3 This file is part of the ARM-Crypto-Lib.
4 Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
29 #include "uart_lowlevel.h"
35 #include "nessie_bc_test.h"
36 #include "performance_test.h"
38 #include "bcal_aes128.h"
39 #include "bcal_aes192.h"
40 #include "bcal_aes256.h"
42 #include "bcal-cfb_byte.h"
43 #include "bcal-cfb_bit.h"
46 #include "bcal-cmac.h"
49 #include "bcal-performance.h"
52 char* algo_name = "AES";
54 void uart0_putc(char byte){
55 uart_putc(UART_0, byte);
58 char uart0_getc(void){
59 return uart_getc(UART_0);
62 const bcdesc_t* algolist[] = {
63 (bcdesc_t*)&aes128_desc,
64 (bcdesc_t*)&aes192_desc,
65 (bcdesc_t*)&aes256_desc,
69 /*****************************************************************************
70 * additional validation-functions *
71 *****************************************************************************/
73 void testrun_nessie_aes(void){
74 nessie_bc_ctx.blocksize_B = 16;
75 nessie_bc_ctx.keysize_b = 128;
76 nessie_bc_ctx.name = algo_name;
77 nessie_bc_ctx.ctx_size_B = sizeof(aes128_ctx_t);
78 nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes128_enc;
79 nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes128_dec;
80 nessie_bc_ctx.cipher_genctx = (nessie_bc_gen_fpt)aes_init;
83 nessie_bc_ctx.keysize_b = 192;
84 nessie_bc_ctx.ctx_size_B = sizeof(aes192_ctx_t);
85 nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes192_enc;
86 nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes192_dec;
89 nessie_bc_ctx.keysize_b = 256;
90 nessie_bc_ctx.ctx_size_B = sizeof(aes256_ctx_t);
91 nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes256_enc;
92 nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes256_dec;
96 void testrun_test_aes(void){
97 uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
98 0x28, 0xae, 0xd2, 0xa6,
99 0xab, 0xf7, 0x15, 0x88,
100 0x09, 0xcf, 0x4f, 0x3c };
101 uint8_t data[16] = { 0x32, 0x43, 0xf6, 0xa8,
102 0x88, 0x5a, 0x30, 0x8d,
103 0x31, 0x31, 0x98, 0xa2,
104 0xe0, 0x37, 0x07, 0x34 };
106 aes128_init(key, &ctx);
107 cli_putstr("\r\n\r\n cipher test (FIPS 197):\r\n key: ");
108 cli_hexdump(key, 16);
109 cli_putstr("\r\n plaintext: ");
110 cli_hexdump(data, 16);
111 aes128_enc(data, &ctx);
112 cli_putstr("\r\n ciphertext: ");
113 cli_hexdump(data, 16);
114 aes128_dec(data, &ctx);
115 cli_putstr("\r\n plaintext: ");
116 cli_hexdump(data, 16);
117 cli_putstr("\r\n testing bcal:");
118 bcgen_ctx_t bcal_ctx;
120 r = bcal_cipher_init(&aes128_desc, key, 128, &bcal_ctx);
