1 /*===========================================================================
2 *
3 * PUBLIC DOMAIN NOTICE
4 * National Center for Biotechnology Information
5 *
6 * This software/database is a "United States Government Work" under the
7 * terms of the United States Copyright Act. It was written as part of
8 * the author's official duties as a United States Government employee and
9 * thus cannot be copyrighted. This software/database is freely available
10 * to the public for use. The National Library of Medicine and the U.S.
11 * Government have not placed any restriction on its use or reproduction.
12 *
13 * Although all reasonable efforts have been taken to ensure the accuracy
14 * and reliability of the software and data, the NLM and the U.S.
15 * Government do not and cannot warrant the performance or results that
16 * may be obtained by using this software or data. The NLM and the U.S.
17 * Government disclaim all warranties, express or implied, including
18 * warranties of performance, merchantability or fitness for any particular
19 * purpose.
20 *
21 * Please cite the author in any work or product based on this material.
22 *
23 * ===========================================================================
24 *
25 */
26 /*
27 * don't compare inverse cipher when we know we are using
28 * equivalent inverse cipher
29 */
30 #define COMPARE_INV_CIPHER 0
31
32 /*
33 * do compare equivalent inverse cipher when we know we are using
34 * equivalent inverse cipher
35 */
36 #define COMPARE_EQ_INV_CIPHER 1
37
38 #include <kapp/main.h>
39 #include <kapp/args.h>
40
41 #include <krypto/ciphermgr.h>
42 #include <krypto/cipher.h>
43 #include <krypto/cipher-test.h>
44 #include "../../libs/krypto/blockcipher-priv.h"
45 #include "../../libs/krypto/cipher-priv.h"
46 #include "../../libs/krypto/cipher-impl.h"
47 #include "../../libs/krypto/aes-priv.h"
48
49 #include <klib/status.h>
50 #include <klib/log.h>
51 #include <klib/out.h>
52 #include <klib/status.h>
53 #include <klib/rc.h>
54 #include <klib/defs.h>
55
56 #include <byteswap.h>
57
58 #include <string.h>
59 #include <stdlib.h>
60
61 /*
62 https://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
63
64 http://www.inconteam.com/software-development/41-encryption/55-aes-test-vectors
65 */
66
67 const char * types[]
68 =
69 {
70 "AES byte",
71 "AES vector",
72 "AES vector register",
73 "AES accelerated(AES-NI)"
74 };
75
76 static const char * passed_string[] = {"DID NOT MATCH ++++++++++","matched"};
77
78 int error_count;
79 int test_count;
80 int subtype_iterator;
81
82
key_compare(const AES_KEY * control,const AES_KEY * test)83 bool key_compare (const AES_KEY * control, const AES_KEY * test)
84 {
85 uint32_t ix;
86 uint32_t limit;
87 bool passed_rounds = true;
88 bool passed_keys = true;
89
90 passed_rounds = (control->rounds == test->rounds);
