1 //! Test vectors generated with OpenSSL
2
3 use aes::{Aes128, BlockCipher, NewBlockCipher};
4 use block_modes::block_padding::NoPadding;
5 use block_modes::{BlockMode, IvState};
6 use block_modes::{Cbc, Cfb, Ecb, Ige, Ofb};
7 use cipher::generic_array::{ArrayLength, GenericArray};
8
9 #[test]
ecb_aes128()10 fn ecb_aes128() {
11 let key = include_bytes!("data/aes128.key.bin");
12 let plaintext = include_bytes!("data/aes128.plaintext.bin");
13 let ciphertext = include_bytes!("data/ecb-aes128.ciphertext.bin");
14 // ECB mode ignores IV
15 let iv = Default::default();
16
17 let mode = Ecb::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
18 assert_eq!(mode.encrypt_vec(plaintext), &ciphertext[..]);
19
20 let mode = Ecb::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
21 assert_eq!(mode.decrypt_vec(ciphertext).unwrap(), &plaintext[..]);
22 }
23
24 #[test]
cbc_aes128()25 fn cbc_aes128() {
26 let key = include_bytes!("data/aes128.key.bin");
27 let iv = include_bytes!("data/aes128.iv.bin");
28 let plaintext = include_bytes!("data/aes128.plaintext.bin");
29 let ciphertext = include_bytes!("data/cbc-aes128.ciphertext.bin");
30
31 let mode = Cbc::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
32 assert_eq!(mode.encrypt_vec(plaintext), &ciphertext[..]);
33
34 let mode = Cbc::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
35 assert_eq!(mode.decrypt_vec(ciphertext).unwrap(), &plaintext[..]);
36 }
37
38 #[test]
cbc_aes128_continued()39 fn cbc_aes128_continued() {
40 type BlockSize = <Aes128 as BlockCipher>::BlockSize;
41
42 let key = GenericArray::from_slice(include_bytes!("data/aes128.key.bin"));
43 let iv = GenericArray::from_slice(include_bytes!("data/aes128.iv.bin"));
44 let mut ciphertext = *include_bytes!("data/cbc-aes128.ciphertext.bin");
45 let mut plaintext = *include_bytes!("data/aes128.plaintext.bin");
46 let plaintext_blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
47 let ciphertext_blocks = to_blocks::<BlockSize>(&mut ciphertext[..]);
48
49 for i in 0..ciphertext_blocks.len() {
50 let mut plaintext = *include_bytes!("data/aes128.plaintext.bin");
51 let blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
52
53 // Encrypt `i` blocks
54 let cipher = Aes128::new(key);
55 let mut mode = block_modes::Cbc::<Aes128, NoPadding>::new(cipher, iv);
56 mode.encrypt_blocks(&mut blocks[..i]);
57
58 // Interrupt, reinitialize mode, encrypt remaining blocks
59 let cipher = Aes128::new(key);
60 let mut mode = block_modes::Cbc::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
61 mode.encrypt_blocks(&mut blocks[i..]);
62
63 assert_eq!(blocks, ciphertext_blocks);
64
65 // Decrypt likewise
66 let cipher = Aes128::new(key);
67 let mut mode = block_modes::Cbc::<Aes128, NoPadding>::new(cipher, iv);
68 mode.decrypt_blocks(&mut blocks[..i]);
69 let cipher = Aes128::new(key);
70 let mut mode = block_modes::Cbc::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
71 mode.decrypt_blocks(&mut blocks[i..]);
72
73 assert_eq!(blocks, plaintext_blocks);
74 }
75 }
76
77 #[test]
cfb_aes128()78 fn cfb_aes128() {
79 let key = include_bytes!("data/aes128.key.bin");
80 let iv = include_bytes!("data/aes128.iv.bin");
81 let plaintext = include_bytes!("data/aes128.plaintext.bin");
82 let ciphertext = include_bytes!("data/cfb-aes128.ciphertext.bin");
83
84 let mode = Cfb::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
85 assert_eq!(mode.encrypt_vec(plaintext), &ciphertext[..]);
86
87 let mode = Cfb::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
88 assert_eq!(mode.decrypt_vec(ciphertext).unwrap(), &plaintext[..]);
89 }
90
91 #[test]
cfb_aes128_continued()92 fn cfb_aes128_continued() {
93 type BlockSize = <Aes128 as BlockCipher>::BlockSize;
94
95 let key = GenericArray::from_slice(include_bytes!("data/aes128.key.bin"));
96 let iv = GenericArray::from_slice(include_bytes!("data/aes128.iv.bin"));