121 cli_putstr("\r\n init = 0x");
124 bcal_cipher_enc(data, &bcal_ctx);
125 cli_putstr("\r\n ciphertext: ");
126 cli_hexdump(data, 16);
127 bcal_cipher_dec(data, &bcal_ctx);
128 cli_putstr("\r\n plaintext: ");
129 cli_hexdump(data, 16);
130 bcal_cipher_free(&bcal_ctx);
133 void testrun_testkey_aes128(void){
134 uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
135 0x28, 0xae, 0xd2, 0xa6,
136 0xab, 0xf7, 0x15, 0x88,
137 0x09, 0xcf, 0x4f, 0x3c};
140 aes128_init(key, &ctx);
141 cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
142 cli_hexdump(key, 16);
144 cli_putstr("\r\n index: ");
147 cli_putstr(" roundkey ");
148 cli_hexdump(ctx.key[i].ks, 16);
152 void testrun_testkey_aes192(void){
153 uint8_t key[24] = { 0x8e, 0x73, 0xb0, 0xf7,
154 0xda, 0x0e, 0x64, 0x52,
155 0xc8, 0x10, 0xf3, 0x2b,
156 0x80, 0x90, 0x79, 0xe5,
157 0x62, 0xf8, 0xea, 0xd2,
158 0x52, 0x2c, 0x6b, 0x7b};
161 memset(&ctx, 0, sizeof(aes192_ctx_t));
162 aes192_init(key, &ctx);
163 cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
164 cli_hexdump(key, 24);
166 cli_putstr("\r\n index: ");
169 cli_putstr(" roundkey ");
170 cli_hexdump(ctx.key[i].ks, 16);
175 void testrun_testkey_aes256(void){
176 uint8_t key[32] = { 0x60, 0x3d, 0xeb, 0x10,
177 0x15, 0xca, 0x71, 0xbe,
178 0x2b, 0x73, 0xae, 0xf0,
179 0x85, 0x7d, 0x77, 0x81,
180 0x1f, 0x35, 0x2c, 0x07,
181 0x3b, 0x61, 0x08, 0xd7,
182 0x2d, 0x98, 0x10, 0xa3,
183 0x09, 0x14, 0xdf, 0xf4};
186 memset(&ctx, 0, sizeof(aes256_ctx_t));
187 aes256_init(key, &ctx);
188 cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
189 cli_hexdump(key, 32);
191 cli_putstr("\r\n index: ");
194 cli_putstr(" roundkey ");
195 cli_hexdump(ctx.key[i].ks, 16);
199 void testrun_testkey_aes(void){
200 testrun_testkey_aes128();
201 testrun_testkey_aes192();
202 testrun_testkey_aes256();
205 const uint8_t modes_key[] = {
206 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
207 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
208 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
209 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
211 const uint8_t modes_iv[] = {
212 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
213 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
216 const uint8_t modes_ctriv[] = {
217 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
218 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
221 const uint8_t modes_plain[] = {
222 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
