1 /*
2 * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 * You can also choose to distribute this program under the terms of
20 * the Unmodified Binary Distribution Licence (as given in the file
21 * COPYING.UBDL), provided that you have satisfied its requirements.
22 */
23
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25
26 /** @file
27 *
28 * AES tests
29 *
30 * These test vectors are provided by NIST as part of the
31 * Cryptographic Toolkit Examples, downloadable from:
32 *
33 * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_Core_All.pdf
34 * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_ECB.pdf
35 * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CBC.pdf
36 *
37 */
38
39 /* Forcibly enable assertions */
40 #undef NDEBUG
41
42 #include <assert.h>
43 #include <string.h>
44 #include <ipxe/aes.h>
45 #include <ipxe/test.h>
46 #include "cipher_test.h"
47
48 /** Key used for NIST 128-bit test vectors */
49 #define AES_KEY_NIST_128 \
50 KEY ( 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, \
51 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c )
52
53 /** Key used for NIST 192-bit test vectors */
54 #define AES_KEY_NIST_192 \
55 KEY ( 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, \
56 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, \
57 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b )
58
59 /** Key used for NIST 256-bit test vectors */
60 #define AES_KEY_NIST_256 \
61 KEY ( 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, \
62 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, \
63 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, \
64 0xa3, 0x09, 0x14, 0xdf, 0xf4 )
65
66 /** Dummy initialisation vector used for NIST ECB-mode test vectors */
67 #define AES_IV_NIST_DUMMY \
68 IV ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
69 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 )
70
71 /** Initialisation vector used for NIST CBC-mode test vectors */
72 #define AES_IV_NIST_CBC \
73 IV ( 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, \
74 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f )
75
76 /** Plaintext used for NIST test vectors */
77 #define AES_PLAINTEXT_NIST \
78 PLAINTEXT ( 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, \
79 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, \
80 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, \
81 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, \
82 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, \
83 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, \
84 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, \
85 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 )
86
87 /** AES-128-ECB (same test as AES-128-Core) */
88 CIPHER_TEST ( aes_128_ecb, &aes_ecb_algorithm,
89 AES_KEY_NIST_128, AES_IV_NIST_DUMMY, AES_PLAINTEXT_NIST,
90 CIPHERTEXT ( 0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60,
91 0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97,
92 0xf5, 0xd3, 0xd5, 0x85, 0x03, 0xb9, 0x69, 0x9d,
93 0xe7, 0x85, 0x89, 0x5a, 0x96, 0xfd, 0xba, 0xaf,
94 0x43, 0xb1, 0xcd, 0x7f, 0x59, 0x8e, 0xce, 0x23,
95 0x88, 0x1b, 0x00, 0xe3, 0xed, 0x03, 0x06, 0x88,
96 0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f,
97 0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4 ) );
98
99 /** AES-128-CBC */
100 CIPHER_TEST ( aes_128_cbc, &aes_cbc_algorithm,
101 AES_KEY_NIST_128, AES_IV_NIST_CBC, AES_PLAINTEXT_NIST,
102 CIPHERTEXT ( 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
103 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
104 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
105 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
106 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b,
107 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
