Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
upstreams
/
SSH.NET
spogulis no https://github.com/sshnet/SSH.NET.git
2
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Koks: d06dfa5e4d
Atzari Tagi
SSH.NET
/
test
/
Renci.SshNet.Tests
/
Classes
/
Security
/
Cryptography
/
Ciphers
/
AesCipherTest.Gen.cs.txt

AesCipherTest.Gen.cs.txt 4.9 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. // Used to generate tests in AesCipherTest.cs
    2. 

  2. 

  3. // The script works by running "openssl enc [...]" (via WSL) to generate the
    4. 

  4. // expected encrypted values, and also verifies those values against the .NET
    5. 

  5. // BCL implementation as an extra validation before generating the tests.
    6. 

  6. 

  7. Dictionary<string, (string, CipherMode?)> modes = new()
    8. 

  8. {
    9. 

  9.     ["ecb"] = ("iv: null, AesCipherMode.ECB", CipherMode.ECB),
    10. 

  10.     ["cbc"] = ("(byte[])iv.Clone(), AesCipherMode.CBC", CipherMode.CBC),
    11. 

  11.     ["cfb"] = ("(byte[])iv.Clone(), AesCipherMode.CFB", CipherMode.CFB),
    12. 

  12.     ["ctr"] = ("(byte[])iv.Clone(), AesCipherMode.CTR", null),
    13. 

  13.     ["ofb"] = ("(byte[])iv.Clone(), AesCipherMode.OFB", CipherMode.OFB),
    14. 

  14. };
    15. 

  15. 

  16. Random random = new(123);
    17. 

  17. 

  18. using IndentedTextWriter tw = new(Console.Out);
    19. 

  19. 

  20. foreach ((string mode, (string modeCode, CipherMode? bclMode)) in modes)
    21. 

  21. {
    22. 

  22.     foreach (int keySize in new int[] { 128, 192, 256 })
    23. 

  23.     {
    24. 

  24.         foreach (int inputLength in new int[] { 16, 32, 64 })
    25. 

  25.         {
    26. 

  26.             byte[] input = new byte[inputLength];
    27. 

  27.             random.NextBytes(input);
    28. 

  28. 

  29.             byte[] key = new byte[keySize / 8];
    30. 

  30.             random.NextBytes(key);
    31. 

  31. 

  32.             byte[] iv = new byte[16];
    33. 

  33.             random.NextBytes(iv);
    34. 

  34. 

  35.             StringBuilder openSslCmd = new();
    36. 

  36. 

  37.             openSslCmd.Append($"echo -n -e '{string.Join("", input.Select(b => $"\\x{b:x2}"))}' |");
    38. 

  38.             openSslCmd.Append($" openssl enc -e -aes-{keySize}-{mode}");
    39. 

  39.             openSslCmd.Append($" -K {Convert.ToHexString(key)}");
    40. 

  40.             if (mode != "ecb")
    41. 

  41.             {
    42. 

  42.                 openSslCmd.Append($" -iv {Convert.ToHexString(iv)}");
    43. 

  43.             }
    44. 

  44.             openSslCmd.Append(" -nopad");
    45. 

  45. 

  46.             ProcessStartInfo pi = new("wsl", openSslCmd.ToString())
    47. 

  47.             {
    48. 

  48.                 RedirectStandardOutput = true,
    49. 

  49.                 RedirectStandardError = true,
    50. 

  50.             };
    51. 

  51. 

  52.             byte[] expected;
    53. 

  53.             string error;
    54. 

  54. 

  55.             using (MemoryStream ms = new())
    56. 

  56.             {
    57. 

  57.                 var p = Process.Start(pi);
    58. 

  58.                 p.StandardOutput.BaseStream.CopyTo(ms);
    59. 

  59.                 error = p.StandardError.ReadToEnd();
    60. 

  60. 

  61.                 p.WaitForExit();
    62. 

  62. 

  63.                 expected = ms.ToArray();
    64. 

  64.             }
    65. 

  65. 

  66.             tw.WriteLine("[TestMethod]");
    67. 

  67.             tw.WriteLine($"public void AES_{mode.ToUpper()}_{keySize}_Length{inputLength}()");
    68. 

  68.             tw.WriteLine("{");
    69. 

