Merge "KeyMint: Test size requirements for ciphers" (96ed41b2) · Commits · e / os / android_hardware_interfaces

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp

+94 −0

Original line number	Diff line number	Diff line
		@@ -772,6 +772,100 @@ void KeyMintAidlTestBase::CheckAesIncrementalEncryptOperation(BlockMode block_mo
		}
		}

		void KeyMintAidlTestBase::AesCheckEncryptOneByteAtATime(const string& key, BlockMode block_mode,
		PaddingMode padding_mode, const string& iv,
		const string& plaintext,
		const string& exp_cipher_text) {
		bool is_authenticated_cipher = (block_mode == BlockMode::GCM);
		auto auth_set = AuthorizationSetBuilder()
		.Authorization(TAG_NO_AUTH_REQUIRED)
		.AesEncryptionKey(key.size() * 8)
		.BlockMode(block_mode)
		.Padding(padding_mode);
		if (iv.size() > 0) auth_set.Authorization(TAG_CALLER_NONCE);
		if (is_authenticated_cipher) auth_set.Authorization(TAG_MIN_MAC_LENGTH, 128);
		ASSERT_EQ(ErrorCode::OK, ImportKey(auth_set, KeyFormat::RAW, key));

		CheckEncryptOneByteAtATime(block_mode, 16 /block_size/, padding_mode, iv, plaintext,
		exp_cipher_text);
		}

		void KeyMintAidlTestBase::CheckEncryptOneByteAtATime(BlockMode block_mode, const int block_size,
		PaddingMode padding_mode, const string& iv,
		const string& plaintext,
		const string& exp_cipher_text) {
		bool is_stream_cipher = (block_mode == BlockMode::CTR \|\| block_mode == BlockMode::GCM);
		bool is_authenticated_cipher = (block_mode == BlockMode::GCM);
		auto params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding_mode);
		if (iv.size() > 0) params.Authorization(TAG_NONCE, iv.data(), iv.size());
		if (is_authenticated_cipher) params.Authorization(TAG_MAC_LENGTH, 128);

		AuthorizationSet output_params;
		EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params, &output_params));

		string actual_ciphertext;
		if (is_stream_cipher) {
		// Assert that a 1 byte of output is produced for 1 byte of input.
		// Every input byte produces an output byte.
		for (int plaintext_index = 0; plaintext_index < plaintext.size(); plaintext_index++) {
		string ciphertext;
		EXPECT_EQ(ErrorCode::OK, Update(plaintext.substr(plaintext_index, 1), &ciphertext));
		// Some StrongBox implementations cannot support 1:1 input:output lengths, so
		// we relax this API restriction for them.
		if (SecLevel() != SecurityLevel::STRONGBOX) {
		EXPECT_EQ(1, ciphertext.size()) << "plaintext index: " << plaintext_index;
		}
		actual_ciphertext.append(ciphertext);
		}
		string ciphertext;
		EXPECT_EQ(ErrorCode::OK, Finish(&ciphertext));
		if (SecLevel() != SecurityLevel::STRONGBOX) {
		string expected_final_output;
		if (is_authenticated_cipher) {
		expected_final_output = exp_cipher_text.substr(plaintext.size());
		}
		EXPECT_EQ(expected_final_output, ciphertext);
		}
		actual_ciphertext.append(ciphertext);
		} else {
		// Assert that a block of output is produced once a full block of input is provided.
		// Every input block produces an output block.
		bool compare_output = true;
		string additional_information;
		int vendor_api_level = property_get_int32("ro.vendor.api_level", 0);
		if (SecLevel() == SecurityLevel::STRONGBOX) {
		// This is known to be broken on older vendor implementations.
		if (vendor_api_level < 33) {
		compare_output = false;
		} else {
		additional_information = " (b/194134359) ";
		}
		}
		for (int plaintext_index = 0; plaintext_index < plaintext.size(); plaintext_index++) {
		string ciphertext;
		EXPECT_EQ(ErrorCode::OK, Update(plaintext.substr(plaintext_index, 1), &ciphertext));
		if (compare_output) {
		if ((plaintext_index % block_size) == block_size - 1) {
		// Update is expected to have output a new block
		EXPECT_EQ(block_size, ciphertext.size())
		<< "plaintext index: " << plaintext_index << additional_information;
		} else {
		// Update is expected to have produced no output
		EXPECT_EQ(0, ciphertext.size())
		<< "plaintext index: " << plaintext_index << additional_information;
		}
		}
		actual_ciphertext.append(ciphertext);
		}
		string ciphertext;
		EXPECT_EQ(ErrorCode::OK, Finish(&ciphertext));
		actual_ciphertext.append(ciphertext);
		}
		// Regardless of how the completed ciphertext got accumulated, it should match the expected
		// ciphertext.
		EXPECT_EQ(exp_cipher_text, actual_ciphertext);
		}

