3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
31 #include "nessie_bc_test.h"
33 #include "performance_test.h"
36 #include "bcal_aes128.h"
37 #include "bcal_aes192.h"
38 #include "bcal_aes256.h"
40 #include "bcal-cfb_byte.h"
41 #include "bcal-cfb_bit.h"
44 #include "bcal-cmac.h"
51 #include <avr/pgmspace.h>
53 char* algo_name = "AES";
55 const bcdesc_t* algolist[] PROGMEM = {
56 (bcdesc_t*)&aes128_desc,
57 (bcdesc_t*)&aes192_desc,
58 (bcdesc_t*)&aes256_desc,
62 /*****************************************************************************
63 * additional validation-functions *
64 *****************************************************************************/
66 void testrun_nessie_aes(void){
67 nessie_bc_ctx.blocksize_B = 16;
68 nessie_bc_ctx.keysize_b = 128;
69 nessie_bc_ctx.name = algo_name;
70 nessie_bc_ctx.ctx_size_B = sizeof(aes128_ctx_t);
71 nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes128_enc;
72 nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes128_dec;
73 nessie_bc_ctx.cipher_genctx = (nessie_bc_gen_fpt)aes_init;
76 nessie_bc_ctx.keysize_b = 192;
77 nessie_bc_ctx.ctx_size_B = sizeof(aes192_ctx_t);
78 nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes192_enc;
79 nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes192_dec;
82 nessie_bc_ctx.keysize_b = 256;
83 nessie_bc_ctx.ctx_size_B = sizeof(aes256_ctx_t);
84 nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes256_enc;
85 nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes256_dec;
89 void testrun_test_aes(void){
90 uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
91 0x28, 0xae, 0xd2, 0xa6,
92 0xab, 0xf7, 0x15, 0x88,
93 0x09, 0xcf, 0x4f, 0x3c };
94 uint8_t data[16] = { 0x32, 0x43, 0xf6, 0xa8,
95 0x88, 0x5a, 0x30, 0x8d,
96 0x31, 0x31, 0x98, 0xa2,
97 0xe0, 0x37, 0x07, 0x34 };
99 aes128_init(key, &ctx);
100 cli_putstr_P(PSTR("\r\n\r\n cipher test (FIPS 197):\r\n key: "));
101 cli_hexdump(key, 16);
102 cli_putstr_P(PSTR("\r\n plaintext: "));
103 cli_hexdump(data, 16);
104 aes128_enc(data, &ctx);
105 cli_putstr_P(PSTR("\r\n ciphertext: "));
106 cli_hexdump(data, 16);
107 aes128_dec(data, &ctx);
108 cli_putstr_P(PSTR("\r\n plaintext: "));
109 cli_hexdump(data, 16);
110 cli_putstr(PSTR("\r\n testing bcal:"));
111 bcgen_ctx_t bcal_ctx;
113 r = bcal_cipher_init(&aes128_desc, key, 128, &bcal_ctx);
114 cli_putstr_P(PSTR("\r\n init = 0x"));
117 bcal_cipher_enc(data, &bcal_ctx);
118 cli_putstr_P(PSTR("\r\n ciphertext: "));
119 cli_hexdump(data, 16);
120 bcal_cipher_dec(data, &bcal_ctx);
121 cli_putstr_P(PSTR("\r\n plaintext: "));
122 cli_hexdump(data, 16);
123 bcal_cipher_free(&bcal_ctx);
126 void testrun_testkey_aes128(void){
127 uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
128 0x28, 0xae, 0xd2, 0xa6,
129 0xab, 0xf7, 0x15, 0x88,
130 0x09, 0xcf, 0x4f, 0x3c};
133 aes128_init(key, &ctx);
134 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
