Home | History | Annotate | Download | only in aes 
      1 /* Copyright (c) 2015, Google Inc.
      2  *
      3  * Permission to use, copy, modify, and/or distribute this software for any
      4  * purpose with or without fee is hereby granted, provided that the above
      5  * copyright notice and this permission notice appear in all copies.
      6  *
      7  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
      8  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
      9  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
     10  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
     11  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
     12  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
     13  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
     14 
     15 #include <stdio.h>
     16 #include <string.h>
     17 
     18 #include <memory>
     19 #include <vector>
     20 
     21 #include <openssl/aes.h>
     22 #include <openssl/crypto.h>
     23 
     24 #include "../internal.h"
     25 #include "../test/file_test.h"
     26 
     27 
     28 static bool TestRaw(FileTest *t) {
     29   std::vector<uint8_t> key, plaintext, ciphertext;
     30   if (!t->GetBytes(&key, "Key") ||
     31       !t->GetBytes(&plaintext, "Plaintext") ||
     32       !t->GetBytes(&ciphertext, "Ciphertext")) {
     33     return false;
     34   }
     35 
     36   if (plaintext.size() != AES_BLOCK_SIZE ||
     37       ciphertext.size() != AES_BLOCK_SIZE) {
     38     t->PrintLine("Plaintext or Ciphertext not a block size.");
     39     return false;
     40   }
     41 
     42   AES_KEY aes_key;
     43   if (AES_set_encrypt_key(key.data(), 8 * key.size(), &aes_key) != 0) {
     44     t->PrintLine("AES_set_encrypt_key failed.");
     45     return false;
     46   }
     47 
     48   // Test encryption.
     49   uint8_t block[AES_BLOCK_SIZE];
     50   AES_encrypt(plaintext.data(), block, &aes_key);
     51   if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, ciphertext.data(),
     52                            ciphertext.size())) {
     53     t->PrintLine("AES_encrypt gave the wrong output.");
     54     return false;
     55   }
     56 
     57   // Test in-place encryption.
     58   OPENSSL_memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
     59   AES_encrypt(block, block, &aes_key);
     60   if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, ciphertext.data(),
     61                            ciphertext.size())) {
     62     t->PrintLine("In-place AES_encrypt gave the wrong output.");
     63     return false;
     64   }
     65 
     66   if (AES_set_decrypt_key(key.data(), 8 * key.size(), &aes_key) != 0) {
     67     t->PrintLine("AES_set_decrypt_key failed.");
     68     return false;
     69   }
     70 
     71   // Test decryption.
     72   AES_decrypt(ciphertext.data(), block, &aes_key);
     73   if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, plaintext.data(),
     74                            plaintext.size())) {
     75     t->PrintLine("AES_decrypt gave the wrong output.");
     76     return false;
     77   }
     78 
     79   // Test in-place decryption.
     80   OPENSSL_memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
     81   AES_decrypt(block, block, &aes_key);
     82   if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, plaintext.data(),
     83                            plaintext.size())) {
     84     t->PrintLine("In-place AES_decrypt gave the wrong output.");
     85     return false;
     86   }
     87 
     88   return true;
     89 }
     90 
     91 static bool TestKeyWrap(FileTest *t) {
     92   // All test vectors use the default IV, so test both with implicit and
     93   // explicit IV.
     94   //
     95   // TODO(davidben): Find test vectors that use a different IV.
