3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
32 #include "performance_test.h"
35 #include "bcal_aes128.h"
36 #include "bcal_aes192.h"
37 #include "bcal_aes256.h"
39 #include "bcal-cfb_byte.h"
40 #include "bcal-cfb_bit.h"
43 #include "bcal-cmac.h"
46 #include "bcal-performance.h"
47 #include "bcal-nessie.h"
52 #include <avr/pgmspace.h>
54 const char* algo_name = "AES";
56 const bcdesc_t* const const algolist[] PROGMEM = {
57 (bcdesc_t*)&aes128_desc,
58 (bcdesc_t*)&aes192_desc,
59 (bcdesc_t*)&aes256_desc,
63 /*****************************************************************************
64 * additional validation-functions *
65 *****************************************************************************/
67 void testrun_nessie_aes(void){
68 bcal_nessie_multiple(algolist);
71 void testrun_test_aes(void){
72 uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
73 0x28, 0xae, 0xd2, 0xa6,
74 0xab, 0xf7, 0x15, 0x88,
75 0x09, 0xcf, 0x4f, 0x3c };
76 uint8_t data[16] = { 0x32, 0x43, 0xf6, 0xa8,
77 0x88, 0x5a, 0x30, 0x8d,
78 0x31, 0x31, 0x98, 0xa2,
79 0xe0, 0x37, 0x07, 0x34 };
81 aes128_init(key, &ctx);
82 cli_putstr_P(PSTR("\r\n\r\n cipher test (FIPS 197):\r\n key: "));
84 cli_putstr_P(PSTR("\r\n plaintext: "));
85 cli_hexdump(data, 16);
86 aes128_enc(data, &ctx);
87 cli_putstr_P(PSTR("\r\n ciphertext: "));
88 cli_hexdump(data, 16);
89 aes128_dec(data, &ctx);
90 cli_putstr_P(PSTR("\r\n plaintext: "));
91 cli_hexdump(data, 16);
92 cli_putstr(PSTR("\r\n testing bcal:"));
95 r = bcal_cipher_init(&aes128_desc, key, 128, &bcal_ctx);
96 cli_putstr_P(PSTR("\r\n init = 0x"));
99 bcal_cipher_enc(data, &bcal_ctx);
100 cli_putstr_P(PSTR("\r\n ciphertext: "));
101 cli_hexdump(data, 16);
102 bcal_cipher_dec(data, &bcal_ctx);
103 cli_putstr_P(PSTR("\r\n plaintext: "));
104 cli_hexdump(data, 16);
105 bcal_cipher_free(&bcal_ctx);
108 void testrun_testkey_aes128(void){
109 uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
110 0x28, 0xae, 0xd2, 0xa6,
111 0xab, 0xf7, 0x15, 0x88,
112 0x09, 0xcf, 0x4f, 0x3c};
115 aes128_init(key, &ctx);
116 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
117 cli_hexdump(key, 16);
119 cli_putstr_P(PSTR("\r\n index: "));
122 cli_putstr_P(PSTR(" roundkey "));
123 cli_hexdump(ctx.key[i].ks, 16);
127 void testrun_testkey_aes192(void){
128 uint8_t key[24] = { 0x8e, 0x73, 0xb0, 0xf7,
129 0xda, 0x0e, 0x64, 0x52,
130 0xc8, 0x10, 0xf3, 0x2b,
131 0x80, 0x90, 0x79, 0xe5,
132 0x62, 0xf8, 0xea, 0xd2,
133 0x52, 0x2c, 0x6b, 0x7b};
136 memset(&ctx, 0, sizeof(aes192_ctx_t));
137 aes192_init(key, &ctx);
