1use crate::compiler::prelude::*;
2use crate::value::Value;
3use aes::cipher::{
4 AsyncStreamCipher, BlockDecryptMut, KeyIvInit, StreamCipher,
5 block_padding::{AnsiX923, Iso7816, Iso10126, Pkcs7},
6 generic_array::GenericArray,
7};
8use aes_siv::{Aes128SivAead, Aes256SivAead};
9use cfb_mode::Decryptor as Cfb;
10use chacha20poly1305::{ChaCha20Poly1305, KeyInit, XChaCha20Poly1305, aead::Aead};
11use crypto_secretbox::XSalsa20Poly1305;
12use ctr::{Ctr64BE, Ctr64LE};
13use ofb::Ofb;
14
15use super::encrypt::{get_iv_bytes, get_key_bytes, is_valid_algorithm};
16
17type Aes128Cbc = cbc::Decryptor<aes::Aes128>;
18type Aes192Cbc = cbc::Decryptor<aes::Aes192>;
19type Aes256Cbc = cbc::Decryptor<aes::Aes256>;
20
21macro_rules! decrypt {
22 ($algorithm:ty, $ciphertext:expr_2021, $key:expr_2021, $iv:expr_2021) => {{
23 let mut buffer = vec![0; $ciphertext.len()];
24 <$algorithm>::new(
25 &GenericArray::from(get_key_bytes($key)?),
26 &GenericArray::from(get_iv_bytes($iv)?),
27 )
28 .decrypt_b2b($ciphertext.as_ref(), buffer.as_mut())
29 .unwrap();
30 buffer
31 }};
32}
33
34macro_rules! decrypt_padded {
35 ($algorithm:ty, $padding:ty, $ciphertext:expr_2021, $key:expr_2021, $iv:expr_2021) => {{
36 <$algorithm>::new(
37 &GenericArray::from(get_key_bytes($key)?),
38 &GenericArray::from(get_iv_bytes($iv)?),
39 )
40 .decrypt_padded_vec_mut::<$padding>($ciphertext.as_ref())
41 .map_err(|_| format!("Invalid input"))?
42 }};
43}
44
45macro_rules! decrypt_keystream {
46 ($algorithm:ty, $ciphertext:expr_2021, $key:expr_2021, $iv:expr_2021) => {{
47 let mut buffer = vec![0; $ciphertext.len()];
48 <$algorithm>::new(
49 &GenericArray::from(get_key_bytes($key)?),
50 &GenericArray::from(get_iv_bytes($iv)?),
51 )
52 .apply_keystream_b2b($ciphertext.as_ref(), buffer.as_mut())
53 .unwrap();
54 buffer
55 }};
56}
57
58macro_rules! decrypt_stream {
59 ($algorithm:ty, $plaintext:expr_2021, $key:expr_2021, $iv:expr_2021) => {{
60 <$algorithm>::new(&GenericArray::from(get_key_bytes($key)?))
61 .decrypt(&GenericArray::from(get_iv_bytes($iv)?), $plaintext.as_ref())
62 .expect("key/iv sizes were already checked")
63 }};
64}
65
66fn decrypt(ciphertext: Value, algorithm: &str, key: Value, iv: Value) -> Resolved {
67 let ciphertext = ciphertext.try_bytes()?;
68
69 let ciphertext = match algorithm {
70 "AES-256-CFB" => decrypt!(Cfb::<aes::Aes256>, ciphertext, key, iv),
71 "AES-192-CFB" => decrypt!(Cfb::<aes::Aes192>, ciphertext, key, iv),
72 "AES-128-CFB" => decrypt!(Cfb::<aes::Aes128>, ciphertext, key, iv),
73 "AES-256-OFB" => decrypt_keystream!(Ofb::<aes::Aes256>, ciphertext, key, iv),