135 cli_hexdump(key, 16);
137 cli_putstr_P(PSTR("\r\n index: "));
140 cli_putstr_P(PSTR(" roundkey "));
141 cli_hexdump(ctx.key[i].ks, 16);
145 void testrun_testkey_aes192(void){
146 uint8_t key[24] = { 0x8e, 0x73, 0xb0, 0xf7,
147 0xda, 0x0e, 0x64, 0x52,
148 0xc8, 0x10, 0xf3, 0x2b,
149 0x80, 0x90, 0x79, 0xe5,
150 0x62, 0xf8, 0xea, 0xd2,
151 0x52, 0x2c, 0x6b, 0x7b};
154 memset(&ctx, 0, sizeof(aes192_ctx_t));
155 aes192_init(key, &ctx);
156 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
157 cli_hexdump(key, 24);
159 cli_putstr_P(PSTR("\r\n index: "));
162 cli_putstr_P(PSTR(" roundkey "));
163 cli_hexdump(ctx.key[i].ks, 16);
168 void testrun_testkey_aes256(void){
169 uint8_t key[32] = { 0x60, 0x3d, 0xeb, 0x10,
170 0x15, 0xca, 0x71, 0xbe,
171 0x2b, 0x73, 0xae, 0xf0,
172 0x85, 0x7d, 0x77, 0x81,
173 0x1f, 0x35, 0x2c, 0x07,
174 0x3b, 0x61, 0x08, 0xd7,
175 0x2d, 0x98, 0x10, 0xa3,
176 0x09, 0x14, 0xdf, 0xf4};
179 memset(&ctx, 0, sizeof(aes256_ctx_t));
180 aes256_init(key, &ctx);
181 cli_putstr_P(PSTR("\r\n\r\n keyschedule test (FIPS 197):\r\n key: "));
182 cli_hexdump(key, 32);
184 cli_putstr_P(PSTR("\r\n index: "));
187 cli_putstr_P(PSTR(" roundkey "));
188 cli_hexdump(ctx.key[i].ks, 16);
192 void testrun_testkey_aes(void){
193 testrun_testkey_aes128();
194 testrun_testkey_aes192();
195 testrun_testkey_aes256();
198 uint8_t modes_key[] PROGMEM = {
199 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
200 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
201 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
202 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
204 uint8_t modes_iv[] PROGMEM = {
205 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
206 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
209 uint8_t modes_ctriv[] PROGMEM = {
210 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
211 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
214 uint8_t modes_plain[] PROGMEM = {
215 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
216 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
218 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
219 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
221 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
222 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
224 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
225 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
229 void testrun_aes128_cbc(void){
237 memcpy_P(key, modes_key, 16);
238 memcpy_P(iv, modes_iv, 16);
239 memcpy_P(plain, modes_plain, 64);
241 cli_putstr_P(PSTR("\r\n** AES128-CBC-TEST **"));
242 r = bcal_cbc_init(&aes128_desc, key, 128, &ctx);
243 cli_putstr_P(PSTR("\r\n init = 0x"));
245 cli_putstr_P(PSTR("\r\n key: "));
246 cli_hexdump(key, 128/8);
247 cli_putstr_P(PSTR("\r\n IV: "));
248 cli_hexdump(iv, 128/8);