223 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
225 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
226 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
228 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
229 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
231 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
232 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
236 void testrun_aes128_cbc(void){
244 memcpy(key, modes_key, 16);
245 memcpy(iv, modes_iv, 16);
246 memcpy(plain, modes_plain, 64);
248 cli_putstr("\r\n** AES128-CBC-TEST **");
249 r = bcal_cbc_init(&aes128_desc, key, 128, &ctx);
250 cli_putstr("\r\n init = 0x");
252 cli_putstr("\r\n key: ");
253 cli_hexdump(key, 128/8);
254 cli_putstr("\r\n IV: ");
255 cli_hexdump(iv, 128/8);
256 cli_putstr("\r\n plaintext:");
257 cli_hexdump_block(plain, 4*128/8, 4, 16);
260 bcal_cbc_encMsg(iv, plain, 4, &ctx);
261 cli_putstr("\r\n ciphertext: ");
262 cli_hexdump_block(plain, 4*128/8, 4, 16);
263 bcal_cbc_decMsg(iv, plain, 4, &ctx);
264 cli_putstr("\r\n plaintext: ");
265 cli_hexdump_block(plain, 4*128/8, 4, 16);
269 void testrun_aes128_cfb8(void){
274 bcal_cfb_B_ctx_t ctx;
277 memcpy(key, modes_key, 16);
278 memcpy(iv, modes_iv, 16);
279 memcpy(plain, modes_plain, 64);
281 cli_putstr("\r\n** AES128-CFB8-TEST **");
282 r = bcal_cfb_B_init(&aes128_desc, key, 128, 8, &ctx);
283 cli_putstr("\r\n init = 0x");
285 cli_putstr("\r\n key: ");
286 cli_hexdump(key, 128/8);
287 cli_putstr("\r\n IV: ");
288 cli_hexdump(iv, 128/8);
289 cli_putstr("\r\n plaintext:");
290 cli_hexdump_block(plain, 4*128/8, 4, 16);
293 bcal_cfb_B_encMsg(iv, plain, 64, &ctx);
294 cli_putstr("\r\n ciphertext: ");
295 cli_hexdump_block(plain, 64, 4, 16);
297 bcal_cfb_B_decMsg(iv, plain, 64, &ctx);
298 cli_putstr("\r\n plaintext: ");
299 cli_hexdump_block(plain, 64, 4, 16);
301 bcal_cfb_B_free(&ctx);
305 void testrun_aes128_cfb1(void){
310 bcal_cfb_b_ctx_t ctx;
313 memcpy(key, modes_key, 16);
314 memcpy(iv, modes_iv, 16);
315 memcpy(plain, modes_plain, 64);
317 cli_putstr("\r\n** AES128-CFB1-TEST **");
318 r = bcal_cfb_b_init(&aes128_desc, key, 128, 1, &ctx);
319 cli_putstr("\r\n init = 0x");
321 cli_putstr("\r\n key: ");
322 cli_hexdump(key, 128/8);
323 cli_putstr("\r\n IV: ");
324 cli_hexdump(iv, 128/8);
325 cli_putstr("\r\n plaintext:");
326 cli_hexdump_block(plain, 2, 4, 16);
329 uint8_t i, bit_offset, byte_offset;
330 bcal_cfb_b_loadIV(iv, &ctx);
334 cli_putstr("\r\n plain bit: ");
335 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