138 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
139 cli_hexdump(key, 24);
141 cli_putstr_P(PSTR("\r\n index: "));
144 cli_putstr_P(PSTR(" roundkey "));
145 cli_hexdump(ctx.key[i].ks, 16);
150 void testrun_testkey_aes256(void){
151 uint8_t key[32] = { 0x60, 0x3d, 0xeb, 0x10,
152 0x15, 0xca, 0x71, 0xbe,
153 0x2b, 0x73, 0xae, 0xf0,
154 0x85, 0x7d, 0x77, 0x81,
155 0x1f, 0x35, 0x2c, 0x07,
156 0x3b, 0x61, 0x08, 0xd7,
157 0x2d, 0x98, 0x10, 0xa3,
158 0x09, 0x14, 0xdf, 0xf4};
161 memset(&ctx, 0, sizeof(aes256_ctx_t));
162 aes256_init(key, &ctx);
163 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
164 cli_hexdump(key, 32);
166 cli_putstr_P(PSTR("\r\n index: "));
169 cli_putstr_P(PSTR(" roundkey "));
170 cli_hexdump(ctx.key[i].ks, 16);
174 void testrun_testkey_aes(void){
175 testrun_testkey_aes128();
176 testrun_testkey_aes192();
177 testrun_testkey_aes256();
180 const uint8_t modes_key[] PROGMEM = {
181 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
182 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
183 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
184 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
186 const uint8_t modes_iv[] PROGMEM = {
187 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
188 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
191 const uint8_t modes_ctriv[] PROGMEM = {
192 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
193 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
196 const uint8_t modes_plain[] PROGMEM = {
197 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
198 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
200 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
201 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
203 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
204 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
206 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
207 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
211 void testrun_aes128_cbc(void){
219 memcpy_P(key, modes_key, 16);
220 memcpy_P(iv, modes_iv, 16);
221 memcpy_P(plain, modes_plain, 64);
223 cli_putstr_P(PSTR("\r\n** AES128-CBC-TEST **"));
224 r = bcal_cbc_init(&aes128_desc, key, 128, &ctx);
225 cli_putstr_P(PSTR("\r\n init = 0x"));
227 cli_putstr_P(PSTR("\r\n key: "));
228 cli_hexdump(key, 128/8);
229 cli_putstr_P(PSTR("\r\n IV: "));
230 cli_hexdump(iv, 128/8);
231 cli_putstr_P(PSTR("\r\n plaintext:"));
232 cli_hexdump_block(plain, 4*128/8, 4, 16);
235 bcal_cbc_encMsg(iv, plain, 4, &ctx);
236 cli_putstr_P(PSTR("\r\n ciphertext: "));
237 cli_hexdump_block(plain, 4*128/8, 4, 16);
