]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/test-aes.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Optimize FT test cases
[thirdparty/hostap.git] / tests / test-aes.c
1 /*
2 * Test program for AES
3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "crypto/crypto.h"
13 #include "crypto/aes_wrap.h"
14 #include "crypto/aes_siv.h"
15
16 #define BLOCK_SIZE 16
17
18 static void test_aes_perf(void)
19 {
20 #if 0 /* this did not seem to work with new compiler?! */
21 #ifdef __i386__
22 #define rdtscll(val) \
23 __asm__ __volatile__("rdtsc" : "=A" (val))
24 const int num_iters = 10;
25 int i;
26 unsigned int start, end;
27 u8 key[16], pt[16], ct[16];
28 void *ctx;
29
30 printf("keySetupEnc:");
31 for (i = 0; i < num_iters; i++) {
32 rdtscll(start);
33 ctx = aes_encrypt_init(key, 16);
34 rdtscll(end);
35 aes_encrypt_deinit(ctx);
36 printf(" %d", end - start);
37 }
38 printf("\n");
39
40 printf("Encrypt:");
41 ctx = aes_encrypt_init(key, 16);
42 for (i = 0; i < num_iters; i++) {
43 rdtscll(start);
44 aes_encrypt(ctx, pt, ct);
45 rdtscll(end);
46 printf(" %d", end - start);
47 }
48 aes_encrypt_deinit(ctx);
49 printf("\n");
50 #endif /* __i386__ */
51 #endif
52 }
53
54
55 static int test_eax(void)
56 {
57 u8 msg[] = { 0xF7, 0xFB };
58 u8 key[] = { 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B,
59 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4 };
60 u8 nonce[] = { 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84,
61 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD };
62 u8 hdr[] = { 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA };
63 u8 cipher[] = { 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D,
64 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79,
65 0x67, 0xE5 };
66 u8 data[sizeof(msg)], tag[BLOCK_SIZE];
67
68 memcpy(data, msg, sizeof(msg));
69 if (aes_128_eax_encrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
70 data, sizeof(data), tag)) {
71 printf("AES-128 EAX mode encryption failed\n");
72 return 1;
73 }
74 if (memcmp(data, cipher, sizeof(data)) != 0) {
75 printf("AES-128 EAX mode encryption returned invalid cipher "
76 "text\n");
77 return 1;
78 }
79 if (memcmp(tag, cipher + sizeof(data), BLOCK_SIZE) != 0) {
80 printf("AES-128 EAX mode encryption returned invalid tag\n");
81 return 1;
82 }
83
84 if (aes_128_eax_decrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr),
85 data, sizeof(data), tag)) {
86 printf("AES-128 EAX mode decryption failed\n");
87 return 1;
88 }
89 if (memcmp(data, msg, sizeof(data)) != 0) {
90 printf("AES-128 EAX mode decryption returned invalid plain "
91 "text\n");
92 return 1;
93 }
94
95 return 0;
96 }
97
98
99 static int test_cbc(void)
100 {
101 struct cbc_test_vector {
102 u8 key[16];
103 u8 iv[16];
104 u8 plain[32];
105 u8 cipher[32];
106 size_t len;
107 } vectors[] = {
108 {
109 { 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b,
110 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06 },
111 { 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30,
112 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41 },
113 "Single block msg",
114 { 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8,
115 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a },
116 16
117 },
118 {
119 { 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0,
120 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a },
121 { 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28,
122 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58 },
123 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
124 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
125 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
126 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
127 { 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a,
128 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a,
129 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9,
130 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 },
131 32
132 }