74 "AES-192-OFB" => decrypt_keystream!(Ofb::<aes::Aes192>, ciphertext, key, iv),
75 "AES-128-OFB" => decrypt_keystream!(Ofb::<aes::Aes128>, ciphertext, key, iv),
76 "AES-256-CTR" | "AES-256-CTR-LE" => {
77 decrypt_keystream!(Ctr64LE::<aes::Aes256>, ciphertext, key, iv)
78 }
79 "AES-192-CTR" | "AES-192-CTR-LE" => {
80 decrypt_keystream!(Ctr64LE::<aes::Aes192>, ciphertext, key, iv)
81 }
82 "AES-128-CTR" | "AES-128-CTR-LE" => {
83 decrypt_keystream!(Ctr64LE::<aes::Aes128>, ciphertext, key, iv)
84 }
85 "AES-256-CTR-BE" => decrypt_keystream!(Ctr64BE::<aes::Aes256>, ciphertext, key, iv),
86 "AES-192-CTR-BE" => decrypt_keystream!(Ctr64BE::<aes::Aes192>, ciphertext, key, iv),
87 "AES-128-CTR-BE" => decrypt_keystream!(Ctr64BE::<aes::Aes128>, ciphertext, key, iv),
88 "AES-256-CBC-PKCS7" => decrypt_padded!(Aes256Cbc, Pkcs7, ciphertext, key, iv),
89 "AES-192-CBC-PKCS7" => decrypt_padded!(Aes192Cbc, Pkcs7, ciphertext, key, iv),
90 "AES-128-CBC-PKCS7" => decrypt_padded!(Aes128Cbc, Pkcs7, ciphertext, key, iv),
91 "AES-256-CBC-ANSIX923" => decrypt_padded!(Aes256Cbc, AnsiX923, ciphertext, key, iv),
92 "AES-192-CBC-ANSIX923" => decrypt_padded!(Aes192Cbc, AnsiX923, ciphertext, key, iv),
93 "AES-128-CBC-ANSIX923" => decrypt_padded!(Aes128Cbc, AnsiX923, ciphertext, key, iv),
94 "AES-256-CBC-ISO7816" => decrypt_padded!(Aes256Cbc, Iso7816, ciphertext, key, iv),
95 "AES-192-CBC-ISO7816" => decrypt_padded!(Aes192Cbc, Iso7816, ciphertext, key, iv),
96 "AES-128-CBC-ISO7816" => decrypt_padded!(Aes128Cbc, Iso7816, ciphertext, key, iv),
97 "AES-256-CBC-ISO10126" => decrypt_padded!(Aes256Cbc, Iso10126, ciphertext, key, iv),
98 "AES-192-CBC-ISO10126" => decrypt_padded!(Aes192Cbc, Iso10126, ciphertext, key, iv),
99 "AES-128-CBC-ISO10126" => decrypt_padded!(Aes128Cbc, Iso10126, ciphertext, key, iv),
100 "AES-128-SIV" => decrypt_stream!(Aes128SivAead, ciphertext, key, iv),
101 "AES-256-SIV" => decrypt_stream!(Aes256SivAead, ciphertext, key, iv),
102 "CHACHA20-POLY1305" => decrypt_stream!(ChaCha20Poly1305, ciphertext, key, iv),
103 "XCHACHA20-POLY1305" => decrypt_stream!(XChaCha20Poly1305, ciphertext, key, iv),
104 "XSALSA20-POLY1305" => decrypt_stream!(XSalsa20Poly1305, ciphertext, key, iv),
105 other => return Err(format!("Invalid algorithm: {other}").into()),
106 };
107
108 Ok(Value::Bytes(Bytes::from(ciphertext)))
109}
110
111#[derive(Clone, Copy, Debug)]
112pub struct Decrypt;
113
114impl Function for Decrypt {
115 fn identifier(&self) -> &'static str {
116 "decrypt"
117 }
118
119 fn usage(&self) -> &'static str {
120 indoc! {"
