1/* aeswrap.c - AESWRAP mode regression tests 2 * Copyright (C) 2009 Free Software Foundation, Inc. 3 * 4 * This file is part of Libgcrypt. 5 * 6 * Libgcrypt is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU Lesser General Public License as 8 * published by the Free Software Foundation; either version 2.1 of 9 * the License, or (at your option) any later version. 10 * 11 * Libgcrypt is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this program; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 19 */ 20 21#ifdef HAVE_CONFIG_H 22#include <config.h> 23#endif 24#include <stdio.h> 25#include <stdlib.h> 26#include <string.h> 27#include <stdarg.h> 28 29#include "../src/gcrypt.h" 30 31static int verbose; 32static int error_count; 33 34static void 35fail (const char *format, ...) 36{ 37 va_list arg_ptr; 38 39 va_start (arg_ptr, format); 40 vfprintf (stderr, format, arg_ptr); 41 va_end (arg_ptr); 42 error_count++; 43} 44 45static void 46die (const char *format, ...) 47{ 48 va_list arg_ptr; 49 50 va_start (arg_ptr, format); 51 vfprintf (stderr, format, arg_ptr); 52 va_end (arg_ptr); 53 exit (1); 54} 55 56 57 58static void 59check (int algo, 60 const void *kek, size_t keklen, 61 const void *data, size_t datalen, 62 const void *expected, size_t expectedlen) 63{ 64 gcry_error_t err; 65 gcry_cipher_hd_t hd; 66 unsigned char outbuf[32+8]; 67 size_t outbuflen; 68 69 err = gcry_cipher_open (&hd, algo, GCRY_CIPHER_MODE_AESWRAP, 0); 70 if (err) 71 { 72 fail ("gcry_cipher_open failed: %s\n", gpg_strerror (err)); 73 return; 74 } 75 76 err = gcry_cipher_setkey (hd, kek, keklen); 77 if (err) 78 { 79 fail ("gcry_cipher_setkey failed: %s\n", gpg_strerror (err)); 80 return; 81 } 82 83 outbuflen = datalen + 8; 84 if (outbuflen > sizeof outbuf) 85 err = gpg_error (GPG_ERR_INTERNAL); 86 else 87 err = gcry_cipher_encrypt (hd, outbuf, outbuflen, data, datalen); 88 if (err) 89 { 90 fail ("gcry_cipher_encrypt failed: %s\n", gpg_strerror (err)); 91 return; 92 } 93 94 if (outbuflen != expectedlen || memcmp (outbuf, expected, expectedlen)) 95 { 96 const unsigned char *s; 97 int i; 98 99 fail ("mismatch at encryption!\n"); 100 fprintf (stderr, "computed: "); 101 for (i = 0; i < outbuflen; i++) 102 fprintf (stderr, "%02x ", outbuf[i]); 103 fprintf (stderr, "\nexpected: "); 104 for (s = expected, i = 0; i < expectedlen; s++, i++) 105 fprintf (stderr, "%02x ", *s); 106 putc ('\n', stderr); 107 } 108 109 110 outbuflen = expectedlen - 8; 111 if (outbuflen > sizeof outbuf) 112 err = gpg_error (GPG_ERR_INTERNAL); 113 else 114 err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen); 115 if (err) 116 { 117 fail ("gcry_cipher_decrypt failed: %s\n", gpg_strerror (err)); 118 return; 119 } 120 121 if (outbuflen != datalen || memcmp (outbuf, data, datalen)) 122 { 123 const unsigned char *s; 124 int i; 125 126 fail ("mismatch at decryption!\n"); 127 fprintf (stderr, "computed: "); 128 for (i = 0; i < outbuflen; i++) 129 fprintf (stderr, "%02x ", outbuf[i]); 130 fprintf (stderr, "\nexpected: "); 131 for (s = data, i = 0; i < datalen; s++, i++) 132 fprintf (stderr, "%02x ", *s); 133 putc ('\n', stderr); 134 } 135 136 /* Now the last step again with a key reset. */ 137 gcry_cipher_reset (hd); 138 139 outbuflen = expectedlen - 8; 140 if (outbuflen > sizeof outbuf) 141 err = gpg_error (GPG_ERR_INTERNAL); 142 else 143 err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen); 144 if (err) 145 { 146 fail ("gcry_cipher_decrypt(2) failed: %s\n", gpg_strerror (err)); 147 return; 148 } 149 150 if (outbuflen != datalen || memcmp (outbuf, data, datalen)) 151 fail ("mismatch at decryption(2)!