]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | /********************************************************************** |
2 | Copyright(c) 2011-2016 Intel Corporation All rights reserved. | |
3 | ||
4 | Redistribution and use in source and binary forms, with or without | |
1e59de90 | 5 | modification, are permitted provided that the following conditions |
7c673cae FG |
6 | are met: |
7 | * Redistributions of source code must retain the above copyright | |
8 | notice, this list of conditions and the following disclaimer. | |
9 | * Redistributions in binary form must reproduce the above copyright | |
10 | notice, this list of conditions and the following disclaimer in | |
11 | the documentation and/or other materials provided with the | |
12 | distribution. | |
13 | * Neither the name of Intel Corporation nor the names of its | |
14 | contributors may be used to endorse or promote products derived | |
15 | from this software without specific prior written permission. | |
16 | ||
17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
28 | **********************************************************************/ | |
29 | ||
30 | #include <stdlib.h> | |
31 | #include <stdio.h> | |
32 | #include <stdint.h> | |
33 | #include <string.h> // for memcmp | |
34 | #include <aes_gcm.h> | |
35 | #include <openssl/sha.h> | |
36 | #include "gcm_vectors.h" | |
37 | #include "ossl_helper.h" | |
38 | #include "types.h" | |
39 | ||
1e59de90 TL |
40 | //#define GCM_VECTORS_VERBOSE |
41 | //#define GCM_VECTORS_EXTRA_VERBOSE | |
7c673cae FG |
42 | #ifndef TEST_SEED |
43 | # define TEST_SEED 0x1234 | |
44 | #endif | |
45 | #ifndef RANDOMS | |
46 | # define RANDOMS 200 | |
47 | #endif | |
48 | #ifndef TEST_LEN | |
49 | # define TEST_LEN 32*1024 | |
50 | #endif | |
51 | #ifndef PAGE_LEN | |
52 | # define PAGE_LEN (4*1024) | |
53 | #endif | |
54 | ||
55 | #if defined(NT_LD) || defined(NT_ST) || defined(NT_LDST) | |
56 | # define ALIGNMENT_MASK (~15) | |
57 | # define OFFSET_BASE_VALUE 16 | |
58 | #ifndef MAX_UNALIGNED | |
59 | # define MAX_UNALIGNED (1) | |
60 | #endif | |
61 | #else | |
62 | # define ALIGNMENT_MASK (~0) | |
63 | # define OFFSET_BASE_VALUE 1 | |
64 | #ifndef MAX_UNALIGNED | |
65 | # define MAX_UNALIGNED (16) | |
66 | #endif | |
67 | #endif | |
68 | ||
7c673cae FG |
69 | void dump_table(char *title, uint8_t * table, uint8_t count) |
70 | { | |
71 | int i; | |
72 | char const *space = " "; | |
73 | ||
74 | printf("%s%s => {\n", space, title); | |
75 | for (i = 0; i < count; i++) { | |
76 | if (0 == (i & 15)) | |
77 | printf("%s%s", space, space); | |
78 | printf("%2x, ", table[i]); | |
79 | if (15 == (i & 15)) | |
80 | printf("\n"); | |
81 | ||
82 | } | |
83 | printf("%s}\n", space); | |
84 | } | |
85 | ||
1e59de90 | 86 | void dump_gcm_data(struct gcm_key_data *gkey) |
7c673cae FG |
87 | { |
88 | #ifdef GCM_VECTORS_EXTRA_VERBOSE | |
89 | printf("gcm_data {\n"); | |
1e59de90 TL |
90 | dump_table("expanded_keys", gkey->expanded_keys, (16 * 11)); |
91 | dump_table("shifted_hkey_1", gkey->shifted_hkey_1, 16); | |
92 | dump_table("shifted_hkey_2", gkey->shifted_hkey_2, 16); | |
93 | dump_table("shifted_hkey_3", gkey->shifted_hkey_3, 16); | |
94 | dump_table("shifted_hkey_4", gkey->shifted_hkey_4, 16); | |
95 | dump_table("shifted_hkey_5", gkey->shifted_hkey_5, 16); | |
96 | dump_table("shifted_hkey_6", gkey->shifted_hkey_6, 16); | |
97 | dump_table("shifted_hkey_7", gkey->shifted_hkey_7, 16); | |
98 | dump_table("shifted_hkey_8", gkey->shifted_hkey_8, 16); | |
99 | dump_table("shifted_hkey_1_k", gkey->shifted_hkey_1_k, 16); | |
100 | dump_table("shifted_hkey_2_k", gkey->shifted_hkey_2_k, 16); | |
101 | dump_table("shifted_hkey_3_k", gkey->shifted_hkey_3_k, 16); | |
102 | dump_table("shifted_hkey_4_k", gkey->shifted_hkey_4_k, 16); | |
103 | dump_table("shifted_hkey_5_k", gkey->shifted_hkey_5_k, 16); | |
104 | dump_table("shifted_hkey_6_k", gkey->shifted_hkey_6_k, 16); | |
105 | dump_table("shifted_hkey_7_k", gkey->shifted_hkey_7_k, 16); | |
106 | dump_table("shifted_hkey_8_k", gkey->shifted_hkey_8_k, 16); | |
7c673cae FG |
107 | printf("}\n"); |
108 | #endif //GCM_VECTORS_VERBOSE | |
109 | } | |
110 | ||
111 | void mk_rand_data(uint8_t * data, uint32_t size) | |
112 | { | |
113 | int i; | |
114 | for (i = 0; i < size; i++) { | |
115 | *data++ = rand(); | |
116 | } | |
117 | } | |
118 | ||
119 | int check_data(uint8_t * test, uint8_t * expected, uint64_t len, char *data_name) | |
120 | { | |
121 | int mismatch; | |
122 | int OK = 0; | |
123 | ||
124 | mismatch = memcmp(test, expected, len); | |
125 | if (mismatch) { | |
126 | OK = 1; | |
127 | printf(" expected results don't match %s \t\t", data_name); | |
128 | { | |
129 | uint64_t a; | |
130 | for (a = 0; a < len; a++) { | |
131 | if (test[a] != expected[a]) { | |
132 | printf(" '%x' != '%x' at %lx of %lx\n", | |
133 | test[a], expected[a], a, len); | |
134 | break; | |
135 | } | |
136 | } | |
137 | } | |
138 | } | |
139 | return OK; | |
140 | } | |
141 | ||
1e59de90 | 142 | int check_vector(struct gcm_key_data *gkey, struct gcm_context_data *gctx, gcm_vector * vector) |
7c673cae FG |
143 | { |
144 | uint8_t *pt_test = NULL; | |
145 | uint8_t *ct_test = NULL; | |
146 | uint8_t *o_ct_test = NULL; | |
147 | uint8_t *IV_c = NULL; | |
148 | uint8_t *T_test = NULL; | |
149 | uint8_t *o_T_test = NULL; | |
7c673cae FG |
150 | uint64_t IV_alloc_len = 0; |
151 | int result; | |
152 | int OK = 0; | |
153 | ||
154 | #ifdef GCM_VECTORS_VERBOSE | |
155 | printf("combination vector Keylen:%d IVlen:%d PTLen:%d AADlen:%d Tlen:%d\n", | |
156 | (int)vector->Klen, | |
157 | (int)vector->IVlen, (int)vector->Plen, (int)vector->Alen, (int)vector->Tlen); | |
158 | #else | |
159 | printf("."); | |
160 | #endif | |
161 | // Allocate space for the calculated ciphertext | |
162 | if (vector->Plen != 0) { | |
163 | pt_test = malloc(vector->Plen); | |
164 | ct_test = malloc(vector->Plen); | |
165 | o_ct_test = malloc(vector->Plen); | |
166 | if ((pt_test == NULL) || (ct_test == NULL) || (o_ct_test == NULL)) { | |
167 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
168 | return 1; | |
169 | } | |
170 | } | |
1e59de90 | 171 | IV_alloc_len = vector->IVlen; |
7c673cae FG |
172 | // Allocate space for the calculated ciphertext |
173 | IV_c = malloc(IV_alloc_len); | |
174 | if (IV_c == NULL) { | |
175 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
176 | return 1; | |
177 | } | |
7c673cae | 178 | memcpy(IV_c, vector->IV, vector->IVlen); |
7c673cae FG |
179 | |
180 | T_test = malloc(vector->Tlen); | |
181 | o_T_test = malloc(vector->Tlen); | |
182 | if ((T_test == NULL) || (o_T_test == NULL)) { | |
183 | fprintf(stderr, "Can't allocate tag memory\n"); | |
184 | return 1; | |
185 | } | |
186 | // This is only required once for a given key | |
1e59de90 | 187 | aes_gcm_pre_128(vector->K, gkey); |
7c673cae FG |
188 | |
189 | //// | |
190 | // ISA-l Encrypt | |
191 | //// | |
1e59de90 TL |
192 | aes_gcm_enc_128(gkey, gctx, vector->C, vector->P, vector->Plen, |
193 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
194 | openssl_aes_gcm_enc(vector->K, vector->IV, |
195 | vector->IVlen, vector->A, vector->Alen, o_T_test, | |
196 | vector->Tlen, vector->P, vector->Plen, o_ct_test); | |
197 | OK |= | |
198 | check_data(vector->C, o_ct_test, vector->Plen, "OpenSSL vs ISA-L cypher text (C)"); | |
199 | OK |= | |
200 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L encrypt tag (T)"); | |
201 | ||
202 | memcpy(ct_test, vector->C, vector->Plen); | |
203 | memcpy(pt_test, vector->P, vector->Plen); | |
204 | memset(vector->P, 0, vector->Plen); | |
205 | memcpy(T_test, vector->T, vector->Tlen); | |
206 | memset(vector->T, 0, vector->Tlen); | |
207 | ||
208 | //// | |
209 | // ISA-l Decrypt | |
210 | //// | |
1e59de90 TL |
211 | aes_gcm_dec_128(gkey, gctx, vector->P, vector->C, vector->Plen, |
212 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
213 | OK |= |
214 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L decrypt tag (T)"); | |
215 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); | |
216 | memset(vector->P, 0, vector->Plen); | |
1e59de90 TL |
217 | aes_gcm_dec_128(gkey, gctx, vector->P, o_ct_test, vector->Plen, |
218 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
219 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); |
220 | result = | |
221 | openssl_aes_gcm_dec(vector->K, vector->IV, | |
222 | vector->IVlen, vector->A, vector->Alen, | |
223 | vector->T, vector->Tlen, vector->C, vector->Plen, pt_test); | |
224 | if (-1 == result) | |
225 | printf(" ISA-L->OpenSSL decryption failed Authentication\n"); | |
226 | OK |= (-1 == result); | |
227 | free(T_test); | |
228 | free(o_T_test); | |
229 | free(IV_c); | |
230 | free(pt_test); | |
231 | free(ct_test); | |
232 | free(o_ct_test); | |
233 | ||
234 | return OK; | |
235 | } | |
236 | ||
1e59de90 TL |
237 | int check_strm_vector(struct gcm_key_data *gkey, struct gcm_context_data *gctx, |
238 | gcm_vector * vector, int test_len) | |
7c673cae FG |
239 | { |
240 | uint8_t *pt_test = NULL; | |
241 | uint8_t *ct_test = NULL; | |
242 | uint8_t *o_ct_test = NULL; | |
243 | uint8_t *IV_c = NULL; | |
244 | uint8_t *T_test = NULL; | |
245 | uint8_t *o_T_test = NULL; | |
246 | uint8_t *stream = NULL; | |
7c673cae FG |
247 | uint64_t IV_alloc_len = 0; |
248 | int result; | |
249 | int OK = 0; | |
250 | uint32_t last_break; | |
251 | int i; | |
