* Nonce size should fail if not exactly the required nonce size */
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, nonce, NC_NIP44_IV_SIZE - 1), ARG_RANGE_ERROR_POS_3)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, nonce, NC_NIP44_IV_SIZE + 1), ARG_RANGE_ERROR_POS_3)
+
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, 0, hmacKeyOut, sizeof(hmacKeyOut)), E_INVALID_ARG)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, NULL, sizeof(hmacKeyOut)), ARG_ERROR_POS_2)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, hmacKeyOut, 0), ARG_RANGE_ERROR_POS_3)
/* Key size should fail if smaller than the required nip44 key size */
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, hmacKeyOut, NC_HMAC_KEY_SIZE - 1), ARG_RANGE_ERROR_POS_3)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, hmacKeyOut, NC_HMAC_KEY_SIZE - 1), ARG_RANGE_ERROR_POS_3)
+
/* Test for nip04 */
/* Any nip04 specific properties should fail since nip44 has already been set */
-
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP04_IV, testBuff32, sizeof(testBuff32)), E_VERSION_NOT_SUPPORTED)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP04_KEY, testBuff32, sizeof(testBuff32)), E_VERSION_NOT_SUPPORTED)
+
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP04_KEY, testBuff32, sizeof(testBuff32)), E_VERSION_NOT_SUPPORTED)
/* Set to nip04 to continue nip04 tests */
- ENSURE(NCSetEncryptionProperty(&cryptoData, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP04) == NC_SUCCESS)
+ ENSURE(NCEncryptionSetProperty(&cryptoData, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP04) == NC_SUCCESS)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP04_IV, NULL, sizeof(testBuff32)), ARG_ERROR_POS_2)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP04_IV, testBuff32, 0), ARG_RANGE_ERROR_POS_3)
- /* IV size should fail if smaller than IV */
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP04_IV, testBuff32, NC_NIP04_AES_IV_SIZE - 1), ARG_RANGE_ERROR_POS_3)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, NULL, sizeof(testBuff32)), ARG_ERROR_POS_2)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, testBuff32, 0), ARG_RANGE_ERROR_POS_3)
+ /* IV size should fail if not exact size IV for the version */
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, testBuff32, NC_NIP04_IV_SIZE - 1), ARG_RANGE_ERROR_POS_3)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, testBuff32, NC_NIP04_IV_SIZE + 1), ARG_RANGE_ERROR_POS_3)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP04_KEY, NULL, sizeof(testBuff32)), ARG_ERROR_POS_2)
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP04_KEY, testBuff32, 0), ARG_RANGE_ERROR_POS_3)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP04_KEY, NULL, sizeof(testBuff32)), ARG_ERROR_POS_2)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP04_KEY, testBuff32, 0), ARG_RANGE_ERROR_POS_3)
/* Key size should fail if smaller than the required nip04 key size */
- TEST(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP04_KEY, testBuff32, NC_NIP04_AES_KEY_SIZE - 1), ARG_RANGE_ERROR_POS_3)
+ TEST(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP04_KEY, testBuff32, NC_NIP04_AES_KEY_SIZE - 1), ARG_RANGE_ERROR_POS_3)
}
- ENSURE(NCSetEncryptionProperty(&cryptoData, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP44) == NC_SUCCESS);
- ENSURE(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_NONCE, nonce, sizeof(nonce)) == NC_SUCCESS);
- ENSURE(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, hmacKeyOut, sizeof(hmacKeyOut)) == NC_SUCCESS);
+ /* Prep the crypto structure for proper usage */
+ ENSURE(NCEncryptionSetProperty(&cryptoData, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP44) == NC_SUCCESS);
+ ENSURE(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, nonce, sizeof(nonce)) == NC_SUCCESS);
+ ENSURE(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, hmacKeyOut, sizeof(hmacKeyOut)) == NC_SUCCESS);
/* Assign the encryption material */
- ENSURE(NCSetEncryptionData(&cryptoData, zero32, sig64, sizeof(zero32)) == NC_SUCCESS);
+ ENSURE(NCEncryptionSetData(&cryptoData, zero32, sig64, sizeof(zero32)) == NC_SUCCESS);
- PRINTL("TEST: Public API argument validation tests")
FillRandomData(ctxRandom, 32);
FillRandomData(nonce, sizeof(nonce));
/*
* Alloc context structure on the heap before use.
