| /* test.c |
| * |
| * Copyright (C) 2006-2015 wolfSSL Inc. |
| * |
| * This file is part of wolfSSL. (formerly known as CyaSSL) |
| * |
| * wolfSSL is free software; you can redistribute it and/or modify |
| * it under the terms of the GNU General Public License as published by |
| * the Free Software Foundation; either version 2 of the License, or |
| * (at your option) any later version. |
| * |
| * wolfSSL is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| * GNU General Public License for more details. |
| * |
| * You should have received a copy of the GNU General Public License |
| * along with this program; if not, write to the Free Software |
| * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
| */ |
| |
| #ifdef HAVE_CONFIG_H |
| #include <config.h> |
| #endif |
| |
| #include <wolfssl/wolfcrypt/settings.h> |
| |
| #ifdef XMALLOC_USER |
| #include <stdlib.h> /* we're using malloc / free direct here */ |
| #endif |
| |
| #ifndef NO_CRYPT_TEST |
| |
| #ifdef WOLFSSL_TEST_CERT |
| #include <wolfssl/wolfcrypt/asn.h> |
| #else |
| #include <wolfssl/wolfcrypt/asn_public.h> |
| #endif |
| #include <wolfssl/wolfcrypt/md2.h> |
| #include <wolfssl/wolfcrypt/md5.h> |
| #include <wolfssl/wolfcrypt/md4.h> |
| #include <wolfssl/wolfcrypt/sha.h> |
| #include <wolfssl/wolfcrypt/sha256.h> |
| #include <wolfssl/wolfcrypt/sha512.h> |
| #include <wolfssl/wolfcrypt/arc4.h> |
| #include <wolfssl/wolfcrypt/random.h> |
| #include <wolfssl/wolfcrypt/coding.h> |
| #include <wolfssl/wolfcrypt/rsa.h> |
| #include <wolfssl/wolfcrypt/des3.h> |
| #include <wolfssl/wolfcrypt/aes.h> |
| #include <wolfssl/wolfcrypt/poly1305.h> |
| #include <wolfssl/wolfcrypt/camellia.h> |
| #include <wolfssl/wolfcrypt/hmac.h> |
| #include <wolfssl/wolfcrypt/dh.h> |
| #include <wolfssl/wolfcrypt/dsa.h> |
| #include <wolfssl/wolfcrypt/hc128.h> |
| #include <wolfssl/wolfcrypt/rabbit.h> |
| #include <wolfssl/wolfcrypt/chacha.h> |
| #include <wolfssl/wolfcrypt/chacha20_poly1305.h> |
| #include <wolfssl/wolfcrypt/pwdbased.h> |
| #include <wolfssl/wolfcrypt/ripemd.h> |
| #include <wolfssl/wolfcrypt/error-crypt.h> |
| #ifdef HAVE_ECC |
| #include <wolfssl/wolfcrypt/ecc.h> |
| #endif |
| #ifdef HAVE_CURVE25519 |
| #include <wolfssl/wolfcrypt/curve25519.h> |
| #endif |
| #ifdef HAVE_ED25519 |
| #include <wolfssl/wolfcrypt/ed25519.h> |
| #endif |
| #ifdef HAVE_BLAKE2 |
| #include <wolfssl/wolfcrypt/blake2.h> |
| #endif |
| #ifdef HAVE_LIBZ |
| #include <wolfssl/wolfcrypt/compress.h> |
| #endif |
| #ifdef HAVE_PKCS7 |
| #include <wolfssl/wolfcrypt/pkcs7.h> |
| #endif |
| #ifdef HAVE_FIPS |
| #include <wolfssl/wolfcrypt/fips_test.h> |
| #endif |
| |
| #ifdef _MSC_VER |
| /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ |
| #pragma warning(disable: 4996) |
| #endif |
| |
| #ifdef OPENSSL_EXTRA |
| #include <wolfssl/openssl/evp.h> |
| #include <wolfssl/openssl/rand.h> |
| #include <wolfssl/openssl/hmac.h> |
| #include <wolfssl/openssl/des.h> |
| #endif |
| |
| |
| #if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) \ |
| || !defined(NO_DH) |
| /* include test cert and key buffers for use with NO_FILESYSTEM */ |
| #if defined(WOLFSSL_MDK_ARM) |
| #include "cert_data.h" |
| /* use certs_test.c for initial data, so other |
| commands can share the data. */ |
| #else |
| #include <wolfssl/certs_test.h> |
| #endif |
| #endif |
| |
| #if defined(WOLFSSL_MDK_ARM) |
| #include <stdio.h> |
| #include <stdlib.h> |
| extern FILE * wolfSSL_fopen(const char *fname, const char *mode) ; |
| #define fopen wolfSSL_fopen |
| #endif |
| |
| #ifdef HAVE_NTRU |
| #include "ntru_crypto.h" |
| #endif |
| #ifdef HAVE_CAVIUM |
| #include "cavium_sysdep.h" |
| #include "cavium_common.h" |
| #include "cavium_ioctl.h" |
| #endif |
| |
| #ifdef FREESCALE_MQX |
| #include <mqx.h> |
| #include <fio.h> |
| #include <stdlib.h> |
| #else |
| #include <stdio.h> |
| #endif |
| |
| |
| #ifdef THREADX |
| /* since just testing, use THREADX log printf instead */ |
| int dc_log_printf(char*, ...); |
| #undef printf |
| #define printf dc_log_printf |
| #endif |
| |
| #include "wolfcrypt/test/test.h" |
| |
| |
| typedef struct testVector { |
| const char* input; |
| const char* output; |
| size_t inLen; |
| size_t outLen; |
| } testVector; |
| |
| int md2_test(void); |
| int md5_test(void); |
| int md4_test(void); |
| int sha_test(void); |
| int sha256_test(void); |
| int sha512_test(void); |
| int sha384_test(void); |
| int hmac_md5_test(void); |
| int hmac_sha_test(void); |
| int hmac_sha256_test(void); |
| int hmac_sha384_test(void); |
| int hmac_sha512_test(void); |
| int hmac_blake2b_test(void); |
| int hkdf_test(void); |
| int arc4_test(void); |
| int hc128_test(void); |
| int rabbit_test(void); |
| int chacha_test(void); |
| int chacha20_poly1305_aead_test(void); |
| int des_test(void); |
| int des3_test(void); |
| int aes_test(void); |
| int poly1305_test(void); |
| int aesgcm_test(void); |
| int gmac_test(void); |
| int aesccm_test(void); |
| int camellia_test(void); |
| int rsa_test(void); |
| int dh_test(void); |
| int dsa_test(void); |
| int random_test(void); |
| int pwdbased_test(void); |
| int ripemd_test(void); |
| int openssl_test(void); /* test mini api */ |
| int pbkdf1_test(void); |
| int pkcs12_test(void); |
| int pbkdf2_test(void); |
| #ifdef HAVE_ECC |
| int ecc_test(void); |
| #ifdef HAVE_ECC_ENCRYPT |
| int ecc_encrypt_test(void); |
| #endif |
| #endif |
| #ifdef HAVE_CURVE25519 |
| int curve25519_test(void); |
| #endif |
| #ifdef HAVE_ED25519 |
| int ed25519_test(void); |
| #endif |
| #ifdef HAVE_BLAKE2 |
| int blake2b_test(void); |
| #endif |
| #ifdef HAVE_LIBZ |
| int compress_test(void); |
| #endif |
| #ifdef HAVE_PKCS7 |
| int pkcs7enveloped_test(void); |
| int pkcs7signed_test(void); |
| #endif |
| |
| |
| /* General big buffer size for many tests. */ |
| #define FOURK_BUF 4096 |
| |
| |
| static int err_sys(const char* msg, int es) |
| |
| { |
| printf("%s error = %d\n", msg, es); |
| return -1; /* error state */ |
| } |
| |
| /* func_args from test.h, so don't have to pull in other junk */ |
| typedef struct func_args { |
| int argc; |
| char** argv; |
| int return_code; |
| } func_args; |
| |
| |
| #ifdef HAVE_FIPS |
| |
| static void myFipsCb(int ok, int err, const char* hash) |
| { |
| printf("in my Fips callback, ok = %d, err = %d\n", ok, err); |
| printf("message = %s\n", wc_GetErrorString(err)); |
| printf("hash = %s\n", hash); |
| |
| if (err == IN_CORE_FIPS_E) { |
| printf("In core integrity hash check failure, copy above hash\n"); |
| printf("into verifyCore[] in fips_test.c and rebuild\n"); |
| } |
| } |
| |
| #endif /* HAVE_FIPS */ |
| |
| |
| int wolfcrypt_test(void* args) |
| { |
| int ret = 0; |
| |
| ((func_args*)args)->return_code = -1; /* error state */ |
| |
| #ifdef HAVE_FIPS |
| wolfCrypt_SetCb_fips(myFipsCb); |
| #endif |
| |
| #if !defined(NO_BIG_INT) |
| if (CheckCtcSettings() != 1) |
| return err_sys("Build vs runtime math mismatch\n", -1234); |
| |
| #ifdef USE_FAST_MATH |
| if (CheckFastMathSettings() != 1) |
| return err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", |
| -1235); |
| #endif /* USE_FAST_MATH */ |
| #endif /* !NO_BIG_INT */ |
| |
| |
| #ifndef NO_MD5 |
| if ( (ret = md5_test()) != 0) |
| return err_sys("MD5 test failed!\n", ret); |
| else |
| printf( "MD5 test passed!\n"); |
| #endif |
| |
| #ifdef WOLFSSL_MD2 |
| if ( (ret = md2_test()) != 0) |
| return err_sys("MD2 test failed!\n", ret); |
| else |
| printf( "MD2 test passed!\n"); |
| #endif |
| |
| #ifndef NO_MD4 |
| if ( (ret = md4_test()) != 0) |
| return err_sys("MD4 test failed!\n", ret); |
| else |
| printf( "MD4 test passed!\n"); |
| #endif |
| |
| #ifndef NO_SHA |
| if ( (ret = sha_test()) != 0) |
| return err_sys("SHA test failed!\n", ret); |
| else |
| printf( "SHA test passed!\n"); |
| #endif |
| |
| #ifndef NO_SHA256 |
| if ( (ret = sha256_test()) != 0) |
| return err_sys("SHA-256 test failed!\n", ret); |
| else |
| printf( "SHA-256 test passed!\n"); |
| #endif |
| |
| #ifdef WOLFSSL_SHA384 |
| if ( (ret = sha384_test()) != 0) |
| return err_sys("SHA-384 test failed!\n", ret); |
| else |
| printf( "SHA-384 test passed!\n"); |
| #endif |
| |
| #ifdef WOLFSSL_SHA512 |
| if ( (ret = sha512_test()) != 0) |
| return err_sys("SHA-512 test failed!\n", ret); |
| else |
| printf( "SHA-512 test passed!\n"); |
| #endif |
| |
| #ifdef WOLFSSL_RIPEMD |
| if ( (ret = ripemd_test()) != 0) |
| return err_sys("RIPEMD test failed!\n", ret); |
| else |
| printf( "RIPEMD test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_BLAKE2 |
| if ( (ret = blake2b_test()) != 0) |
| return err_sys("BLAKE2b test failed!\n", ret); |
| else |
| printf( "BLAKE2b test passed!\n"); |
| #endif |
| |
| #ifndef NO_HMAC |
| #ifndef NO_MD5 |
| if ( (ret = hmac_md5_test()) != 0) |
| return err_sys("HMAC-MD5 test failed!\n", ret); |
| else |
| printf( "HMAC-MD5 test passed!\n"); |
| #endif |
| |
| #ifndef NO_SHA |
| if ( (ret = hmac_sha_test()) != 0) |
| return err_sys("HMAC-SHA test failed!\n", ret); |
| else |
| printf( "HMAC-SHA test passed!\n"); |
| #endif |
| |
| #ifndef NO_SHA256 |
| if ( (ret = hmac_sha256_test()) != 0) |
| return err_sys("HMAC-SHA256 test failed!\n", ret); |
| else |
| printf( "HMAC-SHA256 test passed!\n"); |
| #endif |
| |
| #ifdef WOLFSSL_SHA384 |
| if ( (ret = hmac_sha384_test()) != 0) |
| return err_sys("HMAC-SHA384 test failed!\n", ret); |
| else |
| printf( "HMAC-SHA384 test passed!\n"); |
| #endif |
| |
| #ifdef WOLFSSL_SHA512 |