121 Decrypts a string with a symmetric encryption algorithm.
122
123 Supported Algorithms:
124
125 * AES-256-CFB (key = 32 bytes, iv = 16 bytes)
126 * AES-192-CFB (key = 24 bytes, iv = 16 bytes)
127 * AES-128-CFB (key = 16 bytes, iv = 16 bytes)
128 * AES-256-OFB (key = 32 bytes, iv = 16 bytes)
129 * AES-192-OFB (key = 24 bytes, iv = 16 bytes)
130 * AES-128-OFB (key = 16 bytes, iv = 16 bytes)
131 * AES-128-SIV (key = 32 bytes, iv = 16 bytes)
132 * AES-256-SIV (key = 64 bytes, iv = 16 bytes)
133 * Deprecated - AES-256-CTR (key = 32 bytes, iv = 16 bytes)
134 * Deprecated - AES-192-CTR (key = 24 bytes, iv = 16 bytes)
135 * Deprecated - AES-128-CTR (key = 16 bytes, iv = 16 bytes)
136 * AES-256-CTR-LE (key = 32 bytes, iv = 16 bytes)
137 * AES-192-CTR-LE (key = 24 bytes, iv = 16 bytes)
138 * AES-128-CTR-LE (key = 16 bytes, iv = 16 bytes)
139 * AES-256-CTR-BE (key = 32 bytes, iv = 16 bytes)
140 * AES-192-CTR-BE (key = 24 bytes, iv = 16 bytes)
141 * AES-128-CTR-BE (key = 16 bytes, iv = 16 bytes)
142 * AES-256-CBC-PKCS7 (key = 32 bytes, iv = 16 bytes)
143 * AES-192-CBC-PKCS7 (key = 24 bytes, iv = 16 bytes)
144 * AES-128-CBC-PKCS7 (key = 16 bytes, iv = 16 bytes)
145 * AES-256-CBC-ANSIX923 (key = 32 bytes, iv = 16 bytes)
146 * AES-192-CBC-ANSIX923 (key = 24 bytes, iv = 16 bytes)
147 * AES-128-CBC-ANSIX923 (key = 16 bytes, iv = 16 bytes)
148 * AES-256-CBC-ISO7816 (key = 32 bytes, iv = 16 bytes)
149 * AES-192-CBC-ISO7816 (key = 24 bytes, iv = 16 bytes)
150 * AES-128-CBC-ISO7816 (key = 16 bytes, iv = 16 bytes)
151 * AES-256-CBC-ISO10126 (key = 32 bytes, iv = 16 bytes)
152 * AES-192-CBC-ISO10126 (key = 24 bytes, iv = 16 bytes)
153 * AES-128-CBC-ISO10126 (key = 16 bytes, iv = 16 bytes)
154 * CHACHA20-POLY1305 (key = 32 bytes, iv = 12 bytes)
155 * XCHACHA20-POLY1305 (key = 32 bytes, iv = 24 bytes)
156 * XSALSA20-POLY1305 (key = 32 bytes, iv = 24 bytes)
157 "}
158 }
159
160 fn category(&self) -> &'static str {
161 Category::Cryptography.as_ref()
162 }
163
164 fn internal_failure_reasons(&self) -> &'static [&'static str] {
165 &[
166 "`algorithm` is not a supported algorithm.",
167 "`key` length does not match the key size required for the algorithm specified.",
168 "`iv` length does not match the `iv` size required for the algorithm specified.",
169 ]
170 }
171
172 fn return_kind(&self) -> u16 {
173 kind::BYTES
174 }
175
176 fn parameters(&self) -> &'static [Parameter] {
177 const PARAMETERS: &[Parameter] = &[
178 Parameter::required("ciphertext", kind::BYTES, "The string in raw bytes (not encoded) to decrypt."),
179 Parameter::required("algorithm", kind::BYTES, "The algorithm to use."),
180 Parameter::required("key", kind::BYTES, "The key in raw bytes (not encoded) for decryption. The length must match the algorithm requested."),
181 Parameter::required("iv", kind::BYTES, "The IV in raw bytes (not encoded) for decryption. The length must match the algorithm requested.
182A new IV should be generated for every message. You can use `random_bytes` to generate a cryptographically secure random value.
