3 #include "nettle-internal.h"
6 test_invert(const struct tstring *key,
7 const struct tstring *cleartext,
8 const struct tstring *ciphertext)
10 struct aes_ctx encrypt;
11 struct aes_ctx decrypt;
12 uint8_t *data = xalloc(cleartext->length);
14 ASSERT (cleartext->length == ciphertext->length);
15 length = cleartext->length;
17 aes_set_encrypt_key (&encrypt, key->length, key->data);
18 aes_encrypt (&encrypt, length, data, cleartext->data);
20 if (!MEMEQ(length, data, ciphertext->data))
22 fprintf(stderr, "test_invert: Encrypt failed:\nInput:");
23 tstring_print_hex(cleartext);
24 fprintf(stderr, "\nOutput: ");
25 print_hex(length, data);
26 fprintf(stderr, "\nExpected:");
27 tstring_print_hex(ciphertext);
28 fprintf(stderr, "\n");
32 aes_invert_key (&decrypt, &encrypt);
33 aes_decrypt (&decrypt, length, data, data);
35 if (!MEMEQ(length, data, cleartext->data))
37 fprintf(stderr, "test_invert: Decrypt failed:\nInput:");
38 tstring_print_hex(ciphertext);
39 fprintf(stderr, "\nOutput: ");
40 print_hex(length, data);
41 fprintf(stderr, "\nExpected:");
42 tstring_print_hex(cleartext);
43 fprintf(stderr, "\n");
49 /* Old, unified, interface */
50 static nettle_set_key_func unified_aes128_set_encrypt_key;
51 static nettle_set_key_func unified_aes128_set_encrypt_key;
52 static nettle_set_key_func unified_aes192_set_encrypt_key;
53 static nettle_set_key_func unified_aes192_set_encrypt_key;
54 static nettle_set_key_func unified_aes256_set_encrypt_key;
55 static nettle_set_key_func unified_aes256_set_encrypt_key;
57 unified_aes128_set_encrypt_key (void *ctx, const uint8_t *key)
59 aes_set_encrypt_key (ctx, AES128_KEY_SIZE, key);
62 unified_aes128_set_decrypt_key (void *ctx, const uint8_t *key)
64 aes_set_decrypt_key (ctx, AES128_KEY_SIZE, key);
68 unified_aes192_set_encrypt_key (void *ctx, const uint8_t *key)
70 aes_set_encrypt_key (ctx, AES192_KEY_SIZE, key);
73 unified_aes192_set_decrypt_key (void *ctx, const uint8_t *key)
75 aes_set_decrypt_key (ctx, AES192_KEY_SIZE, key);
79 unified_aes256_set_encrypt_key (void *ctx, const uint8_t *key)
81 aes_set_encrypt_key (ctx, AES256_KEY_SIZE, key);
84 unified_aes256_set_decrypt_key (void *ctx, const uint8_t *key)
86 aes_set_decrypt_key (ctx, AES256_KEY_SIZE, key);
89 #define UNIFIED_AES(bits) { \
90 "unified-aes" #bits, sizeof(struct aes_ctx), \
91 AES_BLOCK_SIZE, AES ## bits ## _KEY_SIZE, \
92 unified_aes ## bits ##_set_encrypt_key, \
93 unified_aes ## bits ##_set_decrypt_key, \
94 (nettle_cipher_func *) aes_encrypt, \
95 (nettle_cipher_func *) aes_decrypt, \
97 const struct nettle_cipher nettle_unified_aes128
99 const struct nettle_cipher nettle_unified_aes192
101 const struct nettle_cipher nettle_unified_aes256
105 test_cipher2(const struct nettle_cipher *c1,
106 const struct nettle_cipher *c2,
107 const struct tstring *key,
108 const struct tstring *cleartext,
109 const struct tstring *ciphertext)
111 test_cipher (c1, key, cleartext, ciphertext);
112 test_cipher (c2, key, cleartext, ciphertext);
118 /* Test both the new interface and the older unified interface. */
121 test_cipher2(&nettle_aes128, &nettle_unified_aes128,
122 SHEX("0001020305060708 0A0B0C0D0F101112"),
123 SHEX("506812A45F08C889 B97F5980038B8359"),
124 SHEX("D8F532538289EF7D 06B506A4FD5BE9C9"));
126 test_cipher2(&nettle_aes128, &nettle_unified_aes128,
127 SHEX("14151617191A1B1C 1E1F202123242526"),
128 SHEX("5C6D71CA30DE8B8B 00549984D2EC7D4B"),
129 SHEX("59AB30F4D4EE6E4F F9907EF65B1FB68C"));
131 test_cipher2(&nettle_aes128, &nettle_unified_aes128,
132 SHEX("28292A2B2D2E2F30 323334353738393A"),
133 SHEX("53F3F4C64F8616E4 E7C56199F48F21F6"),
134 SHEX("BF1ED2FCB2AF3FD4 1443B56D85025CB1"));
136 test_cipher2(&nettle_aes128, &nettle_unified_aes128,
137 SHEX("A0A1A2A3A5A6A7A8 AAABACADAFB0B1B2"),
138 SHEX("F5F4F7F684878689 A6A7A0A1D2CDCCCF"),
139 SHEX("CE52AF650D088CA5 59425223F4D32694"));
142 test_cipher2(&nettle_aes192, &nettle_unified_aes192,
143 SHEX("0001020305060708 0A0B0C0D0F101112"
145 SHEX("2D33EEF2C0430A8A 9EBF45E809C40BB6"),
146 SHEX("DFF4945E0336DF4C 1C56BC700EFF837F"));
149 test_cipher2(&nettle_aes256, &nettle_unified_aes256,
150 SHEX("0001020305060708 0A0B0C0D0F101112"
151 "14151617191A1B1C 1E1F202123242526"),
152 SHEX("834EADFCCAC7E1B30664B1ABA44815AB"),
153 SHEX("1946DABF6A03A2A2 C3D0B05080AED6FC"));
156 /* This test case has been problematic with the CBC test case */
157 test_cipher2(&nettle_aes256, &nettle_unified_aes256,
158 SHEX("8d ae 93 ff fc 78 c9 44"
159 "2a bd 0c 1e 68 bc a6 c7"
160 "05 c7 84 e3 5a a9 11 8b"
161 "d3 16 aa 54 9b 44 08 9e"),
162 SHEX("a5 ce 55 d4 21 15 a1 c6 4a a4 0c b2 ca a6 d1 37"),
163 /* In the cbc test, I once got the bad value
164 * "b2 a0 6c d2 2f df 7d 2c 26 d2 42 88 8f 20 74 a2" */
165 SHEX("1f 94 fc 85 f2 36 21 06"
166 "4a ea e3 c9 cc 38 01 0e"));
168 /* From draft NIST spec on AES modes.