91
92 STSMSG (4,("rounds:\t%d : %d\t%s\n", control->rounds, test->rounds,
93 passed_string[passed_rounds]));
94
95 limit = (control->rounds + 1) * 4;
96 for (ix = 0; ix < limit; ++ix)
97 {
98 bool this_key;
99
100 this_key = ((control->rd_key[ix] == bswap_32(test->rd_key[ix])) ||
101 (control->rd_key[ix] == test->rd_key[ix]));
102
103 passed_keys = passed_keys && this_key;
104
105 STSMSG (4,("rd_key[%d]\t%0.8x : %0.8x\t%s\n",
106 ix, control->rd_key[ix], test->rd_key[ix],
107 passed_string[this_key]));
108 }
109
110 return passed_rounds && passed_keys;
111 }
112
113
block_compare(const uint8_t control[16],const uint8_t test[16])114 bool block_compare (const uint8_t control [16], const uint8_t test [16])
115 {
116 uint32_t ix;
117 bool passed = true;
118
119 for (ix = 0; ix < 16; ++ix)
120 {
121 bool passed_this;
122
123 passed_this = (control[ix] == test[ix]);
124
125 passed = passed && passed_this;
126
127 STSMSG (4,("byte %u: control %0.2x test %0.2x %s\n",
128 ix,
129 control[ix], test[ix],
130 passed_string[passed_this]));
131 }
132 return passed;
133 }
134
135
136 typedef struct key_expansion
137 {
138 uint8_t key [32];
139 AES_KEY key_schedule;
140 unsigned Nk;
141 } key_expansion;
142
143
144 const key_expansion a_1 =
145 {
146 {
147 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
148 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
149 },
150 {
151 {
152 0x16157e2b, 0xa6d2ae28, 0x8815f7ab, 0x3c4fcf09,
153 0x17fefaa0, 0xb12c5488, 0x3939a323, 0x05766c2a,
154 0xf295c2f2, 0x43b9967a, 0x7a803559, 0x7ff65973,
155 0x7d47803d, 0x3efe1647, 0x447e231e, 0x3b887a6d,
156 0x41a544ef, 0x7f5b52a8, 0x3b2571b6, 0x00ad0bdb,
157 0xf8c6d1d4, 0x879d837c, 0xbcb8f2ca, 0xbc15f911,
158 0x7aa3886d, 0xfd3e0b11, 0x4186f9db, 0xfd9300ca,
159 0x0ef7544e, 0xf3c95f5f, 0xb24fa684, 0x4fdca64e,
160 0x2173d2ea, 0xd2ba8db5, 0x60f52b31, 0x2f298d7f,
161 0xf36677ac, 0x21dcfa19, 0x4129d128, 0x6e005c57,
162 0xa8f914d0, 0x8925eec9, 0xc80c3fe1, 0xa60c63b6
163 },
164 10
165 },
166 16
167 };
168
169
170 const key_expansion a_2 = {
171 { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
172 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
173 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b },
174 {
175 { 0xf7b0738e, 0x52640eda, 0x2bf310c8, 0xe5799080, /* 0-3 */
176 0xd2eaf862, 0x7b6b2c52, 0xf7910cfe, 0xa5f50224, /* 4-7 */
177 0x8e0612ec, 0x6b7f826c, 0xb9957a0e, 0xc2fe565c, /* 8-11 */
178 0xbdb4b74d, 0x1841b569, 0x9647a785, 0xfd3825e9, /* 12-15 */
179 0x44ad5fe7, 0x865309bb, 0x57f05a48, 0x4fb1ef21, /* 16-19 */
180 0xd9f648a4, 0x24ce6d4d, 0x606332aa, 0xe6303b11, /* 20-23 */
181 0xd57e5ea2, 0x9acfb183, 0x4339f927, 0x67f7946a, /* 24-27 */
182 0x0794a6c0, 0xe1a49dd1, 0xeb8617ec, 0x7149a66f, /* 28-31 */
183 0x32705f48, 0x5587cb22, 0x52136de2, 0xb3b7f033, /* 32-35 */
184 0x28ebbe40, 0x59a2182f, 0x6bd24767, 0x3e558c45, /* 36-39 */