183The value should match the one used during encryption."),
184 ];
185 PARAMETERS
186 }
187
188 fn examples(&self) -> &'static [Example] {
189 &[
190 example! {
191 title: "Decrypt value using AES-256-CFB",
192 source: indoc! {r#"
193 iv = "0123456789012345"
194 key = "01234567890123456789012345678912"
195 ciphertext = decode_base64!("c/dIOA==")
196 decrypt!(ciphertext, "AES-256-CFB", key: key, iv: iv)
197 "#},
198 result: Ok("data"),
199 },
200 example! {
201 title: "Decrypt value using AES-128-CBC-PKCS7",
202 source: indoc! {r#"
203 iv = decode_base64!("fVEIRkIiczCRWNxaarsyxA==")
204 key = "16_byte_keyxxxxx"
205 ciphertext = decode_base64!("5fLGcu1VHdzsPcGNDio7asLqE1P43QrVfPfmP4i4zOU=")
206 decrypt!(ciphertext, "AES-128-CBC-PKCS7", key: key, iv: iv)
207 "#},
208 result: Ok("super_secret_message"),
209 },
210 ]
211 }
212
213 fn compile(
214 &self,
215 state: &state::TypeState,
216 _ctx: &mut FunctionCompileContext,
217 arguments: ArgumentList,
218 ) -> Compiled {
219 let ciphertext = arguments.required("ciphertext");
220 let algorithm = arguments.required("algorithm");
221 let key = arguments.required("key");
222 let iv = arguments.required("iv");
223
224 if let Some(algorithm) = algorithm.resolve_constant(state) {
225 let algorithm_str = algorithm
226 .try_bytes_utf8_lossy()
227 .expect("already checked type")
228 .as_ref()
229 .to_uppercase();
230 if !is_valid_algorithm(&algorithm_str) {
231 return Err(function::Error::InvalidArgument {
232 keyword: "algorithm",
233 value: algorithm,
234 error: "Invalid algorithm",
235 }
236 .into());
237 }
238 }
239
240 Ok(DecryptFn {
241 ciphertext,
242 algorithm,
243 key,
244 iv,
245 }
246 .as_expr())
247 }
248}
249
250#[derive(Debug, Clone)]
251struct DecryptFn {
252 ciphertext: Box<dyn Expression>,
253 algorithm: Box<dyn Expression>,
254 key: Box<dyn Expression>,
255 iv: Box<dyn Expression>,
256}
257
258impl FunctionExpression for DecryptFn {
259 fn resolve(&self, ctx: &mut Context) -> Resolved {
260 let ciphertext = self.ciphertext.resolve(ctx)?;
261 let algorithm = self.algorithm.resolve(ctx)?;
262 let key = self.key.resolve(ctx)?;
263 let iv = self.iv.resolve(ctx)?;
264
265 let algorithm = algorithm.try_bytes_utf8_lossy()?.as_ref().to_uppercase();
266 decrypt(ciphertext, algorithm.as_str(), key, iv)
267 }
268
269 fn type_def(&self, _state: &state::TypeState) -> TypeDef {
270 TypeDef::bytes().fallible()
271 }
272}
273
274#[cfg(test)]
275mod tests {
276 use super::*;
277 use crate::value;
278
279 test_function![
280 decrypt => Decrypt;
281
282 aes_256_cfb {
283 args: func_args![ciphertext: value!(b"\xd13\x92\x81\x9a^\x0e=<\x88\xdc\xe7/:]\x90\x08S\x84q"), algorithm: "AES-256-CFB", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
284 want: Ok(value!("morethan1blockofdata")),
285 tdef: TypeDef::bytes().fallible(),
286 }
287
288 aes_192_cfb {
289 args: func_args![ciphertext: value!(b"U\xbd6\xdbZ\xbfa}&8\xebog\x19\x99xE\xffL\xf1"), algorithm: "AES-192-CFB", key: "24_bytes_xxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
