Mercurial > dropbear

comparison libtomcrypt/src/encauth/ocb/ocb_test.c @ 285:1b9e69c058d2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3) to branch 'au.asn.ucc.matt.dropbear' (head fdf4a7a3b97ae5046139915de7e40399cceb2c01)
author Matt Johnston <matt@ucc.asn.au>
date Wed, 08 Mar 2006 13:23:58 +0000
parents
children 0cbe8f6dbf9e
comparison
equal deleted inserted replaced
281:997e6f7dc01e 285:1b9e69c058d2
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtomcrypt.org
10 */
11
12 /**
13 @file ocb_test.c
14 OCB implementation, self-test by Tom St Denis
15 */
16 #include "tomcrypt.h"
17
18 #ifdef OCB_MODE
19
20 /**
21 Test the OCB protocol
22 @return CRYPT_OK if successful
23 */
24 int ocb_test(void)
25 {
26 #ifndef LTC_TEST
27 return CRYPT_NOP;
28 #else
29 static const struct {
30 int ptlen;
31 unsigned char key[16], nonce[16], pt[34], ct[34], tag[16];
32 } tests[] = {
33
34 /* OCB-AES-128-0B */
35 {
36 0,
37 /* key */
38 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
39 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
40 /* nonce */
41 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
42 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
43 /* pt */
44 { 0 },
45 /* ct */
46 { 0 },
47 /* tag */
48 { 0x15, 0xd3, 0x7d, 0xd7, 0xc8, 0x90, 0xd5, 0xd6,
49 0xac, 0xab, 0x92, 0x7b, 0xc0, 0xdc, 0x60, 0xee },
50 },
51
52
53 /* OCB-AES-128-3B */
54 {
55 3,
56 /* key */
57 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
58 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
59 /* nonce */
60 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
61 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
62 /* pt */
63 { 0x00, 0x01, 0x02 },
64 /* ct */
65 { 0xfc, 0xd3, 0x7d },
66 /* tag */
67 { 0x02, 0x25, 0x47, 0x39, 0xa5, 0xe3, 0x56, 0x5a,
68 0xe2, 0xdc, 0xd6, 0x2c, 0x65, 0x97, 0x46, 0xba },
69 },
70
71 /* OCB-AES-128-16B */
72 {
73 16,
74 /* key */
75 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
76 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
77 /* nonce */
78 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
79 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
80 /* pt */
81 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
82 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
83 /* ct */
84 { 0x37, 0xdf, 0x8c, 0xe1, 0x5b, 0x48, 0x9b, 0xf3,
85 0x1d, 0x0f, 0xc4, 0x4d, 0xa1, 0xfa, 0xf6, 0xd6 },
86 /* tag */
87 { 0xdf, 0xb7, 0x63, 0xeb, 0xdb, 0x5f, 0x0e, 0x71,
88 0x9c, 0x7b, 0x41, 0x61, 0x80, 0x80, 0x04, 0xdf },
89 },
90
91 /* OCB-AES-128-20B */
92 {
93 20,
94 /* key */
95 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
96 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
97 /* nonce */
98 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
99 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
100 /* pt */
101 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
102 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
103 0x10, 0x11, 0x12, 0x13 },
104 /* ct */
105 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
106 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
107 0x70, 0x03, 0xeb, 0x55},
108 /* tag */
109 { 0x75, 0x30, 0x84, 0x14, 0x4e, 0xb6, 0x3b, 0x77,
110 0x0b, 0x06, 0x3c, 0x2e, 0x23, 0xcd, 0xa0, 0xbb },
111 },
112
113 /* OCB-AES-128-32B */
114 {
115 32,
116 /* key */
117 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
118 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
119 /* nonce */
120 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
121 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
122 /* pt */
123 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
