summaryrefslogtreecommitdiffstats
path: root/src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c656
1 files changed, 656 insertions, 0 deletions
diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c b/src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c
new file mode 100644
index 00000000..769f5516
--- /dev/null
+++ b/src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c
@@ -0,0 +1,656 @@
+/*****************************************************************************
+ Copyright (c) 2017-2018, Intel Corporation
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of Intel Corporation nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*****************************************************************************/
+
+#include <stdint.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <intel-ipsec-mb.h>
+
+#include "gcm_ctr_vectors_test.h"
+
+
+/*
+ * Test Vector from
+ * https://tools.ietf.org/html/rfc3686
+ *
+ */
+/*
+ Test Vector #1: Encrypting 16 octets using AES-CTR with 128-bit key
+ AES Key : AE 68 52 F8 12 10 67 CC 4B F7 A5 76 55 77 F3 9E
+ AES-CTR IV : 00 00 00 00 00 00 00 00
+ Nonce : 00 00 00 30
+ Plaintext String : 'Single block msg'
+ Plaintext : 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67
+ Counter Block (1): 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01
+ Key Stream (1): B7 60 33 28 DB C2 93 1B 41 0E 16 C8 06 7E 62 DF
+ Ciphertext : E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8
+*/
+static uint8_t K1_CTR[] = {
+ 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC,
+ 0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E,
+};
+static uint8_t IV1_CTR[] = {
+ 0x00, 0x00, 0x00, 0x30, /* nonce */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+static uint8_t P1_CTR[] = {
+ 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
+ 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67,
+};
+static uint8_t C1_CTR[] = {
+ 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79,
+ 0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8,
+};
+static uint8_t T1_CTR[] = { 0 };
+static uint8_t A1_CTR[] = { 0 };
+#define A1_CTR_len 0
+
+/*
+ Test Vector #2: Encrypting 32 octets using AES-CTR with 128-bit key
+ AES Key : 7E 24 06 78 17 FA E0 D7 43 D6 CE 1F 32 53 91 63
+ AES-CTR IV : C0 54 3B 59 DA 48 D9 0B
+ Nonce : 00 6C B6 DB
+ Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
+ : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F
+ Counter Block (1): 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01
+ Key Stream (1): 51 05 A3 05 12 8F 74 DE 71 04 4B E5 82 D7 DD 87
+ Counter Block (2): 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 02
+ Key Stream (2): FB 3F 0C EF 52 CF 41 DF E4 FF 2A C4 8D 5C A0 37
+ Ciphertext : 51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88
+ : EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28
+*/
+static uint8_t K2_CTR[] = {