336 bcal_cfb_b_encNext(plain+byte_offset, bit_offset, &ctx);
337 cli_putstr("\r\n cipher bit: ");
338 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
340 cli_putstr("\r\n ciphertext: ");
341 cli_hexdump_block(plain, 2, 4, 16);
343 bcal_cfb_b_loadIV(iv, &ctx);
347 cli_putstr("\r\n plain bit: ");
348 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
349 bcal_cfb_b_decNext(plain+byte_offset, bit_offset, &ctx);
350 cli_putstr("\r\n cipher bit: ");
351 cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
353 cli_putstr("\r\n plaintext: ");
354 cli_hexdump_block(plain, 2, 4, 16);
357 bcal_cfb_b_encMsg(iv, plain, 0, 64*8, &ctx);
358 cli_putstr("\r\n ciphertext: ");
359 cli_hexdump_block(plain, 64, 4, 16);
361 bcal_cfb_b_decMsg(iv, plain, 0, 64*8, &ctx);
362 cli_putstr("\r\n plaintext: ");
363 cli_hexdump_block(plain, 64, 4, 16);
365 bcal_cfb_b_free(&ctx);
368 void testrun_aes128_ofb(void){
376 memcpy(key, modes_key, 16);
377 memcpy(iv, modes_iv, 16);
378 memcpy(plain, modes_plain, 64);
380 cli_putstr("\r\n** AES128-OFB-TEST **");
381 r = bcal_ofb_init(&aes128_desc, key, 128, &ctx);
382 cli_putstr("\r\n init = 0x");
384 cli_putstr("\r\n key: ");
385 cli_hexdump(key, 128/8);
386 cli_putstr("\r\n IV: ");
387 cli_hexdump(iv, 128/8);
388 cli_putstr("\r\n plaintext:");
389 cli_hexdump_block(plain, 4*128/8, 4, 16);
392 bcal_ofb_encMsg(iv, plain, 4*128, &ctx);
393 cli_putstr("\r\n ciphertext: ");
394 cli_hexdump_block(plain, 4*128/8, 4, 16);
395 bcal_ofb_decMsg(iv, plain, 4*128, &ctx);
396 cli_putstr("\r\n plaintext: ");
397 cli_hexdump_block(plain, 4*128/8, 4, 16);
401 void testrun_aes128_ctr(void){
409 memcpy(key, modes_key, 16);
410 memcpy(iv, modes_ctriv, 16);
411 memcpy(plain, modes_plain, 64);
413 cli_putstr("\r\n** AES128-CTR-TEST **");
414 r = bcal_ctr_init(&aes128_desc, key, 128, NULL, &ctx);
415 cli_putstr("\r\n init = 0x");
417 cli_putstr("\r\n key: ");
418 cli_hexdump(key, 128/8);
419 cli_putstr("\r\n IV: ");
420 cli_hexdump(iv, 128/8);
421 cli_putstr("\r\n plaintext:");
422 cli_hexdump_block(plain, 4*128/8, 4, 16);
425 bcal_ctr_encMsg(iv, plain, 4*128, &ctx);
426 cli_putstr("\r\n ciphertext: ");
427 cli_hexdump_block(plain, 4*128/8, 4, 16);
428 bcal_ctr_decMsg(iv, plain, 4*128, &ctx);
429 cli_putstr("\r\n plaintext: ");
430 cli_hexdump_block(plain, 4*128/8, 4, 16);
434 void testrun_aes128_cmac(void){
438 uint16_t length[] = { 0, 128, 320, 512 };
442 memcpy(key, modes_key, 16);
443 memcpy(plain, modes_plain, 64);
