forked from wolfSSL/wolfssl
expand the AES-CTR test to 4 blocks for 192 and 256 bit cases
This commit is contained in:
John Safranek
@ -2836,11 +2836,8 @@ int aes_test(void)
|
||||
|
||||
#ifdef WOLFSSL_AES_COUNTER
|
||||
{
|
||||
const byte ctrKey[] =
|
||||
{
|
||||
0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
|
||||
0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c
|
||||
};
|
||||
/* test vectors from "Recommendation for Block Cipher Modes of
|
||||
* Operation" NIST Special Publication 800-38A */
|
||||
|
||||
const byte ctrIv[] =
|
||||
{
|
||||
@ -2848,7 +2845,6 @@ int aes_test(void)
|
||||
0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
|
||||
};
|
||||
|
||||
|
||||
const byte ctrPlain[] =
|
||||
{
|
||||
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
|
||||
@ -2861,7 +2857,19 @@ int aes_test(void)
|
||||
0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
|
||||
};
|
||||
|
||||
const byte ctrCipher[] =
|
||||
const byte oddCipher[] =
|
||||
{
|
||||
0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
|
||||
0xc2
|
||||
};
|
||||
|
||||
const byte ctr128Key[] =
|
||||
{
|
||||
0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
|
||||
0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c
|
||||
};
|
||||
|
||||
const byte ctr128Cipher[] =
|
||||
{
|
||||
0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26,
|
||||
0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce,
|
||||
@ -2873,15 +2881,6 @@ int aes_test(void)
|
||||
0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
|
||||
};
|
||||
|
||||
const byte oddCipher[] =
|
||||
{
|
||||
0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
|
||||
0xc2
|
||||
};
|
||||
|
||||
|
||||
/* test vector from "Recommendation for Block Cipher Modes of Operation"
|
||||
* NIST Special Publication 800-38A */
|
||||
const byte ctr192Key[] =
|
||||
{
|
||||
0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
|
||||
@ -2889,27 +2888,18 @@ int aes_test(void)
|
||||
0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b
|
||||
};
|
||||
|
||||
const byte ctr192Iv[] =
|
||||
{
|
||||
0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
|
||||
0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
|
||||
};
|
||||
|
||||
|
||||
const byte ctr192Plain[] =
|
||||
{
|
||||
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
|
||||
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
|
||||
};
|
||||
|
||||
const byte ctr192Cipher[] =
|
||||
{
|
||||
0x1a,0xbc,0x93,0x24,0x17,0x52,0x1c,0xa2,
|
||||
0x4f,0x2b,0x04,0x59,0xfe,0x7e,0x6e,0x0b
|
||||
0x4f,0x2b,0x04,0x59,0xfe,0x7e,0x6e,0x0b,
|
||||
0x09,0x03,0x39,0xec,0x0a,0xa6,0xfa,0xef,
|
||||
0xd5,0xcc,0xc2,0xc6,0xf4,0xce,0x8e,0x94,
|
||||
0x1e,0x36,0xb2,0x6b,0xd1,0xeb,0xc6,0x70,
|
||||
0xd1,0xbd,0x1d,0x66,0x56,0x20,0xab,0xf7,
|
||||
0x4f,0x78,0xa7,0xf6,0xd2,0x98,0x09,0x58,
|
||||
0x5a,0x97,0xda,0xec,0x58,0xc6,0xb0,0x50
|
||||
};
|
||||
|
||||
/* test vector from "Recommendation for Block Cipher Modes of Operation"
|
||||
* NIST Special Publication 800-38A */
|
||||
const byte ctr256Key[] =
|
||||
{
|
||||
0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
|
||||
@ -2918,93 +2908,90 @@ int aes_test(void)
|
||||
0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
|
||||
};
|
||||
|
||||
const byte ctr256Iv[] =
|
||||
{
|
||||
0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
|
||||
0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
|
||||
};
|
||||
|
||||
|
||||
const byte ctr256Plain[] =
|
||||
{
|
||||
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
|
||||
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
|
||||
};
|
||||
|
||||
const byte ctr256Cipher[] =
|
||||
{
|
||||
0x60,0x1e,0xc3,0x13,0x77,0x57,0x89,0xa5,
|
||||
0xb7,0xa7,0xf5,0x04,0xbb,0xf3,0xd2,0x28
|
||||
0xb7,0xa7,0xf5,0x04,0xbb,0xf3,0xd2,0x28,
|
||||
0xf4,0x43,0xe3,0xca,0x4d,0x62,0xb5,0x9a,
|
||||
0xca,0x84,0xe9,0x90,0xca,0xca,0xf5,0xc5,
|
||||
0x2b,0x09,0x30,0xda,0xa2,0x3d,0xe9,0x4c,
|
||||
0xe8,0x70,0x17,0xba,0x2d,0x84,0x98,0x8d,
|
||||
0xdf,0xc9,0xc5,0x8d,0xb6,0x7a,0xad,0xa6,
|
||||
0x13,0xc2,0xdd,0x08,0x45,0x79,0x41,0xa6
|
||||
};
|
||||
|
||||
wc_AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
|
||||
wc_AesSetKeyDirect(&enc, ctr128Key, sizeof(ctr128Key),
