crypto_module_tests.c revision 337817
1281681Srpaulo/* 2281681Srpaulo * crypto module tests 3281681Srpaulo * Copyright (c) 2014-2015, Jouni Malinen <j@w1.fi> 4281681Srpaulo * 5281681Srpaulo * This software may be distributed under the terms of the BSD license. 6281681Srpaulo * See README for more details. 7281681Srpaulo */ 8281681Srpaulo 9281681Srpaulo#include "utils/includes.h" 10281681Srpaulo 11281681Srpaulo#include "utils/common.h" 12337817Scy#include "utils/module_tests.h" 13281681Srpaulo#include "crypto/aes_siv.h" 14281681Srpaulo#include "crypto/aes_wrap.h" 15281681Srpaulo#include "crypto/aes.h" 16281681Srpaulo#include "crypto/ms_funcs.h" 17281681Srpaulo#include "crypto/crypto.h" 18281681Srpaulo#include "crypto/sha1.h" 19281681Srpaulo#include "crypto/sha256.h" 20281681Srpaulo 21281681Srpaulo 22281681Srpaulostatic int test_siv(void) 23281681Srpaulo{ 24281681Srpaulo#ifdef CONFIG_MESH 25281681Srpaulo /* RFC 5297, A.1. Deterministic Authenticated Encryption Example */ 26281681Srpaulo u8 key[] = { 27281681Srpaulo 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8, 28281681Srpaulo 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0, 29281681Srpaulo 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 30281681Srpaulo 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff 31281681Srpaulo }; 32281681Srpaulo u8 ad[] = { 33281681Srpaulo 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 34281681Srpaulo 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 35281681Srpaulo 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27 36281681Srpaulo }; 37281681Srpaulo u8 plaintext[] = { 38281681Srpaulo 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 39281681Srpaulo 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee 40281681Srpaulo }; 41281681Srpaulo u8 iv_c[] = { 42281681Srpaulo 0x85, 0x63, 0x2d, 0x07, 0xc6, 0xe8, 0xf3, 0x7f, 43281681Srpaulo 0x95, 0x0a, 0xcd, 0x32, 0x0a, 0x2e, 0xcc, 0x93, 44281681Srpaulo 0x40, 0xc0, 0x2b, 0x96, 0x90, 0xc4, 0xdc, 0x04, 45281681Srpaulo 0xda, 0xef, 0x7f, 0x6a, 0xfe, 0x5c 46281681Srpaulo }; 47281681Srpaulo /* RFC 5297, A.2. Nonce-Based Authenticated Encryption Example */ 48281681Srpaulo u8 key_2[] = { 49281681Srpaulo 0x7f, 0x7e, 0x7d, 0x7c, 0x7b, 0x7a, 0x79, 0x78, 50281681Srpaulo 0x77, 0x76, 0x75, 0x74, 0x73, 0x72, 0x71, 0x70, 51281681Srpaulo 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 52281681Srpaulo 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f 53281681Srpaulo }; 54281681Srpaulo u8 ad1_2[] = { 55281681Srpaulo 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 56281681Srpaulo 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 57281681Srpaulo 0xde, 0xad, 0xda, 0xda, 0xde, 0xad, 0xda, 0xda, 58281681Srpaulo 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 59281681Srpaulo 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00 60281681Srpaulo }; 61281681Srpaulo u8 ad2_2[] = { 62281681Srpaulo 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80, 63281681Srpaulo 0x90, 0xa0 64281681Srpaulo }; 65281681Srpaulo u8 nonce_2[] = { 66281681Srpaulo 0x09, 0xf9, 0x11, 0x02, 0x9d, 0x74, 0xe3, 0x5b, 67281681Srpaulo 0xd8, 0x41, 0x56, 0xc5, 0x63, 0x56, 0x88, 0xc0 68281681Srpaulo }; 69281681Srpaulo u8 plaintext_2[] = { 70281681Srpaulo 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 71281681Srpaulo 0x73, 0x6f, 0x6d, 0x65, 0x20, 0x70, 0x6c, 0x61, 72281681Srpaulo 0x69, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x20, 0x74, 73281681Srpaulo 0x6f, 0x20, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 74281681Srpaulo 0x74, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x20, 75281681Srpaulo 0x53, 0x49, 0x56, 0x2d, 0x41, 0x45, 0x53 76281681Srpaulo }; 77281681Srpaulo u8 iv_c_2[] = { 78281681Srpaulo 0x7b, 0xdb, 0x6e, 0x3b, 0x43, 0x26, 0x67, 0xeb, 79281681Srpaulo 0x06, 0xf4, 0xd1, 0x4b, 0xff, 0x2f, 0xbd, 0x0f, 80281681Srpaulo 0xcb, 0x90, 0x0f, 0x2f, 0xdd, 0xbe, 0x40, 0x43, 81281681Srpaulo 0x26, 0x60, 0x19, 0x65, 0xc8, 0x89, 0xbf, 0x17, 82281681Srpaulo 0xdb, 0xa7, 0x7c, 0xeb, 0x09, 0x4f, 0xa6, 0x63, 83281681Srpaulo 0xb7, 0xa3, 0xf7, 0x48, 0xba, 0x8a, 0xf8, 0x29, 84281681Srpaulo 0xea, 0x64, 0xad, 0x54, 0x4a, 0x27, 0x2e, 0x9c, 85281681Srpaulo 0x48, 0x5b, 0x62, 0xa3, 0xfd, 0x5c, 0x0d 86281681Srpaulo }; 87281681Srpaulo u8 out[2 * AES_BLOCK_SIZE + sizeof(plaintext_2)]; 88281681Srpaulo const u8 *addr[3]; 89281681Srpaulo size_t len[3]; 90281681Srpaulo 91281681Srpaulo /* RFC 5297, A.1. Deterministic Authenticated Encryption Example */ 92281681Srpaulo addr[0] = ad; 93281681Srpaulo len[0] = sizeof(ad); 94281681Srpaulo 95281681Srpaulo if (aes_siv_encrypt(key, plaintext, sizeof(plaintext), 96281681Srpaulo 1, addr, len, out)) { 97281681Srpaulo wpa_printf(MSG_ERROR, "AES-SIV mode encryption failed"); 98281681Srpaulo return 1; 99281681Srpaulo } 100281681Srpaulo if (os_memcmp(out, iv_c, sizeof(iv_c)) != 0) { 101281681Srpaulo wpa_printf(MSG_ERROR, 102281681Srpaulo "AES-SIV mode encryption returned invalid cipher text"); 103281681Srpaulo return 1; 104281681Srpaulo } 105281681Srpaulo 106281681Srpaulo if (aes_siv_decrypt(key, iv_c, sizeof(iv_c), 1, addr, len, out)) { 107281681Srpaulo wpa_printf(MSG_ERROR, "AES-SIV mode decryption failed"); 108281681Srpaulo return 1; 109281681Srpaulo } 110281681Srpaulo if (os_memcmp(out, plaintext, sizeof(plaintext)) != 0) { 111281681Srpaulo wpa_printf(MSG_ERROR, 112281681Srpaulo "AES-SIV mode decryption returned invalid plain text"); 113281681Srpaulo return 1; 114281681Srpaulo } 115281681Srpaulo 116281681Srpaulo /* RFC 5297, A.2. Nonce-Based Authenticated Encryption Example */ 117281681Srpaulo addr[0] = ad1_2; 118281681Srpaulo len[0] = sizeof(ad1_2); 119281681Srpaulo addr[1] = ad2_2; 120281681Srpaulo len[1] = sizeof(ad2_2); 121281681Srpaulo addr[2] = nonce_2; 122281681Srpaulo len[2] = sizeof(nonce_2); 123281681Srpaulo 124281681Srpaulo if (aes_siv_encrypt(key_2, plaintext_2, sizeof(plaintext_2), 125281681Srpaulo 3, addr, len, out)) { 126281681Srpaulo wpa_printf(MSG_ERROR, "AES-SIV mode encryption failed"); 127281681Srpaulo return 1; 128281681Srpaulo } 129281681Srpaulo if (os_memcmp(out, iv_c_2, sizeof(iv_c_2)) != 0) { 130281681Srpaulo wpa_printf(MSG_ERROR, 131281681Srpaulo "AES-SIV mode encryption returned invalid cipher text"); 132281681Srpaulo return 1; 133281681Srpaulo } 134281681Srpaulo 135281681Srpaulo if (aes_siv_decrypt(key_2, iv_c_2, sizeof(iv_c_2), 3, addr, len, out)) { 136281681Srpaulo wpa_printf(MSG_ERROR, "AES-SIV mode decryption failed"); 137281681Srpaulo return 1; 138281681Srpaulo } 139281681Srpaulo if (os_memcmp(out, plaintext_2, sizeof(plaintext_2)) != 0) { 140281681Srpaulo wpa_printf(MSG_ERROR, 141281681Srpaulo "AES-SIV mode decryption returned invalid plain text"); 142281681Srpaulo return 1; 143281681Srpaulo } 144281681Srpaulo 145281681Srpaulo wpa_printf(MSG_INFO, "AES-SIV test cases passed"); 146281681Srpaulo#endif /* CONFIG_MESH */ 147281681Srpaulo 148281681Srpaulo return 0; 149281681Srpaulo} 150281681Srpaulo 151281681Srpaulo 152281681Srpaulo/* OMAC1 AES-128 test vectors from 153281681Srpaulo * http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/omac/omac-ad.pdf 154281681Srpaulo * which are same as the examples from NIST SP800-38B 155281681Srpaulo * http://csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf 156281681Srpaulo */ 157281681Srpaulo 158281681Srpaulostruct omac1_test_vector { 159281681Srpaulo u8 k[16]; 160281681Srpaulo u8 msg[64]; 161281681Srpaulo int msg_len; 162281681Srpaulo u8 tag[16]; 163281681Srpaulo}; 164281681Srpaulo 165289549Srpaulostatic const struct omac1_test_vector omac1_test_vectors[] = 166281681Srpaulo{ 167281681Srpaulo { 168281681Srpaulo { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 169281681Srpaulo 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, 170281681Srpaulo { }, 171281681Srpaulo 0, 172281681Srpaulo { 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, 173281681Srpaulo 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 } 174281681Srpaulo }, 175281681Srpaulo { 176281681Srpaulo { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 177281681Srpaulo 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, 178281681Srpaulo { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 179281681Srpaulo 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, 180281681Srpaulo 16, 181281681Srpaulo { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, 182281681Srpaulo 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c } 183281681Srpaulo }, 184281681Srpaulo { 185281681Srpaulo { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 186281681Srpaulo 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, 187281681Srpaulo { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 188281681Srpaulo 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 189281681Srpaulo 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 190281681Srpaulo 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 191281681Srpaulo 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11 }, 192281681Srpaulo 40, 193281681Srpaulo { 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30, 194281681Srpaulo 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27 } 195281681Srpaulo }, 196281681Srpaulo { 197281681Srpaulo { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 198281681Srpaulo 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, 199281681Srpaulo { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 200281681Srpaulo 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 201281681Srpaulo 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 202281681Srpaulo 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 203281681Srpaulo 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 204281681Srpaulo 