| if ( (ret = hmac_sha512_test()) != 0) |
| return err_sys("HMAC-SHA512 test failed!\n", ret); |
| else |
| printf( "HMAC-SHA512 test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_BLAKE2 |
| if ( (ret = hmac_blake2b_test()) != 0) |
| return err_sys("HMAC-BLAKE2 test failed!\n", ret); |
| else |
| printf( "HMAC-BLAKE2 test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_HKDF |
| if ( (ret = hkdf_test()) != 0) |
| return err_sys("HMAC-KDF test failed!\n", ret); |
| else |
| printf( "HMAC-KDF test passed!\n"); |
| #endif |
| |
| #endif |
| |
| #ifdef HAVE_AESGCM |
| if ( (ret = gmac_test()) != 0) |
| return err_sys("GMAC test passed!\n", ret); |
| else |
| printf( "GMAC test passed!\n"); |
| #endif |
| |
| #ifndef NO_RC4 |
| if ( (ret = arc4_test()) != 0) |
| return err_sys("ARC4 test failed!\n", ret); |
| else |
| printf( "ARC4 test passed!\n"); |
| #endif |
| |
| #ifndef NO_HC128 |
| if ( (ret = hc128_test()) != 0) |
| return err_sys("HC-128 test failed!\n", ret); |
| else |
| printf( "HC-128 test passed!\n"); |
| #endif |
| |
| #ifndef NO_RABBIT |
| if ( (ret = rabbit_test()) != 0) |
| return err_sys("Rabbit test failed!\n", ret); |
| else |
| printf( "Rabbit test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_CHACHA |
| if ( (ret = chacha_test()) != 0) |
| return err_sys("Chacha test failed!\n", ret); |
| else |
| printf( "Chacha test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_POLY1305 |
| if ( (ret = poly1305_test()) != 0) |
| return err_sys("POLY1305 test failed!\n", ret); |
| else |
| printf( "POLY1305 test passed!\n"); |
| #endif |
| |
| #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) |
| if ( (ret = chacha20_poly1305_aead_test()) != 0) |
| return err_sys("ChaCha20-Poly1305 AEAD test failed!\n", ret); |
| else |
| printf( "ChaCha20-Poly1305 AEAD test passed!\n"); |
| #endif |
| |
| #ifndef NO_DES3 |
| if ( (ret = des_test()) != 0) |
| return err_sys("DES test failed!\n", ret); |
| else |
| printf( "DES test passed!\n"); |
| #endif |
| |
| #ifndef NO_DES3 |
| if ( (ret = des3_test()) != 0) |
| return err_sys("DES3 test failed!\n", ret); |
| else |
| printf( "DES3 test passed!\n"); |
| #endif |
| |
| #ifndef NO_AES |
| if ( (ret = aes_test()) != 0) |
| return err_sys("AES test failed!\n", ret); |
| else |
| printf( "AES test passed!\n"); |
| |
| #ifdef HAVE_AESGCM |
| if ( (ret = aesgcm_test()) != 0) |
| return err_sys("AES-GCM test failed!\n", ret); |
| else |
| printf( "AES-GCM test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_AESCCM |
| if ( (ret = aesccm_test()) != 0) |
| return err_sys("AES-CCM test failed!\n", ret); |
| else |
| printf( "AES-CCM test passed!\n"); |
| #endif |
| #endif |
| |
| #ifdef HAVE_CAMELLIA |
| if ( (ret = camellia_test()) != 0) |
| return err_sys("CAMELLIA test failed!\n", ret); |
| else |
| printf( "CAMELLIA test passed!\n"); |
| #endif |
| |
| if ( (ret = random_test()) != 0) |
| return err_sys("RANDOM test failed!\n", ret); |
| else |
| printf( "RANDOM test passed!\n"); |
| |
| #ifndef NO_RSA |
| if ( (ret = rsa_test()) != 0) |
| return err_sys("RSA test failed!\n", ret); |
| else |
| printf( "RSA test passed!\n"); |
| #endif |
| |
| #ifndef NO_DH |
| if ( (ret = dh_test()) != 0) |
| return err_sys("DH test failed!\n", ret); |
| else |
| printf( "DH test passed!\n"); |
| #endif |
| |
| #ifndef NO_DSA |
| if ( (ret = dsa_test()) != 0) |
| return err_sys("DSA test failed!\n", ret); |
| else |
| printf( "DSA test passed!\n"); |
| #endif |
| |
| #ifndef NO_PWDBASED |
| if ( (ret = pwdbased_test()) != 0) |
| return err_sys("PWDBASED test failed!\n", ret); |
| else |
| printf( "PWDBASED test passed!\n"); |
| #endif |
| |
| #ifdef OPENSSL_EXTRA |
| if ( (ret = openssl_test()) != 0) |
| return err_sys("OPENSSL test failed!\n", ret); |
| else |
| printf( "OPENSSL test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_ECC |
| if ( (ret = ecc_test()) != 0) |
| return err_sys("ECC test failed!\n", ret); |
| else |
| printf( "ECC test passed!\n"); |
| #ifdef HAVE_ECC_ENCRYPT |
| if ( (ret = ecc_encrypt_test()) != 0) |
| return err_sys("ECC Enc test failed!\n", ret); |
| else |
| printf( "ECC Enc test passed!\n"); |
| #endif |
| #endif |
| |
| #ifdef HAVE_CURVE25519 |
| if ( (ret = curve25519_test()) != 0) |
| return err_sys("CURVE25519 test failed!\n", ret); |
| else |
| printf( "CURVE25519 test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_ED25519 |
| if ( (ret = ed25519_test()) != 0) |
| return err_sys("ED25519 test failed!\n", ret); |
| else |
| printf( "ED25519 test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_LIBZ |
| if ( (ret = compress_test()) != 0) |
| return err_sys("COMPRESS test failed!\n", ret); |
| else |
| printf( "COMPRESS test passed!\n"); |
| #endif |
| |
| #ifdef HAVE_PKCS7 |
| if ( (ret = pkcs7enveloped_test()) != 0) |
| return err_sys("PKCS7enveloped test failed!\n", ret); |
| else |
| printf( "PKCS7enveloped test passed!\n"); |
| |
| if ( (ret = pkcs7signed_test()) != 0) |
| return err_sys("PKCS7signed test failed!\n", ret); |
| else |
| printf( "PKCS7signed test passed!\n"); |
| #endif |
| |
| ((func_args*)args)->return_code = ret; |
| |
| return ret; |
| } |
| |
| |
| #ifndef NO_MAIN_DRIVER |
| |
| #ifdef HAVE_CAVIUM |
| |
| static int OpenNitroxDevice(int dma_mode,int dev_id) |
| { |
| Csp1CoreAssignment core_assign; |
| Uint32 device; |
| |
| if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) |
| return -1; |
| if (Csp1GetDevType(&device)) |
| return -1; |
| if (device != NPX_DEVICE) { |
| if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, |
| (Uint32 *)&core_assign)!= 0) |
| return -1; |
| } |
| CspShutdown(CAVIUM_DEV_ID); |
| |
| return CspInitialize(dma_mode, dev_id); |
| } |
| |
| #endif /* HAVE_CAVIUM */ |
| |
| /* so overall tests can pull in test function */ |
| |
| int main(int argc, char** argv) |
| { |
| |
| func_args args; |
| |
| |
| #ifdef HAVE_CAVIUM |
| int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); |
| if (ret != 0) { |
| err_sys("Cavium OpenNitroxDevice failed", -1236); |
| return -1236; |
| } |
| #endif /* HAVE_CAVIUM */ |
| |
| args.argc = argc; |
| args.argv = argv; |
| |
| wolfcrypt_test(&args); |
| |
| #ifdef HAVE_CAVIUM |
| CspShutdown(CAVIUM_DEV_ID); |
| #endif |
| |
| return args.return_code; |
| } |
| |
| #endif /* NO_MAIN_DRIVER */ |
| |
| |
| #ifdef WOLFSSL_MD2 |
| int md2_test() |
| { |
| Md2 md2; |
| byte hash[MD2_DIGEST_SIZE]; |
| |
| testVector a, b, c, d, e, f, g; |
| testVector test_md2[7]; |
| int times = sizeof(test_md2) / sizeof(testVector), i; |
| |
| a.input = ""; |
| a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69" |
| "\x27\x73"; |
| a.inLen = strlen(a.input); |
| a.outLen = MD2_DIGEST_SIZE; |
| |
| b.input = "a"; |
| b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0" |
| "\xb5\xd1"; |
| b.inLen = strlen(b.input); |
| b.outLen = MD2_DIGEST_SIZE; |
| |
| c.input = "abc"; |
| c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde" |
| "\xd6\xbb"; |
| c.inLen = strlen(c.input); |
| c.outLen = MD2_DIGEST_SIZE; |
| |
| d.input = "message digest"; |
| d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe" |
| "\x06\xb0"; |
| d.inLen = strlen(d.input); |
| d.outLen = MD2_DIGEST_SIZE; |
| |
| e.input = "abcdefghijklmnopqrstuvwxyz"; |
| e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47" |
| "\x94\x0b"; |
| e.inLen = strlen(e.input); |
| e.outLen = MD2_DIGEST_SIZE; |
| |
| f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" |
| "6789"; |
| f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03" |
| "\x38\xcd"; |
| f.inLen = strlen(f.input); |
| f.outLen = MD2_DIGEST_SIZE; |
| |
| g.input = "1234567890123456789012345678901234567890123456789012345678" |
| "9012345678901234567890"; |
| g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3" |
| "\xef\xd8"; |
| g.inLen = strlen(g.input); |
| g.outLen = MD2_DIGEST_SIZE; |
| |
| test_md2[0] = a; |
| test_md2[1] = b; |
| test_md2[2] = c; |
| test_md2[3] = d; |
| test_md2[4] = e; |
| test_md2[5] = f; |
| test_md2[6] = g; |
| |
| wc_InitMd2(&md2); |
| |
| for (i = 0; i < times; ++i) { |
| wc_Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen); |
| wc_Md2Final(&md2, hash); |
| |
| if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0) |
| return -155 - i; |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| #ifndef NO_MD5 |
| int md5_test(void) |
| { |
| Md5 md5; |
| byte hash[MD5_DIGEST_SIZE]; |
| |
| testVector a, b, c, d, e; |
| testVector test_md5[5]; |
| int times = sizeof(test_md5) / sizeof(testVector), i; |
| |
| a.input = "abc"; |
| a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f" |
| "\x72"; |
| a.inLen = strlen(a.input); |
| a.outLen = MD5_DIGEST_SIZE; |
| |
| b.input = "message digest"; |
| b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61" |
| "\xd0"; |
| b.inLen = strlen(b.input); |
| b.outLen = MD5_DIGEST_SIZE; |
| |
| c.input = "abcdefghijklmnopqrstuvwxyz"; |
| c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1" |
| "\x3b"; |
| c.inLen = strlen(c.input); |
| c.outLen = MD5_DIGEST_SIZE; |
| |
| d.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" |
| "6789"; |
| d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d" |
| "\x9f"; |
| d.inLen = strlen(d.input); |
| d.outLen = MD5_DIGEST_SIZE; |
| |
| e.input = "1234567890123456789012345678901234567890123456789012345678" |
| "9012345678901234567890"; |
| e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" |
| "\x7a"; |
| e.inLen = strlen(e.input); |
