3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "main-test-common.h"
26 #include "performance_test.h"
29 #include "bcal_aes128.h"
30 #include "bcal_aes192.h"
31 #include "bcal_aes256.h"
33 #include "bcal-cfb_byte.h"
34 #include "bcal-cfb_bit.h"
37 #include "bcal-cmac.h"
40 #include "bcal-performance.h"
41 #include "bcal-nessie.h"
43 const char* algo_name = "AES";
45 const bcdesc_t* const const algolist[] PROGMEM = {
46 (bcdesc_t*)&aes128_desc,
47 (bcdesc_t*)&aes192_desc,
48 (bcdesc_t*)&aes256_desc,
52 /*****************************************************************************
53 * additional validation-functions *
54 *****************************************************************************/
56 void testrun_nessie_aes(void){
57 bcal_nessie_multiple(algolist);
60 void testrun_test_aes(void){
61 uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
62 0x28, 0xae, 0xd2, 0xa6,
63 0xab, 0xf7, 0x15, 0x88,
64 0x09, 0xcf, 0x4f, 0x3c };
65 uint8_t data[16] = { 0x32, 0x43, 0xf6, 0xa8,
66 0x88, 0x5a, 0x30, 0x8d,
67 0x31, 0x31, 0x98, 0xa2,
68 0xe0, 0x37, 0x07, 0x34 };
70 aes128_init(key, &ctx);
71 cli_putstr_P(PSTR("\r\n\r\n cipher test (FIPS 197):\r\n key: "));
73 cli_putstr_P(PSTR("\r\n plaintext: "));
74 cli_hexdump(data, 16);
75 aes128_enc(data, &ctx);
76 cli_putstr_P(PSTR("\r\n ciphertext: "));
77 cli_hexdump(data, 16);
78 aes128_dec(data, &ctx);
79 cli_putstr_P(PSTR("\r\n plaintext: "));
80 cli_hexdump(data, 16);
81 cli_putstr(PSTR("\r\n testing bcal:"));
84 r = bcal_cipher_init(&aes128_desc, key, 128, &bcal_ctx);
85 cli_putstr_P(PSTR("\r\n init = 0x"));
88 bcal_cipher_enc(data, &bcal_ctx);
89 cli_putstr_P(PSTR("\r\n ciphertext: "));
90 cli_hexdump(data, 16);
91 bcal_cipher_dec(data, &bcal_ctx);
92 cli_putstr_P(PSTR("\r\n plaintext: "));
93 cli_hexdump(data, 16);
94 bcal_cipher_free(&bcal_ctx);
97 void testrun_testkey_aes128(void){
98 uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
99 0x28, 0xae, 0xd2, 0xa6,
100 0xab, 0xf7, 0x15, 0x88,
101 0x09, 0xcf, 0x4f, 0x3c};
104 aes128_init(key, &ctx);
105 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
106 cli_hexdump(key, 16);
108 cli_putstr_P(PSTR("\r\n index: "));
111 cli_putstr_P(PSTR(" roundkey "));
112 cli_hexdump(ctx.key[i].ks, 16);
116 void testrun_testkey_aes192(void){
117 uint8_t key[24] = { 0x8e, 0x73, 0xb0, 0xf7,
118 0xda, 0x0e, 0x64, 0x52,
119 0xc8, 0x10, 0xf3, 0x2b,
120 0x80, 0x90, 0x79, 0xe5,
121 0x62, 0xf8, 0xea, 0xd2,
122 0x52, 0x2c, 0x6b, 0x7b};
125 memset(&ctx, 0, sizeof(aes192_ctx_t));
126 aes192_init(key, &ctx);