133 };
134 int ret = 0;
135 u8 *buf;
136 unsigned int i;
137
138 for (i = 0; i < ARRAY_SIZE(vectors); i++) {
139 struct cbc_test_vector *tv = &vectors[i];
140 buf = malloc(tv->len);
141 if (buf == NULL) {
142 ret++;
143 break;
144 }
145 memcpy(buf, tv->plain, tv->len);
146 if (aes_128_cbc_encrypt(tv->key, tv->iv, buf, tv->len) ||
147 memcmp(buf, tv->cipher, tv->len) != 0) {
148 printf("AES-CBC encrypt %d failed\n", i);
149 ret++;
150 }
151 memcpy(buf, tv->cipher, tv->len);
152 if (aes_128_cbc_decrypt(tv->key, tv->iv, buf, tv->len) ||
153 memcmp(buf, tv->plain, tv->len) != 0) {
154 printf("AES-CBC decrypt %d failed\n", i);
155 ret++;
156 }
157 free(buf);
158 }
159
160 return ret;
161 }
162
163
164 /*
165 * GCM test vectors from
166 * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
167 */
168 struct gcm_test_vector {
169 char *k;
170 char *p;
171 char *aad;
172 char *iv;
173 char *c;
174 char *t;
175 };
176
177 static const struct gcm_test_vector gcm_tests[] = {
178 {
179 /* Test Case 1 */
180 "00000000000000000000000000000000",
181 "",
182 "",
183 "000000000000000000000000",
184 "",
185 "58e2fccefa7e3061367f1d57a4e7455a"
186 },
187 {
188 /* Test Case 2 */
189 "00000000000000000000000000000000",
190 "00000000000000000000000000000000",
191 "",
192 "000000000000000000000000",
193 "0388dace60b6a392f328c2b971b2fe78",
194 "ab6e47d42cec13bdf53a67b21257bddf"
195 },
196 {
197 /* Test Case 3 */
198 "feffe9928665731c6d6a8f9467308308",
199 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
200 "",
201 "cafebabefacedbaddecaf888",
202 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
203 "4d5c2af327cd64a62cf35abd2ba6fab4"
204 },
205 {
206 /* Test Case 4 */
207 "feffe9928665731c6d6a8f9467308308",
208 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
209 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
210 "cafebabefacedbaddecaf888",
211 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
212 "5bc94fbc3221a5db94fae95ae7121a47"
213 },
214 {
215 /* Test Case 5 */
216 "feffe9928665731c6d6a8f9467308308",
217 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
218 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
219 "cafebabefacedbad",
220 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
221 "3612d2e79e3b0785561be14aaca2fccb"
222 },
223 {
224 /* Test Case 6 */
225 "feffe9928665731c6d6a8f9467308308",
226 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
227 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
228 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
229 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
230 "619cc5aefffe0bfa462af43c1699d050"
231 },
232 {
233 /* Test Case 7 */
234 "000000000000000000000000000000000000000000000000",
235 "",
236 "",
237 "000000000000000000000000",
238 "",
239 "cd33b28ac773f74ba00ed1f312572435"
240 },
241 {
242 /* Test Case 8 */
243 "000000000000000000000000000000000000000000000000",
244 "00000000000000000000000000000000",
245 "",
246 "000000000000000000000000",
247 "98e7247c07f0fe411c267e4384b0f600",
248 "2ff58d80033927ab8ef4d4587514f0fb"
249 },
250 {
251 /* Test Case 9 */
252 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
253 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
254 "",
255 "cafebabefacedbaddecaf888",
256 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
257 "9924a7c8587336bfb118024db8674a14"
258 },
259 {
260 /* Test Case 10 */
261 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
262 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
263 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
264 "cafebabefacedbaddecaf888",
265 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
266 "2519498e80f1478f37ba55bd6d27618c"
267 },
268 {
269 /* Test Case 11 */
270 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
271 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
272 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
273 "cafebabefacedbad",
274 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
