1 /********************************************************************** 2 Copyright(c) 2011-2017 Intel Corporation All rights reserved. 3 4 Redistribution and use in source and binary forms, with or without 5 modification, are permitted provided that the following conditions 6 are met: 7 * Redistributions of source code must retain the above copyright 8 notice, this list of conditions and the following disclaimer. 9 * Redistributions in binary form must reproduce the above copyright 10 notice, this list of conditions and the following disclaimer in 11 the documentation and/or other materials provided with the 12 distribution. 13 * Neither the name of Intel Corporation nor the names of its 14 contributors may be used to endorse or promote products derived 15 from this software without specific prior written permission. 16 17 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 **********************************************************************/ 29 30 #include <stdlib.h> 31 #include <stdio.h> 32 #include <stdint.h> 33 #include <string.h> // for memcmp 34 #include <aes_gcm.h> 35 #include "gcm_vectors.h" 36 #include "types.h" 37 #include "gcm_test_alloc.h" 38 39 #ifndef TEST_SEED 40 #define TEST_SEED 0x1234 41 #endif 42 43 #define NT_ALIGNMENT 64 44 45 int 46 check_data(uint8_t *test, uint8_t *expected, uint64_t len, char *data_name) 47 { 48 int mismatch; 49 int OK = 0; 50 51 mismatch = memcmp(test, expected, len); 52 if (mismatch) { 53 OK = 1; 54 printf(" expected results don't match %s \t\t", data_name); 55 { 56 uint64_t a; 57 for (a = 0; a < len; a++) { 58 if (test[a] != expected[a]) { 59 printf(" '%x' != '%x' at 0x%llx of 0x%llx\n", test[a], 60 expected[a], (unsigned long long) a, 61 (unsigned long long) len); 62 break; 63 } 64 } 65 } 66 } 67 return OK; 68 } 69 70 int 71 test_gcm128_std_vectors_nt(gcm_vector const *vector) 72 { 73 struct isal_gcm_key_data gkey; 74 struct isal_gcm_context_data gctx; 75 int OK = 0; 76 // Temporary array for the calculated vectors 77 uint8_t *ct_test = NULL; 78 uint8_t *pt_test = NULL; 79 uint8_t *IV_c = NULL; 80 uint8_t *T_test = NULL; 81 uint8_t *T2_test = NULL; 82 83 // Allocate required memory 84 void **alloc_tab[] = { (void **) &pt_test, (void **) &ct_test, (void **) &IV_c, 85 (void **) &T_test, (void **) &T2_test }; 86 const size_t align_tab[] = { NT_ALIGNMENT, NT_ALIGNMENT, 0, 0, 0 }; 87 const size_t length_tab[] = { vector->Plen, vector->Plen, vector->IVlen, vector->Tlen, 88 vector->Tlen }; 89 90 if (vector_allocate(alloc_tab, length_tab, align_tab, DIM(alloc_tab)) != 0) { 91 vector_free(alloc_tab, align_tab, DIM(alloc_tab)); 92 return 1; 93 } 94 95 memcpy(IV_c, vector->IV, vector->IVlen); 96 97 // This is only required once for a given key 98 isal_aes_gcm_pre_128(vector->K, &gkey); 99 100 //// 101 // ISA-l Encrypt 102 //// 103 memset(ct_test, 0, vector->Plen); 104 memcpy(pt_test, vector->P, vector->Plen); 105 isal_aes_gcm_enc_128_nt(&gkey, &gctx, ct_test, pt_test, vector->Plen, IV_c, vector->A, 106 vector->Alen, T_test, vector->Tlen); 107 OK |= check_data(ct_test, vector->C, vector->Plen, "ISA-L encrypted cypher text (C)"); 108 OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L tag (T)"); 109 110 // test of in-place encrypt 