diff options
Diffstat (limited to '')
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/Makefile | 84 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/ccm_test.c | 1858 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/cmac_test.c | 382 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c | 656 | ||||
-rwxr-xr-x | src/spdk/intel-ipsec-mb/LibTestApp/customop_test.c | 308 | ||||
-rwxr-xr-x | src/spdk/intel-ipsec-mb/LibTestApp/customop_test.h | 34 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/des_test.c | 488 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/do_test.h | 278 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/gcm_ctr_vectors_test.h | 74 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/gcm_test.c | 1461 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/gcm_vectors.h | 38 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/main.c | 147 | ||||
-rw-r--r-- | src/spdk/intel-ipsec-mb/LibTestApp/win_x64.mak | 87 |
13 files changed, 5895 insertions, 0 deletions
diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/Makefile b/src/spdk/intel-ipsec-mb/LibTestApp/Makefile new file mode 100644 index 00000000..1fd3beed --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/Makefile @@ -0,0 +1,84 @@ +# +# Copyright (c) 2012-2018, Intel Corporation +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of Intel Corporation nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +APP := ipsec_MB_testapp +INSTPATH ?= /usr/include/intel-ipsec-mb.h + +CFLAGS = -g -DLINUX -D_GNU_SOURCE \ + -W -Wall -Wextra -Wmissing-declarations -Wpointer-arith \ + -Wcast-qual -Wundef -Wwrite-strings \ + -Wformat -Wformat-security \ + -Wunreachable-code -Wmissing-noreturn -Wsign-compare -Wno-endif-labels \ + -Wstrict-prototypes -Wmissing-prototypes -Wold-style-definition + +LDFLAGS = -fPIE -z noexecstack -z relro -z now +LDLIBS = -lIPSec_MB + +ifeq ("$(shell test -r $(INSTPATH) && echo -n yes)","yes") +# library installed +CFLAGS += +else +# library not installed +CFLAGS += -I../include -I../ +LDFLAGS += -L../ +endif + +ifeq ($(DEBUG),y) +CFLAGS += -O0 -DDEBUG +LDFLAGS += -g +else +CFLAGS += -O3 +endif + +SOURCES := main.c gcm_test.c ctr_test.c customop_test.c des_test.c ccm_test.c cmac_test.c +OBJECTS := $(SOURCES:%.c=%.o) + +all: $(APP) + +$(APP): $(OBJECTS) + $(CC) $(LDFLAGS) $^ $(LDLIBS) -o $@ + +main.o: main.c do_test.h +gcm_test.o: gcm_test.c gcm_ctr_vectors_test.h +ctr_test.o: ctr_test.c gcm_ctr_vectors_test.h +des_test.o: des_test.c +ccm_test.o: ccm_test.c +cmac_test.o: cmac_test.c +customop_test.o: customop_test.c customop_test.h + +.PHONY: clean +clean: + -rm -f $(OBJECTS) $(APP) + +SOURCES_STYLE := $(foreach infile,$(SOURCES),-f $(infile)) +CHECKPATCH?=checkpatch.pl +.PHONY: style +style: + $(CHECKPATCH) --no-tree --no-signoff --emacs --no-color \ +--ignore CODE_INDENT,INITIALISED_STATIC,LEADING_SPACE,SPLIT_STRING,\ +UNSPECIFIED_INT,ARRAY_SIZE,BLOCK_COMMENT_STYLE,GLOBAL_INITIALISERS,\ +AVOID_EXTERNS,USE_FUNC,CONSTANT_COMPARISON $(SOURCES_STYLE) diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/ccm_test.c b/src/spdk/intel-ipsec-mb/LibTestApp/ccm_test.c new file mode 100644 index 00000000..b8633424 --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/ccm_test.c @@ -0,0 +1,1858 @@ +/***************************************************************************** + Copyright (c) 2017-2018, Intel Corporation + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of Intel Corporation nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*****************************************************************************/ + +#include <stdint.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +#include <intel-ipsec-mb.h> +#include "gcm_ctr_vectors_test.h" + +int ccm_test(const enum arch_type arch, struct MB_MGR *mb_mgr); + +/* + * Test vectors from https://tools.ietf.org/html/rfc3610 + */ + +/* + * =============== Packet Vector #1 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 03 02 01 00 A0 A1 A2 A3 A4 A5 + * Total packet length = 31. [Input with 8 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E + * CBC IV in: 59 00 00 00 03 02 01 00 A0 A1 A2 A3 A4 A5 00 17 + * CBC IV out:EB 9D 55 47 73 09 55 AB 23 1E 0A 2D FE 4B 90 D6 + * After xor: EB 95 55 46 71 0A 51 AE 25 19 0A 2D FE 4B 90 D6 [hdr] + * After AES: CD B6 41 1E 3C DC 9B 4F 5D 92 58 B6 9E E7 F0 91 + * After xor: C5 BF 4B 15 30 D1 95 40 4D 83 4A A5 8A F2 E6 86 [msg] + * After AES: 9C 38 40 5E A0 3C 1B C9 04 B5 8B 40 C7 6C A2 EB + * After xor: 84 21 5A 45 BC 21 05 C9 04 B5 8B 40 C7 6C A2 EB [msg] + * After AES: 2D C6 97 E4 11 CA 83 A8 60 C2 C4 06 CC AA 54 2F + * CBC-MAC : 2D C6 97 E4 11 CA 83 A8 + * CTR Start: 01 00 00 00 03 02 01 00 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 50 85 9D 91 6D CB 6D DD E0 77 C2 D1 D4 EC 9F 97 + * CTR[0002]: 75 46 71 7A C6 DE 9A FF 64 0C 9C 06 DE 6D 0D 8F + * CTR[MAC ]: 3A 2E 46 C8 EC 33 A5 48 + * Total packet length = 39. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 58 8C 97 9A 61 C6 63 D2 + * F0 66 D0 C2 C0 F9 89 80 6D 5F 6B 61 DA C3 84 17 + * E8 D1 2C FD F9 26 E0 + */ +static const uint8_t keys_01[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_01[] = { + 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_01[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E +}; +static const uint8_t packet_out_01[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x58, 0x8C, 0x97, 0x9A, 0x61, 0xC6, 0x63, 0xD2, + 0xF0, 0x66, 0xD0, 0xC2, 0xC0, 0xF9, 0x89, 0x80, + 0x6D, 0x5F, 0x6B, 0x61, 0xDA, 0xC3, 0x84, 0x17, + 0xE8, 0xD1, 0x2C, 0xFD, 0xF9, 0x26, 0xE0 +}; +#define clear_len_01 8 +#define auth_len_01 8 + +/* + * =============== Packet Vector #2 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 04 03 02 01 A0 A1 A2 A3 A4 A5 + * Total packet length = 32. [Input with 8 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + * CBC IV in: 59 00 00 00 04 03 02 01 A0 A1 A2 A3 A4 A5 00 18 + * CBC IV out:F0 C2 54 D3 CA 03 E2 39 70 BD 24 A8 4C 39 9E 77 + * After xor: F0 CA 54 D2 C8 00 E6 3C 76 BA 24 A8 4C 39 9E 77 [hdr] + * After AES: 48 DE 8B 86 28 EA 4A 40 00 AA 42 C2 95 BF 4A 8C + * After xor: 40 D7 81 8D 24 E7 44 4F 10 BB 50 D1 81 AA 5C 9B [msg] + * After AES: 0F 89 FF BC A6 2B C2 4F 13 21 5F 16 87 96 AA 33 + * After xor: 17 90 E5 A7 BA 36 DC 50 13 21 5F 16 87 96 AA 33 [msg] + * After AES: F7 B9 05 6A 86 92 6C F3 FB 16 3D C4 99 EF AA 11 + * CBC-MAC : F7 B9 05 6A 86 92 6C F3 + * CTR Start: 01 00 00 00 04 03 02 01 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 7A C0 10 3D ED 38 F6 C0 39 0D BA 87 1C 49 91 F4 + * CTR[0002]: D4 0C DE 22 D5 F9 24 24 F7 BE 9A 56 9D A7 9F 51 + * CTR[MAC ]: 57 28 D0 04 96 D2 65 E5 + * Total packet length = 40. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 72 C9 1A 36 E1 35 F8 CF + * 29 1C A8 94 08 5C 87 E3 CC 15 C4 39 C9 E4 3A 3B + * A0 91 D5 6E 10 40 09 16 + */ +static const uint8_t keys_02[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_02[] = { + 0x00, 0x00, 0x00, 0x04, 0x03, 0x02, 0x01, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_02[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F +}; +static const uint8_t packet_out_02[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x72, 0xC9, 0x1A, 0x36, 0xE1, 0x35, 0xF8, 0xCF, + 0x29, 0x1C, 0xA8, 0x94, 0x08, 0x5C, 0x87, 0xE3, + 0xCC, 0x15, 0xC4, 0x39, 0xC9, 0xE4, 0x3A, 0x3B, + 0xA0, 0x91, 0xD5, 0x6E, 0x10, 0x40, 0x09, 0x16 +}; +#define clear_len_02 8 +#define auth_len_02 8 + +/* + * =============== Packet Vector #3 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 05 04 03 02 A0 A1 A2 A3 A4 A5 + * Total packet length = 33. [Input with 8 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + * 20 + * CBC IV in: 59 00 00 00 05 04 03 02 A0 A1 A2 A3 A4 A5 00 19 + * CBC IV out:6F 8A 12 F7 BF 8D 4D C5 A1 19 6E 95 DF F0 B4 27 + * After xor: 6F 82 12 F6 BD 8E 49 C0 A7 1E 6E 95 DF F0 B4 27 [hdr] + * After AES: 37 E9 B7 8C C2 20 17 E7 33 80 43 0C BE F4 28 24 + * After xor: 3F E0 BD 87 CE 2D 19 E8 23 91 51 1F AA E1 3E 33 [msg] + * After AES: 90 CA 05 13 9F 4D 4E CF 22 6F E9 81 C5 9E 2D 40 + * After xor: 88 D3 1F 08 83 50 50 D0 02 6F E9 81 C5 9E 2D 40 [msg] + * After AES: 73 B4 67 75 C0 26 DE AA 41 03 97 D6 70 FE 5F B0 + * CBC-MAC : 73 B4 67 75 C0 26 DE AA + * CTR Start: 01 00 00 00 05 04 03 02 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 59 B8 EF FF 46 14 73 12 B4 7A 1D 9D 39 3D 3C FF + * CTR[0002]: 69 F1 22 A0 78 C7 9B 89 77 89 4C 99 97 5C 23 78 + * CTR[MAC ]: 39 6E C0 1A 7D B9 6E 6F + * Total packet length = 41. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 51 B1 E5 F4 4A 19 7D 1D + * A4 6B 0F 8E 2D 28 2A E8 71 E8 38 BB 64 DA 85 96 + * 57 4A DA A7 6F BD 9F B0 C5 + */ +static const uint8_t keys_03[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_03[] = { + 0x00, 0x00, 0x00, 0x05, 0x04, 0x03, 0x02, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_03[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20 +}; +static const uint8_t packet_out_03[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x51, 0xB1, 0xE5, 0xF4, 0x4A, 0x19, 0x7D, 0x1D, + 0xA4, 0x6B, 0x0F, 0x8E, 0x2D, 0x28, 0x2A, 0xE8, + 0x71, 0xE8, 0x38, 0xBB, 0x64, 0xDA, 0x85, 0x96, + 0x57, 0x4A, 0xDA, 0xA7, 0x6F, 0xBD, 0x9F, 0xB0, + 0xC5 +}; +#define clear_len_03 8 +#define auth_len_03 8 + +/* + * =============== Packet Vector #4 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 06 05 04 03 A0 A1 A2 A3 A4 A5 + * Total packet length = 31. [Input with 12 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E + * CBC IV in: 59 00 00 00 06 05 04 03 A0 A1 A2 A3 A4 A5 00 13 + * CBC IV out:06 65 2C 60 0E F5 89 63 CA C3 25 A9 CD 3E 2B E1 + * After xor: 06 69 2C 61 0C F6 8D 66 CC C4 2D A0 C7 35 2B E1 [hdr] + * After AES: A0 75 09 AC 15 C2 58 86 04 2F 80 60 54 FE A6 86 + * After xor: AC 78 07 A3 05 D3 4A 95 10 3A 96 77 4C E7 BC 9D [msg] + * After AES: 64 4C 09 90 D9 1B 83 E9 AB 4B 8E ED 06 6F F5 BF + * After xor: 78 51 17 90 D9 1B 83 E9 AB 4B 8E ED 06 6F F5 BF [msg] + * After AES: 4B 4F 4B 39 B5 93 E6 BF B0 B2 C2 B7 0F 29 CD 7A + * CBC-MAC : 4B 4F 4B 39 B5 93 E6 BF + * CTR Start: 01 00 00 00 06 05 04 03 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: AE 81 66 6A 83 8B 88 6A EE BF 4A 5B 32 84 50 8A + * CTR[0002]: D1 B1 92 06 AC 93 9E 2F B6 DD CE 10 A7 74 FD 8D + * CTR[MAC ]: DD 87 2A 80 7C 75 F8 4E + * Total packet length = 39. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 08 09 0A 0B A2 8C 68 65 + * 93 9A 9A 79 FA AA 5C 4C 2A 9D 4A 91 CD AC 8C 96 + * C8 61 B9 C9 E6 1E F1 + */ +static const uint8_t keys_04[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_04[] = { + 0x00, 0x00, 0x00, 0x06, 0x05, 0x04, 0x03, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_04[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E +}; +static const uint8_t packet_out_04[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0xA2, 0x8C, 0x68, 0x65, + 0x93, 0x9A, 0x9A, 0x79, 0xFA, 0xAA, 0x5C, 0x4C, + 0x2A, 0x9D, 0x4A, 0x91, 0xCD, 0xAC, 0x8C, 0x96, + 0xC8, 0x61, 0xB9, 0xC9, 0xE6, 0x1E, 0xF1 +}; +#define clear_len_04 12 +#define auth_len_04 8 + +/* + * =============== Packet Vector #5 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 07 06 05 04 A0 A1 A2 A3 A4 A5 + * Total packet length = 32. [Input with 12 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + * CBC IV in: 59 00 00 00 07 06 05 04 A0 A1 A2 A3 A4 A5 00 14 + * CBC IV out:00 4C 50 95 45 80 3C 48 51 CD E1 3B 56 C8 9A 85 + * After xor: 00 40 50 94 47 83 38 4D 57 CA E9 32 5C C3 9A 85 [hdr] + * After AES: E2 B8 F7 CE 49 B2 21 72 84 A8 EA 84 FA AD 67 5C + * After xor: EE B5 F9 C1 59 A3 33 61 90 BD FC 93 E2 B4 7D 47 [msg] + * After AES: 3E FB 36 72 25 DB 11 01 D3 C2 2F 0E CA FF 44 F3 + * After xor: 22 E6 28 6D 25 DB 11 01 D3 C2 2F 0E CA FF 44 F3 [msg] + * After AES: 48 B9 E8 82 55 05 4A B5 49 0A 95 F9 34 9B 4B 5E + * CBC-MAC : 48 B9 E8 82 55 05 4A B5 + * CTR Start: 01 00 00 00 07 06 05 04 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: D0 FC F5 74 4D 8F 31 E8 89 5B 05 05 4B 7C 90 C3 + * CTR[0002]: 72 A0 D4 21 9F 0D E1 D4 04 83 BC 2D 3D 0C FC 2A + * CTR[MAC ]: 19 51 D7 85 28 99 67 26 + * Total packet length = 40. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 08 09 0A 0B DC F1 FB 7B + * 5D 9E 23 FB 9D 4E 13 12 53 65 8A D8 6E BD CA 3E + * 51 E8 3F 07 7D 9C 2D 93 + */ +static const uint8_t keys_05[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_05[] = { + 0x00, 0x00, 0x00, 0x07, 0x06, 0x05, 0x04, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_05[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F +}; +static const uint8_t packet_out_05[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0xDC, 0xF1, 0xFB, 0x7B, + 0x5D, 0x9E, 0x23, 0xFB, 0x9D, 0x4E, 0x13, 0x12, + 0x53, 0x65, 0x8A, 0xD8, 0x6E, 0xBD, 0xCA, 0x3E, + 0x51, 0xE8, 0x3F, 0x07, 0x7D, 0x9C, 0x2D, 0x93 +}; +#define clear_len_05 12 +#define auth_len_05 8 + +/* + * =============== Packet Vector #6 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 08 07 06 05 A0 A1 A2 A3 A4 A5 + * Total packet length = 33. [Input with 12 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + * 20 + * CBC IV in: 59 00 00 00 08 07 06 05 A0 A1 A2 A3 A4 A5 00 15 + * CBC IV out:04 72 DA 4C 6F F6 0A 63 06 52 1A 06 04 80 CD E5 + * After xor: 04 7E DA 4D 6D F5 0E 66 00 55 12 0F 0E 8B CD E5 [hdr] + * After AES: 64 4C 36 A5 A2 27 37 62 0B 89 F1 D7 BF F2 73 D4 + * After xor: 68 41 38 AA B2 36 25 71 1F 9C E7 C0 A7 EB 69 CF [msg] + * After AES: 41 E1 19 CD 19 24 CE 77 F1 2F A6 60 C1 6E BB 4E + * After xor: 5D FC 07 D2 39 24 CE 77 F1 2F A6 60 C1 6E BB 4E [msg] + * After AES: A5 27 D8 15 6A C3 59 BF 1C B8 86 E6 2F 29 91 29 + * CBC-MAC : A5 27 D8 15 6A C3 59 BF + * CTR Start: 01 00 00 00 08 07 06 05 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 63 CC BE 1E E0 17 44 98 45 64 B2 3A 8D 24 5C 80 + * CTR[0002]: 39 6D BA A2 A7 D2 CB D4 B5 E1 7C 10 79 45 BB C0 + * CTR[MAC ]: E5 7D DC 56 C6 52 92 2B + * Total packet length = 41. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 6F C1 B0 11 + * F0 06 56 8B 51 71 A4 2D 95 3D 46 9B 25 70 A4 BD + * 87 40 5A 04 43 AC 91 CB 94 + */ +static const uint8_t keys_06[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_06[] = { + 0x00, 0x00, 0x00, 0x08, 0x07, 0x06, 0x05, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_06[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20 +}; +static const uint8_t packet_out_06[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x6F, 0xC1, 0xB0, 0x11, + 0xF0, 0x06, 0x56, 0x8B, 0x51, 0x71, 0xA4, 0x2D, + 0x95, 0x3D, 0x46, 0x9B, 0x25, 0x70, 0xA4, 0xBD, + 0x87, 0x40, 0x5A, 0x04, 0x43, 0xAC, 0x91, 0xCB, + 0x94 +}; +#define clear_len_06 12 +#define auth_len_06 8 + +/* + * =============== Packet Vector #7 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 09 08 07 06 A0 A1 A2 A3 A4 A5 + * Total packet length = 31. [Input with 8 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E + * CBC IV in: 61 00 00 00 09 08 07 06 A0 A1 A2 A3 A4 A5 00 17 + * CBC IV out:60 06 C5 72 DA 23 9C BF A0 5B 0A DE D2 CD A8 1E + * After xor: 60 0E C5 73 D8 20 98 BA A6 5C 0A DE D2 CD A8 1E [hdr] + * After AES: 41 7D E2 AE 94 E2 EA D9 00 FC 44 FC D0 69 52 27 + * After xor: 49 74 E8 A5 98 EF E4 D6 10 ED 56 EF C4 7C 44 30 [msg] + * After AES: 2A 6C 42 CA 49 D7 C7 01 C5 7D 59 FF 87 16 49 0E + * After xor: 32 75 58 D1 55 CA D9 01 C5 7D 59 FF 87 16 49 0E [msg] + * After AES: 89 8B D6 45 4E 27 20 BB D2 7E F3 15 7A 7C 90 B2 + * CBC-MAC : 89 8B D6 45 4E 27 20 BB D2 7E + * CTR Start: 01 00 00 00 09 08 07 06 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 09 3C DB B9 C5 52 4F DA C1 C5 EC D2 91 C4 70 AF + * CTR[0002]: 11 57 83 86 E2 C4 72 B4 8E CC 8A AD AB 77 6F CB + * CTR[MAC ]: 8D 07 80 25 62 B0 8C 00 A6 EE + * Total packet length = 41. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 01 35 D1 B2 C9 5F 41 D5 + * D1 D4 FE C1 85 D1 66 B8 09 4E 99 9D FE D9 6C 04 + * 8C 56 60 2C 97 AC BB 74 90 + */ +static const uint8_t keys_07[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_07[] = { + 0x00, 0x00, 0x00, 0x09, 0x08, 0x07, 0x06, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_07[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E +}; +static const uint8_t packet_out_07[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x01, 0x35, 0xD1, 0xB2, 0xC9, 0x5F, 0x41, 0xD5, + 0xD1, 0xD4, 0xFE, 0xC1, 0x85, 0xD1, 0x66, 0xB8, + 0x09, 0x4E, 0x99, 0x9D, 0xFE, 0xD9, 0x6C, 0x04, + 0x8C, 0x56, 0x60, 0x2C, 0x97, 0xAC, 0xBB, 0x74, + 0x90 +}; +#define clear_len_07 8 +#define auth_len_07 10 + +/* + * =============== Packet Vector #8 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 0A 09 08 07 A0 A1 A2 A3 A4 A5 + * Total packet length = 32. [Input with 8 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + * CBC IV in: 61 00 00 00 0A 09 08 07 A0 A1 A2 A3 A4 A5 00 18 + * CBC IV out:63 A3 FA E4 6C 79 F3 FA 78 38 B8 A2 80 36 B6 0B + * After xor: 63 AB FA E5 6E 7A F7 FF 7E 3F B8 A2 80 36 B6 0B [hdr] + * After AES: 1C 99 1A 3D B7 60 79 27 34 40 79 1F AD 8B 5B 02 + * After xor: 14 90 10 36 BB 6D 77 28 24 51 6B 0C B9 9E 4D 15 [msg] + * After AES: 14 19 E8 E8 CB BE 75 58 E1 E3 BE 4B 6C 9F 82 E3 + * After xor: 0C 00 F2 F3 D7 A3 6B 47 E1 E3 BE 4B 6C 9F 82 E3 [msg] + * After AES: E0 16 E8 1C 7F 7B 8A 38 A5 38 F2 CB 5B B6 C1 F2 + * CBC-MAC : E0 16 E8 1C 7F 7B 8A 38 A5 38 + * CTR Start: 01 00 00 00 0A 09 08 07 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 73 7C 33 91 CC 8E 13 DD E0 AA C5 4B 6D B7 EB 98 + * CTR[0002]: 74 B7 71 77 C5 AA C5 3B 04 A4 F8 70 8E 92 EB 2B + * CTR[MAC ]: 21 6D AC 2F 8B 4F 1C 07 91 8C + * Total packet length = 42. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 7B 75 39 9A C0 83 1D D2 + * F0 BB D7 58 79 A2 FD 8F 6C AE 6B 6C D9 B7 DB 24 + * C1 7B 44 33 F4 34 96 3F 34 B4 + */ +static const uint8_t keys_08[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_08[] = { + 0x00, 0x00, 0x00, 0x0a, 0x09, 0x08, 0x07, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_08[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F +}; +static const uint8_t packet_out_08[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x7B, 0x75, 0x39, 0x9A, 0xC0, 0x83, 0x1D, 0xD2, + 0xF0, 0xBB, 0xD7, 0x58, 0x79, 0xA2, 0xFD, 0x8F, + 0x6C, 0xAE, 0x6B, 0x6C, 0xD9, 0xB7, 0xDB, 0x24, + 0xC1, 0x7B, 0x44, 0x33, 0xF4, 0x34, 0x96, 0x3F, + 0x34, 0xB4 +}; +#define clear_len_08 8 +#define auth_len_08 10 + +/* + * =============== Packet Vector #9 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 0B 0A 09 08 A0 A1 A2 A3 A4 A5 + * Total packet length = 33. [Input with 8 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + * 20 + * CBC IV in: 61 00 00 00 0B 0A 09 08 A0 A1 A2 A3 A4 A5 00 19 + * CBC IV out:4F 2C 86 11 1E 08 2A DD 6B 44 21 3A B5 13 13 16 + * After xor: 4F 24 86 10 1C 0B 2E D8 6D 43 21 3A B5 13 13 16 [hdr] + * After AES: F6 EC 56 87 3C 57 12 DC 9C C5 3C A8 D4 D1 ED 0A + * After xor: FE E5 5C 8C 30 5A 1C D3 8C D4 2E BB C0 C4 FB 1D [msg] + * After AES: 17 C1 80 A5 31 53 D4 C3 03 85 0C 95 65 80 34 52 + * After xor: 0F D8 9A BE 2D 4E CA DC 23 85 0C 95 65 80 34 52 [msg] + * After AES: 46 A1 F6 E2 B1 6E 75 F8 1C F5 6B 1A 80 04 44 1B + * CBC-MAC : 46 A1 F6 E2 B1 6E 75 F8 1C F5 + * CTR Start: 01 00 00 00 0B 0A 09 08 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 8A 5A 10 6B C0 29 9A 55 5B 93 6B 0B 0E A0 DE 5A + * CTR[0002]: EA 05 FD E2 AB 22 5C FE B7 73 12 CB 88 D9 A5 4A + * CTR[MAC ]: AC 3D F1 07 DA 30 C4 86 43 BB + * Total packet length = 43. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 82 53 1A 60 CC 24 94 5A + * 4B 82 79 18 1A B5 C8 4D F2 1C E7 F9 B7 3F 42 E1 + * 97 EA 9C 07 E5 6B 5E B1 7E 5F 4E + */ +static const uint8_t keys_09[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_09[] = { + 0x00, 0x00, 0x00, 0x0b, 0x0a, 0x09, 0x08, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_09[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20 +}; +static const uint8_t packet_out_09[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x82, 0x53, 0x1A, 0x60, 0xCC, 0x24, 0x94, 0x5A, + 0x4B, 0x82, 0x79, 0x18, 0x1A, 0xB5, 0xC8, 0x4D, + 0xF2, 0x1C, 0xE7, 0xF9, 0xB7, 0x3F, 0x42, 0xE1, + 0x97, 0xEA, 0x9C, 0x07, 0xE5, 0x6B, 0x5E, 0xB1, + 0x7E, 0x5F, 0x4E +}; +#define clear_len_09 8 +#define auth_len_09 10 + +/* + * =============== Packet Vector #10 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 0C 0B 0A 09 A0 A1 A2 A3 A4 A5 + * Total packet length = 31. [Input with 12 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E + * CBC IV in: 61 00 00 00 0C 0B 0A 09 A0 A1 A2 A3 A4 A5 00 13 + * CBC IV out:7F B8 0A 32 E9 80 57 46 EC 31 6C 3A B2 A2 EB 5D + * After xor: 7F B4 0A 33 EB 83 53 43 EA 36 64 33 B8 A9 EB 5D [hdr] + * After AES: 7E 96 96 BF F1 56 D6 A8 6E AC F5 7B 7F 23 47 5A + * After xor: 72 9B 98 B0 E1 47 C4 BB 7A B9 E3 6C 67 3A 5D 41 [msg] + * After AES: 8B 4A EE 42 04 24 8A 59 FA CC 88 66 57 66 DD 72 + * After xor: 97 57 F0 42 04 24 8A 59 FA CC 88 66 57 66 DD 72 [msg] + * After AES: 41 63 89 36 62 ED D7 EB CD 6E 15 C1 89 48 62 05 + * CBC-MAC : 41 63 89 36 62 ED D7 EB CD 6E + * CTR Start: 01 00 00 00 0C 0B 0A 09 A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 0B 39 2B 9B 05 66 97 06 3F 12 56 8F 2B 13 A1 0F + * CTR[0002]: 07 89 65 25 23 40 94 3B 9E 69 B2 56 CC 5E F7 31 + * CTR[MAC ]: 17 09 20 76 09 A0 4E 72 45 B3 + * Total packet length = 41. