iPXE
aes_test.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
3  *
4  * This program is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU General Public License as
6  * published by the Free Software Foundation; either version 2 of the
7  * License, or any later version.
8  *
9  * This program is distributed in the hope that it will be useful, but
10  * WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17  * 02110-1301, USA.
18  *
19  * You can also choose to distribute this program under the terms of
20  * the Unmodified Binary Distribution Licence (as given in the file
21  * COPYING.UBDL), provided that you have satisfied its requirements.
22  */
23 
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25 
26 /** @file
27  *
28  * AES tests
29  *
30  * These test vectors are provided by NIST as part of the
31  * Cryptographic Toolkit Examples, downloadable from:
32  *
33  * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_Core_All.pdf
34  * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_ECB.pdf
35  * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CBC.pdf
36  *
37  */
38 
39 /* Forcibly enable assertions */
40 #undef NDEBUG
41 
42 #include <assert.h>
43 #include <string.h>
44 #include <ipxe/aes.h>
45 #include <ipxe/test.h>
46 #include "cipher_test.h"
47 
48 /** Key used for NIST 128-bit test vectors */
49 #define AES_KEY_NIST_128 \
50  KEY ( 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, \
51  0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c )
52 
53 /** Key used for NIST 192-bit test vectors */
54 #define AES_KEY_NIST_192 \
55  KEY ( 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, \
56  0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, \
57  0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b )
58 
59 /** Key used for NIST 256-bit test vectors */
60 #define AES_KEY_NIST_256 \
61  KEY ( 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, \
62  0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, \
63  0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, \
64  0xa3, 0x09, 0x14, 0xdf, 0xf4 )
65 
66 /** Dummy initialisation vector used for NIST ECB-mode test vectors */
67 #define AES_IV_NIST_DUMMY \
68  IV ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
69  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 )
70 
71 /** Initialisation vector used for NIST CBC-mode test vectors */
72 #define AES_IV_NIST_CBC \
73  IV ( 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, \
74  0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f )
75 
76 /** Plaintext used for NIST test vectors */
77 #define AES_PLAINTEXT_NIST \
78  PLAINTEXT ( 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, \
79  0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, \
80  0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, \
81  0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, \
82  0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, \
83  0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, \
84  0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, \
85  0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 )
86 
87 /** AES-128-ECB (same test as AES-128-Core) */
88 CIPHER_TEST ( aes_128_ecb, &aes_ecb_algorithm,
89  AES_KEY_NIST_128, AES_IV_NIST_DUMMY, ADDITIONAL(), AES_PLAINTEXT_NIST,
90  CIPHERTEXT ( 0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60,
91  0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97,
92  0xf5, 0xd3, 0xd5, 0x85, 0x03, 0xb9, 0x69, 0x9d,
93  0xe7, 0x85, 0x89, 0x5a, 0x96, 0xfd, 0xba, 0xaf,
94  0x43, 0xb1, 0xcd, 0x7f, 0x59, 0x8e, 0xce, 0x23,
95  0x88, 0x1b, 0x00, 0xe3, 0xed, 0x03, 0x06, 0x88,
96  0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f,
97  0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4 ), AUTH() );
98 
99 /** AES-128-CBC */
100 CIPHER_TEST ( aes_128_cbc, &aes_cbc_algorithm,
101  AES_KEY_NIST_128, AES_IV_NIST_CBC, ADDITIONAL(), AES_PLAINTEXT_NIST,
102  CIPHERTEXT ( 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
103  0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
104  0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
