4 Copyright (C) Stefan Metzmacher 2014
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "../lib/util/samba_util.h"
21 #include "../lib/crypto/crypto.h"
22 #include "../lib/crypto/aes_test.h"
24 #ifndef AES_GCM_128_ONLY_TESTVECTORS
25 struct torture_context
;
26 bool torture_local_crypto_aes_gcm_128(struct torture_context
*tctx
);
29 This uses the test values from ...
31 bool torture_local_crypto_aes_gcm_128(struct torture_context
*tctx
)
35 struct aes_mode_testvector testarray
[] = {
36 #endif /* AES_GCM_128_ONLY_TESTVECTORS */
37 #define AES_GCM_128_TESTVECTOR(_k, _n, _a, _p, _c, _t) \
38 AES_MODE_TESTVECTOR(aes_gcm_128, _k, _n, _a, _p, _c, _t)
40 AES_GCM_128_TESTVECTOR(
42 "8BF9FBC2B8149484FF11AB1F3A544FF6",
44 "010000000000000077F7A8FF",
46 "010000000000000077F7A80000000000"
47 "A8000000000001004100002C00980000",
49 "FE534D4240000100000000000B00811F"
50 "00000000000000000600000000000000"
51 "00000000010000004100002C00980000"
52 "00000000000000000000000000000000"
53 "3900000094010600FFFFFFFFFFFFFFFF"
54 "FFFFFFFFFFFFFFFF7800000030000000"
55 "000000007800000000000000FFFF0000"
57 "03005C003100370032002E0033003100"
58 "2E0039002E003100380033005C006E00"
59 "650074006C006F0067006F006E000000",
61 "863C07C1FBFA82D741A080C97DF52CFF"
62 "432A63A37E5ACFA3865AE4E6E422D502"
63 "FA7C6FBB9A7418F28C43F00A3869F687"
64 "257CA665E25E62A0F458C42AA9E95DC4"
65 "6CB351A0A497FABB7DCE58FEE5B20B08"
66 "522E0E701B112FB93B36E7A0FB084D35"
67 "62C0F3FDF0421079DD96BBCCA40949B3"
69 "2037DE3CA6385465D1884B29D7140790"
70 "88AD3E770E2528D527B302536B7E5B1B"
71 "430E048230AFE785DB89F4D87FC1F816",
73 "BC9B5871EBFA89ADE21439ACDCD65D22"
75 AES_GCM_128_TESTVECTOR(
77 "00000000000000000000000000000000",
79 "000000000000000000000000",
87 "58e2fccefa7e3061367f1d57a4e7455a"
89 AES_GCM_128_TESTVECTOR(
91 "00000000000000000000000000000000",
93 "000000000000000000000000",
97 "00000000000000000000000000000000",
99 "0388dace60b6a392f328c2b971b2fe78",
101 "ab6e47d42cec13bdf53a67b21257bddf"
103 AES_GCM_128_TESTVECTOR(
105 "feffe9928665731c6d6a8f9467308308",
107 "cafebabefacedbaddecaf888",
111 "d9313225f88406e5a55909c5aff5269a"
112 "86a7a9531534f7da2e4c303d8a318a72"
113 "1c3c0c95956809532fcf0e2449a6b525"
114 "b16aedf5aa0de657ba637b391aafd255",
116 "42831ec2217774244b7221b784d0d49c"
117 "e3aa212f2c02a4e035c17e2329aca12e"
118 "21d514b25466931c7d8f6a5aac84aa05"
119 "1ba30b396a0aac973d58e091473f5985",
121 "4d5c2af327cd64a62cf35abd2ba6fab4"
123 AES_GCM_128_TESTVECTOR(
125 "feffe9928665731c6d6a8f9467308308",
127 "cafebabefacedbaddecaf888",
129 "feedfacedeadbeeffeedfacedeadbeef"
132 "d9313225f88406e5a55909c5aff5269a"
133 "86a7a9531534f7da2e4c303d8a318a72"
134 "1c3c0c95956809532fcf0e2449a6b525"
135 "b16aedf5aa0de657ba637b39",
137 "42831ec2217774244b7221b784d0d49c"
138 "e3aa212f2c02a4e035c17e2329aca12e"
139 "21d514b25466931c7d8f6a5aac84aa05"
140 "1ba30b396a0aac973d58e091",
142 "5bc94fbc3221a5db94fae95ae7121a47"
144 #ifndef AES_GCM_128_ONLY_TESTVECTORS
147 for (i
=0; i
< ARRAY_SIZE(testarray
); i
++) {
148 struct aes_gcm_128_context ctx
;
149 uint8_t T
[AES_BLOCK_SIZE
];
150 DATA_BLOB _T
= data_blob_const(T
, sizeof(T
));
154 C
= data_blob_dup_talloc(tctx
, testarray
[i
].P
);
156 aes_gcm_128_init(&ctx
, testarray
[i
].K
.data
, testarray
[i
].N
.data
);
157 aes_gcm_128_updateA(&ctx
,
159 testarray
[i
].A
.length
);
160 aes_gcm_128_crypt(&ctx
, C
.data
, C
.length