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 07 34 25 94 + * 15 77 85 15 2B 07 40 98 33 0A BB 14 1B 94 7B 56 + * 6A A9 40 6B 4D 99 99 88 DD + */ +static const uint8_t keys_10[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_10[] = { + 0x00, 0x00, 0x00, 0x0c, 0x0b, 0x0a, 0x09, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_10[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E +}; +static const uint8_t packet_out_10[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x07, 0x34, 0x25, 0x94, + 0x15, 0x77, 0x85, 0x15, 0x2B, 0x07, 0x40, 0x98, + 0x33, 0x0A, 0xBB, 0x14, 0x1B, 0x94, 0x7B, 0x56, + 0x6A, 0xA9, 0x40, 0x6B, 0x4D, 0x99, 0x99, 0x88, + 0xDD +}; +#define clear_len_10 12 +#define auth_len_10 10 + +/* + * =============== Packet Vector #11 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 0D 0C 0B 0A A0 A1 A2 A3 A4 A5 + * Total packet length = 32. [Input with 12 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + * CBC IV in: 61 00 00 00 0D 0C 0B 0A A0 A1 A2 A3 A4 A5 00 14 + * CBC IV out:B0 84 85 79 51 D2 FA 42 76 EF 3A D7 14 B9 62 87 + * After xor: B0 88 85 78 53 D1 FE 47 70 E8 32 DE 1E B2 62 87 [hdr] + * After AES: C9 B3 64 7E D8 79 2A 5C 65 B7 CE CC 19 0A 97 0A + * After xor: C5 BE 6A 71 C8 68 38 4F 71 A2 D8 DB 01 13 8D 11 [msg] + * After AES: 34 0F 69 17 FA B9 19 D6 1D AC D0 35 36 D6 55 8B + * After xor: 28 12 77 08 FA B9 19 D6 1D AC D0 35 36 D6 55 8B [msg] + * After AES: 6B 5E 24 34 12 CC C2 AD 6F 1B 11 C3 A1 A9 D8 BC + * CBC-MAC : 6B 5E 24 34 12 CC C2 AD 6F 1B + * CTR Start: 01 00 00 00 0D 0C 0B 0A A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: 6B 66 BC 0C 90 A1 F1 12 FC BE 6F 4E 12 20 77 BC + * CTR[0002]: 97 9E 57 2B BE 65 8A E5 CC 20 11 83 2A 9A 9B 5B + * CTR[MAC ]: 9E 64 86 DD 02 B6 49 C1 6D 37 + * Total packet length = 42. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 67 6B B2 03 + * 80 B0 E3 01 E8 AB 79 59 0A 39 6D A7 8B 83 49 34 + * F5 3A A2 E9 10 7A 8B 6C 02 2C + */ +static const uint8_t keys_11[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_11[] = { + 0x00, 0x00, 0x00, 0x0d, 0x0c, 0x0b, 0x0a, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_11[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F +}; +static const uint8_t packet_out_11[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x67, 0x6B, 0xB2, 0x03, + 0x80, 0xB0, 0xE3, 0x01, 0xE8, 0xAB, 0x79, 0x59, + 0x0A, 0x39, 0x6D, 0xA7, 0x8B, 0x83, 0x49, 0x34, + 0xF5, 0x3A, 0xA2, 0xE9, 0x10, 0x7A, 0x8B, 0x6C, + 0x02, 0x2C +}; +#define clear_len_11 12 +#define auth_len_11 10 + +/* + * =============== Packet Vector #12 ================== + * AES Key = C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF + * Nonce = 00 00 00 0E 0D 0C 0B A0 A1 A2 A3 A4 A5 + * Total packet length = 33. [Input with 12 cleartext header octets] + * 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + * 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + * 20 + * CBC IV in: 61 00 00 00 0E 0D 0C 0B A0 A1 A2 A3 A4 A5 00 15 + * CBC IV out:5F 8E 8D 02 AD 95 7C 5A 36 14 CF 63 40 16 97 4F + * After xor: 5F 82 8D 03 AF 96 78 5F 30 13 C7 6A 4A 1D 97 4F [hdr] + * After AES: 63 FA BD 69 B9 55 65 FF 54 AA F4 60 88 7D EC 9F + * After xor: 6F F7 B3 66 A9 44 77 EC 40 BF E2 77 90 64 F6 84 [msg] + * After AES: 5A 76 5F 0B 93 CE 4F 6A B4 1D 91 30 18 57 6A D7 + * After xor: 46 6B 41 14 B3 CE 4F 6A B4 1D 91 30 18 57 6A D7 [msg] + * After AES: 9D 66 92 41 01 08 D5 B6 A1 45 85 AC AF 86 32 E8 + * CBC-MAC : 9D 66 92 41 01 08 D5 B6 A1 45 + * CTR Start: 01 00 00 00 0E 0D 0C 0B A0 A1 A2 A3 A4 A5 00 01 + * CTR[0001]: CC F2 AE D9 E0 4A C9 74 E6 58 55 B3 2B 94 30 BF + * CTR[0002]: A2 CA AC 11 63 F4 07 E5 E5 F6 E3 B3 79 0F 79 F8 + * CTR[MAC ]: 50 7C 31 57 63 EF 78 D3 77 9E + * Total packet length = 43. [Authenticated and Encrypted Output] + * 00 01 02 03 04 05 06 07 08 09 0A 0B C0 FF A0 D6 + * F0 5B DB 67 F2 4D 43 A4 33 8D 2A A4 BE D7 B2 0E + * 43 CD 1A A3 16 62 E7 AD 65 D6 DB + */ +static const uint8_t keys_12[] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF +}; +static const uint8_t nonce_12[] = { + 0x00, 0x00, 0x00, 0x0e, 0x0d, 0x0c, 0x0b, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 +}; +static const uint8_t packet_in_12[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20 +}; +static const uint8_t packet_out_12[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0xC0, 0xFF, 0xA0, 0xD6, + 0xF0, 0x5B, 0xDB, 0x67, 0xF2, 0x4D, 0x43, 0xA4, + 0x33, 0x8D, 0x2A, 0xA4, 0xBE, 0xD7, 0xB2, 0x0E, + 0x43, 0xCD, 0x1A, 0xA3, 0x16, 0x62, 0xE7, 0xAD, + 0x65, 0xD6, 0xDB +}; +#define clear_len_12 12 +#define auth_len_12 10 + +/* + * =============== Packet Vector #13 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 41 2B 4E A9 CD BE 3C 96 96 76 6C FA + * Total packet length = 31. [Input with 8 cleartext header octets] + * 0B E1 A8 8B AC E0 18 B1 08 E8 CF 97 D8 20 EA 25 + * 84 60 E9 6A D9 CF 52 89 05 4D 89 5C EA C4 7C + * CBC IV in: 59 00 41 2B 4E A9 CD BE 3C 96 96 76 6C FA 00 17 + * CBC IV out:33 AE C3 1A 1F B7 CC 35 E5 DA D2 BA C0 90 D9 A3 + * After xor: 33 A6 C8 FB B7 3C 60 D5 FD 6B D2 BA C0 90 D9 A3 [hdr] + * After AES: B7 56 CA 1E 5B 42 C6 9C 58 E3 0A F5 2B F7 7C FD + * After xor: BF BE 05 89 83 62 2C B9 DC 83 E3 9F F2 38 2E 74 [msg] + * After AES: 33 3D 3A 3D 07 B5 3C 7B 22 0E 96 1A 18 A9 A1 9E + * After xor: 36 70 B3 61 ED 71 40 7B 22 0E 96 1A 18 A9 A1 9E [msg] + * After AES: 14 BD DB 6B F9 01 63 4D FB 56 51 83 BC 74 93 F7 + * CBC-MAC : 14 BD DB 6B F9 01 63 4D + * CTR Start: 01 00 41 2B 4E A9 CD BE 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 44 51 B0 11 7A 84 82 BF 03 19 AE C1 59 5E BD DA + * CTR[0002]: 83 EB 76 E1 3A 44 84 7F 92 20 09 07 76 B8 25 C5 + * CTR[MAC ]: F3 31 2C A0 F5 DC B4 FE + * Total packet length = 39. [Authenticated and Encrypted Output] + * 0B E1 A8 8B AC E0 18 B1 4C B9 7F 86 A2 A4 68 9A + * 87 79 47 AB 80 91 EF 53 86 A6 FF BD D0 80 F8 E7 + * 8C F7 CB 0C DD D7 B3 + */ +static const uint8_t keys_13[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_13[] = { + 0x00, 0x41, 0x2b, 0x4e, 0xa9, 0xcd, 0xbe, 0x3c, + 0x96, 0x96, 0x76, 0x6c, 0xfa +}; +static const uint8_t packet_in_13[] = { + 0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1, + 0x08, 0xE8, 0xCF, 0x97, 0xD8, 0x20, 0xEA, 0x25, + 0x84, 0x60, 0xE9, 0x6A, 0xD9, 0xCF, 0x52, 0x89, + 0x05, 0x4D, 0x89, 0x5C, 0xEA, 0xC4, 0x7C +}; +static const uint8_t packet_out_13[] = { + 0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1, + 0x4C, 0xB9, 0x7F, 0x86, 0xA2, 0xA4, 0x68, 0x9A, + 0x87, 0x79, 0x47, 0xAB, 0x80, 0x91, 0xEF, 0x53, + 0x86, 0xA6, 0xFF, 0xBD, 0xD0, 0x80, 0xF8, 0xE7, + 0x8C, 0xF7, 0xCB, 0x0C, 0xDD, 0xD7, 0xB3 +}; +#define clear_len_13 8 +#define auth_len_13 8 + +/* + * =============== Packet Vector #14 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 33 56 8E F7 B2 63 3C 96 96 76 6C FA + * Total packet length = 32. [Input with 8 cleartext header octets] + * 63 01 8F 76 DC 8A 1B CB 90 20 EA 6F 91 BD D8 5A + * FA 00 39 BA 4B AF F9 BF B7 9C 70 28 94 9C D0 EC + * CBC IV in: 59 00 33 56 8E F7 B2 63 3C 96 96 76 6C FA 00 18 + * CBC IV out:42 0D B1 50 BB 0C 44 DA 83 E4 52 09 55 99 67 E3 + * After xor: 42 05 D2 51 34 7A 98 50 98 2F 52 09 55 99 67 E3 [hdr] + * After AES: EA D1 CA 56 02 02 09 5C E6 12 B0 D2 18 A0 DD 44 + * After xor: 7A F1 20 39 93 BF D1 06 1C 12 89 68 53 0F 24 FB [msg] + * After AES: 51 77 41 69 C3 DE 6B 24 13 27 74 90 F5 FF C5 62 + * After xor: E6 EB 31 41 57 42 BB C8 13 27 C5 62 [msg] + * After AES: D4 CC 3B 82 DF 9F CC 56 7E E5 83 61 D7 8D FB 5E + * CBC-MAC : D4 CC 3B 82 DF 9F CC 56 + * CTR Start: 01 00 33 56 8E F7 B2 63 3C 96 96 76 6C FA 00 01 + * CTR[0001]: DC EB F4 13 38 3C 66 A0 5A 72 55 EF 98 D7 FF AD + * CTR[0002]: 2F 54 2C BA 15 D6 6C DF E1 EC 46 8F 0E 68 A1 24 + * CTR[MAC ]: 11 E2 D3 9F A2 E8 0C DC + * Total packet length = 40. [Authenticated and Encrypted Output] + * 63 01 8F 76 DC 8A 1B CB 4C CB 1E 7C A9 81 BE FA + * A0 72 6C 55 D3 78 06 12 98 C8 5C 92 81 4A BC 33 + * C5 2E E8 1D 7D 77 C0 8A + */ +static const uint8_t keys_14[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_14[] = { + 0x00, 0x33, 0x56, 0x8E, 0xF7, 0xB2, 0x63, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_14[] = { + 0x63, 0x01, 0x8F, 0x76, 0xDC, 0x8A, 0x1B, 0xCB, + 0x90, 0x20, 0xEA, 0x6F, 0x91, 0xBD, 0xD8, 0x5A, + 0xFA, 0x00, 0x39, 0xBA, 0x4B, 0xAF, 0xF9, 0xBF, + 0xB7, 0x9C, 0x70, 0x28, 0x94, 0x9C, 0xD0, 0xEC, +}; +static const uint8_t packet_out_14[] = { + 0x63, 0x01, 0x8F, 0x76, 0xDC, 0x8A, 0x1B, 0xCB, + 0x4C, 0xCB, 0x1E, 0x7C, 0xA9, 0x81, 0xBE, 0xFA, + 0xA0, 0x72, 0x6C, 0x55, 0xD3, 0x78, 0x06, 0x12, + 0x98, 0xC8, 0x5C, 0x92, 0x81, 0x4A, 0xBC, 0x33, + 0xC5, 0x2E, 0xE8, 0x1D, 0x7D, 0x77, 0xC0, 0x8A +}; +#define clear_len_14 8 +#define auth_len_14 8 + +/* + * =============== Packet Vector #15 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 10 3F E4 13 36 71 3C 96 96 76 6C FA + * Total packet length = 33. [Input with 8 cleartext header octets] + * AA 6C FA 36 CA E8 6B 40 B9 16 E0 EA CC 1C 00 D7 + * DC EC 68 EC 0B 3B BB 1A 02 DE 8A 2D 1A A3 46 13 + * 2E + * CBC IV in: 59 00 10 3F E4 13 36 71 3C 96 96 76 6C FA 00 19 + * CBC IV out:B3 26 49 FF D5 9F 56 0F 02 2D 11 E2 62 C5 BE EA + * After xor: B3 2E E3 93 2F A9 9C E7 69 6D 11 E2 62 C5 BE EA [hdr] + * After AES: 82 50 9E E5 B2 FF DB CA 9B D0 2E 20 6B 3F B7 AD + * After xor: 3B 46 7E 0F 7E E3 DB 1D 47 3C 46 CC 60 04 0C B7 [msg] + * After AES: 80 46 0E 4C 08 3A D0 3F B9 A9 13 BE E4 DE 2F 66 + * After xor: 82 98 84 61 12 99 96 2C 97 A9 13 BE E4 DE 2F 66 [msg] + * After AES: 47 29 CB 00 31 F1 81 C1 92 68 4B 89 A4 71 50 E7 + * CBC-MAC : 47 29 CB 00 31 F1 81 C1 + * CTR Start: 01 00 10 3F E4 13 36 71 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 08 C4 DA C8 EC C1 C0 7B 4C E1 F2 4C 37 5A 47 EE + * CTR[0002]: A7 87 2E 6C 6D C4 4E 84 26 02 50 4C 3F A5 73 C5 + * CTR[MAC ]: E0 5F B2 6E EA 83 B4 C7 + * Total packet length = 41. [Authenticated and Encrypted Output] + * AA 6C FA 36 CA E8 6B 40 B1 D2 3A 22 20 DD C0 AC + * 90 0D 9A A0 3C 61 FC F4 A5 59 A4 41 77 67 08 97 + * 08 A7 76 79 6E DB 72 35 06 + */ +static const uint8_t keys_15[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_15[] = { + 0x00, 0x10, 0x3F, 0xE4, 0x13, 0x36, 0x71, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_15[] = { + 0xAA, 0x6C, 0xFA, 0x36, 0xCA, 0xE8, 0x6B, 0x40, + 0xB9, 0x16, 0xE0, 0xEA, 0xCC, 0x1C, 0x00, 0xD7, + 0xDC, 0xEC, 0x68, 0xEC, 0x0B, 0x3B, 0xBB, 0x1A, + 0x02, 0xDE, 0x8A, 0x2D, 0x1A, 0xA3, 0x46, 0x13, + 0x2E +}; +static const uint8_t packet_out_15[] = { + 0xAA, 0x6C, 0xFA, 0x36, 0xCA, 0xE8, 0x6B, 0x40, + 0xB1, 0xD2, 0x3A, 0x22, 0x20, 0xDD, 0xC0, 0xAC, + 0x90, 0x0D, 0x9A, 0xA0, 0x3C, 0x61, 0xFC, 0xF4, + 0xA5, 0x59, 0xA4, 0x41, 0x77, 0x67, 0x08, 0x97, + 0x08, 0xA7, 0x76, 0x79, 0x6E, 0xDB, 0x72, 0x35, + 0x06 +}; +#define clear_len_15 8 +#define auth_len_15 8 + +/* + * =============== Packet Vector #16 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 76 4C 63 B8 05 8E 3C 96 96 76 6C FA + * Total packet length = 31. [Input with 12 cleartext header octets] + * D0 D0 73 5C 53 1E 1B EC F0 49 C2 44 12 DA AC 56 + * 30 EF A5 39 6F 77 0C E1 A6 6B 21 F7 B2 10 1C + * CBC IV in: 59 00 76 4C 63 B8 05 8E 3C 96 96 76 6C FA 00 13 + * CBC IV out:AB DC 4E C9 AA 72 33 97 DF 2D AD 76 33 DE 3B 0D + * After xor: AB D0 9E 19 D9 2E 60 89 C4 C1 5D 3F F1 9A 3B 0D [hdr] + * After AES: 62 86 F6 2F 23 42 63 B0 1C FD 8C 37 40 74 81 EB + * After xor: 70 5C 5A 79 13 AD C6 89 73 8A 80 D6 E6 1F A0 1C [msg] + * After AES: 88 95 84 18 CF 79 CA BE EB C0 0C C4 86 E6 01 F7 + * After xor: 3A 85 98 18 CF 79 CA BE EB C0 0C C4 86 E6 01 F7 [msg] + * After AES: C1 85 92 D9 84 CD 67 80 63 D1 D9 6D C1 DF A1 11 + * CBC-MAC : C1 85 92 D9 84 CD 67 80 + * CTR Start: 01 00 76 4C 63 B8 05 8E 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 06 08 FF 95 A6 94 D5 59 F4 0B B7 9D EF FA 41 DF + * CTR[0002]: 80 55 3A 75 78 38 04 A9 64 8B 68 DD 7F DC DD 7A + * CTR[MAC ]: 5B EA DB 4E DF 07 B9 2F + * Total packet length = 39. [Authenticated and Encrypted Output] + * D0 D0 73 5C 53 1E 1B EC F0 49 C2 44 14 D2 53 C3 + * 96 7B 70 60 9B 7C BB 7C 49 91 60 28 32 45 26 9A + * 6F 49 97 5B CA DE AF + */ +static const uint8_t keys_16[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_16[] = { + 0x00, 0x76, 0x4C, 0x63, 0xB8, 0x05, 0x8E, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_16[] = { + 0xD0, 0xD0, 0x73, 0x5C, 0x53, 0x1E, 0x1B, 0xEC, + 0xF0, 0x49, 0xC2, 0x44, 0x12, 0xDA, 0xAC, 0x56, + 0x30, 0xEF, 0xA5, 0x39, 0x6F, 0x77, 0x0C, 0xE1, + 0xA6, 0x6B, 0x21, 0xF7, 0xB2, 0x10, 0x1C +}; +static const uint8_t packet_out_16[] = { + 0xD0, 0xD0, 0x73, 0x5C, 0x53, 0x1E, 0x1B, 0xEC, + 0xF0, 0x49, 0xC2, 0x44, 0x14, 0xD2, 0x53, 0xC3, + 0x96, 0x7B, 0x70, 0x60, 0x9B, 0x7C, 0xBB, 0x7C, + 0x49, 0x91, 0x60, 0x28, 0x32, 0x45, 0x26, 0x9A, + 0x6F, 0x49, 0x97, 0x5B, 0xCA, 0xDE, 0xAF +}; +#define clear_len_16 12 +#define auth_len_16 8 + +/* + * =============== Packet Vector #17 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 F8 B6 78 09 4E 3B 3C 96 96 76 6C FA + * Total packet length = 32. [Input with 12 cleartext header octets] + * 77 B6 0F 01 1C 03 E1 52 58 99 BC AE E8 8B 6A 46 + * C7 8D 63 E5 2E B8 C5 46 EF B5 DE 6F 75 E9 CC 0D +* CBC IV in: 59 00 F8 B6 78 09 4E 3B 3C 96 96 76 6C FA 00 14 + * CBC IV out:F4 68 FE 5D B1 53 0B 7A 5A A5 FB 27 40 CF 6E 33 + * After xor: F4 64 89 EB BE 52 17 79 BB F7 A3 BE FC 61 6E 33 [hdr] + * After AES: 23 29 0E 0B 33 45 9A 83 32 2D E4 06 86 67 10 04 + * After xor: CB A2 64 4D F4 C8 F9 66 1C 95 21 40 69 D2 CE 6B [msg] + * After AES: 8F BE D4 0F 8B 89 B7 B8 20 D5 5F E0 3C E2 43 11 + * After xor: FA 57 18 02 8B 89 B7 B8 20 D5 5F E0 3C E2 43 11 [msg] + * After AES: 6A DB 15 B6 71 81 B2 E2 2B E3 4A F2 B2 83 E2 29 + * CBC-MAC : 6A DB 15 B6 71 81 B2 E2 + * CTR Start: 01 00 F8 B6 78 09 4E 3B 3C 96 96 76 6C FA 00 01 + * CTR[0001]: BD CE 95 5C CF D3 81 0A 91 EA 77 A6 A4 5B C0 4C + * CTR[0002]: 43 2E F2 32 AE 36 D8 92 22 BF 63 37 E6 B2 6C E8 + * CTR[MAC ]: 1C F7 19 C1 35 7F CC DE + * Total packet length = 40. [Authenticated and Encrypted Output] + * 77 B6 0F 01 1C 03 E1 52 58 99 BC AE 55 45 FF 1A + * 08 5E E2 EF BF 52 B2 E0 4B EE 1E 23 36 C7 3E 3F + * 76 2C 0C 77 44 FE 7E 3C + */ +static const uint8_t keys_17[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_17[] = { + 0x00, 0xF8, 0xB6, 0x78, 0x09, 0x4E, 0x3B, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_17[] = { + 0x77, 0xB6, 0x0F, 0x01, 0x1C, 0x03, 0xE1, 0x52, + 0x58, 0x99, 0xBC, 0xAE, 0xE8, 0x8B, 0x6A, 0x46, + 0xC7, 0x8D, 0x63, 0xE5, 0x2E, 0xB8, 0xC5, 0x46, + 0xEF, 0xB5, 0xDE, 0x6F, 0x75, 0xE9, 0xCC, 0x0D +}; +static const uint8_t packet_out_17[] = { + 0x77, 0xB6, 0x0F, 0x01, 0x1C, 0x03, 0xE1, 0x52, + 0x58, 0x99, 0xBC, 0xAE, 0x55, 0x45, 0xFF, 0x1A, + 0x08, 0x5E, 0xE2, 0xEF, 0xBF, 0x52, 0xB2, 0xE0, + 0x4B, 0xEE, 0x1E, 0x23, 0x36, 0xC7, 0x3E, 0x3F, + 0x76, 0x2C, 0x0C, 0x77, 0x44, 0xFE, 0x7E, 0x3C +}; +#define clear_len_17 12 +#define auth_len_17 8 + +/* + * =============== Packet Vector #18 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 D5 60 91 2D 3F 70 3C 96 96 76 6C FA + * Total packet length = 33. [Input with 12 cleartext header octets] + * CD 90 44 D2 B7 1F DB 81 20 EA 60 C0 64 35 AC BA + * FB 11 A8 2E 2F 07 1D 7C A4 A5 EB D9 3A 80 3B A8 + * 7F + * CBC IV in: 59 00 D5 60 91 2D 3F 70 3C 96 96 76 6C FA 00 15 + * CBC IV out:BA 37 74 54 D7 20 A4 59 25 97 F6 A3 D1 D6 BA 67 + * After xor: BA 3B B9 C4 93 F2 13 46 FE 16 D6 49 B1 16 BA 67 [hdr] + * After AES: 81 6A 20 20 38 D0 A6 30 CB E0 B7 3C 39 BB CE 05 + * After xor: E5 5F 8C 9A C3 C1 0E 1E E4 E7 AA 40 9D 1E 25 DC [msg] + * After AES: 6D 5C 15 FD 85 2D 5C 3C E3 03 3D 85 DA 57 BD AC + * After xor: 57 DC 2E 55 FA 2D 5C 3C E3 03 3D 85 DA 57 BD AC [msg] + * After AES: B0 4A 1C 23 BC 39 B6 51 76 FD 5B FF 9B C1 28 5E + * CBC-MAC : B0 4A 1C 23 BC 39 B6 51 + * CTR Start: 01 00 D5 60 91 2D 3F 70 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 64 A2 C5 56 50 CE E0 4C 7A 93 D8 EE F5 43 E8 8E + * CTR[0002]: 18 E7 65 AC B7 B0 E9 AF 09 2B D0 20 6C A1 C8 3C + * CTR[MAC ]: F7 43 82 79 5C 49 F3 00 + * Total packet length = 41. [Authenticated and Encrypted Output] + * CD 90 44 D2 B7 1F DB 81 20 EA 60 C0 00 97 69 EC + * AB DF 48 62 55 94 C5 92 51 E6 03 57 22 67 5E 04 + * C8 47 09 9E 5A E0 70 45 51 + */ +static const uint8_t keys_18[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_18[] = { + 0x00, 0xD5, 0x60, 0x91, 0x2D, 0x3F, 0x70, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_18[] = { + 0xCD, 0x90, 0x44, 0xD2, 0xB7, 0x1F, 0xDB, 0x81, + 0x20, 0xEA, 0x60, 0xC0, 0x64, 0x35, 0xAC, 0xBA, + 0xFB, 0x11, 0xA8, 0x2E, 0x2F, 0x07, 0x1D, 0x7C, + 0xA4, 0xA5, 0xEB, 0xD9, 0x3A, 0x80, 0x3B, 0xA8, + 0x7F +}; +static const uint8_t packet_out_18[] = { + 0xCD, 0x90, 0x44, 0xD2, 0xB7, 0x1F, 0xDB, 0x81, + 0x20, 0xEA, 0x60, 0xC0, 0x00, 0x97, 0x69, 0xEC, + 0xAB, 0xDF, 0x48, 0x62, 0x55, 0x94, 0xC5, 0x92, + 0x51, 0xE6, 0x03, 0x57, 0x22, 0x67, 0x5E, 0x04, + 0xC8, 0x47, 0x09, 0x9E, 0x5A, 0xE0, 0x70, 0x45, + 0x51 +}; +#define clear_len_18 12 +#define auth_len_18 8 + +/* + * =============== Packet Vector #19 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 42 FF F8 F1 95 1C 3C 96 96 76 6C FA + * Total packet length = 31. [Input with 8 cleartext header octets] + * D8 5B C7 E6 9F 94 4F B8 8A 19 B9 50 BC F7 1A 01 + * 8E 5E 67 01 C9 17 87 65 98 09 D6 7D BE DD 18 + * CBC IV in: 61 00 42 FF F8 F1 95 1C 3C 96 96 76 6C FA 00 17 + * CBC IV out:44 F7 CC 9C 2B DD 2F 45 F6 38 25 6B 73 6E 1D 7A + * After xor: 44 FF 14 C7 EC 3B B0 D1 B9 80 25 6B 73 6E 1D 7A [hdr] + * After AES: 57 C3 73 F8 00 AA 5F CC 7B CF 1D 1B DD BB 4C 52 + * After xor: DD DA CA A8 BC 5D 45 CD F5 91 7A 1A 14 AC CB 37 [msg] + * After AES: 42 4E 93 72 72 C8 79 B6 11 C7 A5 9F 47 8D 9F D8 + * After xor: DA 47 45 0F CC 15 61 B6 11 C7 A5 9F 47 8D 9F D8 [msg] + * After AES: 9A CB 03 F8 B9 DB C8 D2 D2 D7 A4 B4 95 25 08 67 + * CBC-MAC : 9A CB 03 F8 B9 DB C8 D2 D2 D7 + * CTR Start: 01 00 42 FF F8 F1 95 1C 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 36 38 34 FA 28 83 3D B7 55 66 0D 98 65 0D 68 46 + * CTR[0002]: 35 E9 63 54 87 16 72 56 3F 0C 08 AF 78 44 31 A9 + * CTR[MAC ]: F9 B7 FA 46 7B 9B 40 45 14 6D + * Total packet length = 41. [Authenticated and Encrypted Output] + * D8 5B C7 E6 9F 94 4F B8 BC 21 8D AA 94 74 27 B6 + * DB 38 6A 99 AC 1A EF 23 AD E0 B5 29 39 CB 6A 63 + * 7C F9 BE C2 40 88 97 C6 BA + */ +static const uint8_t keys_19[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_19[] = { + 0x00, 0x42, 0xFF, 0xF8, 0xF1, 0x95, 0x1C, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_19[] = { + 0xD8, 0x5B, 0xC7, 0xE6, 0x9F, 0x94, 0x4F, 0xB8, + 0x8A, 0x19, 0xB9, 0x50, 0xBC, 0xF7, 0x1A, 0x01, + 0x8E, 0x5E, 0x67, 0x01, 0xC9, 0x17, 0x87, 0x65, + 0x98, 0x09, 0xD6, 0x7D, 0xBE, 0xDD, 0x18 +}; +static const uint8_t packet_out_19[] = { + 0xD8, 0x5B, 0xC7, 0xE6, 0x9F, 0x94, 0x4F, 0xB8, + 0xBC, 0x21, 0x8D, 0xAA, 0x94, 0x74, 0x27, 0xB6, + 0xDB, 0x38, 0x6A, 0x99, 0xAC, 0x1A, 0xEF, 0x23, + 0xAD, 0xE0, 0xB5, 0x29, 0x39, 0xCB, 0x6A, 0x63, + 0x7C, 0xF9, 0xBE, 0xC2, 0x40, 0x88, 0x97, 0xC6, + 0xBA +}; +#define clear_len_19 8 +#define auth_len_19 10 + +/* + * ================= Packet Vector #20 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 92 0F 40 E5 6C DC 3C 96 96 76 6C FA + * Total packet length = 32. [Input with 8 cleartext header octets] + * 74 A0 EB C9 06 9F 5B 37 17 61 43 3C 37 C5 A3 5F + * C1 F3 9F 40 63 02 EB 90 7C 61 63 BE 38 C9 84 37 + * CBC IV in: 61 00 92 0F 40 E5 6C DC 3C 96 96 76 6C FA 00 18 + * CBC IV out:60 CB 21 CE 40 06 50 AE 2A D2 BE 52 9F 5F 0F C2 + * After xor: 60 C3 55 6E AB CF 56 31 71 E5 BE 52 9F 5F 0F C2 [hdr] + * After AES: 03 20 64 14 35 32 5D 95 C8 A2 50 40 93 28 DA 9B + * After xor: 14 41 27 28 02 F7 FE CA 09 51 CF 00 F0 2A 31 0B [msg] + * After AES: B9 E8 87 95 ED F7 F0 08 15 15 F0 14 E2 FE 0E 48 + * After xor: C5 89 E4 2B D5 3E 74 3F 15 15 F0 14 E2 FE 0E 48 [msg] + * After AES: 8F AD 0C 23 E9 63 7E 87 FA 21 45 51 1B 47 DE F1 + * CBC-MAC : 8F AD 0C 23 E9 63 7E 87 FA 21 + * CTR Start: 01 00 92 0F 40 E5 6C DC 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 4F 71 A5 C1 12 42 E3 7D 29 F0 FE E4 1B E1 02 5F + * CTR[0002]: 34 2B D3 F1 7C B7 7B C1 79 0B 05 05 61 59 27 2C + * CTR[MAC ]: 7F 09 7B EF C6 AA C1 D3 73 65 + * Total packet length = 42. [Authenticated and Encrypted Output] + * 74 A0 EB C9 06 9F 5B 37 58 10 E6 FD 25 87 40 22 + * E8 03 61 A4 78 E3 E9 CF 48 4A B0 4F 44 7E FF F6 + * F0 A4 77 CC 2F C9 BF 54 89 44 + */ +static const uint8_t keys_20[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_20[] = { + 0x00, 0x92, 0x0F, 0x40, 0xE5, 0x6C, 0xDC, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_20[] = { + 0x74, 0xA0, 0xEB, 0xC9, 0x06, 0x9F, 0x5B, 0x37, + 0x17, 0x61, 0x43, 0x3C, 0x37, 0xC5, 0xA3, 0x5F, + 0xC1, 0xF3, 0x9F, 0x40, 0x63, 0x02, 0xEB, 0x90, + 0x7C, 0x61, 0x63, 0xBE, 0x38, 0xC9, 0x84, 0x37 +}; +static const uint8_t packet_out_20[] = { + 0x74, 0xA0, 0xEB, 0xC9, 0x06, 0x9F, 0x5B, 0x37, + 0x58, 0x10, 0xE6, 0xFD, 0x25, 0x87, 0x40, 0x22, + 0xE8, 0x03, 0x61, 0xA4, 0x78, 0xE3, 0xE9, 0xCF, + 0x48, 0x4A, 0xB0, 0x4F, 0x44, 0x7E, 0xFF, 0xF6, + 0xF0, 0xA4, 0x77, 0xCC, 0x2F, 0xC9, 0xBF, 0x54, + 0x89, 0x44 +}; +#define clear_len_20 8 +#define auth_len_20 10 + +/* + * =============== Packet Vector #21 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 27 CA 0C 71 20 BC 3C 96 96 76 6C FA + * Total packet length = 33. [Input with 8 cleartext header octets] + * 44 A3 AA 3A AE 64 75 CA A4 34 A8 E5 85 00 C6 E4 + * 15 30 53 88 62 D6 86 EA 9E 81 30 1B 5A E4 22 6B + * FA + * CBC IV in: 61 00 27 CA 0C 71 20 BC 3C 96 96 76 6C FA 00 19 + * CBC IV out:43 07 C0 73 A8 9E E1 D5 05 27 B2 9A 62 48 D6 D2 + * After xor: 43 0F 84 D0 02 A4 4F B1 70 ED B2 9A 62 48 D6 D2 [hdr] + * After