]> git.proxmox.com Git - mirror_qemu.git/blob - tests/test-crypto-xts.c
Merge remote-tracking branch 'remotes/aperard/tags/pull-xen-20200407' into staging
[mirror_qemu.git] / tests / test-crypto-xts.c
1 /*
2 * QEMU Crypto XTS cipher mode
3 *
4 * Copyright (c) 2015-2018 Red Hat, Inc.
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 *
19 * This code is originally derived from public domain / WTFPL code in
20 * LibTomCrypt crytographic library http://libtom.org. The XTS code
21 * was donated by Elliptic Semiconductor Inc (www.ellipticsemi.com)
22 * to the LibTom Projects
23 *
24 */
25
26 #include "qemu/osdep.h"
27 #include "crypto/init.h"
28 #include "crypto/xts.h"
29 #include "crypto/aes.h"
30
31 typedef struct {
32 const char *path;
33 int keylen;
34 unsigned char key1[32];
35 unsigned char key2[32];
36 uint64_t seqnum;
37 unsigned long PTLEN;
38 unsigned char PTX[512], CTX[512];
39 } QCryptoXTSTestData;
40
41 static const QCryptoXTSTestData test_data[] = {
42 /* #1 32 byte key, 32 byte PTX */
43 {
44 "/crypto/xts/t-1-key-32-ptx-32",
45 32,
46 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
47 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
48 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
49 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
50 0,
51 32,
52 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
53 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
54 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
55 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
56 { 0x91, 0x7c, 0xf6, 0x9e, 0xbd, 0x68, 0xb2, 0xec,
57 0x9b, 0x9f, 0xe9, 0xa3, 0xea, 0xdd, 0xa6, 0x92,
58 0xcd, 0x43, 0xd2, 0xf5, 0x95, 0x98, 0xed, 0x85,
59 0x8c, 0x02, 0xc2, 0x65, 0x2f, 0xbf, 0x92, 0x2e },
60 },
61
62 /* #2, 32 byte key, 32 byte PTX */
63 {
64 "/crypto/xts/t-2-key-32-ptx-32",
65 32,
66 { 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
67 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11 },
68 { 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
69 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 },
70 0x3333333333LL,
71 32,
72 { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
73 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
74 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
75 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 },
76 { 0xc4, 0x54, 0x18, 0x5e, 0x6a, 0x16, 0x93, 0x6e,
77 0x39, 0x33, 0x40, 0x38, 0xac, 0xef, 0x83, 0x8b,
78 0xfb, 0x18, 0x6f, 0xff, 0x74, 0x80, 0xad, 0xc4,
79 0x28, 0x93, 0x82, 0xec, 0xd6, 0xd3, 0x94, 0xf0 },
80 },
81
82 /* #5 from xts.7, 32 byte key, 32 byte PTX */
83 {
84 "/crypto/xts/t-5-key-32-ptx-32",
85 32,
86 { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
87 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 },
88 { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
89 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 },
90 0x123456789aLL,
91 32,
92 { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
93 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
94 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
95 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 },
96 { 0xb0, 0x1f, 0x86, 0xf8, 0xed, 0xc1, 0x86, 0x37,
97 0x06, 0xfa, 0x8a, 0x42, 0x53, 0xe3, 0x4f, 0x28,
98 0xaf, 0x31, 0x9d, 0xe3, 0x83, 0x34, 0x87, 0x0f,
99 0x4d, 0xd1, 0xf9, 0x4c, 0xbe, 0x98, 0x32, 0xf1 },
100 },
101
102 /* #4, 32 byte key, 512 byte PTX */
103 {
104 "/crypto/xts/t-4-key-32-ptx-512",
105 32,
106 { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45,
107 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26 },
108 { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93,
109 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95 },
110 0,
111 512,
112 {
113 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
114 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
115 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
116 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