105  0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
106  0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b,
107  0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
108  0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
109  0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7 ), AUTH() );
110 
111 /** AES-192-ECB (same test as AES-192-Core) */
112 CIPHER_TEST ( aes_192_ecb, &aes_ecb_algorithm,
113  AES_KEY_NIST_192, AES_IV_NIST_DUMMY, ADDITIONAL(), AES_PLAINTEXT_NIST,
114  CIPHERTEXT ( 0xbd, 0x33, 0x4f, 0x1d, 0x6e, 0x45, 0xf2, 0x5f,
115  0xf7, 0x12, 0xa2, 0x14, 0x57, 0x1f, 0xa5, 0xcc,
116  0x97, 0x41, 0x04, 0x84, 0x6d, 0x0a, 0xd3, 0xad,
117  0x77, 0x34, 0xec, 0xb3, 0xec, 0xee, 0x4e, 0xef,
118  0xef, 0x7a, 0xfd, 0x22, 0x70, 0xe2, 0xe6, 0x0a,
119  0xdc, 0xe0, 0xba, 0x2f, 0xac, 0xe6, 0x44, 0x4e,
120  0x9a, 0x4b, 0x41, 0xba, 0x73, 0x8d, 0x6c, 0x72,
121  0xfb, 0x16, 0x69, 0x16, 0x03, 0xc1, 0x8e, 0x0e ), AUTH() );
122 
123 /** AES-192-CBC */
124 CIPHER_TEST ( aes_192_cbc, &aes_cbc_algorithm,
125  AES_KEY_NIST_192, AES_IV_NIST_CBC, ADDITIONAL(), AES_PLAINTEXT_NIST,
126  CIPHERTEXT ( 0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d,
127  0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8,
128  0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4,
129  0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a,
130  0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0,
131  0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0,
132  0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81,
133  0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd ), AUTH() );
134 
135 /** AES-256-ECB (same test as AES-256-Core) */
136 CIPHER_TEST ( aes_256_ecb, &aes_ecb_algorithm,
137  AES_KEY_NIST_256, AES_IV_NIST_DUMMY, ADDITIONAL(), AES_PLAINTEXT_NIST,
138  CIPHERTEXT ( 0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
139  0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
140  0x59, 0x1c, 0xcb, 0x10, 0xd4, 0x10, 0xed, 0x26,
141  0xdc, 0x5b, 0xa7, 0x4a, 0x31, 0x36, 0x28, 0x70,
142  0xb6, 0xed, 0x21, 0xb9, 0x9c, 0xa6, 0xf4, 0xf9,
143  0xf1, 0x53, 0xe7, 0xb1, 0xbe, 0xaf, 0xed, 0x1d,
144  0x23, 0x30, 0x4b, 0x7a, 0x39, 0xf9, 0xf3, 0xff,
145  0x06, 0x7d, 0x8d, 0x8f, 0x9e, 0x24, 0xec, 0xc7 ), AUTH() );
146 
147 /** AES-256-CBC */
148 CIPHER_TEST ( aes_256_cbc, &aes_cbc_algorithm,
149  AES_KEY_NIST_256, AES_IV_NIST_CBC, ADDITIONAL(), AES_PLAINTEXT_NIST,
150  CIPHERTEXT ( 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
151  0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
152  0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
153  0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
154  0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
155  0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
156  0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
157  0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b ), AUTH() );
158 
159 /**
160  * Perform AES self-test
161  *
162  */
163 static void aes_test_exec ( void ) {
164  struct cipher_algorithm *ecb = &aes_ecb_algorithm;
165  struct cipher_algorithm *cbc = &aes_cbc_algorithm;
166  unsigned int keylen;
167 
168  /* Correctness tests */
169  cipher_ok ( &aes_128_ecb );
170  cipher_ok ( &aes_128_cbc );
171  cipher_ok ( &aes_192_ecb );
172  cipher_ok ( &aes_192_cbc );
173  cipher_ok ( &aes_256_ecb );
174  cipher_ok ( &aes_256_cbc );
175 
176  /* Speed tests */
177  for ( keylen = 128 ; keylen <= 256 ; keylen += 64 ) {
178  DBG ( "AES-%d-ECB encryption required %ld cycles per byte\n",
179  keylen, cipher_cost_encrypt ( ecb, ( keylen / 8 ) ) );
180  DBG ( "AES-%d-ECB decryption required %ld cycles per byte\n",
181  keylen, cipher_cost_decrypt ( ecb, ( keylen / 8 ) ) );
182  DBG ( "AES-%d-CBC encryption required %ld cycles per byte\n",
183  keylen, cipher_cost_encrypt ( cbc, ( keylen / 8 ) ) );
184  DBG ( "AES-%d-CBC decryption required %ld cycles per byte\n",
185  keylen, cipher_cost_decrypt ( cbc, ( keylen / 8 ) ) );
186  }
187 }
188 
189 /** AES self-test */
190 struct self_test aes_test __self_test = {
191  .name = "aes",
192  .exec = aes_test_exec,
193 };
AUTH
#define AUTH(...)