+ 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7,
+ 0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63,
+};
+static uint8_t IV2_CTR[] = {
+ 0x00, 0x6C, 0xB6, 0xDB, /* nonce */
+ 0xC0, 0x54, 0x3B, 0x59, 0xDA, 0x48, 0xD9, 0x0B,
+};
+static uint8_t P2_CTR[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+};
+static uint8_t C2_CTR[] = {
+ 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9,
+ 0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88,
+ 0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8,
+ 0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28,
+};
+static uint8_t T2_CTR[] = { 0 };
+static uint8_t A2_CTR[] = { 0 };
+#define A2_CTR_len 0
+
+/*
+ Test Vector #3: Encrypting 36 octets using AES-CTR with 128-bit key
+ AES Key : 76 91 BE 03 5E 50 20 A8 AC 6E 61 85 29 F9 A0 DC
+ AES-CTR IV : 27 77 7F 3F 4A 17 86 F0
+ Nonce : 00 E0 01 7B
+ Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
+ : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F
+ : 20 21 22 23
+ Counter Block (1): 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01
+ Key Stream (1): C1 CE 4A AB 9B 2A FB DE C7 4F 58 E2 E3 D6 7C D8
+ Counter Block (2): 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 02
+ Key Stream (2): 55 51 B6 38 CA 78 6E 21 CD 83 46 F1 B2 EE 0E 4C
+ Counter Block (3): 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 03
+ Key Stream (3): 05 93 25 0C 17 55 36 00 A6 3D FE CF 56 23 87 E9
+ Ciphertext : C1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D7
+ : 45 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 53
+ : 25 B2 07 2F
+*/
+static uint8_t K3_CTR[] = {
+ 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
+ 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC,
+};
+static uint8_t IV3_CTR[] = {
+ 0x00, 0xE0, 0x01, 0x7B, /* nonce */
+ 0x27, 0x77, 0x7F, 0x3F, 0x4A, 0x17, 0x86, 0xF0,
+};
+static uint8_t P3_CTR[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+ 0x20, 0x21, 0x22, 0x23,
+};
+static uint8_t C3_CTR[] = {
+ 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9,
+ 0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7,
+ 0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36,
+ 0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53,
+ 0x25, 0xB2, 0x07, 0x2F,
+};
+static uint8_t T3_CTR[] = { 0 };
+static uint8_t A3_CTR[] = { 0 };
+#define A3_CTR_len 0
+
+/*
+ Test Vector #4: Encrypting 16 octets using AES-CTR with 192-bit key
+ AES Key : 16 AF 5B 14 5F C9 F5 79 C1 75 F9 3E 3B FB 0E ED
+ : 86 3D 06 CC FD B7 85 15
+ AES-CTR IV : 36 73 3C 14 7D 6D 93 CB
+ Nonce : 00 00 00 48
+ Plaintext String : 'Single block msg'
+ Plaintext : 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67
+ Counter Block (1): 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01
+ Key Stream (1): 18 3C 56 28 8E 3C E9 AA 22 16 56 CB 23 A6 9A 4F
+ Ciphertext : 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28