275 "65dcc57fcf623a24094fcca40d3533f8"
276 },
277 {
278 /* Test Case 12 */
279 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
280 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
281 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
282 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
283 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
284 "dcf566ff291c25bbb8568fc3d376a6d9"
285 },
286 {
287 /* Test Case 13 */
288 "0000000000000000000000000000000000000000000000000000000000000000",
289 "",
290 "",
291 "000000000000000000000000",
292 "",
293 "530f8afbc74536b9a963b4f1c4cb738b"
294 },
295 {
296 /* Test Case 14 */
297 "0000000000000000000000000000000000000000000000000000000000000000",
298 "00000000000000000000000000000000",
299 "",
300 "000000000000000000000000",
301 "cea7403d4d606b6e074ec5d3baf39d18",
302 "d0d1c8a799996bf0265b98b5d48ab919"
303 },
304 {
305 /* Test Case 15 */
306 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
307 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
308 "",
309 "cafebabefacedbaddecaf888",
310 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
311 "b094dac5d93471bdec1a502270e3cc6c"
312 },
313 {
314 /* Test Case 16 */
315 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
316 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
317 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
318 "cafebabefacedbaddecaf888",
319 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
320 "76fc6ece0f4e1768cddf8853bb2d551b"
321 },
322 {
323 /* Test Case 17 */
324 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
325 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
326 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
327 "cafebabefacedbad",
328 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
329 "3a337dbf46a792c45e454913fe2ea8f2"
330 },
331 {
332 /* Test Case 18 */
333 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
334 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
335 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
336 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
337 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
338 "a44a8266ee1c8eb0c8b5d4cf5ae9f19a"
339 }
340 };
341
342
343 static int test_gcm(void)
344 {
345 int ret = 0;
346 int i;
347 u8 k[32], aad[32], iv[64], t[16], tag[16];
348 u8 p[64], c[64], tmp[64];
349 size_t k_len, p_len, aad_len, iv_len;
350
351 for (i = 0; i < ARRAY_SIZE(gcm_tests); i++) {
352 const struct gcm_test_vector *tc = &gcm_tests[i];
353
354 k_len = os_strlen(tc->k) / 2;
355 if (hexstr2bin(tc->k, k, k_len)) {
356 printf("Invalid GCM test vector %d (k)\n", i);
357 ret++;
358 continue;
359 }
360
361 p_len = os_strlen(tc->p) / 2;
362 if (hexstr2bin(tc->p, p, p_len)) {
363 printf("Invalid GCM test vector %d (p)\n", i);
364 ret++;
365 continue;
366 }
367
368 aad_len = os_strlen(tc->aad) / 2;
369 if (hexstr2bin(tc->aad, aad, aad_len)) {
370 printf("Invalid GCM test vector %d (aad)\n", i);
371 ret++;
372 continue;
373 }
374
375 iv_len = os_strlen(tc->iv) / 2;
376 if (hexstr2bin(tc->iv, iv, iv_len)) {
377 printf("Invalid GCM test vector %d (iv)\n", i);
378 ret++;
379 continue;
380 }
381
382 if (hexstr2bin(tc->c, c, p_len)) {
383 printf("Invalid GCM test vector %d (c)\n", i);
384 ret++;
385 continue;
386 }
387
388 if (hexstr2bin(tc->t, t, sizeof(t))) {
389 printf("Invalid GCM test vector %d (t)\n", i);
390 ret++;
391 continue;
392 }
393
394 if (aes_gcm_ae(k, k_len, iv, iv_len, p, p_len, aad, aad_len,
395 tmp, tag) < 0) {
396 printf("GCM-AE failed (test case %d)\n", i);
397 ret++;
398 continue;
399 }
400
401 if (os_memcmp(c, tmp, p_len) != 0) {
402 printf("GCM-AE mismatch (test case %d)\n", i);
403 ret++;
404 }
405
406 if (os_memcmp(tag, t, sizeof(tag)) != 0) {
407 printf("GCM-AE tag mismatch (test case %d)\n", i);
408 ret++;
409 }
410
411 if (p_len == 0) {
412 if (aes_gmac(k, k_len, iv, iv_len, aad, aad_len, tag) <
413 0) {
414 printf("GMAC failed (test case %d)\n", i);
415 ret++;
416 continue;
417 }
418
