cosmopolitan/test/libc/crypto/rijndael_test.c

337 lines
13 KiB
C

/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│
╞══════════════════════════════════════════════════════════════════════════════╡
│ Copyright 2020 Justine Alexandra Roberts Tunney │
│ │
│ This program is free software; you can redistribute it and/or modify │
│ it under the terms of the GNU General Public License as published by │
│ the Free Software Foundation; version 2 of the License. │
│ │
│ This program is distributed in the hope that it will be useful, but │
│ WITHOUT ANY WARRANTY; without even the implied warranty of │
│ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU │
│ General Public License for more details. │
│ │
│ You should have received a copy of the GNU General Public License │
│ along with this program; if not, write to the Free Software │
│ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA │
│ 02110-1301 USA │
╚─────────────────────────────────────────────────────────────────────────────*/
#include "libc/crypto/rijndael.h"
#include "libc/dce.h"
#include "libc/fmt/bing.h"
#include "libc/runtime/internal.h"
#include "libc/str/str.h"
#include "libc/sysv/consts/prot.h"
#include "libc/testlib/testlib.h"
/**
* Test vectors published by:
*
* Morris Dworkin
* National Institute of Standards and Technology
* Recommendation for Block Cipher Modes of Operation: Methods and Techniques
* SP 800-38A (DOI)
* December 2001
*/
FIXTURE(rijndael, disableHardwareExtensions) {
memset((/*unconst*/ void *)kCpuids, 0, sizeof(kCpuids));
}
/**
* F.1.1: ECB-AES128.Encrypt
*
* Key 2b7e151628aed2a6abf7158809cf4f3c
*
* Block No. 1
* Plaintext 6bc1bee22e409f96e93d7e117393172a
* Input Block 6bc1bee22e409f96e93d7e117393172a
* Output Block 3ad77bb40d7a3660a89ecaf32466ef97
* Ciphertext 3ad77bb40d7a3660a89ecaf32466ef97
*
* Block No. 2
* Plaintext ae2d8a571e03ac9c9eb76fac45af8e51
* Input Block ae2d8a571e03ac9c9eb76fac45af8e51
* Output Block f5d3d58503b9699de785895a96fdbaaf
* Ciphertext f5d3d58503b9699de785895a96fdbaaf
*
* Block No. 3
* Plaintext 30c81c46a35ce411e5fbc1191a0a52ef
* Input Block 30c81c46a35ce411e5fbc1191a0a52ef
* Output Block 43b1cd7f598ece23881b00e3ed030688
* Ciphertext 43b1cd7f598ece23881b00e3ed030688
*
* Block No. 4
* Plaintext f69f2445df4f9b17ad2b417be66c3710
* Input Block f69f2445df4f9b17ad2b417be66c3710
* Output Block 7b0c785e27e8ad3f8223207104725dd4
* Ciphertext 7b0c785e27e8ad3f8223207104725dd4
*/
TEST(aes128, testNistEcbRijndael) {
struct Rijndael ctx;
aes_block_t k1, block;
unhexbuf(&k1, 16, "2b7e151628aed2a6abf7158809cf4f3c");
rijndaelinit(&ctx, 10, k1, k1);
unhexbuf(&block, 16, "6bc1bee22e409f96e93d7e117393172a");
block = rijndael(10, block, &ctx);
EXPECT_BINEQ("3ad77bb40d7a3660a89ecaf32466ef97", &block);
unhexbuf(&block, 16, "ae2d8a571e03ac9c9eb76fac45af8e51");
block = rijndael(10, block, &ctx);
EXPECT_BINEQ("f5d3d58503b9699de785895a96fdbaaf", &block);
unhexbuf(&block, 16, "30c81c46a35ce411e5fbc1191a0a52ef");
