comparison ocb_test.c @ 3:7faae8f46238 libtomcrypt-orig

Branch renaming
author Matt Johnston <matt@ucc.asn.au>
date Mon, 31 May 2004 18:25:41 +0000
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 3:7faae8f46238
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtomcrypt.org
10 */
11
12 /* OCB Implementation by Tom St Denis */
13 #include "mycrypt.h"
14
15 #ifdef OCB_MODE
16
17 int ocb_test(void)
18 {
19 #ifndef LTC_TEST
20 return CRYPT_NOP;
21 #else
22 static const struct {
23 int ptlen;
24 unsigned char key[16], nonce[16], pt[34], ct[34], tag[16];
25 } tests[] = {
26
27 /* OCB-AES-128-0B */
28 {
29 0,
30 /* key */
31 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
32 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
33 /* nonce */
34 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
35 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
36 /* pt */
37 { 0 },
38 /* ct */
39 { 0 },
40 /* tag */
41 { 0x15, 0xd3, 0x7d, 0xd7, 0xc8, 0x90, 0xd5, 0xd6,
42 0xac, 0xab, 0x92, 0x7b, 0xc0, 0xdc, 0x60, 0xee },
43 },
44
45
46 /* OCB-AES-128-3B */
47 {
48 3,
49 /* key */
50 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
51 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
52 /* nonce */
53 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
54 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
55 /* pt */
56 { 0x00, 0x01, 0x02 },
57 /* ct */
58 { 0xfc, 0xd3, 0x7d },
59 /* tag */
60 { 0x02, 0x25, 0x47, 0x39, 0xa5, 0xe3, 0x56, 0x5a,
61 0xe2, 0xdc, 0xd6, 0x2c, 0x65, 0x97, 0x46, 0xba },
62 },
63
64 /* OCB-AES-128-16B */
65 {
66 16,
67 /* key */
68 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
69 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
70 /* nonce */
71 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
72 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
73 /* pt */
74 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
75 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
76 /* ct */
77 { 0x37, 0xdf, 0x8c, 0xe1, 0x5b, 0x48, 0x9b, 0xf3,
78 0x1d, 0x0f, 0xc4, 0x4d, 0xa1, 0xfa, 0xf6, 0xd6 },
79 /* tag */
80 { 0xdf, 0xb7, 0x63, 0xeb, 0xdb, 0x5f, 0x0e, 0x71,
81 0x9c, 0x7b, 0x41, 0x61, 0x80, 0x80, 0x04, 0xdf },
82 },
83
84 /* OCB-AES-128-20B */
85 {
86 20,
87 /* key */
88 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
89 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
90 /* nonce */
91 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
92 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
93 /* pt */
94 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
95 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
96 0x10, 0x11, 0x12, 0x13 },
97 /* ct */
98 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
99 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
100 0x70, 0x03, 0xeb, 0x55},
101 /* tag */
102 { 0x75, 0x30, 0x84, 0x14, 0x4e, 0xb6, 0x3b, 0x77,
103 0x0b, 0x06, 0x3c, 0x2e, 0x23, 0xcd, 0xa0, 0xbb },
104 },
105
106 /* OCB-AES-128-32B */
107 {
108 32,
109 /* key */
110 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
111 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
112 /* nonce */
113 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
114 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
115 /* pt */
116 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
117 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
118 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
119 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
120 /* ct */
121 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
122 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
123 0x4a, 0xfc, 0xbb, 0x7f, 0xed, 0xc0, 0x8c, 0xa8,
124 0x65, 0x4c, 0x6d, 0x30, 0x4d, 0x16, 0x12, 0xfa },
125
126 /* tag */
127 { 0xc1, 0x4c, 0xbf, 0x2c, 0x1a, 0x1f, 0x1c, 0x3c,
128 0x13, 0x7e, 0xad, 0xea, 0x1f, 0x2f, 0x2f, 0xcf },
129 },
130
131 /* OCB-AES-128-34B */
132 {
133 34,
134 /* key */
135 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
136 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
137 /* nonce */
138 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
139 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
140 /* pt */
141 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
142 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
143 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
144 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
145 0x20, 0x21 },
146 /* ct */
147 { 0x01, 0xa0, 0x75, 0xf0, 0xd8, 0x15, 0xb1, 0xa4,
148 0xe9, 0xc8, 0x81, 0xa1, 0xbc, 0xff, 0xc3, 0xeb,
149 0xd4, 0x90, 0x3d, 0xd0, 0x02, 0x5b, 0xa4, 0xaa,
150 0x83, 0x7c, 0x74, 0xf1, 0x21, 0xb0, 0x26, 0x0f,
151 0xa9, 0x5d },
152
153 /* tag */
154 { 0xcf, 0x83, 0x41, 0xbb, 0x10, 0x82, 0x0c, 0xcf,
155 0x14, 0xbd, 0xec, 0x56, 0xb8, 0xd7, 0xd6, 0xab },
156 },
157
158 };
159
160 int err, x, idx, res;
161 unsigned long len;
162 unsigned char outct[MAXBLOCKSIZE], outtag[MAXBLOCKSIZE];
163
164 /* AES can be under rijndael or aes... try to find it */
165 if ((idx = find_cipher("aes")) == -1) {
166 if ((idx = find_cipher("rijndael")) == -1) {
167 return CRYPT_NOP;
168 }
169 }
170
171 for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
172 len = sizeof(outtag);
173 if ((err = ocb_encrypt_authenticate_memory(idx, tests[x].key, 16,
174 tests[x].nonce, tests[x].pt, tests[x].ptlen, outct, outtag, &len)) != CRYPT_OK) {
175 return err;
176 }
177
178 if (memcmp(outtag, tests[x].tag, len) || memcmp(outct, tests[x].ct, tests[x].ptlen)) {
179 #if 0
180 unsigned long y;
181 printf("\n\nFailure: \nCT:\n");
182 for (y = 0; y < (unsigned long)tests[x].ptlen; ) {
183 printf("0x%02x", outct[y]);
184 if (y < (unsigned long)(tests[x].ptlen-1)) printf(", ");
185 if (!(++y % 8)) printf("\n");
186 }
187 printf("\nTAG:\n");
188 for (y = 0; y < len; ) {
189 printf("0x%02x", outtag[y]);
190 if (y < len-1) printf(", ");
191 if (!(++y % 8)) printf("\n");
192 }
193 #endif
194 return CRYPT_FAIL_TESTVECTOR;
195 }
196
197 if ((err = ocb_decrypt_verify_memory(idx, tests[x].key, 16, tests[x].nonce, outct, tests[x].ptlen,
198 outct, tests[x].tag, len, &res)) != CRYPT_OK) {
199 return err;
200 }
201 if ((res != 1) || memcmp(tests[x].pt, outct, tests[x].ptlen)) {
202 #if 0
203 unsigned long y;
204 printf("\n\nFailure-decrypt: \nPT:\n");
205 for (y = 0; y < (unsigned long)tests[x].ptlen; ) {
206 printf("0x%02x", outct[y]);
207 if (y < (unsigned long)(tests[x].ptlen-1)) printf(", ");
208 if (!(++y % 8)) printf("\n");
209 }
210 printf("\nres = %d\n\n", res);
211 #endif
212 }
213 }
214 return CRYPT_OK;
215 #endif /* LTC_TEST */
216 }
217
218 #endif /* OCB_MODE */
219
220
221 /* some comments
222
223 -- it's hard to seek
224 -- hard to stream [you can't emit ciphertext until full block]
225 -- The setup is somewhat complicated...
226 */