1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis 2 * 3 * LibTomCrypt is a library that provides various cryptographic 4 * algorithms in a highly modular and flexible manner. 5 * 6 * The library is free for all purposes without any express 7 * guarantee it works. 8 * 9 * Tom St Denis, tomstdenis (at) gmail.com, http://libtomcrypt.com 10 */ 11 12 /** 13 @file eax_test.c 14 EAX implementation, self-test, by Tom St Denis 15 */ 16 #include "tomcrypt.h" 17 18 #ifdef EAX_MODE 19 20 /** 21 Test the EAX implementation 22 @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled 23 */ 24 int eax_test(void) 25 { 26 #ifndef LTC_TEST 27 return CRYPT_NOP; 28 #else 29 static const struct { 30 int keylen, 31 noncelen, 32 headerlen, 33 msglen; 34 35 unsigned char key[MAXBLOCKSIZE], 36 nonce[MAXBLOCKSIZE], 37 header[MAXBLOCKSIZE], 38 plaintext[MAXBLOCKSIZE], 39 ciphertext[MAXBLOCKSIZE], 40 tag[MAXBLOCKSIZE]; 41 } tests[] = { 42 43 /* NULL message */ 44 { 45 16, 0, 0, 0, 46 /* key */ 47 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 48 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 49 /* nonce */ 50 { 0 }, 51 /* header */ 52 { 0 }, 53 /* plaintext */ 54 { 0 }, 55 /* ciphertext */ 56 { 0 }, 57 /* tag */ 58 { 0x9a, 0xd0, 0x7e, 0x7d, 0xbf, 0xf3, 0x01, 0xf5, 59 0x05, 0xde, 0x59, 0x6b, 0x96, 0x15, 0xdf, 0xff } 60 }, 61 62 /* test with nonce */ 63 { 64 16, 16, 0, 0, 65 /* key */ 66 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 67 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 68 /* nonce */ 69 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 70 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 71 /* header */ 72 { 0 }, 73 /* plaintext */ 74 { 0 }, 75 /* ciphertext */ 76 { 0 }, 77 /* tag */ 78 { 0x1c, 0xe1, 0x0d, 0x3e, 0xff, 0xd4, 0xca, 0xdb, 79 0xe2, 0xe4, 0x4b, 0x58, 0xd6, 0x0a, 0xb9, 0xec } 80 }, 81 82 /* test with header [no nonce] */ 83 { 84 16, 0, 16, 0, 85 /* key */ 86 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 87 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 88 /* nonce */ 89 { 0 }, 90 /* header */ 91 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 92 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 93 /* plaintext */ 94 { 0 }, 95 /* ciphertext */ 96 { 0 }, 97 /* tag */ 98 { 0x3a, 0x69, 0x8f, 0x7a, 0x27, 0x0e, 0x51, 0xb0, 99 0xf6, 0x5b, 0x3d, 0x3e, 0x47, 0x19, 0x3c, 0xff } 100 }, 101 102 /* test with header + nonce + plaintext */ 103 { 104 16, 16, 16, 32, 105 /* key */ 106 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 107 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 108 /* nonce */ 109 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 110 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 111 /* header */ 112 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 113 