2 * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
20 FILE_LICENCE ( GPL2_OR_LATER );
24 * AES-in-CBC-mode tests
26 * These test vectors are provided by NIST as part of the
27 * Cryptographic Toolkit Examples, downloadable from:
29 * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CBC.pdf
33 /* Forcibly enable assertions */
39 #include <ipxe/test.h>
42 /** Define inline key */
43 #define KEY(...) { __VA_ARGS__ }
45 /** Define inline initialisation vector */
46 #define IV(...) { __VA_ARGS__ }
48 /** Define inline plaintext data */
49 #define PLAINTEXT(...) { __VA_ARGS__ }
51 /** Define inline ciphertext data */
52 #define CIPHERTEXT(...) { __VA_ARGS__ }
54 /** An AES-in-CBC-mode test */
60 /** Initialisation vector */
62 /** Length of initialisation vector */
65 const void *plaintext;
66 /** Length of plaintext */
69 const void *ciphertext;
70 /** Length of ciphertext */
71 size_t ciphertext_len;
75 * Define an AES-in-CBC-mode test
79 * @v iv_array Initialisation vector
80 * @v plaintext_array Plaintext
81 * @v ciphertext_array Ciphertext
82 * @ret test AES-in-CBC-mode test
84 #define AES_CBC_TEST( name, key_array, iv_array, plaintext_array, \
86 static const uint8_t name ## _key [] = key_array; \
87 static const uint8_t name ## _iv [] = iv_array; \
88 static const uint8_t name ## _plaintext [] = plaintext_array; \
89 static const uint8_t name ## _ciphertext [] = ciphertext_array; \
90 static struct aes_cbc_test name = { \
91 .key = name ## _key, \
92 .key_len = sizeof ( name ## _key ), \
94 .iv_len = sizeof ( name ## _iv ), \
95 .plaintext = name ## _plaintext, \
96 .plaintext_len = sizeof ( name ## _plaintext ), \
97 .ciphertext = name ## _ciphertext, \
98 .ciphertext_len = sizeof ( name ## _ciphertext ), \
102 * Report AES-in-CBC-mode
104 * @v state HMAC_DRBG internal state
105 * @v test Instantiation test
107 #define aes_cbc_ok( test ) do { \
108 struct cipher_algorithm *cipher = &aes_cbc_algorithm; \
110 assert ( (test)->iv_len == cipher->blocksize ); \
111 assert ( (test)->plaintext_len == (test)->ciphertext_len ); \
112 cbc_encrypt_ok ( cipher, (test)->key, (test)->key_len, \
113 (test)->iv, (test)->plaintext, \
114 (test)->ciphertext, (test)->plaintext_len ); \
115 cbc_decrypt_ok ( cipher, (test)->key, (test)->key_len, \
116 (test)->iv, (test)->ciphertext, \
117 (test)->plaintext, (test)->ciphertext_len ); \
121 AES_CBC_TEST ( test_128,
122 KEY ( 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15,
123 0x88, 0x09, 0xcf, 0x4f, 0x3c ),
124 IV ( 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
125 0x0b, 0x0c, 0x0d, 0x0e, 0x0f ),
126 PLAINTEXT ( 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
127 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
128 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
129 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
130 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
131 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
132 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
133 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 ),
134 CIPHERTEXT ( 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
135 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
136 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
137 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
138 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b,
139 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
140 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
141 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7 ) );
144 AES_CBC_TEST ( test_256,
145 KEY ( 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae,
146 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61,
147 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 ),
148 IV ( 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
149 0x0b, 0x0c, 0x0d, 0x0e, 0x0f ),
150 PLAINTEXT ( 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
151 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
152 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
153 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
154 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
155 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
156 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
157 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 ),
158 CIPHERTEXT ( 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
159 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
160 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
161 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
162 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
163 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
164 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
165 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b ) );
168 * Perform AES-in-CBC-mode self-test
171 static void aes_cbc_test_exec ( void ) {
172 struct cipher_algorithm *cipher = &aes_cbc_algorithm;
174 /* Correctness tests */
175 aes_cbc_ok ( &test_128 );
176 aes_cbc_ok ( &test_256 );
179 DBG ( "AES128 encryption required %ld cycles per byte\n",
180 cbc_cost_encrypt ( cipher, test_128.key_len ) );
181 DBG ( "AES128 decryption required %ld cycles per byte\n",
182 cbc_cost_decrypt ( cipher, test_128.key_len ) );
183 DBG ( "AES256 encryption required %ld cycles per byte\n",
184 cbc_cost_encrypt ( cipher, test_256.key_len ) );
185 DBG ( "AES256 decryption required %ld cycles per byte\n",
186 cbc_cost_decrypt ( cipher, test_256.key_len ) );
189 /** AES-in-CBC-mode self-test */
190 struct self_test aes_cbc_test __self_test = {
192 .exec = aes_cbc_test_exec,