419 if (os_memcmp(tag, t, sizeof(tag)) != 0) {
420 printf("GMAC tag mismatch (test case %d)\n", i);
421 ret++;
422 }
423 }
424
425 if (aes_gcm_ad(k, k_len, iv, iv_len, c, p_len, aad, aad_len,
426 t, tmp) < 0) {
427 printf("GCM-AD failed (test case %d)\n", i);
428 ret++;
429 continue;
430 }
431
432 if (os_memcmp(p, tmp, p_len) != 0) {
433 printf("GCM-AD mismatch (test case %d)\n", i);
434 ret++;
435 }
436 }
437
438 return ret;
439 }
440
441
442 static int test_siv(void)
443 {
444 u8 key[] = {
445 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
446 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
447 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
448 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
449 };
450 u8 ad[] = {
451 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
452 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
453 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
454 };
455 u8 plaintext[] = {
456 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
457 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee
458 };
459 u8 iv_c[] = {
460 0x85, 0x63, 0x2d, 0x07, 0xc6, 0xe8, 0xf3, 0x7f,
461 0x95, 0x0a, 0xcd, 0x32, 0x0a, 0x2e, 0xcc, 0x93,
462 0x40, 0xc0, 0x2b, 0x96, 0x90, 0xc4, 0xdc, 0x04,
463 0xda, 0xef, 0x7f, 0x6a, 0xfe, 0x5c
464 };
465 u8 out[2 * BLOCK_SIZE + sizeof(plaintext)];
466 const u8 *addr[1];
467 size_t len[1];
468
469 addr[0] = ad;
470 len[0] = sizeof(ad);
471
472 if (aes_siv_encrypt(key, plaintext, sizeof(plaintext),
473 1, addr, len, out)) {
474 printf("AES-SIV mode encryption failed\n");
475 return 1;
476 }
477 if (memcmp(out, iv_c, sizeof(iv_c)) != 0) {
478 printf("AES-SIV mode encryption returned invalid cipher "
479 "text\n");
480 return 1;
481 }
482
483 if (aes_siv_decrypt(key, iv_c, sizeof(iv_c), 1, addr, len, out)) {
484 printf("AES-SIV mode decryption failed\n");
485 return 1;
486 }
487 if (memcmp(out, plaintext, sizeof(plaintext)) != 0) {
488 printf("AES-SIV mode decryption returned invalid plain text\n");
489 return 1;
490 }
491 printf("AES-SIV test passed\n");
492
493 return 0;
494 }
495
496
497 /* OMAC1 AES-128 test vectors from
498 * http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/omac/omac-ad.pdf
499 * which are same as the examples from NIST SP800-38B
500 * http://csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf
501 */
502
503 struct omac1_test_vector {
504 u8 k[16];
505 u8 msg[64];
506 int msg_len;
507 u8 tag[16];
508 };
509
510 static struct omac1_test_vector test_vectors[] =
511 {
512 {
513 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
514 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
515 { },
516 0,
517 { 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
518 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 }
519 },
520 {
521 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
522 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
523 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
524 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a},
525 16,
526 { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
527 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c }
528 },
529 {
530 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
531 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
532 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
533 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
534 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
535 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
536 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11 },
537 40,
538 { 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
539 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27 }
540 },
541 {
542 { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
543 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c },
544 { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
545 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
