[test] Add NIST self-tests for AES128 and AES256 in ECB mode

author Michael Brown <mcb30@ipxe.org>

Mon, 27 Jul 2015 13:53:32 +0000 (14:53 +0100)

committer Michael Brown <mcb30@ipxe.org>

Mon, 27 Jul 2015 15:04:38 +0000 (16:04 +0100)
author Michael Brown <mcb30@ipxe.org>
Mon, 27 Jul 2015 13:53:32 +0000 (14:53 +0100)
committer Michael Brown <mcb30@ipxe.org>
Mon, 27 Jul 2015 15:04:38 +0000 (16:04 +0100)
diff --git a/src/tests/aes_test.c b/src/tests/aes_test.c

index 6c424ee51050b48b5bd2bb6c56dd357afd254f40..b92cc33754030bdf028bf41747ce7c486e85ce0f 100644 (file)
--- a/src/tests/aes_test.c
+++ b/src/tests/aes_test.c
@@ -30,6 +30,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
   * These test vectors are provided by NIST as part of the
   * Cryptographic Toolkit Examples, downloadable from:
   *
+ *    http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_Core_All.pdf
+ *    http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_ECB.pdf
   *    http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CBC.pdf
   *
   */
@@ -55,6 +57,11 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
               0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10,     \
               0xa3, 0x09, 0x14, 0xdf, 0xf4 )
  
+/** Dummy initialisation vector used for NIST ECB-mode test vectors */
+#define AES_IV_NIST_DUMMY                                              \
+       IV ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,      \
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 )
+
  /** Initialisation vector used for NIST CBC-mode test vectors */
  #define AES_IV_NIST_CBC                                                        \
         IV ( 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,      \
@@ -71,6 +78,18 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
                     0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,     \
                     0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 )
  
+/** AES-128-ECB (same test as AES-128-Core) */
+CIPHER_TEST ( aes_128_ecb, &aes_ecb_algorithm,
+       AES_KEY_NIST_128, AES_IV_NIST_DUMMY, AES_PLAINTEXT_NIST,
+       CIPHERTEXT ( 0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60,
+                    0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97,
+                    0xf5, 0xd3, 0xd5, 0x85, 0x03, 0xb9, 0x69, 0x9d,
+                    0xe7, 0x85, 0x89, 0x5a, 0x96, 0xfd, 0xba, 0xaf,
+                    0x43, 0xb1, 0xcd, 0x7f, 0x59, 0x8e, 0xce, 0x23,
+                    0x88, 0x1b, 0x00, 0xe3, 0xed, 0x03, 0x06, 0x88,
+                    0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f,
+                    0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4 ) );
+
  /** AES-128-CBC */
  CIPHER_TEST ( aes_128_cbc, &aes_cbc_algorithm,
         AES_KEY_NIST_128, AES_IV_NIST_CBC, AES_PLAINTEXT_NIST,
@@ -83,6 +102,18 @@ CIPHER_TEST ( aes_128_cbc, &aes_cbc_algorithm,
                      0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
                      0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7 ) );
  
+/** AES-256-ECB (same test as AES-256-Core) */
+CIPHER_TEST ( aes_256_ecb, &aes_ecb_algorithm,
+       AES_KEY_NIST_256, AES_IV_NIST_DUMMY, AES_PLAINTEXT_NIST,
+       CIPHERTEXT ( 0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
+                    0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
+                    0x59, 0x1c, 0xcb, 0x10, 0xd4, 0x10, 0xed, 0x26,
+                    0xdc, 0x5b, 0xa7, 0x4a, 0x31, 0x36, 0x28, 0x70,
+                    0xb6, 0xed, 0x21, 0xb9, 0x9c, 0xa6, 0xf4, 0xf9,
+                    0xf1, 0x53, 0xe7, 0xb1, 0xbe, 0xaf, 0xed, 0x1d,
+                    0x23, 0x30, 0x4b, 0x7a, 0x39, 0xf9, 0xf3, 0xff,
+                    0x06, 0x7d, 0x8d, 0x8f, 0x9e, 0x24, 0xec, 0xc7 ) );
+
  /** AES-256-CBC */
  CIPHER_TEST ( aes_256_cbc, &aes_cbc_algorithm,
         AES_KEY_NIST_256, AES_IV_NIST_CBC, AES_PLAINTEXT_NIST,
@@ -100,15 +131,22 @@ CIPHER_TEST ( aes_256_cbc, &aes_cbc_algorithm,
   *
   */
  static void aes_test_exec ( void ) {
+       struct cipher_algorithm *ecb = &aes_ecb_algorithm;
         struct cipher_algorithm *cbc = &aes_cbc_algorithm;
         unsigned int keylen;
  
         /* Correctness tests */
+       cipher_ok ( &aes_128_ecb );
         cipher_ok ( &aes_128_cbc );
+       cipher_ok ( &aes_256_ecb );
         cipher_ok ( &aes_256_cbc );
  
         /* Speed tests */
         for ( keylen = 128 ; keylen <= 256 ; keylen += 128 ) {
+               DBG ( "AES-%d-ECB encryption required %ld cycles per byte\n",
+                     keylen, cipher_cost_encrypt ( ecb, ( keylen / 8 ) ) );
+               DBG ( "AES-%d-ECB decryption required %ld cycles per byte\n",
+                     keylen, cipher_cost_decrypt ( ecb, ( keylen / 8 ) ) );
                 DBG ( "AES-%d-CBC encryption required %ld cycles per byte\n",
                       keylen, cipher_cost_encrypt ( cbc, ( keylen / 8 ) ) );
                 DBG ( "AES-%d-CBC decryption required %ld cycles per byte\n",
author	Michael Brown <mcb30@ipxe.org>
	Mon, 27 Jul 2015 13:53:32 +0000 (14:53 +0100)
committer	Michael Brown <mcb30@ipxe.org>
	Mon, 27 Jul 2015 15:04:38 +0000 (16:04 +0100)