290 want: Ok(value!("morethan1blockofdata")),
291 tdef: TypeDef::bytes().fallible(),
292 }
293
294 aes_128_cfb {
295 args: func_args![ciphertext: value!(b"\xfd\xf9\xef\x1f@e\xef\xd0Z\xc3\x0c'\xad]\x0e\xd2\x0bZK4"), algorithm: "AES-128-CFB", key: "16_bytes_xxxxxxx", iv: "16_bytes_xxxxxxx"],
296 want: Ok(value!("morethan1blockofdata")),
297 tdef: TypeDef::bytes().fallible(),
298 }
299 aes_256_ofb {
300 args: func_args![ciphertext: value!(b"\xd13\x92\x81\x9a^\x0e=<\x88\xdc\xe7/:]\x90\xfe(\x89k"), algorithm: "AES-256-OFB", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
301 want: Ok(value!("morethan1blockofdata")),
302 tdef: TypeDef::bytes().fallible(),
303 }
304
305 aes_192_ofb {
306 args: func_args![ciphertext: value!(b"U\xbd6\xdbZ\xbfa}&8\xebog\x19\x99x\xe4\xf4J\x1f"), algorithm: "AES-192-OFB", key: "24_bytes_xxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
307 want: Ok(value!("morethan1blockofdata")),
308 tdef: TypeDef::bytes().fallible(),
309 }
310
311 aes_128_ofb {
312 args: func_args![ciphertext: value!(b"\xfd\xf9\xef\x1f@e\xef\xd0Z\xc3\x0c'\xad]\x0e\xd2Qi\xe9\xf4"), algorithm: "AES-128-OFB", key: "16_bytes_xxxxxxx", iv: "16_bytes_xxxxxxx"],
313 want: Ok(value!("morethan1blockofdata")),
314 tdef: TypeDef::bytes().fallible(),
315 }
316
317 aes_256_ctr_le {
318 args: func_args![ciphertext: value!(b"\xd13\x92\x81\x9a^\x0e=<\x88\xdc\xe7/:]\x90\x9a\x99\xa7\xb6"), algorithm: "AES-256-CTR-LE", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
319 want: Ok(value!("morethan1blockofdata")),
320 tdef: TypeDef::bytes().fallible(),
321 }
322
323 aes_192_ctr_le {
324 args: func_args![ciphertext: value!(b"U\xbd6\xdbZ\xbfa}&8\xebog\x19\x99x\x88\xb69n"), algorithm: "AES-192-CTR-LE", key: "24_bytes_xxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
325 want: Ok(value!("morethan1blockofdata")),
326 tdef: TypeDef::bytes().fallible(),
327 }
328
329 aes_128_ctr_le {
330 args: func_args![ciphertext: value!(b"\xfd\xf9\xef\x1f@e\xef\xd0Z\xc3\x0c'\xad]\x0e\xd2v\x04\x05\xee"), algorithm: "AES-128-CTR-LE", key: "16_bytes_xxxxxxx", iv: "16_bytes_xxxxxxx"],
331 want: Ok(value!("morethan1blockofdata")),
332 tdef: TypeDef::bytes().fallible(),
333 }
334
335 aes_256_ctr_be {
336 args: func_args![ciphertext: value!(b"\xd13\x92\x81\x9a^\x0e=<\x88\xdc\xe7/:]\x90k\xea\x1c\t"), algorithm: "AES-256-CTR-BE", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
337 want: Ok(value!("morethan1blockofdata")),
338 tdef: TypeDef::bytes().fallible(),
339 }
340
341 aes_192_ctr_be {
342 args: func_args![ciphertext: value!(b"U\xbd6\xdbZ\xbfa}&8\xebog\x19\x99x\x8a\xb3C\xfd"), algorithm: "AES-192-CTR-BE", key: "24_bytes_xxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
343 want: Ok(value!("morethan1blockofdata")),
344 tdef: TypeDef::bytes().fallible(),
345 }
346
347 aes_128_ctr_be {
348 args: func_args![ciphertext: value!(b"\xfd\xf9\xef\x1f@e\xef\xd0Z\xc3\x0c'\xad]\x0e\xd2\xae\x15v\xab"), algorithm: "AES-128-CTR-BE", key: "16_bytes_xxxxxxx", iv: "16_bytes_xxxxxxx"],
349 want: Ok(value!("morethan1blockofdata")),
