2 * QEMU Crypto cipher algorithms
4 * Copyright (c) 2015 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 #include "crypto/init.h"
24 #include "crypto/cipher.h"
26 typedef struct QCryptoCipherTestData QCryptoCipherTestData
;
27 struct QCryptoCipherTestData
{
29 QCryptoCipherAlgorithm alg
;
30 QCryptoCipherMode mode
;
32 const char *plaintext
;
33 const char *ciphertext
;
37 /* AES test data comes from appendix F of:
39 * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
41 static QCryptoCipherTestData test_data
[] = {
43 /* NIST F.1.1 ECB-AES128.Encrypt */
44 .path
= "/crypto/cipher/aes-ecb-128",
45 .alg
= QCRYPTO_CIPHER_ALG_AES_128
,
46 .mode
= QCRYPTO_CIPHER_MODE_ECB
,
47 .key
= "2b7e151628aed2a6abf7158809cf4f3c",
49 "6bc1bee22e409f96e93d7e117393172a"
50 "ae2d8a571e03ac9c9eb76fac45af8e51"
51 "30c81c46a35ce411e5fbc1191a0a52ef"
52 "f69f2445df4f9b17ad2b417be66c3710",
54 "3ad77bb40d7a3660a89ecaf32466ef97"
55 "f5d3d58503b9699de785895a96fdbaaf"
56 "43b1cd7f598ece23881b00e3ed030688"
57 "7b0c785e27e8ad3f8223207104725dd4"
60 /* NIST F.1.3 ECB-AES192.Encrypt */
61 .path
= "/crypto/cipher/aes-ecb-192",
62 .alg
= QCRYPTO_CIPHER_ALG_AES_192
,
63 .mode
= QCRYPTO_CIPHER_MODE_ECB
,
64 .key
= "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
66 "6bc1bee22e409f96e93d7e117393172a"
67 "ae2d8a571e03ac9c9eb76fac45af8e51"
68 "30c81c46a35ce411e5fbc1191a0a52ef"
69 "f69f2445df4f9b17ad2b417be66c3710",
71 "bd334f1d6e45f25ff712a214571fa5cc"
72 "974104846d0ad3ad7734ecb3ecee4eef"
73 "ef7afd2270e2e60adce0ba2face6444e"
74 "9a4b41ba738d6c72fb16691603c18e0e"
77 /* NIST F.1.5 ECB-AES256.Encrypt */
78 .path
= "/crypto/cipher/aes-ecb-256",
79 .alg
= QCRYPTO_CIPHER_ALG_AES_256
,
80 .mode
= QCRYPTO_CIPHER_MODE_ECB
,
82 "603deb1015ca71be2b73aef0857d7781"
83 "1f352c073b6108d72d9810a30914dff4",
85 "6bc1bee22e409f96e93d7e117393172a"
86 "ae2d8a571e03ac9c9eb76fac45af8e51"
87 "30c81c46a35ce411e5fbc1191a0a52ef"
88 "f69f2445df4f9b17ad2b417be66c3710",
90 "f3eed1bdb5d2a03c064b5a7e3db181f8"
91 "591ccb10d410ed26dc5ba74a31362870"
92 "b6ed21b99ca6f4f9f153e7b1beafed1d"
93 "23304b7a39f9f3ff067d8d8f9e24ecc7",
96 /* NIST F.2.1 CBC-AES128.Encrypt */
97 .path
= "/crypto/cipher/aes-cbc-128",
98 .alg
= QCRYPTO_CIPHER_ALG_AES_128
,
99 .mode
= QCRYPTO_CIPHER_MODE_CBC
,
100 .key
= "2b7e151628aed2a6abf7158809cf4f3c",
101 .iv
= "000102030405060708090a0b0c0d0e0f",
103 "6bc1bee22e409f96e93d7e117393172a"
104 "ae2d8a571e03ac9c9eb76fac45af8e51"
105 "30c81c46a35ce411e5fbc1191a0a52ef"
106 "f69f2445df4f9b17ad2b417be66c3710",
108 "7649abac8119b246cee98e9b12e9197d"
109 "5086cb9b507219ee95db113a917678b2"
110 "73bed6b8e3c1743b7116e69e22229516"
111 "3ff1caa1681fac09120eca307586e1a7",