\n"); 152 153 /* And once ore without a key reset. */ 154 outbuflen = expectedlen - 8; 155 if (outbuflen > sizeof outbuf) 156 err = gpg_error (GPG_ERR_INTERNAL); 157 else 158 err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen); 159 if (err) 160 { 161 fail ("gcry_cipher_decrypt(3) failed: %s\n", gpg_strerror (err)); 162 return; 163 } 164 165 if (outbuflen != datalen || memcmp (outbuf, data, datalen)) 166 fail ("mismatch at decryption(3)!\n"); 167 168 gcry_cipher_close (hd); 169} 170 171 172static void 173check_all (void) 174{ 175 if (verbose) 176 fprintf (stderr, "4.1 Wrap 128 bits of Key Data with a 128-bit KEK\n"); 177 check 178 (GCRY_CIPHER_AES128, 179 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", 16, 180 "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16, 181 "\x1F\xA6\x8B\x0A\x81\x12\xB4\x47\xAE\xF3\x4B\xD8\xFB\x5A\x7B\x82" 182 "\x9D\x3E\x86\x23\x71\xD2\xCF\xE5", 24); 183 184 if (verbose) 185 fprintf (stderr, "4.2 Wrap 128 bits of Key Data with a 192-bit KEK\n"); 186 check 187 (GCRY_CIPHER_AES192, 188 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" 189 "\x10\x11\x12\x13\x14\x15\x16\x17", 24, 190 "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16, 191 "\x96\x77\x8B\x25\xAE\x6C\xA4\x35\xF9\x2B\x5B\x97\xC0\x50\xAE\xD2" 192 "\x46\x8A\xB8\xA1\x7A\xD8\x4E\x5D", 24); 193 194 if (verbose) 195 fprintf (stderr, "4.3 Wrap 128 bits of Key Data with a 256-bit KEK\n"); 196 check 197 (GCRY_CIPHER_AES256, 198 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" 199 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32, 200 "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16, 201 "\x64\xE8\xC3\xF9\xCE\x0F\x5B\xA2\x63\xE9\x77\x79\x05\x81\x8A\x2A" 202 "\x93\xC8\x19\x1E\x7D\x6E\x8A\xE7", 24); 203 204 if (verbose) 205 fprintf (stderr, "4.4 Wrap 192 bits of Key Data with a 192-bit KEK\n"); 206 check 207 (GCRY_CIPHER_AES192, 208 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" 209 "\x10\x11\x12\x13\x14\x15\x16\x17", 24, 210 "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" 211 "\x00\x01\x02\x03\x04\x05\x06\x07", 24, 212 "\x03\x1D\x33\x26\x4E\x15\xD3\x32\x68\xF2\x4E\xC2\x60\x74\x3E\xDC" 213 "\xE1\xC6\xC7\xDD\xEE\x72\x5A\x93\x6B\xA8\x14\x91\x5C\x67\x62\xD2", 32); 214 215 if (verbose) 216 fprintf (stderr, "4.5 Wrap 192 bits of Key Data with a 256-bit KEK\n"); 217 check 218 (GCRY_CIPHER_AES256, 219 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" 220 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32, 221 "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" 222 "\x00\x01\x02\x03\x04\x05\x06\x07", 24, 223 "\xA8\xF9\xBC\x16\x12\xC6\x8B\x3F\xF6\xE6\xF4\xFB\xE3\x0E\x71\xE4" 224 "\x76\x9C\x8B\x80\xA3\x2C\xB8\x95\x8C\xD5\xD1\x7D\x6B\x25\x4D\xA1", 32); 225 226 if (verbose) 227 fprintf (stderr, "4.6 Wrap 256 bits of Key Data with a 256-bit KEK\n"); 228 check 229 (GCRY_CIPHER_AES, 230 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" 231 "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32, 232 "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" 233 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", 32, 234 "\x28\xC9\xF4\x04\xC4\xB8\x10\xF4\xCB\xCC\xB3\x5C\xFB\x87\xF8\x26" 235 "\x3F\x57\x86\xE2\xD8\x0E\xD3\x26\xCB\xC7\xF0\xE7\x1A\x99\xF4\x3B" 236 "\xFB\x98\x8B\x9B\x7A\x02\xDD\x21", 40); 237} 238 239int 240main (int argc, char **argv) 241{ 242 int debug = 0; 243 244 if (argc > 1 && !strcmp (argv[1], "--verbose")) 245 verbose = 1; 246 else if (argc > 1 && !strcmp (argv[1], "--debug")) 247 verbose = debug = 1; 248 249 if (!gcry_check_version (GCRYPT_VERSION)) 250 die ("version mismatch\n"); 251 252 gcry_control (GCRYCTL_DISABLE_SECMEM, 0); 253 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); 254 if (debug) 255 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0); 256 check_all (); 257 258 return error_count ? 1 : 0; 259} 260