| e.outLen = MD5_DIGEST_SIZE; |
| |
| test_md5[0] = a; |
| test_md5[1] = b; |
| test_md5[2] = c; |
| test_md5[3] = d; |
| test_md5[4] = e; |
| |
| wc_InitMd5(&md5); |
| |
| for (i = 0; i < times; ++i) { |
| wc_Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen); |
| wc_Md5Final(&md5, hash); |
| |
| if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0) |
| return -5 - i; |
| } |
| |
| return 0; |
| } |
| #endif /* NO_MD5 */ |
| |
| |
| #ifndef NO_MD4 |
| |
| int md4_test(void) |
| { |
| Md4 md4; |
| byte hash[MD4_DIGEST_SIZE]; |
| |
| testVector a, b, c, d, e, f, g; |
| testVector test_md4[7]; |
| int times = sizeof(test_md4) / sizeof(testVector), i; |
| |
| a.input = ""; |
| a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" |
| "\xc0"; |
| a.inLen = strlen(a.input); |
| a.outLen = MD4_DIGEST_SIZE; |
| |
| b.input = "a"; |
| b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" |
| "\x24"; |
| b.inLen = strlen(b.input); |
| b.outLen = MD4_DIGEST_SIZE; |
| |
| c.input = "abc"; |
| c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" |
| "\x9d"; |
| c.inLen = strlen(c.input); |
| c.outLen = MD4_DIGEST_SIZE; |
| |
| d.input = "message digest"; |
| d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" |
| "\x4b"; |
| d.inLen = strlen(d.input); |
| d.outLen = MD4_DIGEST_SIZE; |
| |
| e.input = "abcdefghijklmnopqrstuvwxyz"; |
| e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" |
| "\xa9"; |
| e.inLen = strlen(e.input); |
| e.outLen = MD4_DIGEST_SIZE; |
| |
| f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" |
| "6789"; |
| f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" |
| "\xe4"; |
| f.inLen = strlen(f.input); |
| f.outLen = MD4_DIGEST_SIZE; |
| |
| g.input = "1234567890123456789012345678901234567890123456789012345678" |
| "9012345678901234567890"; |
| g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" |
| "\x36"; |
| g.inLen = strlen(g.input); |
| g.outLen = MD4_DIGEST_SIZE; |
| |
| test_md4[0] = a; |
| test_md4[1] = b; |
| test_md4[2] = c; |
| test_md4[3] = d; |
| test_md4[4] = e; |
| test_md4[5] = f; |
| test_md4[6] = g; |
| |
| wc_InitMd4(&md4); |
| |
| for (i = 0; i < times; ++i) { |
| wc_Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen); |
| wc_Md4Final(&md4, hash); |
| |
| if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0) |
| return -205 - i; |
| } |
| |
| return 0; |
| } |
| |
| #endif /* NO_MD4 */ |
| |
| #ifndef NO_SHA |
| |
| int sha_test(void) |
| { |
| Sha sha; |
| byte hash[SHA_DIGEST_SIZE]; |
| |
| testVector a, b, c, d; |
| testVector test_sha[4]; |
| int ret; |
| int times = sizeof(test_sha) / sizeof(struct testVector), i; |
| |
| a.input = "abc"; |
| a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2" |
| "\x6C\x9C\xD0\xD8\x9D"; |
| a.inLen = strlen(a.input); |
| a.outLen = SHA_DIGEST_SIZE; |
| |
| b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; |
| b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29" |
| "\xE5\xE5\x46\x70\xF1"; |
| b.inLen = strlen(b.input); |
| b.outLen = SHA_DIGEST_SIZE; |
| |
| c.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| "aaaaaa"; |
| c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44" |
| "\x2A\x25\xEC\x64\x4D"; |
| c.inLen = strlen(c.input); |
| c.outLen = SHA_DIGEST_SIZE; |
| |
| d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" |
| "aaaaaaaaaa"; |
| d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" |
| "\x53\x99\x5E\x26\xA0"; |
| d.inLen = strlen(d.input); |
| d.outLen = SHA_DIGEST_SIZE; |
| |
| test_sha[0] = a; |
| test_sha[1] = b; |
| test_sha[2] = c; |
| test_sha[3] = d; |
| |
| ret = wc_InitSha(&sha); |
| if (ret != 0) |
| return -4001; |
| |
| for (i = 0; i < times; ++i) { |
| wc_ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); |
| wc_ShaFinal(&sha, hash); |
| |
| if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0) |
| return -10 - i; |
| } |
| |
| return 0; |
| } |
| |
| #endif /* NO_SHA */ |
| |
| #ifdef WOLFSSL_RIPEMD |
| int ripemd_test(void) |
| { |
| RipeMd ripemd; |
| byte hash[RIPEMD_DIGEST_SIZE]; |
| |
| testVector a, b, c, d; |
| testVector test_ripemd[4]; |
| int times = sizeof(test_ripemd) / sizeof(struct testVector), i; |
| |
| a.input = "abc"; |
| a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6" |
| "\xb0\x87\xf1\x5a\x0b\xfc"; |
| a.inLen = strlen(a.input); |
| a.outLen = RIPEMD_DIGEST_SIZE; |
| |
| b.input = "message digest"; |
| b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8" |
| "\x5f\xfa\x21\x59\x5f\x36"; |
| b.inLen = strlen(b.input); |
| b.outLen = RIPEMD_DIGEST_SIZE; |
| |
| c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; |
| c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc" |
| "\xf4\x9a\xda\x62\xeb\x2b"; |
| c.inLen = strlen(c.input); |
| c.outLen = RIPEMD_DIGEST_SIZE; |
| |
| d.input = "12345678901234567890123456789012345678901234567890123456" |
| "789012345678901234567890"; |
| d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab" |
| "\x82\xbf\x63\x32\x6b\xfb"; |
| d.inLen = strlen(d.input); |
| d.outLen = RIPEMD_DIGEST_SIZE; |
| |
| test_ripemd[0] = a; |
| test_ripemd[1] = b; |
| test_ripemd[2] = c; |
| test_ripemd[3] = d; |
| |
| wc_InitRipeMd(&ripemd); |
| |
| for (i = 0; i < times; ++i) { |
| wc_RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input, |
| (word32)test_ripemd[i].inLen); |
| wc_RipeMdFinal(&ripemd, hash); |
| |
| if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0) |
| return -10 - i; |
| } |
| |
| return 0; |
| } |
| #endif /* WOLFSSL_RIPEMD */ |
| |
| |
| #ifdef HAVE_BLAKE2 |
| |
| |
| #define BLAKE2_TESTS 3 |
| |
| static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] = |
| { |
| { |
| 0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03, |
| 0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72, |
| 0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61, |
| 0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19, |
| 0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53, |
| 0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B, |
| 0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55, |
| 0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE |
| }, |
| { |
| 0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95, |
| 0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7, |
| 0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44, |
| 0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C, |
| 0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB, |
| 0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4, |
| 0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48, |
| 0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B |
| }, |
| { |
| 0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9, |
| 0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72, |
| 0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF, |
| 0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15, |
| 0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB, |
| 0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04, |
| 0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1, |
| 0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5 |
| } |
| }; |
| |
| |
| |
| int blake2b_test(void) |
| { |
| Blake2b b2b; |
| byte digest[64]; |
| byte input[64]; |
| int i, ret; |
| |
| for (i = 0; i < (int)sizeof(input); i++) |
| input[i] = (byte)i; |
| |
| for (i = 0; i < BLAKE2_TESTS; i++) { |
| ret = wc_InitBlake2b(&b2b, 64); |
| if (ret != 0) |
| return -4002; |
| |
| ret = wc_Blake2bUpdate(&b2b, input, i); |
| if (ret != 0) |
| return -4003; |
| |
| ret = wc_Blake2bFinal(&b2b, digest, 64); |
| if (ret != 0) |
| return -4004; |
| |
| if (memcmp(digest, blake2b_vec[i], 64) != 0) { |
| return -300 - i; |
| } |
| } |
| |
| return 0; |
| } |
| #endif /* HAVE_BLAKE2 */ |
| |
| |
| #ifndef NO_SHA256 |
| int sha256_test(void) |
| { |
| Sha256 sha; |
| byte hash[SHA256_DIGEST_SIZE]; |
| |
| testVector a, b; |
| testVector test_sha[2]; |
| int ret; |
| int times = sizeof(test_sha) / sizeof(struct testVector), i; |
| |
| a.input = "abc"; |
| a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22" |
| "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" |
| "\x15\xAD"; |
| a.inLen = strlen(a.input); |
| a.outLen = SHA256_DIGEST_SIZE; |
| |
| b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; |
| b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" |
| "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" |
| "\x06\xC1"; |
| b.inLen = strlen(b.input); |
| b.outLen = SHA256_DIGEST_SIZE; |
| |
| test_sha[0] = a; |
| test_sha[1] = b; |
| |
| ret = wc_InitSha256(&sha); |
| if (ret != 0) |
| return -4005; |
| |
| for (i = 0; i < times; ++i) { |
| ret = wc_Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); |
| if (ret != 0) |
| return -4006; |
| ret = wc_Sha256Final(&sha, hash); |
| if (ret != 0) |
| return -4007; |
| |
| if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0) |
| return -10 - i; |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| |
| #ifdef WOLFSSL_SHA512 |
| int sha512_test(void) |
| { |
| Sha512 sha; |
| byte hash[SHA512_DIGEST_SIZE]; |
| int ret; |
| |
| testVector a, b; |
| testVector test_sha[2]; |
| int times = sizeof(test_sha) / sizeof(struct testVector), i; |
| |
| a.input = "abc"; |
| a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" |
| "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55" |
| "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3" |