+*/
+static uint8_t K4_CTR[] = {
+ 0x16, 0xAF, 0x5B, 0x14, 0x5F, 0xC9, 0xF5, 0x79,
+ 0xC1, 0x75, 0xF9, 0x3E, 0x3B, 0xFB, 0x0E, 0xED,
+ 0x86, 0x3D, 0x06, 0xCC, 0xFD, 0xB7, 0x85, 0x15,
+};
+static uint8_t IV4_CTR[] = {
+ 0x00, 0x00, 0x00, 0x48, /* nonce */
+ 0x36, 0x73, 0x3C, 0x14, 0x7D, 0x6D, 0x93, 0xCB,
+};
+static uint8_t P4_CTR[] = {
+ 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
+ 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67,
+};
+static uint8_t C4_CTR[] = {
+ 0x4B, 0x55, 0x38, 0x4F, 0xE2, 0x59, 0xC9, 0xC8,
+ 0x4E, 0x79, 0x35, 0xA0, 0x03, 0xCB, 0xE9, 0x28,
+};
+static uint8_t T4_CTR[] = { 0 };
+static uint8_t A4_CTR[] = { 0 };
+#define A4_CTR_len 0
+
+/*
+ Test Vector #5: Encrypting 32 octets using AES-CTR with 192-bit key
+ AES Key : 7C 5C B2 40 1B 3D C3 3C 19 E7 34 08 19 E0 F6 9C
+ : 67 8C 3D B8 E6 F6 A9 1A
+ AES-CTR IV : 02 0C 6E AD C2 CB 50 0D
+ Nonce : 00 96 B0 3B
+ Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
+ : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F
+ Counter Block (1): 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01
+ Key Stream (1): 45 33 41 FF 64 9E 25 35 76 D6 A0 F1 7D 3C C3 90
+ Counter Block (2): 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 02
+ Key Stream (2): 94 81 62 0F 4E C1 B1 8B E4 06 FA E4 5E E9 E5 1F
+ Ciphertext : 45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F
+ : 84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00
+*/
+static uint8_t K5_CTR[] = {
+ 0x7C, 0x5C, 0xB2, 0x40, 0x1B, 0x3D, 0xC3, 0x3C,
+ 0x19, 0xE7, 0x34, 0x08, 0x19, 0xE0, 0xF6, 0x9C,
+ 0x67, 0x8C, 0x3D, 0xB8, 0xE6, 0xF6, 0xA9, 0x1A,
+};
+static uint8_t IV5_CTR[] = {
+ 0x00, 0x96, 0xB0, 0x3B, /* nonce */
+ 0x02, 0x0C, 0x6E, 0xAD, 0xC2, 0xCB, 0x50, 0x0D,
+};
+static uint8_t P5_CTR[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+};
+static uint8_t C5_CTR[] = {
+ 0x45, 0x32, 0x43, 0xFC, 0x60, 0x9B, 0x23, 0x32,
+ 0x7E, 0xDF, 0xAA, 0xFA, 0x71, 0x31, 0xCD, 0x9F,
+ 0x84, 0x90, 0x70, 0x1C, 0x5A, 0xD4, 0xA7, 0x9C,
+ 0xFC, 0x1F, 0xE0, 0xFF, 0x42, 0xF4, 0xFB, 0x00,
+};
+static uint8_t T5_CTR[] = { 0 };
+static uint8_t A5_CTR[] = { 0 };
+#define A5_CTR_len 0
+
+/*
+ Test Vector #6: Encrypting 36 octets using AES-CTR with 192-bit key
+ AES Key : 02 BF 39 1E E8 EC B1 59 B9 59 61 7B 09 65 27 9B
+ : F5 9B 60 A7 86 D3 E0 FE
+ AES-CTR IV : 5C BD 60 27 8D CC 09 12
+ Nonce : 00 07 BD FD
+ Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
+ : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F
+ : 20 21 22 23
+ Counter Block (1): 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01
+ Key Stream (1): 96 88 3D C6 5A 59 74 28 5C 02 77 DA D1 FA E9 57
+ Counter Block (2): 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 02
+ Key Stream (2): C2 99 AE 86 D2 84 73 9F 5D 2F D2 0A 7A 32 3F 97
+ Counter Block (3): 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 03