124 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
125 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
126 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
127 /* ct */
128 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
129 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
130 0x4a, 0xfc, 0xbb, 0x7f, 0xed, 0xc0, 0x8c, 0xa8,
131 0x65, 0x4c, 0x6d, 0x30, 0x4d, 0x16, 0x12, 0xfa },
132
133 /* tag */
134 { 0xc1, 0x4c, 0xbf, 0x2c, 0x1a, 0x1f, 0x1c, 0x3c,
135 0x13, 0x7e, 0xad, 0xea, 0x1f, 0x2f, 0x2f, 0xcf },
136 },
137
138 /* OCB-AES-128-34B */
139 {
140 34,
141 /* key */
142 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
143 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
144 /* nonce */
145 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
146 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
147 /* pt */
148 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
149 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
150 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
151 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
152 0x20, 0x21 },
153 /* ct */
154 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
155 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
156 0xd4, 0x90, 0x3d, 0xd0, 0x02, 0x5b, 0xa4, 0xaa,
157 0x83, 0x7c, 0x74, 0xf1, 0x21, 0xb0, 0x26, 0x0f,
158 0xa9, 0x5d },
159
160 /* tag */
161 { 0xcf, 0x83, 0x41, 0xbb, 0x10, 0x82, 0x0c, 0xcf,
162 0x14, 0xbd, 0xec, 0x56, 0xb8, 0xd7, 0xd6, 0xab },
163 },
164
165 };
166
167 int err, x, idx, res;
168 unsigned long len;
169 unsigned char outct[MAXBLOCKSIZE], outtag[MAXBLOCKSIZE];
170
171 /* AES can be under rijndael or aes... try to find it */
172 if ((idx = find_cipher("aes")) == -1) {
173 if ((idx = find_cipher("rijndael")) == -1) {
174 return CRYPT_NOP;
175 }
176 }
177
178 for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
179 len = sizeof(outtag);
180 if ((err = ocb_encrypt_authenticate_memory(idx, tests[x].key, 16,
181 tests[x].nonce, tests[x].pt, tests[x].ptlen, outct, outtag, &len)) != CRYPT_OK) {
182 return err;
183 }
184
185 if (memcmp(outtag, tests[x].tag, len) || memcmp(outct, tests[x].ct, tests[x].ptlen)) {
186 #if 0
187 unsigned long y;
188 printf("\n\nFailure: \nCT:\n");
189 for (y = 0; y < (unsigned long)tests[x].ptlen; ) {
190 printf("0x%02x", outct[y]);
191 if (y < (unsigned long)(tests[x].ptlen-1)) printf(", ");
192 if (!(++y % 8)) printf("\n");
193 }
194 printf("\nTAG:\n");
195 for (y = 0; y < len; ) {
196 printf("0x%02x", outtag[y]);
197 if (y < len-1) printf(", ");
198 if (!(++y % 8)) printf("\n");
199 }
200 #endif
201 return CRYPT_FAIL_TESTVECTOR;
202 }
203
204 if ((err = ocb_decrypt_verify_memory(idx, tests[x].key, 16, tests[x].nonce, outct, tests[x].ptlen,
205 outct, tests[x].tag, len, &res)) != CRYPT_OK) {
206 return err;
207 }
208 if ((res != 1) || memcmp(tests[x].pt, outct, tests[x].ptlen)) {
209 #if 0
210 unsigned long y;
211 printf("\n\nFailure-decrypt: \nPT:\n");
212 for (y = 0; y < (unsigned long)tests[x].ptlen; ) {
213 printf("0x%02x", outct[y]);
214 if (y < (unsigned long)(tests[x].ptlen-1)) printf(", ");
215 if (!(++y % 8)) printf("\n");
216 }
217 printf("\nres = %d\n\n", res);
218 #endif
219 }
220 }
221 return CRYPT_OK;
222 #endif /* LTC_TEST */
223 }
224
225 #endif /* OCB_MODE */
226
227
228 /* some comments
229
230 -- it's hard to seek
231 -- hard to stream [you can't emit ciphertext until full block]
232 -- The setup is somewhat complicated...
233 */
234
235 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_test.c,v $ */
236 /* $Revision: 1.3 $ */
237 /* $Date: 2005/05/05 14:35:58 $ */