| "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f" |
| "\xa5\x4c\xa4\x9f"; |
| a.inLen = strlen(a.input); |
| a.outLen = SHA512_DIGEST_SIZE; |
| |
| b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" |
| "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; |
| b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" |
| "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" |
| "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" |
| "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" |
| "\x87\x4b\xe9\x09"; |
| b.inLen = strlen(b.input); |
| b.outLen = SHA512_DIGEST_SIZE; |
| |
| test_sha[0] = a; |
| test_sha[1] = b; |
| |
| ret = wc_InitSha512(&sha); |
| if (ret != 0) |
| return -4009; |
| |
| for (i = 0; i < times; ++i) { |
| ret = wc_Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); |
| if (ret != 0) |
| return -4010; |
| |
| ret = wc_Sha512Final(&sha, hash); |
| if (ret != 0) |
| return -4011; |
| |
| if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0) |
| return -10 - i; |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| |
| #ifdef WOLFSSL_SHA384 |
| int sha384_test(void) |
| { |
| Sha384 sha; |
| byte hash[SHA384_DIGEST_SIZE]; |
| int ret; |
| |
| testVector a, b; |
| testVector test_sha[2]; |
| int times = sizeof(test_sha) / sizeof(struct testVector), i; |
| |
| a.input = "abc"; |
| a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" |
| "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff" |
| "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" |
| "\xc8\x25\xa7"; |
| a.inLen = strlen(a.input); |
| a.outLen = SHA384_DIGEST_SIZE; |
| |
| b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" |
| "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; |
| b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" |
| "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" |
| "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" |
| "\x74\x60\x39"; |
| b.inLen = strlen(b.input); |
| b.outLen = SHA384_DIGEST_SIZE; |
| |
| test_sha[0] = a; |
| test_sha[1] = b; |
| |
| ret = wc_InitSha384(&sha); |
| if (ret != 0) |
| return -4012; |
| |
| for (i = 0; i < times; ++i) { |
| ret = wc_Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); |
| if (ret != 0) |
| return -4013; |
| |
| ret = wc_Sha384Final(&sha, hash); |
| if (ret != 0) |
| return -4014; |
| |
| if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0) |
| return -10 - i; |
| } |
| |
| return 0; |
| } |
| #endif /* WOLFSSL_SHA384 */ |
| |
| |
| #if !defined(NO_HMAC) && !defined(NO_MD5) |
| int hmac_md5_test(void) |
| { |
| Hmac hmac; |
| byte hash[MD5_DIGEST_SIZE]; |
| |
| const char* keys[]= |
| { |
| "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", |
| "Jefe", |
| "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" |
| }; |
| |
| testVector a, b, c; |
| testVector test_hmac[3]; |
| |
| int ret; |
| int times = sizeof(test_hmac) / sizeof(testVector), i; |
| |
| a.input = "Hi There"; |
| a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc" |
| "\x9d"; |
| a.inLen = strlen(a.input); |
| a.outLen = MD5_DIGEST_SIZE; |
| |
| b.input = "what do ya want for nothing?"; |
| b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" |
| "\x38"; |
| b.inLen = strlen(b.input); |
| b.outLen = MD5_DIGEST_SIZE; |
| |
| c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD"; |
| c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3" |
| "\xf6"; |
| c.inLen = strlen(c.input); |
| c.outLen = MD5_DIGEST_SIZE; |
| |
| test_hmac[0] = a; |
| test_hmac[1] = b; |
| test_hmac[2] = c; |
| |
| for (i = 0; i < times; ++i) { |
| #if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) |
| if (i == 1) |
| continue; /* cavium can't handle short keys, fips not allowed */ |
| #endif |
| #ifdef HAVE_CAVIUM |
| if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) |
| return -20009; |
| #endif |
| ret = wc_HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); |
| if (ret != 0) |
| return -4015; |
| ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input, |
| (word32)test_hmac[i].inLen); |
| if (ret != 0) |
| return -4016; |
| ret = wc_HmacFinal(&hmac, hash); |
| if (ret != 0) |
| return -4017; |
| |
| if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0) |
| return -20 - i; |
| #ifdef HAVE_CAVIUM |
| wc_HmacFreeCavium(&hmac); |
| #endif |
| } |
| |
| return 0; |
| } |
| #endif /* NO_HMAC && NO_MD5 */ |
| |
| #if !defined(NO_HMAC) && !defined(NO_SHA) |
| int hmac_sha_test(void) |
| { |
| Hmac hmac; |
| byte hash[SHA_DIGEST_SIZE]; |
| |
| const char* keys[]= |
| { |
| "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" |
| "\x0b\x0b\x0b", |
| "Jefe", |
| "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" |
| "\xAA\xAA\xAA" |
| }; |
| |
| testVector a, b, c; |
| testVector test_hmac[3]; |
| |
| int ret; |
| int times = sizeof(test_hmac) / sizeof(testVector), i; |
| |
| a.input = "Hi There"; |
| a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c" |
| "\x8e\xf1\x46\xbe\x00"; |
| a.inLen = strlen(a.input); |
| a.outLen = SHA_DIGEST_SIZE; |
| |
| b.input = "what do ya want for nothing?"; |
| b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf" |
| "\x9c\x25\x9a\x7c\x79"; |
| b.inLen = strlen(b.input); |
| b.outLen = SHA_DIGEST_SIZE; |
| |
| c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD"; |
| c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b" |
| "\x4f\x63\xf1\x75\xd3"; |
| c.inLen = strlen(c.input); |
| c.outLen = SHA_DIGEST_SIZE; |
| |
| test_hmac[0] = a; |
| test_hmac[1] = b; |
| test_hmac[2] = c; |
| |
| for (i = 0; i < times; ++i) { |
| #if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) |
| if (i == 1) |
| continue; /* cavium can't handle short keys, fips not allowed */ |
| #endif |
| #ifdef HAVE_CAVIUM |
| if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) |
| return -20010; |
| #endif |
| ret = wc_HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); |
| if (ret != 0) |
| return -4018; |
| ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input, |
| (word32)test_hmac[i].inLen); |
| if (ret != 0) |
| return -4019; |
| ret = wc_HmacFinal(&hmac, hash); |
| if (ret != 0) |
| return -4020; |
| |
| if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0) |
| return -20 - i; |
| #ifdef HAVE_CAVIUM |
| wc_HmacFreeCavium(&hmac); |
| #endif |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| |
| #if !defined(NO_HMAC) && !defined(NO_SHA256) |
| int hmac_sha256_test(void) |
| { |
| Hmac hmac; |
| byte hash[SHA256_DIGEST_SIZE]; |
| |
| const char* keys[]= |
| { |
| "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" |
| "\x0b\x0b\x0b", |
| "Jefe", |
| "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" |
| "\xAA\xAA\xAA" |
| }; |
| |
| testVector a, b, c; |
| testVector test_hmac[3]; |
| |
| int ret; |
| int times = sizeof(test_hmac) / sizeof(testVector), i; |
| |
| a.input = "Hi There"; |
| a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1" |
| "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32" |
| "\xcf\xf7"; |
| a.inLen = strlen(a.input); |
| a.outLen = SHA256_DIGEST_SIZE; |
| |
| b.input = "what do ya want for nothing?"; |
| b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75" |
| "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec" |
| "\x38\x43"; |
| b.inLen = strlen(b.input); |
| b.outLen = SHA256_DIGEST_SIZE; |
| |
| c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD"; |
| c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81" |
| "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5" |
| "\x65\xfe"; |
| c.inLen = strlen(c.input); |
| c.outLen = SHA256_DIGEST_SIZE; |
| |
| test_hmac[0] = a; |
| test_hmac[1] = b; |
| test_hmac[2] = c; |
| |
| for (i = 0; i < times; ++i) { |
| #if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) |
| if (i == 1) |
| continue; /* cavium can't handle short keys, fips not allowed */ |
| #endif |
| #ifdef HAVE_CAVIUM |
| if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) |
| return -20011; |
| #endif |
| ret = wc_HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i])); |
| if (ret != 0) |
| return -4021; |
| ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input, |
| (word32)test_hmac[i].inLen); |
| if (ret != 0) |
| return -4022; |
| ret = wc_HmacFinal(&hmac, hash); |
| if (ret != 0) |
| return -4023; |
| |
| if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0) |
| return -20 - i; |
| #ifdef HAVE_CAVIUM |
| wc_HmacFreeCavium(&hmac); |
| #endif |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| |
| #if !defined(NO_HMAC) && defined(HAVE_BLAKE2) |
| int hmac_blake2b_test(void) |
| { |
| Hmac hmac; |
| byte hash[BLAKE2B_256]; |
| |
| const char* keys[]= |
| { |
| "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" |
| "\x0b\x0b\x0b", |
| "Jefe", |
| "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" |
| "\xAA\xAA\xAA" |
| }; |
| |
| testVector a, b, c; |
| testVector test_hmac[3]; |
| |
| int ret; |
| int times = sizeof(test_hmac) / sizeof(testVector), i; |
| |
| a.input = "Hi There"; |
| a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51" |
| "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75" |
| "\xac\xfd"; |
| a.inLen = strlen(a.input); |
| a.outLen = BLAKE2B_256; |
| |
| b.input = "what do ya want for nothing?"; |
| b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67" |
| "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c" |
| "\xda\x2b"; |
| b.inLen = strlen(b.input); |
| b.outLen = BLAKE2B_256; |
| |