		void KeyMintAidlTestBase::CheckHmacTestVector(const string& key, const string& message,
		Digest digest, const string& expected_mac) {
		SCOPED_TRACE("CheckHmacTestVector");

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h

+9 −0

Original line number	Diff line number	Diff line
		@@ -188,6 +188,10 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> {

		void CheckAesIncrementalEncryptOperation(BlockMode block_mode, int message_size);

		void AesCheckEncryptOneByteAtATime(const string& key, BlockMode block_mode,
		PaddingMode padding_mode, const string& iv,
		const string& plaintext, const string& exp_cipher_text);

		void CheckHmacTestVector(const string& key, const string& message, Digest digest,
		const string& expected_mac);

		@@ -343,6 +347,11 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> {
		string name_;
		string author_;
		long challenge_;

		private:
		void CheckEncryptOneByteAtATime(BlockMode block_mode, const int block_size,
		PaddingMode padding_mode, const string& iv,
		const string& plaintext, const string& exp_cipher_text);
		};

		// If the given property is available, add it to the tag set under the given tag ID.

security/keymint/aidl/vts/functional/KeyMintTest.cpp

+322 −0

Original line number	Diff line number	Diff line
		@@ -5772,6 +5772,328 @@ TEST_P(EncryptionOperationsTest, AesGcmIncremental) {
		CheckAesIncrementalEncryptOperation(BlockMode::GCM, 240);
		}

