예제 #1
0
void shabal_ctx_dump(shabal_ctx_t *ctx){
	uint8_t i;
	void *p;
	cli_putstr_P(PSTR("\r\n=== shabal ctx dump ===\r\n  size = "));
	i=sizeof(shabal_ctx_t);
	if(i>=100)
		cli_putc('0'+i/100);
	if(i>=10)
		cli_putc('0'+(i/10)%10);
	cli_putc('0'+i%10);
	cli_putstr_P(PSTR("\r\n  a = "));
	cli_hexdump_block(ctx->a, 12*4, 5, 4*8);
	cli_putstr_P(PSTR("\r\n  b_buffer = "));
	cli_hexdump_block(ctx->b_buffer, 12*4, 5, 4*8);
	cli_putstr_P(PSTR("\r\n  c_buffer = "));
	cli_hexdump_block(ctx->c_buffer, 12*4, 5, 4*8);
	if(ctx->b == &(ctx->b_buffer[0]))
		cli_putstr_P(PSTR("\r\nb --> b_buffer"));
	if(ctx->b == &(ctx->c_buffer[0]))
		cli_putstr_P(PSTR("\r\nb --> c_buffer"));
	if(ctx->c == &(ctx->b_buffer[0]))
		cli_putstr_P(PSTR("\r\nc --> b_buffer"));
	if(ctx->c == &(ctx->c_buffer[0]))
		cli_putstr_P(PSTR("\r\nc --> c_buffer"));
	cli_putstr_P(PSTR("\r\n b = "));
	cli_hexdump(&(ctx->b), 2);
	p = ctx->b_buffer;
	cli_putstr_P(PSTR("\r\n b (should) = "));
	cli_hexdump(&p, 2);
	cli_putstr_P(PSTR("\r\n c = "));
	cli_hexdump(&(ctx->c), 2);
	p = ctx->c_buffer;
	cli_putstr_P(PSTR("\r\n c (should) = "));
	cli_hexdump(&p, 2);
}
예제 #2
0
void testrun_aes128_ctr(void){
	uint8_t key[16];
	uint8_t iv[16];
	uint8_t plain[64];

	bcal_ctr_ctx_t ctx;
	uint8_t r;

	memcpy(key,   modes_key,   16);
	memcpy(iv,    modes_ctriv, 16);
	memcpy(plain, modes_plain, 64);

	cli_putstr("\r\n** AES128-CTR-TEST **");
	r = bcal_ctr_init(&aes128_desc, key, 128, NULL, &ctx);
	cli_putstr("\r\n  init = 0x");
	cli_hexdump(&r, 1);
	cli_putstr("\r\n  key:   ");
	cli_hexdump(key, 128/8);
	cli_putstr("\r\n  IV:    ");
	cli_hexdump(iv, 128/8);
	cli_putstr("\r\n  plaintext:");
	cli_hexdump_block(plain, 4*128/8, 4, 16);
	if(r)
		return;
	bcal_ctr_encMsg(iv, plain, 4*128, &ctx);
	cli_putstr("\r\n  ciphertext:  ");
	cli_hexdump_block(plain, 4*128/8, 4, 16);
	bcal_ctr_decMsg(iv, plain, 4*128, &ctx);
	cli_putstr("\r\n  plaintext:   ");
	cli_hexdump_block(plain, 4*128/8, 4, 16);
	bcal_ctr_free(&ctx);
}
예제 #3
0
void testrun_aes128_cmac(void){
	uint8_t key[16];
	uint8_t tag[16];
	uint8_t plain[64];
	uint16_t length[] = { 0, 128, 320, 512 };
	bcal_cmac_ctx_t ctx;
	uint8_t r,i;

	memcpy(key,   modes_key,   16);
	memcpy(plain, modes_plain, 64);

	cli_putstr("\r\n** AES128-CMAC-TEST **");