252 | uint8_t *rand_data = NULL; | |
253 | uint64_t length; | |
254 | ||
255 | rand_data = malloc(100); | |
256 | ||
257 | #ifdef GCM_VECTORS_VERBOSE | |
258 | printf("combination vector Keylen:%d IVlen:%d PTLen:%d AADlen:%d Tlen:%d\n", | |
259 | (int)vector->Klen, | |
260 | (int)vector->IVlen, (int)vector->Plen, (int)vector->Alen, (int)vector->Tlen); | |
261 | #else | |
262 | printf("."); | |
263 | #endif | |
264 | // Allocate space for the calculated ciphertext | |
265 | if (vector->Plen != 0) { | |
266 | pt_test = malloc(vector->Plen); | |
267 | ct_test = malloc(vector->Plen); | |
268 | o_ct_test = malloc(vector->Plen); | |
269 | if ((pt_test == NULL) || (ct_test == NULL) || (o_ct_test == NULL)) { | |
270 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
271 | return 1; | |
272 | } | |
273 | } | |
1e59de90 | 274 | IV_alloc_len = vector->IVlen; |
7c673cae FG |
275 | // Allocate space for the calculated ciphertext |
276 | IV_c = malloc(IV_alloc_len); | |
277 | if (IV_c == NULL) { | |
278 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
279 | return 1; | |
280 | } | |
7c673cae | 281 | memcpy(IV_c, vector->IV, vector->IVlen); |
7c673cae FG |
282 | |
283 | T_test = malloc(vector->Tlen); | |
284 | o_T_test = malloc(vector->Tlen); | |
285 | if ((T_test == NULL) || (o_T_test == NULL)) { | |
286 | fprintf(stderr, "Can't allocate tag memory\n"); | |
287 | return 1; | |
288 | } | |
289 | // This is only required once for a given key | |
1e59de90 | 290 | aes_gcm_pre_128(vector->K, gkey); |
7c673cae FG |
291 | |
292 | //// | |
293 | // ISA-l Encrypt | |
294 | //// | |
1e59de90 | 295 | aes_gcm_init_128(gkey, gctx, IV_c, vector->A, vector->Alen); |
7c673cae FG |
296 | |
297 | last_break = 0; | |
298 | i = (rand() % test_len / 32) & ALIGNMENT_MASK; | |
299 | while (i < (vector->Plen)) { | |
300 | if (i - last_break != 0) { | |
301 | stream = malloc(i - last_break); | |
302 | memcpy(stream, vector->P + last_break, i - last_break); | |
303 | } | |
1e59de90 TL |
304 | aes_gcm_enc_128_update(gkey, gctx, vector->C + last_break, stream, |
305 | i - last_break); | |
7c673cae FG |
306 | if (i - last_break != 0) |
307 | free(stream); | |
308 | ||
309 | if (rand() % 1024 == 0) { | |
310 | length = rand() % 100; | |
311 | mk_rand_data(rand_data, length); | |
312 | SHA1(rand_data, length, rand_data); | |
313 | } | |
314 | last_break = i; | |
315 | i = (rand() % test_len / 32) & ALIGNMENT_MASK; | |
316 | ||
317 | } | |
1e59de90 TL |
318 | aes_gcm_enc_128_update(gkey, gctx, vector->C + last_break, vector->P + last_break, |
319 | vector->Plen - last_break); | |
320 | if (gctx->in_length != vector->Plen) | |
321 | printf("%lu, %lu\n", gctx->in_length, vector->Plen); | |
322 | aes_gcm_enc_128_finalize(gkey, gctx, vector->T, vector->Tlen); | |
7c673cae FG |
323 | openssl_aes_gcm_enc(vector->K, vector->IV, |
324 | vector->IVlen, vector->A, vector->Alen, o_T_test, | |
325 | vector->Tlen, vector->P, vector->Plen, o_ct_test); | |
326 | OK |= | |
327 | check_data(vector->C, o_ct_test, vector->Plen, "OpenSSL vs ISA-L cypher text (C)"); | |
328 | OK |= | |
329 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L encrypt tag (T)"); | |
330 | ||
331 | memcpy(ct_test, vector->C, vector->Plen); | |
332 | memcpy(pt_test, vector->P, vector->Plen); | |
333 | memset(vector->P, 0, vector->Plen); | |
334 | memcpy(T_test, vector->T, vector->Tlen); | |
335 | memset(vector->T, 0, vector->Tlen); | |
336 | ||
337 | //// | |
338 | // ISA-l Decrypt | |
339 | //// | |
340 | ||
341 | last_break = 0; | |
342 | i = 0; | |
1e59de90 | 343 | aes_gcm_init_128(gkey, gctx, IV_c, vector->A, vector->Alen); |
7c673cae FG |
344 | while (i < (vector->Plen)) { |
345 | if (rand() % (test_len / 64) == 0) { | |
346 | if (i - last_break != 0) { | |
347 | stream = malloc(i - last_break); | |
348 | memcpy(stream, vector->C + last_break, i - last_break); | |
349 | } | |
1e59de90 TL |
350 | aes_gcm_dec_128_update(gkey, gctx, vector->P + last_break, stream, |
351 | i - last_break); | |
7c673cae FG |
352 | if (i - last_break != 0) |
353 | free(stream); | |
354 | ||
355 | if (rand() % 1024 == 0) { | |
356 | length = rand() % 100; | |
357 | ||
358 | mk_rand_data(rand_data, length); | |
359 | SHA1(rand_data, length, rand_data); | |
360 | } | |
361 | ||
362 | last_break = i; | |
363 | ||
364 | } | |
365 | if (rand() % 1024 != 0) | |
366 | i++; | |
367 | ||
368 | } | |
1e59de90 TL |
369 | aes_gcm_dec_128_update(gkey, gctx, vector->P + last_break, vector->C + last_break, |
370 | vector->Plen - last_break); | |
371 | aes_gcm_dec_128_finalize(gkey, gctx, vector->T, vector->Tlen); | |
7c673cae FG |
372 | |
373 | OK |= | |
374 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L decrypt tag (T)"); | |
375 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); | |
376 | memset(vector->P, 0, vector->Plen); | |
1e59de90 TL |
377 | aes_gcm_dec_128(gkey, gctx, vector->P, o_ct_test, vector->Plen, |
378 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
379 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); |
380 | result = | |
381 | openssl_aes_gcm_dec(vector->K, vector->IV, | |
382 | vector->IVlen, vector->A, vector->Alen, | |
383 | vector->T, vector->Tlen, vector->C, vector->Plen, pt_test); | |
384 | if (-1 == result) | |
385 | printf(" ISA-L->OpenSSL decryption failed Authentication\n"); | |
386 | OK |= (-1 == result); | |
387 | free(T_test); | |
388 | free(o_T_test); | |
389 | free(IV_c); | |
390 | free(pt_test); | |
391 | free(ct_test); | |
392 | free(o_ct_test); | |
393 | free(rand_data); | |
394 | ||
395 | return OK; | |
396 | } | |
397 | ||
1e59de90 TL |
398 | int check_strm_vector2(struct gcm_key_data *gkey, struct gcm_context_data *gctx, |
399 | gcm_vector * vector, int length, int start, int breaks) | |
7c673cae FG |
400 | { |
401 | uint8_t *pt_test = NULL; | |
402 | uint8_t *ct_test = NULL; | |
403 | uint8_t *o_ct_test = NULL; | |
404 | uint8_t *IV_c = NULL; | |
405 | uint8_t *T_test = NULL; | |
406 | uint8_t *o_T_test = NULL; | |
407 | uint8_t *stream = NULL; | |
7c673cae FG |
408 | uint64_t IV_alloc_len = 0; |
409 | int result; | |
410 | int OK = 0; | |
411 | uint32_t last_break = 0; | |
412 | int i = length; | |
413 | uint8_t *rand_data = NULL; | |
414 | ||
415 | rand_data = malloc(100); | |
416 | ||
417 | #ifdef GCM_VECTORS_VERBOSE | |
418 | printf("combination vector Keylen:%d IVlen:%d PTLen:%d AADlen:%d Tlen:%d\n", | |
419 | (int)vector->Klen, | |
420 | (int)vector->IVlen, (int)vector->Plen, (int)vector->Alen, (int)vector->Tlen); | |
421 | #else | |
422 | printf("."); | |
423 | #endif | |
424 | // Allocate space for the calculated ciphertext | |
425 | if (vector->Plen != 0) { | |
426 | pt_test = malloc(vector->Plen); | |
427 | ct_test = malloc(vector->Plen); | |
428 | o_ct_test = malloc(vector->Plen); | |
429 | if ((pt_test == NULL) || (ct_test == NULL) || (o_ct_test == NULL)) { | |
430 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
431 | return 1; | |
432 | } | |
433 | } | |
1e59de90 | 434 | IV_alloc_len = vector->IVlen; |
7c673cae FG |
435 | // Allocate space for the calculated ciphertext |
436 | IV_c = malloc(IV_alloc_len); | |
437 | if (IV_c == NULL) { | |
438 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
439 | return 1; | |
440 | } | |
7c673cae | 441 | memcpy(IV_c, vector->IV, vector->IVlen); |
7c673cae FG |
442 | |
443 | T_test = malloc(vector->Tlen); | |
444 | o_T_test = malloc(vector->Tlen); | |
445 | if ((T_test == NULL) || (o_T_test == NULL)) { | |
446 | fprintf(stderr, "Can't allocate tag memory\n"); | |
447 | return 1; | |
448 | } | |
449 | // This is only required once for a given key | |
1e59de90 | 450 | aes_gcm_pre_128(vector->K, gkey); |
7c673cae FG |
451 | |
452 | //// | |
453 | // ISA-l Encrypt | |
454 | //// | |
1e59de90 TL |
455 | aes_gcm_enc_128(gkey, gctx, vector->C, vector->P, vector->Plen, |
456 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
457 | aes_gcm_init_128(gkey, gctx, IV_c, vector->A, vector->Alen); | |
7c673cae FG |
458 | while (i < (vector->Plen)) { |
459 | if (i - last_break != 0) { | |
460 | stream = malloc(i - last_break); | |
461 | memcpy(stream, vector->P + last_break, i - last_break); | |
462 | } | |
1e59de90 TL |
463 | aes_gcm_enc_128_update(gkey, gctx, vector->C + last_break, stream, |
464 | i - last_break); | |
7c673cae FG |
465 | if (i - last_break != 0) |
466 | free(stream); | |
467 | last_break = i; | |
468 | i = i + (length - start) / breaks; | |
469 | ||
470 | } | |
1e59de90 TL |
471 | aes_gcm_enc_128_update(gkey, gctx, vector->C + last_break, vector->P + last_break, |
472 | vector->Plen - last_break); | |
473 | aes_gcm_enc_128_finalize(gkey, gctx, vector->T, vector->Tlen); | |
7c673cae FG |
474 | openssl_aes_gcm_enc(vector->K, vector->IV, |
475 | vector->IVlen, vector->A, vector->Alen, o_T_test, | |
476 | vector->Tlen, vector->P, vector->Plen, o_ct_test); | |
477 | ||
478 | OK |= | |
479 | check_data(vector->C, o_ct_test, vector->Plen, "OpenSSL vs ISA-L cypher text (C)"); | |
480 | OK |= | |
481 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L encrypt tag (T)"); | |
482 | ||
483 | memcpy(ct_test, vector->C, vector->Plen); | |
484 | memcpy(pt_test, vector->P, vector->Plen); | |
485 | memset(vector->P, 0, vector->Plen); | |
486 | memcpy(T_test, vector->T, vector->Tlen); | |
487 | memset(vector->T, 0, vector->Tlen); | |
488 | ||
489 | //// | |
490 | // ISA-l Decrypt | |
491 | //// | |
492 | ||
493 | last_break = 0; | |
