You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by ut...@apache.org on 2021/02/17 15:11:31 UTC
[mynewt-core] 01/02: apps: crypto_test: add AES-256 vectors
This is an automated email from the ASF dual-hosted git repository.
utzig pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-core.git
commit 4530d8fc4ff04de4b67e51e0090ceea2bb49d118
Author: Fabio Utzig <ut...@apache.org>
AuthorDate: Wed Feb 17 11:28:06 2021 -0300
apps: crypto_test: add AES-256 vectors
Add AES-256 vectors from NIST and expand inplace and iovect to test
AES-256.
Signed-off-by: Fabio Utzig <ut...@apache.org>
---
apps/crypto_test/src/main.c | 245 ++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 234 insertions(+), 11 deletions(-)
diff --git a/apps/crypto_test/src/main.c b/apps/crypto_test/src/main.c
index 99a2d41..09cc811 100755
--- a/apps/crypto_test/src/main.c
+++ b/apps/crypto_test/src/main.c
@@ -78,6 +78,35 @@ static struct test_vectors aes_128_ecb_vectors = {
},
},
};
+
+static struct test_vectors aes_256_ecb_vectors = {
+ .name = "AES-256-ECB",
+ .algo = CRYPTO_ALGO_AES,
+ .mode = CRYPTO_MODE_ECB,
+ .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
+ .keylen = 256,
+ .iv = NULL,
+ .len = 4,
+ .vectors = {
+ {
+ .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
+ .cipher = "\xf3\xee\xd1\xbd\xb5\xd2\xa0\x3c\x06\x4b\x5a\x7e\x3d\xb1\x81\xf8",
+ },
+ {
+ .plain = "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
+ .cipher = "\x59\x1c\xcb\x10\xd4\x10\xed\x26\xdc\x5b\xa7\x4a\x31\x36\x28\x70",
+ },
+ {
+ .plain = "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
+ .cipher = "\xb6\xed\x21\xb9\x9c\xa6\xf4\xf9\xf1\x53\xe7\xb1\xbe\xaf\xed\x1d",
+ },
+ {
+ .plain = "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
+ .cipher = "\x23\x30\x4b\x7a\x39\xf9\xf3\xff\x06\x7d\x8d\x8f\x9e\x24\xec\xc7",
+ },
+ },
+};
#endif /* MYNEWT_VAL(CRYPTOTEST_VECTORS_ECB) */
#if MYNEWT_VAL(CRYPTOTEST_VECTORS_CBC)
@@ -108,6 +137,36 @@ static struct test_vectors aes_128_cbc_vectors = {
},
},
};
+
+static struct test_vectors aes_256_cbc_vectors = {
+ .name = "AES-256-CBC",
+ .algo = CRYPTO_ALGO_AES,
+ .mode = CRYPTO_MODE_CBC,
+ .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
+ .keylen = 256,
+ .iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
+ .len = 4,
+ .vectors = {
+ {
+ .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
+ .cipher = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6",
+ },
+ {
+ .plain = "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
+ .cipher = "\x9c\xfc\x4e\x96\x7e\xdb\x80\x8d\x67\x9f\x77\x7b\xc6\x70\x2c\x7d",
+ },
+ {
+ .plain = "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
+ .cipher = "\x39\xf2\x33\x69\xa9\xd9\xba\xcf\xa5\x30\xe2\x63\x04\x23\x14\x61",
+ },
+ {
+ .plain = "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
+ .cipher = "\xb2\xeb\x05\xe2\xc3\x9b\xe9\xfc\xda\x6c\x19\x07\x8c\x6a\x9d\x1b",
+ },
+ },
+};
+
#endif /* MYNEWT_VAL(CRYPTOTEST_VECTORS_CBC) */