127 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
128 cli_hexdump(key, 24);
130 cli_putstr_P(PSTR("\r\n index: "));
133 cli_putstr_P(PSTR(" roundkey "));
134 cli_hexdump(ctx.key[i].ks, 16);
139 void testrun_testkey_aes256(void){
140 uint8_t key[32] = { 0x60, 0x3d, 0xeb, 0x10,
141 0x15, 0xca, 0x71, 0xbe,
142 0x2b, 0x73, 0xae, 0xf0,
143 0x85, 0x7d, 0x77, 0x81,
144 0x1f, 0x35, 0x2c, 0x07,
145 0x3b, 0x61, 0x08, 0xd7,
146 0x2d, 0x98, 0x10, 0xa3,
147 0x09, 0x14, 0xdf, 0xf4};
150 memset(&ctx, 0, sizeof(aes256_ctx_t));
151 aes256_init(key, &ctx);
152 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
153 cli_hexdump(key, 32);
155 cli_putstr_P(PSTR("\r\n index: "));
158 cli_putstr_P(PSTR(" roundkey "));
159 cli_hexdump(ctx.key[i].ks, 16);
163 void testrun_testkey_aes(void){
164 testrun_testkey_aes128();
165 testrun_testkey_aes192();
166 testrun_testkey_aes256();
169 const uint8_t modes_key[] PROGMEM = {
170 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
171 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
172 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
173 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
175 const uint8_t modes_iv[] PROGMEM = {
176 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
177 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
180 const uint8_t modes_ctriv[] PROGMEM = {
181 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
182 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
185 const uint8_t modes_plain[] PROGMEM = {
186 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
187 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
189 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
190 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
192 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
193 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
195 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
196 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
200 void testrun_aes128_cbc(void){
208 memcpy_P(key, modes_key, 16);
209 memcpy_P(iv, modes_iv, 16);
210 memcpy_P(plain, modes_plain, 64);
212 cli_putstr_P(PSTR("\r\n** AES128-CBC-TEST **"));
213 r = bcal_cbc_init(&aes128_desc, key, 128, &ctx);
214 cli_putstr_P(PSTR("\r\n init = 0x"));
216 cli_putstr_P(PSTR("\r\n key: "));
217 cli_hexdump(key, 128/8);
218 cli_putstr_P(PSTR("\r\n IV: "));
219 cli_hexdump(iv, 128/8);
220 cli_putstr_P(PSTR("\r\n plaintext:"));
221 cli_hexdump_block(plain, 4*128/8, 4, 16);
224 bcal_cbc_encMsg(iv, plain, 4, &ctx);
225 cli_putstr_P(PSTR("\r\n ciphertext: "));