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 205281681Srpaulo 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 206281681Srpaulo 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, 207281681Srpaulo 64, 208281681Srpaulo { 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92, 209281681Srpaulo 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe } 210281681Srpaulo }, 211281681Srpaulo}; 212281681Srpaulo 213281681Srpaulo 214289549Srpaulostatic int test_omac1_vector(const struct omac1_test_vector *tv, 215289549Srpaulo unsigned int i) 216281681Srpaulo{ 217281681Srpaulo u8 key[] = { 218281681Srpaulo 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 219281681Srpaulo 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c 220281681Srpaulo }; 221281681Srpaulo u8 msg[] = { 0x12, 0x34, 0x56 }; 222281681Srpaulo u8 result[24], result2[24]; 223281681Srpaulo const u8 *addr[3]; 224281681Srpaulo size_t len[3]; 225281681Srpaulo 226281681Srpaulo if (omac1_aes_128(tv->k, tv->msg, tv->msg_len, result) || 227281681Srpaulo os_memcmp(result, tv->tag, 16) != 0) { 228281681Srpaulo wpa_printf(MSG_ERROR, "OMAC1-AES-128 test vector %u failed", i); 229281681Srpaulo return 1; 230281681Srpaulo } 231281681Srpaulo 232281681Srpaulo if (tv->msg_len > 1) { 233281681Srpaulo 234281681Srpaulo addr[0] = tv->msg; 235281681Srpaulo len[0] = 1; 236281681Srpaulo addr[1] = tv->msg + 1; 237281681Srpaulo len[1] = tv->msg_len - 1; 238281681Srpaulo 239281681Srpaulo if (omac1_aes_128_vector(tv->k, 2, addr, len, result) || 240281681Srpaulo os_memcmp(result, tv->tag, 16) != 0) { 241281681Srpaulo wpa_printf(MSG_ERROR, 242281681Srpaulo "OMAC1-AES-128(vector) test vector %u failed", 243281681Srpaulo i); 244281681Srpaulo return 1; 245281681Srpaulo } 246281681Srpaulo 247281681Srpaulo addr[0] = tv->msg; 248281681Srpaulo len[0] = tv->msg_len - 2; 249281681Srpaulo addr[1] = tv->msg + tv->msg_len - 2; 250281681Srpaulo len[1] = 1; 251281681Srpaulo addr[2] = tv->msg + tv->msg_len - 1; 252281681Srpaulo len[2] = 1; 253281681Srpaulo 254281681Srpaulo if (omac1_aes_128_vector(tv->k, 3, addr, len, result) || 255281681Srpaulo os_memcmp(result, tv->tag, 16) != 0) { 256281681Srpaulo wpa_printf(MSG_ERROR, 257281681Srpaulo "OMAC1-AES-128(vector2) test vector %u failed", 258281681Srpaulo i); 259281681Srpaulo return 1; 260281681Srpaulo } 261281681Srpaulo } 262281681Srpaulo 263281681Srpaulo addr[0] = &msg[0]; 264281681Srpaulo len[0] = 1; 265281681Srpaulo addr[1] = &msg[1]; 266281681Srpaulo len[1] = 1; 267281681Srpaulo addr[2] = &msg[2]; 268281681Srpaulo len[2] = 1; 269281681Srpaulo if (omac1_aes_128(key, msg, sizeof(msg), result) || 270281681Srpaulo omac1_aes_128_vector(key, 3, addr, len, result2) || 271281681Srpaulo os_memcmp(result, result2, 16) != 0) { 272281681Srpaulo wpa_printf(MSG_ERROR, "OMAC1-AES-128 short test mismatch"); 273281681Srpaulo return 1; 274281681Srpaulo } 275281681Srpaulo 276281681Srpaulo return 0; 277281681Srpaulo} 278281681Srpaulo 279281681Srpaulo 280281681Srpaulostatic int test_omac1(void) 281281681Srpaulo{ 282281681Srpaulo unsigned int i; 283281681Srpaulo 284281681Srpaulo for (i = 0; i < ARRAY_SIZE(omac1_test_vectors); i++) { 285281681Srpaulo if (test_omac1_vector(&omac1_test_vectors[i], i)) 286281681Srpaulo return 1; 287281681Srpaulo } 288281681Srpaulo 289281681Srpaulo wpa_printf(MSG_INFO, "OMAC1-AES-128 test cases passed"); 290281681Srpaulo 291281681Srpaulo return 0; 292281681Srpaulo} 293281681Srpaulo 294281681Srpaulo 295281681Srpaulostatic int test_eax(void) 296281681Srpaulo{ 297281681Srpaulo#ifdef EAP_PSK 298281681Srpaulo u8 msg[] = { 0xF7, 0xFB }; 299281681Srpaulo u8 key[] = { 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B, 300281681Srpaulo 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4 }; 301281681Srpaulo u8 nonce[] = { 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84, 302281681Srpaulo 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD }; 303281681Srpaulo u8 hdr[] = { 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA }; 304281681Srpaulo u8 cipher[] = { 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D, 305281681Srpaulo 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79, 306281681Srpaulo 0x67, 0xE5 }; 307281681Srpaulo u8 data[sizeof(msg)], tag[AES_BLOCK_SIZE]; 308281681Srpaulo 309281681Srpaulo os_memcpy(data, msg, sizeof(msg)); 310281681Srpaulo if (aes_128_eax_encrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr), 311281681Srpaulo data, sizeof(data), tag)) { 312281681Srpaulo wpa_printf(MSG_ERROR, "AES-128 EAX mode encryption failed"); 313281681Srpaulo return 1; 314281681Srpaulo } 315281681Srpaulo if (os_memcmp(data, cipher, sizeof(data)) != 0) { 316281681Srpaulo wpa_printf(MSG_ERROR, 317281681Srpaulo "AES-128 EAX mode encryption returned invalid cipher text"); 318281681Srpaulo return 1; 319281681Srpaulo } 320281681Srpaulo if (os_memcmp(tag, cipher + sizeof(data), AES_BLOCK_SIZE) != 0) { 321281681Srpaulo wpa_printf(MSG_ERROR, 322281681Srpaulo "AES-128 EAX mode encryption returned invalid tag"); 323281681Srpaulo return 1; 324281681Srpaulo } 325281681Srpaulo 326281681Srpaulo if (aes_128_eax_decrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr), 327281681Srpaulo data, sizeof(data), tag)) { 328281681Srpaulo wpa_printf(MSG_ERROR, "AES-128 EAX mode decryption failed"); 329281681Srpaulo return 1; 330281681Srpaulo } 331281681Srpaulo if (os_memcmp(data, msg, sizeof(data)) != 0) { 332281681Srpaulo wpa_printf(MSG_ERROR, 333281681Srpaulo "AES-128 EAX mode decryption returned invalid plain text"); 334281681Srpaulo return 1; 335281681Srpaulo } 336281681Srpaulo 337281681Srpaulo wpa_printf(MSG_INFO, "AES-128 EAX mode test cases passed"); 338281681Srpaulo#endif /* EAP_PSK */ 339281681Srpaulo 340281681Srpaulo return 0; 341281681Srpaulo} 342281681Srpaulo 343281681Srpaulo 344281681Srpaulostatic int test_cbc(void) 345281681Srpaulo{ 346281681Srpaulo struct cbc_test_vector { 347281681Srpaulo u8 key[16]; 348281681Srpaulo u8 iv[16]; 349281681Srpaulo u8 plain[32]; 350281681Srpaulo u8 cipher[32]; 351281681Srpaulo size_t len; 352281681Srpaulo } vectors[] = { 353281681Srpaulo { 354281681Srpaulo { 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, 355281681Srpaulo 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06 }, 356281681Srpaulo { 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30, 357281681Srpaulo 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41 }, 358281681Srpaulo "Single block msg", 359281681Srpaulo { 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8, 360281681Srpaulo 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a }, 361281681Srpaulo 16 362281681Srpaulo }, 363281681Srpaulo { 364281681Srpaulo { 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 365281681Srpaulo 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a }, 366281681Srpaulo { 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28, 367281681Srpaulo 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58 }, 368281681Srpaulo { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 369281681Srpaulo 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 370281681Srpaulo 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 371281681Srpaulo 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, 372281681Srpaulo { 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a, 373281681Srpaulo 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a, 374281681Srpaulo 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, 375281681Srpaulo 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 }, 376281681Srpaulo 32 377281681Srpaulo } 378281681Srpaulo }; 379281681Srpaulo int ret = 0; 380281681Srpaulo u8 *buf; 381281681Srpaulo unsigned int i; 382281681Srpaulo 383281681Srpaulo for (i = 0; i < ARRAY_SIZE(vectors); i++) { 384281681Srpaulo struct cbc_test_vector *tv = &vectors[i]; 385281681Srpaulo 386281681Srpaulo buf = os_malloc(tv->len); 387281681Srpaulo if (buf == NULL) { 388281681Srpaulo ret++; 389281681Srpaulo break; 390281681Srpaulo } 391281681Srpaulo 392281681Srpaulo os_memcpy(buf, tv->plain, tv->len); 393281681Srpaulo if (aes_128_cbc_encrypt(tv->key, tv->iv, buf, tv->len) || 394281681Srpaulo os_memcmp(buf, tv->cipher, tv->len) != 0) { 395281681Srpaulo wpa_printf(MSG_ERROR, "AES-CBC encrypt %d failed", i); 396281681Srpaulo ret++; 397281681Srpaulo } 398281681Srpaulo 399281681Srpaulo os_memcpy(buf, tv->cipher, tv->len); 400281681Srpaulo if (aes_128_cbc_decrypt(tv->key, tv->iv, buf, tv->len) || 401281681Srpaulo os_memcmp(buf, tv->plain, tv->len) != 0) { 402281681Srpaulo wpa_printf(MSG_ERROR, "AES-CBC decrypt %d failed", i); 403281681Srpaulo ret++; 404281681Srpaulo } 405281681Srpaulo 406281681Srpaulo os_free(buf); 407281681Srpaulo } 408281681Srpaulo 409281681Srpaulo return ret; 410281681Srpaulo} 411281681Srpaulo 412281681Srpaulo 413281681Srpaulostatic int test_ecb(void) 414281681Srpaulo{ 415281681Srpaulo#ifdef EAP_PSK 416281681Srpaulo struct ecb_test_vector { 417281681Srpaulo char *key; 418281681Srpaulo char *plaintext; 419281681Srpaulo char *ciphertext; 420281681Srpaulo } vectors[] = { 421281681Srpaulo /* CAVS 11.1 - ECBGFSbox128.rsp */ 422281681Srpaulo { 423281681Srpaulo "00000000000000000000000000000000", 424281681Srpaulo "f34481ec3cc627bacd5dc3fb08f273e6", 425281681Srpaulo "0336763e966d92595a567cc9ce537f5e" 426281681Srpaulo }, 427281681Srpaulo { 428281681Srpaulo "00000000000000000000000000000000", 429281681Srpaulo "9798c4640bad75c7c3227db910174e72", 430281681Srpaulo "a9a1631bf4996954ebc093957b234589" 431281681Srpaulo }, 432281681Srpaulo { 433281681Srpaulo "00000000000000000000000000000000", 434281681Srpaulo "96ab5c2ff612d9dfaae8c31f30c42168", 435281681Srpaulo "ff4f8391a6a40ca5b25d23bedd44a597" 436281681Srpaulo }, 437281681Srpaulo { 