249 cli_putstr_P(PSTR("\r\n plaintext:"));
250 cli_hexdump_block(plain, 4*128/8, 4, 16);
253 bcal_cbc_encMsg(iv, plain, 4, &ctx);
254 cli_putstr_P(PSTR("\r\n ciphertext: "));
255 cli_hexdump_block(plain, 4*128/8, 4, 16);
256 bcal_cbc_decMsg(iv, plain, 4, &ctx);
257 cli_putstr_P(PSTR("\r\n plaintext: "));
258 cli_hexdump_block(plain, 4*128/8, 4, 16);
262 void testrun_aes128_cfb8(void){
267 bcal_cfb_B_ctx_t ctx;
270 memcpy_P(key, modes_key, 16);
271 memcpy_P(iv, modes_iv, 16);
272 memcpy_P(plain, modes_plain, 64);
274 cli_putstr_P(PSTR("\r\n** AES128-CFB8-TEST **"));
275 r = bcal_cfb_B_init(&aes128_desc, key, 128, 8, &ctx);
276 cli_putstr_P(PSTR("\r\n init = 0x"));
278 cli_putstr_P(PSTR("\r\n key: "));
279 cli_hexdump(key, 128/8);
280 cli_putstr_P(PSTR("\r\n IV: "));
281 cli_hexdump(iv, 128/8);
282 cli_putstr_P(PSTR("\r\n plaintext:"));
283 cli_hexdump_block(plain, 4*128/8, 4, 16);
286 bcal_cfb_B_encMsg(iv, plain, 64, &ctx);
287 cli_putstr_P(PSTR("\r\n ciphertext: "));
288 cli_hexdump_block(plain, 64, 4, 16);
290 bcal_cfb_B_decMsg(iv, plain, 64, &ctx);
291 cli_putstr_P(PSTR("\r\n plaintext: "));
292 cli_hexdump_block(plain, 64, 4, 16);
294 bcal_cfb_B_free(&ctx);
298 void testrun_aes128_cfb1(void){
303 bcal_cfb_b_ctx_t ctx;
306 memcpy_P(key, modes_key, 16);
307 memcpy_P(iv, modes_iv, 16);
308 memcpy_P(plain, modes_plain, 64);
310 cli_putstr_P(PSTR("\r\n** AES128-CFB1-TEST **"));
311 r = bcal_cfb_b_init(&aes128_desc, key, 128, 1, &ctx);
312 cli_putstr_P(PSTR("\r\n init = 0x"));
314 cli_putstr_P(PSTR("\r\n key: "));
315 cli_hexdump(key, 128/8);
316 cli_putstr_P(PSTR("\r\n IV: "));
317 cli_hexdump(iv, 128/8);
318 cli_putstr_P(PSTR("\r\n plaintext:"));
319 cli_hexdump_block(plain, 2, 4, 16);
322 uint8_t i, bit_offset, byte_offset;
323 bcal_cfb_b_loadIV(iv, &ctx);
327 cli_putstr_P(PSTR("\r\n plain bit: "));
328 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
329 bcal_cfb_b_encNext(plain+byte_offset, bit_offset, &ctx);
330 cli_putstr_P(PSTR("\r\n cipher bit: "));
331 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
333 cli_putstr_P(PSTR("\r\n ciphertext: "));
334 cli_hexdump_block(plain, 2, 4, 16);
336 bcal_cfb_b_loadIV(iv, &ctx);
340 cli_putstr_P(PSTR("\r\n plain bit: "));
341 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
342 bcal_cfb_b_decNext(plain+byte_offset, bit_offset, &ctx);
343 cli_putstr_P(PSTR("\r\n cipher bit: "));
344 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
346 cli_putstr_P(PSTR("\r\n plaintext: "));
347 cli_hexdump_block(plain, 2, 4, 16);
350 bcal_cfb_b_encMsg(iv, plain, 0, 64*8, &ctx);
351 cli_putstr_P(PSTR("\r\n ciphertext: "));
352 cli_hexdump_block(plain, 64, 4, 16);
354 bcal_cfb_b_decMsg(iv, plain, 0, 64*8, &ctx);
355 cli_putstr_P(PSTR("\r\n plaintext: "));
356 cli_hexdump_block(plain, 64, 4, 16);
358 bcal_cfb_b_free(&ctx);
361 void testrun_aes128_ofb(void){
369 memcpy_P(key, modes_key, 16);