226 cli_hexdump_block(plain, 4*128/8, 4, 16);
227 bcal_cbc_decMsg(iv, plain, 4, &ctx);
228 cli_putstr_P(PSTR("\r\n plaintext: "));
229 cli_hexdump_block(plain, 4*128/8, 4, 16);
233 void testrun_aes128_cfb8(void){
238 bcal_cfb_B_ctx_t ctx;
241 memcpy_P(key, modes_key, 16);
242 memcpy_P(iv, modes_iv, 16);
243 memcpy_P(plain, modes_plain, 64);
245 cli_putstr_P(PSTR("\r\n** AES128-CFB8-TEST **"));
246 r = bcal_cfb_B_init(&aes128_desc, key, 128, 8, &ctx);
247 cli_putstr_P(PSTR("\r\n init = 0x"));
249 cli_putstr_P(PSTR("\r\n key: "));
250 cli_hexdump(key, 128/8);
251 cli_putstr_P(PSTR("\r\n IV: "));
252 cli_hexdump(iv, 128/8);
253 cli_putstr_P(PSTR("\r\n plaintext:"));
254 cli_hexdump_block(plain, 4*128/8, 4, 16);
257 bcal_cfb_B_encMsg(iv, plain, 64, &ctx);
258 cli_putstr_P(PSTR("\r\n ciphertext: "));
259 cli_hexdump_block(plain, 64, 4, 16);
261 bcal_cfb_B_decMsg(iv, plain, 64, &ctx);
262 cli_putstr_P(PSTR("\r\n plaintext: "));
263 cli_hexdump_block(plain, 64, 4, 16);
265 bcal_cfb_B_free(&ctx);
269 void testrun_aes128_cfb1(void){
274 bcal_cfb_b_ctx_t ctx;
277 memcpy_P(key, modes_key, 16);
278 memcpy_P(iv, modes_iv, 16);
279 memcpy_P(plain, modes_plain, 64);
281 cli_putstr_P(PSTR("\r\n** AES128-CFB1-TEST **"));
282 r = bcal_cfb_b_init(&aes128_desc, key, 128, 1, &ctx);
283 cli_putstr_P(PSTR("\r\n init = 0x"));
285 cli_putstr_P(PSTR("\r\n key: "));
286 cli_hexdump(key, 128/8);
287 cli_putstr_P(PSTR("\r\n IV: "));
288 cli_hexdump(iv, 128/8);
289 cli_putstr_P(PSTR("\r\n plaintext:"));
290 cli_hexdump_block(plain, 2, 4, 16);
293 uint8_t i, bit_offset, byte_offset;
294 bcal_cfb_b_loadIV(iv, &ctx);
298 cli_putstr_P(PSTR("\r\n plain bit: "));
299 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
300 bcal_cfb_b_encNext(plain+byte_offset, bit_offset, &ctx);
301 cli_putstr_P(PSTR("\r\n cipher bit: "));
302 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
304 cli_putstr_P(PSTR("\r\n ciphertext: "));
305 cli_hexdump_block(plain, 2, 4, 16);
307 bcal_cfb_b_loadIV(iv, &ctx);
311 cli_putstr_P(PSTR("\r\n plain bit: "));
312 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
313 bcal_cfb_b_decNext(plain+byte_offset, bit_offset, &ctx);
314 cli_putstr_P(PSTR("\r\n cipher bit: "));
315 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
317 cli_putstr_P(PSTR("\r\n plaintext: "));
318 cli_hexdump_block(plain, 2, 4, 16);
321 bcal_cfb_b_encMsg(iv, plain, 0, 64*8, &ctx);
322 cli_putstr_P(PSTR("\r\n ciphertext: "));
323 cli_hexdump_block(plain, 64, 4, 16);
325 bcal_cfb_b_decMsg(iv, plain, 0, 64*8, &ctx);
326 cli_putstr_P(PSTR("\r\n plaintext: "));