185 0x6c46e1a7, 0xdff11194, 0x0a751f82, 0x53d707ad, /* 40-43 */
186 0x380540ca, 0x0650cc8f, 0x6a162d28, 0xb5e73cbc, /* 44-47 */
187 0x6fa08be9, 0x3c778c44, 0x0472cc8e, 0x02220001 /* 48-51 */
188 },
189 12
190 },
191 24
192 };
193
194 const key_expansion a_3 = {
195 { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
196 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
197 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
198
199 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 },
200 { { 0x10eb3d60, 0xbe71ca15, 0xf0ae732b, 0x81777d85,
201 0x072c351f, 0xd708613b, 0xa310982d, 0xf4df1409,
202 0x1154a39b, 0xaf25698e, 0x5f8b1aa5, 0xdefc6720,
203 0x1a9cb0a8, 0xcd94d193, 0x6e8449be, 0x9a5b5db7,
204 0xb8ec9ad5, 0x17c9f35b, 0x4842e9fe, 0x96be8ede,
205 0x8a32a9b5, 0x47a67826, 0x29223198, 0xb3796c2f,
206 0xad812c81, 0xba48dfda, 0xf20a3624, 0x64b4b8fa,
207 0xc9bfc598, 0x8e19bdbe, 0xa73b8c26, 0x1442e009,
208 0xac7b0068, 0x1633dfb2, 0xe439e996, 0x808d516c,
209 0x04e214c8, 0x8afba976, 0x2dc02550, 0x3982c559,
210 0x676913de, 0x715acc6c, 0x956325fa, 0x15ee7496,
211 0x5dca8658, 0xd7312f2e, 0xfaf10a7e, 0xc373cf27,
212 0xab479c74, 0xda1d5018, 0x4f7e75e2, 0x5a900174,
213 0xe3aafaca, 0x349bd5e4, 0xce6adf9a, 0x0d1910bd,
214 0xd19048fe, 0x0b8d18e6, 0x44f36d04, 0x1e636c70, },
215 14
216 },
217 32
218 };
219
KeyExpansion(KCipher * cipher,const key_expansion * ke)220 bool KeyExpansion (KCipher * cipher, const key_expansion * ke)
221 {
222 rc_t rc;
223
224 rc = KCipherSetEncryptKey (cipher, ke->key, ke->Nk);
225 if (rc)
226 {
227 STSMSG (1,("Could not run test"));
228 return false;
229 }
230 else
231 {
232 return (key_compare (&ke->key_schedule, cipher->encrypt_key));
233 }
234 }
235
236
237 typedef struct cipher_example
238 {
239 uint8_t key [16];
240 AES_KEY key_schedule;
241 uint8_t plain [16];
242 uint8_t cipher [16];
243 } cipher_example;
244
245 const cipher_example b =
246 {
247 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
248 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
249 },
250 {
251 { 0x16157e2b, 0xa6d2ae28, 0x8815f7ab, 0x3c4fcf09,
252 0x17fefaa0, 0xb12c5488, 0x3939a323, 0x05766c2a,
253 0xf295c2f2, 0x43b9967a, 0x7a803559, 0x7ff65973,
254 0x7d47803d, 0x3efe1647, 0x447e231e, 0x3b887a6d,
255 0x41a544ef, 0x7f5b52a8, 0x3b2571b6, 0x00ad0bdb,
256 0xf8c6d1d4, 0x879d837c, 0xbcb8f2ca, 0xbc15f911,
257 0x7aa3886d, 0xfd3e0b11, 0x4186f9db, 0xfd9300ca,
258 0x0ef7544e, 0xf3c95f5f, 0xb24fa684, 0x4fdca64e,
259 0x2173d2ea, 0xd2ba8db5, 0x60f52b31, 0x2f298d7f,
260 0xf36677ac, 0x21dcfa19, 0x4129d128, 0x6e005c57,
261 0xa8f914d0, 0x8925eec9, 0xc80c3fe1, 0xa60c63b6 },
262 10
263 },
264 {
265
266 0x32, 0x43, 0xF6, 0xA8, 0x88, 0x5A, 0x30, 0x8D,
267 0x31, 0x31, 0x98, 0xA2, 0xE0, 0x37, 0x07, 0x34
268 },
269 {
270 0x39, 0x25, 0x84, 0x1D, 0x02, 0xDC, 0x09, 0xFB,