370 memcpy_P(iv, modes_iv, 16);
371 memcpy_P(plain, modes_plain, 64);
373 cli_putstr_P(PSTR("\r\n** AES128-OFB-TEST **"));
374 r = bcal_ofb_init(&aes128_desc, key, 128, &ctx);
375 cli_putstr_P(PSTR("\r\n init = 0x"));
377 cli_putstr_P(PSTR("\r\n key: "));
378 cli_hexdump(key, 128/8);
379 cli_putstr_P(PSTR("\r\n IV: "));
380 cli_hexdump(iv, 128/8);
381 cli_putstr_P(PSTR("\r\n plaintext:"));
382 cli_hexdump_block(plain, 4*128/8, 4, 16);
385 bcal_ofb_encMsg(iv, plain, 4*128, &ctx);
386 cli_putstr_P(PSTR("\r\n ciphertext: "));
387 cli_hexdump_block(plain, 4*128/8, 4, 16);
388 bcal_ofb_decMsg(iv, plain, 4*128, &ctx);
389 cli_putstr_P(PSTR("\r\n plaintext: "));
390 cli_hexdump_block(plain, 4*128/8, 4, 16);
394 void testrun_aes128_ctr(void){
402 memcpy_P(key, modes_key, 16);
403 memcpy_P(iv, modes_ctriv, 16);
404 memcpy_P(plain, modes_plain, 64);
406 cli_putstr_P(PSTR("\r\n** AES128-CTR-TEST **"));
407 r = bcal_ctr_init(&aes128_desc, key, 128, NULL, &ctx);
408 cli_putstr_P(PSTR("\r\n init = 0x"));
410 cli_putstr_P(PSTR("\r\n key: "));
411 cli_hexdump(key, 128/8);
412 cli_putstr_P(PSTR("\r\n IV: "));
413 cli_hexdump(iv, 128/8);
414 cli_putstr_P(PSTR("\r\n plaintext:"));
415 cli_hexdump_block(plain, 4*128/8, 4, 16);
418 bcal_ctr_encMsg(iv, plain, 4*128, &ctx);
419 cli_putstr_P(PSTR("\r\n ciphertext: "));
420 cli_hexdump_block(plain, 4*128/8, 4, 16);
421 bcal_ctr_decMsg(iv, plain, 4*128, &ctx);
422 cli_putstr_P(PSTR("\r\n plaintext: "));
423 cli_hexdump_block(plain, 4*128/8, 4, 16);
427 void testrun_aes128_cmac(void){
431 uint16_t length[] = { 0, 128, 320, 512 };
435 memcpy_P(key, modes_key, 16);
436 memcpy_P(plain, modes_plain, 64);
438 cli_putstr_P(PSTR("\r\n** AES128-CMAC-TEST **"));
440 cli_putstr_P(PSTR("\r\n key: "));
441 cli_hexdump(key, 128/8);
443 r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
444 cli_putstr_P(PSTR("\r\n init = 0x"));
446 cli_putstr_P(PSTR("\r\n message: "));
447 cli_hexdump_block(plain, length[i]/8, 4, 16);
450 bcal_cmac(tag, 128, plain, length[i], &ctx);
451 cli_putstr_P(PSTR("\r\n tag: "));
452 cli_hexdump_block(tag, 128/8, 4, 16);
453 bcal_cmac_free(&ctx);
460 Key = 3250974e306b4b678f914b514d1e90f6
461 Msg = cf132fd4ebc25fd3866f1a95a6193a1a9cdf
463 void testrun_aes128_cmac72(void){
465 0x32, 0x50, 0x97, 0x4e, 0x30, 0x6b, 0x4b, 0x67,
466 0x8f, 0x91, 0x4b, 0x51, 0x4d, 0x1e, 0x90, 0xf6
469 uint8_t plain[18] = {
470 0xcf, 0x13, 0x2f, 0xd4, 0xeb, 0xc2, 0x5f, 0xd3,
471 0x86, 0x6f, 0x1a, 0x95, 0xa6, 0x19, 0x3a, 0x1a,
478 cli_putstr_P(PSTR("\r\n** AES128-CMAC-72-TEST **"));
480 cli_putstr_P(PSTR("\r\n key: "));
481 cli_hexdump(key, 128/8);
482 r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
483 cli_putstr_P(PSTR("\r\n init = 0x"));
485 cli_putstr_P(PSTR("\r\n message: "));
486 cli_hexdump_block(plain, 18, 4, 16);
489 bcal_cmac(tag, 16, plain, 18*8, &ctx);
490 cli_putstr_P(PSTR("\r\n tag: "));
