xref: /openbsd-src/regress/lib/libcrypto/aeswrap/aes_wrap.c (revision f2da64fbbbf1b03f09f390ab01267c93dfd77c4c) 
1 /* crypto/aes/aes_wrap.c */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3  * project.
4  */
5 /* ====================================================================
6  * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  */
53 
54 #include <stdio.h>
55 #include <stdlib.h>
56 #include <string.h>
57 
58 #include <openssl/aes.h>
59 
60 int AES_wrap_unwrap_test(const unsigned char *, int, const unsigned char *,
61 	const unsigned char *, const unsigned char *, int);
62 
63 int
64 AES_wrap_unwrap_test(const unsigned char *kek, int keybits,
65     const unsigned char *iv, const unsigned char *eout,
66     const unsigned char *key, int keylen)
67 {
68 	unsigned char *otmp = NULL, *ptmp = NULL;
69 	int r, ret = 0;
70 	AES_KEY wctx;
71 
72 	otmp = malloc(keylen + 8);
73 	ptmp = malloc(keylen);
74 	if (otmp == NULL || ptmp == NULL)
75 		goto err;
76 	if (AES_set_encrypt_key(kek, keybits, &wctx))
77 		goto err;
78 	r = AES_wrap_key(&wctx, iv, otmp, key, keylen);
79 	if (r <= 0)
80 		goto err;
81 
82 	if (eout && memcmp(eout, otmp, keylen))
83 		goto err;
84 
85 	if (AES_set_decrypt_key(kek, keybits, &wctx))
86 		goto err;
87 	r = AES_unwrap_key(&wctx, iv, ptmp, otmp, r);
88 
89 	if (memcmp(key, ptmp, keylen))
90 		goto err;
91 
92 	ret = 1;
93 
94 err:
95 	free(otmp);
96 	free(ptmp);
97 
98 	return ret;
99 }
100 
101 int
102 main(int argc, char **argv)
103 {
104 	static const unsigned char kek[] = {
105 		0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
106 		0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
107 		0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
108 		0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
109 	};
110 
111 	static const unsigned char key[] = {
112 		0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
113 		0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
114 		0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
115 		0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
116 	};
117 
118 	static const unsigned char e1[] = {
119 		0x1f, 0xa6, 0x8b, 0x0a, 0x81, 0x12, 0xb4, 0x47,
120 		0xae, 0xf3, 0x4b, 0xd8, 0xfb, 0x5a, 0x7b, 0x82,
121 		0x9d, 0x3e, 0x86, 0x23, 0x71, 0xd2, 0xcf, 0xe5
122 	};
123 
124 	static const unsigned char e2[] = {
125 		0x96, 0x77, 0x8b, 0x25, 0xae, 0x6c, 0xa4, 0x35,
126 		0xf9, 0x2b, 0x5b, 0x97, 0xc0, 0x50, 0xae, 0xd2,
127 		0x46, 0x8a, 0xb8, 0xa1, 0x7a, 0xd8, 0x4e, 0x5d
128 	};
129 
130 	static const unsigned char e3[] = {
131 		0x64, 0xe8, 0xc3, 0xf9, 0xce, 0x0f, 0x5b, 0xa2,
132 		0x63, 0xe9, 0x77, 0x79, 0x05, 0x81, 0x8a, 0x2a,
133 		0x93, 0xc8, 0x19, 0x1e, 0x7d, 0x6e, 0x8a, 0xe7
134 	};
135 
136 	static const unsigned char e4[] = {
137 		0x03, 0x1d, 0x33, 0x26, 0x4e, 0x15, 0xd3, 0x32,
138 		0x68, 0xf2, 0x4e, 0xc2, 0x60, 0x74, 0x3e, 0xdc,
139 		0xe1, 0xc6, 0xc7, 0xdd, 0xee, 0x72, 0x5a, 0x93,
140 		0x6b, 0xa8, 0x14, 0x91, 0x5c, 0x67, 0x62, 0xd2
141 	};
142 
143 	static const unsigned char e5[] = {
144 		0xa8, 0xf9, 0xbc, 0x16, 0x12, 0xc6, 0x8b, 0x3f,
145 		0xf6, 0xe6, 0xf4, 0xfb, 0xe3, 0x0e, 0x71, 0xe4,
146 		0x76, 0x9c, 0x8b, 0x80, 0xa3, 0x2c, 0xb8, 0x95,
147 		0x8c, 0xd5, 0xd1, 0x7d, 0x6b, 0x25, 0x4d, 0xa1
148 	};
149 
150 	static const unsigned char e6[] = {
151 		0x28, 0xc9, 0xf4, 0x04, 0xc4, 0xb8, 0x10, 0xf4,
152 		0xcb, 0xcc, 0xb3, 0x5c, 0xfb, 0x87, 0xf8, 0x26,
153 		0x3f, 0x57, 0x86, 0xe2, 0xd8, 0x0e, 0xd3, 0x26,
154 		0xcb, 0xc7, 0xf0, 0xe7, 0x1a, 0x99, 0xf4, 0x3b,
155 		0xfb, 0x98, 0x8b, 0x9b, 0x7a, 0x02, 0xdd, 0x21
156 	};
157 
158 	int ret, nfailures = 0;
159 	ret = AES_wrap_unwrap_test(kek, 128, NULL, e1, key, 16);
160 	if (ret == 0)
161 		nfailures++;
162 	fprintf(stderr, "Key test result %d\n", ret);
163 	ret = AES_wrap_unwrap_test(kek, 192, NULL, e2, key, 16);
164 	if (ret == 0)
165 		nfailures++;
166 	fprintf(stderr, "Key test result %d\n", ret);
167 	ret = AES_wrap_unwrap_test(kek, 256, NULL, e3, key, 16);
168 	if (ret == 0)
169 		nfailures++;
170 	fprintf(stderr, "Key test result %d\n", ret);
171 	ret = AES_wrap_unwrap_test(kek, 192, NULL, e4, key, 24);
172 	if (ret == 0)
173 		nfailures++;
174 	fprintf(stderr, "Key test result %d\n", ret);
175 	ret = AES_wrap_unwrap_test(kek, 256, NULL, e5, key, 24);
176 	if (ret == 0)
177 		nfailures++;
178 	fprintf(stderr, "Key test result %d\n", ret);
179 	ret = AES_wrap_unwrap_test(kek, 256, NULL, e6, key, 32);
180 	if (ret == 0)
181 		nfailures++;
182 	fprintf(stderr, "Key test result %d\n", ret);
183 
184 	return nfailures;
185 }
186