327 cli_hexdump_block(plain, 64, 4, 16);
329 bcal_cfb_b_free(&ctx);
332 void testrun_aes128_ofb(void){
340 memcpy_P(key, modes_key, 16);
341 memcpy_P(iv, modes_iv, 16);
342 memcpy_P(plain, modes_plain, 64);
344 cli_putstr_P(PSTR("\r\n** AES128-OFB-TEST **"));
345 r = bcal_ofb_init(&aes128_desc, key, 128, &ctx);
346 cli_putstr_P(PSTR("\r\n init = 0x"));
348 cli_putstr_P(PSTR("\r\n key: "));
349 cli_hexdump(key, 128/8);
350 cli_putstr_P(PSTR("\r\n IV: "));
351 cli_hexdump(iv, 128/8);
352 cli_putstr_P(PSTR("\r\n plaintext:"));
353 cli_hexdump_block(plain, 4*128/8, 4, 16);
356 bcal_ofb_encMsg(iv, plain, 4*128, &ctx);
357 cli_putstr_P(PSTR("\r\n ciphertext: "));
358 cli_hexdump_block(plain, 4*128/8, 4, 16);
359 bcal_ofb_decMsg(iv, plain, 4*128, &ctx);
360 cli_putstr_P(PSTR("\r\n plaintext: "));
361 cli_hexdump_block(plain, 4*128/8, 4, 16);
365 void testrun_aes128_ctr(void){
373 memcpy_P(key, modes_key, 16);
374 memcpy_P(iv, modes_ctriv, 16);
375 memcpy_P(plain, modes_plain, 64);
377 cli_putstr_P(PSTR("\r\n** AES128-CTR-TEST **"));
378 r = bcal_ctr_init(&aes128_desc, key, 128, NULL, &ctx);
379 cli_putstr_P(PSTR("\r\n init = 0x"));
381 cli_putstr_P(PSTR("\r\n key: "));
382 cli_hexdump(key, 128/8);
383 cli_putstr_P(PSTR("\r\n IV: "));
384 cli_hexdump(iv, 128/8);
385 cli_putstr_P(PSTR("\r\n plaintext:"));
386 cli_hexdump_block(plain, 4*128/8, 4, 16);
389 bcal_ctr_encMsg(iv, plain, 4*128, &ctx);
390 cli_putstr_P(PSTR("\r\n ciphertext: "));
391 cli_hexdump_block(plain, 4*128/8, 4, 16);
392 bcal_ctr_decMsg(iv, plain, 4*128, &ctx);
393 cli_putstr_P(PSTR("\r\n plaintext: "));
394 cli_hexdump_block(plain, 4*128/8, 4, 16);
398 void testrun_aes128_cmac(void){
402 uint16_t length[] = { 0, 128, 320, 512 };
406 memcpy_P(key, modes_key, 16);
407 memcpy_P(plain, modes_plain, 64);
409 cli_putstr_P(PSTR("\r\n** AES128-CMAC-TEST **"));
411 cli_putstr_P(PSTR("\r\n key: "));
412 cli_hexdump(key, 128/8);
414 r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
415 cli_putstr_P(PSTR("\r\n init = 0x"));
417 cli_putstr_P(PSTR("\r\n message: "));
418 cli_hexdump_block(plain, length[i]/8, 4, 16);
421 bcal_cmac(tag, 128, plain, length[i], &ctx);
422 cli_putstr_P(PSTR("\r\n tag: "));
423 cli_hexdump_block(tag, 128/8, 4, 16);
424 bcal_cmac_free(&ctx);
431 Key = 3250974e306b4b678f914b514d1e90f6
432 Msg = cf132fd4ebc25fd3866f1a95a6193a1a9cdf
434 void testrun_aes128_cmac72(void){
436 0x32, 0x50, 0x97, 0x4e, 0x30, 0x6b, 0x4b, 0x67,
437 0x8f, 0x91, 0x4b, 0x51, 0x4d, 0x1e, 0x90, 0xf6
440 uint8_t plain[18] = {
441 0xcf, 0x13, 0x2f, 0xd4, 0xeb, 0xc2, 0x5f, 0xd3,