117 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
118 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
119 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
120 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
121 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
122 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
123 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
124 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
125 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
126 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
127 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
128 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
129 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
130 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
131 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
132 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
133 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
134 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
135 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
136 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
137 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
138 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
139 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
140 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
141 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
142 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
143 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
144 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
145 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
146 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
147 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
148 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
149 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
150 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
151 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
152 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
153 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
154 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
155 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
156 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
157 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
158 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
159 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
160 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
161 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
162 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
163 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
164 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
165 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
166 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
167 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
168 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
169 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
170 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
171 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
172 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
173 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
174 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
175 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
176 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
177 },
178 {
179 0x27, 0xa7, 0x47, 0x9b, 0xef, 0xa1, 0xd4, 0x76,
180 0x48, 0x9f, 0x30, 0x8c, 0xd4, 0xcf, 0xa6, 0xe2,
181 0xa9, 0x6e, 0x4b, 0xbe, 0x32, 0x08, 0xff, 0x25,
182 0x28, 0x7d, 0xd3, 0x81, 0x96, 0x16, 0xe8, 0x9c,
183 0xc7, 0x8c, 0xf7, 0xf5, 0xe5, 0x43, 0x44, 0x5f,
184 0x83, 0x33, 0xd8, 0xfa, 0x7f, 0x56, 0x00, 0x00,
185 0x05, 0x27, 0x9f, 0xa5, 0xd8, 0xb5, 0xe4, 0xad,
186 0x40, 0xe7, 0x36, 0xdd, 0xb4, 0xd3, 0x54, 0x12,
