3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
12 #include "crypto/crypto.h"
13 #include "crypto/aes_wrap.h"
17 static void test_aes_perf(void)
19 #if 0 /* this did not seem to work with new compiler?! */
21 #define rdtscll(val) \
22 __asm__ __volatile__("rdtsc" : "=A" (val))
23 const int num_iters = 10;
25 unsigned int start, end;
26 u8 key[16], pt[16], ct[16];
29 printf("keySetupEnc:");
30 for (i = 0; i < num_iters; i++) {
32 ctx = aes_encrypt_init(key, 16);
34 aes_encrypt_deinit(ctx);
35 printf(" %d", end - start);
40 ctx = aes_encrypt_init(key, 16);
41 for (i = 0; i < num_iters; i++) {
43 aes_encrypt(ctx, pt, ct);
45 printf(" %d", end - start);
47 aes_encrypt_deinit(ctx);
55 * GCM test vectors from
56 * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
58 struct gcm_test_vector {
67 static const struct gcm_test_vector gcm_tests[] = {
70 "00000000000000000000000000000000",
73 "000000000000000000000000",
75 "58e2fccefa7e3061367f1d57a4e7455a"
79 "00000000000000000000000000000000",
80 "00000000000000000000000000000000",
82 "000000000000000000000000",
83 "0388dace60b6a392f328c2b971b2fe78",
84 "ab6e47d42cec13bdf53a67b21257bddf"
88 "feffe9928665731c6d6a8f9467308308",
89 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
91 "cafebabefacedbaddecaf888",
92 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
93 "4d5c2af327cd64a62cf35abd2ba6fab4"
97 "feffe9928665731c6d6a8f9467308308",
98 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
99 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
100 "cafebabefacedbaddecaf888",
101 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
102 "5bc94fbc3221a5db94fae95ae7121a47"
106 "feffe9928665731c6d6a8f9467308308",
107 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
108 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
110 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
111 "3612d2e79e3b0785561be14aaca2fccb"
115 "feffe9928665731c6d6a8f9467308308",
116 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
117 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
118 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
119 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
120 "619cc5aefffe0bfa462af43c1699d050"
124 "000000000000000000000000000000000000000000000000",
127 "000000000000000000000000",
129 "cd33b28ac773f74ba00ed1f312572435"
133 "000000000000000000000000000000000000000000000000",
134 "00000000000000000000000000000000",
136 "000000000000000000000000",
137 "98e7247c07f0fe411c267e4384b0f600",
138 "2ff58d80033927ab8ef4d4587514f0fb"
142 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
143 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
145 "cafebabefacedbaddecaf888",
146 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
147 "9924a7c8587336bfb118024db8674a14"
151 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
152 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
153 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
154 "cafebabefacedbaddecaf888",
155 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
156 "2519498e80f1478f37ba55bd6d27618c"
160 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
161 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
162 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
164 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
165 "65dcc57fcf623a24094fcca40d3533f8"
169 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
170 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
171 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