238 bcal_cbc_decMsg(iv, plain, 4, &ctx);
239 cli_putstr_P(PSTR("\r\n plaintext: "));
240 cli_hexdump_block(plain, 4*128/8, 4, 16);
244 void testrun_aes128_cfb8(void){
249 bcal_cfb_B_ctx_t ctx;
252 memcpy_P(key, modes_key, 16);
253 memcpy_P(iv, modes_iv, 16);
254 memcpy_P(plain, modes_plain, 64);
256 cli_putstr_P(PSTR("\r\n** AES128-CFB8-TEST **"));
257 r = bcal_cfb_B_init(&aes128_desc, key, 128, 8, &ctx);
258 cli_putstr_P(PSTR("\r\n init = 0x"));
260 cli_putstr_P(PSTR("\r\n key: "));
261 cli_hexdump(key, 128/8);
262 cli_putstr_P(PSTR("\r\n IV: "));
263 cli_hexdump(iv, 128/8);
264 cli_putstr_P(PSTR("\r\n plaintext:"));
265 cli_hexdump_block(plain, 4*128/8, 4, 16);
268 bcal_cfb_B_encMsg(iv, plain, 64, &ctx);
269 cli_putstr_P(PSTR("\r\n ciphertext: "));
270 cli_hexdump_block(plain, 64, 4, 16);
272 bcal_cfb_B_decMsg(iv, plain, 64, &ctx);
273 cli_putstr_P(PSTR("\r\n plaintext: "));
274 cli_hexdump_block(plain, 64, 4, 16);
276 bcal_cfb_B_free(&ctx);
280 void testrun_aes128_cfb1(void){
285 bcal_cfb_b_ctx_t ctx;
288 memcpy_P(key, modes_key, 16);
289 memcpy_P(iv, modes_iv, 16);
290 memcpy_P(plain, modes_plain, 64);
292 cli_putstr_P(PSTR("\r\n** AES128-CFB1-TEST **"));
293 r = bcal_cfb_b_init(&aes128_desc, key, 128, 1, &ctx);
294 cli_putstr_P(PSTR("\r\n init = 0x"));
296 cli_putstr_P(PSTR("\r\n key: "));
297 cli_hexdump(key, 128/8);
298 cli_putstr_P(PSTR("\r\n IV: "));
299 cli_hexdump(iv, 128/8);
300 cli_putstr_P(PSTR("\r\n plaintext:"));
301 cli_hexdump_block(plain, 2, 4, 16);
304 uint8_t i, bit_offset, byte_offset;
305 bcal_cfb_b_loadIV(iv, &ctx);
309 cli_putstr_P(PSTR("\r\n plain bit: "));
310 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
311 bcal_cfb_b_encNext(plain+byte_offset, bit_offset, &ctx);
312 cli_putstr_P(PSTR("\r\n cipher bit: "));
313 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
315 cli_putstr_P(PSTR("\r\n ciphertext: "));
316 cli_hexdump_block(plain, 2, 4, 16);
318 bcal_cfb_b_loadIV(iv, &ctx);
322 cli_putstr_P(PSTR("\r\n plain bit: "));
323 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
324 bcal_cfb_b_decNext(plain+byte_offset, bit_offset, &ctx);
325 cli_putstr_P(PSTR("\r\n cipher bit: "));
326 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
328 cli_putstr_P(PSTR("\r\n plaintext: "));
329 cli_hexdump_block(plain, 2, 4, 16);
332 bcal_cfb_b_encMsg(iv, plain, 0, 64*8, &ctx);
333 cli_putstr_P(PSTR("\r\n ciphertext: "));
334 cli_hexdump_block(plain, 64, 4, 16);
336 bcal_cfb_b_decMsg(iv, plain, 0, 64*8, &ctx);
337 cli_putstr_P(PSTR("\r\n plaintext: "));
338 cli_hexdump_block(plain, 64, 4, 16);