- * THIS WILL LEAK IN THE CURRENT CONFIG ALWAYS FEE UNDER NORMAL CONDITIONS
+ * THIS WILL LEAK IN THE CURRENT CONFIG ALWAYS FREE UNDER NORMAL CONDITIONS
*/
ctx = (NCContext*)malloc(NCGetContextStructSize());
TASSERT(ctx != NULL)
@@ -378,7 +395,7 @@ static int TestPublicApiArgumentValidation()
TEST(NCValidateSecretKey(NULL, &secKey), ARG_ERROR_POS_0)
TEST(NCValidateSecretKey(ctx, NULL), ARG_ERROR_POS_1)
/* Should fail with a zero key */
- TEST(NCValidateSecretKey(ctx, NCToSecKey(zero32)), E_OPERATION_FAILED)
+ TEST(NCValidateSecretKey(ctx, NCByteCastToSecretKey(zero32)), E_OPERATION_FAILED)
/*Verify sig64 args test*/
TEST(NCVerifyDigest(NULL, &pubKey, zero32, sig64), ARG_ERROR_POS_0)
@@ -491,7 +508,7 @@ static int TestPublicApiArgumentValidation()
static int TestKnownKeys(const NCContext* context)
{
NCPublicKey pubKey;
- HexBytes* secKey1, * pubKey1, * secKey2, * pubKey2;
+ span_t secKey1, pubKey1, secKey2, pubKey2;
PRINTL("TEST: Known keys")
@@ -502,18 +519,18 @@ static int TestKnownKeys(const NCContext* context)
pubKey2 = FromHexString("421181660af5d39eb95e48a0a66c41ae393ba94ffeca94703ef81afbed724e5a", sizeof(NCPublicKey));
/*Test known keys*/
- TEST(NCValidateSecretKey(context, NCToSecKey(secKey1->data)), NC_SUCCESS);
+ TEST(NCValidateSecretKey(context, NCByteCastToSecretKey(secKey1.data)), NC_SUCCESS);
/* Recover a public key from secret key 1 */
- TEST(NCGetPublicKey(context, NCToSecKey(secKey1->data), &pubKey), NC_SUCCESS);
+ TEST(NCGetPublicKey(context, NCByteCastToSecretKey(secKey1.data), &pubKey), NC_SUCCESS);
/* Ensure the public key matches the known public key value */
- TEST(memcmp(pubKey1->data, &pubKey, sizeof(pubKey)), 0);
+ TEST(memcmp(pubKey1.data, &pubKey, sizeof(pubKey)), 0);
/* Repeat with second key */
- TEST(NCValidateSecretKey(context, (NCSecretKey*)secKey2->data), NC_SUCCESS);
- TEST(NCGetPublicKey(context, (NCSecretKey*)secKey2->data, &pubKey), NC_SUCCESS);
- TEST(memcmp(pubKey2->data, &pubKey, sizeof(pubKey)), 0);
+ TEST(NCValidateSecretKey(context, NCByteCastToSecretKey(secKey2.data)), NC_SUCCESS);
+ TEST(NCGetPublicKey(context, NCByteCastToSecretKey(secKey2.data), &pubKey), NC_SUCCESS);
+ TEST(memcmp(pubKey2.data, &pubKey, sizeof(pubKey)), 0);
PRINTL("\nPASSED: Known keys tests completed")
return 0;
@@ -530,7 +547,7 @@ static int TestCorrectEncryption(const NCContext* context)
NCPublicKey pubKey2;
uint8_t hmacKeyOut[NC_HMAC_KEY_SIZE];
- uint8_t nonce[NC_ENCRYPTION_NONCE_SIZE];
+ uint8_t nonce[NC_NIP44_IV_SIZE]; //nonce is set by cipher spec, shoud use NCEncryptionGetIvSize() in production
uint8_t mac[NC_ENCRYPTION_MAC_SIZE];
uint8_t plainText[TEST_ENC_DATA_SIZE];
@@ -540,20 +557,21 @@ static int TestCorrectEncryption(const NCContext* context)
NCEncryptionArgs cryptoData;
NCMacVerifyArgs macVerifyArgs;
- ENSURE(NCSetEncryptionProperty(&cryptoData, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP44) == NC_SUCCESS);
- ENSURE(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_NONCE, nonce, sizeof(nonce)) == NC_SUCCESS);
- ENSURE(NCSetEncryptionPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, hmacKeyOut, NC_HMAC_KEY_SIZE) == NC_SUCCESS);
+ PRINTL("TEST: Correct encryption")
+
+ ENSURE(NCEncryptionGetIvSize(NC_ENC_VERSION_NIP44) == (uint32_t)sizeof(nonce));