172 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
173 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
174 "dcf566ff291c25bbb8568fc3d376a6d9"
178 "0000000000000000000000000000000000000000000000000000000000000000",
181 "000000000000000000000000",
183 "530f8afbc74536b9a963b4f1c4cb738b"
187 "0000000000000000000000000000000000000000000000000000000000000000",
188 "00000000000000000000000000000000",
190 "000000000000000000000000",
191 "cea7403d4d606b6e074ec5d3baf39d18",
192 "d0d1c8a799996bf0265b98b5d48ab919"
196 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
197 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
199 "cafebabefacedbaddecaf888",
200 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
201 "b094dac5d93471bdec1a502270e3cc6c"
205 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
206 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
207 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
208 "cafebabefacedbaddecaf888",
209 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
210 "76fc6ece0f4e1768cddf8853bb2d551b"
214 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
215 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
216 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
218 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
219 "3a337dbf46a792c45e454913fe2ea8f2"
223 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
224 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
225 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
226 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
227 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
228 "a44a8266ee1c8eb0c8b5d4cf5ae9f19a"
233 static int test_gcm(void)
237 u8 k[32], aad[32], iv[64], t[16], tag[16];
238 u8 p[64], c[64], tmp[64];
239 size_t k_len, p_len, aad_len, iv_len;
241 for (i = 0; i < ARRAY_SIZE(gcm_tests); i++) {
242 const struct gcm_test_vector *tc = &gcm_tests[i];
244 k_len = os_strlen(tc->k) / 2;
245 if (hexstr2bin(tc->k, k, k_len)) {
246 printf("Invalid GCM test vector %d (k)\n", i);
251 p_len = os_strlen(tc->p) / 2;
252 if (hexstr2bin(tc->p, p, p_len)) {
253 printf("Invalid GCM test vector %d (p)\n", i);
258 aad_len = os_strlen(tc->aad) / 2;
259 if (hexstr2bin(tc->aad, aad, aad_len)) {
260 printf("Invalid GCM test vector %d (aad)\n", i);
265 iv_len = os_strlen(tc->iv) / 2;
266 if (hexstr2bin(tc->iv, iv, iv_len)) {
267 printf("Invalid GCM test vector %d (iv)\n", i);
272 if (hexstr2bin(tc->c, c, p_len)) {
273 printf("Invalid GCM test vector %d (c)\n", i);
278 if (hexstr2bin(tc->t, t, sizeof(t))) {
279 printf("Invalid GCM test vector %d (t)\n", i);
284 if (aes_gcm_ae(k, k_len, iv, iv_len, p, p_len, aad, aad_len,
286 printf("GCM-AE failed (test case %d)\n", i);
291 if (os_memcmp(c, tmp, p_len) != 0) {
292 printf("GCM-AE mismatch (test case %d)\n", i);
296 if (os_memcmp(tag, t, sizeof(tag)) != 0) {
297 printf("GCM-AE tag mismatch (test case %d)\n", i);
302 if (aes_gmac(k, k_len, iv, iv_len, aad, aad_len, tag) <
304 printf("GMAC failed (test case %d)\n", i);
309 if (os_memcmp(tag, t, sizeof(tag)) != 0) {
310 printf("GMAC tag mismatch (test case %d)\n", i);
315 if (aes_gcm_ad(k, k_len, iv, iv_len, c, p_len, aad, aad_len,
317 printf("GCM-AD failed (test case %d)\n", i);
322 if (os_memcmp(p, tmp, p_len) != 0) {
323 printf("GCM-AD mismatch (test case %d)\n", i);
332 static int test_key_wrap(void)
337 /* RFC 3394 - Test vector 4.1 */
339 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
340 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
343 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