AES: B6 0B C6 F5 84 01 75 BC 01 27 70 F1 11 8D 75 10 + * After xor: 12 3F 6E 10 01 01 B3 58 14 17 23 79 73 5B F3 FA [msg] + * After AES: 7D 5E 64 92 CE 2C B9 EA 7E 4C 4A 09 09 89 C8 FB + * After xor: E3 DF 54 89 94 C8 9B 81 84 4C 4A 09 09 89 C8 FB [msg] + * After AES: 68 5F 8D 79 D2 2B 9B 74 21 DF 4C 3E 87 BA 0A AF + * CBC-MAC : 68 5F 8D 79 D2 2B 9B 74 21 DF + * CTR Start: 01 00 27 CA 0C 71 20 BC 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 56 8A 45 9E 40 09 48 67 EB 85 E0 9E 6A 2E 64 76 + * CTR[0002]: A6 00 AA 92 92 03 54 9A AE EF 2C CC 59 13 7A 57 + * CTR[MAC ]: 25 1E DC DD 3F 11 10 F3 98 11 + * Total packet length = 43. [Authenticated and Encrypted Output] + * 44 A3 AA 3A AE 64 75 CA F2 BE ED 7B C5 09 8E 83 + * FE B5 B3 16 08 F8 E2 9C 38 81 9A 89 C8 E7 76 F1 + * 54 4D 41 51 A4 ED 3A 8B 87 B9 CE + */ +static const uint8_t keys_21[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_21[] = { + 0x00, 0x27, 0xCA, 0x0C, 0x71, 0x20, 0xBC, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_21[] = { + 0x44, 0xA3, 0xAA, 0x3A, 0xAE, 0x64, 0x75, 0xCA, + 0xA4, 0x34, 0xA8, 0xE5, 0x85, 0x00, 0xC6, 0xE4, + 0x15, 0x30, 0x53, 0x88, 0x62, 0xD6, 0x86, 0xEA, + 0x9E, 0x81, 0x30, 0x1B, 0x5A, 0xE4, 0x22, 0x6B, + 0xFA +}; +static const uint8_t packet_out_21[] = { + 0x44, 0xA3, 0xAA, 0x3A, 0xAE, 0x64, 0x75, 0xCA, + 0xF2, 0xBE, 0xED, 0x7B, 0xC5, 0x09, 0x8E, 0x83, + 0xFE, 0xB5, 0xB3, 0x16, 0x08, 0xF8, 0xE2, 0x9C, + 0x38, 0x81, 0x9A, 0x89, 0xC8, 0xE7, 0x76, 0xF1, + 0x54, 0x4D, 0x41, 0x51, 0xA4, 0xED, 0x3A, 0x8B, + 0x87, 0xB9, 0xCE +}; +#define clear_len_21 8 +#define auth_len_21 10 + +/* + * =============== Packet Vector #22 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 5B 8C CB CD 9A F8 3C 96 96 76 6C FA + * Total packet length = 31. [Input with 12 cleartext header octets] + * EC 46 BB 63 B0 25 20 C3 3C 49 FD 70 B9 6B 49 E2 + * 1D 62 17 41 63 28 75 DB 7F 6C 92 43 D2 D7 C2 + * CBC IV in: 61 00 5B 8C CB CD 9A F8 3C 96 96 76 6C FA 00 13 + * CBC IV out:91 14 AD 06 B6 CC 02 35 76 9A B6 14 C4 82 95 03 + * After xor: 91 18 41 40 0D AF B2 10 56 59 8A 5D 39 F2 95 03 [hdr] + * After AES: 29 BD 7C 27 83 E3 E8 D3 C3 5C 01 F4 4C EC BB FA + * After xor: 90 D6 35 C5 9E 81 FF 92 A0 74 74 2F 33 80 29 B9 [msg] + * After AES: 4E DA F4 0D 21 0B D4 5F FE 97 90 B9 AA EC 34 4C + * After xor: 9C 0D 36 0D 21 0B D4 5F FE 97 90 B9 AA EC 34 4C [msg] + * After AES: 21 9E F8 90 EA 64 C2 11 A5 37 88 83 E1 BA 22 0D + * CBC-MAC : 21 9E F8 90 EA 64 C2 11 A5 37 + * CTR Start: 01 00 5B 8C CB CD 9A F8 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 88 BC 19 42 80 C1 FA 3E BE FC EF FB 4D C6 2D 54 + * CTR[0002]: 3E 59 7D A5 AE 21 CC A4 00 9E 4C 0C 91 F6 22 49 + * CTR[MAC ]: 5C BC 30 98 66 02 A9 F4 64 A0 + * Total packet length = 41. [Authenticated and Encrypted Output] + * EC 46 BB 63 B0 25 20 C3 3C 49 FD 70 31 D7 50 A0 + * 9D A3 ED 7F DD D4 9A 20 32 AA BF 17 EC 8E BF 7D + * 22 C8 08 8C 66 6B E5 C1 97 + */ +static const uint8_t keys_22[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_22[] = { + 0x00, 0x5B, 0x8C, 0xCB, 0xCD, 0x9A, 0xF8, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_22[] = { + 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, 0xC3, + 0x3C, 0x49, 0xFD, 0x70, 0xB9, 0x6B, 0x49, 0xE2, + 0x1D, 0x62, 0x17, 0x41, 0x63, 0x28, 0x75, 0xDB, + 0x7F, 0x6C, 0x92, 0x43, 0xD2, 0xD7, 0xC2 +}; +static const uint8_t packet_out_22[] = { + 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, 0xC3, + 0x3C, 0x49, 0xFD, 0x70, 0x31, 0xD7, 0x50, 0xA0, + 0x9D, 0xA3, 0xED, 0x7F, 0xDD, 0xD4, 0x9A, 0x20, + 0x32, 0xAA, 0xBF, 0x17, 0xEC, 0x8E, 0xBF, 0x7D, + 0x22, 0xC8, 0x08, 0x8C, 0x66, 0x6B, 0xE5, 0xC1, + 0x97 +}; +#define clear_len_22 12 +#define auth_len_22 10 + + +/* + * =============== Packet Vector #23 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 3E BE 94 04 4B 9A 3C 96 96 76 6C FA + * Total packet length = 32. [Input with 12 cleartext header octets] + * 47 A6 5A C7 8B 3D 59 42 27 E8 5E 71 E2 FC FB B8 + * 80 44 2C 73 1B F9 51 67 C8 FF D7 89 5E 33 70 76 + * CBC IV in: 61 00 3E BE 94 04 4B 9A 3C 96 96 76 6C FA 00 14 + * CBC IV out:0F 70 3F 5A 54 2C 44 6E 8B 74 A3 73 9B 48 B9 61 + * After xor: 0F 7C 78 FC 0E EB CF 53 D2 36 84 9B C5 39 B9 61 [hdr] + * After AES: 40 5B ED 29 D0 98 AE 91 DB 68 78 F3 68 B8 73 85 + * After xor: A2 A7 16 91 50 DC 82 E2 C0 91 29 94 A0 47 A4 0C [msg] + * After AES: 3D 03 29 3C FD 81 1B 37 01 51 FB C7 85 6B 7A 74 + * After xor: 63 30 59 4A FD 81 1B 37 01 51 FB C7 85 6B 7A 74 [msg] + * After AES: 66 4F 27 16 3E 36 0F 72 62 0D 4E 67 7C E0 61 DE + * CBC-MAC : 66 4F 27 16 3E 36 0F 72 62 0D + * CTR Start: 01 00 3E BE 94 04 4B 9A 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 0A 7E 0A 63 53 C8 CF 9E BC 3B 6E 63 15 9A D0 97 + * CTR[0002]: EA 20 32 DA 27 82 6E 13 9E 1E 72 5C 5B 0D 3E BF + * CTR[MAC ]: B9 31 27 CA F0 F1 A1 20 FA 70 + * Total packet length = 42. [Authenticated and Encrypted Output] + * 47 A6 5A C7 8B 3D 59 42 27 E8 5E 71 E8 82 F1 DB + * D3 8C E3 ED A7 C2 3F 04 DD 65 07 1E B4 13 42 AC + * DF 7E 00 DC CE C7 AE 52 98 7D + */ +static const uint8_t keys_23[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_23[] = { + 0x00, 0x3E, 0xBE, 0x94, 0x04, 0x4B, 0x9A, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_23[] = { + 0x47, 0xA6, 0x5A, 0xC7, 0x8B, 0x3D, 0x59, 0x42, + 0x27, 0xE8, 0x5E, 0x71, 0xE2, 0xFC, 0xFB, 0xB8, + 0x80, 0x44, 0x2C, 0x73, 0x1B, 0xF9, 0x51, 0x67, + 0xC8, 0xFF, 0xD7, 0x89, 0x5E, 0x33, 0x70, 0x76 +}; +static const uint8_t packet_out_23[] = { + 0x47, 0xA6, 0x5A, 0xC7, 0x8B, 0x3D, 0x59, 0x42, + 0x27, 0xE8, 0x5E, 0x71, 0xE8, 0x82, 0xF1, 0xDB, + 0xD3, 0x8C, 0xE3, 0xED, 0xA7, 0xC2, 0x3F, 0x04, + 0xDD, 0x65, 0x07, 0x1E, 0xB4, 0x13, 0x42, 0xAC, + 0xDF, 0x7E, 0x00, 0xDC, 0xCE, 0xC7, 0xAE, 0x52, + 0x98, 0x7D +}; +#define clear_len_23 12 +#define auth_len_23 10 + +/* + * =============== Packet Vector #24 ================== + * AES Key = D7 82 8D 13 B2 B0 BD C3 25 A7 62 36 DF 93 CC 6B + * Nonce = 00 8D 49 3B 30 AE 8B 3C 96 96 76 6C FA + * Total packet length = 33. [Input with 12 cleartext header octets] + * 6E 37 A6 EF 54 6D 95 5D 34 AB 60 59 AB F2 1C 0B + * 02 FE B8 8F 85 6D F4 A3 73 81 BC E3 CC 12 85 17 + * D4 + * CBC IV in: 61 00 8D 49 3B 30 AE 8B 3C 96 96 76 6C FA 00 15 + * CBC IV out:67 AC E4 E8 06 77 7A D3 27 1D 0B 93 4C 67 98 15 + * After xor: 67 A0 8A DF A0 98 2E BE B2 40 3F 38 2C 3E 98 15 [hdr] + * After AES: 35 58 F8 7E CA C2 B4 39 B6 7E 75 BB F1 5E 69 08 + * After xor: 9E AA E4 75 C8 3C 0C B6 33 13 81 18 82 DF D5 EB [msg] + * After AES: 54 E4 7B 62 22 F0 BB 87 17 D0 71 6A EB AF 19 9E + * After xor: 98 F6 FE 75 F6 F0 BB 87 17 D0 71 6A EB AF 19 9E [msg] + * After AES: 23 E3 30 50 BC 57 DC 2C 3D 3E 7C 94 77 D1 49 71 + * CBC-MAC : 23 E3 30 50 BC 57 DC 2C 3D 3E + * CTR Start: 01 00 8D 49 3B 30 AE 8B 3C 96 96 76 6C FA 00 01 + * CTR[0001]: 58 DB 19 B3 88 9A A3 8B 3C A4 0B 16 FF 42 2C 73 + * CTR[0002]: C3 2F 24 3D 65 DC 7E 9F 4B 02 16 AB 7F B9 6B 4D + * CTR[MAC ]: 4E 2D AE D2 53 F6 B1 8A 1D 67 + * Total packet length = 43. [Authenticated and Encrypted Output] + * 6E 37 A6 EF 54 6D 95 5D 34 AB 60 59 F3 29 05 B8 + * 8A 64 1B 04 B9 C9 FF B5 8C C3 90 90 0F 3D A1 2A + * B1 6D CE 9E 82 EF A1 6D A6 20 59 + */ +static const uint8_t keys_24[] = { + 0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, + 0x25, 0xA7, 0x62, 0x36, 0xDF, 0x93, 0xCC, 0x6B +}; +static const uint8_t nonce_24[] = { + 0x00, 0x8D, 0x49, 0x3B, 0x30, 0xAE, 0x8B, 0x3C, + 0x96, 0x96, 0x76, 0x6C, 0xFA +}; +static const uint8_t packet_in_24[] = { + 0x6E, 0x37, 0xA6, 0xEF, 0x54, 0x6D, 0x95, 0x5D, + 0x34, 0xAB, 0x60, 0x59, 0xAB, 0xF2, 0x1C, 0x0B, + 0x02, 0xFE, 0xB8, 0x8F, 0x85, 0x6D, 0xF4, 0xA3, + 0x73, 0x81, 0xBC, 0xE3, 0xCC, 0x12, 0x85, 0x17, + 0xD4 +}; +static const uint8_t packet_out_24[] = { + 0x6E, 0x37, 0xA6, 0xEF, 0x54, 0x6D, 0x95, 0x5D, + 0x34, 0xAB, 0x60, 0x59, 0xF3, 0x29, 0x05, 0xB8, + 0x8A, 0x64, 0x1B, 0x04, 0xB9, 0xC9, 0xFF, 0xB5, + 0x8C, 0xC3, 0x90, 0x90, 0x0F, 0x3D, 0xA1, 0x2A, + 0xB1, 0x6D, 0xCE, 0x9E, 0x82, 0xEF, 0xA1, 0x6D, + 0xA6, 0x20, 0x59 +}; +#define clear_len_24 12 +#define auth_len_24 10 + +/** Additional AES-CCM-128 test vectors */ +static const uint8_t keys_90[] = { + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F +}; +static const uint8_t nonce_90[] = { + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 +}; +static const uint8_t packet_in_90[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x20, 0x21, 0x22, 0x23 +}; +static const uint8_t packet_out_90[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x71, 0x62, 0x01, 0x5B, + 0x4D, 0xAC, 0x25, 0x5D +}; +#define clear_len_90 8 +#define auth_len_90 4 + +static const uint8_t keys_91[] = { + 0xC9, 0x7C, 0x1F, 0x67, 0xCE, 0x37, 0x11, 0x85, + 0x51, 0x4A, 0x8A, 0x19, 0xF2, 0xBD, 0xD5, 0x2F +}; +static const uint8_t nonce_91[] = { + 0x00, 0x50, 0x30, 0xF1, 0x84, 0x44, 0x08, 0xB5, + 0x03, 0x97, 0x76, 0xE7, 0x0C +}; +static const uint8_t packet_in_91[] = { + 0x08, 0x40, 0x0F, 0xD2, 0xE1, 0x28, 0xA5, 0x7C, + 0x50, 0x30, 0xF1, 0x84, 0x44, 0x08, 0xAB, 0xAE, + 0xA5, 0xB8, 0xFC, 0xBA, 0x00, 0x00, + 0xF8, 0xBA, 0x1A, 0x55, 0xD0, 0x2F, 0x85, 0xAE, + 0x96, 0x7B, 0xB6, 0x2F, 0xB6, 0xCD, 0xA8, 0xEB, + 0x7E, 0x78, 0xA0, 0x50 +}; +static const uint8_t packet_out_91[] = { + 0x08, 0x40, 0x0F, 0xD2, 0xE1, 0x28, 0xA5, 0x7C, + 0x50, 0x30, 0xF1, 0x84, 0x44, 0x08, 0xAB, 0xAE, + 0xA5, 0xB8, 0xFC, 0xBA, 0x00, 0x00, + 0xF3, 0xD0, 0xA2, 0xFE, 0x9A, 0x3D, 0xBF, 0x23, + 0x42, 0xA6, 0x43, 0xE4, 0x32, 0x46, 0xE8, 0x0C, + 0x3C, 0x04, 0xD0, 0x19, + 0x78, 0x45, 0xCE, 0x0B, 0x16, 0xF9, 0x76, 0x23 +}; +#define clear_len_91 22 +#define auth_len_91 8 + + +static const uint8_t keys_92[] = { + 0xC9, 0x7C, 0x1F, 0x67, 0xCE, 0x37, 0x11, 0x85, + 0x51, 0x4A, 0x8A, 0x19, 0xF2, 0xBD, 0xD5, 0x2F +}; +static const uint8_t nonce_92[] = { + 0x00, 0x50, 0x30, 0xF1, 0x84, 0x44, 0x08, 0xB5, + 0x03, 0x97, 0x76, 0xE7, 0x0C +}; +static const uint8_t packet_in_92[] = { + 0xF8, 0xBA, 0x1A, 0x55, 0xD0, 0x2F, 0x85, 0xAE, + 0x96, 0x7B, 0xB6, 0x2F, 0xB6, 0xCD, 0xA8, 0xEB, + 0x7E, 0x78, 0xA0, 0x50 +}; +static const uint8_t packet_out_92[] = { + 0xF3, 0xD0, 0xA2, 0xFE, 0x9A, 0x3D, 0xBF, 0x23, + 0x42, 0xA6, 0x43, 0xE4, 0x32, 0x46, 0xE8, 0x0C, + 0x3C, 0x04, 0xD0, 0x19, + 0x41, 0x83, 0x21, 0x89, 0xA3, 0xD3, 0x1B, 0x43 +}; +#define clear_len_92 0 +#define auth_len_92 8 + +static const uint8_t keys_100[] = { + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F +}; +static const uint8_t nonce_100[] = { + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 +}; +static const uint8_t packet_in_100[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x20, 0x21, 0x22, 0x23, +}; +static const uint8_t packet_out_100[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x71, 0x62, 0x01, 0x5B, + 0xB0, 0xC9, 0x5E, 0x58, 0x03, 0x6E +}; +#define clear_len_100 8 +#define auth_len_100 6 + +static const uint8_t keys_101[] = { + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F +}; +static const uint8_t nonce_101[] = { + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 +}; +static const uint8_t packet_in_101[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x20, 0x21, 0x22, 0x23, +}; +static const uint8_t packet_out_101[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x71, 0x62, 0x01, 0x5B, + 0xD0, 0xAD, 0x86, 0xFD, 0x33, 0xC2, 0x69, 0x86 +}; +#define clear_len_101 8 +#define auth_len_101 8 + +static const uint8_t keys_102[] = { + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F +}; +static const uint8_t nonce_102[] = { + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 +}; +static const uint8_t packet_in_102[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x20, 0x21, 0x22, 0x23, +}; +static const uint8_t packet_out_102[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x71, 0x62, 0x01, 0x5B, + 0x05, 0x12, 0xDA, 0xBF, 0xD9, 0x72, 0xA6, 0x68, + 0x53, 0xC1 +}; +#define clear_len_102 8 +#define auth_len_102 10 + +static const uint8_t keys_103[] = { + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F +}; +static const uint8_t nonce_103[] = { + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 +}; +static const uint8_t packet_in_103[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x20, 0x21, 0x22, 0x23, +}; +static const uint8_t packet_out_103[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x71, 0x62, 0x01, 0x5B, + 0xBA, 0x03, 0xBF, 0x8C, 0xE0, 0xD6, 0x00, 0xA4, + 0x48, 0x6F, 0xCC, 0xB3 +}; +#define clear_len_103 8 +#define auth_len_103 12 + +static const uint8_t keys_104[] = { + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F +}; +static const uint8_t nonce_104[] = { + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 +}; +static const uint8_t packet_in_104[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x20, 0x21, 0x22, 0x23, +}; +static const uint8_t packet_out_104[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x71, 0x62, 0x01, 0x5B, + 0x6B, 0x9B, 0xFB, 0xFE, 0xA8, 0x2C, 0x04, 0x77, + 0x8E, 0x67, 0xF5, 0x18, 0x46, 0xC6 +}; +#define clear_len_104 8 +#define auth_len_104 14 + +static const uint8_t keys_105[] = { + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F +}; +static const uint8_t nonce_105[] = { + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 +}; +static const uint8_t packet_in_105[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x20, 0x21, 0x22, 0x23, +}; +static const uint8_t packet_out_105[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x71, 0x62, 0x01, 0x5B, + 0x2B, 0xB5, 0x7C, 0x0A, 0xF4, 0x5E, 0x4D, 0x83, + 0x04, 0xF0, 0x5F, 0x45, 0x99, 0x3F, 0x15, 0x17 +}; +#define clear_len_105 8 +#define auth_len_105 16 + +#define CCM_TEST_VEC(num) \ + { keys_##num, nonce_##num, sizeof(nonce_##num), \ + packet_in_##num, sizeof(packet_in_##num), \ + clear_len_##num, packet_out_##num, \ + auth_len_##num } + +static const struct ccm_rfc3610_vector { + const uint8_t *keys; + const uint8_t *nonce; + const size_t nonce_len; + /* packet in = [ AAD | plain text ] */ + const uint8_t *packet_in; + const size_t packet_len; + const size_t clear_len; + /* packet out = [ AAD | cipher text | authentication tag ] */ + const uint8_t *packet_out; + const size_t auth_len; +} ccm_vectors[] = { + CCM_TEST_VEC(01), + CCM_TEST_VEC(02), + CCM_TEST_VEC(03), + CCM_TEST_VEC(04), + CCM_TEST_VEC(05), + CCM_TEST_VEC(06), + CCM_TEST_VEC(07), + CCM_TEST_VEC(08), + CCM_TEST_VEC(09), + CCM_TEST_VEC(10), + CCM_TEST_VEC(11), + CCM_TEST_VEC(12), + CCM_TEST_VEC(13), + CCM_TEST_VEC(14), + CCM_TEST_VEC(15), + CCM_TEST_VEC(16), + CCM_TEST_VEC(17), + CCM_TEST_VEC(18), + CCM_TEST_VEC(19), + CCM_TEST_VEC(20), + CCM_TEST_VEC(21), + CCM_TEST_VEC(22), + CCM_TEST_VEC(23), + CCM_TEST_VEC(24), + CCM_TEST_VEC(90), + CCM_TEST_VEC(91), + CCM_TEST_VEC(92), + CCM_TEST_VEC(100), + CCM_TEST_VEC(101), + CCM_TEST_VEC(102), + CCM_TEST_VEC(103), + CCM_TEST_VEC(104), + CCM_TEST_VEC(105), +}; + +#ifdef _WIN32 +#define snprintf _snprintf +#endif + +static void +hexdump(FILE *fp, + const char *msg, + const void *p, + size_t len) +{ + unsigned int i, out, ofs; + const unsigned char *data = p; + + fprintf(fp, "%s\n", msg); + + ofs = 0; + while (ofs < len) { + char line[120]; + + out = snprintf(line, sizeof(line), "%08x:", ofs); + for (i = 0; ((ofs + i) < len) && (i < 16); i++) + out += snprintf(line + out, sizeof(line) - out, + " %02x", (data[ofs + i] & 0xff)); + for (; i <= 16; i++) + out += snprintf(line + out, sizeof(line) - out, " | "); + for (i = 0; (ofs < len) && (i < 16); i++, ofs++) { + unsigned char c = data[ofs]; + + if ((c < ' ') || (c > '~')) + c = '.'; + out += snprintf(line + out, + sizeof(line) - out, "%c", c); + } + fprintf(fp, "%s\n", line); + } +} + +static int +ccm_job_ok(const struct ccm_rfc3610_vector *vec, + const struct JOB_AES_HMAC *job, + const uint8_t *target, + const uint8_t *padding, + const uint8_t *auth, + const size_t sizeof_padding, + const int dir, + const int in_place) +{ + if (job->status != STS_COMPLETED) { + printf("%d Error status:%d", __LINE__, job->status); + return 0; + } + + /* cipher checks */ + if (in_place) { + if (dir == ENCRYPT) { + if (memcmp(vec->packet_out, target + sizeof_padding, + vec->packet_len)) { + printf("cipher mismatched\n"); + hexdump(stderr, "Received", + target + sizeof_padding, + vec->packet_len); + hexdump(stderr, "Expected", + vec->packet_out, vec->packet_len); + return 0; + } + } else { + if (memcmp(vec->packet_in, target + sizeof_padding, + vec->packet_len)) { + printf("cipher mismatched\n"); + hexdump(stderr, "Received", + target + sizeof_padding, + vec->packet_len); + hexdump(stderr, "Expected", vec->packet_in, + vec->packet_len); + return 0; + } + } + } else { /* out-of-place */ + if (dir == ENCRYPT) { + if (memcmp(vec->packet_out + vec->clear_len, + target + sizeof_padding, + vec->packet_len - vec->clear_len)) { + printf("cipher mismatched\n"); + hexdump(stderr, "Received", + target + sizeof_padding, + vec->packet_len - vec->clear_len); + hexdump(stderr, "Expected", + vec->packet_out + vec->clear_len, + vec->packet_len - vec->clear_len); + return 0; + } + } else { + if (memcmp(vec->packet_in + vec->clear_len, + target + sizeof_padding, + vec->packet_len - vec->clear_len)) { + printf("cipher mismatched\n"); + hexdump(stderr, "Received", + target + sizeof_padding, + vec->packet_len - vec->clear_len); + hexdump(stderr, "Expected", + vec->packet_in + vec->clear_len, + vec->packet_len - vec->clear_len); + return 0; + } + } + } + + if (memcmp(padding, target, sizeof_padding)) { + printf("cipher overwrite head\n"); + hexdump(stderr, "Target", target, sizeof(padding)); + return 0; + } + + if (in_place) { + if (memcmp(padding, target + sizeof_padding + vec->packet_len, + sizeof_padding)) { + printf("cipher overwrite tail\n"); + hexdump(stderr, "Target", + target + sizeof_padding + vec->packet_len, + sizeof_padding); + return 0; + } + } else { + if (memcmp(padding, target + sizeof_padding + vec->packet_len - + vec->clear_len, sizeof_padding)) { + printf("cipher overwrite tail\n"); + hexdump(stderr, "Target", target + sizeof_padding + + vec->packet_len - vec->clear_len, + sizeof_padding); + return 0; + } + } + + /* hash checks */ + if (memcmp(padding, &auth[sizeof_padding + vec->auth_len], + sizeof_padding)) { + printf("hash overwrite tail\n"); + hexdump(stderr, "Target", + &auth[sizeof_padding + vec->auth_len], sizeof_padding); + return 0; + } + + if (memcmp(padding, &auth[0], sizeof_padding)) { + printf("hash overwrite head\n"); + hexdump(stderr, "Target", &auth[0], sizeof_padding); + return 0; + } + + if (memcmp(vec->packet_out + vec->packet_len, &auth[sizeof_padding], + vec->auth_len)) { + printf("hash mismatched\n"); + hexdump(stderr, "Received", &auth[sizeof_padding], + vec->auth_len); + hexdump(stderr, "Expected", vec->packet_out + vec->packet_len, + vec->auth_len); + return 0; + } + return 1; +} + +static int +test_ccm(struct MB_MGR *mb_mgr, + const struct ccm_rfc3610_vector *vec, + const int dir, const int in_place, const int num_jobs) +{ + DECLARE_ALIGNED(uint32_t expkey[4*15], 16); + DECLARE_ALIGNED(uint32_t dust[4*15], 16); + struct JOB_AES_HMAC *job; + uint8_t padding[16]; + uint8_t **targets = malloc(num_jobs * sizeof(void *)); + uint8_t **auths = malloc(num_jobs * sizeof(void *)); + int i = 0, jobs_rx = 0, ret = -1; + const int order = (dir == ENCRYPT) ? CIPHER_HASH : HASH_CIPHER; + + if (targets == NULL || auths == NULL) { + fprintf(stderr, "Can't allocate buffer memory\n"); + goto end2; + } + + memset(padding, -1, sizeof(padding)); + memset(targets, 0, num_jobs * sizeof(void *)); + memset(auths, 0, num_jobs * sizeof(void *)); + + for (i = 0; i < num_jobs; i++) { + targets[i] = malloc(vec->packet_len + (sizeof(padding) * 2)); + auths[i] = malloc(16 + (sizeof(padding) * 2)); + if (targets[i] == NULL || auths[i] == NULL) { + fprintf(stderr, "Can't allocate buffer memory\n"); + goto end; + } + + memset(targets[i], -1, vec->packet_len + (sizeof(padding) * 2)); + memset(auths[i], -1, 16 + (sizeof(padding) * 2)); + + if (in_place) { + if (dir == ENCRYPT) + memcpy(targets[i] + sizeof(padding), + vec->packet_in, vec->packet_len); + else + memcpy(targets[i] + sizeof(padding), + vec->packet_out, vec->packet_len); + } + } + + IMB_AES_KEYEXP_128(mb_mgr, vec->keys, expkey, dust); + + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) + ; + + for (i = 0; i < num_jobs; i++) { + job = IMB_GET_NEXT_JOB(mb_mgr); + job->cipher_direction = dir; + job->chain_order = order; + if (in_place) { + job->dst = + targets[i] + sizeof(padding) + vec->clear_len; + job->src = targets[i] + sizeof(padding); + } else { + if (dir == ENCRYPT) { + job->dst = targets[i] + sizeof(padding); + job->src = vec->packet_in; + } else { + job->dst = targets[i] + sizeof(padding); + job->src = vec->packet_out; + } + } + job->cipher_mode = CCM; + job->aes_enc_key_expanded = expkey; + job->aes_dec_key_expanded = expkey; + job->aes_key_len_in_bytes = 16; /* AES-CCM-128 for now */ + job->iv = vec->nonce; + job->iv_len_in_bytes = vec->nonce_len; + job->cipher_start_src_offset_in_bytes = vec->clear_len; + job->msg_len_to_cipher_in_bytes = + vec->packet_len - vec->clear_len; + + job->hash_alg = AES_CCM; + job->hash_start_src_offset_in_bytes = vec->clear_len; + job->msg_len_to_hash_in_bytes = + vec->packet_len - vec->clear_len; + job->auth_tag_output = auths[i] + sizeof(padding); + job->auth_tag_output_len_in_bytes = vec->auth_len; + + job->u.CCM.aad_len_in_bytes = vec->clear_len; + job->u.CCM.aad = job->src; + + job->user_data = targets[i]; + job->user_data2 = auths[i]; + + job = IMB_SUBMIT_JOB(mb_mgr); + if (job) { + jobs_rx++; + if (num_jobs < 4) { + printf("%d Unexpected return from submit_job\n", + __LINE__); + goto end; + } + if (!ccm_job_ok(vec, job, job->user_data, padding, + job->user_data2, sizeof(padding), + dir, in_place)) + goto end; + } + } + + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) { + jobs_rx++; + + if (!ccm_job_ok(vec, job, job->user_data, padding, + job->user_data2, sizeof(padding), dir, + in_place)) + goto end; + } + + if (jobs_rx != num_jobs) { + printf("Expected %d jobs, received %d\n", num_jobs, jobs_rx); + goto end; + } + ret = 0; + + end: + for (i = 0; i < num_jobs; i++) { + if (targets[i] != NULL) + free(targets[i]); + if (auths[i] != NULL) + free(auths[i]); + } + + end2: + if (targets != NULL) + free(targets); + + if (auths != NULL) + free(auths); + + return ret; +} + +static int +test_ccm_std_vectors(struct MB_MGR *mb_mgr, const int num_jobs) +{ + const int vectors_cnt = sizeof(ccm_vectors) / sizeof(ccm_vectors[0]); + int vect; + int errors = 0; + + printf("AES-CCM standard test vectors (N jobs = %d):\n", num_jobs); + for (vect = 1; vect <= vectors_cnt; vect++) { + const int idx = vect - 1; +#ifdef DEBUG + printf("Standard vector [%d/%d] NONCELen:%d PktLen:%d " + "AADLen:%d AUTHlen:%d\n", + vect, vectors_cnt, + (int) ccm_vectors[idx].nonce_len, + (int) ccm_vectors[idx].packet_len, + (int) ccm_vectors[idx].clear_len, + (int) ccm_vectors[idx].auth_len); +#else + printf("."); +#endif + + if (test_ccm(mb_mgr, &ccm_vectors[idx], ENCRYPT, 1, num_jobs)) { + printf("error #%d encrypt in-place\n", vect); + errors++; + } + + if (test_ccm(mb_mgr, &ccm_vectors[idx], DECRYPT, 1, num_jobs)) { + printf("error #%d decrypt in-place\n", vect); + errors++; + } + + if (test_ccm(mb_mgr, &ccm_vectors[idx], ENCRYPT, 0, num_jobs)) { + printf("error #%d encrypt out-of-place\n", vect); + errors++; + } + + if (test_ccm(mb_mgr, &ccm_vectors[idx], DECRYPT, 0, num_jobs)) { + printf("error #%d decrypt out-of-place\n", vect); + errors++; + } + } + printf("\n"); + return errors; +} + +int +ccm_test(const enum arch_type arch, + struct MB_MGR *mb_mgr) +{ + int errors = 0; + + (void) arch; /* unused */ + + errors += test_ccm_std_vectors(mb_mgr, 1); + errors += test_ccm_std_vectors(mb_mgr, 3); + errors += test_ccm_std_vectors(mb_mgr, 4); + errors += test_ccm_std_vectors(mb_mgr, 5); + errors += test_ccm_std_vectors(mb_mgr, 7); + errors += test_ccm_std_vectors(mb_mgr, 8); + errors += test_ccm_std_vectors(mb_mgr, 9); + + if (0 == errors) + printf("...Pass\n"); + else + printf("...Fail\n"); + + return errors; +} diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/cmac_test.c b/src/spdk/intel-ipsec-mb/LibTestApp/cmac_test.c new file mode 100644 index 00000000..bb5f6ba6 --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/cmac_test.c @@ -0,0 +1,382 @@ +/***************************************************************************** + Copyright (c) 2018, Intel Corporation + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of Intel Corporation nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*****************************************************************************/ + +#include <stdint.