static bool test_ctr_vector(const struct encrypt_desc *encrypt_desc, const struct ctr_test_vector *test) { DBG(DBG_CRYPT, DBG_log("test_ctr_vector: %s", test->description)); bool ok = TRUE; PK11SymKey *sym_key = decode_to_key(encrypt_desc, test->key); if (!test_ctr_op(encrypt_desc, test->description, 1, sym_key, test->cb, test->output_cb, "Plaintext", test->plaintext, "Ciphertext", test->ciphertext)) { ok = FALSE; } if (!test_ctr_op(encrypt_desc, test->description, 0, sym_key, test->cb, test->output_cb, "Ciphertext", test->ciphertext, "Plaintext", test->plaintext)) { ok = FALSE; } /* Clean up. */ release_symkey(__func__, "sym_key", &sym_key); DBG(DBG_CRYPT, DBG_log("test_ctr_vector: %s %s", test->description, ok ? "passed" : "failed")); return ok; }
static void ppk_recalc_one(PK11SymKey **sk /* updated */, PK11SymKey *ppk_key, const struct prf_desc *prf_desc, const char *name) { PK11SymKey *t = ikev2_prfplus(prf_desc, ppk_key, *sk, prf_desc->prf_key_size); release_symkey(__func__, name, sk); *sk = t; DBG(DBG_PRIVATE, { chunk_t chunk_sk = chunk_from_symkey("sk_chunk", *sk); DBG_dump_chunk(name, chunk_sk); freeanychunk(chunk_sk); });
static void ikev1_skeyid_alphabet(PK11SymKey *skeyid) { PK11SymKey *skeyid_d = ikev1_skeyid_d(prf->prf, skeyid, g_xy, cky_i, cky_r); print_symkey("SKEYID_d", skeyid_d, 0); PK11SymKey *skeyid_a = ikev1_skeyid_a(prf->prf, skeyid, skeyid_d, g_xy, cky_i, cky_r); print_symkey("SKEYID_a", skeyid_a, 0); PK11SymKey *skeyid_e = ikev1_skeyid_e(prf->prf, skeyid, skeyid_a, g_xy, cky_i, cky_r); print_symkey("SKEYID_e", skeyid_e, 0); release_symkey(__func__, "skeyid_d", &skeyid_d); release_symkey(__func__, "skeyid_e", &skeyid_e); release_symkey(__func__, "skeyid_a", &skeyid_a); }
static void gcm_run_test(void) { print_number("Count", NULL, count); print_symkey("Key", NULL, key, 0); print_chunk("IV", NULL, iv, 0); print_chunk("CT", NULL, ct, 0); print_chunk("AAD", NULL, aad, 0); print_chunk("Tag", NULL, tag, 0); const struct encrypt_desc *gcm_alg = lookup_by_taglen(); if (gcm_alg == NULL) { fprintf(stderr, "taglen %lu not supported\n", taglen); return; } PK11SymKey *gcm_key = encrypt_key_from_symkey_bytes("GCM key", gcm_alg, 0, sizeof_symkey(key), key); chunk_t text_and_tag = clone_chunk_chunk(ct, tag, "text-and-tag"); bool result = gcm_alg->encrypt_ops ->do_aead(gcm_alg, salt.ptr, salt.len, iv.ptr, iv.len, aad.ptr, aad.len, text_and_tag.ptr, ct.len, tag.len, gcm_key, FALSE/*encrypt*/); if (result) { /* plain text */ chunk_t pt = { .ptr = text_and_tag.ptr, .len = ct.len, }; print_chunk("PT", NULL, pt, 0); } else { print_line("FAIL"); } release_symkey(__func__, "GCM-key", &gcm_key); freeanychunk(text_and_tag); }
static void run_psk(void) { print_number("COUNT", count); print_chunk("CKY_I", cky_i, 0); print_chunk("CKY_R", cky_r, 0); print_chunk("Ni", ni, 0); print_chunk("Nr", nr, 0); print_symkey("g^xy", g_xy, 0); print_chunk("pre-shared-key", psk, 0); if (prf == NULL) { print_line(prf->key); return; } PK11SymKey *skeyid = ikev1_pre_shared_key_skeyid(prf->prf, psk, ni, nr); print_symkey("SKEYID", skeyid, 0); ikev1_skeyid_alphabet(skeyid); release_symkey(__func__, "skeyid", &skeyid); }
