1{-# LANGUAGE OverloadedStrings #-}
2module KAT_AES (tests) where
3
4import Imports
5import BlockCipher
6import Data.Maybe
7import Crypto.Cipher.Types
8import qualified Crypto.Cipher.AES as AES
9import qualified Data.ByteString as B
10
11import qualified KAT_AES.KATECB as KATECB
12import qualified KAT_AES.KATCBC as KATCBC
13import qualified KAT_AES.KATXTS as KATXTS
14import qualified KAT_AES.KATGCM as KATGCM
15import qualified KAT_AES.KATCCM as KATCCM
16import qualified KAT_AES.KATOCB3 as KATOCB3
17
18{-
19instance Show AES.AES where
20    show _ = "AES"
21instance Arbitrary AES.AESIV where
22    arbitrary = AES.aesIV_ . B.pack <$> replicateM 16 arbitrary
23instance Arbitrary AES.AES where
24    arbitrary = AES.initAES . B.pack <$> replicateM 16 arbitrary
25-}
26
27toKatECB (k,p,c) = KAT_ECB { ecbKey = k, ecbPlaintext = p, ecbCiphertext = c }
28toKatCBC (k,iv,p,c) = KAT_CBC { cbcKey = k, cbcIV = iv, cbcPlaintext = p, cbcCiphertext = c }
29toKatXTS (k1,k2,iv,p,_,c) = KAT_XTS { xtsKey1 = k1, xtsKey2 = k2, xtsIV = iv, xtsPlaintext = p, xtsCiphertext = c }
30toKatAEAD mode (k,iv,h,p,c,taglen,tag) =
31    KAT_AEAD { aeadMode       = mode
32             , aeadKey        = k
33             , aeadIV         = iv
34             , aeadHeader     = h
35             , aeadPlaintext  = p
36             , aeadCiphertext = c
37             , aeadTaglen     = taglen
38             , aeadTag        = tag
39             }
40toKatGCM = toKatAEAD AEAD_GCM
41toKatOCB = toKatAEAD AEAD_OCB
42
43toKatCCM (k,iv,h,i,o,m) =
44  KAT_AEAD { aeadMode = AEAD_CCM (B.length i) (ccmMVal m) CCM_L2
45           , aeadKey  = k
46           , aeadIV   = iv
47           , aeadHeader = h
48           , aeadPlaintext = i
49           , aeadCiphertext = ct
50           , aeadTaglen = m
51           , aeadTag = at
52           }
53  where ccmMVal x = fromMaybe (error $ "unsupported CCM tag length: " ++ show x) $
54                        lookup x [ (4, CCM_M4), (6, CCM_M6), (8, CCM_M8), (10, CCM_M10)
55                                 , (12, CCM_M12), (14, CCM_M14), (16, CCM_M16)
56                                 ]
57        ctWithTag = B.drop (B.length h) o
58        (ct, at)  = B.splitAt (B.length ctWithTag - m) ctWithTag
59
60kats128 = defaultKATs
61    { kat_ECB  = map toKatECB KATECB.vectors_aes128_enc
62    , kat_CBC  = map toKatCBC KATCBC.vectors_aes128_enc
63    , kat_CFB  = [ KAT_CFB { cfbKey        = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c"
64                           , cfbIV         = "\xC8\xA6\x45\x37\xA0\xB3\xA9\x3F\xCD\xE3\xCD\xAD\x9F\x1C\xE5\x8B"
65                           , cfbPlaintext  = "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
66                           , cfbCiphertext = "\x26\x75\x1f\x67\xa3\xcb\xb1\x40\xb1\x80\x8c\xf1\x87\xa4\xf4\xdf"
67                           }
68                 ]
69    , kat_XTS  = map toKatXTS KATXTS.vectors_aes128_enc
70    , kat_AEAD = map toKatGCM KATGCM.vectors_aes128_enc ++
71                 map toKatOCB KATOCB3.vectors_aes128_enc ++
72                 map toKatCCM KATCCM.vectors_aes128_enc
73    }
74
75kats192 = defaultKATs
76    { kat_ECB  = map toKatECB KATECB.vectors_aes192_enc
77    , kat_CBC  = map toKatCBC KATCBC.vectors_aes192_enc
78    }
79
80kats256 = defaultKATs
81    { kat_ECB  = map toKatECB KATECB.vectors_aes256_enc
82    , kat_CBC  = map toKatCBC KATCBC.vectors_aes256_enc
83    , kat_XTS  = map toKatXTS KATXTS.vectors_aes256_enc
84    , kat_AEAD = map toKatGCM KATGCM.vectors_aes256_enc
85    }
86
87tests = testGroup "AES"
88    [ testBlockCipher kats128 (undefined :: AES.AES128)
89    , testBlockCipher kats192 (undefined :: AES.AES192)
90    , testBlockCipher kats256 (undefined :: AES.AES256)
91{-
92    , testProperty "genCtr" $ \(key, iv1) ->
93        let (bs1, iv2)    = AES.genCounter key iv1 32
94            (bs2, iv3)    = AES.genCounter key iv2 32
95            (bsAll, iv3') = AES.genCounter key iv1 64
96         in (B.concat [bs1,bs2] == bsAll && iv3 == iv3')
97-}
98    ]
99