494 | i = length; | |
1e59de90 | 495 | aes_gcm_init_128(gkey, gctx, IV_c, vector->A, vector->Alen); |
7c673cae FG |
496 | while (i < (vector->Plen)) { |
497 | if (i - last_break != 0) { | |
498 | stream = malloc(i - last_break); | |
499 | memcpy(stream, vector->C + last_break, i - last_break); | |
500 | } | |
1e59de90 TL |
501 | aes_gcm_dec_128_update(gkey, gctx, vector->P + last_break, stream, |
502 | i - last_break); | |
7c673cae FG |
503 | if (i - last_break != 0) |
504 | free(stream); | |
505 | last_break = i; | |
506 | i = i + (length - start) / breaks; | |
507 | ||
508 | } | |
509 | ||
1e59de90 TL |
510 | aes_gcm_dec_128_update(gkey, gctx, vector->P + last_break, vector->C + last_break, |
511 | vector->Plen - last_break); | |
512 | aes_gcm_dec_128_finalize(gkey, gctx, vector->T, vector->Tlen); | |
7c673cae FG |
513 | OK |= |
514 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L decrypt tag (T)"); | |
515 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); | |
516 | memset(vector->P, 0, vector->Plen); | |
1e59de90 TL |
517 | aes_gcm_dec_128(gkey, gctx, vector->P, o_ct_test, vector->Plen, |
518 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
519 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); |
520 | result = | |
521 | openssl_aes_gcm_dec(vector->K, vector->IV, | |
522 | vector->IVlen, vector->A, vector->Alen, | |
523 | vector->T, vector->Tlen, vector->C, vector->Plen, pt_test); | |
524 | if (-1 == result) | |
525 | printf(" ISA-L->OpenSSL decryption failed Authentication\n"); | |
526 | OK |= (-1 == result); | |
527 | free(rand_data); | |
528 | ||
529 | return OK; | |
530 | } | |
531 | ||
1e59de90 TL |
532 | int check_strm_vector_efence(struct gcm_key_data *gkey, struct gcm_context_data *gctx, |
533 | gcm_vector * vector) | |
7c673cae FG |
534 | { |
535 | uint8_t *pt_test = NULL; | |
536 | uint8_t *ct_test = NULL; | |
537 | uint8_t *o_ct_test = NULL; | |
538 | uint8_t *IV_c = NULL; | |
539 | uint8_t *T_test = NULL; | |
540 | uint8_t *o_T_test = NULL; | |
541 | uint8_t *stream = NULL; | |
7c673cae FG |
542 | uint64_t IV_alloc_len = 0; |
543 | int result; | |
544 | int OK = 0; | |
545 | uint32_t last_break = 0; | |
546 | int i = 1; | |
547 | uint8_t *rand_data = NULL; | |
548 | uint64_t length; | |
549 | ||
550 | rand_data = malloc(100); | |
551 | ||
552 | #ifdef GCM_VECTORS_VERBOSE | |
553 | printf("combination vector Keylen:%d IVlen:%d PTLen:%d AADlen:%d Tlen:%d\n", | |
554 | (int)vector->Klen, | |
555 | (int)vector->IVlen, (int)vector->Plen, (int)vector->Alen, (int)vector->Tlen); | |
556 | #else | |
557 | printf("."); | |
558 | #endif | |
559 | // Allocate space for the calculated ciphertext | |
560 | if (vector->Plen != 0) { | |
561 | pt_test = malloc(vector->Plen); | |
562 | ct_test = malloc(vector->Plen); | |
563 | o_ct_test = malloc(vector->Plen); | |
564 | if ((pt_test == NULL) || (ct_test == NULL) || (o_ct_test == NULL)) { | |
565 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
566 | return 1; | |
567 | } | |
568 | } | |
1e59de90 | 569 | IV_alloc_len = vector->IVlen; |
7c673cae FG |
570 | // Allocate space for the calculated ciphertext |
571 | IV_c = malloc(IV_alloc_len); | |
572 | if (IV_c == NULL) { | |
573 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
574 | return 1; | |
575 | } | |
7c673cae | 576 | memcpy(IV_c, vector->IV, vector->IVlen); |
7c673cae FG |
577 | |
578 | T_test = malloc(vector->Tlen); | |
579 | o_T_test = malloc(vector->Tlen); | |
580 | if ((T_test == NULL) || (o_T_test == NULL)) { | |
581 | fprintf(stderr, "Can't allocate tag memory\n"); | |
582 | return 1; | |
583 | } | |
584 | // This is only required once for a given key | |
1e59de90 | 585 | aes_gcm_pre_128(vector->K, gkey); |
7c673cae FG |
586 | |
587 | //// | |
588 | // ISA-l Encrypt | |
589 | //// | |
1e59de90 | 590 | aes_gcm_init_128(gkey, gctx, IV_c, vector->A, vector->Alen); |
7c673cae FG |
591 | while (i < vector->Plen) { |
592 | if (rand() % 2000 == 0 || i - last_break > PAGE_LEN / 2) { | |
593 | stream = malloc(PAGE_LEN); | |
594 | i = i & ALIGNMENT_MASK; | |
595 | memcpy(stream + PAGE_LEN - (i - last_break), vector->P + last_break, | |
596 | i - last_break); | |
1e59de90 TL |
597 | aes_gcm_enc_128_update(gkey, gctx, vector->C + last_break, |
598 | stream + PAGE_LEN - (i - last_break), | |
599 | i - last_break); | |
7c673cae FG |
600 | free(stream); |
601 | ||
602 | if (rand() % 1024 == 0) { | |
603 | length = rand() % 100; | |
604 | mk_rand_data(rand_data, length); | |
605 | SHA1(rand_data, length, rand_data); | |
606 | } | |
607 | last_break = i; | |
608 | } | |
609 | if (rand() % 1024 != 0) | |
610 | i++; | |
611 | ||
612 | } | |
1e59de90 TL |
613 | aes_gcm_enc_128_update(gkey, gctx, vector->C + last_break, vector->P + last_break, |
614 | vector->Plen - last_break); | |
615 | aes_gcm_enc_128_finalize(gkey, gctx, vector->T, vector->Tlen); | |
7c673cae FG |
616 | openssl_aes_gcm_enc(vector->K, vector->IV, |
617 | vector->IVlen, vector->A, vector->Alen, o_T_test, | |
618 | vector->Tlen, vector->P, vector->Plen, o_ct_test); | |
619 | OK |= | |
620 | check_data(vector->C, o_ct_test, vector->Plen, "OpenSSL vs ISA-L cypher text (C)"); | |
621 | OK |= | |
622 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L encrypt tag (T)"); | |
623 | ||
624 | memcpy(ct_test, vector->C, vector->Plen); | |
625 | memcpy(pt_test, vector->P, vector->Plen); | |
626 | memset(vector->P, 0, vector->Plen); | |
627 | memcpy(T_test, vector->T, vector->Tlen); | |
628 | memset(vector->T, 0, vector->Tlen); | |
629 | ||
630 | //// | |
631 | // ISA-l Decrypt | |
632 | //// | |
633 | ||
634 | last_break = 0; | |
635 | i = 0; | |
1e59de90 | 636 | aes_gcm_init_128(gkey, gctx, IV_c, vector->A, vector->Alen); |
7c673cae FG |
637 | while (i < vector->Plen) { |
638 | if (rand() % 2000 == 0 || i - last_break > PAGE_LEN / 2) { | |
639 | stream = malloc(PAGE_LEN); | |
640 | i = i & ALIGNMENT_MASK; | |
641 | memcpy(stream + PAGE_LEN - (i - last_break), vector->C + last_break, | |
642 | i - last_break); | |
1e59de90 TL |
643 | aes_gcm_dec_128_update(gkey, gctx, vector->P + last_break, |
644 | stream + PAGE_LEN - (i - last_break), | |
645 | i - last_break); | |
7c673cae FG |
646 | free(stream); |
647 | ||
648 | if (rand() % 1024 == 0) { | |
649 | length = rand() % 100; | |
650 | ||
651 | mk_rand_data(rand_data, length); | |
652 | SHA1(rand_data, length, rand_data); | |
653 | } | |
654 | ||
655 | last_break = i; | |
656 | ||
657 | } | |
658 | if (rand() % 1024 != 0) | |
659 | i++; | |
660 | ||
661 | } | |
1e59de90 TL |
662 | aes_gcm_dec_128_update(gkey, gctx, vector->P + last_break, vector->C + last_break, |
663 | vector->Plen - last_break); | |
664 | aes_gcm_dec_128_finalize(gkey, gctx, vector->T, vector->Tlen); | |
7c673cae FG |
665 | |
666 | OK |= | |
667 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L decrypt tag (T)"); | |
668 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); | |
669 | memset(vector->P, 0, vector->Plen); | |
1e59de90 TL |
670 | aes_gcm_dec_128(gkey, gctx, vector->P, o_ct_test, vector->Plen, |
671 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
672 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); |
673 | result = | |
674 | openssl_aes_gcm_dec(vector->K, vector->IV, | |
675 | vector->IVlen, vector->A, vector->Alen, | |
676 | vector->T, vector->Tlen, vector->C, vector->Plen, pt_test); | |
677 | if (-1 == result) | |
678 | printf(" ISA-L->OpenSSL decryption failed Authentication\n"); | |
679 | OK |= (-1 == result); | |
680 | free(T_test); | |
681 | free(o_T_test); | |
682 | free(IV_c); | |
683 | free(pt_test); | |
684 | free(ct_test); | |
685 | free(o_ct_test); | |
686 | free(rand_data); | |
687 | ||
688 | return OK; | |
689 | } | |
690 | ||
1e59de90 TL |
691 | int check_256_vector(struct gcm_key_data *gkey, struct gcm_context_data *gctx, |
692 | gcm_vector * vector) | |
7c673cae FG |
693 | { |
694 | uint8_t *pt_test = NULL; | |
695 | uint8_t *ct_test = NULL; | |
696 | uint8_t *o_ct_test = NULL; | |
697 | uint8_t *IV_c = NULL; | |
698 | uint8_t *T_test = NULL; | |
699 | uint8_t *o_T_test = NULL; | |
7c673cae FG |
700 | uint64_t IV_alloc_len = 0; |
701 | int result; | |
702 | int OK = 0; | |
703 | ||
704 | #ifdef GCM_VECTORS_VERBOSE | |
705 | printf("combination vector Keylen:%d IVlen:%d PTLen:%d AADlen:%d Tlen:%d\n", | |
706 | (int)vector->Klen, | |
707 | (int)vector->IVlen, (int)vector->Plen, (int)vector->Alen, (int)vector->Tlen); | |
708 | #else | |
709 | printf("."); | |
710 | #endif | |
711 | // Allocate space for the calculated ciphertext | |
712 | if (vector->Plen != 0) { | |
713 | pt_test = malloc(vector->Plen); | |
714 | ct_test = malloc(vector->Plen); | |
715 | o_ct_test = malloc(vector->Plen); | |
716 | if ((pt_test == NULL) || (ct_test == NULL) || (o_ct_test == NULL)) { | |
717 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
718 | return 1; | |
719 | } | |
720 | } | |
1e59de90 | 721 | IV_alloc_len = vector->IVlen; |
7c673cae FG |
722 | // Allocate space for the calculated ciphertext |
723 | IV_c = malloc(IV_alloc_len); | |
724 | if (IV_c == NULL) { | |
725 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
726 | return 1; | |
727 | } | |
7c673cae | 728 | memcpy(IV_c, vector->IV, vector->IVlen); |
7c673cae FG |
729 | |
730 | T_test = malloc(vector->Tlen); | |
731 | o_T_test = malloc(vector->Tlen); | |
732 | if ((T_test == NULL) || (o_T_test == NULL)) { | |
