From 3ecab068412667af17fc0dbcb20282711bbf9ac5 Mon Sep 17 00:00:00 2001
From: toddouska <todd@yassl.com>
Date: Thu, 21 Mar 2013 08:33:02 -0700
Subject: [PATCH] add mcapi aes ctr with test

---
 configure.ac   |   2 +-
 mcapi/crypto.c |  11 ++++
 mcapi/crypto.h |   5 ++
 mcapi/test.c   | 176 +++++++++++++++++++++++++++++++++++++++++++++++--
 4 files changed, 187 insertions(+), 7 deletions(-)

diff --git a/configure.ac b/configure.ac
index 4c89fb3e0..ede11860b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1171,7 +1171,7 @@ AC_ARG_ENABLE([mcapi],
 
 if test "$ENABLED_MCAPI" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI"
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI -DCYASSL_AES_COUNTER"
 fi
 
 if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_SHA512" = "no"
diff --git a/mcapi/crypto.c b/mcapi/crypto.c
index e7e697013..87e0daa2a 100644
--- a/mcapi/crypto.c
+++ b/mcapi/crypto.c
@@ -358,5 +358,16 @@ int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out,
 }
 
 
+/* AES CTR Encrypt (used for decrypt too, with ENCRYPT key setup) */
+int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
+                          const unsigned char* in, unsigned int inSz)
+{
+    AesCtrEncrypt((Aes*)aes, out, in, inSz);
+
+    return 0;
+}
+
+
+
 
 
diff --git a/mcapi/crypto.h b/mcapi/crypto.h
index 218289d71..6351cc8ce 100644
--- a/mcapi/crypto.h
+++ b/mcapi/crypto.h
@@ -177,6 +177,11 @@ int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX*, unsigned char*,
 int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX*, unsigned char*,
                            const unsigned char*, unsigned int);
 
+/* ctr (counter), use Encrypt both ways with ENCRYPT key setup */
+int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX*, unsigned char*,
+                          const unsigned char*, unsigned int);
+
+
 /* key direction flags for setup */
 enum {
     CRYPT_AES_ENCRYPTION = 0,
diff --git a/mcapi/test.c b/mcapi/test.c
index f6bbb5226..d8ada844a 100644
--- a/mcapi/test.c
+++ b/mcapi/test.c
@@ -62,6 +62,7 @@ static int check_compress(void);
 static int check_rng(void);
 static int check_des3(void);
 static int check_aescbc(void);
+static int check_aesctr(void);
 
 
 int main(int argc, char** argv)
@@ -148,7 +149,13 @@ int main(int argc, char** argv)
 
     ret = check_aescbc();
     if (ret != 0) {
-        printf("mcapi check_aes failed\n");
+        printf("mcapi check_aes cbc failed\n");
+        return -1;
+    }
+
+    ret = check_aesctr();
+    if (ret != 0) {
+        printf("mcapi check_aes ctr failed\n");
         return -1;
     }
 
@@ -587,7 +594,7 @@ static int check_des3(void)
 
 #define AES_TEST_SIZE 32
 
-/* check mcapi aes */
+/* check mcapi aes cbc */
 static int check_aescbc(void)
 {
     CRYPT_AES_CTX mcAes;
@@ -682,7 +689,7 @@ static int check_aescbc(void)
         printf("mcapi aes-192 key set failed\n");
         return -1;
     }
-    ret = AesSetKey(&defAes, key, 24, iv, DES_DECRYPTION);
+    ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION);
     if (ret != 0) {
         printf("default aes-192 key set failed\n");
         return -1;
@@ -735,7 +742,7 @@ static int check_aescbc(void)
         printf("mcapi aes-256 key set failed\n");
         return -1;
     }
-    ret = AesSetKey(&defAes, key, 32, iv, DES_DECRYPTION);
+    ret = AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION);
     if (ret != 0) {
         printf("default aes-256 key set failed\n");
         return -1;
@@ -758,12 +765,169 @@ static int check_aescbc(void)
         return -1;
     }
 
-
-
     printf("aes-cbc     mcapi test passed\n");
 
     return 0;
 }
 
 
+/* check mcapi aes ctr */
+static int check_aesctr(void)
+{
+    CRYPT_AES_CTX mcAes;
+    Aes           defAes;
+    int           ret;
+    byte          out1[AES_TEST_SIZE];
+    byte          out2[AES_TEST_SIZE];
+
+    strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32);
+    strncpy((char*)iv,  "1234567890abcdef", 16);
+
+    /* 128 ctr encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-128 key set failed\n");
+        return -1;
+    }
+    ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-128 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-128 ctr encrypt failed\n");
+        return -1;
+    }
+    AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-128 ctr encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 128 ctr decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-128 key set failed\n");
+        return -1;
+    }
+    ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-128 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-128 ctr decrypt failed\n");
+        return -1;
+    }
+
+    if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-128 ctr decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    /* 192 ctr encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-192 key set failed\n");
+        return -1;
+    }
+    ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-192 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-192 ctr encrypt failed\n");
+        return -1;
+    }
+    AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-192 ctr encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 192 ctr decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-192 key set failed\n");
+        return -1;
+    }
+    ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION);
+    if (ret != 0) {
+        printf("default aes-192 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-192 ctr decrypt failed\n");
+        return -1;
+    }
+
+    if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-192 ctr decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    /* 256 ctr encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-256 key set failed\n");
+        return -1;
+    }
+    ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-256 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-256 ctr encrypt failed\n");
+        return -1;
+    }
+    AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-256 ctr encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 256 ctr decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-256 key set failed\n");
+        return -1;
+    }
+    ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-256 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-256 ctr decrypt failed\n");
+        return -1;
+    }
+
+    if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-256 ctr decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    printf("aes-ctr     mcapi test passed\n");
+
+    return 0;
+}
+
+