block = rijndael(10, block, &ctx);
EXPECT_BINEQ("43b1cd7f598ece23881b00e3ed030688", &block);
unhexbuf(&block, 16, "f69f2445df4f9b17ad2b417be66c3710");
block = rijndael(10, block, &ctx);
EXPECT_BINEQ("7b0c785e27e8ad3f8223207104725dd4", &block);
}
/**
* F.1.2: ECB-AES128.Decrypt
*
* Key 2b7e151628aed2a6abf7158809cf4f3c
*
* Block No. 1
* Plaintext 3ad77bb40d7a3660a89ecaf32466ef97
* Input Block 3ad77bb40d7a3660a89ecaf32466ef97
* Output Block 6bc1bee22e409f96e93d7e117393172a
* Ciphertext 6bc1bee22e409f96e93d7e117393172a
*
* Block No. 2
* Plaintext f5d3d58503b9699de785895a96fdbaaf
* Input Block f5d3d58503b9699de785895a96fdbaaf
* Output Block ae2d8a571e03ac9c9eb76fac45af8e51
* Ciphertext ae2d8a571e03ac9c9eb76fac45af8e51
*
* Block No. 3
* Plaintext 43b1cd7f598ece23881b00e3ed030688
* Input Block 43b1cd7f598ece23881b00e3ed030688
* Output Block 30c81c46a35ce411e5fbc1191a0a52ef
* Ciphertext 30c81c46a35ce411e5fbc1191a0a52ef
*
* Block No. 4
* Plaintext 7b0c785e27e8ad3f8223207104725dd4
* Input Block 7b0c785e27e8ad3f8223207104725dd4
* Output Block f69f2445df4f9b17ad2b417be66c3710
* Ciphertext f69f2445df4f9b17ad2b417be66c3710
*/
TEST(aes128, testNistEcbUnrijndael) {
struct Rijndael ctx;
aes_block_t k1, block;
unhexbuf(&k1, 16, "2b7e151628aed2a6abf7158809cf4f3c");
unrijndaelinit(&ctx, 10, k1, k1);
unhexbuf(&block, 16, "3ad77bb40d7a3660a89ecaf32466ef97");
block = unrijndael(10, block, &ctx);
EXPECT_BINEQ("6bc1bee22e409f96e93d7e117393172a", &block);
unhexbuf(&block, 16, "f5d3d58503b9699de785895a96fdbaaf");
block = unrijndael(10, block, &ctx);
EXPECT_BINEQ("ae2d8a571e03ac9c9eb76fac45af8e51", &block);
unhexbuf(&block, 16, "43b1cd7f598ece23881b00e3ed030688");
block = unrijndael(10, block, &ctx);
EXPECT_BINEQ("30c81c46a35ce411e5fbc1191a0a52ef", &block);
unhexbuf(&block, 16, "7b0c785e27e8ad3f8223207104725dd4");
block = unrijndael(10, block, &ctx);
EXPECT_BINEQ("f69f2445df4f9b17ad2b417be66c3710", &block);
}
/**
* F.1.3: ECB-AES192.Encrypt
*
* Key 8e73b0f7da0e6452c810f32b809079e5
* 62f8ead2522c6b7b
*
* Block No. 1
* Plaintext 6bc1bee22e409f96e93d7e117393172a
* Input Block 6bc1bee22e409f96e93d7e117393172a
* Output Block bd334f1d6e45f25ff712a214571fa5cc
* Ciphertext bd334f1d6e45f25ff712a214571fa5cc
*
* Block No. 2
* Plaintext ae2d8a571e03ac9c9eb76fac45af8e51
* Input Block ae2d8a571e03ac9c9eb76fac45af8e51
* Output Block 974104846d0ad3ad7734ecb3ecee4eef
* Ciphertext 974104846d0ad3ad7734ecb3ecee4eef
*
* Block No. 3
* Plaintext 30c81c46a35ce411e5fbc1191a0a52ef
* Input Block 30c81c46a35ce411e5fbc1191a0a52ef
* Output Block ef7afd2270e2e60adce0ba2face6444e
* Ciphertext ef7afd2270e2e60adce0ba2face6444e
*
* Block No. 4
* Plaintext f69f2445df4f9b17ad2b417be66c3710
* Input Block f69f2445df4f9b17ad2b417be66c3710
* Output Block 9a4b41ba738d6c72fb16691603c18e0e
* Ciphertext 9a4b41ba738d6c72fb16691603c18e0e
*/
TEST(aes192, testNistEcbRijndael) {
struct Rijndael ctx;
aes_block_t k1, k2, block;
unhexbuf(&k1, 16, "8e73b0f7da0e6452c810f32b809079e5");