97 let mut ciphertext = *include_bytes!("data/cfb-aes128.ciphertext.bin");
98 let mut plaintext = *include_bytes!("data/aes128.plaintext.bin");
99 let plaintext_blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
100 let ciphertext_blocks = to_blocks::<BlockSize>(&mut ciphertext[..]);
101
102 for i in 0..ciphertext_blocks.len() {
103 let mut plaintext = *include_bytes!("data/aes128.plaintext.bin");
104 let blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
105
106 // Encrypt `i` blocks
107 let cipher = Aes128::new(key);
108 let mut mode = block_modes::Cfb::<Aes128, NoPadding>::new(cipher, iv);
109 mode.encrypt_blocks(&mut blocks[..i]);
110
111 // Interrupt, reinitialize mode, encrypt remaining blocks
112 let cipher = Aes128::new(key);
113 let mut mode = block_modes::Cfb::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
114 mode.encrypt_blocks(&mut blocks[i..]);
115
116 assert_eq!(blocks, ciphertext_blocks);
117
118 // Decrypt likewise
119 let cipher = Aes128::new(key);
120 let mut mode = block_modes::Cfb::<Aes128, NoPadding>::new(cipher, iv);
121 mode.decrypt_blocks(&mut blocks[..i]);
122 let cipher = Aes128::new(key);
123 let mut mode = block_modes::Cfb::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
124 mode.decrypt_blocks(&mut blocks[i..]);
125
126 assert_eq!(blocks, plaintext_blocks);
127 }
128 }
129
130 #[test]
cfb_aes128_2()131 fn cfb_aes128_2() {
132 let key = include_bytes!("data/aes128.key.bin");
133 let iv = include_bytes!("data/aes128.iv.bin");
134 let plaintext = include_bytes!("data/cfb-aes128-2.plaintext.bin");
135 let ciphertext = include_bytes!("data/cfb-aes128-2.ciphertext.bin");
136
137 let mode = Cfb::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
138 assert_eq!(mode.encrypt_vec(plaintext), &ciphertext[..]);
139
140 let mode = Cfb::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
141 assert_eq!(mode.decrypt_vec(ciphertext).unwrap(), &plaintext[..]);
142 }
143
144 #[test]
cfb_aes128_2_continued()145 fn cfb_aes128_2_continued() {
146 type BlockSize = <Aes128 as BlockCipher>::BlockSize;
147
148 let key = GenericArray::from_slice(include_bytes!("data/aes128.key.bin"));
149 let iv = GenericArray::from_slice(include_bytes!("data/aes128.iv.bin"));
150 let mut ciphertext = *include_bytes!("data/cfb-aes128-2.ciphertext.bin");
151 let mut plaintext = *include_bytes!("data/cfb-aes128-2.plaintext.bin");
152 let plaintext_blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
153 let ciphertext_blocks = to_blocks::<BlockSize>(&mut ciphertext[..]);
154
155 for i in 0..ciphertext_blocks.len() {
156 let mut plaintext = *include_bytes!("data/cfb-aes128-2.plaintext.bin");
157 let blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
158
159 // Encrypt `i` blocks
160 let cipher = Aes128::new(key);
161 let mut mode = block_modes::Cfb::<Aes128, NoPadding>::new(cipher, iv);
162 mode.encrypt_blocks(&mut blocks[..i]);
163
164 // Interrupt, reinitialize mode, encrypt remaining blocks
165 let cipher = Aes128::new(key);
166 let mut mode = block_modes::Cfb::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
167 mode.encrypt_blocks(&mut blocks[i..]);
168
169 assert_eq!(blocks, ciphertext_blocks);
170
171 // Decrypt likewise
172 let cipher = Aes128::new(key);
173 let mut mode = block_modes::Cfb::<Aes128, NoPadding>::new(cipher, iv);
174 mode.decrypt_blocks(&mut blocks[..i]);
175 let cipher = Aes128::new(key);
176 let mut mode = block_modes::Cfb::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
177 mode.decrypt_blocks(&mut blocks[i..]);
178
179 assert_eq!(blocks, plaintext_blocks);
180 }
181 }
182
183 #[test]
ofb_aes128()184 fn ofb_aes128() {
185 let key = include_bytes!("data/aes128.key.bin");
186 let iv = include_bytes!("data/aes128.iv.bin");
187 let plaintext = include_bytes!("data/aes128.plaintext.bin");
188 let ciphertext = include_bytes!("data/ofb-aes128.ciphertext.bin");