546 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
547 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
548 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
549 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
550 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
551 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 },
552 64,
553 { 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
554 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe }
555 },
556 };
557
558
559 static int test_key_wrap(void)
560 {
561 unsigned int i;
562 int ret = 0;
563
564 /* RFC 3394 - Test vector 4.1 */
565 u8 kek41[] = {
566 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
567 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
568 };
569 u8 plain41[] = {
570 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
571 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
572 };
573 u8 crypt41[] = {
574 0x1F, 0xA6, 0x8B, 0x0A, 0x81, 0x12, 0xB4, 0x47,
575 0xAE, 0xF3, 0x4B, 0xD8, 0xFB, 0x5A, 0x7B, 0x82,
576 0x9D, 0x3E, 0x86, 0x23, 0x71, 0xD2, 0xCF, 0xE5
577 };
578 /* RFC 3394 - Test vector 4.2 */
579 u8 kek42[] = {
580 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
581 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
582 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
583 };
584 u8 plain42[] = {
585 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
586 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
587 };
588 u8 crypt42[] = {
589 0x96, 0x77, 0x8B, 0x25, 0xAE, 0x6C, 0xA4, 0x35,
590 0xF9, 0x2B, 0x5B, 0x97, 0xC0, 0x50, 0xAE, 0xD2,
591 0x46, 0x8A, 0xB8, 0xA1, 0x7A, 0xD8, 0x4E, 0x5D
592 };
593 /* RFC 3394 - Test vector 4.3 */
594 u8 kek43[] = {
595 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
596 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
597 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
598 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
599 };
600 u8 plain43[] = {
601 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
602 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
603 };
604 u8 crypt43[] = {
605 0x64, 0xE8, 0xC3, 0xF9, 0xCE, 0x0F, 0x5B, 0xA2,
606 0x63, 0xE9, 0x77, 0x79, 0x05, 0x81, 0x8A, 0x2A,
607 0x93, 0xC8, 0x19, 0x1E, 0x7D, 0x6E, 0x8A, 0xE7,
608 };
609 /* RFC 3394 - Test vector 4.4 */
610 u8 kek44[] = {
611 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
612 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
613 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
614 };
615 u8 plain44[] = {
616 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
617 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
618 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
619 };
620 u8 crypt44[] = {
621 0x03, 0x1D, 0x33, 0x26, 0x4E, 0x15, 0xD3, 0x32,
622 0x68, 0xF2, 0x4E, 0xC2, 0x60, 0x74, 0x3E, 0xDC,
623 0xE1, 0xC6, 0xC7, 0xDD, 0xEE, 0x72, 0x5A, 0x93,
624 0x6B, 0xA8, 0x14, 0x91, 0x5C, 0x67, 0x62, 0xD2
625 };
626 /* RFC 3394 - Test vector 4.5 */
627 u8 kek45[] = {
628 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
629 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
630 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
631 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
632 };
633 u8 plain45[] = {
634 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
635 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
636 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
637 };
638 u8 crypt45[] = {
639 0xA8, 0xF9, 0xBC, 0x16, 0x12, 0xC6, 0x8B, 0x3F,
640 0xF6, 0xE6, 0xF4, 0xFB, 0xE3, 0x0E, 0x71, 0xE4,
641 0x76, 0x9C, 0x8B, 0x80, 0xA3, 0x2C, 0xB8, 0x95,
642 0x8C, 0xD5, 0xD1, 0x7D, 0x6B, 0x25, 0x4D, 0xA1,
643 };
644 /* RFC 3394 - Test vector 4.6 */
645 u8 kek46[] = {
646 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
647 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
648 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
649 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
650 };
651 u8 plain46[] = {
