testsuite/aes-test.c

   1 #include "testutils.h"
   2 #include "aes.h"
   3 #include "nettle-internal.h"
   4
   5 static void
   6 test_invert(const struct tstring *key,
   7             const struct tstring *cleartext,
   8             const struct tstring *ciphertext)
   9 {
  10   struct aes_ctx encrypt;
  11   struct aes_ctx decrypt;
  12   uint8_t *data = xalloc(cleartext->length);
  13   size_t length;
  14   ASSERT (cleartext->length == ciphertext->length);
  15   length = cleartext->length;
  16
  17   aes_set_encrypt_key (&encrypt, key->length, key->data);
  18   aes_encrypt (&encrypt, length, data, cleartext->data);
  19
  20   if (!MEMEQ(length, data, ciphertext->data))
  21     {
  22       fprintf(stderr, "test_invert: Encrypt failed:\nInput:");
  23       tstring_print_hex(cleartext);
  24       fprintf(stderr, "\nOutput: ");
  25       print_hex(length, data);
  26       fprintf(stderr, "\nExpected:");
  27       tstring_print_hex(ciphertext);
  28       fprintf(stderr, "\n");
  29       FAIL();
  30     }
  31
  32   aes_invert_key (&decrypt, &encrypt);
  33   aes_decrypt (&decrypt, length, data, data);
  34
  35   if (!MEMEQ(length, data, cleartext->data))
  36     {
  37       fprintf(stderr, "test_invert: Decrypt failed:\nInput:");
  38       tstring_print_hex(ciphertext);
  39       fprintf(stderr, "\nOutput: ");
  40       print_hex(length, data);
  41       fprintf(stderr, "\nExpected:");
  42       tstring_print_hex(cleartext);
  43       fprintf(stderr, "\n");
  44       FAIL();
  45     }
  46   free (data);
  47 }
  48
  49 /* Old, unified, interface */
  50 static nettle_set_key_func unified_aes128_set_encrypt_key;
  51 static nettle_set_key_func unified_aes128_set_encrypt_key;
  52 static nettle_set_key_func unified_aes192_set_encrypt_key;
  53 static nettle_set_key_func unified_aes192_set_encrypt_key;
  54 static nettle_set_key_func unified_aes256_set_encrypt_key;
  55 static nettle_set_key_func unified_aes256_set_encrypt_key;
  56 static void
  57 unified_aes128_set_encrypt_key (void *ctx, const uint8_t *key)
  58 {
  59   aes_set_encrypt_key (ctx, AES128_KEY_SIZE, key);
  60 }
  61 static void
  62 unified_aes128_set_decrypt_key (void *ctx, const uint8_t *key)
  63 {
  64   aes_set_decrypt_key (ctx, AES128_KEY_SIZE, key);
  65 }
  66
  67 static void
  68 unified_aes192_set_encrypt_key (void *ctx, const uint8_t *key)
  69 {
  70   aes_set_encrypt_key (ctx, AES192_KEY_SIZE, key);
  71 }
  72 static void
  73 unified_aes192_set_decrypt_key (void *ctx, const uint8_t *key)
  74 {
  75   aes_set_decrypt_key (ctx, AES192_KEY_SIZE, key);
  76 }
  77
  78 static void
  79 unified_aes256_set_encrypt_key (void *ctx, const uint8_t *key)
  80 {
  81   aes_set_encrypt_key (ctx, AES256_KEY_SIZE, key);
  82 }
  83 static void
  84 unified_aes256_set_decrypt_key (void *ctx, const uint8_t *key)
  85 {
  86   aes_set_decrypt_key (ctx, AES256_KEY_SIZE, key);
  87 }
  88
  89 #define UNIFIED_AES(bits) {                     \
  90   "unified-aes" #bits, sizeof(struct aes_ctx),  \
  91   AES_BLOCK_SIZE, AES ## bits ## _KEY_SIZE,     \
  92   unified_aes ## bits ##_set_encrypt_key,       \
  93   unified_aes ## bits ##_set_decrypt_key,       \
  94   (nettle_cipher_func *) aes_encrypt,           \