340 bcal_cfb_b_free(&ctx);
343 void testrun_aes128_ofb(void){
351 memcpy_P(key, modes_key, 16);
352 memcpy_P(iv, modes_iv, 16);
353 memcpy_P(plain, modes_plain, 64);
355 cli_putstr_P(PSTR("\r\n** AES128-OFB-TEST **"));
356 r = bcal_ofb_init(&aes128_desc, key, 128, &ctx);
357 cli_putstr_P(PSTR("\r\n init = 0x"));
359 cli_putstr_P(PSTR("\r\n key: "));
360 cli_hexdump(key, 128/8);
361 cli_putstr_P(PSTR("\r\n IV: "));
362 cli_hexdump(iv, 128/8);
363 cli_putstr_P(PSTR("\r\n plaintext:"));
364 cli_hexdump_block(plain, 4*128/8, 4, 16);
367 bcal_ofb_encMsg(iv, plain, 4*128, &ctx);
368 cli_putstr_P(PSTR("\r\n ciphertext: "));
369 cli_hexdump_block(plain, 4*128/8, 4, 16);
370 bcal_ofb_decMsg(iv, plain, 4*128, &ctx);
371 cli_putstr_P(PSTR("\r\n plaintext: "));
372 cli_hexdump_block(plain, 4*128/8, 4, 16);
376 void testrun_aes128_ctr(void){
384 memcpy_P(key, modes_key, 16);
385 memcpy_P(iv, modes_ctriv, 16);
386 memcpy_P(plain, modes_plain, 64);
388 cli_putstr_P(PSTR("\r\n** AES128-CTR-TEST **"));
389 r = bcal_ctr_init(&aes128_desc, key, 128, NULL, &ctx);
390 cli_putstr_P(PSTR("\r\n init = 0x"));
392 cli_putstr_P(PSTR("\r\n key: "));
393 cli_hexdump(key, 128/8);
394 cli_putstr_P(PSTR("\r\n IV: "));
395 cli_hexdump(iv, 128/8);
396 cli_putstr_P(PSTR("\r\n plaintext:"));
397 cli_hexdump_block(plain, 4*128/8, 4, 16);
400 bcal_ctr_encMsg(iv, plain, 4*128, &ctx);
401 cli_putstr_P(PSTR("\r\n ciphertext: "));
402 cli_hexdump_block(plain, 4*128/8, 4, 16);
403 bcal_ctr_decMsg(iv, plain, 4*128, &ctx);
404 cli_putstr_P(PSTR("\r\n plaintext: "));
405 cli_hexdump_block(plain, 4*128/8, 4, 16);
409 void testrun_aes128_cmac(void){
413 uint16_t length[] = { 0, 128, 320, 512 };
417 memcpy_P(key, modes_key, 16);
418 memcpy_P(plain, modes_plain, 64);
420 cli_putstr_P(PSTR("\r\n** AES128-CMAC-TEST **"));
422 cli_putstr_P(PSTR("\r\n key: "));
423 cli_hexdump(key, 128/8);
425 r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
426 cli_putstr_P(PSTR("\r\n init = 0x"));
428 cli_putstr_P(PSTR("\r\n message: "));
429 cli_hexdump_block(plain, length[i]/8, 4, 16);
432 bcal_cmac(tag, 128, plain, length[i], &ctx);
433 cli_putstr_P(PSTR("\r\n tag: "));
434 cli_hexdump_block(tag, 128/8, 4, 16);
435 bcal_cmac_free(&ctx);
442 Key = 3250974e306b4b678f914b514d1e90f6
443 Msg = cf132fd4ebc25fd3866f1a95a6193a1a9cdf
445 void testrun_aes128_cmac72(void){
447 0x32, 0x50, 0x97, 0x4e, 0x30, 0x6b, 0x4b, 0x67,
448 0x8f, 0x91, 0x4b, 0x51, 0x4d, 0x1e, 0x90, 0xf6
451 uint8_t plain[18] = {
452 0xcf, 0x13, 0x2f, 0xd4, 0xeb, 0xc2, 0x5f, 0xd3,
453 0x86, 0x6f, 0x1a, 0x95, 0xa6, 0x19, 0x3a, 0x1a,