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +#include <intel-ipsec-mb.h> +#include "gcm_ctr_vectors_test.h" + +int cmac_test(const enum arch_type arch, struct MB_MGR *mb_mgr); + +/* + * Test vectors from https://tools.ietf.org/html/rfc4493 + */ + +/* + * Subkey Generation + * K 2b7e1516 28aed2a6 abf71588 09cf4f3c + * AES-128(key,0) 7df76b0c 1ab899b3 3e42f047 b91b546f + * K1 fbeed618 35713366 7c85e08f 7236a8de + * K2 f7ddac30 6ae266cc f90bc11e e46d513b + */ +static const uint8_t key[16] = { + 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c +}; +static const uint8_t sub_key1[16] = { + 0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66, + 0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde +}; +static const uint8_t sub_key2[16] = { + 0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc, + 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b +}; + +/* + * Example 1: len = 0 + * M <empty string> + * AES-CMAC bb1d6929 e9593728 7fa37d12 9b756746 + */ +static const uint8_t T_1[16] = { + 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, + 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 +}; + +/* + * Example 2: len = 16 + * M 6bc1bee2 2e409f96 e93d7e11 7393172a + * AES-CMAC 070a16b4 6b4d4144 f79bdd9d d04a287c + */ +static const uint8_t T_2[16] = { + 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, + 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c +}; + +/* + * Example 3: len = 40 + * M 6bc1bee2 2e409f96 e93d7e11 7393172a + * ae2d8a57 1e03ac9c 9eb76fac 45af8e51 + * 30c81c46 a35ce411 + * AES-CMAC dfa66747 de9ae630 30ca3261 1497c827 + */ +static const uint8_t T_3[16] = { + 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30, + 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27 +}; + +/* + * Example 4: len = 64 + * M 6bc1bee2 2e409f96 e93d7e11 7393172a + * ae2d8a57 1e03ac9c 9eb76fac 45af8e51 + * 30c81c46 a35ce411 e5fbc119 1a0a52ef + * f69f2445 df4f9b17 ad2b417b e66c3710 + * AES-CMAC 51f0bebf 7e3b9d92 fc497417 79363cfe + */ +static const uint8_t T_4[16] = { + 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92, + 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe +}; + +static const uint8_t M[64] = { + 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, + 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, + 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, + 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, + 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, + 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, + 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 +}; + +static const struct cmac_rfc4493_vector { + const uint8_t *key; + const uint8_t *sub_key1; + const uint8_t *sub_key2; + const uint8_t *M; + size_t len; + const uint8_t *T; + size_t T_len; +} cmac_vectors[] = { + { key, sub_key1, sub_key2, M, 0, T_1, 16 }, + { key, sub_key1, sub_key2, M, 16, T_2, 16 }, + { key, sub_key1, sub_key2, M, 40, T_3, 16 }, + { key, sub_key1, sub_key2, M, 64, T_4, 16 }, + { key, sub_key1, sub_key2, M, 0, T_1, 12 }, + { key, sub_key1, sub_key2, M, 16, T_2, 12 }, + { key, sub_key1, sub_key2, M, 40, T_3, 12 }, + { key, sub_key1, sub_key2, M, 64, T_4, 12 }, +}; + +#ifdef _WIN32 +#define snprintf _snprintf +#endif + +static void +hexdump(FILE *fp, + const char *msg, + const void *p, + size_t len) +{ + unsigned int i, out, ofs; + const unsigned char *data = p; + + fprintf(fp, "%s\n", msg); + + ofs = 0; + while (ofs < len) { + char line[120]; + + out = snprintf(line, sizeof(line), "%08x:", ofs); + for (i = 0; ((ofs + i) < len) && (i < 16); i++) + out += snprintf(line + out, sizeof(line) - out, + " %02x", (data[ofs + i] & 0xff)); + for (; i <= 16; i++) + out += snprintf(line + out, sizeof(line) - out, " | "); + for (i = 0; (ofs < len) && (i < 16); i++, ofs++) { + unsigned char c = data[ofs]; + + if ((c < ' ') || (c > '~')) + c = '.'; + out += snprintf(line + out, + sizeof(line) - out, "%c", c); + } + fprintf(fp, "%s\n", line); + } +} + +static int +cmac_job_ok(const struct cmac_rfc4493_vector *vec, + const struct JOB_AES_HMAC *job, + const uint8_t *auth, + const uint8_t *padding, + const size_t sizeof_padding) +{ + const size_t auth_len = job->auth_tag_output_len_in_bytes; + + if (job->status != STS_COMPLETED) { + printf("%d Error status:%d", __LINE__, job->status); + return 0; + } + + /* hash checks */ + if (memcmp(padding, &auth[sizeof_padding + auth_len], + sizeof_padding)) { + printf("hash overwrite tail\n"); + hexdump(stderr, "Target", + &auth[sizeof_padding + auth_len], sizeof_padding); + return 0; + } + + if (memcmp(padding, &auth[0], sizeof_padding)) { + printf("hash overwrite head\n"); + hexdump(stderr, "Target", &auth[0], sizeof_padding); + return 0; + } + + if (memcmp(vec->T, &auth[sizeof_padding], auth_len)) { + printf("hash mismatched\n"); + hexdump(stderr, "Received", &auth[sizeof_padding], + auth_len); + hexdump(stderr, "Expected", vec->T, + auth_len); + return 0; + } + return 1; +} + +static int +test_cmac(struct MB_MGR *mb_mgr, + const struct cmac_rfc4493_vector *vec, + const int dir, + const int num_jobs) +{ + DECLARE_ALIGNED(uint32_t expkey[4*15], 16); + DECLARE_ALIGNED(uint32_t dust[4*15], 16); + uint32_t skey1[4], skey2[4]; + struct JOB_AES_HMAC *job; + uint8_t padding[16]; + uint8_t **auths = malloc(num_jobs * sizeof(void *)); + int i = 0, jobs_rx = 0, ret = -1; + + if (auths == NULL) { + fprintf(stderr, "Can't allocate buffer memory\n"); + goto end2; + } + + memset(padding, -1, sizeof(padding)); + memset(auths, 0, num_jobs * sizeof(void *)); + + for (i = 0; i < num_jobs; i++) { + auths[i] = malloc(16 + (sizeof(padding) * 2)); + if (auths[i] == NULL) { + fprintf(stderr, "Can't allocate buffer memory\n"); + goto end; + } + + memset(auths[i], -1, 16 + (sizeof(padding) * 2)); + } + + IMB_AES_KEYEXP_128(mb_mgr, vec->key, expkey, dust); + IMB_AES_CMAC_SUBKEY_GEN_128(mb_mgr, expkey, skey1, skey2); + + if (memcmp(vec->sub_key1, skey1, sizeof(skey1))) { + printf("sub-key1 mismatched\n"); + hexdump(stderr, "Received", &skey1[0], sizeof(skey1)); + hexdump(stderr, "Expected", vec->sub_key1, sizeof(skey1)); + goto end; + } + + if (memcmp(vec->sub_key2, skey2, sizeof(skey2))) { + printf("sub-key2 mismatched\n"); + hexdump(stderr, "Received", &skey2[0], sizeof(skey2)); + hexdump(stderr, "Expected", vec->sub_key2, sizeof(skey2)); + goto end; + } + + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) + ; + + for (i = 0; i < num_jobs; i++) { + job = IMB_GET_NEXT_JOB(mb_mgr); + job->cipher_direction = dir; + job->chain_order = HASH_CIPHER; + job->cipher_mode = NULL_CIPHER; + + job->hash_alg = AES_CMAC; + job->src = vec->M; + job->hash_start_src_offset_in_bytes = 0; + job->msg_len_to_hash_in_bytes = vec->len; + job->auth_tag_output = auths[i] + sizeof(padding); + job->auth_tag_output_len_in_bytes = vec->T_len; + + job->u.CMAC._key_expanded = expkey; + job->u.CMAC._skey1 = skey1; + job->u.CMAC._skey2 = skey2; + + job->user_data = auths[i]; + + job = IMB_SUBMIT_JOB(mb_mgr); + if (job) { + jobs_rx++; + if (num_jobs < 4) { + printf("%d Unexpected return from submit_job\n", + __LINE__); + goto end; + } + if (!cmac_job_ok(vec, job, job->user_data, padding, + sizeof(padding))) + goto end; + } + } + + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) { + jobs_rx++; + + if (!cmac_job_ok(vec, job, job->user_data, padding, + sizeof(padding))) + goto end; + } + + if (jobs_rx != num_jobs) { + printf("Expected %d jobs, received %d\n", num_jobs, jobs_rx); + goto end; + } + ret = 0; + + end: + for (i = 0; i < num_jobs; i++) { + if (auths[i] != NULL) + free(auths[i]); + } + + end2: + if (auths != NULL) + free(auths); + + return ret; +} + +static int +test_cmac_std_vectors(struct MB_MGR *mb_mgr, const int num_jobs) +{ + const int vectors_cnt = sizeof(cmac_vectors) / sizeof(cmac_vectors[0]); + int vect; + int errors = 0; + + printf("AES-CMAC standard test vectors (N jobs = %d):\n", num_jobs); + for (vect = 1; vect <= vectors_cnt; vect++) { + const int idx = vect - 1; +#ifdef DEBUG + printf("Standard vector [%d/%d] M len: %d, T len:%d\n", + vect, vectors_cnt, + (int) cmac_vectors[idx].len, + (int) cmac_vectors[idx].T_len); +#else + printf("."); +#endif + + if (test_cmac(mb_mgr, &cmac_vectors[idx], ENCRYPT, num_jobs)) { + printf("error #%d encrypt\n", vect); + errors++; + } + + if (test_cmac(mb_mgr, &cmac_vectors[idx], DECRYPT, num_jobs)) { + printf("error #%d decrypt\n", vect); + errors++; + } + + } + printf("\n"); + return errors; +} + +int +cmac_test(const enum arch_type arch, + struct MB_MGR *mb_mgr) +{ + int errors = 0; + + (void) arch; /* unused */ + + errors += test_cmac_std_vectors(mb_mgr, 1); + errors += test_cmac_std_vectors(mb_mgr, 3); + errors += test_cmac_std_vectors(mb_mgr, 4); + errors += test_cmac_std_vectors(mb_mgr, 5); + errors += test_cmac_std_vectors(mb_mgr, 7); + errors += test_cmac_std_vectors(mb_mgr, 8); + errors += test_cmac_std_vectors(mb_mgr, 9); + + if (0 == errors) + printf("...Pass\n"); + else + printf("...Fail\n"); + + return errors; +} diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c b/src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c new file mode 100644 index 00000000..769f5516 --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/ctr_test.c @@ -0,0 +1,656 @@ +/***************************************************************************** + Copyright (c) 2017-2018, Intel Corporation + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of Intel Corporation nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*****************************************************************************/ + +#include <stdint.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +#include <intel-ipsec-mb.h> + +#include "gcm_ctr_vectors_test.h" + + +/* + * Test Vector from + * https://tools.ietf.org/html/rfc3686 + * + */ +/* + Test Vector #1: Encrypting 16 octets using AES-CTR with 128-bit key + AES Key : AE 68 52 F8 12 10 67 CC 4B F7 A5 76 55 77 F3 9E + AES-CTR IV : 00 00 00 00 00 00 00 00 + Nonce : 00 00 00 30 + Plaintext String : 'Single block msg' + Plaintext : 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67 + Counter Block (1): 00 00 00 30 00 00 00 00 00 00 00 00 00 00 00 01 + Key Stream (1): B7 60 33 28 DB C2 93 1B 41 0E 16 C8 06 7E 62 DF + Ciphertext : E4 09 5D 4F B7 A7 B3 79 2D 61 75 A3 26 13 11 B8 +*/ +static uint8_t K1_CTR[] = { + 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC, + 0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E, +}; +static uint8_t IV1_CTR[] = { + 0x00, 0x00, 0x00, 0x30, /* nonce */ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +}; +static uint8_t P1_CTR[] = { + 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, + 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67, +}; +static uint8_t C1_CTR[] = { + 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79, + 0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8, +}; +static uint8_t T1_CTR[] = { 0 }; +static uint8_t A1_CTR[] = { 0 }; +#define A1_CTR_len 0 + +/* + Test Vector #2: Encrypting 32 octets using AES-CTR with 128-bit key + AES Key : 7E 24 06 78 17 FA E0 D7 43 D6 CE 1F 32 53 91 63 + AES-CTR IV : C0 54 3B 59 DA 48 D9 0B + Nonce : 00 6C B6 DB + Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + Counter Block (1): 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 01 + Key Stream (1): 51 05 A3 05 12 8F 74 DE 71 04 4B E5 82 D7 DD 87 + Counter Block (2): 00 6C B6 DB C0 54 3B 59 DA 48 D9 0B 00 00 00 02 + Key Stream (2): FB 3F 0C EF 52 CF 41 DF E4 FF 2A C4 8D 5C A0 37 + Ciphertext : 51 04 A1 06 16 8A 72 D9 79 0D 41 EE 8E DA D3 88 + : EB 2E 1E FC 46 DA 57 C8 FC E6 30 DF 91 41 BE 28 +*/ +static uint8_t K2_CTR[] = { + 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7, + 0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63, +}; +static uint8_t IV2_CTR[] = { + 0x00, 0x6C, 0xB6, 0xDB, /* nonce */ + 0xC0, 0x54, 0x3B, 0x59, 0xDA, 0x48, 0xD9, 0x0B, +}; +static uint8_t P2_CTR[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, +}; +static uint8_t C2_CTR[] = { + 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9, + 0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88, + 0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8, + 0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28, +}; +static uint8_t T2_CTR[] = { 0 }; +static uint8_t A2_CTR[] = { 0 }; +#define A2_CTR_len 0 + +/* + Test Vector #3: Encrypting 36 octets using AES-CTR with 128-bit key + AES Key : 76 91 BE 03 5E 50 20 A8 AC 6E 61 85 29 F9 A0 DC + AES-CTR IV : 27 77 7F 3F 4A 17 86 F0 + Nonce : 00 E0 01 7B + Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + : 20 21 22 23 + Counter Block (1): 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 01 + Key Stream (1): C1 CE 4A AB 9B 2A FB DE C7 4F 58 E2 E3 D6 7C D8 + Counter Block (2): 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 02 + Key Stream (2): 55 51 B6 38 CA 78 6E 21 CD 83 46 F1 B2 EE 0E 4C + Counter Block (3): 00 E0 01 7B 27 77 7F 3F 4A 17 86 F0 00 00 00 03 + Key Stream (3): 05 93 25 0C 17 55 36 00 A6 3D FE CF 56 23 87 E9 + Ciphertext : C1 CF 48 A8 9F 2F FD D9 CF 46 52 E9 EF DB 72 D7 + : 45 40 A4 2B DE 6D 78 36 D5 9A 5C EA AE F3 10 53 + : 25 B2 07 2F +*/ +static uint8_t K3_CTR[] = { + 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8, + 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC, +}; +static uint8_t IV3_CTR[] = { + 0x00, 0xE0, 0x01, 0x7B, /* nonce */ + 0x27, 0x77, 0x7F, 0x3F, 0x4A, 0x17, 0x86, 0xF0, +}; +static uint8_t P3_CTR[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23, +}; +static uint8_t C3_CTR[] = { + 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9, + 0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7, + 0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36, + 0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53, + 0x25, 0xB2, 0x07, 0x2F, +}; +static uint8_t T3_CTR[] = { 0 }; +static uint8_t A3_CTR[] = { 0 }; +#define A3_CTR_len 0 + +/* + Test Vector #4: Encrypting 16 octets using AES-CTR with 192-bit key + AES Key : 16 AF 5B 14 5F C9 F5 79 C1 75 F9 3E 3B FB 0E ED + : 86 3D 06 CC FD B7 85 15 + AES-CTR IV : 36 73 3C 14 7D 6D 93 CB + Nonce : 00 00 00 48 + Plaintext String : 'Single block msg' + Plaintext : 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67 + Counter Block (1): 00 00 00 48 36 73 3C 14 7D 6D 93 CB 00 00 00 01 + Key Stream (1): 18 3C 56 28 8E 3C E9 AA 22 16 56 CB 23 A6 9A 4F + Ciphertext : 4B 55 38 4F E2 59 C9 C8 4E 79 35 A0 03 CB E9 28 +*/ +static uint8_t K4_CTR[] = { + 0x16, 0xAF, 0x5B, 0x14, 0x5F, 0xC9, 0xF5, 0x79, + 0xC1, 0x75, 0xF9, 0x3E, 0x3B, 0xFB, 0x0E, 0xED, + 0x86, 0x3D, 0x06, 0xCC, 0xFD, 0xB7, 0x85, 0x15, +}; +static uint8_t IV4_CTR[] = { + 0x00, 0x00, 0x00, 0x48, /* nonce */ + 0x36, 0x73, 0x3C, 0x14, 0x7D, 0x6D, 0x93, 0xCB, +}; +static uint8_t P4_CTR[] = { + 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, + 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67, +}; +static uint8_t C4_CTR[] = { + 0x4B, 0x55, 0x38, 0x4F, 0xE2, 0x59, 0xC9, 0xC8, + 0x4E, 0x79, 0x35, 0xA0, 0x03, 0xCB, 0xE9, 0x28, +}; +static uint8_t T4_CTR[] = { 0 }; +static uint8_t A4_CTR[] = { 0 }; +#define A4_CTR_len 0 + +/* + Test Vector #5: Encrypting 32 octets using AES-CTR with 192-bit key + AES Key : 7C 5C B2 40 1B 3D C3 3C 19 E7 34 08 19 E0 F6 9C + : 67 8C 3D B8 E6 F6 A9 1A + AES-CTR IV : 02 0C 6E AD C2 CB 50 0D + Nonce : 00 96 B0 3B + Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + Counter Block (1): 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 01 + Key Stream (1): 45 33 41 FF 64 9E 25 35 76 D6 A0 F1 7D 3C C3 90 + Counter Block (2): 00 96 B0 3B 02 0C 6E AD C2 CB 50 0D 00 00 00 02 + Key Stream (2): 94 81 62 0F 4E C1 B1 8B E4 06 FA E4 5E E9 E5 1F + Ciphertext : 45 32 43 FC 60 9B 23 32 7E DF AA FA 71 31 CD 9F + : 84 90 70 1C 5A D4 A7 9C FC 1F E0 FF 42 F4 FB 00 +*/ +static uint8_t K5_CTR[] = { + 0x7C, 0x5C, 0xB2, 0x40, 0x1B, 0x3D, 0xC3, 0x3C, + 0x19, 0xE7, 0x34, 0x08, 0x19, 0xE0, 0xF6, 0x9C, + 0x67, 0x8C, 0x3D, 0xB8, 0xE6, 0xF6, 0xA9, 0x1A, +}; +static uint8_t IV5_CTR[] = { + 0x00, 0x96, 0xB0, 0x3B, /* nonce */ + 0x02, 0x0C, 0x6E, 0xAD, 0xC2, 0xCB, 0x50, 0x0D, +}; +static uint8_t P5_CTR[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, +}; +static uint8_t C5_CTR[] = { + 0x45, 0x32, 0x43, 0xFC, 0x60, 0x9B, 0x23, 0x32, + 0x7E, 0xDF, 0xAA, 0xFA, 0x71, 0x31, 0xCD, 0x9F, + 0x84, 0x90, 0x70, 0x1C, 0x5A, 0xD4, 0xA7, 0x9C, + 0xFC, 0x1F, 0xE0, 0xFF, 0x42, 0xF4, 0xFB, 0x00, +}; +static uint8_t T5_CTR[] = { 0 }; +static uint8_t A5_CTR[] = { 0 }; +#define A5_CTR_len 0 + +/* + Test Vector #6: Encrypting 36 octets using AES-CTR with 192-bit key + AES Key : 02 BF 39 1E E8 EC B1 59 B9 59 61 7B 09 65 27 9B + : F5 9B 60 A7 86 D3 E0 FE + AES-CTR IV : 5C BD 60 27 8D CC 09 12 + Nonce : 00 07 BD FD + Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + : 20 21 22 23 + Counter Block (1): 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 01 + Key Stream (1): 96 88 3D C6 5A 59 74 28 5C 02 77 DA D1 FA E9 57 + Counter Block (2): 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 02 + Key Stream (2): C2 99 AE 86 D2 84 73 9F 5D 2F D2 0A 7A 32 3F 97 + Counter Block (3): 00 07 BD FD 5C BD 60 27 8D CC 09 12 00 00 00 03 + Key Stream (3): 8B CF 2B 16 39 99 B2 26 15 B4 9C D4 FE 57 39 98 + Ciphertext : 96 89 3F C5 5E 5C 72 2F 54 0B 7D D1 DD F7 E7 58 + : D2 88 BC 95 C6 91 65 88 45 36 C8 11 66 2F 21 88 + : AB EE 09 35 +*/ +static uint8_t K6_CTR[] = { + 0x02, 0xBF, 0x39, 0x1E, 0xE8, 0xEC, 0xB1, 0x59, + 0xB9, 0x59, 0x61, 0x7B, 0x09, 0x65, 0x27, 0x9B, + 0xF5, 0x9B, 0x60, 0xA7, 0x86, 0xD3, 0xE0, 0xFE, +}; +static uint8_t IV6_CTR[] = { + 0x00, 0x07, 0xBD, 0xFD, /* nonce */ + 0x5C, 0xBD, 0x60, 0x27, 0x8D, 0xCC, 0x09, 0x12, +}; +static uint8_t P6_CTR[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23, +}; +static uint8_t C6_CTR[] = { + 0x96, 0x89, 0x3F, 0xC5, 0x5E, 0x5C, 0x72, 0x2F, + 0x54, 0x0B, 0x7D, 0xD1, 0xDD, 0xF7, 0xE7, 0x58, + 0xD2, 0x88, 0xBC, 0x95, 0xC6, 0x91, 0x65, 0x88, + 0x45, 0x36, 0xC8, 0x11, 0x66, 0x2F, 0x21, 0x88, + 0xAB, 0xEE, 0x09, 0x35, +}; +static uint8_t T6_CTR[] = { 0 }; +static uint8_t A6_CTR[] = { 0 }; +#define A6_CTR_len 0 + +/* + Test Vector #7: Encrypting 16 octets using AES-CTR with 256-bit key + AES Key : 77 6B EF F2 85 1D B0 6F 4C 8A 05 42 C8 69 6F 6C + : 6A 81 AF 1E EC 96 B4 D3 7F C1 D6 89 E6 C1 C1 