442 0x86, 0x6f, 0x1a, 0x95, 0xa6, 0x19, 0x3a, 0x1a,
449 cli_putstr_P(PSTR("\r\n** AES128-CMAC-72-TEST **"));
451 cli_putstr_P(PSTR("\r\n key: "));
452 cli_hexdump(key, 128/8);
453 r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
454 cli_putstr_P(PSTR("\r\n init = 0x"));
456 cli_putstr_P(PSTR("\r\n message: "));
457 cli_hexdump_block(plain, 18, 4, 16);
460 bcal_cmac(tag, 16, plain, 18*8, &ctx);
461 cli_putstr_P(PSTR("\r\n tag: "));
462 cli_hexdump_block(tag, 2, 4, 16);
463 bcal_cmac_free(&ctx);
470 Key = 2b2aaa666be161ed16648e862ac9bd1e317f71bc69e268b5
473 void testrun_aes192_cmac0(void){
475 0x2b, 0x2a, 0xaa, 0x66, 0x6b, 0xe1, 0x61, 0xed,
476 0x16, 0x64, 0x8e, 0x86, 0x2a, 0xc9, 0xbd, 0x1e,
477 0x31, 0x7f, 0x71, 0xbc, 0x69, 0xe2, 0x68, 0xb5
487 cli_putstr_P(PSTR("\r\n** AES192-CMAC-0-TEST **"));
489 cli_putstr_P(PSTR("\r\n key: "));
490 cli_hexdump(key, 192/8);
491 r = bcal_cmac_init(&aes192_desc, key, 192, &ctx);
492 cli_putstr_P(PSTR("\r\n init = 0x"));
496 bcal_cmac(tag, 16, plain, 0*8, &ctx);
497 cli_putstr_P(PSTR("\r\n tag: "));
498 cli_hexdump_block(tag, 2, 4, 16);
499 bcal_cmac_free(&ctx);
502 const uint8_t eax_msg[] PROGMEM = {
504 0x1A, 0x47, 0xCB, 0x49, 0x33,
505 0x48, 0x1C, 0x9E, 0x39, 0xB1,
506 0x40, 0xD0, 0xC0, 0x7D, 0xA5, 0xE4,
507 0x4D, 0xE3, 0xB3, 0x5C, 0x3F, 0xC0, 0x39, 0x24, 0x5B, 0xD1, 0xFB, 0x7D,
508 0x8B, 0x0A, 0x79, 0x30, 0x6C, 0x9C, 0xE7, 0xED, 0x99, 0xDA, 0xE4, 0xF8, 0x7F, 0x8D, 0xD6, 0x16, 0x36,
509 0x1B, 0xDA, 0x12, 0x2B, 0xCE, 0x8A, 0x8D, 0xBA, 0xF1, 0x87, 0x7D, 0x96, 0x2B, 0x85, 0x92, 0xDD, 0x2D, 0x56,
510 0x6C, 0xF3, 0x67, 0x20, 0x87, 0x2B, 0x85, 0x13, 0xF6, 0xEA, 0xB1, 0xA8, 0xA4, 0x44, 0x38, 0xD5, 0xEF, 0x11,
511 0xCA, 0x40, 0xD7, 0x44, 0x6E, 0x54, 0x5F, 0xFA, 0xED, 0x3B, 0xD1, 0x2A, 0x74, 0x0A, 0x65, 0x9F, 0xFB, 0xBB, 0x3C, 0xEA, 0xB7
514 const uint8_t eax_msg_len[] PROGMEM = {0, 2, 5, 5, 6, 12, 17, 18, 18, 21};
516 const uint8_t eax_key[] PROGMEM = {
517 0x23, 0x39, 0x52, 0xDE, 0xE4, 0xD5, 0xED, 0x5F, 0x9B, 0x9C, 0x6D, 0x6F, 0xF8, 0x0F, 0xF4, 0x78,
518 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B, 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4,
519 0x01, 0xF7, 0x4A, 0xD6, 0x40, 0x77, 0xF2, 0xE7, 0x04, 0xC0, 0xF6, 0x0A, 0xDA, 0x3D, 0xD5, 0x23,
520 0xD0, 0x7C, 0xF6, 0xCB, 0xB7, 0xF3, 0x13, 0xBD, 0xDE, 0x66, 0xB7, 0x27, 0xAF, 0xD3, 0xC5, 0xE8,
521 0x35, 0xB6, 0xD0, 0x58, 0x00, 0x05, 0xBB, 0xC1, 0x2B, 0x05, 0x87, 0x12, 0x45, 0x57, 0xD2, 0xC2,
522 0xBD, 0x8E, 0x6E, 0x11, 0x47, 0x5E, 0x60, 0xB2, 0x68, 0x78, 0x4C, 0x38, 0xC6, 0x2F, 0xEB, 0x22,