#if MYNEWT_VAL(CRYPTOTEST_VECTORS_CTR)
@@ -142,17 +201,53 @@ static struct test_vectors aes_128_ctr_vectors = {
},
},
};
+
+static struct test_vectors aes_256_ctr_vectors = {
+ .name = "AES-256-CTR",
+ .algo = CRYPTO_ALGO_AES,
+ .mode = CRYPTO_MODE_CTR,
+ .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
+ .keylen = 256,
+ .iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .len = 4,
+ .vectors = {
+ {
+ .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
+ .cipher = "\x60\x1e\xc3\x13\x77\x57\x89\xa5\xb7\xa7\xf5\x04\xbb\xf3\xd2\x28",
+ .sz = AES_BLOCK_LEN,
+ },
+ {
+ .plain = "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
+ .cipher = "\xf4\x43\xe3\xca\x4d\x62\xb5\x9a\xca\x84\xe9\x90\xca\xca\xf5\xc5",
+ .sz = AES_BLOCK_LEN,
+ },
+ {
+ .plain = "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11",
+ .cipher = "\x2b\x09\x30\xda\xa2\x3d\xe9\x4c",
+ .sz = 8,
+ },
+ {
+ .plain = "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
+ .cipher = "\xdf\xc9\xc5\x8d\xb6\x7a\xad\xa6\x13\xc2\xdd\x08\x45\x79\x41\xa6",
+ .sz = AES_BLOCK_LEN,
+ },
+ },
+};
#endif /* MYNEWT_VAL(CRYPTOTEST_VECTORS_CTR) */
static struct test_vectors *all_tests[] = {
#if MYNEWT_VAL(CRYPTOTEST_VECTORS_ECB)
&aes_128_ecb_vectors,
+ &aes_256_ecb_vectors,
#endif
#if MYNEWT_VAL(CRYPTOTEST_VECTORS_CBC)
&aes_128_cbc_vectors,
+ &aes_256_cbc_vectors,
#endif
#if MYNEWT_VAL(CRYPTOTEST_VECTORS_CTR)
&aes_128_ctr_vectors,
+ &aes_256_ctr_vectors,
#endif
NULL,
};
@@ -444,6 +539,8 @@ run_concurrency_test(struct crypto_dev *crypto)
struct inplace_test {
uint16_t mode;
char *name;
+ const char *key;
+ uint32_t keylen;
char *iv;
char *expected;
};
@@ -451,27 +548,59 @@ struct inplace_test {
void
run_inplace_test(struct crypto_dev *crypto)
{
- const char *key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c";
+ const char *key128 = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c";
+ const char *key256 = "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4";
const char *inbuf = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a";
struct inplace_test data[] = {
{
.mode = CRYPTO_MODE_ECB,
.name = "AES-128-ECB",
+ .key = key128,
+ .keylen = 128,
.iv = NULL,
.expected = "\x3a\xd7\x7b\xb4\x0d\x7a\x36\x60\xa8\x9e\xca\xf3\x24\x66\xef\x97",
},
{
+ .mode = CRYPTO_MODE_ECB,
+ .name = "AES-256-ECB",
+ .key = key256,
+ .keylen = 256,
+ .iv = NULL,
+ .expected = "\xf3\xee\xd1\xbd\xb5\xd2\xa0\x3c\x06\x4b\x5a\x7e\x3d\xb1\x81\xf8",
+ },
+ {
.mode = CRYPTO_MODE_CBC,
.name = "AES-128-CBC",
+ .key = key128,
+ .keylen = 128,
.iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
.expected = "\x76\x49\xab\xac\x81\x19\xb2\x46\xce\xe9\x8e\x9b\x12\xe9\x19\x7d",
},
{
+ .mode = CRYPTO_MODE_CBC,
+ .name = "AES-256-CBC",
+ .key = key256,
+ .keylen = 256,
+ .iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
+ .expected = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6",
+ },
+ {
.mode = CRYPTO_MODE_CTR,
.name = "AES-128-CTR",
+ .key = key128,
+ .keylen = 128,
.iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
.expected = "\x87\x4d\x61\x91\xb6\x20\xe3\x26\x1b\xef\x68\x64\x99\x0d\xb6\xce",
},
+ {
+ .mode = CRYPTO_MODE_CTR,
+ .name = "AES-256-CTR",
+ .key = key256,
+ .keylen = 256,
+ .iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .expected = "\x60\x1e\xc3\x13\x77\x57\x89\xa5\xb7\xa7\xf5\x04\xbb\xf3\xd2\x28",
+ },
};
uint8_t i;
uint8_t buf[AES_BLOCK_LEN];
@@ -486,7 +615,7 @@ run_inplace_test(struct crypto_dev *crypto)
printf("%s enc: ", data[i].name);
(void)crypto_encrypt_custom(crypto, CRYPTO_ALGO_AES, data[i].mode,
- key, 128, ivcopy, buf, buf, AES_BLOCK_LEN);
+ data[i].key, data[i].keylen, ivcopy, buf, buf, AES_BLOCK_LEN);
if (memcmp(buf, data[i].expected, AES_BLOCK_LEN) == 0) {
printf("ok\n");
} else {
@@ -498,7 +627,7 @@ run_inplace_test(struct crypto_dev *crypto)
printf("%s dec: ", data[i].name);
(void)crypto_decrypt_custom(crypto, CRYPTO_ALGO_AES, data[i].mode,
- key, 128, ivcopy, buf, buf, AES_BLOCK_LEN);
+ data[i].key, data[i].keylen, ivcopy, buf, buf, AES_BLOCK_LEN);
if (memcmp(buf, inbuf, AES_BLOCK_LEN) == 0) {
printf("ok\n");
} else {
@@ -519,15 +648,17 @@ struct iov_data {
uint16_t mode;
char *name;
char *key;
+ uint32_t keylen;
char *iv;
uint32_t iovlen;
struct iov_data_block iov[];
};
-static struct iov_data ecb_iovd = {
+static struct iov_data aes128_ecb_iovd = {
.mode = CRYPTO_MODE_ECB,
.name = "AES-128-ECB",
.key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
+ .keylen = 128,
.iv = NULL,
.iovlen = 3,
.iov = {
@@ -551,10 +682,40 @@ static struct iov_data ecb_iovd = {
},
};
-static struct iov_data cbc_iovd = {
+static struct iov_data aes256_ecb_iovd = {
+ .mode = CRYPTO_MODE_ECB,
+ .name = "AES-256-ECB",
+ .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
+ .keylen = 256,
+ .iv = NULL,
+ .iovlen = 3,
+ .iov = {
+ {
+ .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
+ .cipher = "\xf3\xee\xd1\xbd\xb5\xd2\xa0\x3c\x06\x4b\x5a\x7e\x3d\xb1\x81\xf8",
+ .len = AES_BLOCK_LEN,
+ },
+ {
+ .plain = "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
+ .cipher = "\x59\x1c\xcb\x10\xd4\x10\xed\x26\xdc\x5b\xa7\x4a\x31\x36\x28\x70",
+ .len = AES_BLOCK_LEN,
+ },
+ {
+ .plain = "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
+ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
+ .cipher = "\xb6\xed\x21\xb9\x9c\xa6\xf4\xf9\xf1\x53\xe7\xb1\xbe\xaf\xed\x1d"
+ "\x23\x30\x4b\x7a\x39\xf9\xf3\xff\x6\x7d\x8d\x8f\x9e\x24\xec\xc7",
+ .len = AES_BLOCK_LEN * 2,
+ },
+ },
+};
+
+static struct iov_data aes128_cbc_iovd = {
.mode = CRYPTO_MODE_CBC,
.name = "AES-128-CBC",
.key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
+ .keylen = 128,
.iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
.iovlen = 3,
.iov = {
@@ -578,10 +739,40 @@ static struct iov_data cbc_iovd = {
},
};
-static struct iov_data ctr_iovd = {
+static struct iov_data aes256_cbc_iovd = {
+ .mode = CRYPTO_MODE_CBC,
+ .name = "AES-256-CBC",