271 0xDC, 0x11, 0x85, 0x97, 0x19, 0x6A, 0x0B, 0x32
272 }
273 };
274
275
CipherExample(KCipher * cipher)276 bool CipherExample (KCipher * cipher)
277 {
278 uint8_t cipher_text [16];
279 rc_t rc;
280 bool passed_key;
281 bool passed_block;
282
283 memset (cipher_text, 0, sizeof cipher_text);
284
285 rc = KCipherSetEncryptKey (cipher, b.key, 128/8);
286 if (rc)
287 ;
288 else
289 {
290 passed_key = key_compare (&b.key_schedule, cipher->encrypt_key);
291 rc = KCipherEncrypt (cipher, b.plain, cipher_text);
292 if (rc)
293 ;
294 else
295 {
296 passed_block = block_compare (b.cipher, cipher_text);
297 }
298 }
299 if (rc)
300 {
301 STSMSG (1,("Could not run test"));
302 return false;
303 }
304 return passed_key && passed_block;
305 }
306
307 typedef struct example_vectors
308 {
309 uint8_t plain [16];
310 uint8_t key [32];
311 uint8_t cipher [16];
312 AES_KEY key_enc;
313 AES_KEY key_dec;
314 AES_KEY key_dec_alt;
315 } example_vectors;
316
317
318 example_vectors c_1 =
319 {
320 /* Plain text */
321 {
322 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
323 },
324 /* User Key */
325 {
326 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
327 },
328 /* Cipher Text */
329 {
330 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30, 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a
331 },
332 {
333 /* EncKey */
334 {
335
336
337 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c,
338 0xfd74aad6, 0xfa72afd2, 0xf178a6da, 0xfe76abd6,
339 0x0bcf92b6, 0xf1bd3d64, 0x00c59bbe, 0xfeb33068,
340 0x4e74ffb6, 0xbfc9c2d2, 0xbf0c596c, 0x41bf6904,
341 0xbcf7f747, 0x033e3595, 0xbc326cf9, 0xfd8d05fd,
342 0xe8a3aa3c, 0xeb9d9fa9, 0x57aff350, 0xaa22f6ad,
343 0x7d0f395e, 0x9692a6f7, 0xc13d55a7, 0x6b1fa30a,
344 0x1a70f914, 0x8ce25fe3, 0x4ddf0a44, 0x26c0a94e,
345 0x35874347, 0xb9651ca4, 0xf4ba16e0, 0xd27abfae,
346 0xd1329954, 0x685785f0, 0x9ced9310, 0x4e972cbe,
347 0x7f1d1113, 0x174a94e3, 0x8ba707f3, 0xc5302b4d
348 },
349 10
350 },
351 {
352 /* DecKey */
353 {
354 0x7f1d1113, 0x174a94e3, 0x8ba707f3, 0xc5302b4d,
355 0xd1329954, 0x685785f0, 0x9ced9310, 0x4e972cbe,
356 0x35874347, 0xb9651ca4, 0xf4ba16e0, 0xd27abfae,
357 0x1a70f914, 0x8ce25fe3, 0x4ddf0a44, 0x26c0a94e,
358 0x7d0f395e, 0x9692a6f7, 0xc13d55a7, 0x6b1fa30a,
359 0xe8a3aa3c, 0xeb9d9fa9, 0x57aff350, 0xaa22f6ad,
360 0xbcf7f747, 0x033e3595, 0xbc326cf9, 0xfd8d05fd,
361 0x4e74ffb6, 0xbfc9c2d2, 0xbf0c596c, 0x41bf6904,
362 0x0bcf92b6, 0xf1bd3d64, 0x00c59bbe, 0xfeb33068,
363 0xfd74aad6, 0xfa72afd2, 0xf178a6da, 0xfe76abd6,
364 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c
365 },
366 10
367 },
368 {
369 /* EquivDecKey */
370 {
371 0x7f1d1113, 0x174a94e3, 0x8ba707f3, 0xc5302b4d,
372 0xbe29aa13, 0xf6af8f9c, 0x80f570f7, 0x03bff700,
373 0x63a46213, 0x4886258f, 0x765aff6b, 0x834a87f7,
374 0x74fc828d, 0x2b22479c, 0x3edcdae4, 0xf510789c,
375 0x8d09e372, 0x5fdec511, 0x15fe9d78, 0xcbcca278,