350 tdef: TypeDef::bytes().fallible(),
351 }
352
353 aes_256_cbc_pkcs7 {
354 args: func_args![ciphertext: value!(b"\x80-9O\x1c\xf1,R\x02\xa0\x0e\x17G\xd8B\xf4\xf9q\xf3\x0c\xcaK\x03h\xbc\xb2\xe8vU\x12\x10\xb3"), algorithm: "AES-256-CBC-PKCS7", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
355 want: Ok(value!("morethan1blockofdata")),
356 tdef: TypeDef::bytes().fallible(),
357 }
358
359 aes_192_cbc_pkcs7 {
360 args: func_args![ciphertext: value!(b"\xfaG\x97OVj\xd4\xf5\x80\x1c\x9f}\xac,:t\xfb\xca\xe5\xf1\x8c\x08\xed\\\xf5\xff\xef\xf8\xe9\n\x9c*"), algorithm: "AES-192-CBC-PKCS7", key: "24_bytes_xxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
361 want: Ok(value!("morethan1blockofdata")),
362 tdef: TypeDef::bytes().fallible(),
363 }
364
365 aes_128_cbc_pkcs7 {
366 args: func_args![ciphertext: value!(b"\x94R\xb5\xfeE\xd9)N1\xd3\xfe\xe66E\x05\x9ch\xae\xf6\x82\rD\xfdH\xd3T8n\xa7\xec\x98W"), algorithm: "AES-128-CBC-PKCS7", key: "16_bytes_xxxxxxx", iv: "16_bytes_xxxxxxx"],
367 want: Ok(value!("morethan1blockofdata")),
368 tdef: TypeDef::bytes().fallible(),
369 }
370
371 aes_256_cbc_ansix923 {
372 args: func_args![ciphertext: value!(b"\x80-9O\x1c\xf1,R\x02\xa0\x0e\x17G\xd8B\xf4\xd9vj\x15\n&\x92\xea\xee\x03 \xeb\x9e\x8f\x97\x90"), algorithm: "AES-256-CBC-ANSIX923", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
373 want: Ok(value!("morethan1blockofdata")),
374 tdef: TypeDef::bytes().fallible(),
375 }
376
377 aes_192_cbc_ansix923 {
378 args: func_args![ciphertext: value!(b"\xfaG\x97OVj\xd4\xf5\x80\x1c\x9f}\xac,:t\xbc\xaf\xbd\xdf0\x10\xdc\xe7\x10Lk\xe4\x03;\xa2\xf5"), algorithm: "AES-192-CBC-ANSIX923", key: "24_bytes_xxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
379 want: Ok(value!("morethan1blockofdata")),
380 tdef: TypeDef::bytes().fallible(),
381 }
382
383 aes_128_cbc_ansix923 {
384 args: func_args![ciphertext: value!(b"\x94R\xb5\xfeE\xd9)N1\xd3\xfe\xe66E\x05\x9cEnq\x0f9\x02\xfe/T\x0f\xc5\x18r\x95\"\xe3"), algorithm: "AES-128-CBC-ANSIX923", key: "16_bytes_xxxxxxx", iv: "16_bytes_xxxxxxx"],
385 want: Ok(value!("morethan1blockofdata")),
386 tdef: TypeDef::bytes().fallible(),
387 }
388
389 aes_256_cbc_iso7816 {
390 args: func_args![ciphertext: value!(b"\x80-9O\x1c\xf1,R\x02\xa0\x0e\x17G\xd8B\xf4\x84\x12\xeb\xe6i\xef\xbcN\xe85\\HnV\xb2\x92"), algorithm: "AES-256-CBC-ISO7816", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
391 want: Ok(value!("morethan1blockofdata")),
392 tdef: TypeDef::bytes().fallible(),
393 }
394
395 aes_192_cbc_iso7816 {
396 args: func_args![ciphertext: value!(b"\xfaG\x97OVj\xd4\xf5\x80\x1c\x9f}\xac,:t%lnCr;N\xbcq\xfeE\xb4\x83a \x9b"), algorithm: "AES-192-CBC-ISO7816", key: "24_bytes_xxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
397 want: Ok(value!("morethan1blockofdata")),
398 tdef: TypeDef::bytes().fallible(),
399 }
400
401 aes_128_cbc_iso7816 {
402 args: func_args![ciphertext: value!(b"\x94R\xb5\xfeE\xd9)N1\xd3\xfe\xe66E\x05\x9cWp\xcfu\xba\x86\x01Q\x9fw\x8f\xf2\x12\xba\x9b0"), algorithm: "AES-128-CBC-ISO7816", key: "16_bytes_xxxxxxx", iv: "16_bytes_xxxxxxx"],