652 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
653 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF,
654 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
655 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
656 };
657 u8 crypt46[] = {
658 0x28, 0xC9, 0xF4, 0x04, 0xC4, 0xB8, 0x10, 0xF4,
659 0xCB, 0xCC, 0xB3, 0x5C, 0xFB, 0x87, 0xF8, 0x26,
660 0x3F, 0x57, 0x86, 0xE2, 0xD8, 0x0E, 0xD3, 0x26,
661 0xCB, 0xC7, 0xF0, 0xE7, 0x1A, 0x99, 0xF4, 0x3B,
662 0xFB, 0x98, 0x8B, 0x9B, 0x7A, 0x02, 0xDD, 0x21
663 };
664 u8 result[40];
665
666 printf("RFC 3394 - Test vector 4.1\n");
667 if (aes_wrap(kek41, sizeof(kek41), sizeof(plain41) / 8, plain41,
668 result)) {
669 printf("AES-WRAP-128 reported failure\n");
670 ret++;
671 }
672 if (memcmp(result, crypt41, sizeof(crypt41)) != 0) {
673 printf("AES-WRAP-128 failed\n");
674 ret++;
675 }
676 if (aes_unwrap(kek41, sizeof(kek41), sizeof(plain41) / 8, crypt41,
677 result)) {
678 printf("AES-UNWRAP-128 reported failure\n");
679 ret++;
680 }
681 if (memcmp(result, plain41, sizeof(plain41)) != 0) {
682 printf("AES-UNWRAP-128 failed\n");
683 ret++;
684 for (i = 0; i < sizeof(plain41); i++)
685 printf(" %02x", result[i]);
686 printf("\n");
687 }
688
689 printf("RFC 3394 - Test vector 4.2\n");
690 if (aes_wrap(kek42, sizeof(kek42), sizeof(plain42) / 8, plain42,
691 result)) {
692 printf("AES-WRAP-192 reported failure\n");
693 ret++;
694 }
695 if (memcmp(result, crypt42, sizeof(crypt42)) != 0) {
696 printf("AES-WRAP-192 failed\n");
697 ret++;
698 }
699 if (aes_unwrap(kek42, sizeof(kek42), sizeof(plain42) / 8, crypt42,
700 result)) {
701 printf("AES-UNWRAP-192 reported failure\n");
702 ret++;
703 }
704 if (memcmp(result, plain42, sizeof(plain42)) != 0) {
705 printf("AES-UNWRAP-192 failed\n");
706 ret++;
707 for (i = 0; i < sizeof(plain42); i++)
708 printf(" %02x", result[i]);
709 printf("\n");
710 }
711
712 printf("RFC 3394 - Test vector 4.3\n");
713 if (aes_wrap(kek43, sizeof(kek43), sizeof(plain43) / 8, plain43,
714 result)) {
715 printf("AES-WRAP-256 reported failure\n");
716 ret++;
717 }
718 if (memcmp(result, crypt43, sizeof(crypt43)) != 0) {
719 printf("AES-WRAP-256 failed\n");
720 ret++;
721 }
722 if (aes_unwrap(kek43, sizeof(kek43), sizeof(plain43) / 8, crypt43,
723 result)) {
724 printf("AES-UNWRAP-256 reported failure\n");
725 ret++;
726 }
727 if (memcmp(result, plain43, sizeof(plain43)) != 0) {
728 printf("AES-UNWRAP-256 failed\n");
729 ret++;
730 for (i = 0; i < sizeof(plain43); i++)
731 printf(" %02x", result[i]);
732 printf("\n");
733 }
734
735 printf("RFC 3394 - Test vector 4.4\n");
736 if (aes_wrap(kek44, sizeof(kek44), sizeof(plain44) / 8, plain44,
737 result)) {
738 printf("AES-WRAP-192 reported failure\n");
739 ret++;
740 }
741 if (memcmp(result, crypt44, sizeof(crypt44)) != 0) {
742 printf("AES-WRAP-192 failed\n");
743 ret++;
744 }
745 if (aes_unwrap(kek44, sizeof(kek44), sizeof(plain44) / 8, crypt44,
746 result)) {
747 printf("AES-UNWRAP-192 reported failure\n");
748 ret++;
749 }
750 if (memcmp(result, plain44, sizeof(plain44)) != 0) {
751 printf("AES-UNWRAP-192 failed\n");
752 ret++;
753 for (i = 0; i < sizeof(plain44); i++)
754 printf(" %02x", result[i]);
755 printf("\n");
756 }
757
758 printf("RFC 3394 - Test vector 4.5\n");
759 if (aes_wrap(kek45, sizeof(kek45), sizeof(plain45) / 8, plain45,
760 result)) {
761 printf("AES-WRAP-256 reported failure\n");
762 ret++;
763 }
764 if (memcmp(result, crypt45, sizeof(crypt45)) != 0) {
765 printf("AES-WRAP-256 failed\n");
766 ret++;
767 for (i = 0; i < sizeof(crypt45); i++)
768 printf(" %02x", result[i]);
769 printf("\n");
770 }
771 if (aes_unwrap(kek45, sizeof(kek45), sizeof(plain45) / 8, crypt45,
772 result)) {
773 printf("AES-UNWRAP-256 reported failure\n");
774 ret++;
775 }
776 if (memcmp(result, plain45, sizeof(plain45)) != 0) {
777 printf("AES-UNWRAP-256 failed\n");
778 ret++;
779 for (i = 0; i < sizeof(plain45); i++)
780 printf(" %02x", result[i]);
781 printf("\n");
782 }
783
784 printf("RFC 3394 - Test vector 4.6\n");