376 0x2710c42e, 0xd2d72663, 0x4a205869, 0xde323f00,
377 0x04f5a2a8, 0xf5c7e24d, 0x98f77e0a, 0x94126769,
378 0x91e3c6c7, 0xf13240e5, 0x6d309c47, 0x0ce51963,
379 0x9902dba0, 0x60d18622, 0x9c02dca2, 0x61d58524,
380 0xf0df568c, 0xf9d35d82, 0xfcd35a80, 0xfdd75986,
381 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c,
382 },
383 10
384 }
385 };
386
387 example_vectors c_2 =
388 {
389 /* Plain text */
390 {
391 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
392 },
393 /* User Key */
394 {
395 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
396 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
397 },
398 /* Cipher Text */
399 {
400 0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0, 0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91
401 },
402 {
403 /* EncKey */
404 {
405 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c,
406 0x13121110, 0x17161514, 0xf9f24658, 0xfef4435c,
407 0xf5fe4a54, 0xfaf04758, 0xe9e25648, 0xfef4435c,
408 0xb349f940, 0x4dbdba1c, 0xb843f048, 0x42b3b710,
409 0xab51e158, 0x55a5a204, 0x41b5ff7e, 0x0c084562,
410 0xb44bb52a, 0xf6f8023a, 0x5da9e362, 0x080c4166,
411 0x728501f5, 0x7e8d4497, 0xcac6f1bd, 0x3c3ef387,
412 0x619710e5, 0x699b5183, 0x9e7c1534, 0xe0f151a3,
413 0x2a37a01e, 0x16095399, 0x779e437c, 0x1e0512ff,
414 0x880e7edd, 0x68ff2f7e, 0x42c88f60, 0x54c1dcf9,
415 0x235f9f85, 0x3d5a8d7a, 0x5229c0c0, 0x3ad6efbe,
416 0x781e60de, 0x2cdfbc27, 0x0f8023a2, 0x32daaed8,
417 0x330a97a4, 0x09dc781a, 0x71c218c4, 0x5d1da4e3
418 },
419 12
420 },
421 {
422 /* DecKey */
423 {
424 0x330a97a4, 0x09dc781a, 0x71c218c4, 0x5d1da4e3,
425 },
426 12
427 },
428 {
429 /* EquivDecKey */
430 {
431 0x330a97a4, 0x09dc781a, 0x71c218c4, 0x5d1da4e3,
432 0x0dbdbed6, 0x49ea09c2, 0x8073b04d, 0xb91b023e,
433 0xc999b98f, 0x3968b273, 0x9dd8f9c7, 0x728cc685,
434 0xc16e7df7, 0xef543f42, 0x7f317853, 0x4457b714,
435 0x90654711, 0x3b66cf47, 0x8dce0e9b, 0xf0f10bfc,
436 0xb6a8c1dc, 0x7d3f0567, 0x4a195ccc, 0x2e3a42b5,
437 0xabb0dec6, 0x64231e79, 0xbe5f05a4, 0xab038856,
438 0xda7c1bdd, 0x155c8df2, 0x1dab498a, 0xcb97c4bb,
439 0x08f7c478, 0xd63c8d31, 0x01b75596, 0xcf93c0bf,
440 0x10efdc60, 0xce249529, 0x15efdb62, 0xcf20962f,
441 0xdbcb4e4b, 0xdacf4d4d, 0xc7d75257, 0xdecb4949,
442 0x1d181f1a, 0x191c1b1e, 0xd7c74247, 0xdecb4949,
443 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c
444 },
445 12
446 }
447 };
448
449 example_vectors c_3 =
450 {
451 /* Plain text */
452 {
453 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
454 },
455 /* User Key */
456 {
457 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
458 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
459 },
460 /* Cipher Text */
461 {
462 0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf, 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89
463 },
464 {
465 /* EncKey */
466 {
