testsuite/aes-test.c

   1 #include "testutils.h"
   2 #include "aes.h"
   3
   4 static void
   5 test_invert(unsigned key_length, const uint8_t *key,
   6             unsigned length, const uint8_t *cleartext,
   7             const uint8_t *ciphertext)
   8 {
   9   struct aes_ctx encrypt;
  10   struct aes_ctx decrypt;
  11   uint8_t *data = xalloc(length);
  12
  13   aes_set_encrypt_key (&encrypt, key_length, key);
  14   aes_encrypt (&encrypt, length, data, cleartext);
  15
  16   if (!MEMEQ(length, data, ciphertext))
  17     {
  18       fprintf(stderr, "test_invert: Encrypt failed:\nInput:");
  19       print_hex(length, cleartext);
  20       fprintf(stderr, "\nOutput: ");
  21       print_hex(length, data);
  22       fprintf(stderr, "\nExpected:");
  23       print_hex(length, ciphertext);
  24       fprintf(stderr, "\n");
  25       FAIL();
  26     }
  27
  28   aes_invert_key (&decrypt, &encrypt);
  29   aes_decrypt (&decrypt, length, data, data);
  30
  31   if (!MEMEQ(length, data, cleartext))
  32     {
  33       fprintf(stderr, "test_invert: Decrypt failed:\nInput:");
  34       print_hex(length, ciphertext);
  35       fprintf(stderr, "\nOutput: ");
  36       print_hex(length, data);
  37       fprintf(stderr, "\nExpected:");
  38       print_hex(length, cleartext);
  39       fprintf(stderr, "\n");
  40       FAIL();
  41     }
  42   free (data);
  43 }
  44
  45 int
  46 test_main(void)
  47 {
  48   /* 128 bit keys */
  49   test_cipher(&nettle_aes128,
  50               HL("0001020305060708 0A0B0C0D0F101112"),
  51               HL("506812A45F08C889 B97F5980038B8359"),
  52               H("D8F532538289EF7D 06B506A4FD5BE9C9"));
  53
  54   test_cipher(&nettle_aes128,
  55               HL("14151617191A1B1C 1E1F202123242526"),
  56               HL("5C6D71CA30DE8B8B 00549984D2EC7D4B"),
  57               H("59AB30F4D4EE6E4F F9907EF65B1FB68C"));
  58
  59   test_cipher(&nettle_aes128,
  60               HL("28292A2B2D2E2F30 323334353738393A"),
  61               HL("53F3F4C64F8616E4 E7C56199F48F21F6"),
  62               H("BF1ED2FCB2AF3FD4 1443B56D85025CB1"));
  63
  64   test_cipher(&nettle_aes128,
  65               HL("A0A1A2A3A5A6A7A8 AAABACADAFB0B1B2"),
  66               HL("F5F4F7F684878689 A6A7A0A1D2CDCCCF"),
  67               H("CE52AF650D088CA5 59425223F4D32694"));
  68
  69   /* 192 bit keys */
  70
  71   test_cipher(&nettle_aes192,
  72               HL("0001020305060708 0A0B0C0D0F101112"
  73                 "14151617191A1B1C"),
  74               HL("2D33EEF2C0430A8A 9EBF45E809C40BB6"),
  75               H("DFF4945E0336DF4C 1C56BC700EFF837F"));
  76
  77   /* 256 bit keys */
  78
  79   test_cipher(&nettle_aes256,
  80               HL("0001020305060708 0A0B0C0D0F101112"
  81                 "14151617191A1B1C 1E1F202123242526"),
  82               HL("834EADFCCAC7E1B30664B1ABA44815AB"),
  83               H("1946DABF6A03A2A2 C3D0B05080AED6FC"));
  84
  85
  86   /* This test case has been problematic with the CBC test case */
  87   test_cipher(&nettle_aes256,
  88               HL("8d ae 93 ff fc 78 c9 44"
  89                 "2a bd 0c 1e 68 bc a6 c7"
  90                 "05 c7 84 e3 5a a9 11 8b"
  91                 "d3 16 aa 54 9b 44 08 9e"),
  92               HL("a5 ce 55 d4 21 15 a1 c6 4a a4 0c b2 ca a6 d1 37"),
  93               /* In the cbc test, I once got the bad value
  94                *   "b2 a0 6c d2 2f df 7d 2c  26 d2 42 88 8f 20 74 a2" */
  95               H("1f 94 fc 85 f2 36 21 06"
  96                 "4a ea e3 c9 cc 38 01 0e"));
  97
  98   /* From draft NIST spec on AES modes.