+ Key Stream (3): 8B CF 2B 16 39 99 B2 26 15 B4 9C D4 FE 57 39 98
+ Ciphertext : 96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58
+ : D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88
+ : AB EE 09 35
+*/
+static uint8_t K6_CTR[] = {
+ 0x02, 0xBF, 0x39, 0x1E, 0xE8, 0xEC, 0xB1, 0x59,
+ 0xB9, 0x59, 0x61, 0x7B, 0x09, 0x65, 0x27, 0x9B,
+ 0xF5, 0x9B, 0x60, 0xA7, 0x86, 0xD3, 0xE0, 0xFE,
+};
+static uint8_t IV6_CTR[] = {
+ 0x00, 0x07, 0xBD, 0xFD, /* nonce */
+ 0x5C, 0xBD, 0x60, 0x27, 0x8D, 0xCC, 0x09, 0x12,
+};
+static uint8_t P6_CTR[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+ 0x20, 0x21, 0x22, 0x23,
+};
+static uint8_t C6_CTR[] = {
+ 0x96, 0x89, 0x3F, 0xC5, 0x5E, 0x5C, 0x72, 0x2F,
+ 0x54, 0x0B, 0x7D, 0xD1, 0xDD, 0xF7, 0xE7, 0x58,
+ 0xD2, 0x88, 0xBC, 0x95, 0xC6, 0x91, 0x65, 0x88,
+ 0x45, 0x36, 0xC8, 0x11, 0x66, 0x2F, 0x21, 0x88,
+ 0xAB, 0xEE, 0x09, 0x35,
+};
+static uint8_t T6_CTR[] = { 0 };
+static uint8_t A6_CTR[] = { 0 };
+#define A6_CTR_len 0
+
+/*
+ Test Vector #7: Encrypting 16 octets using AES-CTR with 256-bit key
+ AES Key : 77 6B EF F2 85 1D B0 6F 4C 8A 05 42 C8 69 6F 6C
+ : 6A 81 AF 1E EC 96 B4 D3 7F C1 D6 89 E6 C1 C1 04
+ AES-CTR IV : DB 56 72 C9 7A A8 F0 B2
+ Nonce : 00 00 00 60
+ Plaintext String : 'Single block msg'
+ Plaintext : 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67
+ Counter Block (1): 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01
+ Key Stream (1): 47 33 BE 7A D3 E7 6E A5 3A 67 00 B7 51 8E 93 A7
+ Ciphertext : 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0
+*/
+static uint8_t K7_CTR[] = {
+ 0x77, 0x6B, 0xEF, 0xF2, 0x85, 0x1D, 0xB0, 0x6F,
+ 0x4C, 0x8A, 0x05, 0x42, 0xC8, 0x69, 0x6F, 0x6C,
+ 0x6A, 0x81, 0xAF, 0x1E, 0xEC, 0x96, 0xB4, 0xD3,
+ 0x7F, 0xC1, 0xD6, 0x89, 0xE6, 0xC1, 0xC1, 0x04,
+};
+static uint8_t IV7_CTR[] = {
+ 0x00, 0x00, 0x00, 0x60, /* nonce */
+ 0xDB, 0x56, 0x72, 0xC9, 0x7A, 0xA8, 0xF0, 0xB2,
+};
+static uint8_t P7_CTR[] = {
+ 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
+ 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67,
+};
+static uint8_t C7_CTR[] = {
+ 0x14, 0x5A, 0xD0, 0x1D, 0xBF, 0x82, 0x4E, 0xC7,
+ 0x56, 0x08, 0x63, 0xDC, 0x71, 0xE3, 0xE0, 0xC0,
+};
+static uint8_t T7_CTR[] = { 0 };
+static uint8_t A7_CTR[] = { 0 };
+#define A7_CTR_len 0
+
+/*
+ Test Vector #8: Encrypting 32 octets using AES-CTR with 256-bit key
+ AES Key : F6 D6 6D 6B D5 2D 59 BB 07 96 36 58 79 EF F8 86
+ : C6 6D D5 1A 5B 6A 99 74 4B 50 59 0C 87 A2 38 84
+ AES-CTR IV : C1 58 5E F1 5A 43 D8 75
+ Nonce : 00 FA AC 24
+ Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
+ : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F
+ Counter block (1): 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01
+ Key stream (1): F0 5F 21 18 3C 91 67 2B 41 E7 0A 00 8C 43 BC A6
+ Counter block (2): 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 02
+ Key stream (2): A8 21 79 43 9B 96 8B 7D 4D 29 99 06 8F 59 B1 03