438281681Srpaulo "00000000000000000000000000000000", 439281681Srpaulo "6a118a874519e64e9963798a503f1d35", 440281681Srpaulo "dc43be40be0e53712f7e2bf5ca707209" 441281681Srpaulo }, 442281681Srpaulo { 443281681Srpaulo "00000000000000000000000000000000", 444281681Srpaulo "cb9fceec81286ca3e989bd979b0cb284", 445281681Srpaulo "92beedab1895a94faa69b632e5cc47ce" 446281681Srpaulo }, 447281681Srpaulo { 448281681Srpaulo "00000000000000000000000000000000", 449281681Srpaulo "b26aeb1874e47ca8358ff22378f09144", 450281681Srpaulo "459264f4798f6a78bacb89c15ed3d601" 451281681Srpaulo }, 452281681Srpaulo { 453281681Srpaulo "00000000000000000000000000000000", 454281681Srpaulo "58c8e00b2631686d54eab84b91f0aca1", 455281681Srpaulo "08a4e2efec8a8e3312ca7460b9040bbf" 456281681Srpaulo }, 457281681Srpaulo /* CAVS 11.1 - ECBKeySbox128.rsp */ 458281681Srpaulo { 459281681Srpaulo "10a58869d74be5a374cf867cfb473859", 460281681Srpaulo "00000000000000000000000000000000", 461281681Srpaulo "6d251e6944b051e04eaa6fb4dbf78465" 462281681Srpaulo }, 463281681Srpaulo { 464281681Srpaulo "caea65cdbb75e9169ecd22ebe6e54675", 465281681Srpaulo "00000000000000000000000000000000", 466281681Srpaulo "6e29201190152df4ee058139def610bb", 467281681Srpaulo } 468281681Srpaulo }; 469281681Srpaulo int ret = 0; 470281681Srpaulo unsigned int i; 471281681Srpaulo u8 key[16], plain[16], cipher[16], out[16]; 472281681Srpaulo 473281681Srpaulo for (i = 0; i < ARRAY_SIZE(vectors); i++) { 474281681Srpaulo struct ecb_test_vector *tv = &vectors[i]; 475281681Srpaulo 476281681Srpaulo if (hexstr2bin(tv->key, key, sizeof(key)) || 477281681Srpaulo hexstr2bin(tv->plaintext, plain, sizeof(plain)) || 478281681Srpaulo hexstr2bin(tv->ciphertext, cipher, sizeof(cipher))) { 479281681Srpaulo wpa_printf(MSG_ERROR, "Invalid AES-ECB test vector %u", 480281681Srpaulo i); 481281681Srpaulo ret++; 482281681Srpaulo continue; 483281681Srpaulo } 484281681Srpaulo 485281681Srpaulo if (aes_128_encrypt_block(key, plain, out) < 0 || 486281681Srpaulo os_memcmp(out, cipher, 16) != 0) { 487281681Srpaulo wpa_printf(MSG_ERROR, "AES-ECB encrypt %u failed", i); 488281681Srpaulo ret++; 489281681Srpaulo } 490281681Srpaulo } 491281681Srpaulo 492281681Srpaulo if (!ret) 493281681Srpaulo wpa_printf(MSG_INFO, "AES ECB mode test cases passed"); 494281681Srpaulo 495281681Srpaulo return ret; 496281681Srpaulo#endif /* EAP_PSK */ 497281681Srpaulo 498281681Srpaulo return 0; 499281681Srpaulo} 500281681Srpaulo 501281681Srpaulo 502281681Srpaulostatic int test_key_wrap(void) 503281681Srpaulo{ 504281681Srpaulo int ret = 0; 505281681Srpaulo 506281681Srpaulo /* RFC 3394 - Test vector 4.1 */ 507281681Srpaulo u8 kek41[] = { 508281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 509281681Srpaulo 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f 510281681Srpaulo }; 511281681Srpaulo u8 plain41[] = { 512281681Srpaulo 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 513281681Srpaulo 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff 514281681Srpaulo }; 515281681Srpaulo u8 crypt41[] = { 516281681Srpaulo 0x1F, 0xA6, 0x8B, 0x0A, 0x81, 0x12, 0xB4, 0x47, 517281681Srpaulo 0xAE, 0xF3, 0x4B, 0xD8, 0xFB, 0x5A, 0x7B, 0x82, 518281681Srpaulo 0x9D, 0x3E, 0x86, 0x23, 0x71, 0xD2, 0xCF, 0xE5 519281681Srpaulo }; 520289549Srpaulo#ifndef CONFIG_BORINGSSL 521281681Srpaulo /* RFC 3394 - Test vector 4.2 */ 522281681Srpaulo u8 kek42[] = { 523281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 524281681Srpaulo 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 525281681Srpaulo 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 526281681Srpaulo }; 527281681Srpaulo u8 plain42[] = { 528281681Srpaulo 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 529281681Srpaulo 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff 530281681Srpaulo }; 531281681Srpaulo u8 crypt42[] = { 532281681Srpaulo 0x96, 0x77, 0x8B, 0x25, 0xAE, 0x6C, 0xA4, 0x35, 533281681Srpaulo 0xF9, 0x2B, 0x5B, 0x97, 0xC0, 0x50, 0xAE, 0xD2, 534281681Srpaulo 0x46, 0x8A, 0xB8, 0xA1, 0x7A, 0xD8, 0x4E, 0x5D 535281681Srpaulo }; 536289549Srpaulo#endif /* CONFIG_BORINGSSL */ 537281681Srpaulo /* RFC 3394 - Test vector 4.3 */ 538281681Srpaulo u8 kek43[] = { 539281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 540281681Srpaulo 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 541281681Srpaulo 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 542281681Srpaulo 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F 543281681Srpaulo }; 544281681Srpaulo u8 plain43[] = { 545281681Srpaulo 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 546281681Srpaulo 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff 547281681Srpaulo }; 548281681Srpaulo u8 crypt43[] = { 549281681Srpaulo 0x64, 0xE8, 0xC3, 0xF9, 0xCE, 0x0F, 0x5B, 0xA2, 550281681Srpaulo 0x63, 0xE9, 0x77, 0x79, 0x05, 0x81, 0x8A, 0x2A, 551281681Srpaulo 0x93, 0xC8, 0x19, 0x1E, 0x7D, 0x6E, 0x8A, 0xE7, 552281681Srpaulo }; 553289549Srpaulo#ifndef CONFIG_BORINGSSL 554281681Srpaulo /* RFC 3394 - Test vector 4.4 */ 555281681Srpaulo u8 kek44[] = { 556281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 557281681Srpaulo 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 558281681Srpaulo 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 559281681Srpaulo }; 560281681Srpaulo u8 plain44[] = { 561281681Srpaulo 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 562281681Srpaulo 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 563281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 564281681Srpaulo }; 565281681Srpaulo u8 crypt44[] = { 566281681Srpaulo 0x03, 0x1D, 0x33, 0x26, 0x4E, 0x15, 0xD3, 0x32, 567281681Srpaulo 0x68, 0xF2, 0x4E, 0xC2, 0x60, 0x74, 0x3E, 0xDC, 568281681Srpaulo 0xE1, 0xC6, 0xC7, 0xDD, 0xEE, 0x72, 0x5A, 0x93, 569281681Srpaulo 0x6B, 0xA8, 0x14, 0x91, 0x5C, 0x67, 0x62, 0xD2 570281681Srpaulo }; 571289549Srpaulo#endif /* CONFIG_BORINGSSL */ 572281681Srpaulo /* RFC 3394 - Test vector 4.5 */ 573281681Srpaulo u8 kek45[] = { 574281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 575281681Srpaulo 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 576281681Srpaulo 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 577281681Srpaulo 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F 578281681Srpaulo }; 579281681Srpaulo u8 plain45[] = { 580281681Srpaulo 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 581281681Srpaulo 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 582281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 583281681Srpaulo }; 584281681Srpaulo u8 crypt45[] = { 585281681Srpaulo 0xA8, 0xF9, 0xBC, 0x16, 0x12, 0xC6, 0x8B, 0x3F, 586281681Srpaulo 0xF6, 0xE6, 0xF4, 0xFB, 0xE3, 0x0E, 0x71, 0xE4, 587281681Srpaulo 0x76, 0x9C, 0x8B, 0x80, 0xA3, 0x2C, 0xB8, 0x95, 588281681Srpaulo 0x8C, 0xD5, 0xD1, 0x7D, 0x6B, 0x25, 0x4D, 0xA1, 589281681Srpaulo }; 590281681Srpaulo /* RFC 3394 - Test vector 4.6 */ 591281681Srpaulo u8 kek46[] = { 592281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 593281681Srpaulo 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 594281681Srpaulo 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 595281681Srpaulo 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F 596281681Srpaulo }; 597281681Srpaulo u8 plain46[] = { 598281681Srpaulo 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 599281681Srpaulo 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 600281681Srpaulo 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 601281681Srpaulo 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F 602281681Srpaulo }; 603281681Srpaulo u8 crypt46[] = { 604281681Srpaulo 0x28, 0xC9, 0xF4, 0x04, 0xC4, 0xB8, 0x10, 0xF4, 605281681Srpaulo 0xCB, 0xCC, 0xB3, 0x5C, 0xFB, 0x87, 0xF8, 0x26, 606281681Srpaulo 0x3F, 0x57, 0x86, 0xE2, 0xD8, 0x0E, 0xD3, 0x26, 607281681Srpaulo 0xCB, 0xC7, 0xF0, 0xE7, 0x1A, 0x99, 0xF4, 0x3B, 608281681Srpaulo 0xFB, 0x98, 0x8B, 0x9B, 0x7A, 0x02, 0xDD, 0x21 609281681Srpaulo }; 610281681Srpaulo u8 result[40]; 611281681Srpaulo 612281681Srpaulo wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.1"); 613281681Srpaulo if (aes_wrap(kek41, sizeof(kek41), sizeof(plain41) / 8, plain41, 614281681Srpaulo result)) { 615281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-128 reported failure"); 616281681Srpaulo ret++; 617281681Srpaulo } 618281681Srpaulo if (os_memcmp(result, crypt41, sizeof(crypt41)) != 0) { 619281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-128 failed"); 620281681Srpaulo ret++; 621281681Srpaulo } 622281681Srpaulo if (aes_unwrap(kek41, sizeof(kek41), sizeof(plain41) / 8, crypt41, 623281681Srpaulo result)) { 624281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-128 reported failure"); 625281681Srpaulo ret++; 626281681Srpaulo } 627281681Srpaulo if (os_memcmp(result, plain41, sizeof(plain41)) != 0) { 628281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-128 failed"); 629281681Srpaulo ret++; 630281681Srpaulo } 631281681Srpaulo 632289549Srpaulo#ifndef CONFIG_BORINGSSL 633281681Srpaulo wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.2"); 634281681Srpaulo if (aes_wrap(kek42, sizeof(kek42), sizeof(plain42) / 8, plain42, 635281681Srpaulo result)) { 636281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-192 reported failure"); 637281681Srpaulo ret++; 638281681Srpaulo } 639281681Srpaulo if (os_memcmp(result, crypt42, sizeof(crypt42)) != 0) { 640281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-192 failed"); 641281681Srpaulo ret++; 642281681Srpaulo } 643281681Srpaulo if (aes_unwrap(kek42, sizeof(kek42), sizeof(plain42) / 8, crypt42, 644281681Srpaulo result)) { 645281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-192 reported failure"); 646281681Srpaulo ret++; 647281681Srpaulo } 648281681Srpaulo if (os_memcmp(result, plain42, sizeof(plain42)) != 0) { 649281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-192 failed"); 650281681Srpaulo ret++; 651281681Srpaulo } 652289549Srpaulo#endif /* CONFIG_BORINGSSL */ 653281681Srpaulo 654281681Srpaulo wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.3"); 655281681Srpaulo if (aes_wrap(kek43, sizeof(kek43), sizeof(plain43) / 8, plain43, 656281681Srpaulo result)) { 657281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure"); 658281681Srpaulo ret++; 659281681Srpaulo } 660281681Srpaulo if (os_memcmp(result, crypt43, sizeof(crypt43)) != 0) { 661281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-256 failed"); 662281681Srpaulo ret++; 663281681Srpaulo } 664281681Srpaulo if (aes_unwrap(kek43, sizeof(kek43), sizeof(plain43) / 8, crypt43, 665281681Srpaulo result)) { 666281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure"); 667281681Srpaulo ret++; 668281681Srpaulo } 669281681Srpaulo if (os_memcmp(result, plain43, sizeof(plain43)) != 0) { 670281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed"); 671281681Srpaulo ret++; 672281681Srpaulo } 673281681Srpaulo 674289549Srpaulo#ifndef CONFIG_BORINGSSL 675281681Srpaulo wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.4"); 676281681Srpaulo if (aes_wrap(kek44, sizeof(kek44), sizeof(plain44) / 8, plain44, 677281681Srpaulo result)) { 678281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-192 reported failure"); 679281681Srpaulo ret++; 680281681Srpaulo } 681281681Srpaulo if (os_memcmp(result, crypt44, sizeof(crypt44)) != 0) { 682281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-192 failed"); 683281681Srpaulo ret++; 684281681Srpaulo } 685281681Srpaulo if (aes_unwrap(kek44, sizeof(kek44), sizeof(plain44) / 8, crypt44, 686281681Srpaulo result)) { 687281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-192 reported failure"); 688281681Srpaulo ret++; 689281681Srpaulo } 690281681Srpaulo if (os_memcmp(result, plain44, sizeof(plain44)) != 0) { 691281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-192 failed"); 692281681Srpaulo ret++; 693281681Srpaulo } 694289549Srpaulo#endif /* CONFIG_BORINGSSL */ 695281681Srpaulo 696281681Srpaulo wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.5"); 697281681Srpaulo if (aes_wrap(kek45, sizeof(kek45), sizeof(plain45) / 8, plain45, 698281681Srpaulo result)) { 699281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure"); 700281681Srpaulo ret++; 701281681Srpaulo } 702281681Srpaulo if (os_memcmp(result, crypt45, sizeof(crypt45)) != 0) { 703281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-256 failed"); 704281681Srpaulo ret++; 705281681Srpaulo } 706281681Srpaulo if (aes_unwrap(kek45, sizeof(kek45), sizeof(plain45) / 8, crypt45, 707281681Srpaulo result)) { 708281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure"); 709281681Srpaulo ret++; 710281681Srpaulo } 711281681Srpaulo if (os_memcmp(result, plain45, sizeof(plain45)) != 0) { 712281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed"); 713281681Srpaulo ret++; 714281681Srpaulo } 715281681Srpaulo 716281681Srpaulo wpa_printf(MSG_INFO, "RFC 3394 - Test vector 4.6"); 717281681Srpaulo if (aes_wrap(kek46, sizeof(kek46), sizeof(plain46) / 8, plain46, 718281681Srpaulo result)) { 719281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-256 reported failure"); 720281681Srpaulo ret++; 721281681Srpaulo } 722281681Srpaulo if (os_memcmp(result, crypt46, sizeof(crypt46)) != 0) { 723281681Srpaulo wpa_printf(MSG_ERROR, "AES-WRAP-256 failed"); 724281681Srpaulo ret++; 725281681Srpaulo } 726281681Srpaulo if (aes_unwrap(kek46, sizeof(kek46), sizeof(plain46) / 8, crypt46, 727281681Srpaulo result)) { 728281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-256 reported failure"); 729281681Srpaulo ret++; 730281681Srpaulo } 731281681Srpaulo if (os_memcmp(result, plain46, sizeof(plain46)) != 0) { 732281681Srpaulo wpa_printf(MSG_ERROR, "AES-UNWRAP-256 failed"); 733281681Srpaulo ret++; 734281681Srpaulo } 735281681Srpaulo 736281681Srpaulo if (!ret) 737281681Srpaulo wpa_printf(MSG_INFO, "AES key wrap/unwrap test cases passed"); 738281681Srpaulo 739281681Srpaulo return ret; 740281681Srpaulo} 741281681Srpaulo 742281681Srpaulo 743281681Srpaulostatic int test_md5(void) 744281681Srpaulo{ 745289549Srpaulo#ifndef CONFIG_FIPS 746281681Srpaulo struct { 747281681Srpaulo char *data; 748281681Srpaulo char *hash; 749281681Srpaulo } tests[] = { 750281681Srpaulo { 751281681Srpaulo "", 752281681Srpaulo "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04" 753281681Srpaulo "\xe9\x80\x09\x98\xec\xf8\x42\x7e" 754281681Srpaulo }, 755281681Srpaulo { 756281681Srpaulo "a", 757281681Srpaulo "\x0c\xc1\x75\xb9\xc0\xf1\xb6\xa8" 758281681Srpaulo "\x31\xc3\x99\xe2\x69\x77\x26\x61" 759281681Srpaulo }, 760281681Srpaulo { 761281681Srpaulo "abc", 762281681Srpaulo "\x90\x01\x50\x98\x3c\xd2\x4f\xb0" 763281681Srpaulo "\xd6\x96\x3f\x7d\x28\xe1\x7f\x72" 764281681Srpaulo }, 765281681Srpaulo { 766281681Srpaulo "message digest", 767281681Srpaulo "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d" 768281681Srpaulo "\x52\x5a\x2f\x31\xaa\xf1\x61\xd0" 769281681Srpaulo }, 770281681Srpaulo { 771281681Srpaulo "abcdefghijklmnopqrstuvwxyz", 772281681Srpaulo "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00" 773281681Srpaulo "\x7d\xfb\x49\x6c\xca\x67\xe1\x3b" 774281681Srpaulo }, 775281681Srpaulo { 776281681Srpaulo "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" 777281681Srpaulo "0123456789", 778281681Srpaulo "\xd1\x74\xab\x98\xd2\x77\xd9\xf5" 779281681Srpaulo "\xa5\x61\x1c\x2c\x9f\x41\x9d\x9f" 780281681Srpaulo }, 781281681Srpaulo { 782281681Srpaulo "12345678901234567890123456789012345678901234567890" 783281681Srpaulo "123456789012345678901234567890", 784281681Srpaulo "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55" 785281681Srpaulo "\xac\x49\xda\x2e\x21\x07\xb6\x7a" 786281681Srpaulo } 787281681Srpaulo }; 788281681Srpaulo unsigned int i; 789281681Srpaulo u8 hash[16]; 790281681Srpaulo const u8 *addr[2]; 791281681Srpaulo size_t len[2]; 792281681Srpaulo int errors = 0; 793281681Srpaulo 794281681Srpaulo for (i = 0; i < ARRAY_SIZE(tests); i++) { 795281681Srpaulo wpa_printf(MSG_INFO, "MD5 test case %d", i); 796281681Srpaulo 797281681Srpaulo addr[0] = (u8 *) tests[i].data; 798281681Srpaulo len[0] = strlen(tests[i].data); 799281681Srpaulo if (md5_vector(1, addr, len, hash) < 0 || 800281681Srpaulo os_memcmp(hash, tests[i].hash, 16) != 0) { 801281681Srpaulo wpa_printf(MSG_INFO, " FAIL"); 802281681Srpaulo errors++; 803281681Srpaulo } else 804281681Srpaulo wpa_printf(MSG_INFO, " OK"); 805281681Srpaulo 806281681Srpaulo if (len[0]) { 807281681Srpaulo addr[0] = (u8 *) tests[i].data; 808281681Srpaulo len[0] = strlen(tests[i].data); 809281681Srpaulo addr[1] = (u8 *) tests[i].data + 1; 810281681Srpaulo len[1] = strlen(tests[i].data) - 1; 811281681Srpaulo if (md5_vector(1, addr, len, hash) < 0 || 812281681Srpaulo os_memcmp(hash, tests[i].hash, 16) != 0) { 813281681Srpaulo wpa_printf(MSG_INFO, " FAIL"); 814281681Srpaulo errors++; 815281681Srpaulo } else 816281681Srpaulo wpa_printf(MSG_INFO, " OK"); 817281681Srpaulo } 818281681Srpaulo } 819281681Srpaulo 820281681Srpaulo if (!errors) 821281681Srpaulo wpa_printf(MSG_INFO, "MD5 test cases passed"); 822281681Srpaulo 823281681Srpaulo return errors; 824289549Srpaulo#else /* CONFIG_FIPS */ 825289549Srpaulo wpa_printf(MSG_INFO, "MD5 test cases skipped due to CONFIG_FIPS"); 826289549Srpaulo return 0; 827289549Srpaulo#endif /* CONFIG_FIPS */ 828281681Srpaulo} 829281681Srpaulo 830281681Srpaulo 831281681Srpaulostatic int test_eap_fast(void) 832281681Srpaulo{ 833281681Srpaulo#ifdef EAP_FAST 834281681Srpaulo /* RFC 4851, Appendix B.1 */ 835281681Srpaulo const u8 pac_key[] = { 836281681Srpaulo 0x0B, 0x97, 0x39, 0x0F, 0x37, 0x51, 0x78, 0x09, 837281681Srpaulo 0x81, 0x1E, 0xFD, 0x9C, 0x6E, 0x65, 0x94, 0x2B, 838281681Srpaulo 0x63, 0x2C, 0xE9, 0x53, 0x89, 0x38, 0x08, 0xBA, 839281681Srpaulo 0x36, 0x0B, 0x03, 0x7C, 0xD1, 0x85, 0xE4, 0x14 840281681Srpaulo }; 841281681Srpaulo const u8 seed[] = { 842281681Srpaulo 0x3F, 0xFB, 0x11, 0xC4, 0x6C, 0xBF, 0xA5, 0x7A, 843281681Srpaulo 0x54, 0x40, 0xDA, 0xE8, 0x22, 0xD3, 0x11, 0xD3, 844281681Srpaulo 0xF7, 0x6D, 0xE4, 0x1D, 0xD9, 0x33, 0xE5, 0x93, 845281681Srpaulo 0x70, 0x97, 0xEB, 0xA9, 0xB3, 0x66, 0xF4, 0x2A, 846281681Srpaulo 0x00, 0x00, 0x00, 0x02, 0x6A, 0x66, 0x43, 0x2A, 847281681Srpaulo 0x8D, 0x14, 0x43, 0x2C, 0xEC, 0x58, 0x2D, 0x2F, 848281681Srpaulo 0xC7, 0x9C, 0x33, 0x64, 0xBA, 0x04, 0xAD, 0x3A, 849281681Srpaulo 0x52, 0x54, 0xD6, 0xA5, 0x79, 0xAD, 0x1E, 0x00 850281681Srpaulo }; 851281681Srpaulo const u8 master_secret[] = { 852281681Srpaulo 0x4A, 0x1A, 0x51, 0x2C, 0x01, 0x60, 0xBC, 0x02, 853281681Srpaulo 0x3C, 0xCF, 0xBC, 0x83, 0x3F, 0x03, 0xBC, 0x64, 854281681Srpaulo 0x88, 0xC1, 0x31, 0x2F, 0x0B, 0xA9, 0xA2, 0x77, 855281681Srpaulo 0x16, 0xA8, 0xD8, 0xE8, 0xBD, 0xC9, 0xD2, 0x29, 856281681Srpaulo 0x38, 0x4B, 0x7A, 0x85, 0xBE, 0x16, 0x4D, 0x27, 857281681Srpaulo 0x33, 0xD5, 0x24, 0x79, 0x87, 0xB1, 0xC5, 0xA2 858281681Srpaulo }; 859289549Srpaulo#ifndef CONFIG_FIPS 860281681Srpaulo const u8 key_block[] = { 861281681Srpaulo 0x59, 0x59, 0xBE, 0x8E, 0x41, 0x3A, 0x77, 0x74, 862281681Srpaulo 0x8B, 0xB2, 0xE5, 0xD3, 0x60, 0xAC, 0x4D, 0x35, 863281681Srpaulo 0xDF, 0xFB, 0xC8, 0x1E, 0x9C, 0x24, 0x9C, 0x8B, 864281681Srpaulo 0x0E, 0xC3, 0x1D, 0x72, 0xC8, 0x84, 0x9D, 0x57, 865281681Srpaulo 0x48, 0x51, 0x2E, 0x45, 0x97, 0x6C, 0x88, 0x70, 866281681Srpaulo 0xBE, 0x5F, 0x01, 0xD3, 0x64, 0xE7, 0x4C, 0xBB, 867281681Srpaulo 0x11, 0x24, 0xE3, 0x49, 0xE2, 0x3B, 0xCD, 0xEF, 868281681Srpaulo 0x7A, 0xB3, 0x05, 0x39, 0x5D, 0x64, 0x8A, 0x44, 869281681Srpaulo 0x11, 0xB6, 0x69, 0x88, 0x34, 0x2E, 0x8E, 0x29, 