460 cli_putstr_P(PSTR("\r\n** AES128-CMAC-72-TEST **"));
462 cli_putstr_P(PSTR("\r\n key: "));
463 cli_hexdump(key, 128/8);
464 r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
465 cli_putstr_P(PSTR("\r\n init = 0x"));
467 cli_putstr_P(PSTR("\r\n message: "));
468 cli_hexdump_block(plain, 18, 4, 16);
471 bcal_cmac(tag, 16, plain, 18*8, &ctx);
472 cli_putstr_P(PSTR("\r\n tag: "));
473 cli_hexdump_block(tag, 2, 4, 16);
474 bcal_cmac_free(&ctx);
481 Key = 2b2aaa666be161ed16648e862ac9bd1e317f71bc69e268b5
484 void testrun_aes192_cmac0(void){
486 0x2b, 0x2a, 0xaa, 0x66, 0x6b, 0xe1, 0x61, 0xed,
487 0x16, 0x64, 0x8e, 0x86, 0x2a, 0xc9, 0xbd, 0x1e,
488 0x31, 0x7f, 0x71, 0xbc, 0x69, 0xe2, 0x68, 0xb5
498 cli_putstr_P(PSTR("\r\n** AES192-CMAC-0-TEST **"));
500 cli_putstr_P(PSTR("\r\n key: "));
501 cli_hexdump(key, 192/8);
502 r = bcal_cmac_init(&aes192_desc, key, 192, &ctx);
503 cli_putstr_P(PSTR("\r\n init = 0x"));
507 bcal_cmac(tag, 16, plain, 0*8, &ctx);
508 cli_putstr_P(PSTR("\r\n tag: "));
509 cli_hexdump_block(tag, 2, 4, 16);
510 bcal_cmac_free(&ctx);
513 const uint8_t eax_msg[] PROGMEM = {
515 0x1A, 0x47, 0xCB, 0x49, 0x33,
516 0x48, 0x1C, 0x9E, 0x39, 0xB1,
517 0x40, 0xD0, 0xC0, 0x7D, 0xA5, 0xE4,
518 0x4D, 0xE3, 0xB3, 0x5C, 0x3F, 0xC0, 0x39, 0x24, 0x5B, 0xD1, 0xFB, 0x7D,
519 0x8B, 0x0A, 0x79, 0x30, 0x6C, 0x9C, 0xE7, 0xED, 0x99, 0xDA, 0xE4, 0xF8, 0x7F, 0x8D, 0xD6, 0x16, 0x36,
520 0x1B, 0xDA, 0x12, 0x2B, 0xCE, 0x8A, 0x8D, 0xBA, 0xF1, 0x87, 0x7D, 0x96, 0x2B, 0x85, 0x92, 0xDD, 0x2D, 0x56,
521 0x6C, 0xF3, 0x67, 0x20, 0x87, 0x2B, 0x85, 0x13, 0xF6, 0xEA, 0xB1, 0xA8, 0xA4, 0x44, 0x38, 0xD5, 0xEF, 0x11,
522 0xCA, 0x40, 0xD7, 0x44, 0x6E, 0x54, 0x5F, 0xFA, 0xED, 0x3B, 0xD1, 0x2A, 0x74, 0x0A, 0x65, 0x9F, 0xFB, 0xBB, 0x3C, 0xEA, 0xB7
525 const uint8_t eax_msg_len[] PROGMEM = {0, 2, 5, 5, 6, 12, 17, 18, 18, 21};
527 const uint8_t eax_key[] PROGMEM = {
528 0x23, 0x39, 0x52, 0xDE, 0xE4, 0xD5, 0xED, 0x5F, 0x9B, 0x9C, 0x6D, 0x6F, 0xF8, 0x0F, 0xF4, 0x78,
529 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B, 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4,
530 0x01, 0xF7, 0x4A, 0xD6, 0x40, 0x77, 0xF2, 0xE7, 0x04, 0xC0, 0xF6, 0x0A, 0xDA, 0x3D, 0xD5, 0x23,
531 0xD0, 0x7C, 0xF6, 0xCB, 0xB7, 0xF3, 0x13, 0xBD, 0xDE, 0x66, 0xB7, 0x27, 0xAF, 0xD3, 0xC5, 0xE8,
532 0x35, 0xB6, 0xD0, 0x58, 0x00, 0x05, 0xBB, 0xC1, 0x2B, 0x05, 0x87, 0x12, 0x45, 0x57, 0xD2, 0xC2,
533 0xBD, 0x8E, 0x6E, 0x11, 0x47, 0x5E, 0x60, 0xB2, 0x68, 0x78, 0x4C, 0x38, 0xC6, 0x2F, 0xEB, 0x22,
534 0x7C, 0x77, 0xD6, 0xE8, 0x13, 0xBE, 0xD5, 0xAC, 0x98, 0xBA, 0xA4, 0x17, 0x47, 0x7A, 0x2E, 0x7D,