189
190 let mode = Ofb::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
191 assert_eq!(mode.encrypt_vec(plaintext), &ciphertext[..]);
192
193 let mode = Ofb::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
194 assert_eq!(mode.decrypt_vec(ciphertext).unwrap(), &plaintext[..]);
195 }
196
197 #[test]
ofb_aes128_continued()198 fn ofb_aes128_continued() {
199 type BlockSize = <Aes128 as BlockCipher>::BlockSize;
200
201 let key = GenericArray::from_slice(include_bytes!("data/aes128.key.bin"));
202 let iv = GenericArray::from_slice(include_bytes!("data/aes128.iv.bin"));
203 let mut ciphertext = *include_bytes!("data/ofb-aes128.ciphertext.bin");
204 let mut plaintext = *include_bytes!("data/aes128.plaintext.bin");
205 let ciphertext_blocks = to_blocks::<BlockSize>(&mut ciphertext[..]);
206 let plaintext_blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
207
208 for i in 0..ciphertext_blocks.len() {
209 let mut plaintext = *include_bytes!("data/aes128.plaintext.bin");
210 let blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
211
212 // Encrypt `i` blocks
213 let cipher = Aes128::new(key);
214 let mut mode = block_modes::Ofb::<Aes128, NoPadding>::new(cipher, iv);
215 mode.encrypt_blocks(&mut blocks[..i]);
216
217 // Interrupt, reinitialize mode, encrypt remaining blocks
218 let cipher = Aes128::new(key);
219 let mut mode = block_modes::Ofb::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
220 mode.encrypt_blocks(&mut blocks[i..]);
221
222 assert_eq!(blocks, ciphertext_blocks);
223
224 // Decrypt likewise
225 let cipher = Aes128::new(key);
226 let mut mode = block_modes::Ofb::<Aes128, NoPadding>::new(cipher, iv);
227 mode.decrypt_blocks(&mut blocks[..i]);
228 let cipher = Aes128::new(key);
229 let mut mode = block_modes::Ofb::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
230 mode.decrypt_blocks(&mut blocks[i..]);
231
232 assert_eq!(blocks, plaintext_blocks);
233 }
234 }
235
236 /// Test that parallel code works correctly
237 #[test]
par_blocks()238 fn par_blocks() {
239 use block_modes::block_padding::Pkcs7;
240 fn run<M: BlockMode<Aes128, Pkcs7>>() {
241 let key: &[u8; 16] = b"secret key data.";
242 let iv: &[u8; 16] = b"public iv data..";
243
244 for i in 1..160 {
245 let mut buf = [128u8; 160];
246
247 let cipher = M::new_from_slices(key, iv).unwrap();
248 let ct_len = cipher.encrypt(&mut buf, i).unwrap().len();
249 let cipher = M::new_from_slices(key, iv).unwrap();
250 let pt = cipher.decrypt(&mut buf[..ct_len]).unwrap();
251 assert!(pt.iter().all(|&b| b == 128));
252 }
253 }
254
255 run::<block_modes::Cbc<_, _>>();
256 run::<block_modes::Cfb8<_, _>>();
257 run::<block_modes::Ecb<_, _>>();
258 run::<block_modes::Ofb<_, _>>();
259 run::<block_modes::Pcbc<_, _>>();
260 }
261
262 #[test]
ige_aes256_1()263 fn ige_aes256_1() {
264 let key = include_bytes!("data/ige-aes128-1.key.bin");
265 let iv = include_bytes!("data/ige-aes128-1.iv.bin");
266 let plaintext = include_bytes!("data/ige-aes128-1.plaintext.bin");
267 let ciphertext = include_bytes!("data/ige-aes128-1.ciphertext.bin");
268
269 let mode = Ige::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
270 assert_eq!(mode.encrypt_vec(plaintext), &ciphertext[..]);
271
272 let mode = Ige::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
273 assert_eq!(mode.decrypt_vec(ciphertext).unwrap(), &plaintext[..]);
274 }
275
276 #[test]
ige_aes256_1_continued()277 fn ige_aes256_1_continued() {
278 type BlockSize = <Aes128 as BlockCipher>::BlockSize;
279
280 let key = GenericArray::from_slice(include_bytes!("data/ige-aes128-1.key.bin"));
281 let iv = GenericArray::from_slice(include_bytes!("data/ige-aes128-1.iv.bin"));
282 let mut ciphertext = *include_bytes!("data/ige-aes128-1.ciphertext.bin");
283 let mut plaintext = *include_bytes!("data/ige-aes128-1.plaintext.bin");