870281681Srpaulo 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05, 871281681Srpaulo 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96, 872281681Srpaulo 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84, 873281681Srpaulo 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98, 874281681Srpaulo 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71 875281681Srpaulo }; 876289549Srpaulo#endif /* CONFIG_FIPS */ 877281681Srpaulo const u8 sks[] = { 878281681Srpaulo 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05, 879281681Srpaulo 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96, 880281681Srpaulo 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84, 881281681Srpaulo 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98, 882281681Srpaulo 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71 883281681Srpaulo }; 884281681Srpaulo const u8 isk[] = { 885281681Srpaulo 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 886281681Srpaulo 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 887281681Srpaulo 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 888281681Srpaulo 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 889281681Srpaulo }; 890281681Srpaulo const u8 imck[] = { 891281681Srpaulo 0x16, 0x15, 0x3C, 0x3F, 0x21, 0x55, 0xEF, 0xD9, 892281681Srpaulo 0x7F, 0x34, 0xAE, 0xC8, 0x1A, 0x4E, 0x66, 0x80, 893281681Srpaulo 0x4C, 0xC3, 0x76, 0xF2, 0x8A, 0xA9, 0x6F, 0x96, 894281681Srpaulo 0xC2, 0x54, 0x5F, 0x8C, 0xAB, 0x65, 0x02, 0xE1, 895281681Srpaulo 0x18, 0x40, 0x7B, 0x56, 0xBE, 0xEA, 0xA7, 0xC5, 896281681Srpaulo 0x76, 0x5D, 0x8F, 0x0B, 0xC5, 0x07, 0xC6, 0xB9, 897281681Srpaulo 0x04, 0xD0, 0x69, 0x56, 0x72, 0x8B, 0x6B, 0xB8, 898281681Srpaulo 0x15, 0xEC, 0x57, 0x7B 899281681Srpaulo }; 900281681Srpaulo const u8 msk[] = { 901281681Srpaulo 0x4D, 0x83, 0xA9, 0xBE, 0x6F, 0x8A, 0x74, 0xED, 902281681Srpaulo 0x6A, 0x02, 0x66, 0x0A, 0x63, 0x4D, 0x2C, 0x33, 903281681Srpaulo 0xC2, 0xDA, 0x60, 0x15, 0xC6, 0x37, 0x04, 0x51, 904281681Srpaulo 0x90, 0x38, 0x63, 0xDA, 0x54, 0x3E, 0x14, 0xB9, 905281681Srpaulo 0x27, 0x99, 0x18, 0x1E, 0x07, 0xBF, 0x0F, 0x5A, 906281681Srpaulo 0x5E, 0x3C, 0x32, 0x93, 0x80, 0x8C, 0x6C, 0x49, 907281681Srpaulo 0x67, 0xED, 0x24, 0xFE, 0x45, 0x40, 0xA0, 0x59, 908281681Srpaulo 0x5E, 0x37, 0xC2, 0xE9, 0xD0, 0x5D, 0x0A, 0xE3 909281681Srpaulo }; 910281681Srpaulo const u8 emsk[] = { 911281681Srpaulo 0x3A, 0xD4, 0xAB, 0xDB, 0x76, 0xB2, 0x7F, 0x3B, 912281681Srpaulo 0xEA, 0x32, 0x2C, 0x2B, 0x74, 0xF4, 0x28, 0x55, 913281681Srpaulo 0xEF, 0x2D, 0xBA, 0x78, 0xC9, 0x57, 0x2F, 0x0D, 914281681Srpaulo 0x06, 0xCD, 0x51, 0x7C, 0x20, 0x93, 0x98, 0xA9, 915281681Srpaulo 0x76, 0xEA, 0x70, 0x21, 0xD7, 0x0E, 0x25, 0x54, 916281681Srpaulo 0x97, 0xED, 0xB2, 0x8A, 0xF6, 0xED, 0xFD, 0x0A, 917281681Srpaulo 0x2A, 0xE7, 0xA1, 0x58, 0x90, 0x10, 0x50, 0x44, 918281681Srpaulo 0xB3, 0x82, 0x85, 0xDB, 0x06, 0x14, 0xD2, 0xF9 919281681Srpaulo }; 920281681Srpaulo /* RFC 4851, Appendix B.2 */ 921281681Srpaulo u8 tlv[] = { 922281681Srpaulo 0x80, 0x0C, 0x00, 0x38, 0x00, 0x01, 0x01, 0x00, 923281681Srpaulo 0xD8, 0x6A, 0x8C, 0x68, 0x3C, 0x32, 0x31, 0xA8, 924281681Srpaulo 0x56, 0x63, 0xB6, 0x40, 0x21, 0xFE, 0x21, 0x14, 925281681Srpaulo 0x4E, 0xE7, 0x54, 0x20, 0x79, 0x2D, 0x42, 0x62, 926281681Srpaulo 0xC9, 0xBF, 0x53, 0x7F, 0x54, 0xFD, 0xAC, 0x58, 927281681Srpaulo 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF, 928281681Srpaulo 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC, 929281681Srpaulo 0x05, 0xC5, 0x5B, 0xB7 930281681Srpaulo }; 931281681Srpaulo const u8 compound_mac[] = { 932281681Srpaulo 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF, 933281681Srpaulo 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC, 934281681Srpaulo 0x05, 0xC5, 0x5B, 0xB7 935281681Srpaulo }; 936281681Srpaulo u8 buf[512]; 937281681Srpaulo const u8 *simck, *cmk; 938281681Srpaulo int errors = 0; 939281681Srpaulo 940281681Srpaulo wpa_printf(MSG_INFO, "EAP-FAST test cases"); 941281681Srpaulo 942281681Srpaulo wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / master_secret"); 943281681Srpaulo if (sha1_t_prf(pac_key, sizeof(pac_key), 944281681Srpaulo "PAC to master secret label hash", 945281681Srpaulo seed, sizeof(seed), buf, sizeof(master_secret)) < 0 || 946281681Srpaulo os_memcmp(master_secret, buf, sizeof(master_secret)) != 0) { 947281681Srpaulo wpa_printf(MSG_INFO, "T-PRF test - FAILED!"); 948281681Srpaulo errors++; 949281681Srpaulo } 950281681Srpaulo 951289549Srpaulo#ifndef CONFIG_FIPS 952281681Srpaulo wpa_printf(MSG_INFO, "- PRF (TLS, SHA1/MD5) test case / key_block"); 953281681Srpaulo if (tls_prf_sha1_md5(master_secret, sizeof(master_secret), 954281681Srpaulo "key expansion", seed, sizeof(seed), 955281681Srpaulo buf, sizeof(key_block)) || 956281681Srpaulo os_memcmp(key_block, buf, sizeof(key_block)) != 0) { 957281681Srpaulo wpa_printf(MSG_INFO, "PRF test - FAILED!"); 958281681Srpaulo errors++; 959281681Srpaulo } 960289549Srpaulo#endif /* CONFIG_FIPS */ 961281681Srpaulo 962281681Srpaulo wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / IMCK"); 963281681Srpaulo if (sha1_t_prf(sks, sizeof(sks), "Inner Methods Compound Keys", 964281681Srpaulo isk, sizeof(isk), buf, sizeof(imck)) < 0 || 965281681Srpaulo os_memcmp(imck, buf, sizeof(imck)) != 0) { 966281681Srpaulo wpa_printf(MSG_INFO, "T-PRF test - FAILED!"); 967281681Srpaulo errors++; 968281681Srpaulo } 969281681Srpaulo 970281681Srpaulo simck = imck; 971281681Srpaulo cmk = imck + 40; 972281681Srpaulo 973281681Srpaulo wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / MSK"); 974281681Srpaulo if (sha1_t_prf(simck, 40, "Session Key Generating Function", 975281681Srpaulo (u8 *) "", 0, buf, sizeof(msk)) < 0 || 976281681Srpaulo os_memcmp(msk, buf, sizeof(msk)) != 0) { 977281681Srpaulo wpa_printf(MSG_INFO, "T-PRF test - FAILED!"); 978281681Srpaulo errors++; 979281681Srpaulo } 980281681Srpaulo 981281681Srpaulo wpa_printf(MSG_INFO, "- T-PRF (SHA1) test case / EMSK"); 982281681Srpaulo if (sha1_t_prf(simck, 40, "Extended Session Key Generating Function", 983281681Srpaulo (u8 *) "", 0, buf, sizeof(msk)) < 0 || 984281681Srpaulo os_memcmp(emsk, buf, sizeof(emsk)) != 0) { 985281681Srpaulo wpa_printf(MSG_INFO, "T-PRF test - FAILED!"); 986281681Srpaulo errors++; 987281681Srpaulo } 988281681Srpaulo 989281681Srpaulo wpa_printf(MSG_INFO, "- Compound MAC test case"); 990281681Srpaulo os_memset(tlv + sizeof(tlv) - 20, 0, 20); 991281681Srpaulo if (hmac_sha1(cmk, 20, tlv, sizeof(tlv), tlv + sizeof(tlv) - 20) < 0 || 992281681Srpaulo os_memcmp(tlv + sizeof(tlv) - 20, compound_mac, 993281681Srpaulo sizeof(compound_mac)) != 0) { 994281681Srpaulo wpa_printf(MSG_INFO, "Compound MAC test - FAILED!"); 995281681Srpaulo errors++; 996281681Srpaulo } 997281681Srpaulo 998281681Srpaulo return errors; 999281681Srpaulo#else /* EAP_FAST */ 1000281681Srpaulo return 0; 1001281681Srpaulo#endif /* EAP_FAST */ 1002281681Srpaulo} 1003281681Srpaulo 1004281681Srpaulo 1005289549Srpaulostatic const u8 key0[] = 1006281681Srpaulo{ 1007281681Srpaulo 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 1008281681Srpaulo 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 1009281681Srpaulo 0x0b, 0x0b, 0x0b, 0x0b 1010281681Srpaulo}; 1011289549Srpaulostatic const u8 data0[] = "Hi There"; 1012289549Srpaulostatic const u8 prf0[] = 1013281681Srpaulo{ 1014281681Srpaulo 0xbc, 0xd4, 0xc6, 0x50, 0xb3, 0x0b, 0x96, 0x84, 1015281681Srpaulo 0x95, 0x18, 0x29, 0xe0, 0xd7, 0x5f, 0x9d, 0x54, 1016281681Srpaulo 0xb8, 0x62, 0x17, 0x5e, 0xd9, 0xf0, 0x06, 0x06, 1017281681Srpaulo 0xe1, 0x7d, 0x8d, 0xa3, 0x54, 0x02, 0xff, 0xee, 1018281681Srpaulo 0x75, 0xdf, 0x78, 0xc3, 0xd3, 0x1e, 0x0f, 0x88, 1019281681Srpaulo 0x9f, 0x01, 0x21, 0x20, 0xc0, 0x86, 0x2b, 0xeb, 1020281681Srpaulo 0x67, 0x75, 0x3e, 0x74, 0x39, 0xae, 0x24, 0x2e, 1021281681Srpaulo 0xdb, 0x83, 0x73, 0x69, 0x83, 0x56, 0xcf, 0x5a 1022281681Srpaulo}; 1023281681Srpaulo 1024289549Srpaulostatic const u8 key1[] = "Jefe"; 1025289549Srpaulostatic const u8 data1[] = "what do ya want for nothing?"; 1026289549Srpaulostatic const u8 prf1[] = 1027281681Srpaulo{ 1028281681Srpaulo 0x51, 0xf4, 0xde, 0x5b, 0x33, 0xf2, 0x49, 0xad, 1029281681Srpaulo 0xf8, 0x1a, 0xeb, 0x71, 0x3a, 0x3c, 0x20, 0xf4, 1030281681Srpaulo 0xfe, 0x63, 0x14, 0x46, 0xfa, 0xbd, 0xfa, 0x58, 1031281681Srpaulo 0x24, 0x47, 0x59, 0xae, 0x58, 0xef, 0x90, 0x09, 1032281681Srpaulo 0xa9, 0x9a, 0xbf, 0x4e, 0xac, 0x2c, 0xa5, 0xfa, 1033281681Srpaulo 0x87, 0xe6, 0x92, 0xc4, 0x40, 0xeb, 0x40, 0x02, 1034281681Srpaulo 0x3e, 0x7b, 0xab, 0xb2, 0x06, 0xd6, 0x1d, 0xe7, 1035281681Srpaulo 0xb9, 0x2f, 0x41, 0x52, 0x90, 0x92, 0xb8, 0xfc 1036281681Srpaulo}; 1037281681Srpaulo 1038281681Srpaulo 1039289549Srpaulostatic const u8 key2[] = 1040281681Srpaulo{ 1041281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1042281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1043281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa 1044281681Srpaulo}; 1045289549Srpaulostatic const u8 data2[] = 1046281681Srpaulo{ 1047281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1048281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1049281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1050281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1051281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1052281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1053281681Srpaulo 0xdd, 0xdd 1054281681Srpaulo}; 1055289549Srpaulostatic const u8 prf2[] = 1056281681Srpaulo{ 1057281681Srpaulo 0xe1, 0xac, 0x54, 0x6e, 0xc4, 0xcb, 0x63, 0x6f, 1058281681Srpaulo 0x99, 0x76, 0x48, 0x7b, 0xe5, 0xc8, 0x6b, 0xe1, 1059281681Srpaulo 0x7a, 0x02, 0x52, 0xca, 0x5d, 0x8d, 0x8d, 0xf1, 1060281681Srpaulo 0x2c, 0xfb, 0x04, 0x73, 0x52, 0x52, 0x49, 0xce, 1061281681Srpaulo 0x9d, 