187 0x32, 0x80, 0x63, 0xfd, 0x2a, 0xab, 0x53, 0xe5,
188 0xea, 0x1e, 0x0a, 0x9f, 0x33, 0x25, 0x00, 0xa5,
189 0xdf, 0x94, 0x87, 0xd0, 0x7a, 0x5c, 0x92, 0xcc,
190 0x51, 0x2c, 0x88, 0x66, 0xc7, 0xe8, 0x60, 0xce,
191 0x93, 0xfd, 0xf1, 0x66, 0xa2, 0x49, 0x12, 0xb4,
192 0x22, 0x97, 0x61, 0x46, 0xae, 0x20, 0xce, 0x84,
193 0x6b, 0xb7, 0xdc, 0x9b, 0xa9, 0x4a, 0x76, 0x7a,
194 0xae, 0xf2, 0x0c, 0x0d, 0x61, 0xad, 0x02, 0x65,
195 0x5e, 0xa9, 0x2d, 0xc4, 0xc4, 0xe4, 0x1a, 0x89,
196 0x52, 0xc6, 0x51, 0xd3, 0x31, 0x74, 0xbe, 0x51,
197 0xa1, 0x0c, 0x42, 0x11, 0x10, 0xe6, 0xd8, 0x15,
198 0x88, 0xed, 0xe8, 0x21, 0x03, 0xa2, 0x52, 0xd8,
199 0xa7, 0x50, 0xe8, 0x76, 0x8d, 0xef, 0xff, 0xed,
200 0x91, 0x22, 0x81, 0x0a, 0xae, 0xb9, 0x9f, 0x91,
201 0x72, 0xaf, 0x82, 0xb6, 0x04, 0xdc, 0x4b, 0x8e,
202 0x51, 0xbc, 0xb0, 0x82, 0x35, 0xa6, 0xf4, 0x34,
203 0x13, 0x32, 0xe4, 0xca, 0x60, 0x48, 0x2a, 0x4b,
204 0xa1, 0xa0, 0x3b, 0x3e, 0x65, 0x00, 0x8f, 0xc5,
205 0xda, 0x76, 0xb7, 0x0b, 0xf1, 0x69, 0x0d, 0xb4,
206 0xea, 0xe2, 0x9c, 0x5f, 0x1b, 0xad, 0xd0, 0x3c,
207 0x5c, 0xcf, 0x2a, 0x55, 0xd7, 0x05, 0xdd, 0xcd,
208 0x86, 0xd4, 0x49, 0x51, 0x1c, 0xeb, 0x7e, 0xc3,
209 0x0b, 0xf1, 0x2b, 0x1f, 0xa3, 0x5b, 0x91, 0x3f,
210 0x9f, 0x74, 0x7a, 0x8a, 0xfd, 0x1b, 0x13, 0x0e,
211 0x94, 0xbf, 0xf9, 0x4e, 0xff, 0xd0, 0x1a, 0x91,
212 0x73, 0x5c, 0xa1, 0x72, 0x6a, 0xcd, 0x0b, 0x19,
213 0x7c, 0x4e, 0x5b, 0x03, 0x39, 0x36, 0x97, 0xe1,
214 0x26, 0x82, 0x6f, 0xb6, 0xbb, 0xde, 0x8e, 0xcc,
215 0x1e, 0x08, 0x29, 0x85, 0x16, 0xe2, 0xc9, 0xed,
216 0x03, 0xff, 0x3c, 0x1b, 0x78, 0x60, 0xf6, 0xde,
217 0x76, 0xd4, 0xce, 0xcd, 0x94, 0xc8, 0x11, 0x98,
218 0x55, 0xef, 0x52, 0x97, 0xca, 0x67, 0xe9, 0xf3,
219 0xe7, 0xff, 0x72, 0xb1, 0xe9, 0x97, 0x85, 0xca,
220 0x0a, 0x7e, 0x77, 0x20, 0xc5, 0xb3, 0x6d, 0xc6,
221 0xd7, 0x2c, 0xac, 0x95, 0x74, 0xc8, 0xcb, 0xbc,
222 0x2f, 0x80, 0x1e, 0x23, 0xe5, 0x6f, 0xd3, 0x44,
223 0xb0, 0x7f, 0x22, 0x15, 0x4b, 0xeb, 0xa0, 0xf0,
224 0x8c, 0xe8, 0x89, 0x1e, 0x64, 0x3e, 0xd9, 0x95,
225 0xc9, 0x4d, 0x9a, 0x69, 0xc9, 0xf1, 0xb5, 0xf4,
226 0x99, 0x02, 0x7a, 0x78, 0x57, 0x2a, 0xee, 0xbd,
227 0x74, 0xd2, 0x0c, 0xc3, 0x98, 0x81, 0xc2, 0x13,
228 0xee, 0x77, 0x0b, 0x10, 0x10, 0xe4, 0xbe, 0xa7,
229 0x18, 0x84, 0x69, 0x77, 0xae, 0x11, 0x9f, 0x7a,
230 0x02, 0x3a, 0xb5, 0x8c, 0xca, 0x0a, 0xd7, 0x52,
231 0xaf, 0xe6, 0x56, 0xbb, 0x3c, 0x17, 0x25, 0x6a,
232 0x9f, 0x6e, 0x9b, 0xf1, 0x9f, 0xdd, 0x5a, 0x38,
233 0xfc, 0x82, 0xbb, 0xe8, 0x72, 0xc5, 0x53, 0x9e,
234 0xdb, 0x60, 0x9e, 0xf4, 0xf7, 0x9c, 0x20, 0x3e,
235 0xbb, 0x14, 0x0f, 0x2e, 0x58, 0x3c, 0xb2, 0xad,
236 0x15, 0xb4, 0xaa, 0x5b, 0x65, 0x50, 0x16, 0xa8,
237 0x44, 0x92, 0x77, 0xdb, 0xd4, 0x77, 0xef, 0x2c,
238 0x8d, 0x6c, 0x01, 0x7d, 0xb7, 0x38, 0xb1, 0x8d,
239 0xeb, 0x4a, 0x42, 0x7d, 0x19, 0x23, 0xce, 0x3f,
240 0xf2, 0x62, 0x73, 0x57, 0x79, 0xa4, 0x18, 0xf2,
241 0x0a, 0x28, 0x2d, 0xf9, 0x20, 0x14, 0x7b, 0xea,
242 0xbe, 0x42, 0x1e, 0xe5, 0x31, 0x9d, 0x05, 0x68,
243 }
244 },
245
246 /* #7, 32 byte key, 17 byte PTX */
247 {
248 "/crypto/xts/t-7-key-32-ptx-17",
249 32,
250 { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
251 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 },
252 { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
253 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 },
254 0x123456789aLL,
255 17,
256 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
257 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10 },
258 { 0x6c, 0x16, 0x25, 0xdb, 0x46, 0x71, 0x52, 0x2d,
259 0x3d, 0x75, 0x99, 0x60, 0x1d, 0xe7, 0xca, 0x09, 0xed },
260 },
261
262 /* #15, 32 byte key, 25 byte PTX */
263 {
264 "/crypto/xts/t-15-key-32-ptx-25",
265 32,
266 { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
267 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 },
268 { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
269 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 },
270 0x123456789aLL,
271 25,
272 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