491 cli_hexdump_block(tag, 2, 4, 16);
492 bcal_cmac_free(&ctx);
499 Key = 2b2aaa666be161ed16648e862ac9bd1e317f71bc69e268b5
502 void testrun_aes192_cmac0(void){
504 0x2b, 0x2a, 0xaa, 0x66, 0x6b, 0xe1, 0x61, 0xed,
505 0x16, 0x64, 0x8e, 0x86, 0x2a, 0xc9, 0xbd, 0x1e,
506 0x31, 0x7f, 0x71, 0xbc, 0x69, 0xe2, 0x68, 0xb5
516 cli_putstr_P(PSTR("\r\n** AES192-CMAC-0-TEST **"));
518 cli_putstr_P(PSTR("\r\n key: "));
519 cli_hexdump(key, 192/8);
520 r = bcal_cmac_init(&aes192_desc, key, 192, &ctx);
521 cli_putstr_P(PSTR("\r\n init = 0x"));
525 bcal_cmac(tag, 16, plain, 0*8, &ctx);
526 cli_putstr_P(PSTR("\r\n tag: "));
527 cli_hexdump_block(tag, 2, 4, 16);
528 bcal_cmac_free(&ctx);
531 uint8_t eax_msg[] PROGMEM = {
533 0x1A, 0x47, 0xCB, 0x49, 0x33,
534 0x48, 0x1C, 0x9E, 0x39, 0xB1,
535 0x40, 0xD0, 0xC0, 0x7D, 0xA5, 0xE4,
536 0x4D, 0xE3, 0xB3, 0x5C, 0x3F, 0xC0, 0x39, 0x24, 0x5B, 0xD1, 0xFB, 0x7D,
537 0x8B, 0x0A, 0x79, 0x30, 0x6C, 0x9C, 0xE7, 0xED, 0x99, 0xDA, 0xE4, 0xF8, 0x7F, 0x8D, 0xD6, 0x16, 0x36,
538 0x1B, 0xDA, 0x12, 0x2B, 0xCE, 0x8A, 0x8D, 0xBA, 0xF1, 0x87, 0x7D, 0x96, 0x2B, 0x85, 0x92, 0xDD, 0x2D, 0x56,
539 0x6C, 0xF3, 0x67, 0x20, 0x87, 0x2B, 0x85, 0x13, 0xF6, 0xEA, 0xB1, 0xA8, 0xA4, 0x44, 0x38, 0xD5, 0xEF, 0x11,
540 0xCA, 0x40, 0xD7, 0x44, 0x6E, 0x54, 0x5F, 0xFA, 0xED, 0x3B, 0xD1, 0x2A, 0x74, 0x0A, 0x65, 0x9F, 0xFB, 0xBB, 0x3C, 0xEA, 0xB7
543 uint8_t eax_msg_len[] PROGMEM = {0, 2, 5, 5, 6, 12, 17, 18, 18, 21};
545 uint8_t eax_key[] PROGMEM = {
546 0x23, 0x39, 0x52, 0xDE, 0xE4, 0xD5, 0xED, 0x5F, 0x9B, 0x9C, 0x6D, 0x6F, 0xF8, 0x0F, 0xF4, 0x78,
547 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B, 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4,
548 0x01, 0xF7, 0x4A, 0xD6, 0x40, 0x77, 0xF2, 0xE7, 0x04, 0xC0, 0xF6, 0x0A, 0xDA, 0x3D, 0xD5, 0x23,
549 0xD0, 0x7C, 0xF6, 0xCB, 0xB7, 0xF3, 0x13, 0xBD, 0xDE, 0x66, 0xB7, 0x27, 0xAF, 0xD3, 0xC5, 0xE8,
550 0x35, 0xB6, 0xD0, 0x58, 0x00, 0x05, 0xBB, 0xC1, 0x2B, 0x05, 0x87, 0x12, 0x45, 0x57, 0xD2, 0xC2,
551 0xBD, 0x8E, 0x6E, 0x11, 0x47, 0x5E, 0x60, 0xB2, 0x68, 0x78, 0x4C, 0x38, 0xC6, 0x2F, 0xEB, 0x22,
552 0x7C, 0x77, 0xD6, 0xE8, 0x13, 0xBE, 0xD5, 0xAC, 0x98, 0xBA, 0xA4, 0x17, 0x47, 0x7A, 0x2E, 0x7D,
553 0x5F, 0xFF, 0x20, 0xCA, 0xFA, 0xB1, 0x19, 0xCA, 0x2F, 0xC7, 0x35, 0x49, 0xE2, 0x0F, 0x5B, 0x0D,
554 0xA4, 0xA4, 0x78, 0x2B, 0xCF, 0xFD, 0x3E, 0xC5, 0xE7, 0xEF, 0x6D, 0x8C, 0x34, 0xA5, 0x61, 0x23,
555 0x83, 0x95, 0xFC, 0xF1, 0xE9, 0x5B, 0xEB, 0xD6, 0x97, 0xBD, 0x01, 0x0B, 0xC7, 0x66, 0xAA, 0xC3
558 uint8_t eax_nonce[] PROGMEM = {
559 0x62, 0xEC, 0x67, 0xF9, 0xC3, 0xA4, 0xA4, 0x07, 0xFC, 0xB2, 0xA8, 0xC4, 0x90, 0x31, 0xA8, 0xB3,
560 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84, 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD,
561 0x70, 0xC3, 0xDB, 0x4F, 0x0D, 0x26, 0x36, 0x84, 0x00, 0xA1, 0x0E, 0xD0, 0x5D, 0x2B, 0xFF, 0x5E,