| c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD"; |
| c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7" |
| "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3" |
| "\x0f\x87"; |
| c.inLen = strlen(c.input); |
| c.outLen = BLAKE2B_256; |
| |
| test_hmac[0] = a; |
| test_hmac[1] = b; |
| test_hmac[2] = c; |
| |
| for (i = 0; i < times; ++i) { |
| #if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) |
| if (i == 1) |
| continue; /* cavium can't handle short keys, fips not allowed */ |
| #endif |
| #ifdef HAVE_CAVIUM |
| if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) |
| return -20011; |
| #endif |
| ret = wc_HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i], |
| (word32)strlen(keys[i])); |
| if (ret != 0) |
| return -4024; |
| ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input, |
| (word32)test_hmac[i].inLen); |
| if (ret != 0) |
| return -4025; |
| ret = wc_HmacFinal(&hmac, hash); |
| if (ret != 0) |
| return -4026; |
| |
| if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0) |
| return -20 - i; |
| #ifdef HAVE_CAVIUM |
| wc_HmacFreeCavium(&hmac); |
| #endif |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| |
| #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384) |
| int hmac_sha384_test(void) |
| { |
| Hmac hmac; |
| byte hash[SHA384_DIGEST_SIZE]; |
| |
| const char* keys[]= |
| { |
| "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" |
| "\x0b\x0b\x0b", |
| "Jefe", |
| "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" |
| "\xAA\xAA\xAA" |
| }; |
| |
| testVector a, b, c; |
| testVector test_hmac[3]; |
| |
| int ret; |
| int times = sizeof(test_hmac) / sizeof(testVector), i; |
| |
| a.input = "Hi There"; |
| a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90" |
| "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb" |
| "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2" |
| "\xfa\x9c\xb6"; |
| a.inLen = strlen(a.input); |
| a.outLen = SHA384_DIGEST_SIZE; |
| |
| b.input = "what do ya want for nothing?"; |
| b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b" |
| "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22" |
| "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa" |
| "\xb2\x16\x49"; |
| b.inLen = strlen(b.input); |
| b.outLen = SHA384_DIGEST_SIZE; |
| |
| c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD"; |
| c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8" |
| "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66" |
| "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01" |
| "\xa3\x4f\x27"; |
| c.inLen = strlen(c.input); |
| c.outLen = SHA384_DIGEST_SIZE; |
| |
| test_hmac[0] = a; |
| test_hmac[1] = b; |
| test_hmac[2] = c; |
| |
| for (i = 0; i < times; ++i) { |
| #if defined(HAVE_FIPS) |
| if (i == 1) |
| continue; /* fips not allowed */ |
| #endif |
| ret = wc_HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i])); |
| if (ret != 0) |
| return -4027; |
| ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input, |
| (word32)test_hmac[i].inLen); |
| if (ret != 0) |
| return -4028; |
| ret = wc_HmacFinal(&hmac, hash); |
| if (ret != 0) |
| return -4029; |
| |
| if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0) |
| return -20 - i; |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| |
| #if !defined(NO_HMAC) && defined(WOLFSSL_SHA512) |
| int hmac_sha512_test(void) |
| { |
| Hmac hmac; |
| byte hash[SHA512_DIGEST_SIZE]; |
| |
| const char* keys[]= |
| { |
| "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" |
| "\x0b\x0b\x0b", |
| "Jefe", |
| "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" |
| "\xAA\xAA\xAA" |
| }; |
| |
| testVector a, b, c; |
| testVector test_hmac[3]; |
| |
| int ret; |
| int times = sizeof(test_hmac) / sizeof(testVector), i; |
| |
| a.input = "Hi There"; |
| a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c" |
| "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1" |
| "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae" |
| "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20" |
| "\x3a\x12\x68\x54"; |
| a.inLen = strlen(a.input); |
| a.outLen = SHA512_DIGEST_SIZE; |
| |
| b.input = "what do ya want for nothing?"; |
| b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0" |
| "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25" |
| "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8" |
| "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a" |
| "\x38\xbc\xe7\x37"; |
| b.inLen = strlen(b.input); |
| b.outLen = SHA512_DIGEST_SIZE; |
| |
| c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" |
| "\xDD\xDD\xDD\xDD\xDD\xDD"; |
| c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b" |
| "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27" |
| "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e" |
| "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59" |
| "\xe1\x32\x92\xfb"; |
| c.inLen = strlen(c.input); |
| c.outLen = SHA512_DIGEST_SIZE; |
| |
| test_hmac[0] = a; |
| test_hmac[1] = b; |
| test_hmac[2] = c; |
| |
| for (i = 0; i < times; ++i) { |
| #if defined(HAVE_FIPS) |
| if (i == 1) |
| continue; /* fips not allowed */ |
| #endif |
| ret = wc_HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i])); |
| if (ret != 0) |
| return -4030; |
| ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input, |
| (word32)test_hmac[i].inLen); |
| if (ret != 0) |
| return -4031; |
| ret = wc_HmacFinal(&hmac, hash); |
| if (ret != 0) |
| return -4032; |
| |
| if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0) |
| return -20 - i; |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| |
| #ifndef NO_RC4 |
| int arc4_test(void) |
| { |
| byte cipher[16]; |
| byte plain[16]; |
| |
| const char* keys[] = |
| { |
| "\x01\x23\x45\x67\x89\xab\xcd\xef", |
| "\x01\x23\x45\x67\x89\xab\xcd\xef", |
| "\x00\x00\x00\x00\x00\x00\x00\x00", |
| "\xef\x01\x23\x45" |
| }; |
| |
| testVector a, b, c, d; |
| testVector test_arc4[4]; |
| |
| int times = sizeof(test_arc4) / sizeof(testVector), i; |
| |
| a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef"; |
| a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96"; |
| a.inLen = 8; |
| a.outLen = 8; |
| |
| b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; |
| b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79"; |
| b.inLen = 8; |
| b.outLen = 8; |
| |
| c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; |
| c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a"; |
| c.inLen = 8; |
| c.outLen = 8; |
| |
| d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; |
| d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61"; |
| d.inLen = 10; |
| d.outLen = 10; |
| |
| test_arc4[0] = a; |
| test_arc4[1] = b; |
| test_arc4[2] = c; |
| test_arc4[3] = d; |
| |
| for (i = 0; i < times; ++i) { |
| Arc4 enc; |
| Arc4 dec; |
| int keylen = 8; /* strlen with key 0x00 not good */ |
| if (i == 3) |
| keylen = 4; |
| |
| #ifdef HAVE_CAVIUM |
| if (wc_Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) |
| return -20001; |
| if (wc_Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0) |
| return -20002; |
| #endif |
| |
| wc_Arc4SetKey(&enc, (byte*)keys[i], keylen); |
| wc_Arc4SetKey(&dec, (byte*)keys[i], keylen); |
| |
| wc_Arc4Process(&enc, cipher, (byte*)test_arc4[i].input, |
| (word32)test_arc4[i].outLen); |
| wc_Arc4Process(&dec, plain, cipher, (word32)test_arc4[i].outLen); |
| |
| if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen)) |
| return -20 - i; |
| |
| if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen)) |
| return -20 - 5 - i; |
| |
| #ifdef HAVE_CAVIUM |
| wc_Arc4FreeCavium(&enc); |
| wc_Arc4FreeCavium(&dec); |
| #endif |
| } |
| |
| return 0; |
| } |
| #endif |
| |
| |
| int hc128_test(void) |
| { |
| #ifdef HAVE_HC128 |
| byte cipher[16]; |
| byte plain[16]; |
| |
| const char* keys[] = |
| { |
| "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", |
| "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", |
| "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD", |
| "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC" |
| }; |
| |
| const char* ivs[] = |
| { |
| "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", |
| "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", |
| "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16", |
| "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31" |
| }; |
| |
| |
| testVector a, b, c, d; |
| testVector test_hc128[4]; |
| |
| int times = sizeof(test_hc128) / sizeof(testVector), i; |
| |
| a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; |
| a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48"; |
| a.inLen = 8; |
| a.outLen = 8; |
| |
| b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; |
| b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F"; |
| b.inLen = 8; |
| b.outLen = 8; |
| |
| c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; |
| c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"; |
| c.inLen = 8; |
| c.outLen = 8; |
| |
| d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; |
| d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29"; |
| d.inLen = 15; |
| d.outLen = 15; |
| |
| test_hc128[0] = a; |
| test_hc128[1] = b; |
| test_hc128[2] = c; |
| test_hc128[3] = d; |
| |
| for (i = 0; i < times; ++i) { |
| HC128 enc; |
| HC128 dec; |
| |
| /* align keys/ivs in plain/cipher buffers */ |
| memcpy(plain, keys[i], 16); |
| memcpy(cipher, ivs[i], 16); |
| |
| wc_Hc128_SetKey(&enc, plain, cipher); |