733 | fprintf(stderr, "Can't allocate tag memory\n"); | |
734 | return 1; | |
735 | } | |
736 | // This is only required once for a given key | |
1e59de90 | 737 | aes_gcm_pre_256(vector->K, gkey); |
7c673cae FG |
738 | |
739 | //// | |
740 | // ISA-l Encrypt | |
741 | //// | |
1e59de90 TL |
742 | aes_gcm_enc_256(gkey, gctx, vector->C, vector->P, vector->Plen, |
743 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
744 | openssl_aes_256_gcm_enc(vector->K, vector->IV, |
745 | vector->IVlen, vector->A, vector->Alen, o_T_test, | |
746 | vector->Tlen, vector->P, vector->Plen, o_ct_test); | |
747 | OK |= | |
748 | check_data(vector->C, o_ct_test, vector->Plen, "OpenSSL vs ISA-L cypher text (C)"); | |
749 | OK |= | |
750 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L encrypt tag (T)"); | |
751 | ||
752 | memcpy(ct_test, vector->C, vector->Plen); | |
753 | memcpy(pt_test, vector->P, vector->Plen); | |
754 | memset(vector->P, 0, vector->Plen); | |
755 | memcpy(T_test, vector->T, vector->Tlen); | |
756 | memset(vector->T, 0, vector->Tlen); | |
757 | ||
758 | //// | |
759 | // ISA-l Decrypt | |
760 | //// | |
1e59de90 TL |
761 | aes_gcm_dec_256(gkey, gctx, vector->P, vector->C, vector->Plen, |
762 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
763 | OK |= check_data(vector->T, T_test, vector->Tlen, "ISA-L decrypt vs encrypt tag (T)"); |
764 | OK |= | |
765 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L decrypt tag (T)"); | |
766 | OK |= | |
767 | check_data(pt_test, vector->P, vector->Plen, | |
768 | "ISA-L decrypted ISA-L plain text (P)"); | |
769 | memset(vector->P, 0, vector->Plen); | |
1e59de90 TL |
770 | aes_gcm_dec_256(gkey, gctx, vector->P, o_ct_test, vector->Plen, |
771 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
772 | OK |= |
773 | check_data(pt_test, vector->P, vector->Plen, | |
774 | "ISA-L decrypted OpenSSL plain text (P)"); | |
775 | result = | |
776 | openssl_aes_256_gcm_dec(vector->K, vector->IV, | |
777 | vector->IVlen, vector->A, vector->Alen, | |
778 | vector->T, vector->Tlen, vector->C, vector->Plen, pt_test); | |
779 | if (-1 == result) | |
780 | printf(" ISA-L->OpenSSL decryption failed Authentication\n"); | |
781 | OK |= (-1 == result); | |
782 | free(T_test); | |
783 | free(o_T_test); | |
784 | free(IV_c); | |
785 | free(pt_test); | |
786 | free(ct_test); | |
787 | free(o_ct_test); | |
788 | ||
789 | return OK; | |
790 | } | |
791 | ||
1e59de90 TL |
792 | int check_256_strm_vector(struct gcm_key_data *gkey, struct gcm_context_data *gctx, |
793 | gcm_vector * vector, int test_len) | |
7c673cae FG |
794 | { |
795 | uint8_t *pt_test = NULL; | |
796 | uint8_t *ct_test = NULL; | |
797 | uint8_t *o_ct_test = NULL; | |
798 | uint8_t *IV_c = NULL; | |
799 | uint8_t *T_test = NULL; | |
800 | uint8_t *o_T_test = NULL; | |
801 | uint8_t *stream = NULL; | |
7c673cae FG |
802 | uint64_t IV_alloc_len = 0; |
803 | int result; | |
804 | int OK = 0; | |
805 | uint32_t last_break; | |
806 | int i; | |
807 | uint8_t *rand_data = NULL; | |
808 | uint64_t length; | |
809 | ||
810 | rand_data = malloc(100); | |
811 | ||
812 | #ifdef GCM_VECTORS_VERBOSE | |
813 | printf("combination vector Keylen:%d IVlen:%d PTLen:%d AADlen:%d Tlen:%d\n", | |
814 | (int)vector->Klen, | |
815 | (int)vector->IVlen, (int)vector->Plen, (int)vector->Alen, (int)vector->Tlen); | |
816 | #else | |
817 | printf("."); | |
818 | #endif | |
819 | // Allocate space for the calculated ciphertext | |
820 | if (vector->Plen != 0) { | |
821 | pt_test = malloc(vector->Plen); | |
822 | ct_test = malloc(vector->Plen); | |
823 | o_ct_test = malloc(vector->Plen); | |
824 | if ((pt_test == NULL) || (ct_test == NULL) || (o_ct_test == NULL)) { | |
825 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
826 | return 1; | |
827 | } | |
828 | } | |
1e59de90 | 829 | IV_alloc_len = vector->IVlen; |
7c673cae FG |
830 | // Allocate space for the calculated ciphertext |
831 | IV_c = malloc(IV_alloc_len); | |
832 | if (IV_c == NULL) { | |
833 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
834 | return 1; | |
835 | } | |
7c673cae | 836 | memcpy(IV_c, vector->IV, vector->IVlen); |
7c673cae FG |
837 | |
838 | T_test = malloc(vector->Tlen); | |
839 | o_T_test = malloc(vector->Tlen); | |
840 | if ((T_test == NULL) || (o_T_test == NULL)) { | |
841 | fprintf(stderr, "Can't allocate tag memory\n"); | |
842 | return 1; | |
843 | } | |
844 | // This is only required once for a given key | |
1e59de90 | 845 | aes_gcm_pre_256(vector->K, gkey); |
7c673cae FG |
846 | |
847 | //// | |
848 | // ISA-l Encrypt | |
849 | //// | |
1e59de90 | 850 | aes_gcm_init_256(gkey, gctx, IV_c, vector->A, vector->Alen); |
7c673cae FG |
851 | |
852 | last_break = 0; | |
853 | i = (rand() % test_len / 32) & ALIGNMENT_MASK; | |
854 | while (i < (vector->Plen)) { | |
855 | if (i - last_break != 0) { | |
856 | stream = malloc(i - last_break); | |
857 | memcpy(stream, vector->P + last_break, i - last_break); | |
858 | } | |
859 | ||
1e59de90 TL |
860 | aes_gcm_enc_256_update(gkey, gctx, vector->C + last_break, stream, |
861 | i - last_break); | |
7c673cae FG |
862 | if (i - last_break != 0) |
863 | free(stream); | |
864 | ||
865 | if (rand() % 1024 == 0) { | |
866 | length = rand() % 100; | |
867 | mk_rand_data(rand_data, length); | |
868 | SHA1(rand_data, length, rand_data); | |
869 | } | |
870 | last_break = i; | |
871 | i += (rand() % test_len / 32) & ALIGNMENT_MASK; | |
872 | ||
873 | } | |
1e59de90 TL |
874 | aes_gcm_enc_256_update(gkey, gctx, vector->C + last_break, vector->P + last_break, |
875 | vector->Plen - last_break); | |
876 | if (gctx->in_length != vector->Plen) | |
877 | printf("%lu, %lu\n", gctx->in_length, vector->Plen); | |
878 | aes_gcm_enc_256_finalize(gkey, gctx, vector->T, vector->Tlen); | |
7c673cae FG |
879 | |
880 | openssl_aes_256_gcm_enc(vector->K, vector->IV, | |
881 | vector->IVlen, vector->A, vector->Alen, o_T_test, | |
882 | vector->Tlen, vector->P, vector->Plen, o_ct_test); | |
883 | OK |= | |
884 | check_data(vector->C, o_ct_test, vector->Plen, "OpenSSL vs ISA-L cypher text (C)"); | |
885 | OK |= | |
886 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L encrypt tag (T)"); | |
887 | ||
888 | memcpy(ct_test, vector->C, vector->Plen); | |
889 | memcpy(pt_test, vector->P, vector->Plen); | |
890 | memset(vector->P, 0, vector->Plen); | |
891 | memcpy(T_test, vector->T, vector->Tlen); | |
892 | memset(vector->T, 0, vector->Tlen); | |
893 | ||
894 | //// | |
895 | // ISA-l Decrypt | |
896 | //// | |
897 | ||
898 | last_break = 0; | |
899 | i += (rand() % test_len / 32) & ALIGNMENT_MASK; | |
1e59de90 | 900 | aes_gcm_init_256(gkey, gctx, IV_c, vector->A, vector->Alen); |
7c673cae FG |
901 | while (i < (vector->Plen)) { |
902 | if (i - last_break != 0) { | |
903 | stream = malloc(i - last_break); | |
904 | memcpy(stream, vector->C + last_break, i - last_break); | |
905 | } | |
906 | ||
1e59de90 TL |
907 | aes_gcm_dec_256_update(gkey, gctx, vector->P + last_break, stream, |
908 | i - last_break); | |
7c673cae FG |
909 | if (i - last_break != 0) |
910 | free(stream); | |
911 | ||
912 | if (rand() % 1024 == 0) { | |
913 | length = rand() % 100; | |
914 | ||
915 | mk_rand_data(rand_data, length); | |
916 | SHA1(rand_data, length, rand_data); | |
917 | } | |
918 | ||
919 | last_break = i; | |
920 | i += (rand() % test_len / 32) & ALIGNMENT_MASK; | |
921 | ||
7c673cae | 922 | } |
1e59de90 TL |
923 | aes_gcm_dec_256_update(gkey, gctx, vector->P + last_break, vector->C + last_break, |
924 | vector->Plen - last_break); | |
925 | aes_gcm_dec_256_finalize(gkey, gctx, vector->T, vector->Tlen); | |
7c673cae FG |
926 | |
927 | OK |= check_data(vector->T, T_test, vector->Tlen, "ISA-L decrypt vs encrypt tag (T)"); | |
928 | OK |= | |
929 | check_data(vector->T, o_T_test, vector->Tlen, "OpenSSL vs ISA-L decrypt tag (T)"); | |
930 | OK |= | |
931 | check_data(pt_test, vector->P, vector->Plen, | |
932 | "ISA-L decrypted ISA-L plain text (P)"); | |
933 | memset(vector->P, 0, vector->Plen); | |
1e59de90 TL |
934 | aes_gcm_dec_256(gkey, gctx, vector->P, o_ct_test, vector->Plen, |
935 | IV_c, vector->A, vector->Alen, vector->T, vector->Tlen); | |
7c673cae FG |
936 | OK |= |
937 | check_data(pt_test, vector->P, vector->Plen, | |
938 | "ISA-L decrypted OpenSSL plain text (P)"); | |
939 | result = | |
940 | openssl_aes_256_gcm_dec(vector->K, vector->IV, | |
941 | vector->IVlen, vector->A, vector->Alen, | |
942 | vector->T, vector->Tlen, vector->C, vector->Plen, pt_test); | |
943 | if (-1 == result) | |
944 | printf(" ISA-L->OpenSSL decryption failed Authentication\n"); | |
945 | OK |= (-1 == result); | |
946 | free(T_test); | |
947 | free(o_T_test); | |
948 | free(IV_c); | |
949 | free(pt_test); | |
950 | free(ct_test); | |
951 | free(o_ct_test); | |
952 | ||
953 | return OK; | |
954 | } | |
955 | ||
956 | int test_gcm_strm_efence(void) | |
957 | { | |
958 | gcm_vector test; | |
959 | int tag_len = 8; | |
960 | int t = 0; | |
1e59de90 TL |
961 | struct gcm_key_data *gkey = NULL; |
962 | struct gcm_context_data *gctx = NULL; | |
7c673cae | 963 | |
1e59de90 TL |
964 | gkey = malloc(sizeof(struct gcm_key_data)); |
965 | gctx = malloc(sizeof(struct gcm_context_data)); | |
966 | if (NULL == gkey || NULL == gctx) | |
7c673cae FG |
967 | return 1; |
968 | ||
969 | printf("AES GCM random efence test vectors with random stream:"); | |
970 | for (t = 0; RANDOMS > t; t++) { | |
971 | int Plen = (rand() % TEST_LEN); | |