403 want: Ok(value!("morethan1blockofdata")),
404 tdef: TypeDef::bytes().fallible(),
405 }
406
407 aes_256_cbc_iso10126 {
408 args: func_args![ciphertext: value!(b"\x80-9O\x1c\xf1,R\x02\xa0\x0e\x17G\xd8B\xf4\xf9q\xf3\x0c\xcaK\x03h\xbc\xb2\xe8vU\x12\x10\xb3"), algorithm: "AES-256-CBC-ISO10126", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
409 want: Ok(value!("morethan1blockofdata")),
410 tdef: TypeDef::bytes().fallible(),
411 }
412
413 aes_192_cbc_iso10126 {
414 args: func_args![ciphertext: value!(b"\xfaG\x97OVj\xd4\xf5\x80\x1c\x9f}\xac,:t\xfb\xca\xe5\xf1\x8c\x08\xed\\\xf5\xff\xef\xf8\xe9\n\x9c*"), algorithm: "AES-192-CBC-ISO10126", key: "24_bytes_xxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
415 want: Ok(value!("morethan1blockofdata")),
416 tdef: TypeDef::bytes().fallible(),
417 }
418
419 aes_128_cbc_iso10126 {
420 args: func_args![ciphertext: value!(b"\x94R\xb5\xfeE\xd9)N1\xd3\xfe\xe66E\x05\x9ch\xae\xf6\x82\rD\xfdH\xd3T8n\xa7\xec\x98W"), algorithm: "AES-128-CBC-ISO10126", key: "16_bytes_xxxxxxx", iv: "16_bytes_xxxxxxx"],
421 want: Ok(value!("morethan1blockofdata")),
422 tdef: TypeDef::bytes().fallible(),
423 }
424
425 aes_128_siv {
426 args: func_args![ciphertext: value!(b"iMy\xb15\x16\x9dK\x97!\x9d1\x0fq\xe2\x9a\xb2\x15\xb2\xd2\xd0@\x19\xfa(\xffoZ\x17\xac\xe5U\xce\xd4\x81t"), algorithm: "AES-128-SIV", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
427 want: Ok(value!("morethan1blockofdata")),
428 tdef: TypeDef::bytes().fallible(),
429 }
430
431 aes_256_siv {
432 args: func_args![ciphertext: value!(b"[\x9b>c\x8c\xb9\xf8\xa4\xb9\xf8\x15\xb0\xf9g \xbf\x84{\x16\xfa\xef\xcd4',O/0\xf6\xcdx\x0b\"A\xb95"), algorithm: "AES-256-SIV", key: "64_bytes_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", iv: "16_bytes_xxxxxxx"],
433 want: Ok(value!("morethan1blockofdata")),
434 tdef: TypeDef::bytes().fallible(),
435 }
436
437 chacha20_poly1305 {
438 args: func_args![ciphertext: value!(b"\x14m\xe3\xc9\xbc!\xafu\xe31\xb9\x17\x8f\x9bOo0}n\xf4{$\x95\x0f\xa0\x820\xb7R\xe3.{\xd7?\x96\x10"), algorithm: "CHACHA20-POLY1305", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "12_bytes_xxx"],
439 want: Ok(value!("morethan1blockofdata")),
440 tdef: TypeDef::bytes().fallible(),
441 }
442
443 xchacha20_poly1305 {
444 args: func_args![ciphertext: value!(b"\x84\xd0S<\\\x88\x019a\xd3\xa17\xdf\xc0\xe0\xd3h\xbcn-\x98\x85@\x19\x08\xc5ki\x18\x10\xdd!T#\x91\xcf"), algorithm: "XCHACHA20-POLY1305", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "24_bytes_xxxxxxxxxxxxxxx"],
445 want: Ok(value!("morethan1blockofdata")),
446 tdef: TypeDef::bytes().fallible(),
447 }
448
449 xsalsa20_poly1305 {
450 args: func_args![ciphertext: value!(b"(\xc8\xb8\x88\x1d\xc0\xc0F\xa5\xc7n\xc8\x05B\t\xceiR\x8f\xaf\xc7\xa8\xeb.\x95(\x14\xe8C\x80[w\x85\xf3\x8dn"), algorithm: "XSALSA20-POLY1305", key: "32_bytes_xxxxxxxxxxxxxxxxxxxxxxx", iv: "24_bytes_xxxxxxxxxxxxxxx"],
451 want: Ok(value!("morethan1blockofdata")),
452 tdef: TypeDef::bytes().fallible(),
453 }
454 ];
455}