  69.             tw.Indent++;
    70. 

  70. 

  71.             WriteBytes(input);
    72. 

  72.             WriteBytes(key);
    73. 

  73.             if (mode != "ecb")
    74. 

  74.             {
    75. 

  75.                 WriteBytes(iv);
    76. 

  76.             }
    77. 

  77.             tw.WriteLine();
    78. 

  78. 

  79.             if (!string.IsNullOrWhiteSpace(error))
    80. 

  80.             {
    81. 

  81.                 tw.WriteLine($"// {openSslCmd}");
    82. 

  82.                 tw.WriteLine($"Assert.Fail(@\"{error}\");");
    83. 

  83. 

  84.                 tw.Indent--;
    85. 

  85.                 tw.WriteLine("}");
    86. 

  86.                 tw.WriteLine();
    87. 

  87.                 continue;
    88. 

  88.             }
    89. 

  89. 

  90.             tw.WriteLine($"// {openSslCmd} | hd"); // pipe to hexdump
    91. 

  91.             WriteBytes(expected);
    92. 

  92.             tw.WriteLine();
    93. 

  93.             tw.WriteLine($"var actual = new AesCipher(key, {modeCode}, pkcs7Padding: false).Encrypt(input);");
    94. 

  94.             tw.WriteLine();
    95. 

  95.             tw.WriteLine($"CollectionAssert.AreEqual(expected, actual);");
    96. 

  96. 

  97.             if (bclMode is not null and not CipherMode.OFB)
    98. 

  98.             {
    99. 

  99.                 // Verify the OpenSSL result is the same as the .NET BCL, just to be sure
    100. 

  100.                 Aes bcl = Aes.Create();
    101. 

  101.                 bcl.Key = key;
    102. 

  102.                 bcl.IV = iv;
    103. 

  103.                 bcl.Mode = bclMode.Value;
    104. 

  104.                 bcl.Padding = PaddingMode.None;
    105. 

  105.                 bcl.FeedbackSize = 128; // .NET is CFB8 by default, OpenSSL is CFB128
    106. 

  106.                 byte[] bclBytes = bcl.CreateEncryptor().TransformFinalBlock(input, 0, input.Length);
    107. 

  107. 

  108.                 if (!bclBytes.AsSpan().SequenceEqual(expected))
    109. 

  109.                 {
    110. 

  110.                     tw.WriteLine();
    111. 

  111.                     tw.WriteLine(@"Assert.Inconclusive(@""OpenSSL does not match the .NET BCL");
    112. 

  112.                     tw.Indent++;
    113. 

  113.                     tw.WriteLine($@"OpenSSL: {Convert.ToHexString(expected)}");
    114. 

  114.                     tw.WriteLine($@"BCL:     {Convert.ToHexString(bclBytes)}"");");
    115. 

  115.                     tw.Indent--;
    116. 

  116.                 }
    117. 

  117.             }
    118. 

  118. 

  119.             tw.WriteLine();
    120. 

  120.             tw.WriteLine($"var decrypted = new AesCipher(key, {modeCode}, pkcs7Padding: false).Decrypt(actual);");
    121. 

  121.             tw.WriteLine();
    122. 

  122.             tw.WriteLine($"CollectionAssert.AreEqual(input, decrypted);");
    123. 

  123. 

  124.             tw.Indent--;
    125. 

  125.             tw.WriteLine("}");
    126. 

  126.             tw.WriteLine();
    127. 

  127.         }
    128. 

  128.     }
    129. 

  129. }
    130. 

  130. 

  131. void WriteBytes(byte[] bytes, [CallerArgumentExpression(nameof(bytes))] string name = null)
    132. 

  132. {
    133. 

  133.     tw.WriteLine($"var {name} = new byte[]");
    134. 

  134.     tw.WriteLine("{");
    135. 

  135.     tw.Indent++;
    136. 

  136.     foreach (byte[] chunk in bytes.Chunk(16))
    137. 

  137.     {
    138. 

  138.         tw.WriteLine(string.Join(", ", chunk.Select(b => $"0x{b:x2}")) + ',');
    139. 

  139.     }
    140. 

  140.     tw.Indent--;
    141. 

  141.     tw.WriteLine("};");
    142. 

  142. }
    143.