Mercurial > dropbear

comparison libtomcrypt/src/encauth/ocb/ocb_test.c @ 1471:6dba84798cd5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents f849a5ca2efc
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 9
12 /** 10 /**
13 @file ocb_test.c 11 @file ocb_test.c
14 OCB implementation, self-test by Tom St Denis 12 OCB implementation, self-test by Tom St Denis
15 */ 13 */
16 #include "tomcrypt.h" 14 #include "tomcrypt.h"
17 15
18 #ifdef LTC_OCB_MODE 16 #ifdef LTC_OCB_MODE
19 17
20 /** 18 /**
21 Test the OCB protocol 19 Test the OCB protocol
22 @return CRYPT_OK if successful 20 @return CRYPT_OK if successful
23 */ 21 */
24 int ocb_test(void) 22 int ocb_test(void)
25 { 23 {
50 }, 48 },
51 49
52 50
53 /* OCB-AES-128-3B */ 51 /* OCB-AES-128-3B */
54 { 52 {
55 3, 53 3,
56 /* key */ 54 /* key */
57 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 55 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
58 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 56 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
59 /* nonce */ 57 /* nonce */
60 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 58 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
68 0xe2, 0xdc, 0xd6, 0x2c, 0x65, 0x97, 0x46, 0xba }, 66 0xe2, 0xdc, 0xd6, 0x2c, 0x65, 0x97, 0x46, 0xba },
69 }, 67 },
70 68
71 /* OCB-AES-128-16B */ 69 /* OCB-AES-128-16B */
72 { 70 {
73 16, 71 16,
74 /* key */ 72 /* key */
75 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 73 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
76 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 74 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
77 /* nonce */ 75 /* nonce */
78 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 76 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
88 0x9c, 0x7b, 0x41, 0x61, 0x80, 0x80, 0x04, 0xdf }, 86 0x9c, 0x7b, 0x41, 0x61, 0x80, 0x80, 0x04, 0xdf },
89 }, 87 },
90 88
91 /* OCB-AES-128-20B */ 89 /* OCB-AES-128-20B */
92 { 90 {
93 20, 91 20,
94 /* key */ 92 /* key */
95 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 93 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
96 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 94 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
97 /* nonce */ 95 /* nonce */
98 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 96 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
99 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, 97 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
100 /* pt */ 98 /* pt */
101 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 99 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
102 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 100 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
103 0x10, 0x11, 0x12, 0x13 }, 101 0x10, 0x11, 0x12, 0x13 },
104 /* ct */ 102 /* ct */
105 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4, 103 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
106 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb, 104 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
107 0x70, 0x03, 0xeb, 0x55}, 105 0x70, 0x03, 0xeb, 0x55},
110 0x0b, 0x06, 0x3c, 0x2e, 0x23, 0xcd, 0xa0, 0xbb }, 108 0x0b, 0x06, 0x3c, 0x2e, 0x23, 0xcd, 0xa0, 0xbb },
111 }, 109 },
112 110
113 /* OCB-AES-128-32B */ 111 /* OCB-AES-128-32B */
114 { 112 {
115 32, 113 32,
116 /* key */ 114 /* key */
117 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 115 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
118 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 116 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
119 /* nonce */ 117 /* nonce */
120 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 118 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
121 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, 119 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
122 /* pt */ 120 /* pt */
123 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 121 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
124 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 122 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
125 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 123 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
126 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, 124 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
127 /* ct */ 125 /* ct */
128 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4, 126 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
129 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb, 127 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
135 0x13, 0x7e, 0xad, 0xea, 0x1f, 0x2f, 0x2f, 0xcf }, 133 0x13, 0x7e, 0xad, 0xea, 0x1f, 0x2f, 0x2f, 0xcf },