284 let plaintext_blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
285 let ciphertext_blocks = to_blocks::<BlockSize>(&mut ciphertext[..]);
286
287 for i in 0..ciphertext_blocks.len() {
288 let mut plaintext = *include_bytes!("data/ige-aes128-1.plaintext.bin");
289 let blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
290
291 // Encrypt `i` blocks
292 let cipher = Aes128::new(key);
293 let mut mode = block_modes::Ige::<Aes128, NoPadding>::new(cipher, iv);
294 mode.encrypt_blocks(&mut blocks[..i]);
295
296 // Interrupt, reinitialize mode, encrypt remaining blocks
297 let cipher = Aes128::new(key);
298 let mut mode = block_modes::Ige::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
299 mode.encrypt_blocks(&mut blocks[i..]);
300
301 assert_eq!(blocks, ciphertext_blocks);
302
303 // Decrypt likewise
304 let cipher = Aes128::new(key);
305 let mut mode = block_modes::Ige::<Aes128, NoPadding>::new(cipher, iv);
306 mode.decrypt_blocks(&mut blocks[..i]);
307 let cipher = Aes128::new(key);
308 let mut mode = block_modes::Ige::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
309 mode.decrypt_blocks(&mut blocks[i..]);
310
311 assert_eq!(blocks, plaintext_blocks);
312 }
313 }
314
315 #[test]
ige_aes256_2()316 fn ige_aes256_2() {
317 let key = include_bytes!("data/ige-aes128-2.key.bin");
318 let iv = include_bytes!("data/ige-aes128-2.iv.bin");
319 let plaintext = include_bytes!("data/ige-aes128-2.plaintext.bin");
320 let ciphertext = include_bytes!("data/ige-aes128-2.ciphertext.bin");
321
322 let mode = Ige::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
323 assert_eq!(mode.encrypt_vec(plaintext), &ciphertext[..]);
324
325 let mode = Ige::<Aes128, NoPadding>::new_from_slices(key, iv).unwrap();
326 assert_eq!(mode.decrypt_vec(ciphertext).unwrap(), &plaintext[..]);
327 }
328
329 #[test]
ige_aes256_2_continued()330 fn ige_aes256_2_continued() {
331 type BlockSize = <Aes128 as BlockCipher>::BlockSize;
332
333 let key = GenericArray::from_slice(include_bytes!("data/ige-aes128-2.key.bin"));
334 let iv = GenericArray::from_slice(include_bytes!("data/ige-aes128-2.iv.bin"));
335 let mut plaintext = *include_bytes!("data/ige-aes128-2.plaintext.bin");
336 let mut ciphertext = *include_bytes!("data/ige-aes128-2.ciphertext.bin");
337 let plaintext_blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
338 let ciphertext_blocks = to_blocks::<BlockSize>(&mut ciphertext[..]);
339
340 for i in 0..ciphertext_blocks.len() {
341 let mut plaintext = *include_bytes!("data/ige-aes128-2.plaintext.bin");
342 let blocks = to_blocks::<BlockSize>(&mut plaintext[..]);
343
344 // Encrypt `i` blocks
345 let cipher = Aes128::new(key);
346 let mut mode = block_modes::Ige::<Aes128, NoPadding>::new(cipher, iv);
347 mode.encrypt_blocks(&mut blocks[..i]);
348
349 // Interrupt, reinitialize mode, encrypt remaining blocks
350 let cipher = Aes128::new(key);
351 let mut mode = block_modes::Ige::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
352 mode.encrypt_blocks(&mut blocks[i..]);
353
354 assert_eq!(blocks, ciphertext_blocks);
355
356 // Decrypt likewise
357 let cipher = Aes128::new(key);
358 let mut mode = block_modes::Ige::<Aes128, NoPadding>::new(cipher, iv);
359 mode.decrypt_blocks(&mut blocks[..i]);
360 let cipher = Aes128::new(key);
361 let mut mode = block_modes::Ige::<Aes128, NoPadding>::new(cipher, &mode.iv_state());
362 mode.decrypt_blocks(&mut blocks[i..]);
363
364 assert_eq!(blocks, plaintext_blocks);
365 }
366 }
367
to_blocks<N>(data: &mut [u8]) -> &mut [GenericArray<u8, N>] where N: ArrayLength<u8>,368 fn to_blocks<N>(data: &mut [u8]) -> &mut [GenericArray<u8, N>]
369 where
370 N: ArrayLength<u8>,
371 {
372 use core::slice;
373 let n = N::to_usize();
374 debug_assert!(data.len() % n == 0);
375
376 #[allow(unsafe_code)]
377 unsafe {
378 slice::from_raw_parts_mut(data.as_ptr() as *mut GenericArray<u8, N>, data.len() / n)
379 }
380 }
381