344 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
347 0x1F, 0xA6, 0x8B, 0x0A, 0x81, 0x12, 0xB4, 0x47,
348 0xAE, 0xF3, 0x4B, 0xD8, 0xFB, 0x5A, 0x7B, 0x82,
349 0x9D, 0x3E, 0x86, 0x23, 0x71, 0xD2, 0xCF, 0xE5
351 /* RFC 3394 - Test vector 4.2 */
353 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
354 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
355 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
358 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
359 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
362 0x96, 0x77, 0x8B, 0x25, 0xAE, 0x6C, 0xA4, 0x35,
363 0xF9, 0x2B, 0x5B, 0x97, 0xC0, 0x50, 0xAE, 0xD2,
364 0x46, 0x8A, 0xB8, 0xA1, 0x7A, 0xD8, 0x4E, 0x5D
366 /* RFC 3394 - Test vector 4.3 */
368 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
369 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
370 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
371 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
374 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
375 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
378 0x64, 0xE8, 0xC3, 0xF9, 0xCE, 0x0F, 0x5B, 0xA2,
379 0x63, 0xE9, 0x77, 0x79, 0x05, 0x81, 0x8A, 0x2A,
380 0x93, 0xC8, 0x19, 0x1E, 0x7D, 0x6E, 0x8A, 0xE7,
382 /* RFC 3394 - Test vector 4.4 */
384 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
385 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
386 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17
389 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
390 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
391 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
394 0x03, 0x1D, 0x33, 0x26, 0x4E, 0x15, 0xD3, 0x32,
395 0x68, 0xF2, 0x4E, 0xC2, 0x60, 0x74, 0x3E, 0xDC,
396 0xE1, 0xC6, 0xC7, 0xDD, 0xEE, 0x72, 0x5A, 0x93,
397 0x6B, 0xA8, 0x14, 0x91, 0x5C, 0x67, 0x62, 0xD2
399 /* RFC 3394 - Test vector 4.5 */
401 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
402 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
403 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
404 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
407 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
408 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
409 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
412 0xA8, 0xF9, 0xBC, 0x16, 0x12, 0xC6, 0x8B, 0x3F,
413 0xF6, 0xE6, 0xF4, 0xFB, 0xE3, 0x0E, 0x71, 0xE4,
414 0x76, 0x9C, 0x8B, 0x80, 0xA3, 0x2C, 0xB8, 0x95,
415 0x8C, 0xD5, 0xD1, 0x7D, 0x6B, 0x25, 0x4D, 0xA1,
417 /* RFC 3394 - Test vector 4.6 */
419 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
420 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
421 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
422 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
425 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
426 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF,
427 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
428 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
431 0x28, 0xC9, 0xF4, 0x04, 0xC4, 0xB8, 0x10, 0xF4,
432 0xCB, 0xCC, 0xB3, 0x5C, 0xFB, 0x87, 0xF8, 0x26,
433 0x3F, 0x57, 0x86, 0xE2, 0xD8, 0x0E, 0xD3, 0x26,
434 0xCB, 0xC7, 0xF0, 0xE7, 0x1A, 0x99, 0xF4, 0x3B,
435 0xFB, 0x98, 0x8B, 0x9B, 0x7A, 0x02, 0xDD, 0x21
439 printf("RFC 3394 - Test vector 4.1\n");
440 if (aes_wrap(kek41, sizeof(kek41), sizeof(plain41) / 8, plain41,
442 printf("AES-WRAP-128 reported failure\n");
445 if (memcmp(result, crypt41, sizeof(crypt41)) != 0) {
446 printf("AES-WRAP-128 failed\n");
449 if (aes_unwrap(kek41, sizeof(kek41), sizeof(plain41) / 8, crypt41,