972 | //lengths must be a multiple of 4 bytes | |
973 | int aad_len = (rand() % TEST_LEN); | |
974 | int offset = (rand() % MAX_UNALIGNED); | |
1e59de90 | 975 | if (offset == 0 && aad_len == 0) |
7c673cae FG |
976 | offset = OFFSET_BASE_VALUE; |
977 | ||
978 | if (0 == (t % 25)) | |
979 | printf("\n"); | |
980 | if (0 == (t % 10)) | |
981 | fflush(0); | |
982 | test.P = NULL; | |
983 | test.C = NULL; | |
984 | test.A = NULL; | |
985 | test.T = NULL; | |
986 | test.Plen = Plen; | |
987 | if (test.Plen + offset != 0) { | |
988 | test.P = malloc(test.Plen + offset); | |
989 | test.C = malloc(test.Plen + offset); | |
1e59de90 | 990 | } else { //This else clause is here because openssl 1.0.1k does not handle NULL pointers |
7c673cae FG |
991 | test.P = malloc(16); |
992 | test.C = malloc(16); | |
993 | } | |
994 | test.K = malloc(GCM_128_KEY_LEN + offset); | |
995 | test.Klen = GCM_128_KEY_LEN; | |
996 | test.IV = malloc(GCM_IV_DATA_LEN + offset); | |
997 | test.IVlen = GCM_IV_DATA_LEN; | |
998 | test.A = malloc(aad_len + offset); | |
999 | test.Alen = aad_len; | |
1000 | test.T = malloc(MAX_TAG_LEN + offset); | |
1001 | ||
1002 | if ((NULL == test.P && test.Plen != 0) || (NULL == test.K) | |
1003 | || (NULL == test.IV)) { | |
1004 | printf("malloc of testsize:0x%x failed\n", Plen); | |
1005 | return 1; | |
1006 | } | |
1007 | ||
1008 | test.P += offset; | |
1009 | test.C += offset; | |
1010 | test.K += offset; | |
1011 | test.IV += offset; | |
1012 | test.A += offset; | |
1013 | test.T += offset; | |
1014 | ||
1015 | mk_rand_data(test.P, test.Plen); | |
1016 | mk_rand_data(test.K, test.Klen); | |
1017 | mk_rand_data(test.IV, test.IVlen); | |
1018 | mk_rand_data(test.A, test.Alen); | |
1019 | ||
1020 | // single Key length of 128bits/16bytes supported | |
1021 | // single IV length of 96bits/12bytes supported | |
1022 | // Tag lengths of 8, 12 or 16 | |
1023 | for (tag_len = 8; tag_len <= MAX_TAG_LEN;) { | |
1024 | test.Tlen = tag_len; | |
1e59de90 | 1025 | if (0 != check_strm_vector_efence(gkey, gctx, &test)) |
7c673cae FG |
1026 | return 1; |
1027 | tag_len += 4; //supported lengths are 8, 12 or 16 | |
1028 | } | |
1029 | test.A -= offset; | |
1030 | free(test.A); | |
1031 | test.C -= offset; | |
1032 | free(test.C); | |
1033 | test.IV -= offset; | |
1034 | free(test.IV); | |
1035 | test.K -= offset; | |
1036 | free(test.K); | |
1037 | test.P -= offset; | |
1038 | free(test.P); | |
1039 | test.T -= offset; | |
1040 | free(test.T); | |
1041 | } | |
1042 | printf("\n"); | |
1e59de90 TL |
1043 | free(gkey); |
1044 | free(gctx); | |
7c673cae FG |
1045 | return 0; |
1046 | } | |
1047 | ||
1048 | int test_gcm_strm_combinations(int test_len) | |
1049 | { | |
1050 | gcm_vector test; | |
1051 | int tag_len = 8; | |
1052 | int t = 0; | |
1e59de90 TL |
1053 | uint8_t *gkeytemp = NULL; |
1054 | struct gcm_key_data *gkey = NULL; | |
1055 | struct gcm_context_data *gctx = NULL; | |
1056 | ||
1057 | gkeytemp = malloc(sizeof(struct gcm_key_data) + 16); | |
1058 | gctx = malloc(sizeof(struct gcm_context_data)); | |
1059 | gkey = (struct gcm_key_data *)(gkeytemp + rand() % 16); | |
1060 | if (NULL == gkey || NULL == gctx) | |
7c673cae FG |
1061 | return 1; |
1062 | ||
1063 | printf("AES GCM random test vectors with random stream of average size %d:", | |
1064 | test_len / 64); | |
1065 | for (t = 0; RANDOMS > t; t++) { | |
1e59de90 | 1066 | int Plen = 0; // (rand() % test_len); |
7c673cae FG |
1067 | //lengths must be a multiple of 4 bytes |
1068 | int aad_len = (rand() % test_len); | |
1069 | int offset = (rand() % MAX_UNALIGNED); | |
1e59de90 | 1070 | if (offset == 0 && aad_len == 0) |
7c673cae FG |
1071 | offset = OFFSET_BASE_VALUE; |
1072 | ||
1073 | if (0 == (t % 25)) | |
1074 | printf("\n"); | |
1075 | if (0 == (t % 10)) | |
1076 | fflush(0); | |
1077 | test.P = NULL; | |
1078 | test.C = NULL; | |
1079 | test.A = NULL; | |
1080 | test.T = NULL; | |
1081 | test.Plen = Plen; | |
1082 | if (test.Plen + offset != 0) { | |
1083 | test.P = malloc(test.Plen + offset); | |
1084 | test.C = malloc(test.Plen + offset); | |
1e59de90 | 1085 | } else { //This else clause is here because openssl 1.0.1k does not handle NULL pointers |
7c673cae FG |
1086 | test.P = malloc(16); |
1087 | test.C = malloc(16); | |
1088 | } | |
1089 | test.K = malloc(GCM_128_KEY_LEN + offset); | |
1090 | test.Klen = GCM_128_KEY_LEN; | |
1091 | test.IV = malloc(GCM_IV_DATA_LEN + offset); | |
1092 | test.IVlen = GCM_IV_DATA_LEN; | |
1093 | test.A = malloc(aad_len + offset); | |
1094 | ||
1095 | test.Alen = aad_len; | |
1096 | test.T = malloc(MAX_TAG_LEN + offset); | |
1097 | ||
1098 | if ((NULL == test.P && test.Plen != 0) || (NULL == test.K) | |
1099 | || (NULL == test.IV)) { | |
1100 | printf("malloc of testsize:0x%x failed\n", Plen); | |
1101 | return 1; | |
1102 | } | |
1103 | ||
1104 | test.P += offset; | |
1105 | test.C += offset; | |
1106 | test.K += offset; | |
1107 | test.IV += offset; | |
1108 | test.A += offset; | |
1109 | test.T += offset; | |
1110 | ||
1111 | mk_rand_data(test.P, test.Plen); | |
1112 | mk_rand_data(test.K, test.Klen); | |
1113 | mk_rand_data(test.IV, test.IVlen); | |
1114 | mk_rand_data(test.A, test.Alen); | |
1115 | ||
1116 | // single Key length of 128bits/16bytes supported | |
1117 | // single IV length of 96bits/12bytes supported | |
1118 | // Tag lengths of 8, 12 or 16 | |
1119 | for (tag_len = 8; tag_len <= MAX_TAG_LEN;) { | |
1120 | test.Tlen = tag_len; | |
1e59de90 | 1121 | if (0 != check_strm_vector(gkey, gctx, &test, test_len)) |
7c673cae FG |
1122 | return 1; |
1123 | tag_len += 4; //supported lengths are 8, 12 or 16 | |
1124 | } | |
1125 | test.A -= offset; | |
1126 | free(test.A); | |
1127 | test.C -= offset; | |
1128 | free(test.C); | |
1129 | test.IV -= offset; | |
1130 | free(test.IV); | |
1131 | test.K -= offset; | |
1132 | free(test.K); | |
1133 | test.P -= offset; | |
1134 | free(test.P); | |
1135 | test.T -= offset; | |
1136 | free(test.T); | |
1137 | } | |
1138 | printf("\n"); | |
1e59de90 TL |
1139 | free(gkeytemp); |
1140 | free(gctx); | |
7c673cae FG |
1141 | return 0; |
1142 | } | |
1143 | ||
1144 | int test_gcm_combinations(void) | |
1145 | { | |
1146 | gcm_vector test; | |
1147 | int tag_len = 8; | |
1148 | int t = 0; | |
1e59de90 TL |
1149 | struct gcm_key_data *gkey = NULL; |
1150 | struct gcm_context_data *gctx = NULL; | |
7c673cae | 1151 | |
1e59de90 TL |
1152 | gkey = malloc(sizeof(struct gcm_key_data)); |
1153 | gctx = malloc(sizeof(struct gcm_context_data)); | |
1154 | if (NULL == gkey || NULL == gctx) | |
7c673cae FG |
1155 | return 1; |
1156 | ||
1157 | printf("AES GCM random test vectors:"); | |
1158 | for (t = 0; RANDOMS > t; t++) { | |
1159 | int Plen = (rand() % TEST_LEN); | |
1160 | //lengths must be a multiple of 4 bytes | |
1161 | int aad_len = (rand() % TEST_LEN); | |
1162 | int offset = (rand() % MAX_UNALIGNED); | |
1e59de90 | 1163 | if (offset == 0 && aad_len == 0) |
7c673cae FG |
1164 | offset = OFFSET_BASE_VALUE; |
1165 | ||
1166 | if (0 == (t % 25)) | |
1167 | printf("\n"); | |
1168 | if (0 == (t % 10)) | |
1169 | fflush(0); | |
1170 | test.P = NULL; | |
1171 | test.C = NULL; | |
1172 | test.A = NULL; | |
1173 | test.T = NULL; | |
1174 | test.Plen = Plen; | |
1175 | if (test.Plen + offset != 0) { | |
1176 | test.P = malloc(test.Plen + offset); | |
1177 | test.C = malloc(test.Plen + offset); | |
1e59de90 | 1178 | } else { //This else clause is here because openssl 1.0.1k does not handle NULL pointers |
7c673cae FG |
1179 | test.P = malloc(16); |
1180 | test.C = malloc(16); | |
1181 | } | |
1182 | test.K = malloc(GCM_128_KEY_LEN + offset); | |
1183 | test.Klen = GCM_128_KEY_LEN; | |
1184 | test.IV = malloc(GCM_IV_DATA_LEN + offset); | |
1185 | test.IVlen = GCM_IV_DATA_LEN; | |
1186 | test.A = malloc(aad_len + offset); | |
1187 | ||
1188 | test.Alen = aad_len; | |
1189 | test.T = malloc(MAX_TAG_LEN + offset); | |
1190 | ||
1191 | if ((NULL == test.P && test.Plen != 0) || (NULL == test.K) | |
1192 | || (NULL == test.IV)) { | |
1193 | printf("malloc of testsize:0x%x failed\n", Plen); | |
1194 | return 1; | |
1195 | } | |
1196 | ||
1197 | test.P += offset; | |
1198 | test.C += offset; | |
1199 | test.K += offset; | |
1200 | test.IV += offset; | |
1201 | test.A += offset; | |
1202 | test.T += offset; | |
1203 | ||
1204 | mk_rand_data(test.P, test.Plen); | |
1205 | mk_rand_data(test.K, test.Klen); | |
1206 | mk_rand_data(test.IV, test.IVlen); | |
1207 | mk_rand_data(test.A, test.Alen); | |
1208 | ||
1209 | // single Key length of 128bits/16bytes supported | |
1210 | // single IV length of 96bits/12bytes supported | |
1211 | // Tag lengths of 8, 12 or 16 | |
1212 | for (tag_len = 8; tag_len <= MAX_TAG_LEN;) { | |
1213 | test.Tlen = tag_len; | |
1e59de90 | 1214 | if (0 != check_vector(gkey, gctx, &test)) |
7c673cae FG |
1215 | return 1; |
1216 | tag_len += 4; //supported lengths are 8, 12 or 16 | |
1217 | } | |
1218 | test.A -= offset; | |
1219 | free(test.A); | |
1220 | test.C -= offset; | |
1221 | free(test.C); | |
1222 | test.IV -= offset; | |
1223 | free(test.IV); | |
1224 | test.K -= offset; | |
1225 | free(test.K); | |
1226 | test.P -= offset; | |
1227 | free(test.P); | |
1228 | test.T -= offset; | |
1229 | free(test.T); | |
1230 | } | |
1231 | printf("\n"); | |
1e59de90 TL |
1232 | free(gkey); |
1233 | free(gctx); | |
7c673cae FG |
1234 | return 0; |
1235 | } | |
1236 | ||
1237 | int test_gcm256_combinations(void) | |