		/*
		* EncryptionOperationsTest.Aes128CBCNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/CBC/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes128CBCNoPaddingOneByteAtATime) {
		string kat_key = hex2str("7E3D723C09A9852B24F584F9D916F6A8");
		string kat_iv = hex2str("944AE274D983892EADE422274858A96A");
		string kat_plaintext =
		hex2str("044E15899A080AADEB6778F64323B64D2CBCBADB338DF93B9AC459D4F41029"
		"809FFF37081C22EF278F896AB213A2A631");
		string kat_ciphertext =
		hex2str("B419293FCBD686F2913D1CF947E510D42FAFEDE5593C98AFD6AEE272596A"
		"56FE42C22F2A5E3B6A02BA9D8D0DE1E9A810");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes128CBCPKCS7PaddingOneByteAtATime
		* Verifies input and output sizes of AES/CBC/PKCS7Padding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes128CBCPKCS7PaddingOneByteAtATime) {
		string kat_key = hex2str("F16E698472578E919D92806262C5169F");
		string kat_iv = hex2str("EF743540F8421ACA128A3247521F3E7D");
		string kat_plaintext =
		hex2str("5BEBF33569D90BF5E853814E12E7C7AA5758013F755773E29F4A25EC26EEB7"
		"65F7F2DC251F7DC62AEFCA1E8A5A11A1DCD44F0BD8FB593A5AE3");
		string kat_ciphertext =
		hex2str("3197CF6DB9466188B5FED375329324EE7D6092A8C0E41DFAF49E3724271427"
		"896D56A6243C0D59D6639722AF93CD53449BDDABF9C5F153EBDBFED9ED98C8CC37");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::PKCS7, kat_iv,
		kat_plaintext, kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes128CTRNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/CTR/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes128CTRNoPaddingOneByteAtATime) {
		string kat_key = hex2str("4713a7b2f93efe809b42ecc45213ef9f");
		string kat_iv = hex2str("ebfa19b0ebf3d57feabd4c4bd04bea01");
		string kat_plaintext =
		hex2str("6d2c07e1fc86f99c6e2a8f6567828b4262a9c23d0f3ed8ab32482283c79796"
		"f0adba1bcd3736084996452a917fae98005aebe61f9e91c3");
		string kat_ciphertext =
		hex2str("345deb1d67b95e600e05cad4c32ec381aadb3e2c1ec7e0fb956dc38e6860cf"
		"0553535566e1b12fa9f87d29266ca26df427233df035df28");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CTR, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes128ECBNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/ECB/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes128ECBNoPaddingOneByteAtATime) {
		string kat_key = hex2str("7DA2467F068854B3CB36E5C333A16619");
		string kat_plaintext =
		hex2str("9A07C9575AD9CE209DF9F3953965CEBE8208587C7AE575A1904BF25048946D"
		"7B6168A9A27BCE554BEA94EF26E6C742A0");
		string kat_ciphertext =
		hex2str("8C47E49420FC92AC4CA2C601BC3F8AC31D01B260B7B849F2B8EEDFFFED8F36"
		"C31CBDA0D22F95C9C2A48C347E8C77AC82");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::NONE, "", kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes128ECBPKCS7PaddingOneByteAtATime
		* Verifies input and output sizes of AES/ECB/PKCS7Padding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes128ECBPKCS7PaddingOneByteAtATime) {
		string kat_key = hex2str("C3BE04BCCB3D99B85290F113FE7AF194");
		string kat_plaintext =
		hex2str("348C213FD8DF3F990C20C5ACBF07B34B6264AE245784A5A6176DBFB1C2E7DD"
		"27E52CC92B8EEE40614F05B507B355F6354A2705BD86");
		string kat_ciphertext =
		hex2str("07CD05C41FEDEDDC5DB4B3E35E676153184A119AA4DFDDC290616F1FA60093"
		"1DE6BEA9BDB90D1D733899946F8C8E5C0C4383F99F5D88E27F3EBC0C6E52759ED3");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::PKCS7, "", kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes128GCMNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/GCM/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes128GCMNoPaddingOneByteAtATime) {
		string kat_key = hex2str("ba76354f0aed6e8d91f45c4ff5a062db");
		string kat_iv = hex2str("b79437ae08ff355d7d8a4d0f");
		string kat_plaintext =
		hex2str("6d7596a8fd56ceaec61de7940984b7736fec44f572afc3c8952e4dc6541e2b"
		"c6a702c440a37610989543f63fedb047ca2173bc18581944");
		string kat_ciphertext =
		hex2str("b3f6799e8f9326f2df1e80fcd2cb16d78c9dc7cc14bb677862dc6c639b3a63"
		"38d24b312d3989e5920b5dbfc976765efbfe57bb385940a7a43bdf05bddae3c9d6a2fb"
		"bdfcc0cba0");