     96   static const uint8_t kDefaultIV[] = {
     97       0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6, 0xa6,
     98   };
     99 
    100   std::vector<uint8_t> key, plaintext, ciphertext;
    101   if (!t->GetBytes(&key, "Key") ||
    102       !t->GetBytes(&plaintext, "Plaintext") ||
    103       !t->GetBytes(&ciphertext, "Ciphertext")) {
    104     return false;
    105   }
    106 
    107   if (plaintext.size() + 8 != ciphertext.size()) {
    108     t->PrintLine("Invalid Plaintext and Ciphertext lengths.");
    109     return false;
    110   }
    111 
    112   AES_KEY aes_key;
    113   if (AES_set_encrypt_key(key.data(), 8 * key.size(), &aes_key) != 0) {
    114     t->PrintLine("AES_set_encrypt_key failed.");
    115     return false;
    116   }
    117 
    118   std::unique_ptr<uint8_t[]> buf(new uint8_t[ciphertext.size()]);
    119   if (AES_wrap_key(&aes_key, nullptr /* iv */, buf.get(), plaintext.data(),
    120                    plaintext.size()) != static_cast<int>(ciphertext.size()) ||
    121       !t->ExpectBytesEqual(buf.get(), ciphertext.size(), ciphertext.data(),
    122                            ciphertext.size())) {
    123     t->PrintLine("AES_wrap_key with implicit IV failed.");
    124     return false;
    125   }
    126 
    127   OPENSSL_memset(buf.get(), 0, ciphertext.size());
    128   if (AES_wrap_key(&aes_key, kDefaultIV, buf.get(), plaintext.data(),
    129                    plaintext.size()) != static_cast<int>(ciphertext.size()) ||
    130       !t->ExpectBytesEqual(buf.get(), ciphertext.size(), ciphertext.data(),
    131                            ciphertext.size())) {
    132     t->PrintLine("AES_wrap_key with explicit IV failed.");
    133     return false;
    134   }
    135 
    136   if (AES_set_decrypt_key(key.data(), 8 * key.size(), &aes_key) != 0) {
    137     t->PrintLine("AES_set_decrypt_key failed.");
    138     return false;
    139   }
    140 
    141   buf.reset(new uint8_t[plaintext.size()]);
    142   if (AES_unwrap_key(&aes_key, nullptr /* iv */, buf.get(), ciphertext.data(),
    143                      ciphertext.size()) != static_cast<int>(plaintext.size()) ||
    144       !t->ExpectBytesEqual(buf.get(), plaintext.size(), plaintext.data(),
    145                            plaintext.size())) {
    146     t->PrintLine("AES_unwrap_key with implicit IV failed.");
    147     return false;
    148   }
    149 
    150   OPENSSL_memset(buf.get(), 0, plaintext.size());
    151   if (AES_unwrap_key(&aes_key, kDefaultIV, buf.get(), ciphertext.data(),
    152                      ciphertext.size()) != static_cast<int>(plaintext.size()) ||
    153       !t->ExpectBytesEqual(buf.get(), plaintext.size(), plaintext.data(),
    154                            plaintext.size())) {
    155     t->PrintLine("AES_unwrap_key with explicit IV failed.");
    156     return false;
    157   }
    158 
    159   ciphertext[0] ^= 1;
    160   if (AES_unwrap_key(&aes_key, nullptr /* iv */, buf.get(), ciphertext.data(),
    161                      ciphertext.size()) != -1) {
    162     t->PrintLine("AES_unwrap_key with bad input unexpectedly succeeded.");
    163     return false;
    164   }
    165 
    166   return true;
    167 }
    168 
    169 static bool TestAES(FileTest *t, void *arg) {
    170   if (t->GetParameter() == "Raw") {
    171     return TestRaw(t);
    172   }
    173   if (t->GetParameter() == "KeyWrap") {
    174     return TestKeyWrap(t);
    175   }
    176 
    177   t->PrintLine("Unknown mode '%s'.", t->GetParameter().c_str());
    178   return false;
    179 }
    180 
    181 int main(int argc, char **argv) {
    182   CRYPTO_library_init();
    183 
    184   if (argc != 2) {
    185     fprintf(stderr, "%s <test file.txt>\n", argv[0]);
    186     return 1;
    187   }
    188 
    189   return FileTestMain(TestAES, nullptr, argv[1]);
    190 }
    191