+ Ciphertext : F0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9
+ : B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C
+*/
+static uint8_t K8_CTR[] = {
+ 0xF6, 0xD6, 0x6D, 0x6B, 0xD5, 0x2D, 0x59, 0xBB,
+ 0x07, 0x96, 0x36, 0x58, 0x79, 0xEF, 0xF8, 0x86,
+ 0xC6, 0x6D, 0xD5, 0x1A, 0x5B, 0x6A, 0x99, 0x74,
+ 0x4B, 0x50, 0x59, 0x0C, 0x87, 0xA2, 0x38, 0x84,
+};
+static uint8_t IV8_CTR[] = {
+ 0x00, 0xFA, 0xAC, 0x24, /* nonce */
+ 0xC1, 0x58, 0x5E, 0xF1, 0x5A, 0x43, 0xD8, 0x75,
+};
+static uint8_t P8_CTR[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+};
+static uint8_t C8_CTR[] = {
+ 0xF0, 0x5E, 0x23, 0x1B, 0x38, 0x94, 0x61, 0x2C,
+ 0x49, 0xEE, 0x00, 0x0B, 0x80, 0x4E, 0xB2, 0xA9,
+ 0xB8, 0x30, 0x6B, 0x50, 0x8F, 0x83, 0x9D, 0x6A,
+ 0x55, 0x30, 0x83, 0x1D, 0x93, 0x44, 0xAF, 0x1C,
+};
+static uint8_t T8_CTR[] = { 0 };
+static uint8_t A8_CTR[] = { 0 };
+#define A8_CTR_len 0
+
+/*
+ Test Vector #9: Encrypting 36 octets using AES-CTR with 256-bit key
+ AES Key : FF 7A 61 7C E6 91 48 E4 F1 72 6E 2F 43 58 1D E2
+ : AA 62 D9 F8 05 53 2E DF F1 EE D6 87 FB 54 15 3D
+ AES-CTR IV : 51 A5 1D 70 A1 C1 11 48
+ Nonce : 00 1C C5 B7
+ Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
+ : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F
+ : 20 21 22 23
+ Counter block (1): 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01
+ Key stream (1): EB 6D 50 81 19 0E BD F0 C6 7C 9E 4D 26 C7 41 A5
+ Counter block (2): 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 02
+ Key stream (2): A4 16 CD 95 71 7C EB 10 EC 95 DA AE 9F CB 19 00
+ Counter block (3): 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 03
+ Key stream (3): 3E E1 C4 9B C6 B9 CA 21 3F 6E E2 71 D0 A9 33 39
+ Ciphertext : EB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AA
+ : B4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F
+ : 1E C0 E6 B8
+*/
+static uint8_t K9_CTR[] = {
+ 0xFF, 0x7A, 0x61, 0x7C, 0xE6, 0x91, 0x48, 0xE4,
+ 0xF1, 0x72, 0x6E, 0x2F, 0x43, 0x58, 0x1D, 0xE2,
+ 0xAA, 0x62, 0xD9, 0xF8, 0x05, 0x53, 0x2E, 0xDF,
+ 0xF1, 0xEE, 0xD6, 0x87, 0xFB, 0x54, 0x15, 0x3D,
+};
+static uint8_t IV9_CTR[] = {
+ 0x00, 0x1C, 0xC5, 0xB7, /* nonce */
+ 0x51, 0xA5, 0x1D, 0x70, 0xA1, 0xC1, 0x11, 0x48,
+};
+static uint8_t P9_CTR[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+ 0x20, 0x21, 0x22, 0x23,
+};
+static uint8_t C9_CTR[] = {
+ 0xEB, 0x6C, 0x52, 0x82, 0x1D, 0x0B, 0xBB, 0xF7,
+ 0xCE, 0x75, 0x94, 0x46, 0x2A, 0xCA, 0x4F, 0xAA,
+ 0xB4, 0x07, 0xDF, 0x86, 0x65, 0x69, 0xFD, 0x07,
+ 0xF4, 0x8C, 0xC0, 0xB5, 0x83, 0xD6, 0x07, 0x1F,
+ 0x1E, 0xC0, 0xE6, 0xB8,
+};
+static uint8_t T9_CTR[] = { 0 };
+static uint8_t A9_CTR[] = { 0 };
+#define A9_CTR_len 0
+
+static const struct gcm_ctr_vector ctr_vectors[] = {
+ /*
+ * field order {K, Klen, IV, IVlen, A, Alen, P, Plen, C, T, Tlen};
+ * original vector does not have a valid sub hash key
+ */
+ vector(1_CTR),
+ vector(2_CTR),
+ vector(3_CTR),