0xd8, 0xd1, 0x77, 0xea, 0xd7, 0x10, 0xbc, 1062281681Srpaulo 0x9b, 0x59, 0x05, 0x47, 0x23, 0x91, 0x07, 0xae, 1063281681Srpaulo 0xf7, 0xb4, 0xab, 0xd4, 0x3d, 0x87, 0xf0, 0xa6, 1064281681Srpaulo 0x8f, 0x1c, 0xbd, 0x9e, 0x2b, 0x6f, 0x76, 0x07 1065281681Srpaulo}; 1066281681Srpaulo 1067281681Srpaulo 1068281681Srpaulostruct passphrase_test { 1069281681Srpaulo char *passphrase; 1070281681Srpaulo char *ssid; 1071281681Srpaulo char psk[32]; 1072281681Srpaulo}; 1073281681Srpaulo 1074289549Srpaulostatic const struct passphrase_test passphrase_tests[] = 1075281681Srpaulo{ 1076281681Srpaulo { 1077281681Srpaulo "password", 1078281681Srpaulo "IEEE", 1079281681Srpaulo { 1080281681Srpaulo 0xf4, 0x2c, 0x6f, 0xc5, 0x2d, 0xf0, 0xeb, 0xef, 1081281681Srpaulo 0x9e, 0xbb, 0x4b, 0x90, 0xb3, 0x8a, 0x5f, 0x90, 1082281681Srpaulo 0x2e, 0x83, 0xfe, 0x1b, 0x13, 0x5a, 0x70, 0xe2, 1083281681Srpaulo 0x3a, 0xed, 0x76, 0x2e, 0x97, 0x10, 0xa1, 0x2e 1084281681Srpaulo } 1085281681Srpaulo }, 1086281681Srpaulo { 1087281681Srpaulo "ThisIsAPassword", 1088281681Srpaulo "ThisIsASSID", 1089281681Srpaulo { 1090281681Srpaulo 0x0d, 0xc0, 0xd6, 0xeb, 0x90, 0x55, 0x5e, 0xd6, 1091281681Srpaulo 0x41, 0x97, 0x56, 0xb9, 0xa1, 0x5e, 0xc3, 0xe3, 1092281681Srpaulo 0x20, 0x9b, 0x63, 0xdf, 0x70, 0x7d, 0xd5, 0x08, 1093281681Srpaulo 0xd1, 0x45, 0x81, 0xf8, 0x98, 0x27, 0x21, 0xaf 1094281681Srpaulo } 1095281681Srpaulo }, 1096281681Srpaulo { 1097281681Srpaulo "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 1098281681Srpaulo "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ", 1099281681Srpaulo { 1100281681Srpaulo 0xbe, 0xcb, 0x93, 0x86, 0x6b, 0xb8, 0xc3, 0x83, 1101281681Srpaulo 0x2c, 0xb7, 0x77, 0xc2, 0xf5, 0x59, 0x80, 0x7c, 1102281681Srpaulo 0x8c, 0x59, 0xaf, 0xcb, 0x6e, 0xae, 0x73, 0x48, 1103281681Srpaulo 0x85, 0x00, 0x13, 0x00, 0xa9, 0x81, 0xcc, 0x62 1104281681Srpaulo } 1105281681Srpaulo }, 1106281681Srpaulo}; 1107281681Srpaulo 1108281681Srpaulo#define NUM_PASSPHRASE_TESTS ARRAY_SIZE(passphrase_tests) 1109281681Srpaulo 1110281681Srpaulo 1111281681Srpaulostruct rfc6070_test { 1112281681Srpaulo char *p; 1113281681Srpaulo char *s; 1114281681Srpaulo int c; 1115281681Srpaulo char dk[32]; 1116281681Srpaulo size_t dk_len; 1117281681Srpaulo}; 1118281681Srpaulo 1119289549Srpaulostatic const struct rfc6070_test rfc6070_tests[] = 1120281681Srpaulo{ 1121281681Srpaulo { 1122281681Srpaulo "password", 1123281681Srpaulo "salt", 1124281681Srpaulo 1, 1125281681Srpaulo { 1126281681Srpaulo 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71, 1127281681Srpaulo 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06, 1128281681Srpaulo 0x2f, 0xe0, 0x37, 0xa6 1129281681Srpaulo }, 1130281681Srpaulo 20 1131281681Srpaulo }, 1132281681Srpaulo { 1133281681Srpaulo "password", 1134281681Srpaulo "salt", 1135281681Srpaulo 2, 1136281681Srpaulo { 1137281681Srpaulo 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, 1138281681Srpaulo 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0, 1139281681Srpaulo 0xd8, 0xde, 0x89, 0x57 1140281681Srpaulo }, 1141281681Srpaulo 20 1142281681Srpaulo }, 1143281681Srpaulo { 1144281681Srpaulo "password", 1145281681Srpaulo "salt", 1146281681Srpaulo 4096, 1147281681Srpaulo { 1148281681Srpaulo 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a, 1149281681Srpaulo 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0, 1150281681Srpaulo 0x65, 0xa4, 0x29, 0xc1 1151281681Srpaulo }, 1152281681Srpaulo 20 1153281681Srpaulo }, 1154281681Srpaulo#if 0 /* This takes quite long to derive.. */ 1155281681Srpaulo { 1156281681Srpaulo "password", 1157281681Srpaulo "salt", 1158281681Srpaulo 16777216, 1159281681Srpaulo { 1160281681Srpaulo 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4, 1161281681Srpaulo 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c, 1162281681Srpaulo 0x26, 0x34, 0xe9, 0x84 1163281681Srpaulo }, 1164281681Srpaulo 20 1165281681Srpaulo }, 1166281681Srpaulo#endif 1167281681Srpaulo { 1168281681Srpaulo "passwordPASSWORDpassword", 1169281681Srpaulo "saltSALTsaltSALTsaltSALTsaltSALTsalt", 1170281681Srpaulo 4096, 1171281681Srpaulo { 1172281681Srpaulo 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b, 1173281681Srpaulo 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a, 1174281681Srpaulo 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70, 1175281681Srpaulo 0x38 1176281681Srpaulo }, 1177281681Srpaulo 25 1178281681Srpaulo }, 1179281681Srpaulo#if 0 /* \0 not currently supported in passphrase parameters.. */ 1180281681Srpaulo { 1181281681Srpaulo "pass\0word", 1182281681Srpaulo "sa\0lt", 1183281681Srpaulo 4096, 1184281681Srpaulo { 1185281681Srpaulo 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d, 1186281681Srpaulo 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 1187281681Srpaulo }, 1188281681Srpaulo 16 1189281681Srpaulo }, 1190281681Srpaulo#endif 1191281681Srpaulo}; 1192281681Srpaulo 1193281681Srpaulo#define NUM_RFC6070_TESTS ARRAY_SIZE(rfc6070_tests) 1194281681Srpaulo 1195281681Srpaulo 1196281681Srpaulostatic int test_sha1(void) 1197281681Srpaulo{ 1198281681Srpaulo u8 res[512]; 1199281681Srpaulo int ret = 0; 1200281681Srpaulo unsigned int i; 1201281681Srpaulo 1202281681Srpaulo wpa_printf(MSG_INFO, "PRF-SHA1 test cases:"); 1203281681Srpaulo 1204281681Srpaulo if (sha1_prf(key0, sizeof(key0), "prefix", data0, sizeof(data0) - 1, 1205281681Srpaulo res, sizeof(prf0)) == 0 && 1206281681Srpaulo os_memcmp(res, prf0, sizeof(prf0)) == 0) 1207281681Srpaulo wpa_printf(MSG_INFO, "Test case 0 - OK"); 1208281681Srpaulo else { 1209281681Srpaulo wpa_printf(MSG_INFO, "Test case 0 - FAILED!"); 1210281681Srpaulo ret++; 1211281681Srpaulo } 1212281681Srpaulo 1213281681Srpaulo if (sha1_prf(key1, sizeof(key1) - 1, "prefix", data1, sizeof(data1) - 1, 1214281681Srpaulo res, sizeof(prf1)) == 0 && 1215281681Srpaulo os_memcmp(res, prf1, sizeof(prf1)) == 0) 1216281681Srpaulo wpa_printf(MSG_INFO, "Test case 1 - OK"); 1217281681Srpaulo else { 1218281681Srpaulo wpa_printf(MSG_INFO, "Test case 1 - FAILED!"); 1219281681Srpaulo ret++; 1220281681Srpaulo } 1221281681Srpaulo 1222281681Srpaulo if (sha1_prf(key2, sizeof(key2), "prefix", data2, sizeof(data2), 1223281681Srpaulo res, sizeof(prf2)) == 0 && 1224281681Srpaulo os_memcmp(res, prf2, sizeof(prf2)) == 0) 1225281681Srpaulo wpa_printf(MSG_INFO, "Test case 2 - OK"); 1226281681Srpaulo else { 1227281681Srpaulo wpa_printf(MSG_INFO, "Test case 2 - FAILED!"); 1228281681Srpaulo ret++; 1229281681Srpaulo } 1230281681Srpaulo 1231281681Srpaulo ret += test_eap_fast(); 1232281681Srpaulo 1233281681Srpaulo wpa_printf(MSG_INFO, "PBKDF2-SHA1 Passphrase test cases:"); 1234281681Srpaulo for (i = 0; i < NUM_PASSPHRASE_TESTS; i++) { 1235281681Srpaulo u8 psk[32]; 1236289549Srpaulo const struct passphrase_test *test = &passphrase_tests[i]; 1237281681Srpaulo 1238281681Srpaulo if (pbkdf2_sha1(test->passphrase, 1239281681Srpaulo (const u8 *) test->ssid, strlen(test->ssid), 1240281681Srpaulo 4096, psk, 32) == 0 && 1241281681Srpaulo os_memcmp(psk, test->psk, 32) == 0) 1242281681Srpaulo wpa_printf(MSG_INFO, "Test case %d - OK", i); 1243281681Srpaulo else { 1244281681Srpaulo wpa_printf(MSG_INFO, "Test case %d - FAILED!", i); 1245281681Srpaulo ret++; 1246281681Srpaulo } 1247281681Srpaulo } 1248281681Srpaulo 1249281681Srpaulo wpa_printf(MSG_INFO, "PBKDF2-SHA1 test cases (RFC 6070):"); 1250281681Srpaulo for (i = 0; i < NUM_RFC6070_TESTS; i++) { 1251281681Srpaulo u8 dk[25]; 1252289549Srpaulo const struct rfc6070_test *test = &rfc6070_tests[i]; 1253281681Srpaulo 1254281681Srpaulo if (pbkdf2_sha1(test->p, (const u8 *) test->s, strlen(test->s), 1255281681Srpaulo test->c, dk, test->dk_len) == 0 && 1256281681Srpaulo os_memcmp(dk, test->dk, test->dk_len) == 0) 1257281681Srpaulo wpa_printf(MSG_INFO, "Test case %d - OK", i); 1258281681Srpaulo else { 1259281681Srpaulo wpa_printf(MSG_INFO, "Test case %d - FAILED!", i); 1260281681Srpaulo ret++; 1261281681Srpaulo } 1262281681Srpaulo } 1263281681Srpaulo 1264281681Srpaulo if (!ret) 1265281681Srpaulo wpa_printf(MSG_INFO, "SHA1 test cases passed"); 1266281681Srpaulo return ret; 1267281681Srpaulo} 1268281681Srpaulo 1269281681Srpaulo 1270337817Scystatic const struct { 1271281681Srpaulo char *data; 1272281681Srpaulo u8 hash[32]; 1273281681Srpaulo} tests[] = { 1274281681Srpaulo { 1275281681Srpaulo "abc", 1276281681Srpaulo { 1277281681Srpaulo 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 1278281681Srpaulo 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, 1279281681Srpaulo 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 1280281681Srpaulo 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad 1281281681Srpaulo } 1282281681Srpaulo }, 1283281681Srpaulo { 1284281681Srpaulo "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1285281681Srpaulo { 1286281681Srpaulo 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, 1287281681Srpaulo 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39, 1288281681Srpaulo 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, 1289281681Srpaulo 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 1290281681Srpaulo } 1291281681Srpaulo } 1292281681Srpaulo}; 1293281681Srpaulo 1294337817Scystatic const struct hmac_test { 1295281681Srpaulo u8 key[80]; 1296281681Srpaulo size_t key_len; 1297281681Srpaulo u8 data[128]; 1298281681Srpaulo size_t data_len; 1299281681Srpaulo u8 hash[32]; 1300281681Srpaulo} hmac_tests[] = { 1301281681Srpaulo /* draft-ietf-ipsec-ciph-sha-256-01.txt */ 1302281681Srpaulo { 1303281681Srpaulo { 1304281681Srpaulo 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 1305281681Srpaulo 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 1306281681Srpaulo 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 1307281681Srpaulo 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 