114 /* NIST F.2.3 CBC-AES128.Encrypt */
115 .path
= "/crypto/cipher/aes-cbc-192",
116 .alg
= QCRYPTO_CIPHER_ALG_AES_192
,
117 .mode
= QCRYPTO_CIPHER_MODE_CBC
,
118 .key
= "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
119 .iv
= "000102030405060708090a0b0c0d0e0f",
121 "6bc1bee22e409f96e93d7e117393172a"
122 "ae2d8a571e03ac9c9eb76fac45af8e51"
123 "30c81c46a35ce411e5fbc1191a0a52ef"
124 "f69f2445df4f9b17ad2b417be66c3710",
126 "4f021db243bc633d7178183a9fa071e8"
127 "b4d9ada9ad7dedf4e5e738763f69145a"
128 "571b242012fb7ae07fa9baac3df102e0"
129 "08b0e27988598881d920a9e64f5615cd",
132 /* NIST F.2.5 CBC-AES128.Encrypt */
133 .path
= "/crypto/cipher/aes-cbc-256",
134 .alg
= QCRYPTO_CIPHER_ALG_AES_256
,
135 .mode
= QCRYPTO_CIPHER_MODE_CBC
,
137 "603deb1015ca71be2b73aef0857d7781"
138 "1f352c073b6108d72d9810a30914dff4",
139 .iv
= "000102030405060708090a0b0c0d0e0f",
141 "6bc1bee22e409f96e93d7e117393172a"
142 "ae2d8a571e03ac9c9eb76fac45af8e51"
143 "30c81c46a35ce411e5fbc1191a0a52ef"
144 "f69f2445df4f9b17ad2b417be66c3710",
146 "f58c4c04d6e5f1ba779eabfb5f7bfbd6"
147 "9cfc4e967edb808d679f777bc6702c7d"
148 "39f23369a9d9bacfa530e26304231461"
149 "b2eb05e2c39be9fcda6c19078c6a9d1b",
152 .path
= "/crypto/cipher/des-rfb-ecb-56",
153 .alg
= QCRYPTO_CIPHER_ALG_DES_RFB
,
154 .mode
= QCRYPTO_CIPHER_MODE_ECB
,
155 .key
= "0123456789abcdef",
157 "6bc1bee22e409f96e93d7e117393172a"
158 "ae2d8a571e03ac9c9eb76fac45af8e51"
159 "30c81c46a35ce411e5fbc1191a0a52ef"
160 "f69f2445df4f9b17ad2b417be66c3710",
162 "8f346aaf64eaf24040720d80648c52e7"
163 "aefc616be53ab1a3d301e69d91e01838"
164 "ffd29f1bb5596ad94ea2d8e6196b7f09"
165 "30d8ed0bf2773af36dd82a6280c20926",
170 static inline int unhex(char c
)
172 if (c
>= 'a' && c
<= 'f') {
173 return 10 + (c
- 'a');
175 if (c
>= 'A' && c
<= 'F') {
176 return 10 + (c
- 'A');
181 static inline char hex(int i
)
186 return 'a' + (i
- 10);
189 static size_t unhex_string(const char *hexstr
,
200 len
= strlen(hexstr
);
201 *data
= g_new0(uint8_t, len
/ 2);
203 for (i
= 0; i
< len
; i
+= 2) {
204 (*data
)[i
/2] = (unhex(hexstr
[i
]) << 4) | unhex(hexstr
[i
+1]);
209 static char *hex_string(const uint8_t *bytes
,
212 char *hexstr
= g_new0(char, len
* 2 + 1);
215 for (i
= 0; i
< len
; i
++) {
216 hexstr
[i
*2] = hex((bytes
[i
] >> 4) & 0xf);
217 hexstr
[i
*2+1] = hex(bytes
[i
] & 0xf);
219 hexstr
[len
*2] = '\0';
224 static void test_cipher(const void *opaque
)
226 const QCryptoCipherTestData
*data
= opaque
;
228 QCryptoCipher
*cipher
;
229 uint8_t *key
, *iv
, *ciphertext
, *plaintext
, *outtext
;
230 size_t nkey
, niv
, nciphertext
, nplaintext
;
232 size_t ivsize
, keysize
, blocksize
;
234 nkey
= unhex_string(data