unhexbuf(&k2, 16, "62f8ead2522c6b7bDEADBEEFFEEDFACE");
rijndaelinit(&ctx, 12, k1, k2);
unhexbuf(&block, 16, "6bc1bee22e409f96e93d7e117393172a");
block = rijndael(12, block, &ctx);
EXPECT_BINEQ("bd334f1d6e45f25ff712a214571fa5cc", &block);
unhexbuf(&block, 16, "ae2d8a571e03ac9c9eb76fac45af8e51");
block = rijndael(12, block, &ctx);
EXPECT_BINEQ("974104846d0ad3ad7734ecb3ecee4eef", &block);
unhexbuf(&block, 16, "30c81c46a35ce411e5fbc1191a0a52ef");
block = rijndael(12, block, &ctx);
EXPECT_BINEQ("ef7afd2270e2e60adce0ba2face6444e", &block);
unhexbuf(&block, 16, "f69f2445df4f9b17ad2b417be66c3710");
block = rijndael(12, block, &ctx);
EXPECT_BINEQ("9a4b41ba738d6c72fb16691603c18e0e", &block);
}
/**
* F.1.4: ECB-AES192.Decrypt
*
* Key 8e73b0f7da0e6452c810f32b809079e5
* 62f8ead2522c6b7b
*
* Block No. 1
* Plaintext bd334f1d6e45f25ff712a214571fa5cc
* Input Block bd334f1d6e45f25ff712a214571fa5cc
* Output Block 6bc1bee22e409f96e93d7e117393172a
* Ciphertext 6bc1bee22e409f96e93d7e117393172a
*
* Block No. 2
* Plaintext 974104846d0ad3ad7734ecb3ecee4eef
* Input Block 974104846d0ad3ad7734ecb3ecee4eef
* Output Block ae2d8a571e03ac9c9eb76fac45af8e51
* Ciphertext ae2d8a571e03ac9c9eb76fac45af8e51
*
* Block No. 3
* Plaintext ef7afd2270e2e60adce0ba2face6444e
* Input Block ef7afd2270e2e60adce0ba2face6444e
* Output Block 30c81c46a35ce411e5fbc1191a0a52ef
* Ciphertext 30c81c46a35ce411e5fbc1191a0a52ef
*
* Block No. 4
* Plaintext 9a4b41ba738d6c72fb16691603c18e0e
* Input Block 9a4b41ba738d6c72fb16691603c18e0e
* Output Block f69f2445df4f9b17ad2b417be66c3710
* Ciphertext f69f2445df4f9b17ad2b417be66c3710
*/
TEST(aes192, testNistEcbUnrijndael) {
struct Rijndael ctx;
aes_block_t k1, k2, block;
unhexbuf(&k1, 16, "8e73b0f7da0e6452c810f32b809079e5");
unhexbuf(&k2, 16, "62f8ead2522c6b7bDEADBEEFFEEDFACE");
unrijndaelinit(&ctx, 12, k1, k2);
unhexbuf(&block, 16, "bd334f1d6e45f25ff712a214571fa5cc");
block = unrijndael(12, block, &ctx);
EXPECT_BINEQ("6bc1bee22e409f96e93d7e117393172a", &block);
unhexbuf(&block, 16, "974104846d0ad3ad7734ecb3ecee4eef");
block = unrijndael(12, block, &ctx);
EXPECT_BINEQ("ae2d8a571e03ac9c9eb76fac45af8e51", &block);
unhexbuf(&block, 16, "ef7afd2270e2e60adce0ba2face6444e");
block = unrijndael(12, block, &ctx);
EXPECT_BINEQ("30c81c46a35ce411e5fbc1191a0a52ef", &block);
unhexbuf(&block, 16, "9a4b41ba738d6c72fb16691603c18e0e");
block = unrijndael(12, block, &ctx);
EXPECT_BINEQ("f69f2445df4f9b17ad2b417be66c3710", &block);
}
/**
* F.1.5: ECB-AES256.Encrypt
*
* Key 603deb1015ca71be2b73aef0857d7781
* 1f352c073b6108d72d9810a30914dff4
*
* Block No. 1
* Plaintext 6bc1bee22e409f96e93d7e117393172a
* Input Block 6bc1bee22e409f96e93d7e117393172a
* Output Block f3eed1bdb5d2a03c064b5a7e3db181f8
* Ciphertext f3eed1bdb5d2a03c064b5a7e3db181f8
*
* Block No. 2
* Plaintext ae2d8a571e03ac9c9eb76fac45af8e51
* Input Block ae2d8a571e03ac9c9eb76fac45af8e51
* Output Block 591ccb10d410ed26dc5ba74a31362870
* Ciphertext 591ccb10d410ed26dc5ba74a31362870
*
* Block No. 3
