summaryrefslogtreecommitdiffstats
path: root/lib/isc/tests/aes_test.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/isc/tests/aes_test.c')
-rw-r--r--lib/isc/tests/aes_test.c249
1 files changed, 249 insertions, 0 deletions
diff --git a/lib/isc/tests/aes_test.c b/lib/isc/tests/aes_test.c
new file mode 100644
index 0000000..2990184
--- /dev/null
+++ b/lib/isc/tests/aes_test.c
@@ -0,0 +1,249 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+#if HAVE_CMOCKA
+
+#include <setjmp.h>
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define UNIT_TESTING
+#include <cmocka.h>
+
+#include <isc/aes.h>
+#include <isc/buffer.h>
+#include <isc/hex.h>
+#include <isc/platform.h>
+#include <isc/region.h>
+#include <isc/string.h>
+#include <isc/util.h>
+
+/*
+ * Test data from NIST KAT
+ */
+
+isc_result_t
+tohexstr(unsigned char *d, char *out);
+
+size_t
+fromhexstr(const char *in, unsigned char *d);
+
+unsigned char plaintext[3 * ISC_AES_BLOCK_LENGTH];
+unsigned char ciphertext[ISC_AES_BLOCK_LENGTH];
+char str[2 * ISC_AES_BLOCK_LENGTH + 1];
+unsigned char key[ISC_AES256_KEYLENGTH + 1];
+size_t len;
+
+isc_result_t
+tohexstr(unsigned char *d, char *out) {
+ isc_buffer_t b;
+ isc_region_t r;
+
+ isc_buffer_init(&b, out, 2 * ISC_AES_BLOCK_LENGTH + 1);
+ r.base = d;
+ r.length = ISC_AES_BLOCK_LENGTH;
+ return (isc_hex_totext(&r, 0, "", &b));
+}
+
+size_t
+fromhexstr(const char *in, unsigned char *d) {
+ isc_buffer_t b;
+ isc_result_t ret;
+
+ isc_buffer_init(&b, d, ISC_AES256_KEYLENGTH + 1);
+ ret = isc_hex_decodestring(in, &b);
+ if (ret != ISC_R_SUCCESS) {
+ return (0);
+ }
+ return (isc_buffer_usedlength(&b));
+}
+
+typedef struct aes_testcase {
+ const char *key;
+ const char *input;
+ const char *result;
+} aes_testcase_t;
+
+/* AES 128 test vectors */
+static void
+isc_aes128_test(void **state) {
+ aes_testcase_t testcases[] = { /* Test 1 (KAT ECBVarTxt128 #3) */
+ { "00000000000000000000000000000000",
+ "F0000000000000000000000000000000",
+ "96D9FD5CC4F07441727DF0F33E401A36" },
+ /* Test 2 (KAT ECBVarTxt128 #123) */
+ { "00000000000000000000000000000000",
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0",
+ "F9B0FDA0C4A898F5B9E6F661C4CE4D07" },
+ /* Test 3 (KAT ECBVarKey128 #3) */
+ { "F0000000000000000000000000000000",
+ "00000000000000000000000000000000",
+ "970014D634E2B7650777E8E84D03CCD8" },
+ /* Test 4 (KAT ECBVarKey128 #123) */
+ { "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0",
+ "00000000000000000000000000000000",
+ "41C78C135ED9E98C096640647265DA1E" },
+ /* Test 5 (KAT ECBGFSbox128 #3) */
+ { "00000000000000000000000000000000",
+ "6A118A874519E64E9963798A503F1D35",
+ "DC43BE40BE0E53712F7E2BF5CA707209" },
+ /* Test 6 (KAT ECBKeySbox128 #3) */
+ { "B6364AC4E1DE1E285EAF144A2415F7A0",
+ "00000000000000000000000000000000",
+ "5D9B05578FC944B3CF1CCF0E746CD581" },
+ { NULL, NULL, NULL }
+ };
+
+ aes_testcase_t *testcase = testcases;
+
+ UNUSED(state);
+
+ while (testcase->key != NULL) {
+ len = fromhexstr(testcase->key, key);
+ assert_int_equal(len, ISC_AES128_KEYLENGTH);
+ len = fromhexstr(testcase->input, plaintext);
+ assert_int_equal(len, ISC_AES_BLOCK_LENGTH);
+ isc_aes128_crypt(key, plaintext, ciphertext);
+ assert_int_equal(tohexstr(ciphertext, str), ISC_R_SUCCESS);
+ assert_string_equal(str, testcase->result);
+
+ testcase++;
+ }
+}
+
+/* AES 192 test vectors */
+static void
+isc_aes192_test(void **state) {
+ aes_testcase_t testcases[] = {
+ /* Test 1 (KAT ECBVarTxt192 #3) */
+ { "000000000000000000000000000000000000000000000000",
+ "F0000000000000000000000000000000",