445 cli_putstr("\r\n** AES128-CMAC-TEST **");
447 cli_putstr("\r\n key: ");
448 cli_hexdump(key, 128/8);
450 r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
451 cli_putstr("\r\n init = 0x");
453 cli_putstr("\r\n message: ");
454 cli_hexdump_block(plain, length[i]/8, 4, 16);
457 bcal_cmac(tag, 128, plain, length[i], &ctx);
458 cli_putstr("\r\n tag: ");
459 cli_hexdump_block(tag, 128/8, 4, 16);
460 bcal_cmac_free(&ctx);
467 Key = 3250974e306b4b678f914b514d1e90f6
468 Msg = cf132fd4ebc25fd3866f1a95a6193a1a9cdf
470 void testrun_aes128_cmac72(void){
472 0x32, 0x50, 0x97, 0x4e, 0x30, 0x6b, 0x4b, 0x67,
473 0x8f, 0x91, 0x4b, 0x51, 0x4d, 0x1e, 0x90, 0xf6
476 uint8_t plain[18] = {
477 0xcf, 0x13, 0x2f, 0xd4, 0xeb, 0xc2, 0x5f, 0xd3,
478 0x86, 0x6f, 0x1a, 0x95, 0xa6, 0x19, 0x3a, 0x1a,
485 cli_putstr("\r\n** AES128-CMAC-72-TEST **");
487 cli_putstr("\r\n key: ");
488 cli_hexdump(key, 128/8);
489 r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
490 cli_putstr("\r\n init = 0x");
492 cli_putstr("\r\n message: ");
493 cli_hexdump_block(plain, 18, 4, 16);
496 bcal_cmac(tag, 16, plain, 18*8, &ctx);
497 cli_putstr("\r\n tag: ");
498 cli_hexdump_block(tag, 2, 4, 16);
499 bcal_cmac_free(&ctx);
506 Key = 2b2aaa666be161ed16648e862ac9bd1e317f71bc69e268b5
509 void testrun_aes192_cmac0(void){
511 0x2b, 0x2a, 0xaa, 0x66, 0x6b, 0xe1, 0x61, 0xed,
512 0x16, 0x64, 0x8e, 0x86, 0x2a, 0xc9, 0xbd, 0x1e,
513 0x31, 0x7f, 0x71, 0xbc, 0x69, 0xe2, 0x68, 0xb5
523 cli_putstr("\r\n** AES192-CMAC-0-TEST **");
525 cli_putstr("\r\n key: ");
526 cli_hexdump(key, 192/8);
527 r = bcal_cmac_init(&aes192_desc, key, 192, &ctx);
528 cli_putstr("\r\n init = 0x");
532 bcal_cmac(tag, 16, plain, 0*8, &ctx);
533 cli_putstr("\r\n tag: ");
534 cli_hexdump_block(tag, 2, 4, 16);
535 bcal_cmac_free(&ctx);
538 const uint8_t eax_msg[] = {
540 0x1A, 0x47, 0xCB, 0x49, 0x33,
541 0x48, 0x1C, 0x9E, 0x39, 0xB1,
542 0x40, 0xD0, 0xC0, 0x7D, 0xA5, 0xE4,
543 0x4D, 0xE3, 0xB3, 0x5C, 0x3F, 0xC0, 0x39, 0x24, 0x5B, 0xD1, 0xFB, 0x7D,
544 0x8B, 0x0A, 0x79, 0x30, 0x6C, 0x9C, 0xE7, 0xED, 0x99, 0xDA, 0xE4, 0xF8, 0x7F, 0x8D, 0xD6, 0x16, 0x36,
545 0x1B, 0xDA, 0x12, 0x2B, 0xCE, 0x8A, 0x8D, 0xBA, 0xF1, 0x87, 0x7D, 0x96, 0x2B, 0x85, 0x92, 0xDD, 0x2D, 0x56,
546 0x6C, 0xF3, 0x67, 0x20, 0x87, 0x2B, 0x85, 0x13, 0xF6, 0xEA, 0xB1, 0xA8, 0xA4, 0x44, 0x38, 0xD5, 0xEF, 0x11,
547 0xCA, 0x40, 0xD7, 0x44, 0x6E, 0x54, 0x5F, 0xFA, 0xED, 0x3B, 0xD1, 0x2A, 0x74, 0x0A, 0x65, 0x9F, 0xFB, 0xBB, 0x3C, 0xEA, 0xB7
550 const uint8_t eax_msg_len[] = {0, 2, 5, 5, 6, 12, 17, 18, 18, 21};
