comparison src/encauth/gcm/gcm_test.c @ 192:9cc34777b479 libtomcrypt

propagate from branch 'au.asn.ucc.matt.ltc-orig' (head 9ba8f01f44320e9cb9f19881105ae84f84a43ea9) to branch 'au.asn.ucc.matt.dropbear.ltc' (head dbf51c569bc34956ad948e4cc87a0eeb2170b768)
author Matt Johnston <matt@ucc.asn.au>
date Sun, 08 May 2005 06:36:47 +0000
parents 1c15b283127b
children 39d5d58461d6
comparison
equal deleted inserted replaced
164:cd1143579f00 192:9cc34777b479
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtomcrypt.org
10 */
11
12 /**
13 @file gcm_test.c
14 GCM implementation, testing, by Tom St Denis
15 */
16 #include "tomcrypt.h"
17
18 #ifdef GCM_MODE
19
20 /**
21 Test the GCM code
22 @return CRYPT_OK on success
23 */
24 int gcm_test(void)
25 {
26 #ifndef LTC_TEST
27 return CRYPT_NOP;
28 #else
29 static const struct {
30 unsigned char K[32];
31 int keylen;
32 unsigned char P[64];
33 unsigned long ptlen;
34 unsigned char A[64];
35 unsigned long alen;
36 unsigned char IV[64];
37 unsigned long IVlen;
38 unsigned char C[64];
39 unsigned char T[16];
40 } tests[] = {
41
42 /* test case #1 */
43 {
44 /* key */
45 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
46 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
47 16,
48
49 /* plaintext */
50 { 0 },
51 0,
52
53 /* AAD data */
54 { 0 },
55 0,
56
57 /* IV */
58 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
59 0x00, 0x00, 0x00, 0x00 },
60 12,
61
62 /* ciphertext */
63 { 0 },
64
65 /* tag */
66 { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
67 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a }
68 },
69
70 /* test case #2 */
71 {
72 /* key */
73 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
74 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
75 16,
76
77 /* PT */
78 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
79 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
80 16,
81
82 /* ADATA */
83 { 0 },
84 0,
85
86 /* IV */
87 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
88 0x00, 0x00, 0x00, 0x00 },
89 12,
90
91 /* CT */
92 { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
93 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 },
94
95 /* TAG */
96 { 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
97 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf }
98 },
99
100 /* test case #3 */
101 {
102 /* key */
103 { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
104 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, },
105 16,
106
107 /* PT */
108 { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
109 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
110 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
111 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
112 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
113 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
114 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
115 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55, },
116 64,
117
118 /* ADATA */
119 { 0 },
120 0,
121
122 /* IV */
123 { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
124 0xde, 0xca, 0xf8, 0x88, },
125 12,
126
127 /* CT */
128 { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
129 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
130 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
131 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
132 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
133 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
134 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
135 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85, },
136
137 /* TAG */
138 { 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
139 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4, }
140 },
141
142 /* test case #4 */
143 {
144 /* key */
145 { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
146 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, },
147 16,
148
149 /* PT */
150 { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
151 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
152 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
153 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
154 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
155 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
156 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
157 0xba, 0x63, 0x7b, 0x39, },
158 60,
159
160 /* ADATA */
161 { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
162 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
163 0xab, 0xad, 0xda, 0xd2, },
164 20,
165
166 /* IV */
167 { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
168 0xde, 0xca, 0xf8, 0x88, },
169 12,
170
171 /* CT */
172 { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
173 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
174 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
175 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
176 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
177 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
178 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
179 0x3d, 0x58, 0xe0, 0x91, },
180
181 /* TAG */
182 { 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
183 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47, }
184
185 },
186
187 /* test case #5 */
188 {
189 /* key */