+ ENSURE(NCEncryptionSetProperty(&cryptoData, NC_ENC_SET_VERSION, NC_ENC_VERSION_NIP44) == NC_SUCCESS);
+ ENSURE(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_IV, nonce, sizeof(nonce)) == NC_SUCCESS);
+ ENSURE(NCEncryptionSetPropertyEx(&cryptoData, NC_ENC_SET_NIP44_MAC_KEY, hmacKeyOut, NC_HMAC_KEY_SIZE) == NC_SUCCESS);
/* Assign the encryption material */
- ENSURE(NCSetEncryptionData(&cryptoData, plainText, cipherText, TEST_ENC_DATA_SIZE) == NC_SUCCESS);
+ ENSURE(NCEncryptionSetData(&cryptoData, plainText, cipherText, TEST_ENC_DATA_SIZE) == NC_SUCCESS);
macVerifyArgs.nonce32 = nonce; /* nonce is shared */
macVerifyArgs.mac32 = mac;
macVerifyArgs.payload = cipherText;
macVerifyArgs.payloadSize = TEST_ENC_DATA_SIZE;
- PRINTL("TEST: Correct encryption")
-
/* init a sending and receiving key */
FillRandomData(&secKey1, sizeof(NCSecretKey));
FillRandomData(&secKey2, sizeof(NCSecretKey));
@@ -590,6 +608,164 @@ static int TestCorrectEncryption(const NCContext* context)
return 0;
}
+#ifdef NC_ENABLE_UTILS
+
+#include <noscryptutil.h>
+
+/* Padding tests taken from the nip44 repo vectors.json file */
+static const uint32_t _padTestActual[24] = { 16, 32, 33, 37, 45, 49, 64, 65, 100, 111, 200, 250, 320, 383, 384, 400, 500, 512, 515, 700, 800, 900, 1020, 65536 };
+static const uint32_t _padTestExpected[24] = { 32, 32, 64, 64, 64, 64, 64, 96, 128, 128, 224, 256, 320, 384, 384, 448, 512, 512, 640, 768, 896, 1024, 1024, 65536 };
+
+static int TestUtilNip44Encryption(
+ const NCContext* libCtx,
+ span_t sendKey,
+ span_t recvKey,
+ span_t nonce,
+ span_t expected,
+ span_t plainText
+)
+{
+ NCPublicKey recvPubKey;
+ uint8_t* outData;
+
+ ENSURE(NCValidateSecretKey(libCtx, NCByteCastToSecretKey(sendKey.data)) == NC_SUCCESS);
+ ENSURE(NCGetPublicKey(libCtx, NCByteCastToSecretKey(recvKey.data), &recvPubKey) == NC_SUCCESS);
+
+ /* Alloc cipher in nip44 encryption mode */
+ NCUtilCipherContext* ctx = NCUtilCipherAlloc(
+ NC_ENC_VERSION_NIP44,
+ NC_UTIL_CIPHER_MODE_ENCRYPT | NC_UTIL_CIPHER_ZERO_ON_FREE
+ );
+
+ ENSURE(ctx != NULL);
+
+ TEST(ncSpanGetSize(nonce), (uint32_t)NCUtilCipherGetIvSize(ctx));
+
+ TEST(NCUtilCipherInit(ctx, plainText.data, plainText.size), NC_SUCCESS);
+
+ /* Nonce is required for nip44 encryption */
+ TEST(NCUtilCipherSetProperty(ctx, NC_ENC_SET_IV, nonce.data, nonce.size), NC_SUCCESS);
+
+ /* Cipher update should return the */
+ TEST(NCUtilCipherUpdate(ctx, libCtx, NCByteCastToSecretKey(sendKey.data), &recvPubKey), NC_SUCCESS);
+
+ NCResult cipherOutputSize = NCUtilCipherGetOutputSize(ctx);
+
+ TEST(cipherOutputSize, expected.size);
+
+ outData = (uint8_t*)malloc(cipherOutputSize);
+ TASSERT(outData != NULL);
+
+ /* Read the encrypted payload to test */
+ TEST(NCUtilCipherReadOutput(ctx, outData, (uint32_t)cipherOutputSize), cipherOutputSize);
+
+ /* Ensure encrypted payload matches */
+ TEST(memcmp(outData, expected.data, cipherOutputSize), 0);
+
+ free(outData);
+
+ /* Free encryption memory */
+ NCUtilCipherFree(ctx);
+
+ return 0;
+}
+
+static int TestUtilNip44Decryption(
+ const NCContext* libCtx,
+ span_t sendKey,
+ span_t recvKey,
+ span_t payload,
+ span_t expectedPt
+)
+{
+ NCPublicKey recvPubKey;
+ uint8_t* outData;