	cli_putstr("\r\n  key:   ");
	cli_hexdump(key, 128/8);
	for(i=0; i<4; ++i){
		r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
		cli_putstr("\r\n  init = 0x");
		cli_hexdump(&r, 1);
		cli_putstr("\r\n  message: ");
		cli_hexdump_block(plain, length[i]/8, 4, 16);
		if(r)
			return;
		bcal_cmac(tag, 128, plain, length[i], &ctx);
		cli_putstr("\r\n  tag:     ");
		cli_hexdump_block(tag, 128/8, 4, 16);
		bcal_cmac_free(&ctx);
	}
}
예제 #4
0
/*
Klen = 16
Mlen = 18
Tlen = 2
Key = 3250974e306b4b678f914b514d1e90f6
Msg = cf132fd4ebc25fd3866f1a95a6193a1a9cdf
*/
void testrun_aes128_cmac72(void){
	uint8_t key[16]= {
			0x32, 0x50, 0x97, 0x4e, 0x30, 0x6b, 0x4b, 0x67,
			0x8f, 0x91, 0x4b, 0x51, 0x4d, 0x1e, 0x90, 0xf6
	};
	uint8_t tag[2];
	uint8_t plain[18] = {
			0xcf, 0x13, 0x2f, 0xd4, 0xeb, 0xc2, 0x5f, 0xd3,
			0x86, 0x6f, 0x1a, 0x95, 0xa6, 0x19, 0x3a, 0x1a,
			0x9c, 0xdf,
	};
	bcal_cmac_ctx_t ctx;
	uint8_t r;


	cli_putstr("\r\n** AES128-CMAC-72-TEST **");

	cli_putstr("\r\n  key:   ");
	cli_hexdump(key, 128/8);
	r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
	cli_putstr("\r\n  init = 0x");
	cli_hexdump(&r, 1);
	cli_putstr("\r\n  message: ");
	cli_hexdump_block(plain, 18, 4, 16);
	if(r)
		return;
	bcal_cmac(tag, 16, plain, 18*8, &ctx);
	cli_putstr("\r\n  tag:     ");
	cli_hexdump_block(tag, 2, 4, 16);
	bcal_cmac_free(&ctx);
}
void testrun_aes128_ofb(void){
	uint8_t key[16];
	uint8_t iv[16];
	uint8_t plain[64];

	bcal_ofb_ctx_t ctx;
	uint8_t r;

	memcpy_P(key,   modes_key,   16);
	memcpy_P(iv,    modes_iv,    16);
	memcpy_P(plain, modes_plain, 64);

	cli_putstr_P(PSTR("\r\n** AES128-OFB-TEST **"));
	r = bcal_ofb_init(&aes128_desc, key, 128, &ctx);
	cli_putstr_P(PSTR("\r\n  init = 0x"));
	cli_hexdump(&r, 1);
	cli_putstr_P(PSTR("\r\n  key:   "));
	cli_hexdump(key, 128/8);
	cli_putstr_P(PSTR("\r\n  IV:    "));
	cli_hexdump(iv, 128/8);
	cli_putstr_P(PSTR("\r\n  plaintext:"));
	cli_hexdump_block(plain, 4*128/8, 4, 16);
	if(r)
		return;
	bcal_ofb_encMsg(iv, plain, 4*128, &ctx);
	cli_putstr_P(PSTR("\r\n  ciphertext:  "));
	cli_hexdump_block(plain, 4*128/8, 4, 16);
	bcal_ofb_decMsg(iv, plain, 4*128, &ctx);
	cli_putstr_P(PSTR("\r\n  plaintext:   "));
	cli_hexdump_block(plain, 4*128/8, 4, 16);
	bcal_ofb_free(&ctx);
}
void quick_test(void){
	uint8_t *ciphertext, *plaintext, rc;
	uint8_t seed[sizeof(SEED)], seed_out[sizeof(SEED)];
	uint16_t clen, plen;
	if(!keys_allocated){
		load_fix_rsa();
	}
	ciphertext = malloc(clen = bigint_length_B(&pub_key.modulus));
	plaintext = malloc(clen);
	memcpy_P(plaintext, MSG, sizeof(MSG));
	memcpy_P(seed, SEED, sizeof(SEED));
	cli_putstr_P(PSTR("\r\nplaintext:"));
	cli_hexdump_block(plaintext, sizeof(MSG), 4, 16);
	cli_putstr_P(PSTR("\r\nseed:"));
	cli_hexdump_block(seed, sizeof(SEED), 4, 16);
	cli_putstr_P(PSTR("\r\nencrypting: ..."));