273 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
274 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18 },
275 { 0x8f, 0x4d, 0xcb, 0xad, 0x55, 0x55, 0x8d, 0x7b,
276 0x4e, 0x01, 0xd9, 0x37, 0x9c, 0xd4, 0xea, 0x22,
277 0xed, 0xbf, 0x9d, 0xac, 0xe4, 0x5d, 0x6f, 0x6a, 0x73 },
278 },
279
280 /* #21, 32 byte key, 31 byte PTX */
281 {
282 "/crypto/xts/t-21-key-32-ptx-31",
283 32,
284 { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
285 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 },
286 { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8,
287 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 },
288 0x123456789aLL,
289 31,
290 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
291 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
292 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
293 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e },
294 { 0xd0, 0x5b, 0xc0, 0x90, 0xa8, 0xe0, 0x4f, 0x1b,
295 0x3d, 0x3e, 0xcd, 0xd5, 0xba, 0xec, 0x0f, 0xd4,
296 0xed, 0xbf, 0x9d, 0xac, 0xe4, 0x5d, 0x6f, 0x6a,
297 0x73, 0x06, 0xe6, 0x4b, 0xe5, 0xdd, 0x82 },
298 },
299 };
300
301 #define STORE64L(x, y) \
302 do { \
303 (y)[7] = (unsigned char)(((x) >> 56) & 255); \
304 (y)[6] = (unsigned char)(((x) >> 48) & 255); \
305 (y)[5] = (unsigned char)(((x) >> 40) & 255); \
306 (y)[4] = (unsigned char)(((x) >> 32) & 255); \
307 (y)[3] = (unsigned char)(((x) >> 24) & 255); \
308 (y)[2] = (unsigned char)(((x) >> 16) & 255); \
309 (y)[1] = (unsigned char)(((x) >> 8) & 255); \
310 (y)[0] = (unsigned char)((x) & 255); \
311 } while (0)
312
313 struct TestAES {
314 AES_KEY enc;
315 AES_KEY dec;
316 };
317
318 static void test_xts_aes_encrypt(const void *ctx,
319 size_t length,
320 uint8_t *dst,
321 const uint8_t *src)
322 {
323 const struct TestAES *aesctx = ctx;
324
325 AES_encrypt(src, dst, &aesctx->enc);
326 }
327
328
329 static void test_xts_aes_decrypt(const void *ctx,
330 size_t length,
331 uint8_t *dst,
332 const uint8_t *src)
333 {
334 const struct TestAES *aesctx = ctx;
335
336 AES_decrypt(src, dst, &aesctx->dec);
337 }
338
339
340 static void test_xts(const void *opaque)
341 {
342 const QCryptoXTSTestData *data = opaque;
343 uint8_t out[512], Torg[16], T[16];
344 uint64_t seq;
345 struct TestAES aesdata;
346 struct TestAES aestweak;
347
348 AES_set_encrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.enc);
349 AES_set_decrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.dec);
350 AES_set_encrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.enc);
351 AES_set_decrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.dec);
352
353 seq = data->seqnum;
354 STORE64L(seq, Torg);
355 memset(Torg + 8, 0, 8);
356
357 memcpy(T, Torg, sizeof(T));
358 xts_encrypt(&aesdata, &aestweak,
359 test_xts_aes_encrypt,
360 test_xts_aes_decrypt,
361 T, data->PTLEN, out, data->PTX);
362
363 g_assert(memcmp(out, data->CTX, data->PTLEN) == 0);
364
365 memcpy(T, Torg, sizeof(T));
366 xts_decrypt(&aesdata, &aestweak,
367 test_xts_aes_encrypt,
368 test_xts_aes_decrypt,
369 T, data->PTLEN, out, data->CTX);
370
371 g_assert(memcmp(out, data->PTX, data->PTLEN) == 0);
372 }
373
374
375 static void test_xts_split(const void *opaque)
376 {
377 const QCryptoXTSTestData *data = opaque;
378 uint8_t out[512], Torg[16], T[16];
379 uint64_t seq;
380 unsigned long len = data->PTLEN / 2;
381 struct TestAES aesdata;
382 struct TestAES aestweak;
383
384 AES_set_encrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.enc);
385 AES_set_decrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.dec);
386 AES_set_encrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.enc);
387 AES_set_decrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.dec);
388
389 seq = data->seqnum;
390 STORE64L(seq, Torg);
391 memset(Torg + 8, 0, 8);
392
393 memcpy(T, Torg, sizeof(T));
394 xts_encrypt(&aesdata, &aestweak,
395 test_xts_aes_encrypt,
396 test_xts_aes_decrypt,
397 T, len, out, data->PTX);