1308281681Srpaulo }, 1309281681Srpaulo 32, 1310281681Srpaulo "abc", 3, 1311281681Srpaulo { 1312281681Srpaulo 0xa2, 0x1b, 0x1f, 0x5d, 0x4c, 0xf4, 0xf7, 0x3a, 1313281681Srpaulo 0x4d, 0xd9, 0x39, 0x75, 0x0f, 0x7a, 0x06, 0x6a, 1314281681Srpaulo 0x7f, 0x98, 0xcc, 0x13, 0x1c, 0xb1, 0x6a, 0x66, 1315281681Srpaulo 0x92, 0x75, 0x90, 0x21, 0xcf, 0xab, 0x81, 0x81 1316281681Srpaulo } 1317281681Srpaulo }, 1318281681Srpaulo { 1319281681Srpaulo { 1320281681Srpaulo 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 1321281681Srpaulo 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 1322281681Srpaulo 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 1323281681Srpaulo 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 1324281681Srpaulo }, 1325281681Srpaulo 32, 1326281681Srpaulo "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1327281681Srpaulo 56, 1328281681Srpaulo { 1329281681Srpaulo 0x10, 0x4f, 0xdc, 0x12, 0x57, 0x32, 0x8f, 0x08, 1330281681Srpaulo 0x18, 0x4b, 0xa7, 0x31, 0x31, 0xc5, 0x3c, 0xae, 1331281681Srpaulo 0xe6, 0x98, 0xe3, 0x61, 0x19, 0x42, 0x11, 0x49, 1332281681Srpaulo 0xea, 0x8c, 0x71, 0x24, 0x56, 0x69, 0x7d, 0x30 1333281681Srpaulo } 1334281681Srpaulo }, 1335281681Srpaulo { 1336281681Srpaulo { 1337281681Srpaulo 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 1338281681Srpaulo 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 1339281681Srpaulo 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 1340281681Srpaulo 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 1341281681Srpaulo }, 1342281681Srpaulo 32, 1343281681Srpaulo "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" 1344281681Srpaulo "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 1345281681Srpaulo 112, 1346281681Srpaulo { 1347281681Srpaulo 0x47, 0x03, 0x05, 0xfc, 0x7e, 0x40, 0xfe, 0x34, 1348281681Srpaulo 0xd3, 0xee, 0xb3, 0xe7, 0x73, 0xd9, 0x5a, 0xab, 1349281681Srpaulo 0x73, 0xac, 0xf0, 0xfd, 0x06, 0x04, 0x47, 0xa5, 1350281681Srpaulo 0xeb, 0x45, 0x95, 0xbf, 0x33, 0xa9, 0xd1, 0xa3 1351281681Srpaulo } 1352281681Srpaulo }, 1353281681Srpaulo { 1354281681Srpaulo { 1355281681Srpaulo 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 1356281681Srpaulo 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 1357281681Srpaulo 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 1358281681Srpaulo 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b 1359281681Srpaulo }, 1360281681Srpaulo 32, 1361281681Srpaulo "Hi There", 1362281681Srpaulo 8, 1363281681Srpaulo { 1364281681Srpaulo 0x19, 0x8a, 0x60, 0x7e, 0xb4, 0x4b, 0xfb, 0xc6, 1365281681Srpaulo 0x99, 0x03, 0xa0, 0xf1, 0xcf, 0x2b, 0xbd, 0xc5, 1366281681Srpaulo 0xba, 0x0a, 0xa3, 0xf3, 0xd9, 0xae, 0x3c, 0x1c, 1367281681Srpaulo 0x7a, 0x3b, 0x16, 0x96, 0xa0, 0xb6, 0x8c, 0xf7 1368281681Srpaulo } 1369281681Srpaulo }, 1370281681Srpaulo { 1371281681Srpaulo "Jefe", 1372281681Srpaulo 4, 1373281681Srpaulo "what do ya want for nothing?", 1374281681Srpaulo 28, 1375281681Srpaulo { 1376281681Srpaulo 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, 1377281681Srpaulo 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, 1378281681Srpaulo 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, 1379281681Srpaulo 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 1380281681Srpaulo } 1381281681Srpaulo }, 1382281681Srpaulo { 1383281681Srpaulo { 1384281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1385281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1386281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1387281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa 1388281681Srpaulo }, 1389281681Srpaulo 32, 1390281681Srpaulo { 1391281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1392281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1393281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1394281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1395281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1396281681Srpaulo 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 1397281681Srpaulo 0xdd, 0xdd 1398281681Srpaulo }, 1399281681Srpaulo 50, 1400281681Srpaulo { 1401281681Srpaulo 0xcd, 0xcb, 0x12, 0x20, 0xd1, 0xec, 0xcc, 0xea, 1402281681Srpaulo 0x91, 0xe5, 0x3a, 0xba, 0x30, 0x92, 0xf9, 0x62, 1403281681Srpaulo 0xe5, 0x49, 0xfe, 0x6c, 0xe9, 0xed, 0x7f, 0xdc, 1404281681Srpaulo 0x43, 0x19, 0x1f, 0xbd, 0xe4, 0x5c, 0x30, 0xb0 1405281681Srpaulo } 1406281681Srpaulo }, 1407281681Srpaulo { 1408281681Srpaulo { 1409281681Srpaulo 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 1410281681Srpaulo 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 1411281681Srpaulo 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 1412281681Srpaulo 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 1413281681Srpaulo 0x21, 0x22, 0x23, 0x24, 0x25 1414281681Srpaulo }, 1415281681Srpaulo 37, 1416281681Srpaulo { 1417281681Srpaulo 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 1418281681Srpaulo 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 1419281681Srpaulo 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 1420281681Srpaulo 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 1421281681Srpaulo 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 1422281681Srpaulo 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 1423281681Srpaulo 0xcd, 0xcd 1424281681Srpaulo }, 1425281681Srpaulo 50, 1426281681Srpaulo { 1427281681Srpaulo 0xd4, 0x63, 0x3c, 0x17, 0xf6, 0xfb, 0x8d, 0x74, 1428281681Srpaulo 0x4c, 0x66, 0xde, 0xe0, 0xf8, 0xf0, 0x74, 0x55, 1429281681Srpaulo 0x6e, 0xc4, 0xaf, 0x55, 0xef, 0x07, 0x99, 0x85, 1430281681Srpaulo 0x41, 0x46, 0x8e, 0xb4, 0x9b, 0xd2, 0xe9, 0x17 1431281681Srpaulo } 1432281681Srpaulo }, 1433281681Srpaulo { 1434281681Srpaulo { 1435281681Srpaulo 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 1436281681Srpaulo 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 1437281681Srpaulo 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 1438281681Srpaulo 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c 1439281681Srpaulo }, 1440281681Srpaulo 32, 1441281681Srpaulo "Test With Truncation", 1442281681Srpaulo 20, 1443281681Srpaulo { 1444281681Srpaulo 0x75, 0x46, 0xaf, 0x01, 0x84, 0x1f, 0xc0, 0x9b, 1445281681Srpaulo 0x1a, 0xb9, 0xc3, 0x74, 0x9a, 0x5f, 0x1c, 0x17, 1446281681Srpaulo 0xd4, 0xf5, 0x89, 0x66, 0x8a, 0x58, 0x7b, 0x27, 1447281681Srpaulo 0x00, 0xa9, 0xc9, 0x7c, 0x11, 0x93, 0xcf, 0x42 1448281681Srpaulo } 1449281681Srpaulo }, 1450281681Srpaulo { 1451281681Srpaulo { 1452281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1453281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1454281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1455281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1456281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1457281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1458281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1459281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1460281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1461281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa 1462281681Srpaulo }, 1463281681Srpaulo 80, 1464281681Srpaulo "Test Using Larger Than Block-Size Key - Hash Key First", 1465281681Srpaulo 54, 1466281681Srpaulo { 1467281681Srpaulo 0x69, 0x53, 0x02, 0x5e, 0xd9, 0x6f, 0x0c, 0x09, 1468281681Srpaulo 0xf8, 0x0a, 0x96, 0xf7, 0x8e, 0x65, 0x38, 0xdb, 1469281681Srpaulo 0xe2, 0xe7, 0xb8, 0x20, 0xe3, 0xdd, 0x97, 0x0e, 1470281681Srpaulo 0x7d, 0xdd, 0x39, 0x09, 0x1b, 0x32, 0x35, 0x2f 1471281681Srpaulo } 1472281681Srpaulo }, 1473281681Srpaulo { 1474281681Srpaulo { 1475281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1476281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1477281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1478281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1479281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1480281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1481281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1482281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1483281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 1484281681Srpaulo 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa 1485281681Srpaulo }, 1486281681Srpaulo 80, 1487281681Srpaulo "Test Using Larger Than Block-Size Key and Larger Than One " 1488281681Srpaulo "Block-Size Data", 1489281681Srpaulo 73, 1490281681Srpaulo { 1491281681Srpaulo 0x63, 0x55, 0xac, 0x22, 0xe8, 0x90, 0xd0, 0xa3, 1492281681Srpaulo 0xc8, 0x48, 0x1a, 0x5c, 0xa4, 0x82, 0x5b, 0xc8, 1493281681Srpaulo 0x84, 0xd3, 0xe7, 0xa1, 0xff, 0x98, 0xa2, 0xfc, 1494281681Srpaulo 0x2a, 0xc7, 0xd8, 0xe0, 0x64, 0xc3, 0xb2, 0xe6 1495281681Srpaulo } 1496281681Srpaulo } 1497281681Srpaulo}; 1498281681Srpaulo 1499281681Srpaulo 1500281681Srpaulostatic int test_sha256(void) 1501281681Srpaulo{ 1502281681Srpaulo unsigned int i; 1503281681Srpaulo u8 hash[32]; 1504281681Srpaulo const u8 *addr[2]; 1505281681Srpaulo size_t len[2]; 1506281681Srpaulo int errors = 0; 1507337817Scy u8 *key; 1508281681Srpaulo 1509281681Srpaulo for (i = 0; i < ARRAY_SIZE(tests); i++) { 1510281681Srpaulo wpa_printf(MSG_INFO, "SHA256 test case %d:", i + 1); 1511281681Srpaulo 1512281681Srpaulo addr[0] = (u8 *) tests[i].data; 1513281681Srpaulo len[0] = strlen(tests[i].data); 1514281681Srpaulo sha256_vector(1, addr, len, hash); 1515281681Srpaulo if (memcmp(hash, tests[i].hash, 32) != 0) { 1516281681Srpaulo wpa_printf(MSG_INFO, " FAIL"); 1517281681Srpaulo errors++; 1518281681Srpaulo } else 1519281681Srpaulo wpa_printf(MSG_INFO, " OK"); 1520281681Srpaulo 1521281681Srpaulo if (len[0]) { 1522281681Srpaulo addr[0] = (u8 *) tests[i].data; 1523281681Srpaulo len[0] = 1; 1524281681Srpaulo