	rc = rsa_encrypt_pkcs1v15(ciphertext, &clen, plaintext, sizeof(MSG), &pub_key, seed);
	if(rc){
		cli_putstr_P(PSTR("\r\nERROR: rsa_encrypt_pkcs1v15 returned: "));
		cli_hexdump_byte(rc);
		return;

	}

	cli_putstr_P(PSTR("\r\n\r\nciphertext:"));
	cli_hexdump_block(ciphertext, clen, 4, 16);
	if(clen != sizeof(ENCRYPTED)){
			cli_putstr_P(PSTR("\r\n>>FAIL (no size match)<<"));
			return;
	}else{
		if(memcmp_P(ciphertext, ENCRYPTED, clen)){
			cli_putstr_P(PSTR("\r\n>>FAIL (no content match)<<"));
			return;
		}else{
			cli_putstr_P(PSTR("\r\n>>OK<<"));
		}
	}

	cli_putstr_P(PSTR("\r\ndecrypting: ..."));
	rc = rsa_decrypt_pkcs1v15(plaintext, &plen, ciphertext, clen, &priv_key, seed_out);
	if(rc){
		cli_putstr_P(PSTR("\r\nERROR: rsa_decrypt_pkcs1v15 returned: "));
		cli_hexdump_byte(rc);
		return;
	}
	cli_putstr_P(PSTR("\r\n\r\nplaintext:"));
	cli_hexdump_block(plaintext, plen, 4, 16);
	cli_putstr_P(PSTR("\r\n\r\nseed (out):"));
	cli_hexdump_block(seed_out, sizeof(SEED), 4, 16);