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 114 /* plaintext */ 115 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 116 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 117 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 118 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, 119 /* ciphertext */ 120 { 0x29, 0xd8, 0x78, 0xd1, 0xa3, 0xbe, 0x85, 0x7b, 121 0x6f, 0xb8, 0xc8, 0xea, 0x59, 0x50, 0xa7, 0x78, 122 0x33, 0x1f, 0xbf, 0x2c, 0xcf, 0x33, 0x98, 0x6f, 123 0x35, 0xe8, 0xcf, 0x12, 0x1d, 0xcb, 0x30, 0xbc }, 124 /* tag */ 125 { 0x4f, 0xbe, 0x03, 0x38, 0xbe, 0x1c, 0x8c, 0x7e, 126 0x1d, 0x7a, 0xe7, 0xe4, 0x5b, 0x92, 0xc5, 0x87 } 127 }, 128 129 /* test with header + nonce + plaintext [not even sizes!] */ 130 { 131 16, 15, 14, 29, 132 /* key */ 133 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 134 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, 135 /* nonce */ 136 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 137 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e }, 138 /* header */ 139 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 140 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d }, 141 /* plaintext */ 142 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 143 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 144 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 145 0x18, 0x19, 0x1a, 0x1b, 0x1c }, 146 /* ciphertext */ 147 { 0xdd, 0x25, 0xc7, 0x54, 0xc5, 0xb1, 0x7c, 0x59, 148 0x28, 0xb6, 0x9b, 0x73, 0x15, 0x5f, 0x7b, 0xb8, 149 0x88, 0x8f, 0xaf, 0x37, 0x09, 0x1a, 0xd9, 0x2c, 150 0x8a, 0x24, 0xdb, 0x86, 0x8b }, 151 /* tag */ 152 { 0x0d, 0x1a, 0x14, 0xe5, 0x22, 0x24, 0xff, 0xd2, 153 0x3a, 0x05, 0xfa, 0x02, 0xcd, 0xef, 0x52, 0xda } 154 }, 155 156 /* Vectors from Brian Gladman */ 157 158 { 159 16, 16, 8, 0, 160 /* key */ 161 { 0x23, 0x39, 0x52, 0xde, 0xe4, 0xd5, 0xed, 0x5f, 162 0x9b, 0x9c, 0x6d, 0x6f, 0xf8, 0x0f, 0xf4, 0x78 }, 163 /* nonce */ 164 { 0x62, 0xec, 0x67, 0xf9, 0xc3, 0xa4, 0xa4, 0x07, 165 0xfc, 0xb2, 0xa8, 0xc4, 0x90, 0x31, 0xa8, 0xb3 }, 166 /* header */ 167 { 0x6b, 0xfb, 0x91, 0x4f, 0xd0, 0x7e, 0xae, 0x6b }, 168 /* PT */ 169 { 0x00 }, 170 /* CT */ 171 { 0x00 }, 172 /* tag */ 173 { 0xe0, 0x37, 0x83, 0x0e, 0x83, 0x89, 0xf2, 0x7b, 174 0x02, 0x5a, 0x2d, 0x65, 0x27, 0xe7, 0x9d, 0x01 } 175 }, 176 177 { 178 16, 16, 8, 2, 179 /* key */ 180 { 0x91, 0x94, 0x5d, 0x3f, 0x4d, 0xcb, 0xee, 0x0b, 181 0xf4, 0x5e, 0xf5, 0x22, 0x55, 0xf0, 0x95, 0xa4 }, 182 /* nonce */ 183 { 0xbe, 0xca, 0xf0, 0x43, 0xb0, 0xa2, 0x3d, 0x84, 184 0x31, 0x94, 0xba, 0x97, 0x2c, 0x66, 0xde, 0xbd }, 185 /* header */ 186 { 0xfa, 0x3b, 0xfd, 0x48, 0x06, 0xeb, 0x53, 0xfa }, 187 /* PT */ 188 { 0xf7, 0xfb }, 189 /* CT */ 190 { 0x19, 0xdd }, 191 /* tag */ 192 { 0x5c, 0x4c, 0x93, 0x31, 0x04, 0x9d, 0x0b, 0xda, 193 