785 if (aes_wrap(kek46, sizeof(kek46), sizeof(plain46) / 8, plain46,
786 result)) {
787 printf("AES-WRAP-256 reported failure\n");
788 ret++;
789 }
790 if (memcmp(result, crypt46, sizeof(crypt46)) != 0) {
791 printf("AES-WRAP-256 failed\n");
792 ret++;
793 }
794 if (aes_unwrap(kek46, sizeof(kek46), sizeof(plain46) / 8, crypt46,
795 result)) {
796 printf("AES-UNWRAP-256 reported failure\n");
797 ret++;
798 }
799 if (memcmp(result, plain46, sizeof(plain46)) != 0) {
800 printf("AES-UNWRAP-256 failed\n");
801 ret++;
802 for (i = 0; i < sizeof(plain46); i++)
803 printf(" %02x", result[i]);
804 printf("\n");
805 }
806
807 return ret;
808 }
809
810
811 static int test_nist_key_wrap_ae(const char *fname)
812 {
813 FILE *f;
814 int ret = 0;
815 char buf[15000], *pos, *pos2;
816 u8 bin[2000], k[32], p[1024], c[1024 + 8], result[1024 + 8];
817 size_t bin_len, k_len = 0, p_len = 0, c_len = 0;
818 int ok = 0;
819
820 printf("NIST KW AE tests from %s\n", fname);
821
822 f = fopen(fname, "r");
823 if (f == NULL) {
824 printf("%s does not exist - cannot validate test vectors\n",
825 fname);
826 return 1;
827 }
828
829 while (fgets(buf, sizeof(buf), f)) {
830 if (buf[0] == '#')
831 continue;
832 pos = os_strchr(buf, '=');
833 if (pos == NULL)
834 continue;
835 pos2 = pos - 1;
836 while (pos2 >= buf && *pos2 == ' ')
837 *pos2-- = '\0';
838 *pos++ = '\0';
839 while (*pos == ' ')
840 *pos++ = '\0';
841 pos2 = os_strchr(pos, '\r');
842 if (!pos2)
843 pos2 = os_strchr(pos, '\n');
844 if (pos2)
845 *pos2 = '\0';
846 else
847 pos2 = pos + os_strlen(pos);
848
849 if (buf[0] == '[') {
850 printf("%s = %s\n", buf, pos);
851 continue;
852 }
853
854 if (os_strcmp(buf, "COUNT") == 0) {
855 printf("Test %s - ", pos);
856 continue;
857 }
858
859 bin_len = os_strlen(pos);
860 if (bin_len > sizeof(bin) * 2) {
861 printf("Too long binary data (%s)\n", buf);
862 return 1;
863 }
864 if (bin_len & 0x01) {
865 printf("Odd number of hexstring values (%s)\n",
866 buf);
867 return 1;
868 }
869 bin_len /= 2;
870 if (hexstr2bin(pos, bin, bin_len) < 0) {
871 printf("Invalid hex string '%s' (%s)\n", pos, buf);
872 return 1;
873 }
874
875 if (os_strcmp(buf, "K") == 0) {
876 if (bin_len > sizeof(k)) {
877 printf("Too long K (%u)\n", (unsigned) bin_len);
878 return 1;
879 }
880 os_memcpy(k, bin, bin_len);
881 k_len = bin_len;
882 continue;
883 }
884
885 if (os_strcmp(buf, "P") == 0) {
886 if (bin_len > sizeof(p)) {
887 printf("Too long P (%u)\n", (unsigned) bin_len);
888 return 1;
889 }
890 os_memcpy(p, bin, bin_len);
891 p_len = bin_len;
892 continue;
893 }
894
895 if (os_strcmp(buf, "C") != 0) {
896 printf("Unexpected field '%s'\n", buf);
897 continue;
898 }
899
900 if (bin_len > sizeof(c)) {
901 printf("Too long C (%u)\n", (unsigned) bin_len);
902 return 1;
903 }
904 os_memcpy(c, bin, bin_len);
905 c_len = bin_len;
906
907 if (p_len % 8 != 0 || c_len % 8 != 0 || c_len - p_len != 8) {
908 printf("invalid parameter length (p_len=%u c_len=%u)\n",
909 (unsigned) p_len, (unsigned) c_len);
910 continue;
911 }
912
913 if (aes_wrap(k, k_len, p_len / 8, p, result)) {
914 printf("aes_wrap() failed\n");
915 ret++;
916 continue;
917 }
918
919 if (os_memcmp(c, result, c_len) == 0) {
920 printf("OK\n");
921 ok++;
922 } else {
923 printf("FAIL\n");
924 ret++;
925 }
926 }
927
928 fclose(f);
929
930 if (ret)
931 printf("Test case failed\n");
932 else
933 printf("%d test vectors OK\n", ok);
934
935 return ret;
936 }
937
938
939 static int test_nist_key_wrap_ad(const char *fname)
940 {
941 FILE *f;
942 int ret = 0;
943 char buf[15000], *pos, *pos2;
944 u8 bin[2000], k[32], p[1024], c[1024 + 8], result[1024 + 8];
945 size_t bin_len, k_len = 0, p_len = 0, c_len = 0;
946 int ok = 0;
947 int fail;
948
949 printf("NIST KW AD tests from %s\n", fname);
950
951 f = fopen(fname, "r");
952 if (f == NULL) {
953 printf("%s does not exist - cannot validate test vectors\n",
954 fname);
955 return 1;
956 }
957
958 while (fgets(buf, sizeof(buf), f)) {
959 if (buf[0] == '#')
960 continue;