523 0x7C, 0x77, 0xD6, 0xE8, 0x13, 0xBE, 0xD5, 0xAC, 0x98, 0xBA, 0xA4, 0x17, 0x47, 0x7A, 0x2E, 0x7D,
524 0x5F, 0xFF, 0x20, 0xCA, 0xFA, 0xB1, 0x19, 0xCA, 0x2F, 0xC7, 0x35, 0x49, 0xE2, 0x0F, 0x5B, 0x0D,
525 0xA4, 0xA4, 0x78, 0x2B, 0xCF, 0xFD, 0x3E, 0xC5, 0xE7, 0xEF, 0x6D, 0x8C, 0x34, 0xA5, 0x61, 0x23,
526 0x83, 0x95, 0xFC, 0xF1, 0xE9, 0x5B, 0xEB, 0xD6, 0x97, 0xBD, 0x01, 0x0B, 0xC7, 0x66, 0xAA, 0xC3
529 const uint8_t eax_nonce[] PROGMEM = {
530 0x62, 0xEC, 0x67, 0xF9, 0xC3, 0xA4, 0xA4, 0x07, 0xFC, 0xB2, 0xA8, 0xC4, 0x90, 0x31, 0xA8, 0xB3,
531 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84, 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD,
532 0x70, 0xC3, 0xDB, 0x4F, 0x0D, 0x26, 0x36, 0x84, 0x00, 0xA1, 0x0E, 0xD0, 0x5D, 0x2B, 0xFF, 0x5E,
533 0x84, 0x08, 0xDF, 0xFF, 0x3C, 0x1A, 0x2B, 0x12, 0x92, 0xDC, 0x19, 0x9E, 0x46, 0xB7, 0xD6, 0x17,
534 0xFD, 0xB6, 0xB0, 0x66, 0x76, 0xEE, 0xDC, 0x5C, 0x61, 0xD7, 0x42, 0x76, 0xE1, 0xF8, 0xE8, 0x16,
535 0x6E, 0xAC, 0x5C, 0x93, 0x07, 0x2D, 0x8E, 0x85, 0x13, 0xF7, 0x50, 0x93, 0x5E, 0x46, 0xDA, 0x1B,
536 0x1A, 0x8C, 0x98, 0xDC, 0xD7, 0x3D, 0x38, 0x39, 0x3B, 0x2B, 0xF1, 0x56, 0x9D, 0xEE, 0xFC, 0x19,
537 0xDD, 0xE5, 0x9B, 0x97, 0xD7, 0x22, 0x15, 0x6D, 0x4D, 0x9A, 0xFF, 0x2B, 0xC7, 0x55, 0x98, 0x26,
538 0xB7, 0x81, 0xFC, 0xF2, 0xF7, 0x5F, 0xA5, 0xA8, 0xDE, 0x97, 0xA9, 0xCA, 0x48, 0xE5, 0x22, 0xEC,
539 0x22, 0xE7, 0xAD, 0xD9, 0x3C, 0xFC, 0x63, 0x93, 0xC5, 0x7E, 0xC0, 0xB3, 0xC1, 0x7D, 0x6B, 0x44
542 const uint8_t eax_header[] PROGMEM = {
543 0x6B, 0xFB, 0x91, 0x4F, 0xD0, 0x7E, 0xAE, 0x6B,
544 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA,
545 0x23, 0x4A, 0x34, 0x63, 0xC1, 0x26, 0x4A, 0xC6,
546 0x33, 0xCC, 0xE2, 0xEA, 0xBF, 0xF5, 0xA7, 0x9D,
547 0xAE, 0xB9, 0x6E, 0xAE, 0xBE, 0x29, 0x70, 0xE9,
548 0xD4, 0x48, 0x2D, 0x1C, 0xA7, 0x8D, 0xCE, 0x0F,
549 0x65, 0xD2, 0x01, 0x79, 0x90, 0xD6, 0x25, 0x28,
550 0x54, 0xB9, 0xF0, 0x4E, 0x6A, 0x09, 0x18, 0x9A,
551 0x89, 0x9A, 0x17, 0x58, 0x97, 0x56, 0x1D, 0x7E,
552 0x12, 0x67, 0x35, 0xFC, 0xC3, 0x20, 0xD2, 0x5A
555 const uint8_t eax_cipher[] PROGMEM = {
556 0xE0, 0x37, 0x83, 0x0E, 0x83, 0x89, 0xF2, 0x7B, 0x02, 0x5A, 0x2D, 0x65, 0x27, 0xE7, 0x9D, 0x01,
557 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D, 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79, 0x67, 0xE5,
558 0xD8, 0x51, 0xD5, 0xBA, 0xE0, 0x3A, 0x59, 0xF2, 0x38, 0xA2, 0x3E, 0x39, 0x19, 0x9D, 0xC9, 0x26, 0x66, 0x26, 0xC4, 0x0F, 0x80,
559 0x63, 0x2A, 0x9D, 0x13, 0x1A, 0xD4, 0xC1, 0x68, 0xA4, 0x22, 0x5D, 0x8E, 0x1F, 0xF7, 0x55, 0x93, 0x99, 0x74, 0xA7, 0xBE, 0xDE,