  99    *
 100    * F.1 ECB Example Vectors
 101    * F.1.1 ECB-AES128-Encrypt
 102    */
 103
 104   test_cipher(&nettle_aes128,
 105               HL("2b7e151628aed2a6abf7158809cf4f3c"),
 106               HL("6bc1bee22e409f96e93d7e117393172a"
 107                 "ae2d8a571e03ac9c9eb76fac45af8e51"
 108                 "30c81c46a35ce411e5fbc1191a0a52ef"
 109                 "f69f2445df4f9b17ad2b417be66c3710"),
 110               H("3ad77bb40d7a3660a89ecaf32466ef97"
 111                 "f5d3d58503b9699de785895a96fdbaaf"
 112                 "43b1cd7f598ece23881b00e3ed030688"
 113                 "7b0c785e27e8ad3f8223207104725dd4"));
 114
 115   /* F.1.3 ECB-AES192-Encrypt */
 116
 117   test_cipher(&nettle_aes192,
 118               HL("8e73b0f7da0e6452c810f32b809079e5 62f8ead2522c6b7b"),
 119               HL("6bc1bee22e409f96e93d7e117393172a"
 120                 "ae2d8a571e03ac9c9eb76fac45af8e51"
 121                 "30c81c46a35ce411e5fbc1191a0a52ef"
 122                 "f69f2445df4f9b17ad2b417be66c3710"),
 123               H("bd334f1d6e45f25ff712a214571fa5cc"
 124                 "974104846d0ad3ad7734ecb3ecee4eef"
 125                 "ef7afd2270e2e60adce0ba2face6444e"
 126                 "9a4b41ba738d6c72fb16691603c18e0e"));
 127
 128   /* F.1.5 ECB-AES256-Encrypt */
 129   test_cipher(&nettle_aes256,
 130               HL("603deb1015ca71be2b73aef0857d7781"
 131                 "1f352c073b6108d72d9810a30914dff4"),
 132               HL("6bc1bee22e409f96e93d7e117393172a"
 133                 "ae2d8a571e03ac9c9eb76fac45af8e51"
 134                 "30c81c46a35ce411e5fbc1191a0a52ef"
 135                 "f69f2445df4f9b17ad2b417be66c3710"),
 136               H("f3eed1bdb5d2a03c064b5a7e3db181f8"
 137                 "591ccb10d410ed26dc5ba74a31362870"
 138                 "b6ed21b99ca6f4f9f153e7b1beafed1d"
 139                 "23304b7a39f9f3ff067d8d8f9e24ecc7"));
 140
 141   /* Test aes_invert_key with src != dst */
 142   test_invert(HL("0001020305060708 0A0B0C0D0F101112"),
 143               HL("506812A45F08C889 B97F5980038B8359"),
 144               H("D8F532538289EF7D 06B506A4FD5BE9C9"));
 145   test_invert(HL("0001020305060708 0A0B0C0D0F101112"
 146                 "14151617191A1B1C"),
 147               HL("2D33EEF2C0430A8A 9EBF45E809C40BB6"),
 148               H("DFF4945E0336DF4C 1C56BC700EFF837F"));
 149   test_invert(HL("0001020305060708 0A0B0C0D0F101112"
 150                 "14151617191A1B1C 1E1F202123242526"),
 151               HL("834EADFCCAC7E1B30664B1ABA44815AB"),
 152               H("1946DABF6A03A2A2 C3D0B05080AED6FC"));
 153
 154   SUCCESS();
 155 }
 156
 157 /* Internal state for the first test case:
 158
 159    0: a7106950 81cf0e5a 8d5574b3 4b929b0c
 160    1: aa1e31c4 c19a8917  12282e4 b23e51eb
 161    2: 14be6dac fede8fdc 8fb98878 a27dfb5c
 162    3: e80a6f32 431515bb 72e8a651 7daf188b
 163    4: c50438c0 d464b2b6 76b875e9 b2b5f574
 164    5: d81ab740 746b4d89 ff033aac 44d5ffa2
 165    6: 52e6bb4a edadc170 24867df4 6e2ad5d5
 166    7: ab1c7365 64d09f00 7718d521 46a3df32
 167    8: f1eaad16  1aefdfb 7ba5724d d8499631
 168    9:  1020300  2030001  3000102    10203
 169   99: 5332f5d8 7def8982 a406b506 c9e95bfd
 170
 171 */