562 0x84, 0x08, 0xDF, 0xFF, 0x3C, 0x1A, 0x2B, 0x12, 0x92, 0xDC, 0x19, 0x9E, 0x46, 0xB7, 0xD6, 0x17,
563 0xFD, 0xB6, 0xB0, 0x66, 0x76, 0xEE, 0xDC, 0x5C, 0x61, 0xD7, 0x42, 0x76, 0xE1, 0xF8, 0xE8, 0x16,
564 0x6E, 0xAC, 0x5C, 0x93, 0x07, 0x2D, 0x8E, 0x85, 0x13, 0xF7, 0x50, 0x93, 0x5E, 0x46, 0xDA, 0x1B,
565 0x1A, 0x8C, 0x98, 0xDC, 0xD7, 0x3D, 0x38, 0x39, 0x3B, 0x2B, 0xF1, 0x56, 0x9D, 0xEE, 0xFC, 0x19,
566 0xDD, 0xE5, 0x9B, 0x97, 0xD7, 0x22, 0x15, 0x6D, 0x4D, 0x9A, 0xFF, 0x2B, 0xC7, 0x55, 0x98, 0x26,
567 0xB7, 0x81, 0xFC, 0xF2, 0xF7, 0x5F, 0xA5, 0xA8, 0xDE, 0x97, 0xA9, 0xCA, 0x48, 0xE5, 0x22, 0xEC,
568 0x22, 0xE7, 0xAD, 0xD9, 0x3C, 0xFC, 0x63, 0x93, 0xC5, 0x7E, 0xC0, 0xB3, 0xC1, 0x7D, 0x6B, 0x44
571 uint8_t eax_header[] PROGMEM = {
572 0x6B, 0xFB, 0x91, 0x4F, 0xD0, 0x7E, 0xAE, 0x6B,
573 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA,
574 0x23, 0x4A, 0x34, 0x63, 0xC1, 0x26, 0x4A, 0xC6,
575 0x33, 0xCC, 0xE2, 0xEA, 0xBF, 0xF5, 0xA7, 0x9D,
576 0xAE, 0xB9, 0x6E, 0xAE, 0xBE, 0x29, 0x70, 0xE9,
577 0xD4, 0x48, 0x2D, 0x1C, 0xA7, 0x8D, 0xCE, 0x0F,
578 0x65, 0xD2, 0x01, 0x79, 0x90, 0xD6, 0x25, 0x28,
579 0x54, 0xB9, 0xF0, 0x4E, 0x6A, 0x09, 0x18, 0x9A,
580 0x89, 0x9A, 0x17, 0x58, 0x97, 0x56, 0x1D, 0x7E,
581 0x12, 0x67, 0x35, 0xFC, 0xC3, 0x20, 0xD2, 0x5A
584 uint8_t eax_cipher[] PROGMEM = {
585 0xE0, 0x37, 0x83, 0x0E, 0x83, 0x89, 0xF2, 0x7B, 0x02, 0x5A, 0x2D, 0x65, 0x27, 0xE7, 0x9D, 0x01,
586 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D, 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79, 0x67, 0xE5,
587 0xD8, 0x51, 0xD5, 0xBA, 0xE0, 0x3A, 0x59, 0xF2, 0x38, 0xA2, 0x3E, 0x39, 0x19, 0x9D, 0xC9, 0x26, 0x66, 0x26, 0xC4, 0x0F, 0x80,
588 0x63, 0x2A, 0x9D, 0x13, 0x1A, 0xD4, 0xC1, 0x68, 0xA4, 0x22, 0x5D, 0x8E, 0x1F, 0xF7, 0x55, 0x93, 0x99, 0x74, 0xA7, 0xBE, 0xDE,
589 0x07, 0x1D, 0xFE, 0x16, 0xC6, 0x75, 0xCB, 0x06, 0x77, 0xE5, 0x36, 0xF7, 0x3A, 0xFE, 0x6A, 0x14, 0xB7, 0x4E, 0xE4, 0x98, 0x44, 0xDD,
590 0x83, 0x5B, 0xB4, 0xF1, 0x5D, 0x74, 0x3E, 0x35, 0x0E, 0x72, 0x84, 0x14, 0xAB, 0xB8, 0x64, 0x4F, 0xD6, 0xCC, 0xB8, 0x69, 0x47, 0xC5, 0xE1, 0x05, 0x90, 0x21, 0x0A, 0x4F,
591 0x02, 0x08, 0x3E, 0x39, 0x79, 0xDA, 0x01, 0x48, 0x12, 0xF5, 0x9F, 0x11, 0xD5, 0x26, 0x30, 0xDA, 0x30, 0x13, 0x73, 0x27, 0xD1, 0x06, 0x49, 0xB0, 0xAA, 0x6E, 0x1C, 0x18, 0x1D, 0xB6, 0x17, 0xD7, 0xF2,
592 0x2E, 0xC4, 0x7B, 0x2C, 0x49, 0x54, 0xA4, 0x89, 0xAF, 0xC7, 0xBA, 0x48, 0x97, 0xED, 0xCD, 0xAE, 0x8C, 0xC3, 0x3B, 0x60, 0x45, 0x05, 0x99, 0xBD, 0x02, 0xC9, 0x63, 0x82, 0x90, 0x2A, 0xEF, 0x7F, 0x83, 0x2A,
593 0x0D, 0xE1, 0x8F, 0xD0, 0xFD, 0xD9, 0x1E, 0x7A, 0xF1, 0x9F, 0x1D, 0x8E, 0xE8, 0x73, 0x39, 0x38, 0xB1, 0xE8, 0xE7, 0xF6, 0xD2, 0x23, 0x16, 0x18, 0x10, 0x2F, 0xDB, 0x7F, 0xE5, 0x5F, 0xF1, 0x99, 0x17, 0x00,
594 0xCB, 0x89, 0x20, 0xF8, 0x7A, 0x6C, 0x75, 0xCF, 0xF3, 0x96, 0x27, 0xB5, 0x6E, 0x3E, 0xD1, 0x97, 0xC5, 0x52, 0xD2, 0x95, 0xA7, 0xCF, 0xC4, 0x6A, 0xFC, 0x25, 0x3B, 0x46, 0x52, 0xB1, 0xAF, 0x37, 0x95, 0xB1, 0x24, 0xAB, 0x6E