04 + AES-CTR IV : DB 56 72 C9 7A A8 F0 B2 + Nonce : 00 00 00 60 + Plaintext String : 'Single block msg' + Plaintext : 53 69 6E 67 6C 65 20 62 6C 6F 63 6B 20 6D 73 67 + Counter Block (1): 00 00 00 60 DB 56 72 C9 7A A8 F0 B2 00 00 00 01 + Key Stream (1): 47 33 BE 7A D3 E7 6E A5 3A 67 00 B7 51 8E 93 A7 + Ciphertext : 14 5A D0 1D BF 82 4E C7 56 08 63 DC 71 E3 E0 C0 +*/ +static uint8_t K7_CTR[] = { + 0x77, 0x6B, 0xEF, 0xF2, 0x85, 0x1D, 0xB0, 0x6F, + 0x4C, 0x8A, 0x05, 0x42, 0xC8, 0x69, 0x6F, 0x6C, + 0x6A, 0x81, 0xAF, 0x1E, 0xEC, 0x96, 0xB4, 0xD3, + 0x7F, 0xC1, 0xD6, 0x89, 0xE6, 0xC1, 0xC1, 0x04, +}; +static uint8_t IV7_CTR[] = { + 0x00, 0x00, 0x00, 0x60, /* nonce */ + 0xDB, 0x56, 0x72, 0xC9, 0x7A, 0xA8, 0xF0, 0xB2, +}; +static uint8_t P7_CTR[] = { + 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, + 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67, +}; +static uint8_t C7_CTR[] = { + 0x14, 0x5A, 0xD0, 0x1D, 0xBF, 0x82, 0x4E, 0xC7, + 0x56, 0x08, 0x63, 0xDC, 0x71, 0xE3, 0xE0, 0xC0, +}; +static uint8_t T7_CTR[] = { 0 }; +static uint8_t A7_CTR[] = { 0 }; +#define A7_CTR_len 0 + +/* + Test Vector #8: Encrypting 32 octets using AES-CTR with 256-bit key + AES Key : F6 D6 6D 6B D5 2D 59 BB 07 96 36 58 79 EF F8 86 + : C6 6D D5 1A 5B 6A 99 74 4B 50 59 0C 87 A2 38 84 + AES-CTR IV : C1 58 5E F1 5A 43 D8 75 + Nonce : 00 FA AC 24 + Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + Counter block (1): 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 01 + Key stream (1): F0 5F 21 18 3C 91 67 2B 41 E7 0A 00 8C 43 BC A6 + Counter block (2): 00 FA AC 24 C1 58 5E F1 5A 43 D8 75 00 00 00 02 + Key stream (2): A8 21 79 43 9B 96 8B 7D 4D 29 99 06 8F 59 B1 03 + Ciphertext : F0 5E 23 1B 38 94 61 2C 49 EE 00 0B 80 4E B2 A9 + : B8 30 6B 50 8F 83 9D 6A 55 30 83 1D 93 44 AF 1C +*/ +static uint8_t K8_CTR[] = { + 0xF6, 0xD6, 0x6D, 0x6B, 0xD5, 0x2D, 0x59, 0xBB, + 0x07, 0x96, 0x36, 0x58, 0x79, 0xEF, 0xF8, 0x86, + 0xC6, 0x6D, 0xD5, 0x1A, 0x5B, 0x6A, 0x99, 0x74, + 0x4B, 0x50, 0x59, 0x0C, 0x87, 0xA2, 0x38, 0x84, +}; +static uint8_t IV8_CTR[] = { + 0x00, 0xFA, 0xAC, 0x24, /* nonce */ + 0xC1, 0x58, 0x5E, 0xF1, 0x5A, 0x43, 0xD8, 0x75, +}; +static uint8_t P8_CTR[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, +}; +static uint8_t C8_CTR[] = { + 0xF0, 0x5E, 0x23, 0x1B, 0x38, 0x94, 0x61, 0x2C, + 0x49, 0xEE, 0x00, 0x0B, 0x80, 0x4E, 0xB2, 0xA9, + 0xB8, 0x30, 0x6B, 0x50, 0x8F, 0x83, 0x9D, 0x6A, + 0x55, 0x30, 0x83, 0x1D, 0x93, 0x44, 0xAF, 0x1C, +}; +static uint8_t T8_CTR[] = { 0 }; +static uint8_t A8_CTR[] = { 0 }; +#define A8_CTR_len 0 + +/* + Test Vector #9: Encrypting 36 octets using AES-CTR with 256-bit key + AES Key : FF 7A 61 7C E6 91 48 E4 F1 72 6E 2F 43 58 1D E2 + : AA 62 D9 F8 05 53 2E DF F1 EE D6 87 FB 54 15 3D + AES-CTR IV : 51 A5 1D 70 A1 C1 11 48 + Nonce : 00 1C C5 B7 + Plaintext : 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F + : 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F + : 20 21 22 23 + Counter block (1): 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 01 + Key stream (1): EB 6D 50 81 19 0E BD F0 C6 7C 9E 4D 26 C7 41 A5 + Counter block (2): 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 02 + Key stream (2): A4 16 CD 95 71 7C EB 10 EC 95 DA AE 9F CB 19 00 + Counter block (3): 00 1C C5 B7 51 A5 1D 70 A1 C1 11 48 00 00 00 03 + Key stream (3): 3E E1 C4 9B C6 B9 CA 21 3F 6E E2 71 D0 A9 33 39 + Ciphertext : EB 6C 52 82 1D 0B BB F7 CE 75 94 46 2A CA 4F AA + : B4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F + : 1E C0 E6 B8 +*/ +static uint8_t K9_CTR[] = { + 0xFF, 0x7A, 0x61, 0x7C, 0xE6, 0x91, 0x48, 0xE4, + 0xF1, 0x72, 0x6E, 0x2F, 0x43, 0x58, 0x1D, 0xE2, + 0xAA, 0x62, 0xD9, 0xF8, 0x05, 0x53, 0x2E, 0xDF, + 0xF1, 0xEE, 0xD6, 0x87, 0xFB, 0x54, 0x15, 0x3D, +}; +static uint8_t IV9_CTR[] = { + 0x00, 0x1C, 0xC5, 0xB7, /* nonce */ + 0x51, 0xA5, 0x1D, 0x70, 0xA1, 0xC1, 0x11, 0x48, +}; +static uint8_t P9_CTR[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23, +}; +static uint8_t C9_CTR[] = { + 0xEB, 0x6C, 0x52, 0x82, 0x1D, 0x0B, 0xBB, 0xF7, + 0xCE, 0x75, 0x94, 0x46, 0x2A, 0xCA, 0x4F, 0xAA, + 0xB4, 0x07, 0xDF, 0x86, 0x65, 0x69, 0xFD, 0x07, + 0xF4, 0x8C, 0xC0, 0xB5, 0x83, 0xD6, 0x07, 0x1F, + 0x1E, 0xC0, 0xE6, 0xB8, +}; +static uint8_t T9_CTR[] = { 0 }; +static uint8_t A9_CTR[] = { 0 }; +#define A9_CTR_len 0 + +static const struct gcm_ctr_vector ctr_vectors[] = { + /* + * field order {K, Klen, IV, IVlen, A, Alen, P, Plen, C, T, Tlen}; + * original vector does not have a valid sub hash key + */ + vector(1_CTR), + vector(2_CTR), + vector(3_CTR), + vector(4_CTR), + vector(5_CTR), + vector(6_CTR), + vector(7_CTR), + vector(8_CTR), + vector(9_CTR), +}; + +#ifdef _WIN32 +#define snprintf _snprintf +#endif + +static void +hexdump(FILE *fp, + const char *msg, + const void *p, + size_t len) +{ + unsigned int i, out, ofs; + const unsigned char *data = p; + + fprintf(fp, "%s\n", msg); + + ofs = 0; + while (ofs < len) { + char line[120]; + + out = snprintf(line, sizeof(line), "%08x:", ofs); + for (i = 0; ((ofs + i) < len) && (i < 16); i++) + out += snprintf(line + out, sizeof(line) - out, + " %02x", (data[ofs + i] & 0xff)); + for (; i <= 16; i++) + out += snprintf(line + out, sizeof(line) - out, " | "); + for (i = 0; (ofs < len) && (i < 16); i++, ofs++) { + unsigned char c = data[ofs]; + + if ((c < ' ') || (c > '~')) + c = '.'; + out += snprintf(line + out, + sizeof(line) - out, "%c", c); + } + fprintf(fp, "%s\n", line); + } +} + + +static int +test_ctr(struct MB_MGR *mb_mgr, + const void *expkey, + unsigned key_len, + const void *iv, + unsigned iv_len, + const uint8_t *in_text, + const uint8_t *out_text, + unsigned text_len, + int dir, + int order) +{ + struct JOB_AES_HMAC *job; + uint8_t padding[16]; + uint8_t *target = malloc(text_len + (sizeof(padding) * 2)); + int ret = -1; + + if (target == NULL) { + fprintf(stderr, "Can't allocate buffer memory\n"); + goto end; + } + + memset(target, -1, text_len + (sizeof(padding) * 2)); + memset(padding, -1, sizeof(padding)); + + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) + ; + + job = IMB_GET_NEXT_JOB(mb_mgr); + job->cipher_direction = dir; + job->chain_order = order; + job->dst = target + 16; + job->src = in_text; + job->cipher_mode = CNTR; + job->aes_enc_key_expanded = expkey; + job->aes_dec_key_expanded = expkey; + job->aes_key_len_in_bytes = key_len; + job->iv = iv; + job->iv_len_in_bytes = iv_len; + job->cipher_start_src_offset_in_bytes = 0; + job->msg_len_to_cipher_in_bytes = text_len; + + job->hash_alg = NULL_HASH; + + job = IMB_SUBMIT_JOB(mb_mgr); + if (job) { + printf("%d Unexpected return from submit_job\n", __LINE__); + goto end; + } + job = IMB_FLUSH_JOB(mb_mgr); + if (!job) { + printf("%d Unexpected null return from flush_job\n", __LINE__); + goto end; + } + if (job->status != STS_COMPLETED) { + printf("%d Error status:%d", __LINE__, job->status); + goto end; + } + if (memcmp(out_text, target + 16, text_len)) { + printf("mismatched\n"); + hexdump(stderr, "Target", target, text_len + 32); + goto end; + } + if (memcmp(padding, target, sizeof(padding))) { + printf("overwrite head\n"); + hexdump(stderr, "Target", target, text_len + 32); + goto end; + } + if (memcmp(padding, target + sizeof(padding) + text_len, + sizeof(padding))) { + printf("overwrite tail\n"); + hexdump(stderr, "Target", target, text_len + 32); + goto end; + } + ret = 0; + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) + ; + end: + if (target != NULL) + free(target); + return ret; +} + +static int +test_ctr_std_vectors(struct MB_MGR *mb_mgr) +{ + int const vectors_cnt = sizeof(ctr_vectors) / sizeof(ctr_vectors[0]); + int vect; + int errors = 0; + DECLARE_ALIGNED(uint32_t expkey[4*15], 16); + DECLARE_ALIGNED(uint32_t dust[4*15], 16); + + printf("AES-CTR standard test vectors:\n"); + for (vect = 0; vect < vectors_cnt; vect++) { +#ifdef DEBUG + printf("Standard vector %d/%d Keylen:%d IVlen:%d PTLen:%d " + "AADlen:%d Tlen:%d\n", + vect, vectors_cnt - 1, + (int) ctr_vectors[vect].Klen, + (int) ctr_vectors[vect].IVlen, + (int) ctr_vectors[vect].Plen, + (int) ctr_vectors[vect].Alen, + (int) ctr_vectors[vect].Tlen); +#else + printf("."); +#endif + + + switch (ctr_vectors[vect].Klen) { + case BITS_128: + IMB_AES_KEYEXP_128(mb_mgr, ctr_vectors[vect].K, + expkey, dust); + break; + case BITS_192: + IMB_AES_KEYEXP_192(mb_mgr, ctr_vectors[vect].K, + expkey, dust); + break; + case BITS_256: + IMB_AES_KEYEXP_256(mb_mgr, ctr_vectors[vect].K, + expkey, dust); + break; + default: + return -1; + } + + if (test_ctr(mb_mgr, + expkey, ctr_vectors[vect].Klen, + ctr_vectors[vect].IV, + (unsigned) ctr_vectors[vect].IVlen, + ctr_vectors[vect].P, ctr_vectors[vect].C, + (unsigned) ctr_vectors[vect].Plen, + ENCRYPT, CIPHER_HASH)) { + printf("error #%d encrypt\n", vect + 1); + errors++; + } + + if (test_ctr(mb_mgr, + expkey, ctr_vectors[vect].Klen, + ctr_vectors[vect].IV, + (unsigned) ctr_vectors[vect].IVlen, + ctr_vectors[vect].C, ctr_vectors[vect].P, + (unsigned) ctr_vectors[vect].Plen, + DECRYPT, HASH_CIPHER)) { + printf("error #%d decrypt\n", vect + 1); + errors++; + } + + if (ctr_vectors[vect].IVlen == 12) { + /* IV in the table didn't + * include block counter (12 bytes). + * Let's encrypt & decrypt the same but + * with 16 byte IV that includes block counter. + */ + const unsigned new_iv_len = 16; + const unsigned orig_iv_len = 12; + uint8_t local_iv[16]; + + memcpy(local_iv, ctr_vectors[vect].IV, orig_iv_len); + /* 32-bit 0x01000000 in LE */ + local_iv[12] = 0x00; + local_iv[13] = 0x00; + local_iv[14] = 0x00; + local_iv[15] = 0x01; + + if (test_ctr(mb_mgr, + expkey, ctr_vectors[vect].Klen, + local_iv, new_iv_len, + ctr_vectors[vect].P, ctr_vectors[vect].C, + (unsigned) ctr_vectors[vect].Plen, + ENCRYPT, CIPHER_HASH)) { + printf("error #%d encrypt\n", vect + 1); + errors++; + } + + if (test_ctr(mb_mgr, + expkey, ctr_vectors[vect].Klen, + local_iv, new_iv_len, + ctr_vectors[vect].C, ctr_vectors[vect].P, + (unsigned) ctr_vectors[vect].Plen, + DECRYPT, HASH_CIPHER)) { + printf("error #%d decrypt\n", vect + 1); + errors++; + } + } + } + printf("\n"); + return errors; +} + +int +ctr_test(const enum arch_type arch, + struct MB_MGR *mb_mgr) +{ + int errors; + + (void) arch; /* unused */ + + errors = test_ctr_std_vectors(mb_mgr); + + if (0 == errors) + printf("...Pass\n"); + else + printf("...Fail\n"); + + return errors; +} diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/customop_test.c b/src/spdk/intel-ipsec-mb/LibTestApp/customop_test.c new file mode 100755 index 00000000..41aeebfe --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/customop_test.c @@ -0,0 +1,308 @@ +/***************************************************************************** + Copyright (c) 2017-2018, Intel Corporation + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of Intel Corporation nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*****************************************************************************/ + +#include <assert.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <intel-ipsec-mb.h> + +#include "customop_test.h" + +#define DIM(_a) (sizeof(_a) / sizeof(_a[0])) + +#ifdef DEBUG +#ifdef _WIN32 +#define TRACE(fmt, ...) fprintf(stderr, "%s:%d "fmt, \ + __FUNCTION__, __LINE__, __VA_ARGS__) +#else +#define TRACE(fmt, ...) fprintf(stderr, "%s:%d "fmt, \ + __func__, __LINE__, __VA_ARGS__) +#endif +#else +# define TRACE(fmt, ...) +#endif + +struct cipher_attr_s { + const char *name; + JOB_CIPHER_MODE mode; + unsigned key_len; + unsigned iv_len; +}; + +struct auth_attr_s { + const char *name; + JOB_HASH_ALG hash; + unsigned tag_len; +}; + +struct test_vec_s { + uint8_t iv[16]; + uint8_t txt[64]; + uint8_t tag[32]; + uint8_t verify[32]; + + DECLARE_ALIGNED(uint8_t enc_key[16*16], 64); + DECLARE_ALIGNED(uint8_t dec_key[16*16], 64); + uint8_t ipad[256]; + uint8_t opad[256]; + const struct cipher_attr_s *cipher; + const struct auth_attr_s *auth; + + unsigned seq; +}; + +/* + * addon cipher function + */ +static int +cipher_addon(struct JOB_AES_HMAC *job) +{ +#ifdef DEBUG + struct test_vec_s *node = job->user_data; +#endif + + TRACE("Seq:%u Cipher Addon cipher:%s auth:%s\n", + node->seq, node->cipher->name, node->auth->name); + + if (job->cipher_direction == ENCRYPT) + memset(job->dst, 1, job->msg_len_to_cipher_in_bytes); + else + memset(job->dst, 2, job->msg_len_to_cipher_in_bytes); + + return 0; /* success */ +} + +/* + * addon hash function + */ +static int +hash_addon(struct JOB_AES_HMAC *job) +{ +#ifdef DEBUG + struct test_vec_s *node = job->user_data; +#endif + + TRACE("Seq:%u Auth Addon cipher:%s auth:%s\n", + node->seq, node->cipher->name, node->auth->name); + + memset(job->auth_tag_output, 3, job->auth_tag_output_len_in_bytes); + return 0; /* success */ +} + +/* + * test cipher functions + */ +static const struct auth_attr_s auth_attr_tab[] = { + { "SHA1", SHA1, 12 }, + { "SHA224", SHA_224, 14 }, + { "SHA256", SHA_256, 16 }, + { "SHA384", SHA_384, 24 }, + { "SHA512", SHA_512, 32 }, + { "MD5", MD5, 12 }, + { "CUSTOM_HASH", CUSTOM_HASH, 16 } +}; + +/* + * test hash functions + */ +static const struct cipher_attr_s cipher_attr_tab[] = { + { "CBC128", CBC, 16, 16 }, + { "CBC192", CBC, 24, 16 }, + { "CBC256", CBC, 32, 16 }, + { "CUSTOM_CIPHER", CUSTOM_CIPHER, 32, 12 }, + { "CTR128", CNTR, 16, 12 }, + { "CTR192", CNTR, 24, 12 }, + { "CTR256", CNTR, 32, 12 } +}; + +static int +job_check(const struct JOB_AES_HMAC *job) +{ +#ifdef DEBUG + struct test_vec_s *done = job->user_data; +#endif + + TRACE("done Seq:%u Cipher:%s Auth:%s\n", + done->seq, done->cipher->name, done->auth->name); + + if (job->status != STS_COMPLETED) { + TRACE("failed job status:%d\n", job->status); + return -1; + } + if (job->cipher_mode == CUSTOM_CIPHER) { + if (job->cipher_direction == ENCRYPT) { + unsigned i; + + for (i = 0; i < job->msg_len_to_cipher_in_bytes; i++) { + if (job->dst[i] != 1) { + TRACE("NG add-on encryption %u\n", i); + return -1; + } + } + TRACE("Addon encryption passes Seq:%u\n", done->seq); + } else { + unsigned i; + + for (i = 0; i < job->msg_len_to_cipher_in_bytes; i++) { + if (job->dst[i] != 2) { + TRACE("NG add-on decryption %u\n", i); + return -1; + } + } + TRACE("Addon decryption passes Seq:%u\n", done->seq); + } + } + + if (job->hash_alg == CUSTOM_HASH) { + unsigned i; + + for (i = 0; i < job->auth_tag_output_len_in_bytes; i++) { + if (job->auth_tag_output[i] != 3) { + TRACE("NG add-on hashing %u\n", i); + return -1; + } + } + TRACE("Addon hashing passes Seq:%u\n", done->seq); + } + return 0; +} + + +void +customop_test(struct MB_MGR *mgr) +{ + struct test_vec_s test_tab[DIM(cipher_attr_tab) * DIM(auth_attr_tab)]; + struct JOB_AES_HMAC *job; + unsigned i, j, seq; + int result = 0; + + for (i = 0, seq = 0; i < DIM(cipher_attr_tab); i++) { + for (j = 0; j < DIM(auth_attr_tab); j++) { + assert(seq < DIM(test_tab)); + test_tab[seq].seq = seq; + test_tab[seq].cipher = &cipher_attr_tab[i]; + test_tab[seq].auth = &auth_attr_tab[j]; + seq++; + } + } + + /* encryption */ + for (i = 0; i < seq; i++) { + struct test_vec_s *node = &test_tab[i]; + + while ((job = IMB_GET_NEXT_JOB(mgr)) == NULL) { + job = IMB_FLUSH_JOB(mgr); + result |= job_check(job); + } + + job->cipher_func = cipher_addon; + job->hash_func = hash_addon; + + job->aes_enc_key_expanded = node->enc_key; + job->aes_dec_key_expanded = node->dec_key; + job->aes_key_len_in_bytes = node->cipher->key_len; + job->src = node->txt; + job->dst = node->txt; + job->cipher_start_src_offset_in_bytes = 16; + job->msg_len_to_cipher_in_bytes = sizeof(node->txt); + job->hash_start_src_offset_in_bytes = 0; + job->msg_len_to_hash_in_bytes = + sizeof(node->txt) + sizeof(node->iv); + job->iv = node->iv; + job->iv_len_in_bytes = node->cipher->iv_len; + job->auth_tag_output = node->tag; + job->auth_tag_output_len_in_bytes = node->auth->tag_len; + + job->u.HMAC._hashed_auth_key_xor_ipad = node->ipad; + job->u.HMAC._hashed_auth_key_xor_opad = node->opad; + job->cipher_mode = node->cipher->mode; + job->cipher_direction = ENCRYPT; + job->chain_order = CIPHER_HASH; + job->hash_alg = node->auth->hash; + job->user_data = node; + + job = IMB_SUBMIT_JOB(mgr); + while (job) { + result |= job_check(job); + job = IMB_GET_COMPLETED_JOB(mgr); + } + } + + while ((job = IMB_FLUSH_JOB(mgr)) != NULL) + result |= job_check(job); + + /* decryption */ + for (i = 0; i < seq; i++) { + struct test_vec_s *node = &test_tab[i]; + + while ((job = IMB_GET_NEXT_JOB(mgr)) == NULL) { + job = IMB_FLUSH_JOB(mgr); + result |= job_check(job); + } + + job->cipher_func = cipher_addon; + job->hash_func = hash_addon; + + job->aes_enc_key_expanded = node->enc_key; + job->aes_dec_key_expanded = node->dec_key; + job->aes_key_len_in_bytes = node->cipher->key_len; + job->src = node->txt; + job->dst = node->txt; + job->cipher_start_src_offset_in_bytes = 16; + job->msg_len_to_cipher_in_bytes = sizeof(node->txt); + job->hash_start_src_offset_in_bytes = 0; + job->msg_len_to_hash_in_bytes = + sizeof(node->txt) + sizeof(node->iv); + job->iv = node->iv; + job->iv_len_in_bytes = node->cipher->iv_len; + job->auth_tag_output = node->tag; + job->auth_tag_output_len_in_bytes = node->auth->tag_len; + + job->u.HMAC._hashed_auth_key_xor_ipad = node->ipad; + job->u.HMAC._hashed_auth_key_xor_opad = node->opad; + job->cipher_mode = node->cipher->mode; + job->cipher_direction = DECRYPT; + job->chain_order = HASH_CIPHER; + job->hash_alg = node->auth->hash; + job->user_data = node; + + job = IMB_SUBMIT_JOB(mgr); + while (job) { + result |= job_check(job); + job = IMB_GET_COMPLETED_JOB(mgr); + } + } + + while ((job = IMB_FLUSH_JOB(mgr)) != NULL) + result |= job_check(job); + + if (result) + fprintf(stdout, "Custom cipher/auth test failed!\n"); + else + fprintf(stdout, "Custom cipher/auth test passed\n"); +} diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/customop_test.h b/src/spdk/intel-ipsec-mb/LibTestApp/customop_test.h new file mode 100755 index 00000000..adb07c3a --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/customop_test.h @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2017-2018, Intel Corporation + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _CUSTOMOP_TEST_H_ +#define _CUSTOMOP_TEST_H_ + +struct MB_MGR; +extern void customop_test(struct MB_MGR *state); + +#endif /* !_CUSTOMOP_TEST_H_ */ diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/des_test.c b/src/spdk/intel-ipsec-mb/LibTestApp/des_test.c new file mode 100644 index 00000000..dd1cb6d7 --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/des_test.c @@ -0,0 +1,488 @@ +/***************************************************************************** + Copyright (c) 2017-2018, Intel Corporation + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of Intel Corporation nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*****************************************************************************/ + +#include <stdint.