552 const uint8_t eax_key[] = {
553 0x23, 0x39, 0x52, 0xDE, 0xE4, 0xD5, 0xED, 0x5F, 0x9B, 0x9C, 0x6D, 0x6F, 0xF8, 0x0F, 0xF4, 0x78,
554 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B, 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4,
555 0x01, 0xF7, 0x4A, 0xD6, 0x40, 0x77, 0xF2, 0xE7, 0x04, 0xC0, 0xF6, 0x0A, 0xDA, 0x3D, 0xD5, 0x23,
556 0xD0, 0x7C, 0xF6, 0xCB, 0xB7, 0xF3, 0x13, 0xBD, 0xDE, 0x66, 0xB7, 0x27, 0xAF, 0xD3, 0xC5, 0xE8,
557 0x35, 0xB6, 0xD0, 0x58, 0x00, 0x05, 0xBB, 0xC1, 0x2B, 0x05, 0x87, 0x12, 0x45, 0x57, 0xD2, 0xC2,
558 0xBD, 0x8E, 0x6E, 0x11, 0x47, 0x5E, 0x60, 0xB2, 0x68, 0x78, 0x4C, 0x38, 0xC6, 0x2F, 0xEB, 0x22,
559 0x7C, 0x77, 0xD6, 0xE8, 0x13, 0xBE, 0xD5, 0xAC, 0x98, 0xBA, 0xA4, 0x17, 0x47, 0x7A, 0x2E, 0x7D,
560 0x5F, 0xFF, 0x20, 0xCA, 0xFA, 0xB1, 0x19, 0xCA, 0x2F, 0xC7, 0x35, 0x49, 0xE2, 0x0F, 0x5B, 0x0D,
561 0xA4, 0xA4, 0x78, 0x2B, 0xCF, 0xFD, 0x3E, 0xC5, 0xE7, 0xEF, 0x6D, 0x8C, 0x34, 0xA5, 0x61, 0x23,
562 0x83, 0x95, 0xFC, 0xF1, 0xE9, 0x5B, 0xEB, 0xD6, 0x97, 0xBD, 0x01, 0x0B, 0xC7, 0x66, 0xAA, 0xC3
565 const uint8_t eax_nonce[] = {
566 0x62, 0xEC, 0x67, 0xF9, 0xC3, 0xA4, 0xA4, 0x07, 0xFC, 0xB2, 0xA8, 0xC4, 0x90, 0x31, 0xA8, 0xB3,
567 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84, 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD,
568 0x70, 0xC3, 0xDB, 0x4F, 0x0D, 0x26, 0x36, 0x84, 0x00, 0xA1, 0x0E, 0xD0, 0x5D, 0x2B, 0xFF, 0x5E,
569 0x84, 0x08, 0xDF, 0xFF, 0x3C, 0x1A, 0x2B, 0x12, 0x92, 0xDC, 0x19, 0x9E, 0x46, 0xB7, 0xD6, 0x17,
570 0xFD, 0xB6, 0xB0, 0x66, 0x76, 0xEE, 0xDC, 0x5C, 0x61, 0xD7, 0x42, 0x76, 0xE1, 0xF8, 0xE8, 0x16,
571 0x6E, 0xAC, 0x5C, 0x93, 0x07, 0x2D, 0x8E, 0x85, 0x13, 0xF7, 0x50, 0x93, 0x5E, 0x46, 0xDA, 0x1B,
572 0x1A, 0x8C, 0x98, 0xDC, 0xD7, 0x3D, 0x38, 0x39, 0x3B, 0x2B, 0xF1, 0x56, 0x9D, 0xEE, 0xFC, 0x19,
573 0xDD, 0xE5, 0x9B, 0x97, 0xD7, 0x22, 0x15, 0x6D, 0x4D, 0x9A, 0xFF, 0x2B, 0xC7, 0x55, 0x98, 0x26,
574 0xB7, 0x81, 0xFC, 0xF2, 0xF7, 0x5F, 0xA5, 0xA8, 0xDE, 0x97, 0xA9, 0xCA, 0x48, 0xE5, 0x22, 0xEC,
575 0x22, 0xE7, 0xAD, 0xD9, 0x3C, 0xFC, 0x63, 0x93, 0xC5, 0x7E, 0xC0, 0xB3, 0xC1, 0x7D, 0x6B, 0x44
578 const uint8_t eax_header[] = {
579 0x6B, 0xFB, 0x91, 0x4F, 0xD0, 0x7E, 0xAE, 0x6B,
580 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA,
581 0x23, 0x4A, 0x34, 0x63, 0xC1, 0x26, 0x4A, 0xC6,
582 0x33, 0xCC, 0xE2, 0xEA, 0xBF, 0xF5, 0xA7, 0x9D,
583 0xAE, 0xB9, 0x6E, 0xAE, 0xBE, 0x29, 0x70, 0xE9,
584 0xD4, 0x48, 0x2D, 0x1C, 0xA7, 0x8D, 0xCE, 0x0F,