597 void testrun_aes128_eax(void){
611 cipher_p = eax_cipher;
613 cli_putstr_P(PSTR("\r\n\r\n** AES128-EAX-TEST #"));
615 cli_putstr_P(PSTR(" **"));
617 msg_len = pgm_read_byte(eax_msg_len+i);
618 memcpy_P(key, eax_key+16*i, 16);
619 memcpy_P(nonce, eax_nonce+16*i, 16);
620 memcpy_P(header, eax_header+8*i, 8);
621 memcpy_P(msg, msg_p, msg_len);
622 msg_p = (uint8_t*)msg_p+msg_len;
624 cli_putstr_P(PSTR("\r\n key: "));
625 cli_hexdump(key, 16);
626 cli_putstr_P(PSTR("\r\n msg: "));
628 cli_hexdump(msg, msg_len);
630 cli_putstr_P(PSTR("\r\n nonce: "));
631 cli_hexdump(nonce, 16);
632 cli_putstr_P(PSTR("\r\n header: "));
633 cli_hexdump(header, 8);
635 r = bcal_eax_init(&aes128_desc, key, 128, &ctx);
636 cli_putstr_P(PSTR("\r\n init = 0x"));
640 bcal_eax_loadNonce(nonce, 16*8, &ctx);
641 bcal_eax_addLastHeader(header, 8*8, &ctx);
642 bcal_eax_encLastBlock(msg, msg_len*8, &ctx);
643 bcal_eax_ctx2tag(tag, 128, &ctx);
645 cli_putstr_P(PSTR("\r\n cipher: "));
646 cli_hexdump_block(msg, msg_len, 4, 16);
648 cli_putstr_P(PSTR("\r\n tag: "));
649 cli_hexdump_block(tag, 16, 4, 16);
651 if(memcmp_P(msg, cipher_p, msg_len)){
652 cli_putstr_P(PSTR("\r\n cipher: [fail]\r\n should: "));
653 memcpy_P(msg, cipher_p, msg_len);
654 cli_hexdump_block(msg, msg_len, 4, 16);
656 cli_putstr_P(PSTR("\r\n cipher: [pass]"));
658 cipher_p = ((uint8_t*)cipher_p)+msg_len;
660 if(memcmp_P(tag, cipher_p, 16)){
661 cli_putstr_P(PSTR("\r\n tag: [fail]"));
663 cli_putstr_P(PSTR("\r\n tag: [pass]"));
666 cipher_p = ((uint8_t*)cipher_p)+16;
671 /*****************************************************************************/
673 void testrun_performance_aes128(void){
676 uint8_t key[32], data[16];
686 aes128_init(key, &ctx);
688 cli_putstr_P(PSTR("\r\n\tctx-gen time: "));
689 ultoa((unsigned long)t, str, 10);
694 aes128_enc(data, &ctx);
696 cli_putstr_P(PSTR("\r\n\tencrypt time: "));
697 ultoa((unsigned long)t, str, 10);
702 aes128_dec(data, &ctx);
704 cli_putstr_P(PSTR("\r\n\tdecrypt time: "));
705 ultoa((unsigned long)t, str, 10);
708 cli_putstr_P(PSTR("\r\n"));
712 void testrun_performance_aes192(void){
715 uint8_t key[32], data[16];
725 aes192_init(key, &ctx);
727 cli_putstr_P(PSTR("\r\n\tctx-gen time: "));
728 ultoa((unsigned long)t, str, 10);
733 aes192_enc(data, &ctx);
735 cli_putstr_P(PSTR("\r\n\tencrypt time: "));
736 ultoa((unsigned long)t, str, 10);
741 aes192_dec(data, &ctx);
743 cli_putstr_P(PSTR("\r\n\tdecrypt time: "));
744 ultoa((unsigned long)t, str, 10);
747 cli_putstr_P(PSTR("\r\n"));
751 void testrun_performance_aes256(void){
754 uint8_t key[32], data[16];
764 aes256_init(key, &ctx);
766 cli_putstr_P(PSTR("\r\n\tctx-gen time: "));
767 ultoa((unsigned long)t, str, 10);
772 aes256_enc(data, &ctx);
774 cli_putstr_P(PSTR("\r\n\tencrypt time: "));
775 ultoa((unsigned long)t, str, 10);
780 aes256_dec(data, &ctx);