111 memcpy(pt_test, vector->P, vector->Plen); 112 isal_aes_gcm_enc_128_nt(&gkey, &gctx, pt_test, pt_test, vector->Plen, IV_c, vector->A, 113 vector->Alen, T_test, vector->Tlen); 114 OK |= check_data(pt_test, vector->C, vector->Plen, "ISA-L encrypted cypher text(in-place)"); 115 memset(ct_test, 0, vector->Plen); 116 memset(T_test, 0, vector->Tlen); 117 118 //// 119 // ISA-l Decrypt 120 //// 121 memcpy(ct_test, vector->C, vector->Plen); 122 isal_aes_gcm_dec_128_nt(&gkey, &gctx, pt_test, ct_test, vector->Plen, IV_c, vector->A, 123 vector->Alen, T_test, vector->Tlen); 124 OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); 125 // GCM decryption outputs a 16 byte tag value that must be verified against the expected tag 126 // value 127 OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L decrypted tag (T)"); 128 129 // test in in-place decrypt 130 memcpy(ct_test, vector->C, vector->Plen); 131 isal_aes_gcm_dec_128_nt(&gkey, &gctx, ct_test, ct_test, vector->Plen, IV_c, vector->A, 132 vector->Alen, T_test, vector->Tlen); 133 OK |= check_data(ct_test, vector->P, vector->Plen, "ISA-L plain text (P) - in-place"); 134 OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L decrypted tag (T) - in-place"); 135 // ISA-L enc -> ISA-L dec 136 memcpy(pt_test, vector->P, vector->Plen); 137 isal_aes_gcm_enc_128_nt(&gkey, &gctx, ct_test, pt_test, vector->Plen, IV_c, vector->A, 138 vector->Alen, T_test, vector->Tlen); 139 memset(pt_test, 0, vector->Plen); 140 isal_aes_gcm_dec_128_nt(&gkey, &gctx, pt_test, ct_test, vector->Plen, IV_c, vector->A, 141 vector->Alen, T2_test, vector->Tlen); 142 OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L self decrypted plain text (P)"); 143 OK |= check_data(T_test, T2_test, vector->Tlen, "ISA-L self decrypted tag (T)"); 144 145 vector_free(alloc_tab, align_tab, DIM(alloc_tab)); 146 return OK; 147 } 148 149 int 150 test_gcm256_std_vectors_nt(gcm_vector const *vector) 151 { 152 struct isal_gcm_key_data gkey; 153 struct isal_gcm_context_data gctx; 154 int OK = 0; 155 // Temporary array for the calculated vectors 156 uint8_t *ct_test = NULL; 157 uint8_t *pt_test = NULL; 158 uint8_t *IV_c = NULL; 159 uint8_t *T_test = NULL; 160 uint8_t *T2_test = NULL; 161 162 // Allocate required memory 163 void **alloc_tab[] = { (void **) &pt_test, (void **) &ct_test, (void **) &IV_c, 164 (void **) &T_test, (void **) &T2_test }; 165 const size_t align_tab[] = { NT_ALIGNMENT, NT_ALIGNMENT, 0, 0, 0 }; 166 const size_t length_tab[] = { vector->Plen, vector->Plen, vector->IVlen, vector->Tlen, 167 vector->Tlen }; 168 169 if (vector_allocate(alloc_tab, length_tab, align_tab, DIM(alloc_tab)) != 0) { 170 vector_free(alloc_tab, align_tab, DIM(alloc_tab)); 171 return 1; 172 } 173 174 memcpy(IV_c, vector->IV, vector->IVlen); 175 176 // This is only required once for a given key 177 isal_aes_gcm_pre_256(vector->K, &gkey); 178 179 //// 180 // ISA-l Encrypt 181 //// 182 memset(ct_test, 0, vector->Plen); 183 memcpy(pt_test, vector->P, vector->Plen); 184 isal_aes_gcm_enc_256_nt(&gkey, &gctx, ct_test, pt_test, vector->Plen, IV_c, vector->A, 185 vector->Alen, T_test, vector->Tlen); 186 OK |= check_data(ct_test, vector->C, vector->Plen, "ISA-L encrypted cypher text (C)"); 187 OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L tag (T)"); 188 189 // test of in-place encrypt 190 memcpy(pt_test, vector->P, vector->Plen); 191 isal_aes_gcm_enc_256_nt(&gkey, &gctx, pt_test, pt_test, vector->Plen, IV_c, vector->A, 192 vector->Alen, T_test, vector->Tlen); 193 OK |= check_data(pt_test, vector->C, vector->Plen, "ISA-L encrypted cypher text(in-place)"); 194 memset(ct_test, 0, vector->Plen); 195 memset(T_test, 0, vector->Tlen); 196 197 //// 198 // ISA-l Decrypt 199 //// 200 memset(pt_test, 0, vector->Plen); 201 memcpy(ct_test, vector->C, vector->Plen); 202 isal_aes_gcm_dec_256_nt(&gkey, &gctx, pt_test, ct_test, vector->Plen, IV_c, vector->A, 203 vector->Alen, T_test, vector->Tlen); 204 OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L decrypted plain text (P)"); 205 // GCM decryption outputs a 16 byte tag value that must be verified against the expected tag 206 // value 207 OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L decrypted tag (T)"); 208 209 // test in in-place decrypt 210 memcpy(ct_test, vector->C, vector->Plen); 211 isal_aes_gcm_dec_256_nt(&gkey, &gctx, ct_test, ct_test, vector->Plen, IV_c, vector->A, 212 vector->Alen, T_test, vector->Tlen); 213 OK |= check_data(ct_test, vector->P, vector->Plen, "ISA-L plain text (P) - in-place"); 214 OK |= check_data(T_test, vector->T, vector->Tlen, "ISA-L decrypted tag (T) - in-place"); 215 // ISA-L enc -> ISA-L dec 216 memcpy(pt_test, vector->P, vector->Plen); 217 isal_aes_gcm_enc_256_nt(&gkey, &gctx, ct_test, pt_test, vector->Plen, IV_c, vector->A, 218 vector->Alen, T_test, vector->Tlen); 219 memset(pt_test, 0, vector->Plen); 220 isal_aes_gcm_dec_256_nt(&gkey, &gctx, pt_test, ct_test, vector->Plen, IV_c, vector->A, 221 vector->Alen, T2_test, vector->Tlen); 222 OK |= check_data(pt_test, vector->P, vector->Plen, "ISA-L self decrypted plain text (P)"); 223 OK |= check_data(T_test, T2_test, vector->Tlen, "ISA-L self decrypted tag (T)"); 224 vector_free(alloc_tab, align_tab, DIM(alloc_tab)); 225 return OK; 226 } 227 228 int 229 test_gcm_std_vectors_nt(void) 230 { 231 int const vectors_cnt = sizeof(gcm_vectors) / sizeof(gcm_vectors[0]); 232 int vect; 233 int OK = 0; 234 235 printf("AES-GCM standard test vectors NT:\n"); 236 for (vect = 0; (vect < vectors_cnt); vect++) { 237 #ifdef DEBUG 238 printf("Standard vector NT %d/%d" 239 " Keylen:%d IVlen:%d PTLen:%d AADlen:%d Tlen:%d\n", 240 vect, vectors_cnt - 1, (int) gcm_vectors[vect].Klen, 241 (int) gcm_vectors[vect].IVlen, (int) gcm_vectors[vect].Plen, 242 (int) gcm_vectors[vect].Alen, (int) gcm_vectors[vect].Tlen); 243 #else 244 printf("."); 245 #endif 246 if (BITS_128 == gcm_vectors[vect].Klen) 247 OK |= test_gcm128_std_vectors_nt(&gcm_vectors[vect]); 248 else 249 OK |= test_gcm256_std_vectors_nt(&gcm_vectors[vect]); 250 if (0 != OK) 251 return OK; 252 } 253 printf("\n"); 254 return OK; 255 } 256 257 int 258 main(int argc, char **argv) 259 { 260 int errors = 0; 261 int seed; 262 263 if (argc == 1) 264 seed = TEST_SEED; 265 else 266 seed = atoi(argv[1]); 267 268 srand(seed); 269 printf("SEED: %d\n", seed); 270 271 errors += test_gcm_std_vectors_nt(); 272 273 if (0 == errors) 274 printf("...Pass\n"); 275 else 276 printf("...Fail\n"); 277 278 return errors; 279 } 280