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <assert.h> + +#include <intel-ipsec-mb.h> + +#include "gcm_ctr_vectors_test.h" + +#ifndef DIM +#define DIM(x) (sizeof(x) / sizeof(x[0])) +#endif + +int des_test(const enum arch_type arch, struct MB_MGR *mb_mgr); + +struct des_vector { + const uint8_t *K; /* key */ + const uint8_t *IV; /* initialization vector */ + const uint8_t *P; /* plain text */ + uint64_t Plen; /* plain text length */ + const uint8_t *C; /* cipher text - same length as plain text */ +}; + +/* CM-SP-SECv3.1-I07-170111 I.7 */ +static const uint8_t K1[] = { + 0xe6, 0x60, 0x0f, 0xd8, 0x85, 0x2e, 0xf5, 0xab +}; +static const uint8_t IV1[] = { + 0x81, 0x0e, 0x52, 0x8e, 0x1c, 0x5f, 0xda, 0x1a +}; +static const uint8_t P1[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x88, 0x41, 0x65, 0x06 +}; +static const uint8_t C1[] = { + 0x0d, 0xda, 0x5a, 0xcb, 0xd0, 0x5e, 0x55, 0x67, + 0x9f, 0x04, 0xd1, 0xb6, 0x41, 0x3d, 0x4e, 0xed +}; + +static const uint8_t K2[] = { + 0x3b, 0x38, 0x98, 0x37, 0x15, 0x20, 0xf7, 0x5e +}; +static const uint8_t IV2[] = { + 0x02, 0xa8, 0x11, 0x77, 0x4d, 0xcd, 0xe1, 0x3b +}; +static const uint8_t P2[] = { + 0x05, 0xef, 0xf7, 0x00, 0xe9, 0xa1, 0x3a, 0xe5, + 0xca, 0x0b, 0xcb, 0xd0, 0x48, 0x47, 0x64, 0xbd, + 0x1f, 0x23, 0x1e, 0xa8, 0x1c, 0x7b, 0x64, 0xc5, + 0x14, 0x73, 0x5a, 0xc5, 0x5e, 0x4b, 0x79, 0x63, + 0x3b, 0x70, 0x64, 0x24, 0x11, 0x9e, 0x09, 0xdc, + 0xaa, 0xd4, 0xac, 0xf2, 0x1b, 0x10, 0xaf, 0x3b, + 0x33, 0xcd, 0xe3, 0x50, 0x48, 0x47, 0x15, 0x5c, + 0xbb, 0x6f, 0x22, 0x19, 0xba, 0x9b, 0x7d, 0xf5 + +}; +static const uint8_t C2[] = { + 0xf3, 0x31, 0x8d, 0x01, 0x19, 0x4d, 0xa8, 0x00, + 0xa4, 0x2c, 0x10, 0xb5, 0x33, 0xd6, 0xbc, 0x11, + 0x97, 0x59, 0x2d, 0xcc, 0x9b, 0x5d, 0x35, 0x9a, + 0xc3, 0x04, 0x5d, 0x07, 0x4c, 0x86, 0xbf, 0x72, + 0xe5, 0x1a, 0x72, 0x25, 0x82, 0x22, 0x54, 0x03, + 0xde, 0x8b, 0x7a, 0x58, 0x5c, 0x6c, 0x28, 0xdf, + 0x41, 0x0e, 0x38, 0xd6, 0x2a, 0x86, 0xe3, 0x4f, + 0xa2, 0x7c, 0x22, 0x39, 0x60, 0x06, 0x03, 0x6f +}; + +static struct des_vector vectors[] = { + {K1, IV1, P1, sizeof(P1), C1}, + {K2, IV2, P2, sizeof(P2), C2}, +}; + +/* CM-SP-SECv3.1-I07-170111 I.7 */ +static const uint8_t DK1[] = { + 0xe6, 0x60, 0x0f, 0xd8, 0x85, 0x2e, 0xf5, 0xab +}; +static const uint8_t DIV1[] = { + 0x81, 0x0e, 0x52, 0x8e, 0x1c, 0x5f, 0xda, 0x1a +}; +static const uint8_t DP1[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x88, 0x41, 0x65, 0x06 +}; +static const uint8_t DC1[] = { + 0x0d, 0xda, 0x5a, 0xcb, 0xd0, 0x5e, 0x55, 0x67, + 0x9f, 0x04, 0xd1, 0xb6, 0x41, 0x3d, 0x4e, 0xed +}; + +static const uint8_t DK2[] = { + 0xe6, 0x60, 0x0f, 0xd8, 0x85, 0x2e, 0xf5, 0xab +}; +static const uint8_t DIV2[] = { + 0x81, 0x0e, 0x52, 0x8e, 0x1c, 0x5f, 0xda, 0x1a +}; +static const uint8_t DP2[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x91, + 0xd2, 0xd1, 0x9f +}; +static const uint8_t DC2[] = { + 0x0d, 0xda, 0x5a, 0xcb, 0xd0, 0x5e, 0x55, 0x67, + 0x51, 0x47, 0x46, 0x86, 0x8a, 0x71, 0xe5, 0x77, + 0xef, 0xac, 0x88 +}; + +static const uint8_t DK3[] = { + 0xe6, 0x60, 0x0f, 0xd8, 0x85, 0x2e, 0xf5, 0xab +}; +static const uint8_t DIV3[] = { + 0x51, 0x47, 0x46, 0x86, 0x8a, 0x71, 0xe5, 0x77 +}; +static const uint8_t DP3[] = { + 0xd2, 0xd1, 0x9f +}; +static const uint8_t DC3[] = { + 0xef, 0xac, 0x88 +}; + +static struct des_vector docsis_vectors[] = { + {DK1, DIV1, DP1, sizeof(DP1), DC1}, + {DK2, DIV2, DP2, sizeof(DP2), DC2}, + {DK3, DIV3, DP3, sizeof(DP3), DC3}, +}; + +static int +test_des_many(struct MB_MGR *mb_mgr, + const uint64_t *ks, + const void *iv, + const uint8_t *in_text, + const uint8_t *out_text, + unsigned text_len, + int dir, + int order, + JOB_CIPHER_MODE cipher, + const int in_place, + const int num_jobs) +{ + const void *ks_ptr[3]; /* 3DES */ + struct JOB_AES_HMAC *job; + uint8_t padding[16]; + uint8_t **targets = malloc(num_jobs * sizeof(void *)); + int i, jobs_rx = 0, ret = -1; + + assert(targets != NULL); + + memset(padding, -1, sizeof(padding)); + + for (i = 0; i < num_jobs; i++) { + targets[i] = malloc(text_len + (sizeof(padding) * 2)); + memset(targets[i], -1, text_len + (sizeof(padding) * 2)); + if (in_place) { + /* copy input text to the allocated buffer */ + memcpy(targets[i] + sizeof(padding), in_text, text_len); + } + } + + ks_ptr[0] = ks_ptr[1] = ks_ptr[2] = ks; /* 3DES only */ + + /* flush the scheduler */ + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) + ; + + for (i = 0; i < num_jobs; i++) { + job = IMB_GET_NEXT_JOB(mb_mgr); + job->cipher_direction = dir; + job->chain_order = order; + if (!in_place) { + job->dst = targets[i] + sizeof(padding); + job->src = in_text; + } else { + job->dst = targets[i] + sizeof(padding); + job->src = targets[i] + sizeof(padding); + } + job->cipher_mode = cipher; + if (cipher == DES3) { + job->aes_enc_key_expanded = (const void *) ks_ptr; + job->aes_dec_key_expanded = (const void *) ks_ptr; + } else { + job->aes_enc_key_expanded = ks; + job->aes_dec_key_expanded = ks; + } + job->aes_key_len_in_bytes = 8; + job->iv = iv; + job->iv_len_in_bytes = 8; + job->cipher_start_src_offset_in_bytes = 0; + job->msg_len_to_cipher_in_bytes = text_len; + job->user_data = (void *)((uint64_t)i); + + job->hash_alg = NULL_HASH; + + job = IMB_SUBMIT_JOB(mb_mgr); + if (job != NULL) { + const int num = (const int)((uint64_t)job->user_data); + + jobs_rx++; + if (job->status != STS_COMPLETED) { + printf("%d error status:%d, job %d", + __LINE__, job->status, num); + goto end; + } + if (memcmp(out_text, targets[num] + sizeof(padding), + text_len)) { + printf("%d mismatched\n", num); + goto end; + } + if (memcmp(padding, targets[num], sizeof(padding))) { + printf("%d overwrite head\n", num); + goto end; + } + if (memcmp(padding, + targets[num] + sizeof(padding) + text_len, + sizeof(padding))) { + printf("%d overwrite tail\n", num); + goto end; + } + } + } + + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) { + const int num = (const int)((uint64_t)job->user_data); + + jobs_rx++; + if (job->status != STS_COMPLETED) { + printf("%d Error status:%d, job %d", + __LINE__, job->status, num); + goto end; + } + if (memcmp(out_text, targets[num] + sizeof(padding), + text_len)) { + printf("%d mismatched\n", num); + goto end; + } + if (memcmp(padding, targets[num], sizeof(padding))) { + printf("%d overwrite head\n", num); + goto end; + } + if (memcmp(padding, targets[num] + sizeof(padding) + text_len, + sizeof(padding))) { + printf("%d overwrite tail\n", num); + goto end; + } + } + + if (jobs_rx != num_jobs) { + printf("Expected %d jobs, received %d\n", num_jobs, jobs_rx); + goto end; + } + ret = 0; + + end: + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) + ; + + for (i = 0; i < num_jobs; i++) + free(targets[i]); + free(targets); + return ret; +} + +static int +test_des_one(struct MB_MGR *mb_mgr, + const uint64_t *ks, + const void *iv, + const uint8_t *in_text, + const uint8_t *out_text, + unsigned text_len, + int dir, + int order, + JOB_CIPHER_MODE cipher, + const int in_place) +{ + const void *ks_ptr[3]; /* 3DES */ + struct JOB_AES_HMAC *job; + uint8_t padding[16]; + uint8_t *target = malloc(text_len + (sizeof(padding) * 2)); + int ret = -1; + + assert(target != NULL); + + memset(target, -1, text_len + (sizeof(padding) * 2)); + memset(padding, -1, sizeof(padding)); + + if (in_place) { + /* copy input text to the allocated buffer */ + memcpy(target + sizeof(padding), in_text, text_len); + } + + ks_ptr[0] = ks_ptr[1] = ks_ptr[2] = ks; /* 3DES only */ + + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) + ; + + job = IMB_GET_NEXT_JOB(mb_mgr); + job->cipher_direction = dir; + job->chain_order = order; + if (!in_place) { + job->dst = target + sizeof(padding); + job->src = in_text; + } else { + job->dst = target + sizeof(padding); + job->src = target + sizeof(padding); + } + job->cipher_mode = cipher; + if (cipher == DES3) { + job->aes_enc_key_expanded = (const void *) ks_ptr; + job->aes_dec_key_expanded = (const void *) ks_ptr; + } else { + job->aes_enc_key_expanded = ks; + job->aes_dec_key_expanded = ks; + } + job->aes_key_len_in_bytes = 8; + job->iv = iv; + job->iv_len_in_bytes = 8; + job->cipher_start_src_offset_in_bytes = 0; + job->msg_len_to_cipher_in_bytes = text_len; + + job->hash_alg = NULL_HASH; + + job = IMB_SUBMIT_JOB(mb_mgr); + if (job) { + printf("%d Unexpected return from submit_job\n", __LINE__); + goto end; + } + job = IMB_FLUSH_JOB(mb_mgr); + if (!job) { + printf("%d Unexpected null return from flush_job\n", __LINE__); + goto end; + } + if (job->status != STS_COMPLETED) { + printf("%d Error status:%d", __LINE__, job->status); + goto end; + } + if (memcmp(out_text, target + sizeof(padding), text_len)) { + printf("mismatched\n"); + goto end; + } + if (memcmp(padding, target, sizeof(padding))) { + printf("overwrite head\n"); + goto end; + } + if (memcmp(padding, target + sizeof(padding) + text_len, + sizeof(padding))) { + printf("overwrite tail\n"); + goto end; + } + ret = 0; + end: + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) + ; + + free(target); + return ret; +} + +static int +test_des(struct MB_MGR *mb_mgr, + const uint64_t *ks, + const void *iv, + const uint8_t *in_text, + const uint8_t *out_text, + unsigned text_len, + int dir, + int order, + JOB_CIPHER_MODE cipher, + const int in_place) +{ + int ret = 0; + + ret |= test_des_one(mb_mgr, ks, iv, in_text, out_text, text_len, + dir, order, cipher, in_place); + ret |= test_des_many(mb_mgr, ks, iv, in_text, out_text, text_len, + dir, order, cipher, in_place, 32); + + return ret; +} + +static int +test_des_vectors(struct MB_MGR *mb_mgr, const int vec_cnt, + const struct des_vector *vec_tab, const char *banner, + const JOB_CIPHER_MODE cipher) +{ + int vect, errors = 0; + uint64_t ks[16]; + + printf("%s:\n", banner); + for (vect = 0; vect < vec_cnt; vect++) { +#ifdef DEBUG + printf("Standard vector %d/%d PTLen:%d\n", + vect + 1, vec_cnt, + (int) vec_tab[vect].Plen); +#else + printf("."); +#endif + des_key_schedule(ks, vec_tab[vect].K); + + if (test_des(mb_mgr, ks, + vec_tab[vect].IV, + vec_tab[vect].P, vec_tab[vect].C, + (unsigned) vec_tab[vect].Plen, + ENCRYPT, CIPHER_HASH, cipher, 0)) { + printf("error #%d encrypt\n", vect + 1); + errors++; + } + + if (test_des(mb_mgr, ks, + vec_tab[vect].IV, + vec_tab[vect].C, vec_tab[vect].P, + (unsigned) vec_tab[vect].Plen, + DECRYPT, HASH_CIPHER, cipher, 0)) { + printf("error #%d decrypt\n", vect + 1); + errors++; + } + + if (test_des(mb_mgr, ks, + vec_tab[vect].IV, + vec_tab[vect].P, vec_tab[vect].C, + (unsigned) vec_tab[vect].Plen, + ENCRYPT, CIPHER_HASH, cipher, 1)) { + printf("error #%d encrypt in-place\n", vect + 1); + errors++; + } + + if (test_des(mb_mgr, ks, + vec_tab[vect].IV, + vec_tab[vect].C, vec_tab[vect].P, + (unsigned) vec_tab[vect].Plen, + DECRYPT, HASH_CIPHER, cipher, 1)) { + printf("error #%d decrypt in-place\n", vect + 1); + errors++; + } + } + printf("\n"); + return errors; +} + +int +des_test(const enum arch_type arch, + struct MB_MGR *mb_mgr) +{ + int errors; + + (void) arch; /* unused */ + + errors = test_des_vectors(mb_mgr, DIM(vectors), vectors, + "DES standard test vectors", DES); + + errors += test_des_vectors(mb_mgr, DIM(docsis_vectors), docsis_vectors, + "DOCSIS DES standard test vectors", + DOCSIS_DES); + + errors = test_des_vectors(mb_mgr, DIM(vectors), vectors, + "3DES standard test vectors", DES3); + + if (0 == errors) + printf("...Pass\n"); + else + printf("...Fail\n"); + + return errors; +} diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/do_test.h b/src/spdk/intel-ipsec-mb/LibTestApp/do_test.h new file mode 100644 index 00000000..be4c9dbe --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/do_test.h @@ -0,0 +1,278 @@ +/* + * Copyright (c) 2012-2018, Intel Corporation + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdint.h> + +#ifndef DO_TEST_H +#define DO_TEST_H + +static unsigned char key[] = { + 0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77, + 0x78,0x79,0x7a,0x7b,0x7c,0x7d,0x7e,0x7f, + 0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87, + 0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f, + 0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97, + 0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f, + 0xa0 +}; + +static unsigned char text[] = { + 0x53,0x61,0x6d,0x70,0x6c,0x65,0x20,0x23,0x34 +}; + +static unsigned char hmac12[] = { + 0x9e,0xa8,0x86,0xef,0xe2,0x68,0xdb,0xec,0xce,0x42,0x0c,0x75 +}; + +#define KEYSIZE sizeof(key) +#define TEXTSIZE sizeof(text); + +static unsigned char plain[] = { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a, + 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c, + 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51, + 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11, + 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef, + 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17, + 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 +}; + +static unsigned char key128[] = { + 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, + 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c +}; + +/* static unsigned char key256[] = { */ +/* 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, */ +/* 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, */ +/* 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, */ +/* 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 */ +/* }; */ + +static unsigned char ic[] = { + 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, + 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f +}; + +static unsigned char cipherCBC128[] = { + 0x76,0x49,0xab,0xac,0x81,0x19,0xb2,0x46, + 0xce,0xe9,0x8e,0x9b,0x12,0xe9,0x19,0x7d, + 0x50,0x86,0xcb,0x9b,0x50,0x72,0x19,0xee, + 0x95,0xdb,0x11,0x3a,0x91,0x76,0x78,0xb2, + 0x73,0xbe,0xd6,0xb8,0xe3,0xc1,0x74,0x3b, + 0x71,0x16,0xe6,0x9e,0x22,0x22,0x95,0x16, + 0x3f,0xf1,0xca,0xa1,0x68,0x1f,0xac,0x09, + 0x12,0x0e,0xca,0x30,0x75,0x86,0xe1,0xa7 +}; + +/* static unsigned char cipherCBC256[] = { */ +/* 0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba, */ +/* 0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6, */ +/* 0x9c,0xfc,0x4e,0x96,0x7e,0xdb,0x80,0x8d, */ +/* 0x67,0x9f,0x77,0x7b,0xc6,0x70,0x2c,0x7d, */ +/* 0x39,0xf2,0x33,0x69,0xa9,0xd9,0xba,0xcf, */ +/* 0xa5,0x30,0xe2,0x63,0x04,0x23,0x14,0x61, */ +/* 0xb2,0xeb,0x05,0xe2,0xc3,0x9b,0xe9,0xfc, */ +/* 0xda,0x6c,0x19,0x07,0x8c,0x6a,0x9d,0x1b */ +/* }; */ + +#define NUMBLOCKS 4 +#define NUMBYTES (NUMBLOCKS * 16) + + +static void +known_answer_test(MB_MGR *mb_mgr) +{ + uint8_t test_buf[NUMBYTES]; + uint8_t buf[64]; + DECLARE_ALIGNED(uint32_t enc_keys[15*4], 16); + DECLARE_ALIGNED(uint32_t dec_keys[15*4], 16); + DECLARE_ALIGNED(uint8_t ipad_hash[5*4], 16); + DECLARE_ALIGNED(uint8_t opad_hash[5*4], 16); + JOB_AES_HMAC *job; + uint8_t iv[16]; + uint8_t digest[12]; + uint32_t i; + + /* compute ipad hash */ + for (i=0; i<64; i++) + buf[i] = 0x36; + for (i=0; i<KEYSIZE; i++) + buf[i] ^= key[i]; + IMB_SHA1_ONE_BLOCK(mb_mgr, buf, ipad_hash); + + /* compute opad hash */ + for (i=0; i<64; i++) + buf[i] = 0x5c; + for (i=0; i<KEYSIZE; i++) + buf[i] ^= key[i]; + IMB_SHA1_ONE_BLOCK(mb_mgr, buf, opad_hash); + + + /* Expand key */ + IMB_AES_KEYEXP_128(mb_mgr, key128, enc_keys, dec_keys); + + + /* test AES128 Dec */ + job = IMB_GET_NEXT_JOB(mb_mgr); + + job->aes_enc_key_expanded = enc_keys; + job->aes_dec_key_expanded = dec_keys; + job->cipher_direction = DECRYPT; + job->chain_order = HASH_CIPHER; + job->dst = test_buf; + job->aes_key_len_in_bytes = 16; + job->auth_tag_output = digest; + job->auth_tag_output_len_in_bytes = 12; + memcpy(iv, ic, sizeof(iv)); + job->iv = iv; + job->iv_len_in_bytes = 16; + job->src = cipherCBC128; + job->cipher_start_src_offset_in_bytes = 0; + job->msg_len_to_cipher_in_bytes = NUMBYTES; + job->hash_start_src_offset_in_bytes = text - job->src; + job->msg_len_to_hash_in_bytes = TEXTSIZE; + job->u.HMAC._hashed_auth_key_xor_ipad = ipad_hash; + job->u.HMAC._hashed_auth_key_xor_opad = opad_hash; + job->cipher_mode = CBC; + job->hash_alg = SHA1; + + job = IMB_SUBMIT_JOB(mb_mgr); + if (job) { + printf("Unexpected return from submit_job\n"); + return; + } + job = IMB_FLUSH_JOB(mb_mgr); + if (!job) { + printf("Unexpected null return from flush_job\n"); + return; + } + for (i=0; i<NUMBYTES; i++) { + if (test_buf[i] != plain[i]) { + printf("AES128 Dec mismatch on byte %d\n", i); + return; + } + } + + for (i=0; i<12; i++) { + if (digest[i] != hmac12[i]) { + printf("HMAC/SHA1 mismatch on byte %d\n", i); + return; + } + } + printf("Known answer passes\n"); +} + +static void +test_aux_func(MB_MGR *mgr) +{ + /* test aux functions */ + uint128_t keys[15]; + static uint8_t buf[4096+20]; + + uint32_t digest1[8]; + uint64_t digest3[8]; + DECLARE_ALIGNED(uint32_t k1_exp[15*4], 16); + DECLARE_ALIGNED(uint32_t k2[4], 16); + DECLARE_ALIGNED(uint32_t k3[4], 16); + + printf("Testing aux funcs\n"); + + IMB_SHA1_ONE_BLOCK(mgr, buf, digest1); + IMB_SHA224_ONE_BLOCK(mgr, buf, digest1); + IMB_SHA256_ONE_BLOCK(mgr, buf, digest1); + IMB_SHA384_ONE_BLOCK(mgr, buf, digest3); + IMB_SHA512_ONE_BLOCK(mgr, buf, digest3); + IMB_MD5_ONE_BLOCK(mgr, buf, digest1); + IMB_AES_XCBC_KEYEXP(mgr, buf + 1, k1_exp, k2, k3); + IMB_AES_KEYEXP_128(mgr, keys, k1_exp, k1_exp); + IMB_AES_KEYEXP_192(mgr, keys, k1_exp, k1_exp); + IMB_AES_KEYEXP_256(mgr, keys, k1_exp, k1_exp); +} + +static void +do_test(MB_MGR *mb_mgr) +{ + uint32_t size; + JOB_AES_HMAC *job; + static uint128_t IV = {0,0}; + static uint32_t ipad[5], opad[5], digest[3]; + uint128_t keys[15]; + static uint8_t buf[4096+20]; + + for (size = 32; size < 4096; size += 16) { + job = IMB_GET_NEXT_JOB(mb_mgr); + + job->msg_len_to_cipher_in_bytes = size; + job->msg_len_to_hash_in_bytes = size + 20; + job->hash_start_src_offset_in_bytes = 0; + job->cipher_start_src_offset_in_bytes = 20; + + job->auth_tag_output = (uint8_t*) digest; + job->auth_tag_output_len_in_bytes = 12; + job->u.HMAC._hashed_auth_key_xor_ipad = (uint8_t*)ipad; + job->u.HMAC._hashed_auth_key_xor_opad = (uint8_t*)opad; + + job->aes_enc_key_expanded = + job->aes_dec_key_expanded = (uint32_t*) keys; + job->src = buf; + job->dst = buf + 20; + job->iv = (uint8_t *) &IV; + job->iv_len_in_bytes = 16; + + job->cipher_mode = CBC; + job->hash_alg = SHA1; + + if (rand() & 1) + job->aes_key_len_in_bytes = 16; + else + job->aes_key_len_in_bytes = 32; + + if (rand() & 1) { + job->cipher_direction = ENCRYPT; + job->chain_order = CIPHER_HASH; + } else { + job->cipher_direction = DECRYPT; + job->chain_order = HASH_CIPHER; + } + job = IMB_SUBMIT_JOB(mb_mgr); + while (job) { + job = IMB_GET_COMPLETED_JOB(mb_mgr); + } /* end while (job) */ + } /* end for size */ + + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) { + } + + test_aux_func(mb_mgr); +} + +#endif /* DO_TEST_H */ diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/gcm_ctr_vectors_test.h b/src/spdk/intel-ipsec-mb/LibTestApp/gcm_ctr_vectors_test.h new file mode 100644 index 00000000..93b0a310 --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/gcm_ctr_vectors_test.h @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2017-2018, Intel Corporation + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef GCM_CTR_VECTORS_TEST_H_ +#define GCM_CTR_VECTORS_TEST_H_ + +#include <stdint.h> + +enum arch_type { + ARCH_SSE = 0, + ARCH_AVX, + ARCH_AVX2, + ARCH_AVX512, + ARCH_NUMOF +}; + +enum key_size { + BITS_128 = 16, + BITS_192 = 24, + BITS_256 = 32, +}; + +#define KBITS(K) (sizeof(K)) + +// struct to hold pointers to the key, plaintext and ciphertext vectors +struct gcm_ctr_vector { + const uint8_t* K; // AES Key + enum key_size Klen; // length of key in bits + const uint8_t* IV; // initial value used by GCM + uint64_t IVlen; // length of IV in bytes + const uint8_t* A; // additional authenticated data + uint64_t Alen; // length of AAD in bytes + const uint8_t* P; // Plain text + uint64_t Plen; // length of our plaintext + //outputs of encryption + const uint8_t* C; // same length as PT + const uint8_t* T; // Authenication tag + uint8_t Tlen; // AT length can be 0 to 128bits +}; + +#define vector(N) \ + {K##N, (KBITS(K##N)), IV##N, sizeof(IV##N), A##N, A##N##_len, \ + P##N, sizeof(P##N), C##N, T##N, sizeof(T##N)} + +int gcm_test(const enum arch_type arch); + +struct MB_MGR; +int ctr_test(const enum arch_type arch, struct MB_MGR *); + +#endif /* GCM_CTR_VECTORS_TEST_H_ */ diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/gcm_test.c b/src/spdk/intel-ipsec-mb/LibTestApp/gcm_test.c new file mode 100644 index 00000000..10497480 --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/gcm_test.c @@ -0,0 +1,1461 @@ +/********************************************************************** + Copyright(c) 2011-2018 Intel Corporation All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + * Neither the name of Intel Corporation nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +**********************************************************************/ + +#include <stdlib.h> +#include <stdio.h> +#include <stdint.h> +#include <string.h> /* for memcmp() */ + +#include <intel-ipsec-mb.h> +#include "gcm_ctr_vectors_test.h" + +/* + * 60-Byte Packet Encryption Using GCM-AES-128 + * http://www.ieee802.org/1/files/public/ + * docs2011/bn-randall-test-vectors-0511-v1.pdf + * + * K: AD7A2BD03EAC835A6F620FDCB506B345 + * IV: 12153524C0895E81B2C28465 + * AAD: D609B1F056637A0D46DF998D88E52E00 + * B2C2846512153524C0895E81 + * P: 08000F101112131415161718191A1B1C + * 1D1E1F202122232425262728292A2B2C + * 2D2E2F303132333435363738393A0002 + * C: 701AFA1CC039C0D765128A665DAB6924 + * 3899BF7318CCDC81C9931DA17FBE8EDD + * 7D17CB8B4C26FC81E3284F2B7FBA713D + * AT: 4F8D55E7D3F06FD5A13C0C29B9D5B880 + * H: 73A23D80121DE2D5A850253FCF43120E + */ +static uint8_t K1[] = { + 0xAD, 0x7A, 0x2B, 0xD0, 0x3E, 0xAC, 0x83, 0x5A, + 0x6F, 0x62, 0x0F, 0xDC, 0xB5, 0x06, 0xB3, 0x45 +}; +static uint8_t P1[] = { + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x00, 0x02 +}; +static uint8_t IV1[] = { + 0x12, 0x15, 0x35, 0x24, 0xC0, 0x89, 0x5E, 0x81, + 0xB2, 0xC2, 0x84, 0x65 +}; +static uint8_t A1[] = { + 0xD6, 0x09, 0xB1, 0xF0, 0x56, 0x63, 0x7A, 0x0D, + 0x46, 0xDF, 0x99, 0x8D, 0x88, 0xE5, 0x2E, 0x00, + 0xB2, 0xC2, 0x84, 0x65, 0x12, 0x15, 0x35, 0x24, + 0xC0, 0x89, 0x5E, 0x81 +}; + +#define A1_len sizeof(A1) + +static uint8_t C1[] = { + 0x70, 0x1A, 0xFA, 0x1C, 0xC0, 0x39, 0xC0, 0xD7, + 0x65, 0x12, 0x8A, 0x66, 0x5D, 0xAB, 0x69, 0x24, + 0x38, 0x99, 0xBF, 0x73, 0x18, 0xCC, 0xDC, 0x81, + 0xC9, 0x93, 0x1D, 0xA1, 0x7F, 0xBE, 0x8E, 0xDD, + 0x7D, 0x17, 0xCB, 0x8B, 0x4C, 0x26, 0xFC, 0x81, + 0xE3, 0x28, 0x4F, 0x2B, 0x7F, 0xBA, 0x71, 0x3D +}; +static uint8_t T1[] = { + 0x4F, 0x8D, 0x55, 0xE7, 0xD3, 0xF0, 0x6F, 0xD5, + 0xA1, 0x3C, 0x0C, 0x29, 0xB9, 0xD5, 0xB8, 0x80 +}; + +/* + * 54-Byte Packet Encryption Using GCM-AES-128 + * http://www.ieee802.org/1/files/public/ + * docs2011/bn-randall-test-vectors-0511-v1.pdf + * + * K: 071B113B0CA743FECCCF3D051F737382 + * IV: F0761E8DCD3D000176D457ED + * AAD: E20106D7CD0DF0761E8DCD3D88E54C2A + * 76D457ED + * P: 08000F101112131415161718191A1B1C + * 1D1E1F202122232425262728292A2B2C + * 2D2E2F30313233340004 + * C: 13B4C72B389DC5018E72A171DD85A5D3 + * 752274D3A019FBCAED09A425CD9B2E1C + * 9B72EEE7C9DE7D52B3F3 + * AT: D6A5284F4A6D3FE22A5D6C2B960494C3 + * H: E4E01725D724C1215C7309AD34539257 + */ +static uint8_t K2[] = { + 0x07, 0x1B, 0x11, 0x3B, 0x0C, 0xA7, 0x43, 0xFE, + 0xCC, 0xCF, 0x3D, 0x05, 0x1F, 0x73, 0x73, 0x82 +}; +static uint8_t P2[] = { + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x04 +}; +static uint8_t IV2[] = { + 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D, 0x00, 0x01, + 0x76, 0xD4, 0x57, 0xED +}; +/* static uint8_t IV1p[] = {0, 0, 0, 1}; */ +static uint8_t A2[] = { + 0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, + 0x1E, 0x8D, 0xCD, 0x3D, 0x88, 0xE5, 0x4C, 0x2A, + 0x76, 0xD4, 0x57, 0xED +}; +#define A2_len sizeof(A2) +static uint8_t C2[] = { + 0x13, 0xB4, 0xC7, 0x2B, 0x38, 0x9D, 0xC5, 0x01, + 0x8E, 0x72, 0xA1, 0x71, 0xDD, 0x85, 0xA5, 0xD3, + 0x75, 0x22, 0x74, 0xD3, 0xA0, 0x19, 0xFB, 0xCA, + 