| wc_Hc128_SetKey(&dec, plain, cipher); |
| |
| /* align input */ |
| memcpy(plain, test_hc128[i].input, test_hc128[i].outLen); |
| wc_Hc128_Process(&enc, cipher, plain, (word32)test_hc128[i].outLen); |
| wc_Hc128_Process(&dec, plain, cipher, (word32)test_hc128[i].outLen); |
| |
| if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen)) |
| return -120 - i; |
| |
| if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen)) |
| return -120 - 5 - i; |
| } |
| |
| #endif /* HAVE_HC128 */ |
| return 0; |
| } |
| |
| |
| #ifndef NO_RABBIT |
| int rabbit_test(void) |
| { |
| byte cipher[16]; |
| byte plain[16]; |
| |
| const char* keys[] = |
| { |
| "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", |
| "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", |
| "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91" |
| }; |
| |
| const char* ivs[] = |
| { |
| "\x00\x00\x00\x00\x00\x00\x00\x00", |
| "\x59\x7E\x26\xC1\x75\xF5\x73\xC3", |
| 0 |
| }; |
| |
| testVector a, b, c; |
| testVector test_rabbit[3]; |
| |
| int times = sizeof(test_rabbit) / sizeof(testVector), i; |
| |
| a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; |
| a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C"; |
| a.inLen = 8; |
| a.outLen = 8; |
| |
| b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; |
| b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0"; |
| b.inLen = 8; |
| b.outLen = 8; |
| |
| c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; |
| c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77"; |
| c.inLen = 8; |
| c.outLen = 8; |
| |
| test_rabbit[0] = a; |
| test_rabbit[1] = b; |
| test_rabbit[2] = c; |
| |
| for (i = 0; i < times; ++i) { |
| Rabbit enc; |
| Rabbit dec; |
| byte* iv; |
| |
| /* align keys/ivs in plain/cipher buffers */ |
| memcpy(plain, keys[i], 16); |
| if (ivs[i]) { |
| memcpy(cipher, ivs[i], 8); |
| iv = cipher; |
| } else |
| iv = NULL; |
| wc_RabbitSetKey(&enc, plain, iv); |
| wc_RabbitSetKey(&dec, plain, iv); |
| |
| /* align input */ |
| memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen); |
| wc_RabbitProcess(&enc, cipher, plain, (word32)test_rabbit[i].outLen); |
| wc_RabbitProcess(&dec, plain, cipher, (word32)test_rabbit[i].outLen); |
| |
| if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen)) |
| return -130 - i; |
| |
| if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen)) |
| return -130 - 5 - i; |
| } |
| |
| return 0; |
| } |
| #endif /* NO_RABBIT */ |
| |
| |
| #ifdef HAVE_CHACHA |
| int chacha_test(void) |
| { |
| ChaCha enc; |
| ChaCha dec; |
| byte cipher[32]; |
| byte plain[32]; |
| byte input[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; |
| word32 keySz; |
| int i; |
| int times = 4; |
| |
| static const byte key1[] = |
| { |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 |
| }; |
| |
| static const byte key2[] = |
| { |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01 |
| }; |
| |
| static const byte key3[] = |
| { |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 |
| }; |
| |
| /* 128 bit key */ |
| static const byte key4[] = |
| { |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 |
| }; |
| |
| |
| const byte* keys[] = {key1, key2, key3, key4}; |
| |
| static const byte ivs1[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; |
| static const byte ivs2[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; |
| static const byte ivs3[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01}; |
| static const byte ivs4[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; |
| |
| |
| const byte* ivs[] = {ivs1, ivs2, ivs3, ivs4}; |
| |
| |
| byte a[] = {0x76,0xb8,0xe0,0xad,0xa0,0xf1,0x3d,0x90}; |
| byte b[] = {0x45,0x40,0xf0,0x5a,0x9f,0x1f,0xb2,0x96}; |
| byte c[] = {0xde,0x9c,0xba,0x7b,0xf3,0xd6,0x9e,0xf5}; |
| byte d[] = {0x89,0x67,0x09,0x52,0x60,0x83,0x64,0xfd}; |
| |
| byte* test_chacha[4]; |
| |
| test_chacha[0] = a; |
| test_chacha[1] = b; |
| test_chacha[2] = c; |
| test_chacha[3] = d; |
| |
| for (i = 0; i < times; ++i) { |
| if (i < 3) { |
| keySz = 32; |
| } |
| else { |
| keySz = 16; |
| } |
| |
| XMEMCPY(plain, keys[i], keySz); |
| XMEMSET(cipher, 0, 32); |
| XMEMCPY(cipher + 4, ivs[i], 8); |
| |
| wc_Chacha_SetKey(&enc, keys[i], keySz); |
| wc_Chacha_SetKey(&dec, keys[i], keySz); |
| |
| wc_Chacha_SetIV(&enc, cipher, 0); |
| wc_Chacha_SetIV(&dec, cipher, 0); |
| XMEMCPY(plain, input, 8); |
| |
| wc_Chacha_Process(&enc, cipher, plain, (word32)8); |
| wc_Chacha_Process(&dec, plain, cipher, (word32)8); |
| |
| if (memcmp(test_chacha[i], cipher, 8)) |
| return -130 - 5 - i; |
| |
| if (memcmp(plain, input, 8)) |
| return -130 - i; |
| } |
| |
| return 0; |
| } |
| #endif /* HAVE_CHACHA */ |
| |
| |
| #ifdef HAVE_POLY1305 |
| int poly1305_test(void) |
| { |
| int ret = 0; |
| int i; |
| byte tag[16]; |
| Poly1305 enc; |
| |
| const byte msg[] = |
| { |
| 0x43,0x72,0x79,0x70,0x74,0x6f,0x67,0x72, |
| 0x61,0x70,0x68,0x69,0x63,0x20,0x46,0x6f, |
| 0x72,0x75,0x6d,0x20,0x52,0x65,0x73,0x65, |
| 0x61,0x72,0x63,0x68,0x20,0x47,0x72,0x6f, |
| 0x75,0x70 |
| }; |
| |
| const byte msg2[] = |
| { |
| 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x77,0x6f,0x72, |
| 0x6c,0x64,0x21 |
| }; |
| |
| const byte msg3[] = |
| { |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 |
| }; |
| |
| const byte correct[] = |
| { |
| 0xa8,0x06,0x1d,0xc1,0x30,0x51,0x36,0xc6, |
| 0xc2,0x2b,0x8b,0xaf,0x0c,0x01,0x27,0xa9 |
| |
| }; |
| |
| const byte correct2[] = |
| { |
| 0xa6,0xf7,0x45,0x00,0x8f,0x81,0xc9,0x16, |
| 0xa2,0x0d,0xcc,0x74,0xee,0xf2,0xb2,0xf0 |
| }; |
| |
| const byte correct3[] = |
| { |
| 0x49,0xec,0x78,0x09,0x0e,0x48,0x1e,0xc6, |
| 0xc2,0x6b,0x33,0xb9,0x1c,0xcc,0x03,0x07 |
| }; |
| |
| const byte key[] = { |
| 0x85,0xd6,0xbe,0x78,0x57,0x55,0x6d,0x33, |
| 0x7f,0x44,0x52,0xfe,0x42,0xd5,0x06,0xa8, |
| 0x01,0x03,0x80,0x8a,0xfb,0x0d,0xb2,0xfd, |
| 0x4a,0xbf,0xf6,0xaf,0x41,0x49,0xf5,0x1b |
| }; |
| |
| const byte key2[] = { |
| 0x74,0x68,0x69,0x73,0x20,0x69,0x73,0x20, |
| 0x33,0x32,0x2d,0x62,0x79,0x74,0x65,0x20, |
| 0x6b,0x65,0x79,0x20,0x66,0x6f,0x72,0x20, |
| 0x50,0x6f,0x6c,0x79,0x31,0x33,0x30,0x35 |
| }; |
| |
| const byte* msgs[] = {msg, msg2, msg3}; |
| word32 szm[] = {sizeof(msg),sizeof(msg2),sizeof(msg3)}; |
| const byte* keys[] = {key, key2, key2}; |
| const byte* tests[] = {correct, correct2, correct3}; |
| |
| for (i = 0; i < 3; i++) { |
| ret = wc_Poly1305SetKey(&enc, keys[i], 32); |
| if (ret != 0) |
| return -1001; |
| |
| ret = wc_Poly1305Update(&enc, msgs[i], szm[i]); |
| if (ret != 0) |
| return -1005; |
| |
| ret = wc_Poly1305Final(&enc, tag); |
| if (ret != 0) |
| return -60; |
| |
| if (memcmp(tag, tests[i], sizeof(tag))) |
| return -61; |
| } |
| |
| return 0; |
| } |
| #endif /* HAVE_POLY1305 */ |
| |
| |
| #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) |
| int chacha20_poly1305_aead_test(void) |
| { |
| /* Test #1 from Section 2.8.2 of draft-irtf-cfrg-chacha20-poly1305-10 */ |
| /* https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10 */ |
| |
| const byte key1[] = { |
| 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, |
| 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, |
| 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, |
| 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f |
| }; |
| |
| const byte plaintext1[] = { |
| 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, |
| 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, |
| 0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20, |
| 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73, |
| 0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39, |
| 0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63, |
| 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66, |
| 0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f, |
| 0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20, |
| 0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20, |
| 0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75, |
| 0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73, |
| 0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, |
| 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, |
| 0x74, 0x2e |
| }; |
| |
| const byte iv1[] = { |
| 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, |
| 0x44, 0x45, 0x46, 0x47 |
| }; |
| |
| const byte aad1[] = { /* additional data */ |
| 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, |
| 0xc4, 0xc5, 0xc6, 0xc7 |
| }; |
| |
| const byte cipher1[] = { /* expected output from operation */ |
| 0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb, |
| 0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2, |
| 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe, |
| 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6, |
| 0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12, |
| 0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b, |
| 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29, |
| 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36, |
| 0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c, |
| 0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58, |
| 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94, |
| 0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc, |
| 0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d, |
| 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b, |
| 0x61, 0x16 |
| }; |
| |
| const byte authTag1[] = { /* expected output from operation */ |