->key
, &key
);
235 niv
= unhex_string(data
->iv
, &iv
);
236 nciphertext
= unhex_string(data
->ciphertext
, &ciphertext
);
237 nplaintext
= unhex_string(data
->plaintext
, &plaintext
);
239 g_assert(nciphertext
== nplaintext
);
241 outtext
= g_new0(uint8_t, nciphertext
);
243 cipher
= qcrypto_cipher_new(
244 data
->alg
, data
->mode
,
247 g_assert(cipher
!= NULL
);
249 keysize
= qcrypto_cipher_get_key_len(data
->alg
);
250 blocksize
= qcrypto_cipher_get_block_len(data
->alg
);
251 ivsize
= qcrypto_cipher_get_iv_len(data
->alg
, data
->mode
);
253 g_assert_cmpint(keysize
, ==, nkey
);
254 g_assert_cmpint(ivsize
, ==, niv
);
256 g_assert_cmpint(blocksize
, ==, niv
);
260 g_assert(qcrypto_cipher_setiv(cipher
,
264 g_assert(qcrypto_cipher_encrypt(cipher
,
270 outtexthex
= hex_string(outtext
, nciphertext
);
272 g_assert_cmpstr(outtexthex
, ==, data
->ciphertext
);
277 g_assert(qcrypto_cipher_setiv(cipher
,
281 g_assert(qcrypto_cipher_decrypt(cipher
,
287 outtexthex
= hex_string(outtext
, nplaintext
);
289 g_assert_cmpstr(outtexthex
, ==, data
->plaintext
);
297 qcrypto_cipher_free(cipher
);
301 static void test_cipher_null_iv(void)
303 QCryptoCipher
*cipher
;
304 uint8_t key
[32] = { 0 };
305 uint8_t plaintext
[32] = { 0 };
306 uint8_t ciphertext
[32] = { 0 };
308 cipher
= qcrypto_cipher_new(
309 QCRYPTO_CIPHER_ALG_AES_256
,
310 QCRYPTO_CIPHER_MODE_CBC
,
313 g_assert(cipher
!= NULL
);
315 /* Don't call qcrypto_cipher_setiv */
317 qcrypto_cipher_encrypt(cipher
,
323 qcrypto_cipher_free(cipher
);
326 static void test_cipher_short_plaintext(void)
329 QCryptoCipher
*cipher
;
330 uint8_t key
[32] = { 0 };
331 uint8_t plaintext1
[20] = { 0 };
332 uint8_t ciphertext1
[20] = { 0 };
333 uint8_t plaintext2
[40] = { 0 };
334 uint8_t ciphertext2
[40] = { 0 };
337 cipher
= qcrypto_cipher_new(
338 QCRYPTO_CIPHER_ALG_AES_256
,
339 QCRYPTO_CIPHER_MODE_CBC
,
342 g_assert(cipher
!= NULL
);
344 /* Should report an error as plaintext is shorter
347 ret
= qcrypto_cipher_encrypt(cipher
,
353 g_assert(err
!= NULL
);
358 /* Should report an error as plaintext is larger than
359 * block size, but not a multiple of block size
361 ret
= qcrypto_cipher_encrypt(cipher
,
367 g_assert(err
!= NULL
);
370 qcrypto_cipher_free(cipher
);
373 int main(int argc
, char **argv
)
377 g_test_init(&argc
, &argv
, NULL
);
379 g_assert(qcrypto_init(NULL
) == 0);
381 for (i
= 0; i
< G_N_ELEMENTS(test_data
); i
++) {
382 g_test_add_data_func(test_data
[i
].path
, &test_data
[i
], test_cipher
);
385 g_test_add_func("/crypto/cipher/null-iv",
386 test_cipher_null_iv
);
388 g_test_add_func("/crypto/cipher/short-plaintext",
389 test_cipher_short_plaintext
);