0xb0, 0x27, 0x74, 0x08, 0xf6, 0x79, 0x67, 0xe5 } 194 }, 195 196 { 197 16, 16, 8, 5, 198 /* key */ 199 { 0x01, 0xf7, 0x4a, 0xd6, 0x40, 0x77, 0xf2, 0xe7, 200 0x04, 0xc0, 0xf6, 0x0a, 0xda, 0x3d, 0xd5, 0x23 }, 201 /* nonce */ 202 { 0x70, 0xc3, 0xdb, 0x4f, 0x0d, 0x26, 0x36, 0x84, 203 0x00, 0xa1, 0x0e, 0xd0, 0x5d, 0x2b, 0xff, 0x5e }, 204 /* header */ 205 { 0x23, 0x4a, 0x34, 0x63, 0xc1, 0x26, 0x4a, 0xc6 }, 206 /* PT */ 207 { 0x1a, 0x47, 0xcb, 0x49, 0x33 }, 208 /* CT */ 209 { 0xd8, 0x51, 0xd5, 0xba, 0xe0 }, 210 /* Tag */ 211 { 0x3a, 0x59, 0xf2, 0x38, 0xa2, 0x3e, 0x39, 0x19, 212 0x9d, 0xc9, 0x26, 0x66, 0x26, 0xc4, 0x0f, 0x80 } 213 } 214 215 }; 216 int err, x, idx, res; 217 unsigned long len; 218 unsigned char outct[MAXBLOCKSIZE], outtag[MAXBLOCKSIZE]; 219 220 /* AES can be under rijndael or aes... try to find it */ 221 if ((idx = find_cipher("aes")) == -1) { 222 if ((idx = find_cipher("rijndael")) == -1) { 223 return CRYPT_NOP; 224 } 225 } 226 227 for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) { 228 len = sizeof(outtag); 229 if ((err = eax_encrypt_authenticate_memory(idx, tests[x].key, tests[x].keylen, 230 tests[x].nonce, tests[x].noncelen, tests[x].header, tests[x].headerlen, 231 tests[x].plaintext, tests[x].msglen, outct, outtag, &len)) != CRYPT_OK) { 232 return err; 233 } 234 if (XMEMCMP(outct, tests[x].ciphertext, tests[x].msglen) || XMEMCMP(outtag, tests[x].tag, len)) { 235 #if 0 236 unsigned long y; 237 printf("\n\nFailure: \nCT:\n"); 238 for (y = 0; y < (unsigned long)tests[x].msglen; ) { 239 printf("0x%02x", outct[y]); 240 if (y < (unsigned long)(tests[x].msglen-1)) printf(", "); 241 if (!(++y % 8)) printf("\n"); 242 } 243 printf("\nTAG:\n"); 244 for (y = 0; y < len; ) { 245 printf("0x%02x", outtag[y]); 246 if (y < len-1) printf(", "); 247 if (!(++y % 8)) printf("\n"); 248 } 249 #endif 250 return CRYPT_FAIL_TESTVECTOR; 251 } 252 253 /* test decrypt */ 254 if ((err = eax_decrypt_verify_memory(idx, tests[x].key, tests[x].keylen, 255 tests[x].nonce, tests[x].noncelen, tests[x].header, tests[x].headerlen, 256 outct, tests[x].msglen, outct, outtag, len, &res)) != CRYPT_OK) { 257 return err; 258 } 259 if ((res != 1) || XMEMCMP(outct, tests[x].plaintext, tests[x].msglen)) { 260 #if 0 261 unsigned long y; 262 printf("\n\nFailure (res == %d): \nPT:\n", res); 263 for (y = 0; y < (unsigned long)tests[x].msglen; ) { 264 printf("0x%02x", outct[y]); 265 if (y < (unsigned long)(tests[x].msglen-1)) printf(", "); 266 if (!(++y % 8)) printf("\n"); 267 } 268 printf("\n\n"); 269 #endif 270 return CRYPT_FAIL_TESTVECTOR; 271 } 272 273 } 274 return CRYPT_OK; 275 #endif /* LTC_TEST */ 276 } 277 278 #endif /* EAX_MODE */ 279 280 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_test.c,v $ */ 281 /* $Revision: 1.5 $ */ 282 /* $Date: 2006/11/01 09:28:17 $ */ 283