	free(ciphertext);
	free(plaintext);
}
예제 #7
0
void hfal_test(const hfdesc_t *hd, void *msg, uint32_t length_b){
	if(pgm_read_byte(&(hd->type))!=HFDESC_TYPE_HASHFUNCTION)
		return;
	uint16_t dlen = (pgm_read_word(&(hd->hashsize_b))+7)/8;
	uint8_t digest[dlen];
	cli_putstr_P(PSTR("\r\n=== "));
	cli_putstr_P((void*)pgm_read_word(&(hd->name)));
	cli_putstr_P(PSTR(" ===\r\n message:"));
	cli_hexdump_block(msg, (length_b+7)/8, 4, 16);
	hfal_hash_mem(hd, digest, msg, length_b);
	cli_putstr_P(PSTR(" \r\n digest:"));
	cli_hexdump_block(digest, dlen, 4, 16);
	cli_putstr_P(PSTR("\r\n"));
}
예제 #8
0
void hfal_test(const hfdesc_t* hd, const void* msg, uint32_t length_b){
	if(hd->type!=HFDESC_TYPE_HASHFUNCTION)
		return;
	uint16_t dlen = (hd->hashsize_b+7)/8;
	uint8_t digest[dlen];
	cli_putstr("\r\n=== ");
	cli_putstr(hd->name);
	cli_putstr(" ===\r\n message:");
	cli_hexdump_block(msg, (length_b+7)/8, 4, 16);
	hfal_hash_mem(hd, digest, msg, length_b);
	cli_putstr(" \r\n digest:");
	cli_hexdump_block(digest, dlen, 4, 16);
	cli_putstr("\r\n");
}
예제 #9
0
void testrun_trivium(void){
	uint8_t key[10];
	uint8_t iv[4];
	uint8_t buffer[64];
	scgen_ctx_t ctx;
	memset(key, 0, 10);
	memset(iv, 0, 4);
	key[0] = 0x80;
	scal_cipher_init(&trivium_desc, key, 80, iv, 32, &ctx);
	scal_cipher_gen_fillblock(buffer, 64, &ctx);
	cli_putstr_P(PSTR("\r\nTest:\r\n  Key     = "));
	cli_hexdump(key, 10);
	cli_putstr_P(PSTR("\r\n  IV      = "));
	cli_hexdump(iv, 4);
	cli_putstr_P(PSTR("\r\n  Cipher  = "));
	cli_hexdump_block(buffer, 64, 4, 16);
	scal_cipher_free(&ctx);
	key[0] = 0x40;
	scal_cipher_init(&trivium_desc, key, 80, iv, 32, &ctx);
	scal_cipher_gen_fillblock(buffer, 64, &ctx);
	cli_putstr_P(PSTR("\r\nTest:\r\n  Key     = "));
	cli_hexdump(key, 10);
	cli_putstr_P(PSTR("\r\n  IV      = "));
	cli_hexdump(iv, 4);
	cli_putstr_P(PSTR("\r\n  Cipher  = "));
	cli_hexdump_block(buffer, 64, 4, 16);
	scal_cipher_free(&ctx);
	key[0] = 0x20;
	scal_cipher_init(&trivium_desc, key, 80, iv, 32, &ctx);
	scal_cipher_gen_fillblock(buffer, 64, &ctx);
	cli_putstr_P(PSTR("\r\nTest:\r\n  Key     = "));
	cli_hexdump(key, 10);
	cli_putstr_P(PSTR("\r\n  IV      = "));
	cli_hexdump(iv, 4);
	cli_putstr_P(PSTR("\r\n  Cipher  = "));
	cli_hexdump_block(buffer, 64, 4, 16);
	scal_cipher_free(&ctx);
	key[0] = 0x10;
	scal_cipher_init(&trivium_desc, key, 80, iv, 32, &ctx);
	scal_cipher_gen_fillblock(buffer, 64, &ctx);
	cli_putstr_P(PSTR("\r\nTest:\r\n  Key     = "));
	cli_hexdump(key, 10);
	cli_putstr_P(PSTR("\r\n  IV      = "));
	cli_hexdump(iv, 4);
	cli_putstr_P(PSTR("\r\n  Cipher  = "));
	cli_hexdump_block(buffer, 64, 4, 16);
	scal_cipher_free(&ctx);
}
예제 #10
0
/*
Count = 0
Klen = 24
Mlen = 0
Tlen = 2
Key = 2b2aaa666be161ed16648e862ac9bd1e317f71bc69e268b5
Msg = 00
*/
void testrun_aes192_cmac0(void){
	uint8_t key[24]= {
			0x2b, 0x2a, 0xaa, 0x66, 0x6b, 0xe1, 0x61, 0xed,
			0x16, 0x64, 0x8e, 0x86, 0x2a, 0xc9, 0xbd, 0x1e,
			0x31, 0x7f, 0x71, 0xbc, 0x69, 0xe2, 0x68, 0xb5
	};
	uint8_t tag[2];
	uint8_t plain[1] = {
			0x00
	};
	bcal_cmac_ctx_t ctx;
	uint8_t r;


	cli_putstr("\r\n** AES192-CMAC-0-TEST **");