+ vector(4_CTR),
+ vector(5_CTR),
+ vector(6_CTR),
+ vector(7_CTR),
+ vector(8_CTR),
+ vector(9_CTR),
+};
+
+#ifdef _WIN32
+#define snprintf _snprintf
+#endif
+
+static void
+hexdump(FILE *fp,
+ const char *msg,
+ const void *p,
+ size_t len)
+{
+ unsigned int i, out, ofs;
+ const unsigned char *data = p;
+
+ fprintf(fp, "%s\n", msg);
+
+ ofs = 0;
+ while (ofs < len) {
+ char line[120];
+
+ out = snprintf(line, sizeof(line), "%08x:", ofs);
+ for (i = 0; ((ofs + i) < len) && (i < 16); i++)
+ out += snprintf(line + out, sizeof(line) - out,
+ " %02x", (data[ofs + i] & 0xff));
+ for (; i <= 16; i++)
+ out += snprintf(line + out, sizeof(line) - out, " | ");
+ for (i = 0; (ofs < len) && (i < 16); i++, ofs++) {
+ unsigned char c = data[ofs];
+
+ if ((c < ' ') || (c > '~'))
+ c = '.';
+ out += snprintf(line + out,
+ sizeof(line) - out, "%c", c);
+ }
+ fprintf(fp, "%s\n", line);
+ }
+}
+
+
+static int
+test_ctr(struct MB_MGR *mb_mgr,
+ const void *expkey,
+ unsigned key_len,
+ const void *iv,
+ unsigned iv_len,
+ const uint8_t *in_text,
+ const uint8_t *out_text,
+ unsigned text_len,
+ int dir,
+ int order)
+{
+ struct JOB_AES_HMAC *job;
+ uint8_t padding[16];
+ uint8_t *target = malloc(text_len + (sizeof(padding) * 2));
+ int ret = -1;
+
+ if (target == NULL) {
+ fprintf(stderr, "Can't allocate buffer memory\n");
+ goto end;
+ }
+
+ memset(target, -1, text_len + (sizeof(padding) * 2));
+ memset(padding, -1, sizeof(padding));
+
+ while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL)
+ ;
+
+ job = IMB_GET_NEXT_JOB(mb_mgr);
+ job->cipher_direction = dir;
+ job->chain_order = order;
+ job->dst = target + 16;
+ job->src = in_text;
+ job->cipher_mode = CNTR;
+ job->aes_enc_key_expanded = expkey;
+ job->aes_dec_key_expanded = expkey;
+ job->aes_key_len_in_bytes = key_len;
+ job->iv = iv;
+ job->iv_len_in_bytes = iv_len;
+ job->cipher_start_src_offset_in_bytes = 0;
+ job->msg_len_to_cipher_in_bytes = text_len;
+
+ job->hash_alg = NULL_HASH;
+
+ job = IMB_SUBMIT_JOB(mb_mgr);
+ if (job) {
+ printf("%d Unexpected return from submit_job\n", __LINE__);
+ goto end;
+ }
+ job = IMB_FLUSH_JOB(mb_mgr);
+ if (!job) {
+ printf("%d Unexpected null return from flush_job\n", __LINE__);
+ goto end;
+ }
+ if (job->status != STS_COMPLETED) {
+ printf("%d Error status:%d", __LINE__, job->status);
+ goto end;
+ }
+ if (memcmp(out_text, target + 16, text_len)) {
+ printf("mismatched\n");
+ hexdump(stderr, "Target", target, text_len + 32);
+ goto end;
+ }
+ if (memcmp(padding, target, sizeof(padding))) {
+ printf("overwrite head\n");
+ hexdump(stderr, "Target", target, text_len + 32);
+ goto end;
+ }
+ if (memcmp(padding, target + sizeof(padding) + text_len,
+ sizeof(padding))) {
+ printf("overwrite tail\n");
+ hexdump(stderr, "Target", target, text_len + 32);
+ goto end;
+ }
+ ret = 0;
+ while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL)
+ ;
+ end:
+ if (target != NULL)