535 0x5F, 0xFF, 0x20, 0xCA, 0xFA, 0xB1, 0x19, 0xCA, 0x2F, 0xC7, 0x35, 0x49, 0xE2, 0x0F, 0x5B, 0x0D,
536 0xA4, 0xA4, 0x78, 0x2B, 0xCF, 0xFD, 0x3E, 0xC5, 0xE7, 0xEF, 0x6D, 0x8C, 0x34, 0xA5, 0x61, 0x23,
537 0x83, 0x95, 0xFC, 0xF1, 0xE9, 0x5B, 0xEB, 0xD6, 0x97, 0xBD, 0x01, 0x0B, 0xC7, 0x66, 0xAA, 0xC3
540 const uint8_t eax_nonce[] PROGMEM = {
541 0x62, 0xEC, 0x67, 0xF9, 0xC3, 0xA4, 0xA4, 0x07, 0xFC, 0xB2, 0xA8, 0xC4, 0x90, 0x31, 0xA8, 0xB3,
542 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84, 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD,
543 0x70, 0xC3, 0xDB, 0x4F, 0x0D, 0x26, 0x36, 0x84, 0x00, 0xA1, 0x0E, 0xD0, 0x5D, 0x2B, 0xFF, 0x5E,
544 0x84, 0x08, 0xDF, 0xFF, 0x3C, 0x1A, 0x2B, 0x12, 0x92, 0xDC, 0x19, 0x9E, 0x46, 0xB7, 0xD6, 0x17,
545 0xFD, 0xB6, 0xB0, 0x66, 0x76, 0xEE, 0xDC, 0x5C, 0x61, 0xD7, 0x42, 0x76, 0xE1, 0xF8, 0xE8, 0x16,
546 0x6E, 0xAC, 0x5C, 0x93, 0x07, 0x2D, 0x8E, 0x85, 0x13, 0xF7, 0x50, 0x93, 0x5E, 0x46, 0xDA, 0x1B,
547 0x1A, 0x8C, 0x98, 0xDC, 0xD7, 0x3D, 0x38, 0x39, 0x3B, 0x2B, 0xF1, 0x56, 0x9D, 0xEE, 0xFC, 0x19,
548 0xDD, 0xE5, 0x9B, 0x97, 0xD7, 0x22, 0x15, 0x6D, 0x4D, 0x9A, 0xFF, 0x2B, 0xC7, 0x55, 0x98, 0x26,
549 0xB7, 0x81, 0xFC, 0xF2, 0xF7, 0x5F, 0xA5, 0xA8, 0xDE, 0x97, 0xA9, 0xCA, 0x48, 0xE5, 0x22, 0xEC,
550 0x22, 0xE7, 0xAD, 0xD9, 0x3C, 0xFC, 0x63, 0x93, 0xC5, 0x7E, 0xC0, 0xB3, 0xC1, 0x7D, 0x6B, 0x44
553 const uint8_t eax_header[] PROGMEM = {
554 0x6B, 0xFB, 0x91, 0x4F, 0xD0, 0x7E, 0xAE, 0x6B,
555 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA,
556 0x23, 0x4A, 0x34, 0x63, 0xC1, 0x26, 0x4A, 0xC6,
557 0x33, 0xCC, 0xE2, 0xEA, 0xBF, 0xF5, 0xA7, 0x9D,
558 0xAE, 0xB9, 0x6E, 0xAE, 0xBE, 0x29, 0x70, 0xE9,
559 0xD4, 0x48, 0x2D, 0x1C, 0xA7, 0x8D, 0xCE, 0x0F,
560 0x65, 0xD2, 0x01, 0x79, 0x90, 0xD6, 0x25, 0x28,
561 0x54, 0xB9, 0xF0, 0x4E, 0x6A, 0x09, 0x18, 0x9A,
562 0x89, 0x9A, 0x17, 0x58, 0x97, 0x56, 0x1D, 0x7E,
563 0x12, 0x67, 0x35, 0xFC, 0xC3, 0x20, 0xD2, 0x5A
566 const uint8_t eax_cipher[] PROGMEM = {
567 0xE0, 0x37, 0x83, 0x0E, 0x83, 0x89, 0xF2, 0x7B, 0x02, 0x5A, 0x2D, 0x65, 0x27, 0xE7, 0x9D, 0x01,
568 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D, 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79, 0x67, 0xE5,
569 0xD8, 0x51, 0xD5, 0xBA, 0xE0, 0x3A, 0x59, 0xF2, 0x38, 0xA2, 0x3E, 0x39, 0x19, 0x9D, 0xC9, 0x26, 0x66, 0x26, 0xC4, 0x0F, 0x80,
570 0x63, 0x2A, 0x9D, 0x13, 0x1A, 0xD4, 0xC1, 0x68, 0xA4, 0x22, 0x5D, 0x8E, 0x1F, 0xF7, 0x55, 0x93, 0x99, 0x74, 0xA7, 0xBE, 0xDE,
571 0x07, 0x1D, 0xFE, 0x16, 0xC6, 0x75, 0xCB, 0x06, 0x77, 0xE5, 0x36, 0xF7, 0x3A, 0xFE, 0x6A, 0x14, 0xB7, 0x4E, 0xE4, 0x98, 0x44, 0xDD,