1238 | { | |
1239 | gcm_vector test; | |
1240 | int tag_len = 8; | |
1241 | int t = 0; | |
1e59de90 TL |
1242 | struct gcm_key_data *gkey = NULL; |
1243 | struct gcm_context_data *gctx = NULL; | |
7c673cae | 1244 | |
1e59de90 TL |
1245 | gkey = malloc(sizeof(struct gcm_key_data)); |
1246 | gctx = malloc(sizeof(struct gcm_context_data)); | |
1247 | if (NULL == gkey || NULL == gctx) | |
7c673cae FG |
1248 | return 1; |
1249 | ||
1250 | printf("AES-GCM-256 random test vectors:"); | |
1251 | for (t = 0; RANDOMS > t; t++) { | |
1252 | int Plen = (rand() % TEST_LEN); | |
1253 | //lengths must be a multiple of 4 bytes | |
1254 | int aad_len = (rand() % TEST_LEN); | |
1255 | int offset = (rand() % MAX_UNALIGNED); | |
1e59de90 | 1256 | if (offset == 0 && aad_len == 0) |
7c673cae FG |
1257 | offset = OFFSET_BASE_VALUE; |
1258 | ||
1259 | if (0 == (t % 25)) | |
1260 | printf("\n"); | |
1261 | if (0 == (t % 10)) | |
1262 | fflush(0); | |
1263 | test.P = NULL; | |
1264 | test.C = NULL; | |
1265 | test.A = NULL; | |
1266 | test.T = NULL; | |
1267 | test.Plen = Plen; | |
1268 | if (test.Plen + offset != 0) { | |
1269 | test.P = malloc(test.Plen + offset); | |
1270 | test.C = malloc(test.Plen + offset); | |
1e59de90 | 1271 | } else { //This else clause is here because openssl 1.0.1k does not handle NULL pointers |
7c673cae FG |
1272 | test.P = malloc(16); |
1273 | test.C = malloc(16); | |
1274 | } | |
1275 | test.K = malloc(GCM_256_KEY_LEN + offset); | |
1276 | test.Klen = GCM_256_KEY_LEN; | |
1277 | test.IV = malloc(GCM_IV_DATA_LEN + offset); | |
1278 | test.IVlen = GCM_IV_DATA_LEN; | |
1279 | test.A = malloc(aad_len + offset); | |
1280 | ||
1281 | test.Alen = aad_len; | |
1282 | test.T = malloc(MAX_TAG_LEN + offset); | |
1283 | ||
1284 | if ((NULL == test.P && test.Plen != 0) || (NULL == test.K) | |
1285 | || (NULL == test.IV)) { | |
1286 | printf("malloc of testsize:0x%x failed\n", Plen); | |
1287 | return 1; | |
1288 | } | |
1289 | ||
1290 | test.P += offset; | |
1291 | test.C += offset; | |
1292 | test.K += offset; | |
1293 | test.IV += offset; | |
1294 | test.A += offset; | |
1295 | test.T += offset; | |
1296 | ||
1297 | mk_rand_data(test.P, test.Plen); | |
1298 | mk_rand_data(test.K, test.Klen); | |
1299 | mk_rand_data(test.IV, test.IVlen); | |
1300 | mk_rand_data(test.A, test.Alen); | |
1301 | ||
1302 | // single Key length of 128bits/16bytes supported | |
1303 | // single IV length of 96bits/12bytes supported | |
1304 | // Tag lengths of 8, 12 or 16 | |
1305 | for (tag_len = 8; tag_len <= MAX_TAG_LEN;) { | |
1306 | test.Tlen = tag_len; | |
1e59de90 | 1307 | if (0 != check_256_vector(gkey, gctx, &test)) |
7c673cae FG |
1308 | return 1; |
1309 | tag_len += 4; //supported lengths are 8, 12 or 16 | |
1310 | } | |
1311 | test.A -= offset; | |
1312 | free(test.A); | |
1313 | test.C -= offset; | |
1314 | free(test.C); | |
1315 | test.IV -= offset; | |
1316 | free(test.IV); | |
1317 | test.K -= offset; | |
1318 | free(test.K); | |
1319 | test.P -= offset; | |
1320 | free(test.P); | |
1321 | test.T -= offset; | |
1322 | free(test.T); | |
1323 | } | |
1324 | printf("\n"); | |
1e59de90 TL |
1325 | free(gkey); |
1326 | free(gctx); | |
7c673cae FG |
1327 | return 0; |
1328 | } | |
1329 | ||
1330 | int test_gcm256_strm_combinations(int test_len) | |
1331 | { | |
1332 | gcm_vector test; | |
1333 | int tag_len = 8; | |
1334 | int t = 0; | |
1e59de90 TL |
1335 | uint8_t *gkeytemp = NULL; |
1336 | struct gcm_key_data *gkey = NULL; | |
1337 | struct gcm_context_data *gctx = NULL; | |
1338 | ||
1339 | gkeytemp = malloc(sizeof(struct gcm_key_data) + 16); | |
1340 | gctx = malloc(sizeof(struct gcm_context_data)); | |
1341 | gkey = (struct gcm_key_data *)(gkeytemp + rand() % 16); | |
1342 | if (NULL == gkey || NULL == gctx) | |
7c673cae FG |
1343 | return 1; |
1344 | ||
1345 | printf("AES-GCM-256 random test vectors with random stream of average size %d:", | |
1346 | test_len / 64); | |
1347 | for (t = 0; RANDOMS > t; t++) { | |
1348 | int Plen = (rand() % test_len); | |
1349 | //lengths must be a multiple of 4 bytes | |
1350 | int aad_len = (rand() % test_len); | |
1351 | int offset = (rand() % MAX_UNALIGNED); | |
1e59de90 | 1352 | if (offset == 0 && aad_len == 0) |
7c673cae FG |
1353 | offset = OFFSET_BASE_VALUE; |
1354 | ||
1355 | if (0 == (t % 25)) | |
1356 | printf("\n"); | |
1357 | if (0 == (t % 10)) | |
1358 | fflush(0); | |
1359 | test.P = NULL; | |
1360 | test.C = NULL; | |
1361 | test.A = NULL; | |
1362 | test.T = NULL; | |
1363 | test.Plen = Plen; | |
1364 | if (test.Plen + offset != 0) { | |
1365 | test.P = malloc(test.Plen + offset); | |
1366 | test.C = malloc(test.Plen + offset); | |
1e59de90 | 1367 | } else { //This else clause is here because openssl 1.0.1k does not handle NULL pointers |
7c673cae FG |
1368 | test.P = malloc(16); |
1369 | test.C = malloc(16); | |
1370 | } | |
1371 | test.K = malloc(GCM_256_KEY_LEN + offset); | |
1372 | test.Klen = GCM_256_KEY_LEN; | |
1373 | test.IV = malloc(GCM_IV_DATA_LEN + offset); | |
1374 | test.IVlen = GCM_IV_DATA_LEN; | |
1375 | test.A = malloc(aad_len + offset); | |
1376 | ||
1377 | test.Alen = aad_len; | |
1378 | test.T = malloc(MAX_TAG_LEN + offset); | |
1379 | ||
1380 | if ((NULL == test.P && test.Plen != 0) || (NULL == test.K) | |
1381 | || (NULL == test.IV)) { | |
1382 | printf("malloc of testsize:0x%x failed\n", Plen); | |
1383 | return 1; | |
1384 | } | |
1385 | ||
1386 | test.P += offset; | |
1387 | test.C += offset; | |
1388 | test.K += offset; | |
1389 | test.IV += offset; | |
1390 | test.A += offset; | |
1391 | test.T += offset; | |
1392 | ||
1393 | mk_rand_data(test.P, test.Plen); | |
1394 | mk_rand_data(test.K, test.Klen); | |
1395 | mk_rand_data(test.IV, test.IVlen); | |
1396 | mk_rand_data(test.A, test.Alen); | |
1397 | ||
1398 | // single Key length of 128bits/16bytes supported | |
1399 | // single IV length of 96bits/12bytes supported | |
1400 | // Tag lengths of 8, 12 or 16 | |
1401 | for (tag_len = 8; tag_len <= MAX_TAG_LEN;) { | |
1402 | test.Tlen = tag_len; | |
1e59de90 | 1403 | if (0 != check_256_strm_vector(gkey, gctx, &test, test_len)) |
7c673cae FG |
1404 | return 1; |
1405 | tag_len += 4; //supported lengths are 8, 12 or 16 | |
1406 | } | |
1407 | test.A -= offset; | |
1408 | free(test.A); | |
1409 | test.C -= offset; | |
1410 | free(test.C); | |
1411 | test.IV -= offset; | |
1412 | free(test.IV); | |
1413 | test.K -= offset; | |
1414 | free(test.K); | |
1415 | test.P -= offset; | |
1416 | free(test.P); | |
1417 | test.T -= offset; | |
1418 | free(test.T); | |
1419 | } | |
1420 | printf("\n"); | |
1e59de90 TL |
1421 | free(gkeytemp); |
1422 | free(gctx); | |
7c673cae FG |
1423 | return 0; |
1424 | } | |
1425 | ||
1426 | // | |
1427 | // place all data to end at a page boundary to check for read past the end | |
1428 | // | |
1429 | int test_gcm_efence(void) | |
1430 | { | |
1431 | gcm_vector test; | |
1432 | int offset = 0; | |
1433 | gcm_key_size key_len; | |
1e59de90 TL |
1434 | struct gcm_key_data *gkey = NULL; |
1435 | struct gcm_context_data *gctx = NULL; | |
7c673cae FG |
1436 | uint8_t *P, *C, *K, *IV, *A, *T; |
1437 | ||
1e59de90 TL |
1438 | gkey = malloc(sizeof(struct gcm_key_data)); |
1439 | gctx = malloc(sizeof(struct gcm_context_data)); | |
7c673cae FG |
1440 | P = malloc(PAGE_LEN); |
1441 | C = malloc(PAGE_LEN); | |
1442 | K = malloc(PAGE_LEN); | |
1443 | IV = malloc(PAGE_LEN); | |
1444 | A = malloc(PAGE_LEN); | |
1445 | T = malloc(PAGE_LEN); | |
1446 | if ((NULL == P) || (NULL == C) || (NULL == K) || (NULL == IV) || (NULL == A) | |
1e59de90 | 1447 | || (NULL == T) || (NULL == gkey) || (NULL == gctx)) { |
7c673cae FG |
1448 | printf("malloc of testsize:0x%x failed\n", PAGE_LEN); |
1449 | return -1; | |
1450 | } | |
1451 | ||
1452 | test.Plen = PAGE_LEN / 2; | |
1453 | // place buffers to end at page boundary | |
1454 | test.IVlen = GCM_IV_DATA_LEN; | |
1455 | test.Alen = test.Plen; | |
1456 | test.Tlen = MAX_TAG_LEN; | |
1457 | ||
1458 | printf("AES GCM efence test vectors:"); | |
1459 | for (key_len = GCM_128_KEY_LEN; GCM_256_KEY_LEN >= key_len; | |
1460 | key_len += (GCM_256_KEY_LEN - GCM_128_KEY_LEN)) { | |
1461 | test.Klen = key_len; | |
1462 | for (offset = 0; MAX_UNALIGNED > offset; offset++) { | |
1463 | if (0 == (offset % 80)) | |
1464 | printf("\n"); | |
1465 | // move the start and size of the data block towards the end of the page | |
1466 | test.Plen = (PAGE_LEN / 2) - offset; | |
1467 | test.Alen = (PAGE_LEN / 4) - (offset * 4); //lengths must be a multiple of 4 bytes | |
1468 | //Place data at end of page | |
1469 | test.P = P + PAGE_LEN - test.Plen; | |
1470 | test.C = C + PAGE_LEN - test.Plen; | |
1471 | test.K = K + PAGE_LEN - test.Klen; | |
1472 | test.IV = IV + PAGE_LEN - test.IVlen; | |
1473 | test.A = A + PAGE_LEN - test.Alen; | |
1474 | test.T = T + PAGE_LEN - test.Tlen; | |
1475 | ||
1476 | mk_rand_data(test.P, test.Plen); | |
1477 | mk_rand_data(test.K, test.Klen); | |
1478 | mk_rand_data(test.IV, test.IVlen); | |
1479 | mk_rand_data(test.A, test.Alen); | |
1480 | if (GCM_128_KEY_LEN == key_len) { | |
1e59de90 | 1481 | if (0 != check_vector(gkey, gctx, &test)) |
7c673cae FG |
1482 | return 1; |
1483 | } else { | |
1e59de90 | 1484 | if (0 != check_256_vector(gkey, gctx, &test)) |
7c673cae FG |
1485 | return 1; |
1486 | } | |
1487 | } | |
1488 | } | |
1e59de90 TL |
1489 | free(gkey); |
1490 | free(gctx); | |
7c673cae FG |
1491 | free(P); |