+ .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
+ .keylen = 256,
+ .iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
+ .iovlen = 3,
+ .iov = {
+ {
+ .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
+ .cipher = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6",
+ .len = AES_BLOCK_LEN,
+ },
+ {
+ .plain = "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
+ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
+ .cipher = "\x9c\xfc\x4e\x96\x7e\xdb\x80\x8d\x67\x9f\x77\x7b\xc6\x70\x2c\x7d"
+ "\x39\xf2\x33\x69\xa9\xd9\xba\xcf\xa5\x30\xe2\x63\x04\x23\x14\x61",
+ .len = AES_BLOCK_LEN * 2,
+ },
+ {
+ .plain = "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
+ .cipher = "\xb2\xeb\x05\xe2\xc3\x9b\xe9\xfc\xda\x6c\x19\x07\x8c\x6a\x9d\x1b",
+ .len = AES_BLOCK_LEN,
+ },
+ },
+};
+
+static struct iov_data aes128_ctr_iovd = {
.mode = CRYPTO_MODE_CTR,
.name = "AES-128-CTR",
.key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
+ .keylen = 128,
.iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
.iovlen = 3,
.iov = {
@@ -605,10 +796,42 @@ static struct iov_data ctr_iovd = {
},
};
+static struct iov_data aes256_ctr_iovd = {
+ .mode = CRYPTO_MODE_CTR,
+ .name = "AES-256-CTR",
+ .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
+ .keylen = 256,
+ .iv = "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .iovlen = 3,
+ .iov = {
+ {
+ .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
+ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
+ .cipher = "\x60\x1e\xc3\x13\x77\x57\x89\xa5\xb7\xa7\xf5\x04\xbb\xf3\xd2\x28"
+ "\xf4\x43\xe3\xca\x4d\x62\xb5\x9a\xca\x84\xe9\x90\xca\xca\xf5\xc5",
+ .len = AES_BLOCK_LEN * 2,
+ },
+ {
+ .plain = "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
+ .cipher = "\x2b\x09\x30\xda\xa2\x3d\xe9\x4c\xe8\x70\x17\xba\x2d\x84\x98\x8d",
+ .len = AES_BLOCK_LEN,
+ },
+ {
+ .plain = "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
+ .cipher = "\xdf\xc9\xc5\x8d\xb6\x7a\xad\xa6\x13\xc2\xdd\x08\x45\x79\x41\xa6",
+ .len = AES_BLOCK_LEN,
+ },
+ },
+};
+
static struct iov_data *all_iovd[] = {
- &ecb_iovd,
- &cbc_iovd,
- &ctr_iovd,
+ &aes128_ecb_iovd,
+ &aes256_ecb_iovd,
+ &aes128_cbc_iovd,
+ &aes256_cbc_iovd,
+ &aes128_ctr_iovd,
+ &aes256_ctr_iovd,
NULL,
};
@@ -643,7 +866,7 @@ run_iovec_test(struct crypto_dev *crypto)
fail = false;
len = 0;
total = crypto_encryptv_custom(crypto, CRYPTO_ALGO_AES, iovp->mode,
- iovp->key, 128, iv, iov, iovp->iovlen);
+ iovp->key, iovp->keylen, iv, iov, iovp->iovlen);
for (i = 0; i < iovp->iovlen; i++) {
if (memcmp(iovp->iov[i].cipher, iov[i].iov_base, iov[i].iov_len) != 0) {
fail = true;
@@ -676,7 +899,7 @@ run_iovec_test(struct crypto_dev *crypto)
fail = false;
len = 0;
total = crypto_decryptv_custom(crypto, CRYPTO_ALGO_AES, iovp->mode,
- iovp->key, 128, iv, iov, iovp->iovlen);
+ iovp->key, iovp->keylen, iv, iov, iovp->iovlen);
for (i = 0; i < iovp->iovlen; i++) {
if (memcmp(iovp->iov[i].plain, iov[i].iov_base, iov[i].iov_len) != 0) {
fail = true;