467 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c,
468 0x13121110, 0x17161514, 0x1b1a1918, 0x1f1e1d1c,
469 0x9fc273a5, 0x98c476a1, 0x93ce7fa9, 0x9cc072a5,
470 0xcda85116, 0xdabe4402, 0xc1a45d1a, 0xdeba4006,
471 0xf0df87ae, 0x681bf10f, 0xfbd58ea6, 0x6715fc03,
472 0x48f1e16d, 0x924fa56f, 0x53ebf875, 0x8d51b873,
473 0x7f8256c6, 0x1799a7c9, 0xec4c296f, 0x8b59d56c,
474 0x753ae23d, 0xe7754752, 0xb49ebf27, 0x39cf0754,
475 0x5f90dc0b, 0x48097bc2, 0xa44552ad, 0x2f1c87c1,
476 0x60a6f545, 0x87d3b217, 0x334d0d30, 0x0a820a64,
477 0x1cf7cf7c, 0x54feb4be, 0xf0bbe613, 0xdfa761d2,
478 0xfefa1af0, 0x7929a8e7, 0x4a64a5d7, 0x40e6afb3,
479 0x71fe4125, 0x2500f59b, 0xd5bb1388, 0x0a1c725a,
480 0x99665a4e, 0xe04ff2a9, 0xaa2b577e, 0xeacdf8cd,
481 0xcc79fc24, 0xe97909bf, 0x3cc21a37, 0x36de686d
482 },
483 14
484 },
485 {
486 /* DecKey */
487 {
488
489
490 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c
491 },
492 14
493 },
494 {
495 /* EquivDecKey */
496 {
497 0xcc79fc24, 0xe97909bf, 0x3cc21a37, 0x36de686d,
498 0xffd1f134, 0x2faacebf, 0x5fe2e9fc, 0x6e015825,
499 0xeb48165e, 0x0a354c38, 0x46b77175, 0x84e680dc,
500 0x8005a3c8, 0xd07b3f8b, 0x70482743, 0x31e3b1d9,
501 0x138e70b5, 0xe17d5a66, 0x4c823d4d, 0xc251f1a9,
502 0xa37bda74, 0x507e9c43, 0xa03318c8, 0x41ab969a,
503 0x1597a63c, 0xf2f32ad3, 0xadff672b, 0x8ed3cce4,
504 0xf3c45ff8, 0xf3054637, 0xf04d848b, 0xe1988e52,
505 0x9a4069de, 0xe7648cef, 0x5f0c4df8, 0x232cabcf,
506 0x1658d5ae, 0x00c119cf, 0x0348c2bc, 0x11d50ad9,
507 0xbd68c615, 0x7d24e531, 0xb868c117, 0x7c20e637,
508 0x0f85d77f, 0x1699cc61, 0x0389db73, 0x129dc865,
509 0xc940282a, 0xc04c2324, 0xc54c2426, 0xc4482720,
510 0x1d181f1a, 0x191c1b1e, 0x15101712, 0x11141316,
511 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c
512 },
513 14
514 }
515 };
516
ExampleVector(KCipher * cipher,const example_vectors * ev)517 bool ExampleVector (KCipher * cipher, const example_vectors * ev)
518 {
519 uint8_t cipher_text [16];
520 uint8_t plain_text [16];
521 uint32_t Nk;
522 rc_t rc;
523 bool passed_enckey;
524 bool passed_deckey;
525 bool passed_enc;
526 bool passed_dec;
527
528 switch (ev->key_enc.rounds)
529 {
530 default:
531 STSMSG (1,("Bad test vector"));
532 return false;
533 case 10:
534 Nk = 16;
535 break;
536 case 12:
537 Nk = 24;
538 break;
539 case 14:
540 Nk = 32;
541 break;
542 }
543
544 memset (cipher_text, 0, sizeof cipher_text);
545 memset (plain_text, 0, sizeof plain_text);
546
547 rc = KCipherSetEncryptKey (cipher, ev->key, Nk);
548 if (rc)
549 ;
550 else
551 {
552 passed_enckey = key_compare (&ev->key_enc, cipher->encrypt_key);
553
554 rc = KCipherSetDecryptKey (cipher, ev->key, Nk);
555 if (rc)
556 ;
557 else
558 {
559 #if COMPARE_INV_CIPHER
560 passed_deckey = key_compare (&ev->key_dec, cipher->decrypt_key);
561 #endif
562 #if COMPARE_EQ_INV_CIPHER
563 passed_deckey = key_compare (&ev->key_dec_alt, cipher->decrypt_key);