0xED, 0x09, 0xA4, 0x25, 0xCD, 0x9B, 0x2E, 0x1C, + 0x9B, 0x72, 0xEE, 0xE7, 0xC9, 0xDE, 0x7D, 0x52, + 0xB3, 0xF3 +}; +static uint8_t T2[] = { + 0xD6, 0xA5, 0x28, 0x4F, 0x4A, 0x6D, 0x3F, 0xE2, + 0x2A, 0x5D, 0x6C, 0x2B, 0x96, 0x04, 0x94, 0xC3 +}; + +/* + * http://csrc.nist.gov/groups/STM/cavp/gcmtestvectors.zip + * gcmEncryptExtIV128.rsp + * + * [Keylen = 128] + * [IVlen = 96] + * [PTlen = 128] + * [AADlen = 128] + * [Taglen = 128] + * Count = 0 + * K: c939cc13397c1d37de6ae0e1cb7c423c + * IV: b3d8cc017cbb89b39e0f67e2 + * P: c3b3c41f113a31b73d9a5cd432103069 + * AAD: 24825602bd12a984e0092d3e448eda5f + * C: 93fe7d9e9bfd10348a5606e5cafa7354 + * AT: 0032a1dc85f1c9786925a2e71d8272dd + */ +static uint8_t K3[] = { + 0xc9, 0x39, 0xcc, 0x13, 0x39, 0x7c, 0x1d, 0x37, + 0xde, 0x6a, 0xe0, 0xe1, 0xcb, 0x7c, 0x42, 0x3c +}; +static uint8_t IV3[] = { + 0xb3, 0xd8, 0xcc, 0x01, 0x7c, 0xbb, 0x89, 0xb3, + 0x9e, 0x0f, 0x67, 0xe2 +}; +static uint8_t P3[] = { + 0xc3, 0xb3, 0xc4, 0x1f, 0x11, 0x3a, 0x31, 0xb7, + 0x3d, 0x9a, 0x5c, 0xd4, 0x32, 0x10, 0x30, 0x69 +}; +static uint8_t A3[] = { + 0x24, 0x82, 0x56, 0x02, 0xbd, 0x12, 0xa9, 0x84, + 0xe0, 0x09, 0x2d, 0x3e, 0x44, 0x8e, 0xda, 0x5f +}; +#define A3_len sizeof(A3) +static uint8_t C3[] = { + 0x93, 0xfe, 0x7d, 0x9e, 0x9b, 0xfd, 0x10, 0x34, + 0x8a, 0x56, 0x06, 0xe5, 0xca, 0xfa, 0x73, 0x54 +}; +static uint8_t T3[] = { + 0x00, 0x32, 0xa1, 0xdc, 0x85, 0xf1, 0xc9, 0x78, + 0x69, 0x25, 0xa2, 0xe7, 0x1d, 0x82, 0x72, 0xdd +}; + +/* + * http://csrc.nist.gov/groups/STM/cavp/gcmtestvectors.zip + * gcmEncryptExtIV128.rsp + * + * [Keylen = 128] + * [IVlen = 96] + * [PTlen = 256] + * [AADlen = 128] + * [Taglen = 128] + * Count = 0 + * K = 298efa1ccf29cf62ae6824bfc19557fc + * IV = 6f58a93fe1d207fae4ed2f6d + * P = cc38bccd6bc536ad919b1395f5d63801f99f8068d65ca5ac63872daf16b93901 + * AAD = 021fafd238463973ffe80256e5b1c6b1 + * C = dfce4e9cd291103d7fe4e63351d9e79d3dfd391e3267104658212da96521b7db + * T = 542465ef599316f73a7a560509a2d9f2 + */ +static uint8_t K4[] = { + 0x29, 0x8e, 0xfa, 0x1c, 0xcf, 0x29, 0xcf, 0x62, + 0xae, 0x68, 0x24, 0xbf, 0xc1, 0x95, 0x57, 0xfc +}; +static uint8_t IV4[] = { + 0x6f, 0x58, 0xa9, 0x3f, 0xe1, 0xd2, 0x07, 0xfa, + 0xe4, 0xed, 0x2f, 0x6d +}; +static uint8_t P4[] = { + 0xcc, 0x38, 0xbc, 0xcd, 0x6b, 0xc5, 0x36, 0xad, + 0x91, 0x9b, 0x13, 0x95, 0xf5, 0xd6, 0x38, 0x01, + 0xf9, 0x9f, 0x80, 0x68, 0xd6, 0x5c, 0xa5, 0xac, + 0x63, 0x87, 0x2d, 0xaf, 0x16, 0xb9, 0x39, 0x01 +}; +static uint8_t A4[] = { + 0x02, 0x1f, 0xaf, 0xd2, 0x38, 0x46, 0x39, 0x73, + 0xff, 0xe8, 0x02, 0x56, 0xe5, 0xb1, 0xc6, 0xb1 +}; +#define A4_len sizeof(A4) +static uint8_t C4[] = { + 0xdf, 0xce, 0x4e, 0x9c, 0xd2, 0x91, 0x10, 0x3d, + 0x7f, 0xe4, 0xe6, 0x33, 0x51, 0xd9, 0xe7, 0x9d, + 0x3d, 0xfd, 0x39, 0x1e, 0x32, 0x67, 0x10, 0x46, + 0x58, 0x21, 0x2d, 0xa9, 0x65, 0x21, 0xb7, 0xdb +}; +static uint8_t T4[] = { + 0x54, 0x24, 0x65, 0xef, 0x59, 0x93, 0x16, 0xf7, + 0x3a, 0x7a, 0x56, 0x05, 0x09, 0xa2, 0xd9, 0xf2 +}; + +/* + * http://csrc.nist.gov/groups/STM/cavp/gcmtestvectors.zip + * gcmEncryptExtIV128.rsp + * + * [Keylen = 128] + * [IVlen = 96] + * [PTlen = 256] + * [AADlen = 128] + * [Taglen = 128] + * Count = 0 + * K = 298efa1ccf29cf62ae6824bfc19557fc + * IV = 6f58a93fe1d207fae4ed2f6d + * P = cc38bccd6bc536ad919b1395f5d63801f99f8068d65ca5ac63872daf16b93901 + * AAD = 021fafd238463973ffe80256e5b1c6b1 + * C = dfce4e9cd291103d7fe4e63351d9e79d3dfd391e3267104658212da96521b7db + * T = 542465ef599316f73a7a560509a2d9f2 + */ +static uint8_t K5[] = { + 0x29, 0x8e, 0xfa, 0x1c, 0xcf, 0x29, 0xcf, 0x62, + 0xae, 0x68, 0x24, 0xbf, 0xc1, 0x95, 0x57, 0xfc +}; +static uint8_t IV5[] = { + 0x6f, 0x58, 0xa9, 0x3f, 0xe1, 0xd2, 0x07, 0xfa, + 0xe4, 0xed, 0x2f, 0x6d +}; +static uint8_t P5[] = { + 0xcc, 0x38, 0xbc, 0xcd, 0x6b, 0xc5, 0x36, 0xad, + 0x91, 0x9b, 0x13, 0x95, 0xf5, 0xd6, 0x38, 0x01, + 0xf9, 0x9f, 0x80, 0x68, 0xd6, 0x5c, 0xa5, 0xac, + 0x63, 0x87, 0x2d, 0xaf, 0x16, 0xb9, 0x39, 0x01 +}; +static uint8_t A5[] = { + 0x02, 0x1f, 0xaf, 0xd2, 0x38, 0x46, 0x39, 0x73, + 0xff, 0xe8, 0x02, 0x56, 0xe5, 0xb1, 0xc6, 0xb1 +}; +#define A5_len sizeof(A5) +static uint8_t C5[] = { + 0xdf, 0xce, 0x4e, 0x9c, 0xd2, 0x91, 0x10, 0x3d, + 0x7f, 0xe4, 0xe6, 0x33, 0x51, 0xd9, 0xe7, 0x9d, + 0x3d, 0xfd, 0x39, 0x1e, 0x32, 0x67, 0x10, 0x46, + 0x58, 0x21, 0x2d, 0xa9, 0x65, 0x21, 0xb7, 0xdb +}; +static uint8_t T5[] = { + 0x54, 0x24, 0x65, 0xef, 0x59, 0x93, 0x16, 0xf7, + 0x3a, 0x7a, 0x56, 0x05, 0x09, 0xa2, 0xd9, 0xf2 +}; + +/* + * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/ + * proposedmodes/gcm/gcm-revised-spec.pdf + * + * Test Case 2 + * K: 00000000000000000000000000000000 + * P: 00000000000000000000000000000000 + * IV: 000000000000000000000000 + * C: 0388dace60b6a392f328c2b971b2fe78 + * T: ab6e47d42cec13bdf53a67b21257bddf + * H: 66e94bd4ef8a2c3b884cfa59ca342b2e + */ +static uint8_t K6[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; +static uint8_t P6[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; +static uint8_t IV6[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 +}; +static uint8_t A6[] = {0}; +#define A6_len 0 +static uint8_t C6[] = { + 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, + 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 +}; +static uint8_t T6[] = { + 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd, + 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf +}; + +/* + * http://csrc.nist.gov/groups/ST/toolkit/BCM/ + * documents/proposedmodes/gcm/gcm-revised-spec.pdf + * + * Test Case 3 + * K: feffe9928665731c6d6a8f9467308308 + * P: d9313225f88406e5a55909c5aff5269a + * 86a7a9531534f7da2e4c303d8a318a72 + * 1c3c0c95956809532fcf0e2449a6b525 + * b16aedf5aa0de657ba637b391aafd255 + * IV: cafebabefacedbaddecaf888 + * H: b83b533708bf535d0aa6e52980d53b78 + * C: 42831ec2217774244b7221b784d0d49c + * e3aa212f2c02a4e035c17e2329aca12e + * 21d514b25466931c7d8f6a5aac84aa05 + * 1ba30b396a0aac973d58e091473f5985 + * T: 4d5c2af327cd64a62cf35abd2ba6fab4 + */ +static uint8_t K7[] = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 +}; +static uint8_t P7[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 +}; +static uint8_t IV7[] = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 +}; +static uint8_t A7[] = {0}; +#define A7_len 0 +static uint8_t C7[] = { + 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, + 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, + 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, + 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, + 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, + 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, + 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, + 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 +}; +static uint8_t T7[] = { + 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, + 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 +}; + +/* + * http://csrc.nist.gov/groups/ST/toolkit/BCM/ + * documents/proposedmodes/gcm/gcm-revised-spec.pdf + * + * Test Case 4 + * K: feffe9928665731c6d6a8f9467308308 + * P: d9313225f88406e5a55909c5aff5269a + * 86a7a9531534f7da2e4c303d8a318a72 + * 1c3c0c95956809532fcf0e2449a6b525 + * b16aedf5aa0de657ba637b39 + * A: feedfacedeadbeeffeedfacedeadbeef + * abaddad2 + * IV: cafebabefacedbaddecaf888 + * H: b83b533708bf535d0aa6e52980d53b78 + * C: 42831ec2217774244b7221b784d0d49c + * e3aa212f2c02a4e035c17e2329aca12e + * 21d514b25466931c7d8f6a5aac84aa05 + * 1ba30b396a0aac973d58e091 + * T: 5bc94fbc3221a5db94fae95ae7121a47 + */ +static uint8_t K8[] = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 +}; +static uint8_t P8[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39 +}; +static uint8_t A8[] = { + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xab, 0xad, 0xda, 0xd2 +}; +#define A8_len sizeof(A8) +static uint8_t IV8[] = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 +}; +static uint8_t C8[] = { + 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, + 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, + 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, + 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, + 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, + 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, + 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, + 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 +}; +static uint8_t T8[] = { + 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb, + 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 +}; + +/* + * http://csrc.nist.gov/groups/ST/toolkit/BCM/ + * documents/proposedmodes/gcm/gcm-revised-spec.pdf + * + * Test Case 14 + * K: 00000000000000000000000000000000 + * 00000000000000000000000000000000 + * P: 00000000000000000000000000000000 + * A: + * IV: 000000000000000000000000 + * H: dc95c078a2408989ad48a21492842087 + * C: cea7403d4d606b6e074ec5d3baf39d18 + * T: d0d1c8a799996bf0265b98b5d48ab919 + */ +static uint8_t K9[] = { + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 +}; +static uint8_t P9[] = { + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 +}; +static uint8_t A9[] = {0}; +#define A9_len 0 +static uint8_t IV9[] = { + 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x0, 0x0 +}; +static uint8_t C9[] = { + 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e, + 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18 +}; +static uint8_t T9[] = { + 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0, + 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 +}; + +/* + * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/ + * proposedmodes/gcm/gcm-revised-spec.pdf + * + * Test Case 15 + * K: feffe9928665731c6d6a8f9467308308 + * feffe9928665731c6d6a8f9467308308 + * P: d9313225f88406e5a55909c5aff5269a + * 86a7a9531534f7da2e4c303d8a318a72 + * 1c3c0c95956809532fcf0e2449a6b525 + * b16aedf5aa0de657ba637b391aafd255 + * A: + * IV: cafebabefacedbaddecaf888 + * H: acbef20579b4b8ebce889bac8732dad7 + * C: 522dc1f099567d07f47f37a32a84427d + * 643a8cdcbfe5c0c97598a2bd2555d1aa + * 8cb08e48590dbb3da7b08b1056828838 + * c5f61e6393ba7a0abcc9f662898015ad + * T: b094dac5d93471bdec1a502270e3cc6c + */ +static uint8_t K10[] = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 +}; +static uint8_t P10[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 +}; +static uint8_t A10[] = {0}; +#define A10_len 0 +static uint8_t IV10[] = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 +}; +static uint8_t C10[] = { + 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, + 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, + 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, + 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, + 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, + 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, + 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, + 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad +}; +static uint8_t T10[] = { + 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd, + 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c +}; + +/* + * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/ + * proposedmodes/gcm/gcm-revised-spec.pdf + * + * Test Case 16 + * K: feffe9928665731c6d6a8f9467308308 + * feffe9928665731c6d6a8f9467308308 + * P: d9313225f88406e5a55909c5aff5269a + * 86a7a9531534f7da2e4c303d8a318a72 + * 1c3c0c95956809532fcf0e2449a6b525 + * b16aedf5aa0de657ba637b39 + * A: feedfacedeadbeeffeedfacedeadbeef + * abaddad2 + * IV: cafebabefacedbaddecaf888 + * H: acbef20579b4b8ebce889bac8732dad7 + * C: 522dc1f099567d07f47f37a32a84427d + * 643a8cdcbfe5c0c97598a2bd2555d1aa + * 8cb08e48590dbb3da7b08b1056828838 + * c5f61e6393ba7a0abcc9f662 + * T: 76fc6ece0f4e1768cddf8853bb2d551b + */ +static uint8_t K11[] = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 +}; +static uint8_t P11[] = { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39 +}; +static uint8_t A11[] = { + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xab, 0xad, 0xda, 0xd2 +}; +#define A11_len sizeof(A11) +static uint8_t IV11[] = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 +}; +static uint8_t C11[] = { + 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, + 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, + 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, + 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, + 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, + 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, + 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, + 0xbc, 0xc9, 0xf6, 0x62 +}; +static uint8_t T11[] = { + 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, + 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b +}; + +/* + * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/ + * proposedmodes/gcm/gcm-revised-spec.pdf + * + * Test Case 17 -- Not supported IV length less than 12 bytes + * K: feffe9928665731c6d6a8f9467308308 + * feffe9928665731c6d6a8f9467308308 + * P: d9313225f88406e5a55909c5aff5269a + * 86a7a9531534f7da2e4c303d8a318a72 + * 1c3c0c95956809532fcf0e2449a6b525 + * b16aedf5aa0de657ba637b39 + * A: feedfacedeadbeeffeedfacedeadbeef + * abaddad2 + * IV: cafebabefacedbad + * H: acbef20579b4b8ebce889bac8732dad7 + * C: c3762df1ca787d32ae47c13bf19844cb + * af1ae14d0b976afac52ff7d79bba9de0 + * feb582d33934a4f0954cc2363bc73f78 + * 62ac430e64abe499f47c9b1f + * T: 3a337dbf46a792c45e454913fe2ea8f2 + */ +/* static uint8_t K12[] = { */ +/* 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, */ +/* 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, */ +/* 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, */ +/* 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 */ +/* }; */ +/* static uint8_t P12[] = { */ +/* 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, */ +/* 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, */ +/* 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, */ +/* 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, */ +/* 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, */ +/* 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, */ +/* 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, */ +/* 0xba, 0x63, 0x7b, 0x39 */ +/* }; */ +/* static uint8_t A12[] = { */ +/* 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, */ +/* 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, */ +/* 0xab, 0xad, 0xda, 0xd2 */ +/* }; */ +/* static uint8_t IV12[] = { */ +/* 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad */ +/* }; */ +/* static uint8_t H12[] = { */ +/* 0xac, 0xbe, 0xf2, 0x05, 0x79, 0xb4, 0xb8, 0xeb, */ +/* 0xce, 0x88, 0x9b, 0xac, 0x87, 0x32, 0xda, 0xd7 */ +/* }; */ +/* static uint8_t C12[] = { */ +/* 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32, */ +/* 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb, */ +/* 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa, */ +/* 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0, */ +/* 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0, */ +/* 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78, */ +/* 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99, */ +/* 0xf4, 0x7c, 0x9b, 0x1f */ +/* }; */ +/* static uint8_t T12[] = { */ +/* 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4, */ +/* 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 */ +/* }; */ + +/* + * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/ + * proposedmodes/gcm/gcm-revised-spec.pdf + * + * Test Case 18 -- Not supported IV length greater than 12 bytes + * K: feffe9928665731c6d6a8f9467308308 + * feffe9928665731c6d6a8f9467308308 + * P: d9313225f88406e5a55909c5aff5269a + * 86a7a9531534f7da2e4c303d8a318a72 + * 1c3c0c95956809532fcf0e2449a6b525 + * b16aedf5aa0de657ba637b39 + * A: feedfacedeadbeeffeedfacedeadbeef + * abaddad2 + * IV: 9313225df88406e555909c5aff5269aa + * 6a7a9538534f7da1e4c303d2a318a728 + * c3c0c95156809539fcf0e2429a6b5254 + * 16aedbf5a0de6a57a637b39b + * H: acbef20579b4b8ebce889bac8732dad7 + * C: 5a8def2f0c9e53f1f75d7853659e2a20 + * eeb2b22aafde6419a058ab4f6f746bf4 + * 0fc0c3b780f244452da3ebf1c5d82cde + * a2418997200ef82e44ae7e3f + * T: a44a8266ee1c8eb0c8b5d4cf5ae9f19a + */ + +/* + * https://tools.ietf.org/html/draft-mcgrew-gcm-test-01 + * case #7 + */ +/******************************************************** + key = feffe9928665731c6d6a8f9467308308 + feffe9928665731c + (24 octets) + spi = 0000a5f8 + seq = 0000000a + (4 octets) + nonce = cafebabefacedbaddecaf888 + plaintext = 45000028a4ad4000400678800a01038f + 0a010612802306b8cb712602dd6bb03e + 501016d075680001 + (40 octets) + aad = 0000a5f80000000a + (8 octets) + ctext+tag = a5b1f8066029aea40e598b8122de0242 + 0938b3ab33f828e687b8858b5bfbdbd0 + 315b27452144cc7795457b9652037f53 + 18027b5b4cd7a636 + (56 octets) +********************************************************/ +static uint8_t K13[] = { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, +}; +static uint8_t IV13[] = { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88, +}; +static uint8_t A13[] = { + 0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x0a, +}; +#define A13_len sizeof(A13) +static uint8_t P13[] = { + 0x45, 0x00, 0x00, 0x28, 0xa4, 0xad, 0x40, 0x00, + 0x40, 0x06, 0x78, 0x80, 0x0a, 0x01, 0x03, 0x8f, + 0x0a, 0x01, 0x06, 0x12, 0x80, 0x23, 0x06, 0xb8, + 0xcb, 0x71, 0x26, 0x02, 0xdd, 0x6b, 0xb0, 0x3e, + 0x50, 0x10, 0x16, 0xd0, 0x75, 0x68, 0x00, 0x01, +}; +static uint8_t T13[] = { + 0x95, 0x45, 0x7b, 0x96, 0x52, 0x03, 0x7f, 0x53, + 0x18, 0x02, 0x7b, 0x5b, 0x4c, 0xd7, 0xa6, 0x36, +}; +static uint8_t C13[] = { + 0xa5, 0xb1, 0xf8, 0x06, 0x60, 0x29, 0xae, 0xa4, + 0x0e, 0x59, 0x8b, 0x81, 0x22, 0xde, 0x02, 0x42, + 0x09, 0x38, 0xb3, 0xab, 0x33, 0xf8, 0x28, 0xe6, + 0x87, 0xb8, 0x85, 0x8b, 0x5b, 0xfb, 0xdb, 0xd0, + 0x31, 0x5b, 0x27, 0x45, 0x21, 0x44, 0xcc, 0x77, +}; + +static const struct gcm_ctr_vector gcm_vectors[] = { + /* + * field order {K, Klen, IV, IVlen, A, Alen, P, Plen, C, T, Tlen}; + * original vector does not have a valid sub hash key + */ + vector(1), + vector(2), + vector(3), + vector(4), + vector(5), + vector(6), + vector(7), + vector(8), + vector(9), + vector(10), + vector(11), + /* vector(12), -- IV of less than 16bytes are not supported */ + vector(13), +}; + +typedef void (*gcm_enc_dec_fn_t)(const struct gcm_key_data *, + struct gcm_context_data *, + uint8_t *, const uint8_t *, uint64_t, + const uint8_t *, const uint8_t *, uint64_t, + uint8_t *, uint64_t); +typedef void (*gcm_pre_fn_t)(const void *, struct gcm_key_data *); + +static gcm_pre_fn_t aesni_gcm128_pre = NULL; +static gcm_enc_dec_fn_t aesni_gcm128_enc = NULL; +static gcm_enc_dec_fn_t aesni_gcm128_dec = NULL; +static gcm_enc_dec_fn_t aesni_gcm128_enc_2 = NULL; +static gcm_enc_dec_fn_t aesni_gcm128_dec_2 = NULL; + +static gcm_pre_fn_t aesni_gcm192_pre = NULL; +static gcm_enc_dec_fn_t aesni_gcm192_enc = NULL; +static gcm_enc_dec_fn_t aesni_gcm192_dec = NULL; +static gcm_enc_dec_fn_t aesni_gcm192_enc_2 = NULL; +static gcm_enc_dec_fn_t aesni_gcm192_dec_2 = NULL; + +static gcm_pre_fn_t aesni_gcm256_pre = NULL; +static gcm_enc_dec_fn_t aesni_gcm256_enc = NULL; +static gcm_enc_dec_fn_t aesni_gcm256_dec = NULL; +static gcm_enc_dec_fn_t aesni_gcm256_enc_2 = NULL; +static gcm_enc_dec_fn_t aesni_gcm256_dec_2 = NULL; + +static MB_MGR gcm_mgr; + +static int check_data(const uint8_t *test, const uint8_t *expected, + uint64_t len, const char *data_name) +{ + int mismatch; + int is_error = 0; + + mismatch = memcmp(test, expected, len); + if (mismatch) { + uint64_t a; + + is_error = 1; + printf(" expected results don't match %s \t\t", data_name); + for (a = 0; a < len; a++) { + if (test[a] != expected[a]) { + printf(" '%x' != '%x' at %llx of %llx\n", + test[a], expected[a], + (unsigned long long) a, + (unsigned long long) len); + break; + } + } + } + return is_error; +} + +/***************************************************************************** + * RAW SGL API + *****************************************************************************/ +static void +sgl_aes_gcm_enc_128_sse(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_128_sse(key, ctx, iv, aad, aad_len); + aes_gcm_enc_128_update_sse(key, ctx, out, in, len); + aes_gcm_enc_128_finalize_sse(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_128_sse(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_128_sse(key, ctx, iv, aad, aad_len); + aes_gcm_dec_128_update_sse(key, ctx, out, in, len); + aes_gcm_dec_128_finalize_sse(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_enc_192_sse(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_192_sse(key, ctx, iv, aad, aad_len); + aes_gcm_enc_192_update_sse(key, ctx, out, in, len); + aes_gcm_enc_192_finalize_sse(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_192_sse(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_192_sse(key, ctx, iv, aad, aad_len); + aes_gcm_dec_192_update_sse(key, ctx, out, in, len); + aes_gcm_dec_192_finalize_sse(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_enc_256_sse(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_256_sse(key, ctx, iv, aad, aad_len); + aes_gcm_enc_256_update_sse(key, ctx, out, in, len); + aes_gcm_enc_256_finalize_sse(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_256_sse(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_256_sse(key, ctx, iv, aad, aad_len); + aes_gcm_dec_256_update_sse(key, ctx, out, in, len); + aes_gcm_dec_256_finalize_sse(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_enc_128_avx_gen2(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_128_avx_gen2(key, ctx, iv, aad, aad_len); + aes_gcm_enc_128_update_avx_gen2(key, ctx, out, in, len); + aes_gcm_enc_128_finalize_avx_gen2(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_128_avx_gen2(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_128_avx_gen2(key, ctx, iv, aad, aad_len); + aes_gcm_dec_128_update_avx_gen2(key, ctx, out, in, len); + aes_gcm_dec_128_finalize_avx_gen2(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_enc_192_avx_gen2(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_192_avx_gen2(key, ctx, iv, aad, aad_len); + aes_gcm_enc_192_update_avx_gen2(key, ctx, out, in, len); + aes_gcm_enc_192_finalize_avx_gen2(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_192_avx_gen2(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_192_avx_gen2(key, ctx, iv, aad, aad_len); + aes_gcm_dec_192_update_avx_gen2(key, ctx, out, in, len); + aes_gcm_dec_192_finalize_avx_gen2(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_enc_256_avx_gen2(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_256_avx_gen2(key, ctx, iv, aad, aad_len); + aes_gcm_enc_256_update_avx_gen2(key, ctx, out, in, len); + aes_gcm_enc_256_finalize_avx_gen2(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_256_avx_gen2(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_256_avx_gen2(key, ctx, iv, aad, aad_len); + aes_gcm_dec_256_update_avx_gen2(key, ctx, out, in, len); + aes_gcm_dec_256_finalize_avx_gen2(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_enc_128_avx_gen4(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_128_avx_gen4(key, ctx, iv, aad, aad_len); + aes_gcm_enc_128_update_avx_gen4(key, ctx, out, in, len); + aes_gcm_enc_128_finalize_avx_gen4(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_128_avx_gen4(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_128_avx_gen4(key, ctx, iv, aad, aad_len); + aes_gcm_dec_128_update_avx_gen4(key, ctx, out, in, len); + aes_gcm_dec_128_finalize_avx_gen4(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_enc_192_avx_gen4(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_192_avx_gen4(key, ctx, iv, aad, aad_len); + aes_gcm_enc_192_update_avx_gen4(key, ctx, out, in, len); + aes_gcm_enc_192_finalize_avx_gen4(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_192_avx_gen4(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_192_avx_gen4(key, ctx, iv, aad, aad_len); + aes_gcm_dec_192_update_avx_gen4(key, ctx, out, in, len); + aes_gcm_dec_192_finalize_avx_gen4(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_enc_256_avx_gen4(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_256_avx_gen4(key, ctx, iv, aad, aad_len); + aes_gcm_enc_256_update_avx_gen4(key, ctx, out, in, len); + aes_gcm_enc_256_finalize_avx_gen4(key, ctx, auth_tag, auth_tag_len); +} + +static void +sgl_aes_gcm_dec_256_avx_gen4(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, + const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + aes_gcm_init_256_avx_gen4(key, ctx, iv, aad, aad_len); + aes_gcm_dec_256_update_avx_gen4(key, ctx, out, in, len); + aes_gcm_dec_256_finalize_avx_gen4(key, ctx, auth_tag, auth_tag_len); +} + +/***************************************************************************** + * job API + *****************************************************************************/ +static void +aes_gcm_job(MB_MGR *mb_mgr, + JOB_CHAIN_ORDER order, + const struct gcm_key_data *key, + uint64_t key_len, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + JOB_AES_HMAC *job; + + job = IMB_GET_NEXT_JOB(mb_mgr); + if (!job) { + fprintf(stderr, "failed to get job\n"); + return; + } + + job->cipher_mode = GCM; + job->hash_alg = AES_GMAC; + job->chain_order = order; + job->aes_enc_key_expanded = key; + job->aes_dec_key_expanded = key; + job->aes_key_len_in_bytes = key_len; + job->src = in; + job->dst = out; + job->msg_len_to_cipher_in_bytes = len; + job->cipher_start_src_offset_in_bytes = UINT64_C(0); + job->iv = iv; + job->iv_len_in_bytes = 12; + job->u.GCM.aad = aad; + job->u.GCM.aad_len_in_bytes = aad_len; + job->auth_tag_output = auth_tag; + job->auth_tag_output_len_in_bytes = auth_tag_len; + job->cipher_direction = + (order == CIPHER_HASH) ? ENCRYPT : DECRYPT; + + job = IMB_SUBMIT_JOB(mb_mgr); + while (job) { + if (job->status != STS_COMPLETED) + fprintf(stderr, "failed job, status:%d\n", job->status); + job = IMB_GET_COMPLETED_JOB(mb_mgr); + } + while ((job = IMB_FLUSH_JOB(mb_mgr)) != NULL) { + if (job->status != STS_COMPLETED) + fprintf(stderr, "failed job, status:%d\n", job->status); + } +} + +typedef void (*gcm_enc_dec_fn_t)(const struct gcm_key_data *, + struct gcm_context_data *, + uint8_t *, const uint8_t *, uint64_t, + const uint8_t *, const uint8_t *, uint64_t, + uint8_t *, uint64_t); + +static void +job_aes_gcm_enc_128(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + (void) ctx; /* unused */ + aes_gcm_job(&gcm_mgr, CIPHER_HASH, key, AES_128_BYTES, + out, in, len, + iv, aad, aad_len, + auth_tag, auth_tag_len); +} + +static void +job_aes_gcm_dec_128(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + (void) ctx; /* unused */ + aes_gcm_job(&gcm_mgr, HASH_CIPHER, key, AES_128_BYTES, + out, in, len, + iv, aad, aad_len, + auth_tag, auth_tag_len); +} + +static void +job_aes_gcm_enc_192(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + (void) ctx; /* unused */ + aes_gcm_job(&gcm_mgr, CIPHER_HASH, key, AES_192_BYTES, + out, in, len, + iv, aad, aad_len, + auth_tag, auth_tag_len); +} + +static void +job_aes_gcm_dec_192(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + (void) ctx; /* unused */ + aes_gcm_job(&gcm_mgr, HASH_CIPHER, key, AES_192_BYTES, + out, in, len, + iv, aad, aad_len, + auth_tag, auth_tag_len); +} + +static void +job_aes_gcm_enc_256(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + (void) ctx; /* unused */ + aes_gcm_job(&gcm_mgr, CIPHER_HASH, key, AES_256_BYTES, + out, in, len, + iv, aad, aad_len, + auth_tag, auth_tag_len); +} + +static void +job_aes_gcm_dec_256(const struct gcm_key_data *key, + struct gcm_context_data *ctx, + uint8_t *out, const uint8_t *in, uint64_t len, + const uint8_t *iv, const uint8_t *aad, uint64_t aad_len, + uint8_t *auth_tag, uint64_t auth_tag_len) +{ + (void) ctx; /* unused */ + aes_gcm_job(&gcm_mgr, HASH_CIPHER, key, AES_256_BYTES, + out, in, len, + iv, aad, aad_len, + auth_tag, auth_tag_len); +} + +/*****************************************************************************/ + +static int +test_gcm_vectors(struct gcm_ctr_vector const *vector, + gcm_pre_fn_t prefn, + gcm_enc_dec_fn_t encfn, + gcm_enc_dec_fn_t decfn) +{ + struct gcm_key_data gdata_key; + struct gcm_context_data gdata_ctx; + int is_error = 0; + /* Temporary array for the calculated vectors */ + uint8_t *ct_test = NULL; + uint8_t *pt_test = NULL; + uint8_t *T_test = NULL; + uint8_t *T2_test = NULL; + +#ifdef DEBUG + printf("Testing GCM128 std vectors\n"); +#endif + /* Allocate space for the calculated ciphertext */ + ct_test = malloc(vector->Plen); + if (ct_test == NULL) { + fprintf(stderr, "Can't allocate ciphertext memory\n"); + is_error = 1; + goto test_gcm_vectors_exit; + } + /* Allocate space for the calculated ciphertext */ + pt_test = malloc(vector->Plen); + if (pt_test == NULL) { + fprintf(stderr, "Can't allocate plaintext memory\n"); + is_error = 1; + goto test_gcm_vectors_exit; + } + + T_test = malloc(vector->Tlen); + if (T_test == NULL) { + fprintf(stderr, "Can't allocate tag memory\n"); + is_error = 1; + goto test_gcm_vectors_exit; + } + T2_test = malloc(vector->Tlen); + if (T2_test == NULL) { + fprintf(stderr, "Can't allocate tag(2) memory\n"); + is_error = 1; + goto test_gcm_vectors_exit; + } + /* This is only required once for a given key */ + prefn(vector->K, &gdata_key); + + /* + * Encrypt + */ + encfn(&gdata_key, &gdata_ctx, + ct_test, vector->P, vector->Plen, + vector->IV, vector->A, vector->Alen, T_test, vector->Tlen); + is_error |= check_data(ct_test, vector->C, vector->Plen, + "encrypted cypher text (C)"); + is_error |= check_data(T_test, vector->T, vector->Tlen, "tag (T)"); + + /* test of in-place encrypt */ + memcpy(pt_test, vector->P, vector->Plen); + encfn(&gdata_key, &gdata_ctx, pt_test, pt_test, vector->Plen, + vector->IV, vector->A, vector->Alen, T_test, vector->Tlen); + is_error |= check_data(pt_test, vector->C, vector->Plen, + "encrypted cypher text(in-place)"); + memset(ct_test, 0, vector->Plen); + memset(T_test, 0, vector->Tlen); + + /* + * Decrypt + */ + decfn(&gdata_key, &gdata_ctx, pt_test, vector->C, vector->Plen, + vector->IV, vector->A, vector->Alen, T_test, vector->Tlen); + is_error |= check_data(pt_test, vector->P, vector->Plen, + "decrypted plain text (P)"); + /* + * GCM decryption outputs a 16 byte tag value + * that must be verified against the expected tag value + */ + is_error |= check_data(T_test, vector->T, vector->Tlen, + "decrypted tag (T)"); + + /* test in in-place decrypt */ + memcpy(ct_test, vector->C, vector->Plen); + decfn(&gdata_key, &gdata_ctx, ct_test, ct_test, vector->Plen, + vector->IV, vector->A, vector->Alen, T_test, vector->Tlen); + is_error |= check_data(ct_test, vector->P, vector->Plen, + "plain text (P) - in-place"); + is_error |= check_data(T_test, vector->T, vector->Tlen, + "decrypted tag (T) - in-place"); + /* enc -> dec */ + encfn(&gdata_key, &gdata_ctx, ct_test, vector->P, vector->Plen, + vector->IV, vector->A, vector->Alen, T_test, vector->Tlen); + memset(pt_test, 0, vector->Plen); + + decfn(&gdata_key, &gdata_ctx, pt_test, ct_test, vector->Plen, + vector->IV, vector->A, vector->Alen, T2_test, vector->Tlen); + is_error |= check_data(pt_test, vector->P, vector->Plen, + "self decrypted plain text (P)"); + is_error |= check_data(T_test, T2_test, vector->Tlen, + "self decrypted tag (T)"); + + memset(pt_test, 0, vector->Plen); + + test_gcm_vectors_exit: + if (NULL != ct_test) + free(ct_test); + if (NULL != pt_test) + free(pt_test); + if (NULL != T_test) + free(T_test); + if (NULL != T2_test) + free(T2_test); + + return is_error; +} + +static int test_gcm_std_vectors(void) +{ + int const vectors_cnt = sizeof(gcm_vectors) / sizeof(gcm_vectors[0]); + int vect; + int is_error = 0; + + printf("AES-GCM standard test vectors:\n"); + for (vect = 0; vect < vectors_cnt; vect++) { +#ifdef DEBUG + printf("Standard vector %d/%d Keylen:%d IVlen:%d PTLen:%d " + "AADlen:%d Tlen:%d\n", + vect, vectors_cnt - 1, + (int) gcm_vectors[vect].Klen, + (int) gcm_vectors[vect].IVlen, + (int) gcm_vectors[vect].Plen, + (int) gcm_vectors[vect].Alen, + (int) gcm_vectors[vect].Tlen); +#else + printf("."); +#endif + switch (gcm_vectors[vect].Klen) { + case BITS_128: + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm128_pre, + aesni_gcm128_enc, + aesni_gcm128_dec); + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm128_pre, + aesni_gcm128_enc_2, + aesni_gcm128_dec_2); + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm128_pre, + job_aes_gcm_enc_128, + job_aes_gcm_dec_128); + break; + case BITS_192: + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm192_pre, + aesni_gcm192_enc, + aesni_gcm192_dec); + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm192_pre, + aesni_gcm192_enc_2, + aesni_gcm192_dec_2); + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm192_pre, + job_aes_gcm_enc_192, + job_aes_gcm_dec_192); + break; + case BITS_256: + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm256_pre, + aesni_gcm256_enc, + aesni_gcm256_dec); + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm256_pre, + aesni_gcm256_enc_2, + aesni_gcm256_dec_2); + is_error |= test_gcm_vectors(&gcm_vectors[vect], + aesni_gcm256_pre, + job_aes_gcm_enc_256, + job_aes_gcm_dec_256); + break; + default: + is_error = -1; + break; + } + if (0 != is_error) + return is_error; + } + printf("\n"); + return is_error; +} + +int gcm_test(const enum arch_type arch) +{ + int errors = 0; + + switch (arch) { + case ARCH_SSE: + aesni_gcm128_pre = aes_gcm_pre_128_sse; + aesni_gcm128_enc = aes_gcm_enc_128_sse; + aesni_gcm128_dec = aes_gcm_dec_128_sse; + aesni_gcm128_enc_2 = sgl_aes_gcm_enc_128_sse; + aesni_gcm128_dec_2 = sgl_aes_gcm_dec_128_sse; + aesni_gcm192_pre = aes_gcm_pre_192_sse; + aesni_gcm192_enc = aes_gcm_enc_192_sse; + aesni_gcm192_dec = aes_gcm_dec_192_sse; + aesni_gcm192_enc_2 = sgl_aes_gcm_enc_192_sse; + aesni_gcm192_dec_2 = sgl_aes_gcm_dec_192_sse; + aesni_gcm256_pre = aes_gcm_pre_256_sse; + aesni_gcm256_enc = aes_gcm_enc_256_sse; + aesni_gcm256_dec = aes_gcm_dec_256_sse; + aesni_gcm256_enc_2 = sgl_aes_gcm_enc_256_sse; + aesni_gcm256_dec_2 = sgl_aes_gcm_dec_256_sse; + init_mb_mgr_sse(&gcm_mgr); + break; + case ARCH_AVX: + aesni_gcm128_pre = aes_gcm_pre_128_avx_gen2; + aesni_gcm128_enc = aes_gcm_enc_128_avx_gen2; + aesni_gcm128_dec = aes_gcm_dec_128_avx_gen2; + aesni_gcm128_enc_2 = sgl_aes_gcm_enc_128_avx_gen2; + aesni_gcm128_dec_2 = sgl_aes_gcm_dec_128_avx_gen2; + aesni_gcm192_pre = aes_gcm_pre_192_avx_gen2; + aesni_gcm192_enc = aes_gcm_enc_192_avx_gen2; + aesni_gcm192_dec = aes_gcm_dec_192_avx_gen2; + aesni_gcm192_enc_2 = sgl_aes_gcm_enc_192_avx_gen2; + aesni_gcm192_dec_2 = sgl_aes_gcm_dec_192_avx_gen2; + aesni_gcm256_pre = aes_gcm_pre_256_avx_gen2; + aesni_gcm256_enc = aes_gcm_enc_256_avx_gen2; + aesni_gcm256_dec = aes_gcm_dec_256_avx_gen2; + aesni_gcm256_enc_2 = sgl_aes_gcm_enc_256_avx_gen2; + aesni_gcm256_dec_2 = sgl_aes_gcm_dec_256_avx_gen2; + init_mb_mgr_avx(&gcm_mgr); + break; + case ARCH_AVX2: + aesni_gcm128_pre = aes_gcm_pre_128_avx_gen4; + aesni_gcm128_enc = aes_gcm_enc_128_avx_gen4; + aesni_gcm128_dec = aes_gcm_dec_128_avx_gen4; + aesni_gcm128_enc_2 = sgl_aes_gcm_enc_128_avx_gen4; + aesni_gcm128_dec_2 = sgl_aes_gcm_dec_128_avx_gen4; + aesni_gcm192_pre = aes_gcm_pre_192_avx_gen4; + aesni_gcm192_enc = aes_gcm_enc_192_avx_gen4; + aesni_gcm192_dec = aes_gcm_dec_192_avx_gen4; + aesni_gcm192_enc_2 = sgl_aes_gcm_enc_192_avx_gen4; + aesni_gcm192_dec_2 = sgl_aes_gcm_dec_192_avx_gen4; + aesni_gcm256_pre = aes_gcm_pre_256_avx_gen4; + aesni_gcm256_enc = aes_gcm_enc_256_avx_gen4; + aesni_gcm256_dec = aes_gcm_dec_256_avx_gen4; + aesni_gcm256_enc_2 = sgl_aes_gcm_enc_256_avx_gen4; + aesni_gcm256_dec_2 = sgl_aes_gcm_dec_256_avx_gen4; + init_mb_mgr_avx2(&gcm_mgr); + break; + case ARCH_AVX512: + aesni_gcm128_pre = aes_gcm_pre_128_avx_gen4; + aesni_gcm128_enc = aes_gcm_enc_128_avx_gen4; + aesni_gcm128_dec = aes_gcm_dec_128_avx_gen4; + aesni_gcm128_enc_2 = sgl_aes_gcm_enc_128_avx_gen4; + aesni_gcm128_dec_2 = sgl_aes_gcm_dec_128_avx_gen4; + aesni_gcm192_pre = aes_gcm_pre_192_avx_gen4; + aesni_gcm192_enc = aes_gcm_enc_192_avx_gen4; + aesni_gcm192_dec = aes_gcm_dec_192_avx_gen4; + aesni_gcm192_enc_2 = sgl_aes_gcm_enc_192_avx_gen4; + aesni_gcm192_dec_2 = sgl_aes_gcm_dec_192_avx_gen4; + aesni_gcm256_pre = aes_gcm_pre_256_avx_gen4; + aesni_gcm256_enc = aes_gcm_enc_256_avx_gen4; + aesni_gcm256_dec = aes_gcm_dec_256_avx_gen4; + aesni_gcm256_enc_2 = sgl_aes_gcm_enc_256_avx_gen4; + aesni_gcm256_dec_2 = sgl_aes_gcm_dec_256_avx_gen4; + init_mb_mgr_avx512(&gcm_mgr); + break; + default: + printf("Invalid architecture type %d selected!\n", arch); + return 1; + } + + errors = test_gcm_std_vectors(); + + if (0 == errors) + printf("...Pass\n"); + else + printf("...Fail\n"); + + return errors; +} diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/gcm_vectors.h b/src/spdk/intel-ipsec-mb/LibTestApp/gcm_vectors.h new file mode 100644 index 00000000..59f238ff --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/gcm_vectors.h @@ -0,0 +1,38 @@ +/********************************************************************** + Copyright(c) 2011-2018 Intel Corporation All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + * Neither the name of Intel Corporation nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +**********************************************************************/ + +#ifndef AES_GCM_VECTORS_H_ +#define AES_GCM_VECTORS_H_ + +#include <stdint.h> + +#include "gcm_std_vectors_test.h" + + +#endif /* AES_GCM_VECTORS_H_ */ diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/main.c b/src/spdk/intel-ipsec-mb/LibTestApp/main.c new file mode 100644 index 00000000..eae5d556 --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/main.c @@ -0,0 +1,147 @@ +/***************************************************************************** + Copyright (c) 2012-2018, Intel Corporation + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of Intel Corporation nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*****************************************************************************/ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <intel-ipsec-mb.h> + +#include "gcm_ctr_vectors_test.h" +#include "customop_test.h" + +extern int des_test(const enum arch_type arch, struct MB_MGR *mb_mgr); +extern int ccm_test(const enum arch_type arch, struct MB_MGR *mb_mgr); +extern int cmac_test(const enum arch_type arch, struct MB_MGR *mb_mgr); + +#include "do_test.h" + +static void +usage(const char *name) +{ + fprintf(stderr, + "Usage: %s [args], where args are zero or more\n" + "--no-avx512: Don't do AVX512\n" + "--no-avx2: Don't do AVX2\n" + "--no-avx: Don't do AVX\n" + "--no-sse: Don't do SSE\n" + "--shani-on: use SHA extensions, default: auto-detect\n" + "--shani-off: don't use SHA extensions\n", name); +} + +int +main(int argc, char **argv) +{ + int i, do_sse = 1, do_avx = 1, do_avx2 = 1, do_avx512 = 1; + MB_MGR *p_mgr = NULL; + uint64_t flags = 0; + + for (i = 1; i < argc; i++) { + if (strcmp(argv[i], "-h") == 0) { + usage(argv[0]); + return EXIT_SUCCESS; + } else if (strcmp(argv[i], "--no-avx512") == 0) { + do_avx512 = 0; + } else if (strcmp(argv[i], "--no-avx2") == 0) { + do_avx2 = 0; + } else if (strcmp(argv[i], "--no-avx") == 0) { + do_avx = 0; + } else if (strcmp(argv[i], "--no-sse") == 0) { + do_sse = 0; + } else if (strcmp(argv[i], "--shani-on") == 0) { + flags &= (~IMB_FLAG_SHANI_OFF); + } else if (strcmp(argv[i], "--shani-off") == 0) { + flags |= IMB_FLAG_SHANI_OFF; + } else { + usage(argv[0]); + return EXIT_FAILURE; + } + } + + p_mgr = alloc_mb_mgr(flags); + if (p_mgr == NULL) { + printf("Error allocating MB_MGR structure!\n"); + return EXIT_FAILURE; + } + + if (do_sse) { + printf("Testing SSE interface\n"); + init_mb_mgr_sse(p_mgr); + known_answer_test(p_mgr); + do_test(p_mgr); + ctr_test(ARCH_SSE, p_mgr); + gcm_test(ARCH_SSE); + customop_test(p_mgr); + des_test(ARCH_SSE, p_mgr); + ccm_test(ARCH_SSE, p_mgr); + cmac_test(ARCH_SSE, p_mgr); + } + + if (do_avx) { + printf("Testing AVX interface\n"); + init_mb_mgr_avx(p_mgr); + known_answer_test(p_mgr); + do_test(p_mgr); + ctr_test(ARCH_AVX, p_mgr); + gcm_test(ARCH_AVX); + customop_test(p_mgr); + des_test(ARCH_AVX, p_mgr); + ccm_test(ARCH_AVX, p_mgr); + cmac_test(ARCH_AVX, p_mgr); + } + + if (do_avx2) { + printf("Testing AVX2 interface\n"); + init_mb_mgr_avx2(p_mgr); + known_answer_test(p_mgr); + do_test(p_mgr); + ctr_test(ARCH_AVX2, p_mgr); + gcm_test(ARCH_AVX2); + customop_test(p_mgr); + des_test(ARCH_AVX2, p_mgr); + ccm_test(ARCH_AVX2, p_mgr); + cmac_test(ARCH_AVX2, p_mgr); + } + + if (do_avx512) { + printf("Testing AVX512 interface\n"); + init_mb_mgr_avx512(p_mgr); + known_answer_test(p_mgr); + do_test(p_mgr); + ctr_test(ARCH_AVX512, p_mgr); + gcm_test(ARCH_AVX512); + customop_test(p_mgr); + des_test(ARCH_AVX512, p_mgr); + ccm_test(ARCH_AVX512, p_mgr); + cmac_test(ARCH_AVX512, p_mgr); + } + + free_mb_mgr(p_mgr); + + printf("Test completed\n"); + return EXIT_SUCCESS; +} diff --git a/src/spdk/intel-ipsec-mb/LibTestApp/win_x64.mak b/src/spdk/intel-ipsec-mb/LibTestApp/win_x64.mak new file mode 100644 index 00000000..3863e7f9 --- /dev/null +++ b/src/spdk/intel-ipsec-mb/LibTestApp/win_x64.mak @@ -0,0 +1,87 @@ +#
+# Copyright (c) 2017-2018, Intel Corporation
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of Intel Corporation nor the names of its contributors
+# may be used to endorse or promote products derived from this software
+# without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+APP = ipsec_MB_testapp
+INSTNAME = intel-ipsec-mb
+
+!if !defined(PREFIX)
+PREFIX = C:\Program Files
+!endif
+
+!if exist("$(PREFIX)\$(INSTNAME)\libIPSec_MB.lib")
+IPSECLIB = "$(PREFIX)\$(INSTNAME)\libIPSec_MB.lib"
+INCDIR = -I"$(PREFIX)\$(INSTNAME)"
+!else
+IPSECLIB = ..\libIPSec_MB.lib
+INCDIR = -I..\ -I..\include
+!endif
+
+!ifdef DEBUG
+DCFLAGS = /Od /DDEBUG /Z7
+DLFLAGS = /debug
+!else
+DCFLAGS = /O2 /Oi
+DLFLAGS =
+!endif
+
+CC = cl
+# _CRT_SECURE_NO_WARNINGS disables warning C4996 about unsecure snprintf() being used
+CFLAGS = /nologo /D_CRT_SECURE_NO_WARNINGS $(DCFLAGS) /Y- /W3 /WX- /Gm- /fp:precise /EHsc $(INCDIR)
+
+LNK = link
+LFLAGS = /out:$(APP).exe $(DLFLAGS)
+
+OBJS = main.obj gcm_test.obj ctr_test.obj customop_test.obj des_test.obj ccm_test.obj cmac_test.obj
+
+all: $(APP).exe
+
+$(APP).exe: $(OBJS) $(IPSECLIB)
+ $(LNK) $(LFLAGS) $(OBJS) $(IPSECLIB)
+
+main.obj: main.c do_test.h
+ $(CC) /c $(CFLAGS) main.c
+
+gcm_test.obj: gcm_test.c gcm_ctr_vectors_test.h
+ $(CC) /c $(CFLAGS) gcm_test.c
+
+ctr_test.obj: ctr_test.c gcm_ctr_vectors_test.h
+ $(CC) /c $(CFLAGS) ctr_test.c
+
+customop_test.obj: customop_test.c customop_test.h
+ $(CC) /c $(CFLAGS) customop_test.c
+
+des_test.obj: des_test.c gcm_ctr_vectors_test.h
+ $(CC) /c $(CFLAGS) des_test.c
+
+ccm_test.obj: ccm_test.c gcm_ctr_vectors_test.h
+ $(CC) /c $(CFLAGS) ccm_test.c
+
+cmac_test.obj: cmac_test.c
+ $(CC) /c $(CFLAGS) cmac_test.c
+
+clean:
+ del /q $(OBJS) $(APP).*
|