static bool test_gcm_vector(const struct encrypt_desc *encrypt_desc, const struct gcm_test_vector *test) { DBG(DBG_CRYPT, DBG_log("test_gcm_vector: enter")); const size_t salt_size = encrypt_desc->salt_size; bool ok = TRUE; PK11SymKey *sym_key = decode_to_key(encrypt_desc, test->key); chunk_t salted_iv = decode_to_chunk("salted IV", test->salted_iv); passert(salted_iv.len == encrypt_desc->wire_iv_size + salt_size); chunk_t salt = { .ptr = salted_iv.ptr, .len = salt_size }; chunk_t wire_iv = { .ptr = salted_iv.ptr + salt_size, .len = salted_iv.len - salt_size }; chunk_t aad = decode_to_chunk("AAD", test->aad); chunk_t plaintext = decode_to_chunk("plaintext", test->plaintext); chunk_t ciphertext = decode_to_chunk("ciphertext", test->ciphertext); passert(plaintext.len == ciphertext.len); size_t len = plaintext.len; chunk_t tag = decode_to_chunk("tag", test->tag); chunk_t text_and_tag; text_and_tag.len = len + tag.len; text_and_tag.ptr = alloc_bytes(text_and_tag.len, "GCM data"); /* macro to test encryption or decryption * * This would be better as a function but it uses too many locals * from test_gcm_vector to be pleasant: * text_and_tag, len, tag, aad, salt, wire_iv, sym_key */ # define try(enc, desc, from, to) { \ memcpy(text_and_tag.ptr, from.ptr, from.len); \ text_and_tag.len = len + tag.len; \ DBG(DBG_CRYPT, \ DBG_log("test_gcm_vector: %s: aad-size=%zd salt-size=%zd wire-IV-size=%zd text-size=%zd tag-size=%zd", \ desc, aad.len, salt.len, wire_iv.len, len, tag.len); \ DBG_dump_chunk("test_gcm_vector: text+tag on call", \ text_and_tag)); \ if (!encrypt_desc->encrypt_ops->do_aead(encrypt_desc, \ salt.ptr, salt.len, \ wire_iv.ptr, wire_iv.len, \ aad.ptr, aad.len, \ text_and_tag.ptr, \ len, tag.len, \ sym_key, enc) || \ !verify_chunk_data("output ciphertext", \ to, text_and_tag.ptr) || \ !verify_chunk_data("TAG", tag, text_and_tag.ptr + len)) \ ok = FALSE; \ DBG(DBG_CRYPT, DBG_dump_chunk("test_gcm_vector: text+tag on return", \ text_and_tag)); \ } /* test decryption */ memcpy(text_and_tag.ptr + len, tag.ptr, tag.len); try(FALSE, "decrypt", ciphertext, plaintext); /* test encryption */ memset(text_and_tag.ptr + len, '\0', tag.len); try(TRUE, "encrypt", plaintext, ciphertext); # undef try freeanychunk(salted_iv); freeanychunk(aad); freeanychunk(plaintext); freeanychunk(ciphertext); freeanychunk(tag); freeanychunk(text_and_tag); /* Clean up. */ release_symkey(__func__, "sym_key", &sym_key); DBG(DBG_CRYPT, DBG_log("test_gcm_vector: %s", ok ? "passed" : "failed")); return ok; } bool test_gcm_vectors(const struct encrypt_desc *encrypt_desc, const struct gcm_test_vector *tests) { bool ok = TRUE; const struct gcm_test_vector *test; for (test = tests; test->key != NULL; test++) { if (!test_gcm_vector(encrypt_desc, test)) { ok = FALSE; } } return ok; }