585 0x65, 0xD2, 0x01, 0x79, 0x90, 0xD6, 0x25, 0x28,
586 0x54, 0xB9, 0xF0, 0x4E, 0x6A, 0x09, 0x18, 0x9A,
587 0x89, 0x9A, 0x17, 0x58, 0x97, 0x56, 0x1D, 0x7E,
588 0x12, 0x67, 0x35, 0xFC, 0xC3, 0x20, 0xD2, 0x5A
591 const uint8_t eax_cipher[] = {
592 0xE0, 0x37, 0x83, 0x0E, 0x83, 0x89, 0xF2, 0x7B, 0x02, 0x5A, 0x2D, 0x65, 0x27, 0xE7, 0x9D, 0x01,
593 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D, 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79, 0x67, 0xE5,
594 0xD8, 0x51, 0xD5, 0xBA, 0xE0, 0x3A, 0x59, 0xF2, 0x38, 0xA2, 0x3E, 0x39, 0x19, 0x9D, 0xC9, 0x26, 0x66, 0x26, 0xC4, 0x0F, 0x80,
595 0x63, 0x2A, 0x9D, 0x13, 0x1A, 0xD4, 0xC1, 0x68, 0xA4, 0x22, 0x5D, 0x8E, 0x1F, 0xF7, 0x55, 0x93, 0x99, 0x74, 0xA7, 0xBE, 0xDE,
596 0x07, 0x1D, 0xFE, 0x16, 0xC6, 0x75, 0xCB, 0x06, 0x77, 0xE5, 0x36, 0xF7, 0x3A, 0xFE, 0x6A, 0x14, 0xB7, 0x4E, 0xE4, 0x98, 0x44, 0xDD,
597 0x83, 0x5B, 0xB4, 0xF1, 0x5D, 0x74, 0x3E, 0x35, 0x0E, 0x72, 0x84, 0x14, 0xAB, 0xB8, 0x64, 0x4F, 0xD6, 0xCC, 0xB8, 0x69, 0x47, 0xC5, 0xE1, 0x05, 0x90, 0x21, 0x0A, 0x4F,
598 0x02, 0x08, 0x3E, 0x39, 0x79, 0xDA, 0x01, 0x48, 0x12, 0xF5, 0x9F, 0x11, 0xD5, 0x26, 0x30, 0xDA, 0x30, 0x13, 0x73, 0x27, 0xD1, 0x06, 0x49, 0xB0, 0xAA, 0x6E, 0x1C, 0x18, 0x1D, 0xB6, 0x17, 0xD7, 0xF2,
599 0x2E, 0xC4, 0x7B, 0x2C, 0x49, 0x54, 0xA4, 0x89, 0xAF, 0xC7, 0xBA, 0x48, 0x97, 0xED, 0xCD, 0xAE, 0x8C, 0xC3, 0x3B, 0x60, 0x45, 0x05, 0x99, 0xBD, 0x02, 0xC9, 0x63, 0x82, 0x90, 0x2A, 0xEF, 0x7F, 0x83, 0x2A,
600 0x0D, 0xE1, 0x8F, 0xD0, 0xFD, 0xD9, 0x1E, 0x7A, 0xF1, 0x9F, 0x1D, 0x8E, 0xE8, 0x73, 0x39, 0x38, 0xB1, 0xE8, 0xE7, 0xF6, 0xD2, 0x23, 0x16, 0x18, 0x10, 0x2F, 0xDB, 0x7F, 0xE5, 0x5F, 0xF1, 0x99, 0x17, 0x00,
601 0xCB, 0x89, 0x20, 0xF8, 0x7A, 0x6C, 0x75, 0xCF, 0xF3, 0x96, 0x27, 0xB5, 0x6E, 0x3E, 0xD1, 0x97, 0xC5, 0x52, 0xD2, 0x95, 0xA7, 0xCF, 0xC4, 0x6A, 0xFC, 0x25, 0x3B, 0x46, 0x52, 0xB1, 0xAF, 0x37, 0x95, 0xB1, 0x24, 0xAB, 0x6E
604 void testrun_aes128_eax(void){
612 const void* cipher_p;
618 cipher_p = eax_cipher;
620 cli_putstr("\r\n\r\n** AES128-EAX-TEST #");
624 msg_len = eax_msg_len[i];
625 memcpy(key, eax_key+16*i, 16);
626 memcpy(nonce, eax_nonce+16*i, 16);
627 memcpy(header, eax_header+8*i, 8);
628 memcpy(msg, msg_p, msg_len);
629 msg_p = (uint8_t*)msg_p+msg_len;
631 cli_putstr("\r\n key: ");
632 cli_hexdump(key, 16);
633 cli_putstr("\r\n msg: ");
635 cli_hexdump(msg, msg_len);
637 cli_putstr("\r\n nonce: ");
638 cli_hexdump(nonce, 16);
639 cli_putstr("\r\n header: ");
640 cli_hexdump(header, 8);
642 r = bcal_eax_init(&aes128_desc, key, 128, &ctx);