572 0x83, 0x5B, 0xB4, 0xF1, 0x5D, 0x74, 0x3E, 0x35, 0x0E, 0x72, 0x84, 0x14, 0xAB, 0xB8, 0x64, 0x4F, 0xD6, 0xCC, 0xB8, 0x69, 0x47, 0xC5, 0xE1, 0x05, 0x90, 0x21, 0x0A, 0x4F,
573 0x02, 0x08, 0x3E, 0x39, 0x79, 0xDA, 0x01, 0x48, 0x12, 0xF5, 0x9F, 0x11, 0xD5, 0x26, 0x30, 0xDA, 0x30, 0x13, 0x73, 0x27, 0xD1, 0x06, 0x49, 0xB0, 0xAA, 0x6E, 0x1C, 0x18, 0x1D, 0xB6, 0x17, 0xD7, 0xF2,
574 0x2E, 0xC4, 0x7B, 0x2C, 0x49, 0x54, 0xA4, 0x89, 0xAF, 0xC7, 0xBA, 0x48, 0x97, 0xED, 0xCD, 0xAE, 0x8C, 0xC3, 0x3B, 0x60, 0x45, 0x05, 0x99, 0xBD, 0x02, 0xC9, 0x63, 0x82, 0x90, 0x2A, 0xEF, 0x7F, 0x83, 0x2A,
575 0x0D, 0xE1, 0x8F, 0xD0, 0xFD, 0xD9, 0x1E, 0x7A, 0xF1, 0x9F, 0x1D, 0x8E, 0xE8, 0x73, 0x39, 0x38, 0xB1, 0xE8, 0xE7, 0xF6, 0xD2, 0x23, 0x16, 0x18, 0x10, 0x2F, 0xDB, 0x7F, 0xE5, 0x5F, 0xF1, 0x99, 0x17, 0x00,
576 0xCB, 0x89, 0x20, 0xF8, 0x7A, 0x6C, 0x75, 0xCF, 0xF3, 0x96, 0x27, 0xB5, 0x6E, 0x3E, 0xD1, 0x97, 0xC5, 0x52, 0xD2, 0x95, 0xA7, 0xCF, 0xC4, 0x6A, 0xFC, 0x25, 0x3B, 0x46, 0x52, 0xB1, 0xAF, 0x37, 0x95, 0xB1, 0x24, 0xAB, 0x6E
579 void testrun_aes128_eax(void){
593 cipher_p = eax_cipher;
595 cli_putstr_P(PSTR("\r\n\r\n** AES128-EAX-TEST #"));
597 cli_putstr_P(PSTR(" **"));
599 msg_len = pgm_read_byte(eax_msg_len+i);
600 memcpy_P(key, eax_key+16*i, 16);
601 memcpy_P(nonce, eax_nonce+16*i, 16);
602 memcpy_P(header, eax_header+8*i, 8);
603 memcpy_P(msg, msg_p, msg_len);
604 msg_p = (uint8_t*)msg_p+msg_len;
606 cli_putstr_P(PSTR("\r\n key: "));
607 cli_hexdump(key, 16);
608 cli_putstr_P(PSTR("\r\n msg: "));
610 cli_hexdump(msg, msg_len);
612 cli_putstr_P(PSTR("\r\n nonce: "));
613 cli_hexdump(nonce, 16);
614 cli_putstr_P(PSTR("\r\n header: "));
615 cli_hexdump(header, 8);
617 r = bcal_eax_init(&aes128_desc, key, 128, &ctx);
618 cli_putstr_P(PSTR("\r\n init = 0x"));
622 bcal_eax_loadNonce(nonce, 16*8, &ctx);
623 bcal_eax_addLastHeader(header, 8*8, &ctx);
624 bcal_eax_encLastBlock(msg, msg_len*8, &ctx);
625 bcal_eax_ctx2tag(tag, 128, &ctx);
627 cli_putstr_P(PSTR("\r\n cipher: "));
628 cli_hexdump_block(msg, msg_len, 4, 16);
630 cli_putstr_P(PSTR("\r\n tag: "));
631 cli_hexdump_block(tag, 16, 4, 16);
633 if(memcmp_P(msg, cipher_p, msg_len)){
634 cli_putstr_P(PSTR("\r\n cipher: [fail]\r\n should: "));
635 memcpy_P(msg, cipher_p, msg_len);
636 cli_hexdump_block(msg, msg_len, 4, 16);
638 cli_putstr_P(PSTR("\r\n cipher: [pass]"));
640 cipher_p = ((uint8_t*)cipher_p)+msg_len;
642 if(memcmp_P(tag, cipher_p, 16)){
643 cli_putstr_P(PSTR("\r\n tag: [fail]"));
645 cli_putstr_P(PSTR("\r\n tag: [pass]"));
648 cipher_p = ((uint8_t*)cipher_p)+16;