+
+ ENSURE(NCValidateSecretKey(libCtx, NCByteCastToSecretKey(sendKey.data)) == NC_SUCCESS);
+ ENSURE(NCGetPublicKey(libCtx, NCByteCastToSecretKey(recvKey.data), &recvPubKey) == NC_SUCCESS);
+
+ /* Alloc cipher in nip44 decryption mode */
+ NCUtilCipherContext* ctx = NCUtilCipherAlloc(
+ NC_ENC_VERSION_NIP44,
+ NC_UTIL_CIPHER_MODE_DECRYPT | NC_UTIL_CIPHER_ZERO_ON_FREE
+ );
+
+ ENSURE(ctx != NULL);
+
+ /* submit encrypted payload for ciphertext */
+ TEST(NCUtilCipherInit(ctx, payload.data, payload.size), NC_SUCCESS);
+
+ TEST(NCUtilCipherUpdate(ctx, libCtx, NCByteCastToSecretKey(sendKey.data), &recvPubKey), NC_SUCCESS);
+
+ NCResult plaintextSize = NCUtilCipherGetOutputSize(ctx);
+
+ TEST(plaintextSize, expectedPt.size);
+
+ outData = (uint8_t*)malloc(plaintextSize);
+
+ TASSERT(outData != NULL);
+
+ /* Read the encrypted payload to test */
+ TEST(NCUtilCipherReadOutput(ctx, outData, (uint32_t)plaintextSize), plaintextSize);
+
+ /* Ensure encrypted payload matches */
+ TEST(memcmp(outData, expectedPt.data, plaintextSize), 0);
+
+ free(outData);
+
+ /* Free encryption memory */
+ NCUtilCipherFree(ctx);
+
+ return 0;
+}
+
+static int TestUtilFunctions(const NCContext* libCtx)
+{
+ PRINTL("TEST: Util functions")
+
+ for (int i = 0; i < 24; i++)
+ {
+ int32_t totalSize = _padTestExpected[i] + 67;
+
+ TEST(NCUtilGetEncryptionPaddedSize(NC_ENC_VERSION_NIP44, _padTestActual[i]), _padTestExpected[i]);
+ TEST(NCUtilGetEncryptionBufferSize(NC_ENC_VERSION_NIP44, _padTestActual[i]), totalSize);
+ }
+ {
+ PRINTL("TEST: NIP-44 util encryption")
+
+ /* From the nip44 vectors file */
+ span_t sendKey = FromHexString("0000000000000000000000000000000000000000000000000000000000000001", sizeof(NCSecretKey));
+ span_t recvKey = FromHexString("0000000000000000000000000000000000000000000000000000000000000002", sizeof(NCSecretKey));
+ span_t nonce = FromHexString("0000000000000000000000000000000000000000000000000000000000000001", NC_NIP44_IV_SIZE);
+ span_t payload = FromHexString("02000000000000000000000000000000000000000000000000000000000000000179ed06e5548ad3ff58ca920e6c0b4329f6040230f7e6e5641f20741780f0adc35a09794259929a02bb06ad8e8cf709ee4ccc567e9d514cdf5781af27a3e905e55b1b", 99);
+ span_t plainText = FromHexString("61", 1);
+
+ if (TestUtilNip44Encryption(libCtx, sendKey, recvKey, nonce, payload, plainText) != 0)
+ {
+ return 1;
+ }
+ }
+ {
+ PRINTL("TEST: NIP-44 util decryption");
+
+ /* From the nip44 vectors file */
+ span_t sendKey = FromHexString("0000000000000000000000000000000000000000000000000000000000000001", sizeof(NCSecretKey));
+ span_t recvKey = FromHexString("0000000000000000000000000000000000000000000000000000000000000002", sizeof(NCSecretKey));
+ span_t payload = FromHexString("02000000000000000000000000000000000000000000000000000000000000000179ed06e5548ad3ff58ca920e6c0b4329f6040230f7e6e5641f20741780f0adc35a09794259929a02bb06ad8e8cf709ee4ccc567e9d514cdf5781af27a3e905e55b1b", 99);
+ span_t plainText = FromHexString("61", 1);
+
+ if (TestUtilNip44Decryption(libCtx, sendKey, recvKey, payload, plainText) != 0)
+ {
+ return 1;
+ }
+ }
+
+ PRINTL("\nPASSED: Util functions tests completed")
+ return 0;
+}
+
+#endif
+
static void FillRandomData(void* pbBuffer, size_t length)
{