398 xts_encrypt(&aesdata, &aestweak,
399 test_xts_aes_encrypt,
400 test_xts_aes_decrypt,
401 T, len, &out[len], &data->PTX[len]);
402
403 g_assert(memcmp(out, data->CTX, data->PTLEN) == 0);
404
405 memcpy(T, Torg, sizeof(T));
406 xts_decrypt(&aesdata, &aestweak,
407 test_xts_aes_encrypt,
408 test_xts_aes_decrypt,
409 T, len, out, data->CTX);
410 xts_decrypt(&aesdata, &aestweak,
411 test_xts_aes_encrypt,
412 test_xts_aes_decrypt,
413 T, len, &out[len], &data->CTX[len]);
414
415 g_assert(memcmp(out, data->PTX, data->PTLEN) == 0);
416 }
417
418
419 static void test_xts_unaligned(const void *opaque)
420 {
421 #define BAD_ALIGN 3
422 const QCryptoXTSTestData *data = opaque;
423 uint8_t in[512 + BAD_ALIGN], out[512 + BAD_ALIGN];
424 uint8_t Torg[16], T[16 + BAD_ALIGN];
425 uint64_t seq;
426 struct TestAES aesdata;
427 struct TestAES aestweak;
428
429 AES_set_encrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.enc);
430 AES_set_decrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.dec);
431 AES_set_encrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.enc);
432 AES_set_decrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.dec);
433
434 seq = data->seqnum;
435 STORE64L(seq, Torg);
436 memset(Torg + 8, 0, 8);
437
438 /* IV not aligned */
439 memcpy(T + BAD_ALIGN, Torg, 16);
440 memcpy(in, data->PTX, data->PTLEN);
441 xts_encrypt(&aesdata, &aestweak,
442 test_xts_aes_encrypt,
443 test_xts_aes_decrypt,
444 T + BAD_ALIGN, data->PTLEN, out, in);
445
446 g_assert(memcmp(out, data->CTX, data->PTLEN) == 0);
447
448 /* plain text not aligned */
449 memcpy(T, Torg, 16);
450 memcpy(in + BAD_ALIGN, data->PTX, data->PTLEN);
451 xts_encrypt(&aesdata, &aestweak,
452 test_xts_aes_encrypt,
453 test_xts_aes_decrypt,
454 T, data->PTLEN, out, in + BAD_ALIGN);
455
456 g_assert(memcmp(out, data->CTX, data->PTLEN) == 0);
457
458 /* cipher text not aligned */
459 memcpy(T, Torg, 16);
460 memcpy(in, data->PTX, data->PTLEN);
461 xts_encrypt(&aesdata, &aestweak,
462 test_xts_aes_encrypt,
463 test_xts_aes_decrypt,
464 T, data->PTLEN, out + BAD_ALIGN, in);
465
466 g_assert(memcmp(out + BAD_ALIGN, data->CTX, data->PTLEN) == 0);
467
468
469 /* IV not aligned */
470 memcpy(T + BAD_ALIGN, Torg, 16);
471 memcpy(in, data->CTX, data->PTLEN);
472 xts_decrypt(&aesdata, &aestweak,
473 test_xts_aes_encrypt,
474 test_xts_aes_decrypt,
475 T + BAD_ALIGN, data->PTLEN, out, in);
476
477 g_assert(memcmp(out, data->PTX, data->PTLEN) == 0);
478
479 /* cipher text not aligned */
480 memcpy(T, Torg, 16);
481 memcpy(in + BAD_ALIGN, data->CTX, data->PTLEN);
482 xts_decrypt(&aesdata, &aestweak,
483 test_xts_aes_encrypt,
484 test_xts_aes_decrypt,
485 T, data->PTLEN, out, in + BAD_ALIGN);
486
487 g_assert(memcmp(out, data->PTX, data->PTLEN) == 0);
488
489 /* plain text not aligned */
490 memcpy(T, Torg, 16);
491 memcpy(in, data->CTX, data->PTLEN);
492 xts_decrypt(&aesdata, &aestweak,
493 test_xts_aes_encrypt,
494 test_xts_aes_decrypt,
495 T, data->PTLEN, out + BAD_ALIGN, in);
496
497 g_assert(memcmp(out + BAD_ALIGN, data->PTX, data->PTLEN) == 0);
498 }
499
500
501 int main(int argc, char **argv)
502 {
503 size_t i;
504
505 g_test_init(&argc, &argv, NULL);
506
507 g_assert(qcrypto_init(NULL) == 0);
508
509 for (i = 0; i < G_N_ELEMENTS(test_data); i++) {
510 gchar *path = g_strdup_printf("%s/basic", test_data[i].path);
511 g_test_add_data_func(path, &test_data[i], test_xts);
512 g_free(path);
513
514 /* skip the cases where the length is smaller than 2*blocklen
515 * or the length is not a multiple of 32
516 */
517 if ((test_data[i].PTLEN >= 32) && !(test_data[i].PTLEN % 32)) {
518 path = g_strdup_printf("%s/split", test_data[i].path);
519 g_test_add_data_func(path, &test_data[i], test_xts_split);
520 g_free(path);
521 }
522
523 path = g_strdup_printf("%s/unaligned", test_data[i].path);
524 g_test_add_data_func(path, &test_data[i], test_xts_unaligned);
525 g_free(path);
526 }
527
528 return g_test_run();
529 }