* Plaintext 30c81c46a35ce411e5fbc1191a0a52ef
* Input Block 30c81c46a35ce411e5fbc1191a0a52ef
* Output Block b6ed21b99ca6f4f9f153e7b1beafed1d
* Ciphertext b6ed21b99ca6f4f9f153e7b1beafed1d
*
* Block No. 4
* Plaintext f69f2445df4f9b17ad2b417be66c3710
* Input Block f69f2445df4f9b17ad2b417be66c3710
* Output Block 23304b7a39f9f3ff067d8d8f9e24ecc7
* Ciphertext 23304b7a39f9f3ff067d8d8f9e24ecc7
*/
TEST(aes256, testNistEcbRijndael) {
struct Rijndael ctx;
aes_block_t k1, k2, block;
unhexbuf(&k1, 16, "603deb1015ca71be2b73aef0857d7781");
unhexbuf(&k2, 16, "1f352c073b6108d72d9810a30914dff4");
rijndaelinit(&ctx, 14, k1, k2);
unhexbuf(&block, 16, "6bc1bee22e409f96e93d7e117393172a");
block = rijndael(14, block, &ctx);
EXPECT_BINEQ("f3eed1bdb5d2a03c064b5a7e3db181f8", &block);
unhexbuf(&block, 16, "ae2d8a571e03ac9c9eb76fac45af8e51");
block = rijndael(14, block, &ctx);
EXPECT_BINEQ("591ccb10d410ed26dc5ba74a31362870", &block);
unhexbuf(&block, 16, "30c81c46a35ce411e5fbc1191a0a52ef");
block = rijndael(14, block, &ctx);
EXPECT_BINEQ("b6ed21b99ca6f4f9f153e7b1beafed1d", &block);
unhexbuf(&block, 16, "f69f2445df4f9b17ad2b417be66c3710");
block = rijndael(14, block, &ctx);
EXPECT_BINEQ("23304b7a39f9f3ff067d8d8f9e24ecc7", &block);
}
/**
* F.1.6: ECB-AES256.Decrypt
*
* Key 603deb1015ca71be2b73aef0857d7781
* 1f352c073b6108d72d9810a30914dff4
*
* Block No. 1
* Input Block f3eed1bdb5d2a03c064b5a7e3db181f8
* Plaintext f3eed1bdb5d2a03c064b5a7e3db181f8
* Ciphertext 6bc1bee22e409f96e93d7e117393172a
* Output Block 6bc1bee22e409f96e93d7e117393172a
*
* Block No. 2
* Input Block 591ccb10d410ed26dc5ba74a31362870
* Plaintext 591ccb10d410ed26dc5ba74a31362870
* Ciphertext ae2d8a571e03ac9c9eb76fac45af8e51
* Output Block ae2d8a571e03ac9c9eb76fac45af8e51
*
* Block No. 3
* Input Block b6ed21b99ca6f4f9f153e7b1beafed1d
* Plaintext b6ed21b99ca6f4f9f153e7b1beafed1d
* Ciphertext 30c81c46a35ce411e5fbc1191a0a52ef
* Output Block 30c81c46a35ce411e5fbc1191a0a52ef
*
* Block No. 4
* Input Block 23304b7a39f9f3ff067d8d8f9e24ecc7
* Plaintext 23304b7a39f9f3ff067d8d8f9e24ecc7
* Ciphertext f69f2445df4f9b17ad2b417be66c3710
* Output Block f69f2445df4f9b17ad2b417be66c3710
*/
TEST(aes256, testNistEcbUnrijndael) {
struct Rijndael ctx;
aes_block_t k1, k2, block;
unhexbuf(&k1, 16, "603deb1015ca71be2b73aef0857d7781");
unhexbuf(&k2, 16, "1f352c073b6108d72d9810a30914dff4");
unrijndaelinit(&ctx, 14, k1, k2);
unhexbuf(&block, 16, "f3eed1bdb5d2a03c064b5a7e3db181f8");
block = unrijndael(14, block, &ctx);
EXPECT_BINEQ("6bc1bee22e409f96e93d7e117393172a", &block);
unhexbuf(&block, 16, "591ccb10d410ed26dc5ba74a31362870");
block = unrijndael(14, block, &ctx);
EXPECT_BINEQ("ae2d8a571e03ac9c9eb76fac45af8e51", &block);
unhexbuf(&block, 16, "b6ed21b99ca6f4f9f153e7b1beafed1d");
block = unrijndael(14, block, &ctx);
EXPECT_BINEQ("30c81c46a35ce411e5fbc1191a0a52ef", &block);
unhexbuf(&block, 16, "23304b7a39f9f3ff067d8d8f9e24ecc7");
block = unrijndael(14, block, &ctx);
EXPECT_BINEQ("f69f2445df4f9b17ad2b417be66c3710", &block);
}