1492 | free(C); | |
1493 | free(K); | |
1494 | free(IV); | |
1495 | free(A); | |
1496 | free(T); | |
1497 | ||
1498 | printf("\n"); | |
1499 | return 0; | |
1500 | } | |
1501 | ||
1502 | int test_gcm128_std_vectors(gcm_vector const *vector) | |
1503 | { | |
1e59de90 TL |
1504 | struct gcm_key_data gkey; |
1505 | struct gcm_context_data gctx; | |
7c673cae FG |
1506 | int OK = 0; |
1507 | // Temporary array for the calculated vectors | |
1508 | uint8_t *ct_test = NULL; | |
1509 | uint8_t *pt_test = NULL; | |
1510 | uint8_t *IV_c = NULL; | |
1511 | uint8_t *T_test = NULL; | |
1512 | uint8_t *T2_test = NULL; | |
7c673cae FG |
1513 | uint64_t IV_alloc_len = 0; |
1514 | int result; | |
1515 | ||
1516 | #ifdef GCM_VECTORS_VERBOSE | |
1517 | printf("AES-GCM-128:\n"); | |
1518 | #endif | |
1519 | ||
1520 | // Allocate space for the calculated ciphertext | |
1521 | ct_test = malloc(vector->Plen); | |
1522 | if (ct_test == NULL) { | |
1523 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
1524 | return 1; | |
1525 | } | |
1526 | // Allocate space for the calculated ciphertext | |
1527 | pt_test = malloc(vector->Plen); | |
1528 | if (pt_test == NULL) { | |
1529 | fprintf(stderr, "Can't allocate plaintext memory\n"); | |
1530 | return 1; | |
1531 | } | |
1e59de90 | 1532 | IV_alloc_len = vector->IVlen; |
7c673cae FG |
1533 | // Allocate space for the calculated ciphertext |
1534 | IV_c = malloc(IV_alloc_len); | |
1535 | if (IV_c == NULL) { | |
1536 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
1537 | return 1; | |
1538 | } | |
7c673cae | 1539 | memcpy(IV_c, vector->IV, vector->IVlen); |
7c673cae FG |
1540 | |
1541 | T_test = malloc(vector->Tlen); | |
1542 | T2_test = malloc(vector->Tlen); | |
1543 | if ((T_test == NULL) || (T2_test == NULL)) { | |
1544 | fprintf(stderr, "Can't allocate tag memory\n"); | |
1545 | return 1; | |
1546 | } | |
1547 | // This is only required once for a given key | |
1e59de90 | 1548 | aes_gcm_pre_128(vector->K, &gkey); |
7c673cae | 1549 | #ifdef GCM_VECTORS_VERBOSE |
1e59de90 | 1550 | dump_gcm_data(&gkey); |
7c673cae FG |
1551 | #endif |
1552 | ||
1553 | //// | |
1554 | // ISA-l Encrypt | |
1555 | //// | |
1e59de90 TL |
1556 | aes_gcm_enc_128(&gkey, &gctx, ct_test, vector->P, vector->Plen, |
1557 | IV_c, vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1558 | OK |= check_data(ct_test, vector->C, vector->Plen, "ISA-L encrypted cypher text (C)"); |
1559 | OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L tag (T)"); | |
1560 | ||
1561 | openssl_aes_gcm_enc(vector->K, vector->IV, | |
1562 | vector->IVlen, vector->A, | |
1563 | vector->Alen, pt_test, vector->Tlen, | |
1564 | vector->P, vector->Plen, ct_test); | |
1565 | OK |= check_data(pt_test, T_test, vector->Tlen, "OpenSSL vs ISA-L tag (T)"); | |
1566 | // test of in-place encrypt | |
1567 | memcpy(pt_test, vector->P, vector->Plen); | |
1e59de90 TL |
1568 | aes_gcm_enc_128(&gkey, &gctx, pt_test, pt_test, vector->Plen, IV_c, |
1569 | vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1570 | OK |= |
1571 | check_data(pt_test, vector->C, vector->Plen, | |
1572 | "ISA-L encrypted cypher text(in-place)"); | |
1573 | memset(ct_test, 0, vector->Plen); | |
1574 | memset(T_test, 0, vector->Tlen); | |
1575 | ||
1576 | //// | |
1577 | // ISA-l Decrypt | |
1578 | //// | |
1e59de90 TL |
1579 | aes_gcm_dec_128(&gkey, &gctx, pt_test, vector->C, vector->Plen, |
1580 | IV_c, vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1581 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); |
1582 | // GCM decryption outputs a 16 byte tag value that must be verified against the expected tag value | |
1583 | OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L decrypted tag (T)"); | |
1584 | ||
1585 | // test in in-place decrypt | |
1586 | memcpy(ct_test, vector->C, vector->Plen); | |
1e59de90 TL |
1587 | aes_gcm_dec_128(&gkey, &gctx, ct_test, ct_test, vector->Plen, IV_c, |
1588 | vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1589 | OK |= check_data(ct_test, vector->P, vector->Plen, "ISA-L plain text (P) - in-place"); |
1590 | OK |= | |
1591 | check_data(T_test, vector->T, vector->Tlen, "ISA-L decrypted tag (T) - in-place"); | |
1592 | // ISA-L enc -> ISA-L dec | |
1e59de90 TL |
1593 | aes_gcm_enc_128(&gkey, &gctx, ct_test, vector->P, vector->Plen, |
1594 | IV_c, vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae | 1595 | memset(pt_test, 0, vector->Plen); |
1e59de90 TL |
1596 | aes_gcm_dec_128(&gkey, &gctx, pt_test, ct_test, vector->Plen, IV_c, |
1597 | vector->A, vector->Alen, T2_test, vector->Tlen); | |
7c673cae FG |
1598 | OK |= |
1599 | check_data(pt_test, vector->P, vector->Plen, | |
1600 | "ISA-L self decrypted plain text (P)"); | |
1601 | OK |= check_data(T_test, T2_test, vector->Tlen, "ISA-L self decrypted tag (T)"); | |
1602 | // OpenSSl enc -> ISA-L dec | |
1603 | openssl_aes_gcm_enc(vector->K, vector->IV, | |
1604 | vector->IVlen, vector->A, | |
1605 | vector->Alen, T_test, vector->Tlen, | |
1606 | vector->P, vector->Plen, ct_test); | |
1607 | OK |= | |
1608 | check_data(ct_test, vector->C, vector->Plen, "OpenSSL encrypted cypher text (C)"); | |
1609 | memset(pt_test, 0, vector->Plen); | |
1e59de90 TL |
1610 | aes_gcm_dec_128(&gkey, &gctx, pt_test, ct_test, vector->Plen, IV_c, |
1611 | vector->A, vector->Alen, T2_test, vector->Tlen); | |
7c673cae FG |
1612 | OK |= |
1613 | check_data(pt_test, vector->P, vector->Plen, | |
1614 | "OpenSSL->ISA-L decrypted plain text (P)"); | |
1615 | OK |= check_data(T_test, T2_test, vector->Tlen, "OpenSSL->ISA-L decrypted tag (T)"); | |
1616 | // ISA-L enc -> OpenSSl dec | |
1e59de90 TL |
1617 | aes_gcm_enc_128(&gkey, &gctx, ct_test, vector->P, vector->Plen, |
1618 | IV_c, vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1619 | memset(pt_test, 0, vector->Plen); |
1620 | result = | |
1621 | openssl_aes_gcm_dec(vector->K, vector->IV, | |
1622 | vector->IVlen, vector->A, | |
1623 | vector->Alen, T_test, vector->Tlen, | |
1624 | ct_test, vector->Plen, pt_test); | |
1625 | if (-1 == result) | |
1626 | printf(" ISA-L->OpenSSL decryption failed Authentication\n"); | |
1627 | OK |= (-1 == result); | |
1628 | OK |= check_data(pt_test, vector->P, vector->Plen, "OSSL decrypted plain text (C)"); | |
1629 | if (NULL != ct_test) | |
1630 | free(ct_test); | |
1631 | if (NULL != pt_test) | |
1632 | free(pt_test); | |
1633 | if (NULL != IV_c) | |
1634 | free(IV_c); | |
1635 | if (NULL != T_test) | |
1636 | free(T_test); | |
1637 | if (NULL != T2_test) | |
1638 | free(T2_test); | |
1639 | ||
1640 | return OK; | |
1641 | } | |
1642 | ||
1643 | int test_gcm256_std_vectors(gcm_vector const *vector) | |
1644 | { | |
1e59de90 TL |
1645 | struct gcm_key_data gkey; |
1646 | struct gcm_context_data gctx; | |
7c673cae FG |
1647 | int OK = 0; |
1648 | // Temporary array for the calculated vectors | |
1649 | uint8_t *ct_test = NULL; | |
1650 | uint8_t *pt_test = NULL; | |
1651 | uint8_t *IV_c = NULL; | |
1652 | uint8_t *T_test = NULL; | |
1653 | uint8_t *T2_test = NULL; | |
7c673cae FG |
1654 | uint64_t IV_alloc_len = 0; |
1655 | int result; | |
1656 | ||
1657 | #ifdef GCM_VECTORS_VERBOSE | |
1658 | printf("AES-GCM-256:\n"); | |
1659 | #endif | |
1660 | ||
1661 | // Allocate space for the calculated ciphertext | |
1662 | ct_test = malloc(vector->Plen); | |
1663 | // Allocate space for the calculated ciphertext | |
1664 | pt_test = malloc(vector->Plen); | |
1665 | if ((ct_test == NULL) || (pt_test == NULL)) { | |
1666 | fprintf(stderr, "Can't allocate ciphertext or plaintext memory\n"); | |
1667 | return 1; | |
1668 | } | |
1e59de90 | 1669 | IV_alloc_len = vector->IVlen; |
7c673cae FG |
1670 | // Allocate space for the calculated ciphertext |
1671 | IV_c = malloc(IV_alloc_len); | |
1672 | if (IV_c == NULL) { | |
1673 | fprintf(stderr, "Can't allocate ciphertext memory\n"); | |
1674 | return 1; | |
1675 | } | |
7c673cae | 1676 | memcpy(IV_c, vector->IV, vector->IVlen); |
7c673cae FG |
1677 | |
1678 | T_test = malloc(vector->Tlen); | |
1679 | T2_test = malloc(vector->Tlen); | |
1680 | if (T_test == NULL) { | |
1681 | fprintf(stderr, "Can't allocate tag memory\n"); | |
1682 | return 1; | |
1683 | } | |
1684 | // This is only required once for a given key | |
1e59de90 | 1685 | aes_gcm_pre_256(vector->K, &gkey); |
7c673cae | 1686 | #ifdef GCM_VECTORS_VERBOSE |
1e59de90 | 1687 | dump_gcm_data(&gkey); |
7c673cae FG |
1688 | #endif |
1689 | ||
1690 | //// | |
1691 | // ISA-l Encrypt | |
1692 | //// | |
1693 | memset(ct_test, 0, vector->Plen); | |
1e59de90 TL |
1694 | aes_gcm_enc_256(&gkey, &gctx, ct_test, vector->P, vector->Plen, |
1695 | IV_c, vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1696 | OK |= check_data(ct_test, vector->C, vector->Plen, "ISA-L encrypted cypher text (C)"); |
1697 | OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L tag (T)"); | |
1698 | ||
1699 | openssl_aes_256_gcm_enc(vector->K, vector->IV, | |
1700 | vector->IVlen, vector->A, | |
1701 | vector->Alen, pt_test, vector->Tlen, | |
1702 | vector->P, vector->Plen, ct_test); | |
1703 | OK |= check_data(ct_test, vector->C, vector->Tlen, "OpenSSL vs KA - cypher text (C)"); | |
1704 | OK |= check_data(pt_test, vector->T, vector->Tlen, "OpenSSL vs KA - tag (T)"); | |
1705 | OK |= check_data(pt_test, T_test, vector->Tlen, "OpenSSL vs ISA-L - tag (T)"); | |
1706 | // test of in-place encrypt | |
1707 | memcpy(pt_test, vector->P, vector->Plen); | |