);
161 aes_gcm_128_updateC(&ctx
, C
.data
, C
.length
);
162 aes_gcm_128_digest(&ctx
, T
);
164 e
= memcmp(testarray
[i
].T
.data
, T
, sizeof(T
));
166 aes_mode_testvector_debug(&testarray
[i
], NULL
, &C
, &_T
);
171 e
= memcmp(testarray
[i
].C
.data
, C
.data
, C
.length
);
173 aes_mode_testvector_debug(&testarray
[i
], NULL
, &C
, &_T
);
179 for (i
=0; i
< ARRAY_SIZE(testarray
); i
++) {
180 struct aes_gcm_128_context ctx
;
181 uint8_t T
[AES_BLOCK_SIZE
];
182 DATA_BLOB _T
= data_blob_const(T
, sizeof(T
));
187 C
= data_blob_dup_talloc(tctx
, testarray
[i
].P
);
189 aes_gcm_128_init(&ctx
, testarray
[i
].K
.data
, testarray
[i
].N
.data
);
190 for (j
=0; j
< testarray
[i
].A
.length
; j
++) {
191 aes_gcm_128_updateA(&ctx
, NULL
, 0);
192 aes_gcm_128_updateA(&ctx
, &testarray
[i
].A
.data
[j
], 1);
193 aes_gcm_128_updateA(&ctx
, NULL
, 0);
195 for (j
=0; j
< C
.length
; j
++) {
196 aes_gcm_128_crypt(&ctx
, NULL
, 0);
197 aes_gcm_128_updateC(&ctx
, NULL
, 0);
198 aes_gcm_128_crypt(&ctx
, &C
.data
[j
], 1);
199 aes_gcm_128_updateC(&ctx
, &C
.data
[j
], 1);
200 aes_gcm_128_crypt(&ctx
, NULL
, 0);
201 aes_gcm_128_updateC(&ctx
, NULL
, 0);
203 aes_gcm_128_digest(&ctx
, T
);
205 e
= memcmp(testarray
[i
].T
.data
, T
, sizeof(T
));
207 aes_mode_testvector_debug(&testarray
[i
], NULL
, &C
, &_T
);
212 e
= memcmp(testarray
[i
].C
.data
, C
.data
, C
.length
);
214 aes_mode_testvector_debug(&testarray
[i
], NULL
, &C
, &_T
);
220 for (i
=0; i
< ARRAY_SIZE(testarray
); i
++) {
221 struct aes_gcm_128_context ctx
;
222 uint8_t T
[AES_BLOCK_SIZE
];
223 DATA_BLOB _T
= data_blob_const(T
, sizeof(T
));
228 P
= data_blob_dup_talloc(tctx
, testarray
[i
].C
);
230 aes_gcm_128_init(&ctx
, testarray
[i
].K
.data
, testarray
[i
].N
.data
);
231 for (j
=0; j
< testarray
[i
].A
.length
; j
++) {
232 aes_gcm_128_updateA(&ctx
, NULL
, 0);
233 aes_gcm_128_updateA(&ctx
, &testarray
[i
].A
.data
[j
], 1);
234 aes_gcm_128_updateA(&ctx
, NULL
, 0);
236 for (j
=0; j
< P
.length
; j
++) {
237 aes_gcm_128_updateC(&ctx
, NULL
, 0);
238 aes_gcm_128_crypt(&ctx
, NULL
, 0);
239 aes_gcm_128_updateC(&ctx
, &P
.data
[j
], 1);
240 aes_gcm_128_crypt(&ctx
, &P
.data
[j
], 1);
241 aes_gcm_128_updateC(&ctx
, NULL
, 0);
242 aes_gcm_128_crypt(&ctx
, NULL
, 0);
244 aes_gcm_128_digest(&ctx
, T
);
246 e
= memcmp(testarray
[i
].T
.data
, T
, sizeof(T
));
248 aes_mode_testvector_debug(&testarray
[i
], &P
, NULL
, &_T
);
253 e
= memcmp(testarray
[i
].P
.data
, P
.data
, P
.length
);
255 aes_mode_testvector_debug(&testarray
[i
], &P
, NULL
, &_T
);
261 for (i
=0; i
< ARRAY_SIZE(testarray
); i
++) {
262 struct aes_gcm_128_context ctx
;
263 uint8_t T
[AES_BLOCK_SIZE
];
264 DATA_BLOB _T
= data_blob_const(T
, sizeof(T
));
268 P
= data_blob_dup_talloc(tctx
, testarray
[i
].C
);
270 aes_gcm_128_init(&ctx
, testarray
[i
].K
.data
, testarray
[i
].N
.data
);
271 aes_gcm_128_updateA(&ctx
, testarray
[i
].A
.data
, testarray
[i
].A
.length
);
272 aes_gcm_128_updateC(&ctx
, P
.data
, P
.length
);
273 aes_gcm_128_crypt(&ctx
, P
.data
, P
.length
);
274 aes_gcm_128_digest(&ctx
, T
);
276 e
= memcmp(testarray
[i
].T
.data
, T
, sizeof(T
));
278 aes_mode_testvector_debug(&testarray
[i
], &P
, NULL
, &_T
);
283 e
= memcmp(testarray
[i
].P
.data
, P
.data
, P
.length
);
285 aes_mode_testvector_debug(&testarray
[i
], &P
, NULL
, &_T
);
294 #endif /* AES_GCM_128_ONLY_TESTVECTORS */