564 #endif
565
566 rc = KCipherEncrypt (cipher, ev->plain, cipher_text);
567 if (rc)
568 ;
569 else
570 {
571 passed_enc = block_compare (ev->cipher, cipher_text);
572
573 rc = KCipherDecrypt (cipher, ev->cipher, plain_text);
574 if (rc)
575 ;
576 else
577 {
578 passed_dec = block_compare (ev->plain, plain_text);
579 }
580 }
581 }
582 }
583 if (rc)
584 {
585 STSMSG (1,("Could not run test"));
586 return false;
587 }
588 return passed_enckey && passed_deckey && passed_enc && passed_dec;
589 }
590
591
592 /* ==================================================== */
593
594 /* typedef uint8_t VVV __attribute__ ((vector_size (16))); unused and non-portable */
595
run_one(KCipher * cipher)596 bool run_one (KCipher * cipher)
597 {
598 bool p_a_1 = true;
599 bool p_a_2 = true;
600 bool p_a_3 = true;
601 bool p_b = true;
602 bool p_c_1 = true;
603 bool p_c_2 = true;
604 bool p_c_3 = true;
605
606 STSMSG (2,("Appendix A - Key Expansion Examples"));
607 STSMSG (3,("A.1 Expansion of a 128-bit Cipher Key"));
608 p_a_1 = KeyExpansion (cipher, &a_1);
609 ++test_count;
610 if (p_a_1 == false)
611 {
612 STSMSG (1,("TEST FAILED"));
613 ++error_count;
614 }
615
616 STSMSG (3,("A.2 Expansion of a 192-bit Cipher Key"));
617 p_a_2 = KeyExpansion (cipher, &a_2);
618 ++test_count;
619 if (p_a_2 == false)
620 {
621 STSMSG (1,("TEST FAILED"));
622 ++error_count;
623 }
624
625 STSMSG (3,("A.3 Expansion of a 256-bit Cipher Key"));
626 p_a_3 = KeyExpansion (cipher, &a_3);
627 ++test_count;
628 if (p_a_3 == false)
629 {
630 STSMSG (1,("TEST FAILED"));
631 ++error_count;
632 }
633
634 STSMSG (2,("Appendix B - Cipher Example"));
635 p_b = CipherExample (cipher);
636 ++test_count;
637 if (p_b == false)
638 {
639 STSMSG (1,("TEST FAILED"));
640 ++error_count;
641 }
642
643 STSMSG (2,("Appendix C - Example Vectors"));
644 STSMSG (3,("C.1 AES-128 (Nk=4, Nr=10)"));
645 p_c_1 = ExampleVector (cipher, &c_1);
646 ++test_count;
647 if (p_c_1 == false)
648 {
649 STSMSG (1,("TEST FAILED"));
650 ++error_count;
651 }
652
653 STSMSG (3,("C.2 AES-192 (Nk=6, Nr=12)"));
654 p_c_2 = ExampleVector (cipher, &c_2);
655 ++test_count;
656 if (p_c_2 == false)
657 {
658 STSMSG (1,("TEST FAILED"));
659 ++error_count;
660 }
661
662 STSMSG (3,("C.3 AES-256 (Nk=8, Nr=14)"));
663 p_c_3= ExampleVector (cipher, &c_3);
664 ++test_count;
665 if (p_c_3 == false)
666 {
667 STSMSG (1,("TEST FAILED"));
668 ++error_count;
669 }
670
671 return p_a_1 && p_a_2 && p_a_3 && p_b && p_c_1 && p_c_2 && p_c_3;
672 }
673
674
run()675 rc_t run ()
676 {
677 KCipher * cipher;
678 rc_t rc = 0, orc = 0;
679
680 #if 1
681 subtype_iterator = 0;
682
683 STSMSG (1, ("======================================================================"));
684 STSMSG (1, ("%d: %s\n", subtype_iterator, types[subtype_iterator]));
685 rc = KCipherTestByteMake (&cipher, kcipher_AES);