190 { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
191 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, },
192 16,
193
194 /* PT */
195 { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
196 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
197 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
198 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
199 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
200 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
201 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
202 0xba, 0x63, 0x7b, 0x39, },
203 60,
204
205 /* ADATA */
206 { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
207 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
208 0xab, 0xad, 0xda, 0xd2, },
209 20,
210
211 /* IV */
212 { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, },
213 8,
214
215 /* CT */
216 { 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
217 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
218 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
219 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
220 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
221 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
222 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
223 0xc2, 0x3f, 0x45, 0x98, },
224
225 /* TAG */
226 { 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
227 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb, }
228 },
229
230 /* test case #6 */
231 {
232 /* key */
233 { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
234 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, },
235 16,
236
237 /* PT */
238 { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
239 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
240 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
241 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
242 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
243 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
244 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
245 0xba, 0x63, 0x7b, 0x39, },
246 60,
247
248 /* ADATA */
249 { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
250 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
251 0xab, 0xad, 0xda, 0xd2, },
252 20,
253
254 /* IV */
255 { 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
256 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
257 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
258 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
259 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
260 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
261 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
262 0xa6, 0x37, 0xb3, 0x9b, },
263 60,
264
265 /* CT */
266 { 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
267 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
268 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
269 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
270 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
271 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
272 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
273 0x4c, 0x34, 0xae, 0xe5, },
274
275 /* TAG */
276 { 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
277 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50, }
278 }
279
280 /* rest of test cases are the same except AES key size changes... ignored... */
281 };
282 int idx, err;
283 unsigned long x, y;
284 gcm_state gcm;
285 unsigned char out[2][64], T[2][16];
286
287 /* find aes */
288 idx = find_cipher("aes");
289 if (idx == -1) {
290 idx = find_cipher("rijndael");
291 if (idx == -1) {
292 return CRYPT_NOP;
293 }
294 }
295
296 for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
297 y = sizeof(T[0]);
298 if ((err = gcm_memory(idx, tests[x].K, tests[x].keylen,
299 tests[x].IV, tests[x].IVlen,
300 tests[x].A, tests[x].alen,
301 (unsigned char*)tests[x].P, tests[x].ptlen,
302 out[0], T[0], &y, GCM_ENCRYPT)) != CRYPT_OK) {
303 return err;
304 }
305
306 if (memcmp(out[0], tests[x].C, tests[x].ptlen)) {
307 #if 0
308 printf("\nCiphertext wrong %lu\n", x);
309 for (y = 0; y < tests[x].ptlen; y++) {
310 printf("%02x", out[0][y] & 255);
311 }
312 printf("\n");
313 #endif
314 return CRYPT_FAIL_TESTVECTOR;
315 }
316
317 if (memcmp(T[0], tests[x].T, 16)) {
318 #if 0
319 printf("\nTag on plaintext wrong %lu\n", x);
320 for (y = 0; y < 16; y++) {
321 printf("%02x", T[0][y] & 255);
322 }
323 printf("\n");
324 #endif
325 return CRYPT_FAIL_TESTVECTOR;
326 }
327
328 y = sizeof(T[1]);
329 if ((err = gcm_memory(idx, tests[x].K, tests[x].keylen,
330 tests[x].IV, tests[x].IVlen,
331 tests[x].A, tests[x].alen,
332 out[1], tests[x].ptlen,
333 out[0], T[1], &y, GCM_DECRYPT)) != CRYPT_OK) {
334 return err;
335 }
336
337 if (memcmp(out[1], tests[x].P, tests[x].ptlen)) {
338 #if 0
339 printf("\nplaintext wrong %lu\n", x);
340 for (y = 0; y < tests[x].ptlen; y++) {
341 printf("%02x", out[0][y] & 255);
342 }
343 printf("\n");
344 #endif
345 return CRYPT_FAIL_TESTVECTOR;
346 }
347
348 if (memcmp(T[1], tests[x].T, 16)) {
349 #if 0
350 printf("\nTag on ciphertext wrong %lu\n", x);
351 for (y = 0; y < 16; y++) {
352 printf("%02x", T[1][y] & 255);
353 }
354 printf("\n");
355 #endif
356 return CRYPT_FAIL_TESTVECTOR;
357 }
358
359 }
360 return CRYPT_OK;
361 #endif
362 }
363
364 #endif
365