560 0x07, 0x1D, 0xFE, 0x16, 0xC6, 0x75, 0xCB, 0x06, 0x77, 0xE5, 0x36, 0xF7, 0x3A, 0xFE, 0x6A, 0x14, 0xB7, 0x4E, 0xE4, 0x98, 0x44, 0xDD,
561 0x83, 0x5B, 0xB4, 0xF1, 0x5D, 0x74, 0x3E, 0x35, 0x0E, 0x72, 0x84, 0x14, 0xAB, 0xB8, 0x64, 0x4F, 0xD6, 0xCC, 0xB8, 0x69, 0x47, 0xC5, 0xE1, 0x05, 0x90, 0x21, 0x0A, 0x4F,
562 0x02, 0x08, 0x3E, 0x39, 0x79, 0xDA, 0x01, 0x48, 0x12, 0xF5, 0x9F, 0x11, 0xD5, 0x26, 0x30, 0xDA, 0x30, 0x13, 0x73, 0x27, 0xD1, 0x06, 0x49, 0xB0, 0xAA, 0x6E, 0x1C, 0x18, 0x1D, 0xB6, 0x17, 0xD7, 0xF2,
563 0x2E, 0xC4, 0x7B, 0x2C, 0x49, 0x54, 0xA4, 0x89, 0xAF, 0xC7, 0xBA, 0x48, 0x97, 0xED, 0xCD, 0xAE, 0x8C, 0xC3, 0x3B, 0x60, 0x45, 0x05, 0x99, 0xBD, 0x02, 0xC9, 0x63, 0x82, 0x90, 0x2A, 0xEF, 0x7F, 0x83, 0x2A,
564 0x0D, 0xE1, 0x8F, 0xD0, 0xFD, 0xD9, 0x1E, 0x7A, 0xF1, 0x9F, 0x1D, 0x8E, 0xE8, 0x73, 0x39, 0x38, 0xB1, 0xE8, 0xE7, 0xF6, 0xD2, 0x23, 0x16, 0x18, 0x10, 0x2F, 0xDB, 0x7F, 0xE5, 0x5F, 0xF1, 0x99, 0x17, 0x00,
565 0xCB, 0x89, 0x20, 0xF8, 0x7A, 0x6C, 0x75, 0xCF, 0xF3, 0x96, 0x27, 0xB5, 0x6E, 0x3E, 0xD1, 0x97, 0xC5, 0x52, 0xD2, 0x95, 0xA7, 0xCF, 0xC4, 0x6A, 0xFC, 0x25, 0x3B, 0x46, 0x52, 0xB1, 0xAF, 0x37, 0x95, 0xB1, 0x24, 0xAB, 0x6E
568 void testrun_aes128_eax(void){
582 cipher_p = eax_cipher;
584 cli_putstr_P(PSTR("\r\n\r\n** AES128-EAX-TEST #"));
586 cli_putstr_P(PSTR(" **"));
588 msg_len = pgm_read_byte(eax_msg_len+i);
589 memcpy_P(key, eax_key+16*i, 16);
590 memcpy_P(nonce, eax_nonce+16*i, 16);
591 memcpy_P(header, eax_header+8*i, 8);
592 memcpy_P(msg, msg_p, msg_len);
593 msg_p = (uint8_t*)msg_p+msg_len;
595 cli_putstr_P(PSTR("\r\n key: "));
596 cli_hexdump(key, 16);
597 cli_putstr_P(PSTR("\r\n msg: "));
599 cli_hexdump(msg, msg_len);
601 cli_putstr_P(PSTR("\r\n nonce: "));
602 cli_hexdump(nonce, 16);
603 cli_putstr_P(PSTR("\r\n header: "));
604 cli_hexdump(header, 8);
606 r = bcal_eax_init(&aes128_desc, key, 128, &ctx);
607 cli_putstr_P(PSTR("\r\n init = 0x"));
611 bcal_eax_loadNonce(nonce, 16*8, &ctx);
612 bcal_eax_addLastHeader(header, 8*8, &ctx);
613 bcal_eax_encLastBlock(msg, msg_len*8, &ctx);
614 bcal_eax_ctx2tag(tag, 128, &ctx);
616 cli_putstr_P(PSTR("\r\n cipher: "));
617 cli_hexdump_block(msg, msg_len, 4, 16);
619 cli_putstr_P(PSTR("\r\n tag: "));
620 cli_hexdump_block(tag, 16, 4, 16);
622 if(memcmp_P(msg, cipher_p, msg_len)){
623 cli_putstr_P(PSTR("\r\n cipher: [fail]\r\n should: "));
624 memcpy_P(msg, cipher_p, msg_len);
625 cli_hexdump_block(msg, msg_len, 4, 16);
627 cli_putstr_P(PSTR("\r\n cipher: [pass]"));
629 cipher_p = ((uint8_t*)cipher_p)+msg_len;
631 if(memcmp_P(tag, cipher_p, 16)){