  95   (nettle_cipher_func *) aes_decrypt,           \
  96 }
  97 const struct nettle_cipher nettle_unified_aes128
  98 = UNIFIED_AES(128);
  99 const struct nettle_cipher nettle_unified_aes192
 100 = UNIFIED_AES(192);
 101 const struct nettle_cipher nettle_unified_aes256
 102 = UNIFIED_AES(256);
 103
 104 static void
 105 test_cipher2(const struct nettle_cipher *c1,
 106              const struct nettle_cipher *c2,
 107              const struct tstring *key,
 108              const struct tstring *cleartext,
 109              const struct tstring *ciphertext)
 110 {
 111   test_cipher (c1, key, cleartext, ciphertext);
 112   test_cipher (c2, key, cleartext, ciphertext);
 113 }
 114
 115 void
 116 test_main(void)
 117 {
 118   /* Test both the new interface and the older unified interface. */
 119
 120   /* 128 bit keys */
 121   test_cipher2(&nettle_aes128, &nettle_unified_aes128,
 122                SHEX("0001020305060708 0A0B0C0D0F101112"),
 123                SHEX("506812A45F08C889 B97F5980038B8359"),
 124                SHEX("D8F532538289EF7D 06B506A4FD5BE9C9"));
 125
 126   test_cipher2(&nettle_aes128, &nettle_unified_aes128,
 127                SHEX("14151617191A1B1C 1E1F202123242526"),
 128                SHEX("5C6D71CA30DE8B8B 00549984D2EC7D4B"),
 129                SHEX("59AB30F4D4EE6E4F F9907EF65B1FB68C"));
 130
 131   test_cipher2(&nettle_aes128, &nettle_unified_aes128,
 132                SHEX("28292A2B2D2E2F30 323334353738393A"),
 133                SHEX("53F3F4C64F8616E4 E7C56199F48F21F6"),
 134                SHEX("BF1ED2FCB2AF3FD4 1443B56D85025CB1"));
 135
 136   test_cipher2(&nettle_aes128, &nettle_unified_aes128,
 137                SHEX("A0A1A2A3A5A6A7A8 AAABACADAFB0B1B2"),
 138                SHEX("F5F4F7F684878689 A6A7A0A1D2CDCCCF"),
 139                SHEX("CE52AF650D088CA5 59425223F4D32694"));
 140
 141   /* 192 bit keys */
 142   test_cipher2(&nettle_aes192, &nettle_unified_aes192,
 143                SHEX("0001020305060708 0A0B0C0D0F101112"
 144                     "14151617191A1B1C"),
 145                SHEX("2D33EEF2C0430A8A 9EBF45E809C40BB6"),
 146                SHEX("DFF4945E0336DF4C 1C56BC700EFF837F"));
 147
 148   /* 256 bit keys */
 149   test_cipher2(&nettle_aes256, &nettle_unified_aes256,
 150                SHEX("0001020305060708 0A0B0C0D0F101112"
 151                     "14151617191A1B1C 1E1F202123242526"),
 152                SHEX("834EADFCCAC7E1B30664B1ABA44815AB"),
 153                SHEX("1946DABF6A03A2A2 C3D0B05080AED6FC"));
 154
 155
 156   /* This test case has been problematic with the CBC test case */
 157   test_cipher2(&nettle_aes256, &nettle_unified_aes256,
 158                SHEX("8d ae 93 ff fc 78 c9 44"
 159                     "2a bd 0c 1e 68 bc a6 c7"
 160                     "05 c7 84 e3 5a a9 11 8b"
 161                     "d3 16 aa 54 9b 44 08 9e"),
 162                SHEX("a5 ce 55 d4 21 15 a1 c6 4a a4 0c b2 ca a6 d1 37"),
 163                /* In the cbc test, I once got the bad value
 164                 *   "b2 a0 6c d2 2f df 7d 2c  26 d2 42 88 8f 20 74 a2" */
 165                SHEX("1f 94 fc 85 f2 36 21 06"
 166                     "4a ea e3 c9 cc 38 01 0e"));
 167
 168   /* From draft NIST spec on AES modes.