| 0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a, |
| 0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91 |
| }; |
| |
| /* Test #2 from Appendix A.2 in draft-irtf-cfrg-chacha20-poly1305-10 */ |
| /* https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10 */ |
| |
| const byte key2[] = { |
| 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a, |
| 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0, |
| 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09, |
| 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0 |
| }; |
| |
| const byte plaintext2[] = { |
| 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, |
| 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x73, 0x20, |
| 0x61, 0x72, 0x65, 0x20, 0x64, 0x72, 0x61, 0x66, |
| 0x74, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, |
| 0x6e, 0x74, 0x73, 0x20, 0x76, 0x61, 0x6c, 0x69, |
| 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x61, 0x20, |
| 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x20, |
| 0x6f, 0x66, 0x20, 0x73, 0x69, 0x78, 0x20, 0x6d, |
| 0x6f, 0x6e, 0x74, 0x68, 0x73, 0x20, 0x61, 0x6e, |
| 0x64, 0x20, 0x6d, 0x61, 0x79, 0x20, 0x62, 0x65, |
| 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, |
| 0x2c, 0x20, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, |
| 0x65, 0x64, 0x2c, 0x20, 0x6f, 0x72, 0x20, 0x6f, |
| 0x62, 0x73, 0x6f, 0x6c, 0x65, 0x74, 0x65, 0x64, |
| 0x20, 0x62, 0x79, 0x20, 0x6f, 0x74, 0x68, 0x65, |
| 0x72, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, |
| 0x6e, 0x74, 0x73, 0x20, 0x61, 0x74, 0x20, 0x61, |
| 0x6e, 0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x2e, |
| 0x20, 0x49, 0x74, 0x20, 0x69, 0x73, 0x20, 0x69, |
| 0x6e, 0x61, 0x70, 0x70, 0x72, 0x6f, 0x70, 0x72, |
| 0x69, 0x61, 0x74, 0x65, 0x20, 0x74, 0x6f, 0x20, |
| 0x75, 0x73, 0x65, 0x20, 0x49, 0x6e, 0x74, 0x65, |
| 0x72, 0x6e, 0x65, 0x74, 0x2d, 0x44, 0x72, 0x61, |
| 0x66, 0x74, 0x73, 0x20, 0x61, 0x73, 0x20, 0x72, |
| 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, |
| 0x20, 0x6d, 0x61, 0x74, 0x65, 0x72, 0x69, 0x61, |
| 0x6c, 0x20, 0x6f, 0x72, 0x20, 0x74, 0x6f, 0x20, |
| 0x63, 0x69, 0x74, 0x65, 0x20, 0x74, 0x68, 0x65, |
| 0x6d, 0x20, 0x6f, 0x74, 0x68, 0x65, 0x72, 0x20, |
| 0x74, 0x68, 0x61, 0x6e, 0x20, 0x61, 0x73, 0x20, |
| 0x2f, 0xe2, 0x80, 0x9c, 0x77, 0x6f, 0x72, 0x6b, |
| 0x20, 0x69, 0x6e, 0x20, 0x70, 0x72, 0x6f, 0x67, |
| 0x72, 0x65, 0x73, 0x73, 0x2e, 0x2f, 0xe2, 0x80, |
| 0x9d |
| }; |
| |
| const byte iv2[] = { |
| 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, |
| 0x05, 0x06, 0x07, 0x08 |
| }; |
| |
| const byte aad2[] = { /* additional data */ |
| 0xf3, 0x33, 0x88, 0x86, 0x00, 0x00, 0x00, 0x00, |
| 0x00, 0x00, 0x4e, 0x91 |
| }; |
| |
| const byte cipher2[] = { /* expected output from operation */ |
| 0x64, 0xa0, 0x86, 0x15, 0x75, 0x86, 0x1a, 0xf4, |
| 0x60, 0xf0, 0x62, 0xc7, 0x9b, 0xe6, 0x43, 0xbd, |
| 0x5e, 0x80, 0x5c, 0xfd, 0x34, 0x5c, 0xf3, 0x89, |
| 0xf1, 0x08, 0x67, 0x0a, 0xc7, 0x6c, 0x8c, 0xb2, |
| 0x4c, 0x6c, 0xfc, 0x18, 0x75, 0x5d, 0x43, 0xee, |
| 0xa0, 0x9e, 0xe9, 0x4e, 0x38, 0x2d, 0x26, 0xb0, |
| 0xbd, 0xb7, 0xb7, 0x3c, 0x32, 0x1b, 0x01, 0x00, |
| 0xd4, 0xf0, 0x3b, 0x7f, 0x35, 0x58, 0x94, 0xcf, |
| 0x33, 0x2f, 0x83, 0x0e, 0x71, 0x0b, 0x97, 0xce, |
| 0x98, 0xc8, 0xa8, 0x4a, 0xbd, 0x0b, 0x94, 0x81, |
| 0x14, 0xad, 0x17, 0x6e, 0x00, 0x8d, 0x33, 0xbd, |
| 0x60, 0xf9, 0x82, 0xb1, 0xff, 0x37, 0xc8, 0x55, |
| 0x97, 0x97, 0xa0, 0x6e, 0xf4, 0xf0, 0xef, 0x61, |
| 0xc1, 0x86, 0x32, 0x4e, 0x2b, 0x35, 0x06, 0x38, |
| 0x36, 0x06, 0x90, 0x7b, 0x6a, 0x7c, 0x02, 0xb0, |
| 0xf9, 0xf6, 0x15, 0x7b, 0x53, 0xc8, 0x67, 0xe4, |
| 0xb9, 0x16, 0x6c, 0x76, 0x7b, 0x80, 0x4d, 0x46, |
| 0xa5, 0x9b, 0x52, 0x16, 0xcd, 0xe7, 0xa4, 0xe9, |
| 0x90, 0x40, 0xc5, 0xa4, 0x04, 0x33, 0x22, 0x5e, |
| 0xe2, 0x82, 0xa1, 0xb0, 0xa0, 0x6c, 0x52, 0x3e, |
| 0xaf, 0x45, 0x34, 0xd7, 0xf8, 0x3f, 0xa1, 0x15, |
| 0x5b, 0x00, 0x47, 0x71, 0x8c, 0xbc, 0x54, 0x6a, |
| 0x0d, 0x07, 0x2b, 0x04, 0xb3, 0x56, 0x4e, 0xea, |
| 0x1b, 0x42, 0x22, 0x73, 0xf5, 0x48, 0x27, 0x1a, |
| 0x0b, 0xb2, 0x31, 0x60, 0x53, 0xfa, 0x76, 0x99, |
| 0x19, 0x55, 0xeb, 0xd6, 0x31, 0x59, 0x43, 0x4e, |
| 0xce, 0xbb, 0x4e, 0x46, 0x6d, 0xae, 0x5a, 0x10, |
| 0x73, 0xa6, 0x72, 0x76, 0x27, 0x09, 0x7a, 0x10, |
| 0x49, 0xe6, 0x17, 0xd9, 0x1d, 0x36, 0x10, 0x94, |
| 0xfa, 0x68, 0xf0, 0xff, 0x77, 0x98, 0x71, 0x30, |
| 0x30, 0x5b, 0xea, 0xba, 0x2e, 0xda, 0x04, 0xdf, |
| 0x99, 0x7b, 0x71, 0x4d, 0x6c, 0x6f, 0x2c, 0x29, |
| 0xa6, 0xad, 0x5c, 0xb4, 0x02, 0x2b, 0x02, 0x70, |
| 0x9b |
| }; |
| |
| const byte authTag2[] = { /* expected output from operation */ |
| 0xee, 0xad, 0x9d, 0x67, 0x89, 0x0c, 0xbb, 0x22, |
| 0x39, 0x23, 0x36, 0xfe, 0xa1, 0x85, 0x1f, 0x38 |
| }; |
| |
| byte generatedCiphertext[272]; |
| byte generatedPlaintext[272]; |
| byte generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; |
| int err; |
| |
| XMEMSET(generatedCiphertext, 0, sizeof(generatedCiphertext)); |
| XMEMSET(generatedAuthTag, 0, sizeof(generatedAuthTag)); |
| XMEMSET(generatedPlaintext, 0, sizeof(generatedPlaintext)); |
| |
| /* Test #1 */ |
| |
| err = wc_ChaCha20Poly1305_Encrypt(key1, iv1, |
| aad1, sizeof(aad1), |
| plaintext1, sizeof(plaintext1), |
| generatedCiphertext, generatedAuthTag); |
| if (err) |
| { |
| return err; |
| } |
| |
| /* -- Check the ciphertext and authtag */ |
| |
| if (XMEMCMP(generatedCiphertext, cipher1, sizeof(cipher1))) |
| { |
| return -1064; |
| } |
| |
| if (XMEMCMP(generatedAuthTag, authTag1, sizeof(authTag1))) |
| { |
| return -1065; |
| } |
| |
| /* -- Verify decryption works */ |
| |
| err = wc_ChaCha20Poly1305_Decrypt(key1, iv1, |
| aad1, sizeof(aad1), |
| cipher1, sizeof(cipher1), |
| authTag1, generatedPlaintext); |
| if (err) |
| { |
| return err; |
| } |
| |
| if (XMEMCMP(generatedPlaintext, plaintext1, sizeof( plaintext1))) |
| { |
| return -1066; |
| } |
| |
| XMEMSET(generatedCiphertext, 0, sizeof(generatedCiphertext)); |
| XMEMSET(generatedAuthTag, 0, sizeof(generatedAuthTag)); |
| XMEMSET(generatedPlaintext, 0, sizeof(generatedPlaintext)); |
| |
| /* Test #2 */ |
| |
| err = wc_ChaCha20Poly1305_Encrypt(key2, iv2, |
| aad2, sizeof(aad2), |
| plaintext2, sizeof(plaintext2), |
| generatedCiphertext, generatedAuthTag); |
| if (err) |
| { |
| return err; |
| } |
| |
| /* -- Check the ciphertext and authtag */ |
| |
| if (XMEMCMP(generatedCiphertext, cipher2, sizeof(cipher2))) |
| { |
| return -1067; |
| } |
| |
| if (XMEMCMP(generatedAuthTag, authTag2, sizeof(authTag2))) |
| { |
| return -1068; |
| } |
| |
| /* -- Verify decryption works */ |
| |
| err = wc_ChaCha20Poly1305_Decrypt(key2, iv2, |
| aad2, sizeof(aad2), |
| cipher2, sizeof(cipher2), |
| authTag2, generatedPlaintext); |
| if (err) |
| { |
| return err; |
| } |
| |
| if (XMEMCMP(generatedPlaintext, plaintext2, sizeof(plaintext2))) |
| { |
| return -1069; |
| } |
| |
| return err; |
| } |
| #endif /* HAVE_CHACHA && HAVE_POLY1305 */ |
| |
| |
| #ifndef NO_DES3 |
| int des_test(void) |
| { |
| const byte vector[] = { /* "now is the time for all " w/o trailing 0 */ |
| 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, |
| 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, |
| 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 |
| }; |
| |
| byte plain[24]; |
| byte cipher[24]; |
| |
| Des enc; |
| Des dec; |
| |
| const byte key[] = |
| { |
| 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef |
| }; |
| |
| const byte iv[] = |
| { |
| 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef |
| }; |
| |
| const byte verify[] = |
| { |
| 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, |
| 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, |
| 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b |
| }; |
| |
| int ret; |
| |
| ret = wc_Des_SetKey(&enc, key, iv, DES_ENCRYPTION); |
| if (ret != 0) |
| return -31; |
| |
| wc_Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); |
| ret = wc_Des_SetKey(&dec, key, iv, DES_DECRYPTION); |
| if (ret != 0) |
| return -32; |
| wc_Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); |
| |
| if (memcmp(plain, vector, sizeof(plain))) |
| return -33; |
| |
| if (memcmp(cipher, verify, sizeof(cipher))) |
| return -34; |
| |
| return 0; |
| } |
| #endif /* NO_DES3 */ |
| |
| |
| #ifndef NO_DES3 |
| int des3_test(void) |
| { |
| const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */ |
| 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, |
| 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, |
| 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 |
| }; |
| |
| byte plain[24]; |
| byte cipher[24]; |
| |
| Des3 enc; |
| Des3 dec; |
| |
| const byte key3[] = |
| { |
| 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, |
| 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, |
| 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 |
| }; |
| const byte iv3[] = |
| { |
| 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, |
| 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, |
| 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 |
| |
| }; |
| |
| const byte verify3[] = |
| { |
| 0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e, |
| 0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98, |
| 0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0 |
| }; |
| |
| int ret; |
| |
| |
| #ifdef HAVE_CAVIUM |
| if (wc_Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) |
| return -20005; |
| if (wc_Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0) |