+ "2A560364CE529EFC21788779568D5555" },
+ /* Test 2 (KAT ECBVarTxt192 #123) */
+ { "000000000000000000000000000000000000000000000000",
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0",
+ "2AABB999F43693175AF65C6C612C46FB" },
+ /* Test 3 (KAT ECBVarKey192 #3) */
+ { "F00000000000000000000000000000000000000000000000",
+ "00000000000000000000000000000000",
+ "180B09F267C45145DB2F826C2582D35C" },
+ /* Test 4 (KAT ECBVarKey192 #187) */
+ { "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0",
+ "00000000000000000000000000000000",
+ "EACF1E6C4224EFB38900B185AB1DFD42" },
+ /* Test 5 (KAT ECBGFSbox192 #3) */
+ { "000000000000000000000000000000000000000000000000",
+ "51719783D3185A535BD75ADC65071CE1",
+ "4F354592FF7C8847D2D0870CA9481B7C" },
+ /* Test 6 (KAT ECBKeySbox192 #3) */
+ { "CD62376D5EBB414917F0C78F05266433DC9192A1EC943300",
+ "00000000000000000000000000000000",
+ "7F6C25FF41858561BB62F36492E93C29" },
+ { NULL, NULL, NULL }
+ };
+
+ aes_testcase_t *testcase = testcases;
+
+ UNUSED(state);
+
+ while (testcase->key != NULL) {
+ len = fromhexstr(testcase->key, key);
+ assert_int_equal(len, ISC_AES192_KEYLENGTH);
+ len = fromhexstr(testcase->input, plaintext);
+ assert_int_equal(len, ISC_AES_BLOCK_LENGTH);
+ isc_aes192_crypt(key, plaintext, ciphertext);
+ assert_int_equal(tohexstr(ciphertext, str), ISC_R_SUCCESS);
+ assert_string_equal(str, testcase->result);
+
+ testcase++;
+ }
+}
+
+/* AES 256 test vectors */
+static void
+isc_aes256_test(void **state) {
+ aes_testcase_t testcases[] = { /* Test 1 (KAT ECBVarTxt256 #3) */
+ { "00000000000000000000000000000000"
+ "00000000000000000000000000000000",
+ "F0000000000000000000000000000000",
+ "7F2C5ECE07A98D8BEE13C51177395FF7" },
+ /* Test 2 (KAT ECBVarTxt256 #123) */
+ { "00000000000000000000000000000000"
+ "00000000000000000000000000000000",
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0",
+ "7240E524BC51D8C4D440B1BE55D1062C" },
+ /* Test 3 (KAT ECBVarKey256 #3) */
+ { "F0000000000000000000000000000000"
+ "00000000000000000000000000000000",
+ "00000000000000000000000000000000",
+ "1C777679D50037C79491A94DA76A9A35" },
+ /* Test 4 (KAT ECBVarKey256 #251) */
+ { "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0",
+ "00000000000000000000000000000000",
+ "03720371A04962EAEA0A852E69972858" },
+ /* Test 5 (KAT ECBGFSbox256 #3) */
+ { "00000000000000000000000000000000"
+ "00000000000000000000000000000000",
+ "8A560769D605868AD80D819BDBA03771",
+ "38F2C7AE10612415D27CA190D27DA8B4" },
+ /* Test 6 (KAT ECBKeySbox256 #3) */
+ { "984CA75F4EE8D706F46C2D98C0BF4A45"
+ "F5B00D791C2DFEB191B5ED8E420FD627",
+ "00000000000000000000000000000000",
+ "4307456A9E67813B452E15FA8FFFE398" },
+ { NULL, NULL, NULL }
+ };
+
+ aes_testcase_t *testcase = testcases;
+
+ UNUSED(state);
+
+ while (testcase->key != NULL) {
+ len = fromhexstr(testcase->key, key);
+ assert_int_equal(len, ISC_AES256_KEYLENGTH);
+ len = fromhexstr(testcase->input, plaintext);
+ assert_int_equal(len, ISC_AES_BLOCK_LENGTH);
+ isc_aes256_crypt(key, plaintext, ciphertext);
+ assert_int_equal(tohexstr(ciphertext, str), ISC_R_SUCCESS);
+ assert_string_equal(str, testcase->result);
+
+ testcase++;
+ }
+}
+
+int
+main(void) {
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test(isc_aes128_test),
+ cmocka_unit_test(isc_aes192_test),
+ cmocka_unit_test(isc_aes256_test),
+ };
+
+ return (cmocka_run_group_tests(tests, NULL, NULL));
+}
+
+#else /* HAVE_CMOCKA */
+
+#include <stdio.h>
+
+int
+main(void) {
+ printf("1..0 # Skipped: cmocka not available\n");
+ return (SKIPPED_TEST_EXIT_CODE);
+}
+
+#endif /* if HAVE_CMOCKA */