643 cli_putstr("\r\n init = 0x");
647 bcal_eax_loadNonce(nonce, 16*8, &ctx);
648 bcal_eax_addLastHeader(header, 8*8, &ctx);
649 bcal_eax_encLastBlock(msg, msg_len*8, &ctx);
650 bcal_eax_ctx2tag(tag, 128, &ctx);
652 cli_putstr("\r\n cipher: ");
653 cli_hexdump_block(msg, msg_len, 4, 16);
655 cli_putstr("\r\n tag: ");
656 cli_hexdump_block(tag, 16, 4, 16);
658 if(memcmp(msg, cipher_p, msg_len)){
659 cli_putstr("\r\n cipher: [fail]\r\n should: ");
660 memcpy(msg, cipher_p, msg_len);
661 cli_hexdump_block(msg, msg_len, 4, 16);
663 cli_putstr("\r\n cipher: [pass]");
665 cipher_p = ((uint8_t*)cipher_p)+msg_len;
667 if(memcmp(tag, cipher_p, 16)){
668 cli_putstr("\r\n tag: [fail]");
670 cli_putstr("\r\n tag: [pass]");
673 cipher_p = ((uint8_t*)cipher_p)+16;
678 /*****************************************************************************/
680 void testrun_performance_aes(void){
681 bcal_performance_multiple(algolist);
684 /*****************************************************************************
686 *****************************************************************************/
688 const cmdlist_entry_t cmdlist[] = {
689 { "nessie", NULL, testrun_nessie_aes },
690 { "test", NULL, testrun_test_aes },
691 { "testkey", NULL, testrun_testkey_aes },
692 { "testcbc", NULL, testrun_aes128_cbc },
693 { "testcfb8", NULL, testrun_aes128_cfb8 },
694 { "testcfb1", NULL, testrun_aes128_cfb1 },
695 { "testofb", NULL, testrun_aes128_ofb },
696 { "testctr", NULL, testrun_aes128_ctr },
697 { "testcmac", NULL, testrun_aes128_cmac },
698 { "testcmac72", NULL, testrun_aes128_cmac72 },
699 { "testcmac0", NULL, testrun_aes192_cmac0 },
700 { "testeax", NULL, testrun_aes128_eax },
701 { "cmacvs_list", NULL, cmacvs_listalgos },
702 { "cmacvs_set", (void*)1, (void_fpt)cmacvs_setalgo },
703 { "cmacvs_test1", NULL, cmacvs_test1 },
704 { "cmacvs_test2", NULL, cmacvs_test2 },
705 { "performance", NULL, testrun_performance_aes },
706 { "dump", (void*)1, (void_fpt)dump },
707 { "echo", (void*)1, (void_fpt)echo_ctrl },
713 sysclk_set_freq(SYS_FREQ);
714 sysclk_mosc_verify_enable();
715 uart_init(UART_0, 115200, 8, UART_PARATY_NONE, UART_STOPBITS_ONE);
716 gptm_set_timer_32periodic(TIMER0);
721 cmacvs_algolist=(bcdesc_t**)algolist;
722 cmacvs_algo=(bcdesc_t*)&aes128_desc;
725 cli_putstr("\r\n\r\nARM-Crypto-Lib VS (");
726 cli_putstr(algo_name);
728 cli_putstr(__DATE__);
730 cli_putstr(__TIME__);
731 cli_putstr(")\r\nloaded and running\r\n");
732 cmd_interface(cmdlist);