136 }, 134 },
137 135
138 /* OCB-AES-128-34B */ 136 /* OCB-AES-128-34B */
139 { 137 {
140 34, 138 34,
141 /* key */ 139 /* key */
142 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 140 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
143 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 141 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
144 /* nonce */ 142 /* nonce */
145 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 143 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
146 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, 144 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
147 /* pt */ 145 /* pt */
148 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 146 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
149 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 147 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
150 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 148 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
151 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 149 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
152 0x20, 0x21 }, 150 0x20, 0x21 },
153 /* ct */ 151 /* ct */
154 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4, 152 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
166 164
167 int err, x, idx, res; 165 int err, x, idx, res;
168 unsigned long len; 166 unsigned long len;
169 unsigned char outct[MAXBLOCKSIZE], outtag[MAXBLOCKSIZE]; 167 unsigned char outct[MAXBLOCKSIZE], outtag[MAXBLOCKSIZE];
170 168
171 /* AES can be under rijndael or aes... try to find it */ 169 /* AES can be under rijndael or aes... try to find it */
172 if ((idx = find_cipher("aes")) == -1) { 170 if ((idx = find_cipher("aes")) == -1) {
173 if ((idx = find_cipher("rijndael")) == -1) { 171 if ((idx = find_cipher("rijndael")) == -1) {
174 return CRYPT_NOP; 172 return CRYPT_NOP;
175 } 173 }
176 } 174 }
179 len = sizeof(outtag); 177 len = sizeof(outtag);
180 if ((err = ocb_encrypt_authenticate_memory(idx, tests[x].key, 16, 178 if ((err = ocb_encrypt_authenticate_memory(idx, tests[x].key, 16,
181 tests[x].nonce, tests[x].pt, tests[x].ptlen, outct, outtag, &len)) != CRYPT_OK) { 179 tests[x].nonce, tests[x].pt, tests[x].ptlen, outct, outtag, &len)) != CRYPT_OK) {
182 return err; 180 return err;
183 } 181 }
184 182
185 if (XMEMCMP(outtag, tests[x].tag, len) || XMEMCMP(outct, tests[x].ct, tests[x].ptlen)) { 183 if (compare_testvector(outtag, len, tests[x].tag, sizeof(tests[x].tag), "OCB Tag", x) ||
186 #if 0 184 compare_testvector(outct, tests[x].ptlen, tests[x].ct, tests[x].ptlen, "OCB CT", x)) {
187 unsigned long y;
188 printf("\n\nFailure: \nCT:\n");
189 for (y = 0; y < (unsigned long)tests[x].ptlen; ) {
190 printf("0x%02x", outct[y]);
191 if (y < (unsigned long)(tests[x].ptlen-1)) printf(", ");
192 if (!(++y % 8)) printf("\n");
193 }
194 printf("\nTAG:\n");
195 for (y = 0; y < len; ) {
196 printf("0x%02x", outtag[y]);
197 if (y < len-1) printf(", ");
198 if (!(++y % 8)) printf("\n");
199 }
200 #endif
201 return CRYPT_FAIL_TESTVECTOR; 185 return CRYPT_FAIL_TESTVECTOR;
202 } 186 }
203 187
204 if ((err = ocb_decrypt_verify_memory(idx, tests[x].key, 16, tests[x].nonce, outct, tests[x].ptlen, 188 if ((err = ocb_decrypt_verify_memory(idx, tests[x].key, 16, tests[x].nonce, outct, tests[x].ptlen,
205 outct, tests[x].tag, len, &res)) != CRYPT_OK) { 189 outct, tests[x].tag, len, &res)) != CRYPT_OK) {
206 return err; 190 return err;
207 } 191 }
208 if ((res != 1) || XMEMCMP(tests[x].pt, outct, tests[x].ptlen)) { 192 if ((res != 1) || compare_testvector(outct, tests[x].ptlen, tests[x].pt, tests[x].ptlen, "OCB", x)) {
209 #if 0 193 #ifdef LTC_TEST_DBG
210 unsigned long y; 194 printf("\n\nOCB: Failure-decrypt - res = %d\n", res);
211 printf("\n\nFailure-decrypt: \nPT:\n");
212 for (y = 0; y < (unsigned long)tests[x].ptlen; ) {
213 printf("0x%02x", outct[y]);
214 if (y < (unsigned long)(tests[x].ptlen-1)) printf(", ");
215 if (!(++y % 8)) printf("\n");
216 }
217 printf("\nres = %d\n\n", res);
218 #endif 195 #endif
196 return CRYPT_FAIL_TESTVECTOR;
219 } 197 }
220 } 198 }
221 return CRYPT_OK; 199 return CRYPT_OK;
222 #endif /* LTC_TEST */ 200 #endif /* LTC_TEST */
223 } 201 }
230 -- it's hard to seek 208 -- it's hard to seek
231 -- hard to stream [you can't emit ciphertext until full block] 209 -- hard to stream [you can't emit ciphertext until full block]
232 -- The setup is somewhat complicated... 210 -- The setup is somewhat complicated...
233 */ 211 */
234 212
235 /* $Source$ */ 213 /* ref: $Format:%D$ */
236 /* $Revision$ */ 214 /* git commit: $Format:%H$ */
237 /* $Date$ */ 215 /* commit time: $Format:%ai$ */