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
/* Ctr only uses encrypt, even on key setup */
|
||||
wc_AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
|
||||
wc_AesSetKeyDirect(&dec, ctr128Key, sizeof(ctr128Key),
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
|
||||
wc_AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4);
|
||||
wc_AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4);
|
||||
wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(ctrPlain));
|
||||
wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(ctrPlain));
|
||||
|
||||
if (XMEMCMP(plain, ctrPlain, AES_BLOCK_SIZE*4))
|
||||
if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain)))
|
||||
return -66;
|
||||
|
||||
if (XMEMCMP(cipher, ctrCipher, AES_BLOCK_SIZE*4))
|
||||
if (XMEMCMP(cipher, ctr128Cipher, sizeof(ctr128Cipher)))
|
||||
return -67;
|
||||
|
||||
/* let's try with just 9 bytes, non block size test */
|
||||
wc_AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
|
||||
wc_AesSetKeyDirect(&enc, ctr128Key, AES_BLOCK_SIZE,
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
/* Ctr only uses encrypt, even on key setup */
|
||||
wc_AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
|
||||
wc_AesSetKeyDirect(&dec, ctr128Key, AES_BLOCK_SIZE,
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
|
||||
wc_AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
|
||||
wc_AesCtrEncrypt(&dec, plain, cipher, 9);
|
||||
wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(oddCipher));
|
||||
wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(oddCipher));
|
||||
|
||||
if (XMEMCMP(plain, ctrPlain, 9))
|
||||
if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher)))
|
||||
return -68;
|
||||
|
||||
if (XMEMCMP(cipher, ctrCipher, 9))
|
||||
if (XMEMCMP(cipher, ctr128Cipher, sizeof(oddCipher)))
|
||||
return -69;
|
||||
|
||||
/* and an additional 9 bytes to reuse tmp left buffer */
|
||||
wc_AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
|
||||
wc_AesCtrEncrypt(&dec, plain, cipher, 9);
|
||||
wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(oddCipher));
|
||||
wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(oddCipher));
|
||||
|
||||
if (XMEMCMP(plain, ctrPlain, 9))
|
||||
if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher)))
|
||||
return -70;
|
||||
|
||||
if (XMEMCMP(cipher, oddCipher, 9))
|
||||
if (XMEMCMP(cipher, oddCipher, sizeof(oddCipher)))
|
||||
return -71;
|
||||
|
||||
/* 192 bit key */
|
||||
wc_AesSetKeyDirect(&enc, ctr192Key, sizeof(ctr192Key),
|
||||
ctr192Iv, AES_ENCRYPTION);
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
/* Ctr only uses encrypt, even on key setup */
|
||||
wc_AesSetKeyDirect(&dec, ctr192Key, sizeof(ctr192Key),
|
||||
ctr192Iv, AES_ENCRYPTION);
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
|
||||
XMEMSET(plain, 0, sizeof(plain));
|
||||
wc_AesCtrEncrypt(&enc, plain, ctr192Cipher, sizeof(ctr192Cipher));
|
||||
|
||||
if (XMEMCMP(plain, ctr192Plain, sizeof(ctr192Plain)))
|
||||
if (XMEMCMP(plain, ctrPlain, sizeof(ctr192Cipher)))
|
||||
return -72;
|
||||
|
||||
wc_AesCtrEncrypt(&dec, cipher, ctr192Plain, sizeof(ctr192Plain));
|
||||
wc_AesCtrEncrypt(&dec, cipher, ctrPlain, sizeof(ctrPlain));
|
||||
if (XMEMCMP(ctr192Cipher, cipher, sizeof(ctr192Cipher)))
|
||||
return -73;
|
||||
|
||||
/* 256 bit key */
|
||||
wc_AesSetKeyDirect(&enc, ctr256Key, sizeof(ctr256Key),
|
||||
ctr256Iv, AES_ENCRYPTION);
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
/* Ctr only uses encrypt, even on key setup */
|
||||
wc_AesSetKeyDirect(&dec, ctr256Key, sizeof(ctr256Key),
|
||||
ctr256Iv, AES_ENCRYPTION);
|
||||
ctrIv, AES_ENCRYPTION);
|
||||
|
||||
XMEMSET(plain, 0, sizeof(plain));
|
||||
wc_AesCtrEncrypt(&enc, plain, ctr256Cipher, sizeof(ctr256Cipher));
|
||||
|
||||
if (XMEMCMP(plain, ctr256Plain, sizeof(ctr256Plain)))
|
||||
if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain)))
|
||||
return -74;
|
||||
|
||||
wc_AesCtrEncrypt(&dec, cipher, ctr256Plain, sizeof(ctr256Plain));
|
||||
wc_AesCtrEncrypt(&dec, cipher, ctrPlain, sizeof(ctrPlain));
|
||||
if (XMEMCMP(ctr256Cipher, cipher, sizeof(ctr256Cipher)))
|
||||
return -75;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user