Define inline authentication tag.
Definition: cipher_test.h:60
AES_IV_NIST_DUMMY
#define AES_IV_NIST_DUMMY
Dummy initialisation vector used for NIST ECB-mode test vectors.
Definition: aes_test.c:67
FILE_LICENCE
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)
CIPHERTEXT
#define CIPHERTEXT(...)
Define inline ciphertext data.
Definition: cipher_test.h:57
CIPHER_TEST
CIPHER_TEST(aes_128_ecb, &aes_ecb_algorithm, AES_KEY_NIST_128, AES_IV_NIST_DUMMY, ADDITIONAL(), AES_PLAINTEXT_NIST, CIPHERTEXT(0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60, 0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97, 0xf5, 0xd3, 0xd5, 0x85, 0x03, 0xb9, 0x69, 0x9d, 0xe7, 0x85, 0x89, 0x5a, 0x96, 0xfd, 0xba, 0xaf, 0x43, 0xb1, 0xcd, 0x7f, 0x59, 0x8e, 0xce, 0x23, 0x88, 0x1b, 0x00, 0xe3, 0xed, 0x03, 0x06, 0x88, 0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f, 0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4), AUTH())
AES-128-ECB (same test as AES-128-Core)
AES_KEY_NIST_128
#define AES_KEY_NIST_128
Key used for NIST 128-bit test vectors.
Definition: aes_test.c:49
test.h
Self-test infrastructure.
self_test::name
const char * name
Test set name.
Definition: test.h:17
self_test
A self-test set.
Definition: test.h:15
cipher_cost_decrypt
unsigned long cipher_cost_decrypt(struct cipher_algorithm *cipher, size_t key_len)
Calculate cipher decryption cost.
Definition: cipher_test.c:258
__self_test
struct self_test aes_test __self_test
AES self-test.
Definition: aes_test.c:190
AES_KEY_NIST_192
#define AES_KEY_NIST_192
Key used for NIST 192-bit test vectors.
Definition: aes_test.c:54
aes_test_exec
static void aes_test_exec(void)
Perform AES self-test.
Definition: aes_test.c:163
assert.h
Assertions.
AES_KEY_NIST_256
#define AES_KEY_NIST_256
Key used for NIST 256-bit test vectors.
Definition: aes_test.c:60
aes.h
AES algorithm.
AES_IV_NIST_CBC
#define AES_IV_NIST_CBC
Initialisation vector used for NIST CBC-mode test vectors.
Definition: aes_test.c:72
cipher_ok
#define cipher_ok(test)
Report a cipher encryption and decryption test result.
Definition: cipher_test.h:131
aes_cbc_algorithm
struct cipher_algorithm aes_cbc_algorithm
cipher_test.h
Cipher self-tests.
AES_PLAINTEXT_NIST
#define AES_PLAINTEXT_NIST
Plaintext used for NIST test vectors.
Definition: aes_test.c:77
cipher_algorithm
A cipher algorithm.
Definition: crypto.h:49
ADDITIONAL
#define ADDITIONAL(...)
Define inline additional data.
Definition: cipher_test.h:51
aes_ecb_algorithm
struct cipher_algorithm aes_ecb_algorithm
DBG
#define DBG(...)
Print a debugging message.
Definition: compiler.h:498
cipher_cost_encrypt
unsigned long cipher_cost_encrypt(struct cipher_algorithm *cipher, size_t key_len)
Calculate cipher encryption cost.
Definition: cipher_test.c:246
string.h
String functions.
Generated by   doxygen 1.8.15