addr[1] = (u8 *) tests[i].data + 1; 1525281681Srpaulo len[1] = strlen(tests[i].data) - 1; 1526281681Srpaulo sha256_vector(2, addr, len, hash); 1527281681Srpaulo if (memcmp(hash, tests[i].hash, 32) != 0) { 1528281681Srpaulo wpa_printf(MSG_INFO, " FAIL"); 1529281681Srpaulo errors++; 1530281681Srpaulo } else 1531281681Srpaulo wpa_printf(MSG_INFO, " OK"); 1532281681Srpaulo } 1533281681Srpaulo } 1534281681Srpaulo 1535281681Srpaulo for (i = 0; i < ARRAY_SIZE(hmac_tests); i++) { 1536289549Srpaulo const struct hmac_test *t = &hmac_tests[i]; 1537281681Srpaulo 1538281681Srpaulo wpa_printf(MSG_INFO, "HMAC-SHA256 test case %d:", i + 1); 1539281681Srpaulo 1540281681Srpaulo if (hmac_sha256(t->key, t->key_len, t->data, t->data_len, 1541281681Srpaulo hash) < 0 || 1542281681Srpaulo os_memcmp(hash, t->hash, 32) != 0) { 1543281681Srpaulo wpa_printf(MSG_INFO, " FAIL"); 1544281681Srpaulo errors++; 1545281681Srpaulo } else 1546281681Srpaulo wpa_printf(MSG_INFO, " OK"); 1547281681Srpaulo 1548281681Srpaulo addr[0] = t->data; 1549281681Srpaulo len[0] = t->data_len; 1550281681Srpaulo if (hmac_sha256_vector(t->key, t->key_len, 1, addr, len, 1551281681Srpaulo hash) < 0 || 1552281681Srpaulo os_memcmp(hash, t->hash, 32) != 0) { 1553281681Srpaulo wpa_printf(MSG_INFO, " FAIL"); 1554281681Srpaulo errors++; 1555281681Srpaulo } else 1556281681Srpaulo wpa_printf(MSG_INFO, " OK"); 1557281681Srpaulo 1558281681Srpaulo if (len[0]) { 1559281681Srpaulo addr[0] = t->data; 1560281681Srpaulo len[0] = 1; 1561281681Srpaulo addr[1] = t->data + 1; 1562281681Srpaulo len[1] = t->data_len - 1; 1563281681Srpaulo if (hmac_sha256_vector(t->key, t->key_len, 2, addr, len, 1564281681Srpaulo hash) < 0 || 1565281681Srpaulo os_memcmp(hash, t->hash, 32) != 0) { 1566281681Srpaulo wpa_printf(MSG_INFO, " FAIL"); 1567281681Srpaulo errors++; 1568281681Srpaulo } else 1569281681Srpaulo wpa_printf(MSG_INFO, " OK"); 1570281681Srpaulo } 1571281681Srpaulo } 1572281681Srpaulo 1573281681Srpaulo wpa_printf(MSG_INFO, "Test IEEE 802.11r KDF"); 1574281681Srpaulo sha256_prf((u8 *) "abc", 3, "KDF test", (u8 *) "data", 4, 1575281681Srpaulo hash, sizeof(hash)); 1576281681Srpaulo /* TODO: add proper test case for this */ 1577281681Srpaulo 1578337817Scy key = os_malloc(8161); 1579337817Scy if (key) { 1580337817Scy#ifdef CONFIG_HMAC_SHA256_KDF 1581337817Scy int res; 1582337817Scy 1583337817Scy res = hmac_sha256_kdf((u8 *) "secret", 6, "label", 1584337817Scy (u8 *) "seed", 4, key, 8160); 1585337817Scy if (res) { 1586337817Scy wpa_printf(MSG_INFO, 1587337817Scy "Unexpected hmac_sha256_kdf(outlen=8160) failure"); 1588337817Scy errors++; 1589337817Scy } 1590337817Scy 1591337817Scy res = hmac_sha256_kdf((u8 *) "secret", 6, "label", 1592337817Scy (u8 *) "seed", 4, key, 8161); 1593337817Scy if (res == 0) { 1594337817Scy wpa_printf(MSG_INFO, 1595337817Scy "Unexpected hmac_sha256_kdf(outlen=8161) success"); 1596337817Scy errors++; 1597337817Scy } 1598337817Scy#endif /* CONFIG_HMAC_SHA256_KDF */ 1599337817Scy 1600337817Scy os_free(key); 1601337817Scy } 1602337817Scy 1603281681Srpaulo if (!errors) 1604281681Srpaulo wpa_printf(MSG_INFO, "SHA256 test cases passed"); 1605281681Srpaulo return errors; 1606281681Srpaulo} 1607281681Srpaulo 1608281681Srpaulo 1609337817Scystatic int test_fips186_2_prf(void) 1610337817Scy{ 1611337817Scy /* http://csrc.nist.gov/encryption/dss/Examples-1024bit.pdf */ 1612337817Scy u8 xkey[] = { 1613337817Scy 0xbd, 0x02, 0x9b, 0xbe, 0x7f, 0x51, 0x96, 0x0b, 1614337817Scy 0xcf, 0x9e, 0xdb, 0x2b, 0x61, 0xf0, 0x6f, 0x0f, 1615337817Scy 0xeb, 0x5a, 0x38, 0xb6 1616337817Scy }; 1617337817Scy u8 w[] = { 1618337817Scy 0x20, 0x70, 0xb3, 0x22, 0x3d, 0xba, 0x37, 0x2f, 1619337817Scy 0xde, 0x1c, 0x0f, 0xfc, 0x7b, 0x2e, 0x3b, 0x49, 1620337817Scy 0x8b, 0x26, 0x06, 0x14, 0x3c, 0x6c, 0x18, 0xba, 1621337817Scy 0xcb, 0x0f, 0x6c, 0x55, 0xba, 0xbb, 0x13, 0x78, 1622337817Scy 0x8e, 0x20, 0xd7, 0x37, 0xa3, 0x27, 0x51, 0x16 1623337817Scy }; 1624337817Scy u8 buf[40]; 1625337817Scy 1626337817Scy wpa_printf(MSG_INFO, 1627337817Scy "Testing EAP-SIM PRF (FIPS 186-2 + change notice 1)"); 1628337817Scy if (fips186_2_prf(xkey, sizeof(xkey), buf, sizeof(buf)) < 0 || 1629337817Scy os_memcmp(w, buf, sizeof(w)) != 0) { 1630337817Scy wpa_printf(MSG_INFO, "fips186_2_prf failed"); 1631337817Scy return 1; 1632337817Scy } 1633337817Scy 1634337817Scy return 0; 1635337817Scy} 1636337817Scy 1637337817Scy 1638281681Srpaulostatic int test_ms_funcs(void) 1639281681Srpaulo{ 1640289549Srpaulo#ifndef CONFIG_FIPS 1641281681Srpaulo /* Test vector from RFC2759 example */ 1642281681Srpaulo char *username = "User"; 1643281681Srpaulo char *password = "clientPass"; 1644281681Srpaulo u8 auth_challenge[] = { 1645281681Srpaulo 0x5B, 0x5D, 0x7C, 0x7D, 0x7B, 0x3F, 0x2F, 0x3E, 1646281681Srpaulo 0x3C, 0x2C, 0x60, 0x21, 0x32, 0x26, 0x26, 0x28 1647281681Srpaulo }; 1648281681Srpaulo u8 peer_challenge[] = { 1649281681Srpaulo 0x21, 0x40, 0x23, 0x24, 0x25, 0x5E, 0x26, 0x2A, 1650281681Srpaulo 0x28, 0x29, 0x5F, 0x2B, 0x3A, 0x33, 0x7C, 0x7E 1651281681Srpaulo }; 1652281681Srpaulo u8 password_hash[] = { 1653281681Srpaulo 0x44, 0xEB, 0xBA, 0x8D, 0x53, 0x12, 0xB8, 0xD6, 1654281681Srpaulo 0x11, 0x47, 0x44, 0x11, 0xF5, 0x69, 0x89, 0xAE 1655281681Srpaulo }; 1656281681Srpaulo u8 nt_response[] = { 1657281681Srpaulo 0x82, 0x30, 0x9E, 0xCD, 0x8D, 0x70, 0x8B, 0x5E, 1658281681Srpaulo 0xA0, 0x8F, 0xAA, 0x39, 0x81, 0xCD, 0x83, 0x54, 1659281681Srpaulo 0x42, 0x33, 0x11, 0x4A, 0x3D, 0x85, 0xD6, 0xDF 1660281681Srpaulo }; 1661281681Srpaulo u8 password_hash_hash[] = { 1662281681Srpaulo 0x41, 0xC0, 0x0C, 0x58, 0x4B, 0xD2, 0xD9, 0x1C, 1663281681Srpaulo 0x40, 0x17, 0xA2, 0xA1, 0x2F, 0xA5, 0x9F, 0x3F 1664281681Srpaulo }; 1665281681Srpaulo u8 authenticator_response[] = { 1666281681Srpaulo 0x40, 0x7A, 0x55, 0x89, 0x11, 0x5F, 0xD0, 0xD6, 1667281681Srpaulo 0x20, 0x9F, 0x51, 0x0F, 0xE9, 0xC0, 0x45, 0x66, 1668281681Srpaulo 0x93, 0x2C, 0xDA, 0x56 1669281681Srpaulo }; 1670281681Srpaulo u8 master_key[] = { 1671281681Srpaulo 0xFD, 0xEC, 0xE3, 0x71, 0x7A, 0x8C, 0x83, 0x8C, 1672281681Srpaulo 0xB3, 0x88, 0xE5, 0x27, 0xAE, 0x3C, 0xDD, 0x31 1673281681Srpaulo }; 1674281681Srpaulo u8 send_start_key[] = { 1675281681Srpaulo 0x8B, 0x7C, 0xDC, 0x14, 0x9B, 0x99, 0x3A, 0x1B, 1676281681Srpaulo 0xA1, 0x18, 0xCB, 0x15, 0x3F, 0x56, 0xDC, 0xCB 1677281681Srpaulo }; 1678281681Srpaulo u8 buf[32]; 1679281681Srpaulo int errors = 0; 1680281681Srpaulo 1681281681Srpaulo if (nt_password_hash((u8 *) password, os_strlen(password), buf) || 1682281681Srpaulo os_memcmp(password_hash, buf, sizeof(password_hash)) != 0) { 1683281681Srpaulo wpa_printf(MSG_ERROR, "nt_password_hash failed"); 1684281681Srpaulo errors++; 1685281681Srpaulo } 1686281681Srpaulo 1687281681Srpaulo if (generate_nt_response(auth_challenge, peer_challenge, 1688281681Srpaulo (u8 *) username, os_strlen(username), 1689281681Srpaulo (u8 *) password, os_strlen(password), buf) || 1690281681Srpaulo os_memcmp(nt_response, buf, sizeof(nt_response)) != 0) { 1691281681Srpaulo wpa_printf(MSG_ERROR, "generate_nt_response failed"); 1692281681Srpaulo errors++; 1693281681Srpaulo } 1694281681Srpaulo 1695281681Srpaulo if (hash_nt_password_hash(password_hash, buf) || 1696281681Srpaulo os_memcmp(password_hash_hash, buf, 1697281681Srpaulo sizeof(password_hash_hash)) != 0) { 1698281681Srpaulo wpa_printf(MSG_ERROR, "hash_nt_password_hash failed"); 1699281681Srpaulo errors++; 1700281681Srpaulo } 1701281681Srpaulo 1702281681Srpaulo if (generate_authenticator_response((u8 *) password, 1703281681Srpaulo os_strlen(password), 1704281681Srpaulo peer_challenge, auth_challenge, 1705281681Srpaulo (u8 *) username, 1706281681Srpaulo os_strlen(username), 1707281681Srpaulo nt_response, buf) || 1708281681Srpaulo os_memcmp(authenticator_response, buf, 1709281681Srpaulo sizeof(authenticator_response)) != 0) { 1710281681Srpaulo wpa_printf(MSG_ERROR, "generate_authenticator_response failed"); 1711281681Srpaulo errors++; 1712281681Srpaulo } 1713281681Srpaulo 1714281681Srpaulo if (get_master_key(password_hash_hash, nt_response, buf) || 1715281681Srpaulo os_memcmp(master_key, buf, sizeof(master_key)) != 0) { 1716281681Srpaulo wpa_printf(MSG_ERROR, "get_master_key failed"); 1717281681Srpaulo errors++; 1718281681Srpaulo } 1719281681Srpaulo 1720281681Srpaulo if (get_asymetric_start_key(master_key, buf, sizeof(send_start_key), 1721281681Srpaulo 1, 1) || 1722281681Srpaulo os_memcmp(send_start_key, buf, sizeof(send_start_key)) != 0) { 1723281681Srpaulo wpa_printf(MSG_ERROR, "get_asymetric_start_key failed"); 1724281681Srpaulo errors++; 1725281681Srpaulo } 1726281681Srpaulo 1727281681Srpaulo if (errors) 1728281681Srpaulo wpa_printf(MSG_ERROR, "ms_funcs: %d errors", errors); 1729281681Srpaulo else 1730281681Srpaulo wpa_printf(MSG_INFO, "ms_funcs test cases passed"); 1731281681Srpaulo 1732281681Srpaulo return errors; 1733289549Srpaulo#else /* CONFIG_FIPS */ 1734289549Srpaulo wpa_printf(MSG_INFO, "ms_funcs test cases skipped due to CONFIG_FIPS"); 1735289549Srpaulo return 0; 1736289549Srpaulo#endif /* CONFIG_FIPS */ 1737281681Srpaulo} 1738281681Srpaulo 1739281681Srpaulo 1740281681Srpauloint crypto_module_tests(void) 1741281681Srpaulo{ 1742281681Srpaulo int ret = 0; 1743281681Srpaulo 1744281681Srpaulo wpa_printf(MSG_INFO, "crypto module tests"); 1745281681Srpaulo if (test_siv() || 1746281681Srpaulo test_omac1() || 1747281681Srpaulo test_eax() || 1748281681Srpaulo test_cbc() || 1749281681Srpaulo test_ecb() || 1750281681Srpaulo test_key_wrap() || 1751281681Srpaulo test_md5() || 1752281681Srpaulo test_sha1() || 1753281681Srpaulo test_sha256() || 1754337817Scy test_fips186_2_prf() || 1755281681Srpaulo test_ms_funcs()) 1756281681Srpaulo ret = -1; 1757281681Srpaulo 1758281681Srpaulo return ret; 1759281681Srpaulo} 1760