1e59de90 TL |
1708 | aes_gcm_enc_256(&gkey, &gctx, pt_test, pt_test, vector->Plen, IV_c, |
1709 | vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1710 | OK |= |
1711 | check_data(pt_test, vector->C, vector->Plen, | |
1712 | "ISA-L encrypted cypher text(in-place)"); | |
1713 | memset(ct_test, 0, vector->Plen); | |
1714 | memset(T_test, 0, vector->Tlen); | |
1715 | ||
1716 | //// | |
1717 | // ISA-l Decrypt | |
1718 | //// | |
1e59de90 TL |
1719 | aes_gcm_dec_256(&gkey, &gctx, pt_test, vector->C, vector->Plen, |
1720 | IV_c, vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1721 | OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); |
1722 | // GCM decryption outputs a 16 byte tag value that must be verified against the expected tag value | |
1723 | OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L decrypted tag (T)"); | |
1724 | ||
1725 | // test in in-place decrypt | |
1726 | memcpy(ct_test, vector->C, vector->Plen); | |
1e59de90 TL |
1727 | aes_gcm_dec_256(&gkey, &gctx, ct_test, ct_test, vector->Plen, IV_c, |
1728 | vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1729 | OK |= check_data(ct_test, vector->P, vector->Plen, "ISA-L plain text (P) - in-place"); |
1730 | OK |= | |
1731 | check_data(T_test, vector->T, vector->Tlen, "ISA-L decrypted tag (T) - in-place"); | |
1732 | // ISA-L enc -> ISA-L dec | |
1e59de90 TL |
1733 | aes_gcm_enc_256(&gkey, &gctx, ct_test, vector->P, vector->Plen, |
1734 | IV_c, vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae | 1735 | memset(pt_test, 0, vector->Plen); |
1e59de90 TL |
1736 | aes_gcm_dec_256(&gkey, &gctx, pt_test, ct_test, vector->Plen, IV_c, |
1737 | vector->A, vector->Alen, T2_test, vector->Tlen); | |
7c673cae FG |
1738 | OK |= |
1739 | check_data(pt_test, vector->P, vector->Plen, | |
1740 | "ISA-L self decrypted plain text (P)"); | |
1741 | OK |= check_data(T_test, T2_test, vector->Tlen, "ISA-L self decrypted tag (T)"); | |
1742 | // OpenSSl enc -> ISA-L dec | |
1743 | openssl_aes_256_gcm_enc(vector->K, vector->IV, | |
1744 | vector->IVlen, vector->A, | |
1745 | vector->Alen, T_test, vector->Tlen, | |
1746 | vector->P, vector->Plen, ct_test); | |
1747 | OK |= | |
1748 | check_data(ct_test, vector->C, vector->Plen, "OpenSSL encrypted cypher text (C)"); | |
1749 | memset(pt_test, 0, vector->Plen); | |
1e59de90 TL |
1750 | aes_gcm_dec_256(&gkey, &gctx, pt_test, ct_test, vector->Plen, IV_c, |
1751 | vector->A, vector->Alen, T2_test, vector->Tlen); | |
7c673cae FG |
1752 | OK |= |
1753 | check_data(pt_test, vector->P, vector->Plen, | |
1754 | "OpenSSL->ISA-L decrypted plain text (P)"); | |
1755 | OK |= check_data(T_test, T2_test, vector->Tlen, "OpenSSL->ISA-L decrypted tag (T)"); | |
1756 | // ISA-L enc -> OpenSSl dec | |
1e59de90 TL |
1757 | aes_gcm_enc_256(&gkey, &gctx, ct_test, vector->P, vector->Plen, |
1758 | IV_c, vector->A, vector->Alen, T_test, vector->Tlen); | |
7c673cae FG |
1759 | memset(pt_test, 0, vector->Plen); |
1760 | result = | |
1761 | openssl_aes_256_gcm_dec(vector->K, vector->IV, | |
1762 | vector->IVlen, vector->A, | |
1763 | vector->Alen, T_test, vector->Tlen, | |
1764 | ct_test, vector->Plen, pt_test); | |
1765 | if (-1 == result) | |
1766 | printf(" ISA-L->OpenSSL decryption failed Authentication\n"); | |
1767 | OK |= (-1 == result); | |
1768 | OK |= check_data(pt_test, vector->P, vector->Plen, "OSSL decrypted plain text (C)"); | |
1769 | if (NULL != ct_test) | |
1770 | free(ct_test); | |
1771 | if (NULL != pt_test) | |
1772 | free(pt_test); | |
1773 | if (NULL != IV_c) | |
1774 | free(IV_c); | |
1775 | if (NULL != T_test) | |
1776 | free(T_test); | |
1777 | if (NULL != T2_test) | |
1778 | free(T2_test); | |
1779 | ||
1780 | return OK; | |
1781 | } | |
1782 | ||
1783 | int test_gcm_std_vectors(void) | |
1784 | { | |
1785 | int const vectors_cnt = sizeof(gcm_vectors) / sizeof(gcm_vectors[0]); | |
1786 | int vect; | |
1787 | int OK = 0; | |
1788 | ||
1789 | printf("AES-GCM standard test vectors:\n"); | |
1e59de90 | 1790 | for (vect = 0; vect < vectors_cnt; vect++) { |
7c673cae FG |
1791 | #ifdef GCM_VECTORS_VERBOSE |
1792 | printf | |
1793 | ("Standard vector %d/%d Keylen:%d IVlen:%d PTLen:%d AADlen:%d Tlen:%d\n", | |
1794 | vect, vectors_cnt - 1, (int)gcm_vectors[vect].Klen, | |
1795 | (int)gcm_vectors[vect].IVlen, (int)gcm_vectors[vect].Plen, | |
1796 | (int)gcm_vectors[vect].Alen, (int)gcm_vectors[vect].Tlen); | |
1797 | #else | |
1798 | printf("."); | |
1799 | #endif | |
1800 | ||
1801 | if (BITS_128 == gcm_vectors[vect].Klen) { | |
1802 | OK |= test_gcm128_std_vectors(&gcm_vectors[vect]); | |
1803 | } else { | |
1804 | OK |= test_gcm256_std_vectors(&gcm_vectors[vect]); | |
1805 | } | |
1806 | if (0 != OK) | |
1807 | return OK; | |
1808 | } | |
1809 | printf("\n"); | |
1810 | return OK; | |
1811 | } | |
1812 | ||
1813 | // The length of the data is set to length. The first stream is from 0 to start. After | |
1814 | // that the data is broken into breaks chunks of equal size (except possibly the last | |
1815 | // one due to divisibility). | |
1816 | int test_gcm_strm_combinations2(int length, int start, int breaks) | |
1817 | { | |
1818 | gcm_vector test; | |
1819 | int tag_len = 8; | |
1820 | int t = 0; | |
1e59de90 TL |
1821 | struct gcm_key_data *gkey = NULL; |
1822 | struct gcm_context_data *gctx = NULL; | |
7c673cae | 1823 | |
1e59de90 TL |
1824 | gkey = malloc(sizeof(struct gcm_key_data)); |
1825 | gctx = malloc(sizeof(struct gcm_context_data)); | |
1826 | if (NULL == gkey || NULL == gctx) | |
7c673cae FG |
1827 | return 1; |
1828 | ||
1829 | printf("AES GCM random test vectors of length %d and stream with %d breaks:", length, | |
1830 | breaks + 1); | |
1831 | for (t = 0; RANDOMS > t; t++) { | |
1832 | int Plen = length; | |
1833 | //lengths must be a multiple of 4 bytes | |
1834 | int aad_len = (rand() % TEST_LEN); | |
1835 | int offset = (rand() % MAX_UNALIGNED); | |
1e59de90 | 1836 | if (offset == 0 && aad_len == 0) |
7c673cae FG |
1837 | offset = OFFSET_BASE_VALUE; |
1838 | ||
1839 | if (0 == (t % 25)) | |
1840 | printf("\n"); | |
1841 | if (0 == (t % 10)) | |
1842 | fflush(0); | |
1843 | test.P = NULL; | |
1844 | test.C = NULL; | |
1845 | test.A = NULL; | |
1846 | test.T = NULL; | |
1847 | test.Plen = Plen; | |
1848 | if (test.Plen + offset != 0) { | |
1849 | test.P = malloc(test.Plen + offset); | |
1850 | test.C = malloc(test.Plen + offset); | |
1e59de90 | 1851 | } else { //This else clause is here because openssl 1.0.1k does not handle NULL pointers |
7c673cae FG |
1852 | test.P = malloc(16); |
1853 | test.C = malloc(16); | |
1854 | } | |
1855 | test.K = malloc(GCM_128_KEY_LEN + offset); | |
1856 | test.Klen = GCM_128_KEY_LEN; | |
1857 | test.IV = malloc(GCM_IV_DATA_LEN + offset); | |
1858 | test.IVlen = GCM_IV_DATA_LEN; | |
1859 | test.A = malloc(aad_len + offset); | |
1860 | ||
1861 | test.Alen = aad_len; | |
1862 | test.T = malloc(MAX_TAG_LEN + offset); | |
1863 | ||
1864 | if ((NULL == test.P && test.Plen != 0) || (NULL == test.K) | |
1865 | || (NULL == test.IV)) { | |
1866 | printf("malloc of testsize:0x%x failed\n", Plen); | |
1867 | return 1; | |
1868 | } | |
1869 | ||
1870 | test.P += offset; | |
1871 | test.C += offset; | |
1872 | test.K += offset; | |
1873 | test.IV += offset; | |
1874 | test.A += offset; | |
1875 | test.T += offset; | |
1876 | ||
1877 | mk_rand_data(test.P, test.Plen); | |
1878 | mk_rand_data(test.K, test.Klen); | |
1879 | mk_rand_data(test.IV, test.IVlen); | |
1880 | mk_rand_data(test.A, test.Alen); | |
1881 | ||
1882 | // single Key length of 128bits/16bytes supported | |
1883 | // single IV length of 96bits/12bytes supported | |
1884 | // Tag lengths of 8, 12 or 16 | |
1885 | for (tag_len = 8; tag_len <= MAX_TAG_LEN;) { | |
1886 | test.Tlen = tag_len; | |
1e59de90 | 1887 | if (0 != check_strm_vector2(gkey, gctx, &test, length, start, breaks)) |
7c673cae FG |
1888 | return 1; |
1889 | tag_len += 4; //supported lengths are 8, 12 or 16 | |
1890 | } | |
1891 | test.A -= offset; | |
1892 | free(test.A); | |
1893 | test.C -= offset; | |
1894 | free(test.C); | |
1895 | test.IV -= offset; | |
1896 | free(test.IV); | |
1897 | test.K -= offset; | |
1898 | free(test.K); | |
1899 | test.P -= offset; | |
1900 | free(test.P); | |
1901 | test.T -= offset; | |
1902 | free(test.T); | |
1903 | } | |
1904 | printf("\n"); | |
1e59de90 TL |
1905 | free(gkey); |
1906 | free(gctx); | |
7c673cae FG |
1907 | return 0; |
1908 | } | |
1909 | ||
1910 | int main(int argc, char **argv) | |
1911 | { | |
1912 | int errors = 0; | |
1913 | int seed; | |
1914 | ||
1915 | if (argc == 1) | |
1916 | seed = TEST_SEED; | |
1917 | else | |
1918 | seed = atoi(argv[1]); | |
1919 | ||
1920 | srand(seed); | |
1921 | printf("SEED: %d\n", seed); | |
1922 | ||
1923 | errors += test_gcm_std_vectors(); | |
1924 | errors += test_gcm256_combinations(); | |
1925 | errors += test_gcm_combinations(); | |
1926 | errors += test_gcm_efence(); | |
1927 | errors += test_gcm256_strm_combinations(TEST_LEN); | |
1928 | errors += test_gcm_strm_combinations(TEST_LEN); | |
1929 | errors += test_gcm256_strm_combinations(1024); | |
1930 | errors += test_gcm_strm_combinations(1024); | |
1931 | errors += test_gcm_strm_efence(); | |
1932 | errors += test_gcm_strm_combinations2(1024, 0, 1024); | |
1933 | ||
1934 | if (0 == errors) | |
1935 | printf("...Pass\n"); | |
1936 | else | |
1937 | printf("...Fail\n"); | |
1938 | ||
1939 | return errors; | |
1940 | } |