961 fail = 0;
962 pos = os_strchr(buf, '=');
963 if (pos == NULL) {
964 if (os_strncmp(buf, "FAIL", 4) == 0) {
965 fail = 1;
966 goto skip_val_parse;
967 }
968 continue;
969 }
970 pos2 = pos - 1;
971 while (pos2 >= buf && *pos2 == ' ')
972 *pos2-- = '\0';
973 *pos++ = '\0';
974 while (*pos == ' ')
975 *pos++ = '\0';
976 pos2 = os_strchr(pos, '\r');
977 if (!pos2)
978 pos2 = os_strchr(pos, '\n');
979 if (pos2)
980 *pos2 = '\0';
981 else
982 pos2 = pos + os_strlen(pos);
983
984 if (buf[0] == '[') {
985 printf("%s = %s\n", buf, pos);
986 continue;
987 }
988
989 if (os_strcmp(buf, "COUNT") == 0) {
990 printf("Test %s - ", pos);
991 continue;
992 }
993
994 bin_len = os_strlen(pos);
995 if (bin_len > sizeof(bin) * 2) {
996 printf("Too long binary data (%s)\n", buf);
997 return 1;
998 }
999 if (bin_len & 0x01) {
1000 printf("Odd number of hexstring values (%s)\n",
1001 buf);
1002 return 1;
1003 }
1004 bin_len /= 2;
1005 if (hexstr2bin(pos, bin, bin_len) < 0) {
1006 printf("Invalid hex string '%s' (%s)\n", pos, buf);
1007 return 1;
1008 }
1009
1010 if (os_strcmp(buf, "K") == 0) {
1011 if (bin_len > sizeof(k)) {
1012 printf("Too long K (%u)\n", (unsigned) bin_len);
1013 return 1;
1014 }
1015 os_memcpy(k, bin, bin_len);
1016 k_len = bin_len;
1017 continue;
1018 }
1019
1020 if (os_strcmp(buf, "C") == 0) {
1021 if (bin_len > sizeof(c)) {
1022 printf("Too long C (%u)\n", (unsigned) bin_len);
1023 return 1;
1024 }
1025 os_memcpy(c, bin, bin_len);
1026 c_len = bin_len;
1027 continue;
1028 }
1029
1030 skip_val_parse:
1031 if (!fail) {
1032 if (os_strcmp(buf, "P") != 0) {
1033 printf("Unexpected field '%s'\n", buf);
1034 continue;
1035 }
1036
1037 if (bin_len > sizeof(p)) {
1038 printf("Too long P (%u)\n", (unsigned) bin_len);
1039 return 1;
1040 }
1041 os_memcpy(p, bin, bin_len);
1042 p_len = bin_len;
1043
1044 if (p_len % 8 != 0 || c_len % 8 != 0 ||
1045 c_len - p_len != 8) {
1046 printf("invalid parameter length (p_len=%u c_len=%u)\n",
1047 (unsigned) p_len, (unsigned) c_len);
1048 continue;
1049 }
1050 }
1051
1052 if (aes_unwrap(k, k_len, (c_len / 8) - 1, c, result)) {
1053 if (fail) {
1054 printf("OK (fail reported)\n");
1055 ok++;
1056 continue;
1057 }
1058 printf("aes_unwrap() failed\n");
1059 ret++;
1060 continue;
1061 }
1062
1063 if (fail) {
1064 printf("FAIL (mismatch not reported)\n");
1065 ret++;
1066 } else if (os_memcmp(p, result, p_len) == 0) {
1067 printf("OK\n");
1068 ok++;
1069 } else {
1070 printf("FAIL\n");
1071 ret++;
1072 }
1073 }
1074
1075 fclose(f);
1076
1077 if (ret)
1078 printf("Test case failed\n");
1079 else
1080 printf("%d test vectors OK\n", ok);
1081
1082 return ret;
1083 }
1084
1085
1086 int main(int argc, char *argv[])
1087 {
1088 u8 result[24];
1089 int ret = 0;
1090 unsigned int i;
1091 struct omac1_test_vector *tv;
1092
1093 if (argc >= 3 && os_strcmp(argv[1], "NIST-KW-AE") == 0)
1094 ret += test_nist_key_wrap_ae(argv[2]);
1095 else if (argc >= 3 && os_strcmp(argv[1], "NIST-KW-AD") == 0)
1096 ret += test_nist_key_wrap_ad(argv[2]);
1097
1098 ret += test_key_wrap();
1099
1100 test_aes_perf();
1101
1102 for (i = 0; i < ARRAY_SIZE(test_vectors); i++) {
1103 tv = &test_vectors[i];
1104 if (omac1_aes_128(tv->k, tv->msg, tv->msg_len, result) ||
1105 memcmp(result, tv->tag, 16) != 0) {
1106 printf("OMAC1-AES-128 test vector %d failed\n", i);
1107 ret++;
1108 }
1109
1110 if (tv->msg_len > 1) {
1111 const u8 *addr[2];
1112 size_t len[2];
1113
1114 addr[0] = tv->msg;
1115 len[0] = 1;
1116 addr[1] = tv->msg + 1;
1117 len[1] = tv->msg_len - 1;
1118
1119 if (omac1_aes_128_vector(tv->k, 2, addr, len,
1120 result) ||
1121 memcmp(result, tv->tag, 16) != 0) {
1122 printf("OMAC1-AES-128(vector) test vector %d "
1123 "failed\n", i);
1124 ret++;
1125 }
1126 }
1127 }
1128
1129 ret += test_eax();
1130
1131 ret += test_cbc();
1132
1133 ret += test_gcm();
1134
1135 ret += test_siv();
1136
1137 if (ret)
1138 printf("FAILED!\n");
1139
1140 return ret;
1141 }
Unnamed repository; edit this file 'description' to name the repository.