170 * F.1 ECB Example Vectors
171 * F.1.1 ECB-AES128-Encrypt
174 test_cipher2(&nettle_aes128, &nettle_unified_aes128,
175 SHEX("2b7e151628aed2a6abf7158809cf4f3c"),
176 SHEX("6bc1bee22e409f96e93d7e117393172a"
177 "ae2d8a571e03ac9c9eb76fac45af8e51"
178 "30c81c46a35ce411e5fbc1191a0a52ef"
179 "f69f2445df4f9b17ad2b417be66c3710"),
180 SHEX("3ad77bb40d7a3660a89ecaf32466ef97"
181 "f5d3d58503b9699de785895a96fdbaaf"
182 "43b1cd7f598ece23881b00e3ed030688"
183 "7b0c785e27e8ad3f8223207104725dd4"));
185 /* F.1.3 ECB-AES192-Encrypt */
187 test_cipher2(&nettle_aes192, &nettle_unified_aes192,
188 SHEX("8e73b0f7da0e6452c810f32b809079e5 62f8ead2522c6b7b"),
189 SHEX("6bc1bee22e409f96e93d7e117393172a"
190 "ae2d8a571e03ac9c9eb76fac45af8e51"
191 "30c81c46a35ce411e5fbc1191a0a52ef"
192 "f69f2445df4f9b17ad2b417be66c3710"),
193 SHEX("bd334f1d6e45f25ff712a214571fa5cc"
194 "974104846d0ad3ad7734ecb3ecee4eef"
195 "ef7afd2270e2e60adce0ba2face6444e"
196 "9a4b41ba738d6c72fb16691603c18e0e"));
198 /* F.1.5 ECB-AES256-Encrypt */
199 test_cipher2(&nettle_aes256, &nettle_unified_aes256,
200 SHEX("603deb1015ca71be2b73aef0857d7781"
201 "1f352c073b6108d72d9810a30914dff4"),
202 SHEX("6bc1bee22e409f96e93d7e117393172a"
203 "ae2d8a571e03ac9c9eb76fac45af8e51"
204 "30c81c46a35ce411e5fbc1191a0a52ef"
205 "f69f2445df4f9b17ad2b417be66c3710"),
206 SHEX("f3eed1bdb5d2a03c064b5a7e3db181f8"
207 "591ccb10d410ed26dc5ba74a31362870"
208 "b6ed21b99ca6f4f9f153e7b1beafed1d"
209 "23304b7a39f9f3ff067d8d8f9e24ecc7"));
211 /* Test aes_invert_key with src != dst */
212 test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"),
213 SHEX("506812A45F08C889 B97F5980038B8359"),
214 SHEX("D8F532538289EF7D 06B506A4FD5BE9C9"));
215 test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"
217 SHEX("2D33EEF2C0430A8A 9EBF45E809C40BB6"),
218 SHEX("DFF4945E0336DF4C 1C56BC700EFF837F"));
219 test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"
220 "14151617191A1B1C 1E1F202123242526"),
221 SHEX("834EADFCCAC7E1B30664B1ABA44815AB"),
222 SHEX("1946DABF6A03A2A2 C3D0B05080AED6FC"));
225 /* Internal state for the first test case:
227 0: a7106950 81cf0e5a 8d5574b3 4b929b0c
228 1: aa1e31c4 c19a8917 12282e4 b23e51eb
229 2: 14be6dac fede8fdc 8fb98878 a27dfb5c
230 3: e80a6f32 431515bb 72e8a651 7daf188b
231 4: c50438c0 d464b2b6 76b875e9 b2b5f574
232 5: d81ab740 746b4d89 ff033aac 44d5ffa2
233 6: 52e6bb4a edadc170 24867df4 6e2ad5d5
234 7: ab1c7365 64d09f00 7718d521 46a3df32
235 8: f1eaad16 1aefdfb 7ba5724d d8499631
236 9: 1020300 2030001 3000102 10203
237 99: 5332f5d8 7def8982 a406b506 c9e95bfd