653 /*****************************************************************************/
655 void testrun_performance_aes(void){
656 bcal_performance_multiple(algolist);
659 /*****************************************************************************
661 *****************************************************************************/
663 const char nessie_str[] PROGMEM = "nessie";
664 const char test_str[] PROGMEM = "test";
665 const char testkey_str[] PROGMEM = "testkey";
666 const char testcbc_str[] PROGMEM = "testcbc";
667 const char testcfb8_str[] PROGMEM = "testcfb8";
668 const char testcfb1_str[] PROGMEM = "testcfb1";
669 const char testofb_str[] PROGMEM = "testofb";
670 const char testctr_str[] PROGMEM = "testctr";
671 const char testcmac_str[] PROGMEM = "testcmac";
672 const char testcmac72_str[] PROGMEM = "testcmac72";
673 const char testcmac0_str[] PROGMEM = "testcmac0";
674 const char testeax_str[] PROGMEM = "testeax";
675 const char cmacvs_list_str[] PROGMEM = "cmacvs_list";
676 const char cmacvs_set_str[] PROGMEM = "cmacvs_set";
677 const char cmacvs_test1_str[] PROGMEM = "cmacvs_test1";
678 const char cmacvs_test2_str[] PROGMEM = "cmacvs_test2";
679 const char performance_str[] PROGMEM = "performance";
680 const char dump_str[] PROGMEM = "dump";
681 const char echo_str[] PROGMEM = "echo";
683 const const cmdlist_entry_t cmdlist[] PROGMEM = {
684 { nessie_str, NULL, testrun_nessie_aes },
685 { test_str, NULL, testrun_test_aes },
686 { testkey_str, NULL, testrun_testkey_aes },
687 { testcbc_str, NULL, testrun_aes128_cbc },
688 { testcfb8_str, NULL, testrun_aes128_cfb8 },
689 { testcfb1_str, NULL, testrun_aes128_cfb1 },
690 { testofb_str, NULL, testrun_aes128_ofb },
691 { testctr_str, NULL, testrun_aes128_ctr },
692 { testcmac_str, NULL, testrun_aes128_cmac },
693 { testcmac72_str, NULL, testrun_aes128_cmac72 },
694 { testcmac0_str, NULL, testrun_aes192_cmac0 },
695 { testeax_str, NULL, testrun_aes128_eax },
696 { cmacvs_list_str, NULL, cmacvs_listalgos },
697 { cmacvs_set_str, (void*)1, (void_fpt)cmacvs_setalgo },
698 { cmacvs_test1_str, NULL, cmacvs_test1 },
699 { cmacvs_test2_str, NULL, cmacvs_test2 },
700 { performance_str, NULL, testrun_performance_aes },
701 { dump_str, (void*)1, (void_fpt)dump },
702 { echo_str, (void*)1, (void_fpt)echo_ctrl },
710 cli_rx = (cli_rx_fpt)uart0_getc;
711 cli_tx = (cli_tx_fpt)uart0_putc;
712 cmacvs_algolist=(bcdesc_t**)algolist;
713 cmacvs_algo=(bcdesc_t*)&aes128_desc;
715 cli_putstr_P(PSTR("\r\n\r\nCrypto-VS ("));
716 cli_putstr(algo_name);
717 cli_putstr_P(PSTR(")\r\nloaded and running\r\n"));
718 cmd_interface(cmdlist);