108 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
109 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7 ) );
110
111 /** AES-192-ECB (same test as AES-192-Core) */
112 CIPHER_TEST ( aes_192_ecb, &aes_ecb_algorithm,
113 AES_KEY_NIST_192, AES_IV_NIST_DUMMY, AES_PLAINTEXT_NIST,
114 CIPHERTEXT ( 0xbd, 0x33, 0x4f, 0x1d, 0x6e, 0x45, 0xf2, 0x5f,
115 0xf7, 0x12, 0xa2, 0x14, 0x57, 0x1f, 0xa5, 0xcc,
116 0x97, 0x41, 0x04, 0x84, 0x6d, 0x0a, 0xd3, 0xad,
117 0x77, 0x34, 0xec, 0xb3, 0xec, 0xee, 0x4e, 0xef,
118 0xef, 0x7a, 0xfd, 0x22, 0x70, 0xe2, 0xe6, 0x0a,
119 0xdc, 0xe0, 0xba, 0x2f, 0xac, 0xe6, 0x44, 0x4e,
120 0x9a, 0x4b, 0x41, 0xba, 0x73, 0x8d, 0x6c, 0x72,
121 0xfb, 0x16, 0x69, 0x16, 0x03, 0xc1, 0x8e, 0x0e ) );
122
123 /** AES-192-CBC */
124 CIPHER_TEST ( aes_192_cbc, &aes_cbc_algorithm,
125 AES_KEY_NIST_192, AES_IV_NIST_CBC, AES_PLAINTEXT_NIST,
126 CIPHERTEXT ( 0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d,
127 0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8,
128 0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4,
129 0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a,
130 0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0,
131 0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0,
132 0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81,
133 0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd ) );
134
135 /** AES-256-ECB (same test as AES-256-Core) */
136 CIPHER_TEST ( aes_256_ecb, &aes_ecb_algorithm,
137 AES_KEY_NIST_256, AES_IV_NIST_DUMMY, AES_PLAINTEXT_NIST,
138 CIPHERTEXT ( 0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
139 0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
140 0x59, 0x1c, 0xcb, 0x10, 0xd4, 0x10, 0xed, 0x26,
141 0xdc, 0x5b, 0xa7, 0x4a, 0x31, 0x36, 0x28, 0x70,
142 0xb6, 0xed, 0x21, 0xb9, 0x9c, 0xa6, 0xf4, 0xf9,
143 0xf1, 0x53, 0xe7, 0xb1, 0xbe, 0xaf, 0xed, 0x1d,
144 0x23, 0x30, 0x4b, 0x7a, 0x39, 0xf9, 0xf3, 0xff,
145 0x06, 0x7d, 0x8d, 0x8f, 0x9e, 0x24, 0xec, 0xc7 ) );
146
147 /** AES-256-CBC */
148 CIPHER_TEST ( aes_256_cbc, &aes_cbc_algorithm,
149 AES_KEY_NIST_256, AES_IV_NIST_CBC, AES_PLAINTEXT_NIST,
150 CIPHERTEXT ( 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
151 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
152 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
153 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
154 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
155 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
156 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
157 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b ) );
158
159 /**
160 * Perform AES self-test
161 *
162 */
aes_test_exec(void)163 static void aes_test_exec ( void ) {
164 struct cipher_algorithm *ecb = &aes_ecb_algorithm;
165 struct cipher_algorithm *cbc = &aes_cbc_algorithm;
166 unsigned int keylen;
167
168 /* Correctness tests */
169 cipher_ok ( &aes_128_ecb );
170 cipher_ok ( &aes_128_cbc );
171 cipher_ok ( &aes_192_ecb );
172 cipher_ok ( &aes_192_cbc );
173 cipher_ok ( &aes_256_ecb );
174 cipher_ok ( &aes_256_cbc );
175
176 /* Speed tests */
177 for ( keylen = 128 ; keylen <= 256 ; keylen += 64 ) {
178 DBG ( "AES-%d-ECB encryption required %ld cycles per byte\n",
179 keylen, cipher_cost_encrypt ( ecb, ( keylen / 8 ) ) );
180 DBG ( "AES-%d-ECB decryption required %ld cycles per byte\n",
181 keylen, cipher_cost_decrypt ( ecb, ( keylen / 8 ) ) );
182 DBG ( "AES-%d-CBC encryption required %ld cycles per byte\n",
183 keylen, cipher_cost_encrypt ( cbc, ( keylen / 8 ) ) );
184 DBG ( "AES-%d-CBC decryption required %ld cycles per byte\n",
185 keylen, cipher_cost_decrypt ( cbc, ( keylen / 8 ) ) );
186 }
187 }
188
189 /** AES self-test */
190 struct self_test aes_test __self_test = {
191 .name = "aes",
192 .exec = aes_test_exec,
193 };
194