782 cli_putstr_P(PSTR("\r\n\tdecrypt time: "));
783 ultoa((unsigned long)t, str, 10);
786 cli_putstr_P(PSTR("\r\n"));
789 void testrun_performance_aes(void){
790 cli_putstr_P(PSTR("\r\n -=AES Performance Test=-\r\n"));
791 cli_putstr_P(PSTR("\r\n AES-128\r\n"));
792 testrun_performance_aes128();
793 cli_putstr_P(PSTR("\r\n AES-192\r\n"));
794 testrun_performance_aes192();
795 cli_putstr_P(PSTR("\r\n AES-256\r\n"));
796 testrun_performance_aes256();
798 /*****************************************************************************
800 *****************************************************************************/
802 const char nessie_str[] PROGMEM = "nessie";
803 const char test_str[] PROGMEM = "test";
804 const char testkey_str[] PROGMEM = "testkey";
805 const char testcbc_str[] PROGMEM = "testcbc";
806 const char testcfb8_str[] PROGMEM = "testcfb8";
807 const char testcfb1_str[] PROGMEM = "testcfb1";
808 const char testofb_str[] PROGMEM = "testofb";
809 const char testctr_str[] PROGMEM = "testctr";
810 const char testcmac_str[] PROGMEM = "testcmac";
811 const char testcmac72_str[] PROGMEM = "testcmac72";
812 const char testcmac0_str[] PROGMEM = "testcmac0";
813 const char testeax_str[] PROGMEM = "testeax";
814 const char cmacvs_list_str[] PROGMEM = "cmacvs_list";
815 const char cmacvs_set_str[] PROGMEM = "cmacvs_set";
816 const char cmacvs_test1_str[] PROGMEM = "cmacvs_test1";
817 const char cmacvs_test2_str[] PROGMEM = "cmacvs_test2";
818 const char performance_str[] PROGMEM = "performance";
819 const char dump_str[] PROGMEM = "dump";
820 const char echo_str[] PROGMEM = "echo";
822 cmdlist_entry_t cmdlist[] PROGMEM = {
823 { nessie_str, NULL, testrun_nessie_aes },
824 { test_str, NULL, testrun_test_aes },
825 { testkey_str, NULL, testrun_testkey_aes },
826 { testcbc_str, NULL, testrun_aes128_cbc },
827 { testcfb8_str, NULL, testrun_aes128_cfb8 },
828 { testcfb1_str, NULL, testrun_aes128_cfb1 },
829 { testofb_str, NULL, testrun_aes128_ofb },
830 { testctr_str, NULL, testrun_aes128_ctr },
831 { testcmac_str, NULL, testrun_aes128_cmac },
832 { testcmac72_str, NULL, testrun_aes128_cmac72 },
833 { testcmac0_str, NULL, testrun_aes192_cmac0 },
834 { testeax_str, NULL, testrun_aes128_eax },
835 { cmacvs_list_str, NULL, cmacvs_listalgos },
836 { cmacvs_set_str, (void*)1, (void_fpt)cmacvs_setalgo },
837 { cmacvs_test1_str, NULL, cmacvs_test1 },
838 { cmacvs_test2_str, NULL, cmacvs_test2 },
839 { performance_str, NULL, testrun_performance_aes },
840 { dump_str, (void*)1, (void_fpt)dump },
841 { echo_str, (void*)1, (void_fpt)echo_ctrl },
849 cli_rx = (cli_rx_fpt)uart0_getc;
850 cli_tx = (cli_tx_fpt)uart0_putc;
851 cmacvs_algolist=(bcdesc_t**)algolist;
852 cmacvs_algo=(bcdesc_t*)&aes128_desc;
854 cli_putstr_P(PSTR("\r\n\r\nCrypto-VS ("));
855 cli_putstr(algo_name);
856 cli_putstr_P(PSTR(")\r\nloaded and running\r\n"));
857 cmd_interface(cmdlist);