451 printf("AES-UNWRAP-128 reported failure\n");
454 if (memcmp(result, plain41, sizeof(plain41)) != 0) {
455 printf("AES-UNWRAP-128 failed\n");
457 for (i = 0; i < sizeof(plain41); i++)
458 printf(" %02x", result[i]);
462 printf("RFC 3394 - Test vector 4.2\n");
463 if (aes_wrap(kek42, sizeof(kek42), sizeof(plain42) / 8, plain42,
465 printf("AES-WRAP-192 reported failure\n");
468 if (memcmp(result, crypt42, sizeof(crypt42)) != 0) {
469 printf("AES-WRAP-192 failed\n");
472 if (aes_unwrap(kek42, sizeof(kek42), sizeof(plain42) / 8, crypt42,
474 printf("AES-UNWRAP-192 reported failure\n");
477 if (memcmp(result, plain42, sizeof(plain42)) != 0) {
478 printf("AES-UNWRAP-192 failed\n");
480 for (i = 0; i < sizeof(plain42); i++)
481 printf(" %02x", result[i]);
485 printf("RFC 3394 - Test vector 4.3\n");
486 if (aes_wrap(kek43, sizeof(kek43), sizeof(plain43) / 8, plain43,
488 printf("AES-WRAP-256 reported failure\n");
491 if (memcmp(result, crypt43, sizeof(crypt43)) != 0) {
492 printf("AES-WRAP-256 failed\n");
495 if (aes_unwrap(kek43, sizeof(kek43), sizeof(plain43) / 8, crypt43,
497 printf("AES-UNWRAP-256 reported failure\n");
500 if (memcmp(result, plain43, sizeof(plain43)) != 0) {
501 printf("AES-UNWRAP-256 failed\n");
503 for (i = 0; i < sizeof(plain43); i++)
504 printf(" %02x", result[i]);
508 printf("RFC 3394 - Test vector 4.4\n");
509 if (aes_wrap(kek44, sizeof(kek44), sizeof(plain44) / 8, plain44,
511 printf("AES-WRAP-192 reported failure\n");
514 if (memcmp(result, crypt44, sizeof(crypt44)) != 0) {
515 printf("AES-WRAP-192 failed\n");
518 if (aes_unwrap(kek44, sizeof(kek44), sizeof(plain44) / 8, crypt44,
520 printf("AES-UNWRAP-192 reported failure\n");
523 if (memcmp(result, plain44, sizeof(plain44)) != 0) {
524 printf("AES-UNWRAP-192 failed\n");
526 for (i = 0; i < sizeof(plain44); i++)
527 printf(" %02x", result[i]);
531 printf("RFC 3394 - Test vector 4.5\n");
532 if (aes_wrap(kek45, sizeof(kek45), sizeof(plain45) / 8, plain45,
534 printf("AES-WRAP-256 reported failure\n");
537 if (memcmp(result, crypt45, sizeof(crypt45)) != 0) {
538 printf("AES-WRAP-256 failed\n");
540 for (i = 0; i < sizeof(crypt45); i++)
541 printf(" %02x", result[i]);
544 if (aes_unwrap(kek45, sizeof(kek45), sizeof(plain45) / 8, crypt45,
546 printf("AES-UNWRAP-256 reported failure\n");
549 if (memcmp(result, plain45, sizeof(plain45)) != 0) {
550 printf("AES-UNWRAP-256 failed\n");
552 for (i = 0; i < sizeof(plain45); i++)
553 printf(" %02x", result[i]);
557 printf("RFC 3394 - Test vector 4.6\n");
558 if (aes_wrap(kek46, sizeof(kek46), sizeof(plain46) / 8, plain46,
560 printf("AES-WRAP-256 reported failure\n");
563 if (memcmp(result, crypt46, sizeof(crypt46)) != 0) {
564 printf("AES-WRAP-256 failed\n");
567 if (aes_unwrap(kek46, sizeof(kek46), sizeof(plain46) / 8, crypt46,
569 printf("AES-UNWRAP-256 reported failure\n");
572 if (memcmp(result, plain46, sizeof(plain46)) != 0) {
573 printf("AES-UNWRAP-256 failed\n");
575 for (i = 0; i < sizeof(plain46); i++)
576 printf(" %02x", result[i]);
584 static int test_nist_key_wrap_ae(const char *fname)
588 char buf[15000], *pos, *pos2;
589 u8 bin[2000], k[32], p[1024], c[1024 + 8], result[1024 + 8];
590 size_t bin_len, k_len = 0, p_len = 0, c_len = 0;
593 printf("NIST KW AE tests from %s\n", fname);
595 f = fopen(fname, "r");
597 printf("%s does not exist - cannot validate test vectors\n",
602 while (fgets(buf, sizeof(buf), f)) {
605 pos = os_strchr(buf, '=');
609 while (pos2 >= buf && *pos2 == ' ')
614 pos2 = os_strchr(pos, '\r');
616 pos2 = os_strchr(pos, '\n');