 169    *
 170    * F.1 ECB Example Vectors
 171    * F.1.1 ECB-AES128-Encrypt
 172    */
 173
 174   test_cipher2(&nettle_aes128, &nettle_unified_aes128,
 175                SHEX("2b7e151628aed2a6abf7158809cf4f3c"),
 176                SHEX("6bc1bee22e409f96e93d7e117393172a"
 177                     "ae2d8a571e03ac9c9eb76fac45af8e51"
 178                     "30c81c46a35ce411e5fbc1191a0a52ef"
 179                     "f69f2445df4f9b17ad2b417be66c3710"),
 180                SHEX("3ad77bb40d7a3660a89ecaf32466ef97"
 181                     "f5d3d58503b9699de785895a96fdbaaf"
 182                     "43b1cd7f598ece23881b00e3ed030688"
 183                     "7b0c785e27e8ad3f8223207104725dd4"));
 184
 185   /* F.1.3 ECB-AES192-Encrypt */
 186
 187   test_cipher2(&nettle_aes192, &nettle_unified_aes192,
 188                SHEX("8e73b0f7da0e6452c810f32b809079e5 62f8ead2522c6b7b"),
 189                SHEX("6bc1bee22e409f96e93d7e117393172a"
 190                     "ae2d8a571e03ac9c9eb76fac45af8e51"
 191                     "30c81c46a35ce411e5fbc1191a0a52ef"
 192                     "f69f2445df4f9b17ad2b417be66c3710"),
 193                SHEX("bd334f1d6e45f25ff712a214571fa5cc"
 194                     "974104846d0ad3ad7734ecb3ecee4eef"
 195                     "ef7afd2270e2e60adce0ba2face6444e"
 196                     "9a4b41ba738d6c72fb16691603c18e0e"));
 197
 198   /* F.1.5 ECB-AES256-Encrypt */
 199   test_cipher2(&nettle_aes256, &nettle_unified_aes256,
 200                SHEX("603deb1015ca71be2b73aef0857d7781"
 201                     "1f352c073b6108d72d9810a30914dff4"),
 202                SHEX("6bc1bee22e409f96e93d7e117393172a"
 203                     "ae2d8a571e03ac9c9eb76fac45af8e51"
 204                     "30c81c46a35ce411e5fbc1191a0a52ef"
 205                     "f69f2445df4f9b17ad2b417be66c3710"),
 206                SHEX("f3eed1bdb5d2a03c064b5a7e3db181f8"
 207                     "591ccb10d410ed26dc5ba74a31362870"
 208                     "b6ed21b99ca6f4f9f153e7b1beafed1d"
 209                     "23304b7a39f9f3ff067d8d8f9e24ecc7"));
 210
 211   /* Test aes_invert_key with src != dst */
 212   test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"),
 213               SHEX("506812A45F08C889 B97F5980038B8359"),
 214               SHEX("D8F532538289EF7D 06B506A4FD5BE9C9"));
 215   test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"
 216                    "14151617191A1B1C"),
 217               SHEX("2D33EEF2C0430A8A 9EBF45E809C40BB6"),
 218               SHEX("DFF4945E0336DF4C 1C56BC700EFF837F"));
 219   test_invert(SHEX("0001020305060708 0A0B0C0D0F101112"
 220                    "14151617191A1B1C 1E1F202123242526"),
 221               SHEX("834EADFCCAC7E1B30664B1ABA44815AB"),
 222               SHEX("1946DABF6A03A2A2 C3D0B05080AED6FC"));
 223 }
 224
 225 /* Internal state for the first test case:
 226
 227    0: a7106950 81cf0e5a 8d5574b3 4b929b0c
 228    1: aa1e31c4 c19a8917  12282e4 b23e51eb
 229    2: 14be6dac fede8fdc 8fb98878 a27dfb5c
 230    3: e80a6f32 431515bb 72e8a651 7daf188b
 231    4: c50438c0 d464b2b6 76b875e9 b2b5f574
 232    5: d81ab740 746b4d89 ff033aac 44d5ffa2
 233    6: 52e6bb4a edadc170 24867df4 6e2ad5d5
 234    7: ab1c7365 64d09f00 7718d521 46a3df32
 235    8: f1eaad16  1aefdfb 7ba5724d d8499631
 236    9:  1020300  2030001  3000102    10203
 237   99: 5332f5d8 7def8982 a406b506 c9e95bfd
 238
 239 */