+ free(target);
+ return ret;
+}
+
+static int
+test_ctr_std_vectors(struct MB_MGR *mb_mgr)
+{
+ int const vectors_cnt = sizeof(ctr_vectors) / sizeof(ctr_vectors[0]);
+ int vect;
+ int errors = 0;
+ DECLARE_ALIGNED(uint32_t expkey[4*15], 16);
+ DECLARE_ALIGNED(uint32_t dust[4*15], 16);
+
+ printf("AES-CTR standard test vectors:\n");
+ for (vect = 0; vect < vectors_cnt; vect++) {
+#ifdef DEBUG
+ printf("Standard vector %d/%d Keylen:%d IVlen:%d PTLen:%d "
+ "AADlen:%d Tlen:%d\n",
+ vect, vectors_cnt - 1,
+ (int) ctr_vectors[vect].Klen,
+ (int) ctr_vectors[vect].IVlen,
+ (int) ctr_vectors[vect].Plen,
+ (int) ctr_vectors[vect].Alen,
+ (int) ctr_vectors[vect].Tlen);
+#else
+ printf(".");
+#endif
+
+
+ switch (ctr_vectors[vect].Klen) {
+ case BITS_128:
+ IMB_AES_KEYEXP_128(mb_mgr, ctr_vectors[vect].K,
+ expkey, dust);
+ break;
+ case BITS_192:
+ IMB_AES_KEYEXP_192(mb_mgr, ctr_vectors[vect].K,
+ expkey, dust);
+ break;
+ case BITS_256:
+ IMB_AES_KEYEXP_256(mb_mgr, ctr_vectors[vect].K,
+ expkey, dust);
+ break;
+ default:
+ return -1;
+ }
+
+ if (test_ctr(mb_mgr,
+ expkey, ctr_vectors[vect].Klen,
+ ctr_vectors[vect].IV,
+ (unsigned) ctr_vectors[vect].IVlen,
+ ctr_vectors[vect].P, ctr_vectors[vect].C,
+ (unsigned) ctr_vectors[vect].Plen,
+ ENCRYPT, CIPHER_HASH)) {
+ printf("error #%d encrypt\n", vect + 1);
+ errors++;
+ }
+
+ if (test_ctr(mb_mgr,
+ expkey, ctr_vectors[vect].Klen,
+ ctr_vectors[vect].IV,
+ (unsigned) ctr_vectors[vect].IVlen,
+ ctr_vectors[vect].C, ctr_vectors[vect].P,
+ (unsigned) ctr_vectors[vect].Plen,
+ DECRYPT, HASH_CIPHER)) {
+ printf("error #%d decrypt\n", vect + 1);
+ errors++;
+ }
+
+ if (ctr_vectors[vect].IVlen == 12) {
+ /* IV in the table didn't
+ * include block counter (12 bytes).
+ * Let's encrypt & decrypt the same but
+ * with 16 byte IV that includes block counter.
+ */
+ const unsigned new_iv_len = 16;
+ const unsigned orig_iv_len = 12;
+ uint8_t local_iv[16];
+
+ memcpy(local_iv, ctr_vectors[vect].IV, orig_iv_len);
+ /* 32-bit 0x01000000 in LE */
+ local_iv[12] = 0x00;
+ local_iv[13] = 0x00;
+ local_iv[14] = 0x00;
+ local_iv[15] = 0x01;
+
+ if (test_ctr(mb_mgr,
+ expkey, ctr_vectors[vect].Klen,
+ local_iv, new_iv_len,
+ ctr_vectors[vect].P, ctr_vectors[vect].C,
+ (unsigned) ctr_vectors[vect].Plen,
+ ENCRYPT, CIPHER_HASH)) {
+ printf("error #%d encrypt\n", vect + 1);
+ errors++;
+ }
+
+ if (test_ctr(mb_mgr,
+ expkey, ctr_vectors[vect].Klen,
+ local_iv, new_iv_len,
+ ctr_vectors[vect].C, ctr_vectors[vect].P,
+ (unsigned) ctr_vectors[vect].Plen,
+ DECRYPT, HASH_CIPHER)) {
+ printf("error #%d decrypt\n", vect + 1);
+ errors++;
+ }
+ }
+ }
+ printf("\n");
+ return errors;
+}
+
+int
+ctr_test(const enum arch_type arch,
+ struct MB_MGR *mb_mgr)
+{
+ int errors;
+
+ (void) arch; /* unused */
+
+ errors = test_ctr_std_vectors(mb_mgr);
+
+ if (0 == errors)
+ printf("...Pass\n");
+ else
+ printf("...Fail\n");
+
+ return errors;
+}