686 if (rc == 0)
687 {
688 run_one (cipher);
689 KCipherRelease (cipher);
690 }
691 else if (GetRCState(rc) == rcUnsupported)
692 STSMSG (1, ("Not supported on this machine"));
693 else
694 orc = rc;
695 #endif
696 #if 1
697 subtype_iterator = 1;
698 STSMSG (1, ("======================================================================"));
699 STSMSG (1, ("%d: %s\n", subtype_iterator, types[subtype_iterator]));
700 rc = KCipherTestVecMake (&cipher, kcipher_AES);
701 if (rc == 0)
702 {
703 run_one (cipher);
704 KCipherRelease (cipher);
705 }
706 else if (GetRCState(rc) == rcUnsupported)
707 STSMSG (1, ("Not supported on this machine"));
708 else
709 orc = rc;
710 #endif
711 #if 1
712 subtype_iterator = 2;
713 STSMSG (1, ("======================================================================"));
714 STSMSG (1, ("%d: %s\n", subtype_iterator, types[subtype_iterator]));
715 rc = KCipherTestVecRegMake (&cipher, kcipher_AES);
716 if (rc == 0)
717 {
718 run_one (cipher);
719 KCipherRelease (cipher);
720 }
721 else if (GetRCState(rc) == rcUnsupported)
722 STSMSG (1, ("Not supported on this machine"));
723 else
724 orc = rc;
725 #endif
726 #if 1
727 subtype_iterator = 3;
728 STSMSG (1, ("======================================================================"));
729 STSMSG (1, ("%d: %s\n", subtype_iterator, types[subtype_iterator]));
730 rc = KCipherTestVecAesNiMake (&cipher, kcipher_AES);
731 if (rc == 0)
732 {
733 run_one (cipher);
734 KCipherRelease (cipher);
735 }
736 else if (GetRCState(rc) == rcUnsupported)
737 STSMSG (1, ("Not supported on this machine"));
738 else
739 orc = rc;
740 #endif
741 return orc;
742 }
743
744
UsageSummary(const char * progname)745 rc_t CC UsageSummary (const char * progname)
746 {
747 return 0;
748 }
749
750
751 const char UsageDefaultName[] = "test-aes_ciphers";
Usage(const Args * args)752 rc_t CC Usage (const Args * args)
753 {
754 return KOutMsg ("\n"
755 "Usage:\n"
756 " %s [OPTIONS]\n"
757 "\n"
758 "Summary:\n"
759 " Test all of the AES Ciphers we support.\n"
760 " use -v one or more times for more details.\n"
761 " Exit is the number of attempted tests that failed\n",
762 UsageDefaultName);
763 }
764
765
KAppVersion(void)766 ver_t CC KAppVersion (void)
767 {
768 return 0;
769 }
KMain(int argc,char * argv[])770 rc_t CC KMain ( int argc, char *argv [] )
771 {
772 Args * args;
773 rc_t rc;
774
775
776 rc = ArgsMakeAndHandle (&args, argc, argv, 0);
777 if (rc == 0)
778 {
779 STSMSG (3, ("Starting tests",__func__));
780
781 error_count = 0;
782 rc = run();
783 }
784
785 if (error_count)
786 STSMSG (0, ("Failed %d tests of %d run out of 28 possible",error_count, test_count));
787 else
788 STSMSG (0, ("Passed %d tests out of 28 possible\n", test_count));
789 if (rc)
790 LOGERR (klogErr, rc, "Exiting with a failure status");
791 exit (error_count);
792 }
793