		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::GCM, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes192CBCNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/CBC/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes192CBCNoPaddingOneByteAtATime) {
		if (SecLevel() == SecurityLevel::STRONGBOX) {
		GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
		}
		string kat_key = hex2str("be8cc4e25cce46e5d55725e2391f7d3cf59ed60062f5a43b");
		string kat_iv = hex2str("80a199aab0eee77e7762ddf3b3a32f40");
		string kat_plaintext =
		hex2str("064f9200e0df37d4711af4a69d11addf9e1c345d9d8195f9f1f715019ce96a"
		"167f2497c994bd496eb80bfb2ba2c9d5af");
		string kat_ciphertext =
		hex2str("859b90becaa85e95a71e104efbd7a3b723bcbf4eb39865544a05d9e90b6fe5"
		"72c134552f3a138e726fbe493b3a839598");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes192CBCPKCS7PaddingOneByteAtATime
		* Verifies input and output sizes of AES/CBC/PKCS7Padding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes192CBCPKCS7PaddingOneByteAtATime) {
		if (SecLevel() == SecurityLevel::STRONGBOX) {
		GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
		}
		string kat_key = hex2str("68969215ec41e4df7d23de0e806f458f52aff492bd7c5263");
		string kat_iv = hex2str("e61d13dfbf0533289f0e7950209da418");
		string kat_plaintext =
		hex2str("8d4c1cac27511ee2d82409a7f378e7e402b0eb189c1eaa5c506eb72a9074"
		"b170");
		string kat_ciphertext =
		hex2str("e70bcd62c595dc1b2b8c197bb91a7447e1be2cbcf3fdc69e7e991faf0f57cf"
		"4e3884138ff403a41fd99818708ada301c");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::PKCS7, kat_iv,
		kat_plaintext, kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes192CTRNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/CTR/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes192CTRNoPaddingOneByteAtATime) {
		if (SecLevel() == SecurityLevel::STRONGBOX) {
		GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
		}
		string kat_key = hex2str("5e2036e790d38815c90beb67a1c9e5aa0e167ef082927317");
		string kat_iv = hex2str("df0694959b89054156962d68a226965c");
		string kat_plaintext =
		hex2str("6ed2781c99e03e45314d6019932220c2c98130c53f9f67ad10ac519adf50e9"
		"28091e09cdbbd3b42b");
		string kat_ciphertext =
		hex2str("e427b6666502e05b82d0b20ae50e862b1936d71266fc49178ac984e71571f2"
		"2ae0f90f0c19f42b4a");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CTR, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes192ECBNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/ECB/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes192ECBNoPaddingOneByteAtATime) {
		if (SecLevel() == SecurityLevel::STRONGBOX) {
		GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
		}
		string kat_key = hex2str("3cab83fb338ba985fbfe74c5e9d2e900adb570b1d67faf92");
		string kat_plaintext =
		hex2str("2cc64c335a13fb838f3c6aad0a6b47297ca90bb886ddb059200f0b41740c"
		"44ab");
		string kat_ciphertext =
		hex2str("9c5c825328f5ee0aa24947e374d3f9165f484b39dd808c790d7a12964810"
		"2453");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::NONE, "", kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes192ECBPKCS7PaddingOneByteAtATime
		* Verifies input and output sizes of AES/ECB/PKCS7Padding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes192ECBPKCS7PaddingOneByteAtATime) {
		if (SecLevel() == SecurityLevel::STRONGBOX) {
		GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
		}
		string kat_key = hex2str("d57f4e5446f736c16476ec4db5decc7b1bf3936e4f7e4618");
		string kat_plaintext =
		hex2str("b115777f1ee7a43a07daa6401e59c46b7a98213a8747eabfbe3ca4ec93524d"
		"e2c7");
		string kat_ciphertext =
		hex2str("1e92cd20da08bb5fa174a7a69879d4fc25a155e6af06d75b26c5b450d273c8"
		"bb7e3a889dd4a9589098b44acf1056e7aa");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::PKCS7, "", kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes192GCMNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/GCM/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes192GCMNoPaddingOneByteAtATime) {
		if (SecLevel() == SecurityLevel::STRONGBOX) {
		GTEST_SKIP() << "Key size 192 is not supported by Strongbox.";
		}
		string kat_key = hex2str("21339fc1d011abca65d50ce2365230603fd47d07e8830f6e");
		string kat_iv = hex2str("d5fb1469a8d81dd75286a418");
		string kat_plaintext =
		hex2str("cf776dedf53a828d51a0073db3ef0dd1ee19e2e9e243ce97e95841bb9ad4e3"
		"ff52");
		string kat_ciphertext =
		hex2str("3a0d48278111d3296bc663df8a5dbeb2474ea47fd85b608f8d9375d9dcf7de"
		"1413ad70fb0e1970669095ad77ebb5974ae8");