632 cli_putstr_P(PSTR("\r\n tag: [fail]"));
634 cli_putstr_P(PSTR("\r\n tag: [pass]"));
637 cipher_p = ((uint8_t*)cipher_p)+16;
642 /*****************************************************************************/
644 void testrun_performance_aes(void){
645 bcal_performance_multiple(algolist);
648 /*****************************************************************************
650 *****************************************************************************/
652 const char nessie_str[] PROGMEM = "nessie";
653 const char test_str[] PROGMEM = "test";
654 const char testkey_str[] PROGMEM = "testkey";
655 const char testcbc_str[] PROGMEM = "testcbc";
656 const char testcfb8_str[] PROGMEM = "testcfb8";
657 const char testcfb1_str[] PROGMEM = "testcfb1";
658 const char testofb_str[] PROGMEM = "testofb";
659 const char testctr_str[] PROGMEM = "testctr";
660 const char testcmac_str[] PROGMEM = "testcmac";
661 const char testcmac72_str[] PROGMEM = "testcmac72";
662 const char testcmac0_str[] PROGMEM = "testcmac0";
663 const char testeax_str[] PROGMEM = "testeax";
664 const char cmacvs_list_str[] PROGMEM = "cmacvs_list";
665 const char cmacvs_set_str[] PROGMEM = "cmacvs_set";
666 const char cmacvs_test1_str[] PROGMEM = "cmacvs_test1";
667 const char cmacvs_test2_str[] PROGMEM = "cmacvs_test2";
668 const char performance_str[] PROGMEM = "performance";
669 const char dump_str[] PROGMEM = "dump";
670 const char echo_str[] PROGMEM = "echo";
672 const const cmdlist_entry_t cmdlist[] PROGMEM = {
673 { nessie_str, NULL, testrun_nessie_aes },
674 { test_str, NULL, testrun_test_aes },
675 { testkey_str, NULL, testrun_testkey_aes },
676 { testcbc_str, NULL, testrun_aes128_cbc },
677 { testcfb8_str, NULL, testrun_aes128_cfb8 },
678 { testcfb1_str, NULL, testrun_aes128_cfb1 },
679 { testofb_str, NULL, testrun_aes128_ofb },
680 { testctr_str, NULL, testrun_aes128_ctr },
681 { testcmac_str, NULL, testrun_aes128_cmac },
682 { testcmac72_str, NULL, testrun_aes128_cmac72 },
683 { testcmac0_str, NULL, testrun_aes192_cmac0 },
684 { testeax_str, NULL, testrun_aes128_eax },
685 { cmacvs_list_str, NULL, cmacvs_listalgos },
686 { cmacvs_set_str, (void*)1, (void_fpt)cmacvs_setalgo },
687 { cmacvs_test1_str, NULL, cmacvs_test1 },
688 { cmacvs_test2_str, NULL, cmacvs_test2 },
689 { performance_str, NULL, testrun_performance_aes },
690 { dump_str, (void*)1, (void_fpt)dump },
691 { echo_str, (void*)1, (void_fpt)echo_ctrl },
698 cmacvs_algolist=(bcdesc_t**)algolist;
699 cmacvs_algo=(bcdesc_t*)&aes128_desc;
702 welcome_msg(algo_name);
703 cmd_interface(cmdlist);