| return -20006; |
| #endif |
| ret = wc_Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION); |
| if (ret != 0) |
| return -31; |
| ret = wc_Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION); |
| if (ret != 0) |
| return -32; |
| ret = wc_Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); |
| if (ret != 0) |
| return -33; |
| ret = wc_Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); |
| if (ret != 0) |
| return -34; |
| |
| if (memcmp(plain, vector, sizeof(plain))) |
| return -35; |
| |
| if (memcmp(cipher, verify3, sizeof(cipher))) |
| return -36; |
| |
| #ifdef HAVE_CAVIUM |
| wc_Des3_FreeCavium(&enc); |
| wc_Des3_FreeCavium(&dec); |
| #endif |
| return 0; |
| } |
| #endif /* NO_DES */ |
| |
| |
| #ifndef NO_AES |
| int aes_test(void) |
| { |
| Aes enc; |
| Aes dec; |
| |
| const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ |
| 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, |
| 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, |
| 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 |
| }; |
| |
| const byte verify[] = |
| { |
| 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, |
| 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb |
| }; |
| |
| byte key[] = "0123456789abcdef "; /* align */ |
| byte iv[] = "1234567890abcdef "; /* align */ |
| |
| byte cipher[AES_BLOCK_SIZE * 4]; |
| byte plain [AES_BLOCK_SIZE * 4]; |
| int ret; |
| |
| #ifdef HAVE_CAVIUM |
| if (wc_AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) |
| return -20003; |
| if (wc_AesInitCavium(&dec, CAVIUM_DEV_ID) != 0) |
| return -20004; |
| #endif |
| ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); |
| if (ret != 0) |
| return -1001; |
| ret = wc_AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); |
| if (ret != 0) |
| return -1002; |
| |
| ret = wc_AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); |
| if (ret != 0) |
| return -1005; |
| ret = wc_AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); |
| if (ret != 0) |
| return -1006; |
| |
| if (memcmp(plain, msg, AES_BLOCK_SIZE)) |
| return -60; |
| |
| if (memcmp(cipher, verify, AES_BLOCK_SIZE)) |
| return -61; |
| |
| #ifdef HAVE_CAVIUM |
| wc_AesFreeCavium(&enc); |
| wc_AesFreeCavium(&dec); |
| #endif |
| #ifdef WOLFSSL_AES_COUNTER |
| { |
| const byte ctrKey[] = |
| { |
| 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, |
| 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c |
| }; |
| |
| const byte ctrIv[] = |
| { |
| 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7, |
| 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff |
| }; |
| |
| |
| const byte ctrPlain[] = |
| { |
| 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, |
| 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a, |
| 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c, |
| 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51, |
| 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11, |
| 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef, |
| 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17, |
| 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 |
| }; |
| |
| const byte ctrCipher[] = |
| { |
| 0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26, |
| 0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce, |
| 0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff, |
| 0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff, |
| 0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e, |
| 0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab, |
| 0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1, |
| 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee |
| }; |
| |
| const byte oddCipher[] = |
| { |
| 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0, |
| 0xc2 |
| }; |
| |
| wc_AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); |
| /* Ctr only uses encrypt, even on key setup */ |
| wc_AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); |
| |
| wc_AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4); |
| wc_AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4); |
| |
| if (memcmp(plain, ctrPlain, AES_BLOCK_SIZE*4)) |
| return -66; |
| |
| if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4)) |
| return -67; |
| |
| /* let's try with just 9 bytes, non block size test */ |
| wc_AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); |
| /* Ctr only uses encrypt, even on key setup */ |
| wc_AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); |
| |
| wc_AesCtrEncrypt(&enc, cipher, ctrPlain, 9); |
| wc_AesCtrEncrypt(&dec, plain, cipher, 9); |
| |
| if (memcmp(plain, ctrPlain, 9)) |
| return -68; |
| |
| if (memcmp(cipher, ctrCipher, 9)) |
| return -69; |
| |
| /* and an additional 9 bytes to reuse tmp left buffer */ |
| wc_AesCtrEncrypt(&enc, cipher, ctrPlain, 9); |
| wc_AesCtrEncrypt(&dec, plain, cipher, 9); |
| |
| if (memcmp(plain, ctrPlain, 9)) |
| return -70; |
| |
| if (memcmp(cipher, oddCipher, 9)) |
| return -71; |
| } |
| #endif /* WOLFSSL_AES_COUNTER */ |
| |
| #if defined(WOLFSSL_AESNI) && defined(WOLFSSL_AES_DIRECT) |
| { |
| const byte niPlain[] = |
| { |
| 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, |
| 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a |
| }; |
| |
| const byte niCipher[] = |
| { |
| 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, |
| 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 |
| }; |
| |
| const byte niKey[] = |
| { |
| 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, |
| 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, |
| 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, |
| 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 |
| }; |
| |
| XMEMSET(cipher, 0, AES_BLOCK_SIZE); |
| ret = wc_AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); |
| if (ret != 0) |
| return -1003; |
| wc_AesEncryptDirect(&enc, cipher, niPlain); |
| if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0) |
| return -20006; |
| |
| XMEMSET(plain, 0, AES_BLOCK_SIZE); |
| ret = wc_AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); |
| if (ret != 0) |
| return -1004; |
| wc_AesDecryptDirect(&dec, plain, niCipher); |
| if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0) |
| return -20007; |
| } |
| #endif /* WOLFSSL_AESNI && WOLFSSL_AES_DIRECT */ |
| |
| return 0; |
| } |
| |
| #ifdef HAVE_AESGCM |
| int aesgcm_test(void) |
| { |
| Aes enc; |
| |
| /* |
| * This is Test Case 16 from the document Galois/ |
| * Counter Mode of Operation (GCM) by McGrew and |
| * Viega. |
| */ |
| const byte k[] = |
| { |
| 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, |
| 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, |
| 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, |
| 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 |
| }; |
| |
| const byte iv[] = |
| { |
| 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, |
| 0xde, 0xca, 0xf8, 0x88 |
| }; |
| |
| const byte p[] = |
| { |
| 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, |
| 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, |
| 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, |
| 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, |
| 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, |
| 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, |
| 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, |
| 0xba, 0x63, 0x7b, 0x39 |
| }; |
| |
| const byte a[] = |
| { |
| 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, |
| 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, |
| 0xab, 0xad, 0xda, 0xd2 |
| }; |
| |
| const byte c[] = |
| { |
| 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, |
| 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, |
| 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, |
| 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, |
| 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, |
| 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, |
| 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, |
| 0xbc, 0xc9, 0xf6, 0x62 |
| }; |
| |
| const byte t[] = |
| { |
| 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, |
| 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b |
| }; |
| |
| byte t2[sizeof(t)]; |
| byte p2[sizeof(c)]; |
| byte c2[sizeof(p)]; |
| |
| int result; |
| |
| memset(t2, 0, sizeof(t2)); |
| memset(c2, 0, sizeof(c2)); |
| memset(p2, 0, sizeof(p2)); |
| |
| wc_AesGcmSetKey(&enc, k, sizeof(k)); |
| /* AES-GCM encrypt and decrypt both use AES encrypt internally */ |
| wc_AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), |
| t2, sizeof(t2), a, sizeof(a)); |
| if (memcmp(c, c2, sizeof(c2))) |
| return -68; |
| if (memcmp(t, t2, sizeof(t2))) |
| return -69; |
| |
| result = wc_AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), |
| t2, sizeof(t2), a, sizeof(a)); |
| if (result != 0) |
| return -70; |
| if (memcmp(p, p2, sizeof(p2))) |
| return -71; |
| |
| return 0; |
| } |
| |
| int gmac_test(void) |
| { |
| Gmac gmac; |
| |
| const byte k1[] = |
| { |
| 0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01, |
| 0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8 |
| }; |
| const byte iv1[] = |
| { |
| 0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94, |
| 0xe2, 0x8c, 0x8f, 0x16 |
| }; |
| const byte a1[] = |
| { |
| 0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9, |
| 0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, |