		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::GCM, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes256CBCNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/CBC/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes256CBCNoPaddingOneByteAtATime) {
		string kat_key = hex2str("dd2f20dc6b98c100bac919120ff95eb5d96003f8229987b283a1e777b0cd5c30");
		string kat_iv = hex2str("23b4d85239fb90db93b07a981e90a170");
		string kat_plaintext =
		hex2str("2fbe5d46dca5cea433e550d8b291740ab9551c2a2d37680d7fb7b993225f58"
		"494cb53caca353e4b637ba05687be20f8d");
		string kat_ciphertext =
		hex2str("5aba24fc316936c8369061ee8fe463e4faed04288e204456626b988c0e376b"
		"6047da1e4fd7c4e1cf2656097f75ae8685");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes256CBCPKCS7PaddingOneByteAtATime
		* Verifies input and output sizes of AES/CBC/PKCS7Padding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes256CBCPKCS7PaddingOneByteAtATime) {
		string kat_key = hex2str("03ab2510520f5cfebfab0a17a7f8324c9634911f6fc59e586f85346bb38ac88a");
		string kat_iv = hex2str("9af96967195bb0184f129beffa8241ae");
		string kat_plaintext =
		hex2str("2d6944653ac14988a772a2730b7c5bfa99a21732ae26f40cdc5b3a2874c794"
		"2545a82b73c48078b9dae62261c65909");
		string kat_ciphertext =
		hex2str("26b308f7e1668b55705a79c8b3ad10e244655f705f027f390a5c34e4536f51"
		"9403a71987b95124073d69f2a3cb95b0ab");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CBC, PaddingMode::PKCS7, kat_iv,
		kat_plaintext, kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes256CTRNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/CTR/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes256CTRNoPaddingOneByteAtATime) {
		string kat_key = hex2str("928b380a8fed4b4b4cfeb56e0c66a4cb0f9ff58d61ac68bcfd0e3fbd910a684f");
		string kat_iv = hex2str("0b678a5249e6eeda461dfb4776b6c58e");
		string kat_plaintext =
		hex2str("f358de57543b297e997cba46fb9100553d6abd65377e55b9aac3006400ead1"
		"1f6db3c884");
		string kat_ciphertext =
		hex2str("a07a35fbd1776ad81462e1935f542337add60962bf289249476817b6ddd532"
		"a7be30d4c3");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::CTR, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes256ECBNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/ECB/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes256ECBNoPaddingOneByteAtATime) {
		string kat_key = hex2str("fa4622d9cf6485075daedd33d2c4fffdf859e2edb7f7df4f04603f7e647fae90");
		string kat_plaintext =
		hex2str("96ccabbe0c68970d8cdee2b30ab43c2d61cc50ee68271e77571e72478d713a"
		"31a476d6806b8116089c6ec50bb543200f");
		string kat_ciphertext =
		hex2str("0e81839e9dfbfe3b503d619e676abe5ac80fac3f245d8f09b9134b1b32a67d"
		"c83e377faf246288931136bef2a07c0be4");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::NONE, "", kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes256ECBPKCS7PaddingOneByteAtATime
		* Verifies input and output sizes of AES/ECB/PKCS7Padding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes256ECBPKCS7PaddingOneByteAtATime) {
		string kat_key = hex2str("bf3f07c68467fead0ca8e2754500ab514258abf02eb7e615a493bcaaa45d5ee1");
		string kat_plaintext =
		hex2str("af0757e49018dad628f16998628a407db5f28291bef3bc2e4d8a5a31fb238e"
		"6f");
		string kat_ciphertext =
		hex2str("21ec3011074bf1ef140643d47130326c5e183f61237c69bc77551ca207d71f"
		"c2b90cfac6c8d2d125e5cd9ff353dee0df");
		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::ECB, PaddingMode::PKCS7, "", kat_plaintext,
		kat_ciphertext);
		}

		/*
		* EncryptionOperationsTest.Aes256GCMNoPaddingOneByteAtATime
		* Verifies input and output sizes of AES/GCM/NoPadding Algorithm.
		*/
		TEST_P(EncryptionOperationsTest, Aes256GCMNoPaddingOneByteAtATime) {
		string kat_key = hex2str("7972140d831eedac75d5ea515c9a4c3bb124499a90b5f317ac1a685e88fae395");
		string kat_iv = hex2str("a66c5252808d823dd4151fed");
		string kat_plaintext =
		hex2str("c2b9dabf3a55adaa94e8c0d1e77a84a3435aee23b2c3c4abb587b09a9c2afb"
		"f0");
		string kat_ciphertext =
		hex2str("a960619314657b2afb96b93bebb372bffd09e19d53e351f17d1ba2611f9dc3"
		"3c9c92d563e8fd381254ac262aa2a4ea0d");

		AesCheckEncryptOneByteAtATime(kat_key, BlockMode::GCM, PaddingMode::NONE, kat_iv, kat_plaintext,
		kat_ciphertext);
		}

		struct AesCtrSp80038aTestVector {
		const char* key;
		const char* nonce;