620 pos2 = pos + os_strlen(pos);
623 printf("%s = %s\n", buf, pos);
627 if (os_strcmp(buf, "COUNT") == 0) {
628 printf("Test %s - ", pos);
632 bin_len = os_strlen(pos);
633 if (bin_len > sizeof(bin) * 2) {
634 printf("Too long binary data (%s)\n", buf);
637 if (bin_len & 0x01) {
638 printf("Odd number of hexstring values (%s)\n",
643 if (hexstr2bin(pos, bin, bin_len) < 0) {
644 printf("Invalid hex string '%s' (%s)\n", pos, buf);
648 if (os_strcmp(buf, "K") == 0) {
649 if (bin_len > sizeof(k)) {
650 printf("Too long K (%u)\n", (unsigned) bin_len);
653 os_memcpy(k, bin, bin_len);
658 if (os_strcmp(buf, "P") == 0) {
659 if (bin_len > sizeof(p)) {
660 printf("Too long P (%u)\n", (unsigned) bin_len);
663 os_memcpy(p, bin, bin_len);
668 if (os_strcmp(buf, "C") != 0) {
669 printf("Unexpected field '%s'\n", buf);
673 if (bin_len > sizeof(c)) {
674 printf("Too long C (%u)\n", (unsigned) bin_len);
677 os_memcpy(c, bin, bin_len);
680 if (p_len % 8 != 0 || c_len % 8 != 0 || c_len - p_len != 8) {
681 printf("invalid parameter length (p_len=%u c_len=%u)\n",
682 (unsigned) p_len, (unsigned) c_len);
686 if (aes_wrap(k, k_len, p_len / 8, p, result)) {
687 printf("aes_wrap() failed\n");
692 if (os_memcmp(c, result, c_len) == 0) {
704 printf("Test case failed\n");
706 printf("%d test vectors OK\n", ok);
712 static int test_nist_key_wrap_ad(const char *fname)
716 char buf[15000], *pos, *pos2;
717 u8 bin[2000], k[32], p[1024], c[1024 + 8], result[1024 + 8];
718 size_t bin_len, k_len = 0, p_len = 0, c_len = 0;
722 printf("NIST KW AD tests from %s\n", fname);
724 f = fopen(fname, "r");
726 printf("%s does not exist - cannot validate test vectors\n",
731 while (fgets(buf, sizeof(buf), f)) {
735 pos = os_strchr(buf, '=');
737 if (os_strncmp(buf, "FAIL", 4) == 0) {
744 while (pos2 >= buf && *pos2 == ' ')
749 pos2 = os_strchr(pos, '\r');
751 pos2 = os_strchr(pos, '\n');
755 pos2 = pos + os_strlen(pos);
758 printf("%s = %s\n", buf, pos);
762 if (os_strcmp(buf, "COUNT") == 0) {
763 printf("Test %s - ", pos);
767 bin_len = os_strlen(pos);
768 if (bin_len > sizeof(bin) * 2) {
769 printf("Too long binary data (%s)\n", buf);
772 if (bin_len & 0x01) {
773 printf("Odd number of hexstring values (%s)\n",
778 if (hexstr2bin(pos, bin, bin_len) < 0) {
779 printf("Invalid hex string '%s' (%s)\n", pos, buf);
783 if (os_strcmp(buf, "K") == 0) {
784 if (bin_len > sizeof(k)) {
785 printf("Too long K (%u)\n", (unsigned) bin_len);
788 os_memcpy(k, bin, bin_len);
793 if (os_strcmp(buf, "C") == 0) {
794 if (bin_len > sizeof(c)) {
795 printf("Too long C (%u)\n", (unsigned) bin_len);
798 os_memcpy(c, bin, bin_len);
805 if (os_strcmp(buf, "P") != 0) {
806 printf("Unexpected field '%s'\n", buf);
810 if (bin_len > sizeof(p)) {
811 printf("Too long P (%u)\n", (unsigned) bin_len);
814 os_memcpy(p, bin, bin_len);
817 if (p_len % 8 != 0 || c_len % 8 != 0 ||
818 c_len - p_len != 8) {
819 printf("invalid parameter length (p_len=%u c_len=%u)\n",
820 (unsigned) p_len, (unsigned) c_len);
825 if (aes_unwrap(k, k_len, (c_len / 8) - 1, c, result)) {
827 printf("OK (fail reported)\n");
831 printf("aes_unwrap() failed\n");
837 printf("FAIL (mismatch not reported)\n");
839 } else if (os_memcmp(p, result, p_len) == 0) {
851 printf("Test case failed\n");
853 printf("%d test vectors OK\n", ok);
859 int main(int argc, char *argv[])
863 if (argc >= 3 && os_strcmp(argv[1], "NIST-KW-AE") == 0)
864 ret += test_nist_key_wrap_ae(argv[2]);
865 else if (argc >= 3 && os_strcmp(argv[1], "NIST-KW-AD") == 0)
866 ret += test_nist_key_wrap_ad(argv[2]);
868 ret += test_key_wrap();