	cli_putstr("\r\n  key:   ");
	cli_hexdump(key, 192/8);
	r = bcal_cmac_init(&aes192_desc, key, 192, &ctx);
	cli_putstr("\r\n  init = 0x");
	cli_hexdump(&r, 1);
	if(r)
		return;
	bcal_cmac(tag, 16, plain, 0*8, &ctx);
	cli_putstr("\r\n  tag:     ");
	cli_hexdump_block(tag, 2, 4, 16);
	bcal_cmac_free(&ctx);
}
예제 #11
0
void test256Null(void){
	jh_ctx_t ctx;
	uint8_t hash[32];
	jh256_init(&ctx);
	jh_lastBlock(&ctx, NULL, 0);
	jh256_ctx2hash(hash, &ctx);
	cli_putstr_P(PSTR("\r\nresult:\r\n"));
	cli_hexdump_block(hash, 32, 4, 8);
}
예제 #12
0
void crypto_test(void){
	uint8_t test_data[16], test_key[32];
	aes256_ctx_t ctx;
	memset(test_key, 0xA5, 32);
	memset(test_data, 0, 16);
	aes256_init(test_key, &ctx);
	aes256_enc(test_data, &ctx);
	cli_putstr("\r\ncrypto test data:\r\n");
	cli_hexdump_block(test_data, 16, 4, 8);
}
void test_dump(void){
	char lstr[16];
	int len;
	cli_putstr_P(PSTR("\r\nenter dump length: "));
	cli_getsn_cecho(lstr, 15);
	len = own_atou(lstr);
	cli_putstr_P(PSTR("\r\ndumping 0x"));
	cli_hexdump_rev(&len, 2);
	cli_putstr_P(PSTR(" byte:"));
	cli_hexdump_block(pub_key.modulus.wordv, len, 4, 8);
}
예제 #14
0
void test_prf(const hfdesc_t* hash, const void* secret, const void* seed, uint16_t out_length){
	prf_tls12_ctx_t ctx;
	uint8_t buffer[out_length];
	prf_tls12_init_w_label(&ctx, hash, secret, 16*8, test_label, strlen(test_label), seed, 16*8);
	cli_putstr("\r\n== Testing PRF-TLSv1.2 with ");
	cli_putstr(hash->name);
	cli_putstr(" ==\r\n");
	prf_tls12_fill(buffer, out_length, &ctx);
	cli_hexdump_block(buffer, out_length, 4, 8);
	prf_tls12_free(&ctx);
}
예제 #15
0
void testrun_whirlpool(void){
	whirlpool_ctx_t ctx;
	uint8_t hash[64];
	uint8_t data[64];
	memset(data, 0, 64);
	data[0] = 'a';
	data[1] = 'b';
	data[2] = 'c';
	whirlpool_init(&ctx);
	whirlpool_lastBlock(&ctx, data, 3*8);
	whirlpool_ctx2hash(hash, &ctx);
	cli_putstr_P(PSTR("\r\nEmpty message hash:"));
	cli_hexdump_block(hash, 64, 4, 16);
}
예제 #16
0
void testrun_cscipher(void){
	uint8_t data[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
	uint8_t key[] =  {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
					  0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
	cscipher_ctx_t ctx;
	cli_putstr("\r\n== CS-Cipher test==\r\nkey: ");
	cli_hexdump(key, 16);
	memset(&ctx, 0, 8*9);
	cscipher_init(key, &ctx);
	cli_putstr("\r\nround keys:\r\n");
	cli_hexdump_block(&ctx, 8*9, 4, 8);
	cli_putstr("\r\nplain:  ");
	cli_hexdump(data, 8);
	cscipher_enc(data, &ctx);
	cli_putstr("\r\ncipher: ");
	cli_hexdump(data, 8);
	cscipher_dec(data, &ctx);
	cli_putstr("\r\nplain:  ");
	cli_hexdump(data, 8);
}
void test_khazad(void){
	uint8_t key[16];
	uint8_t data[8];
	khazad_ctx_t ctx;

	memset(key, 0, 16);
	memset(data, 0, 8);
	key[0] = 0x80;
	cli_putstr_P(PSTR("\r\nkey:   "));
	cli_hexdump(key, 16);
	khazad_init(key, &ctx);
	cli_putstr_P(PSTR("\r\nround keys:"));
	cli_hexdump_block(&ctx, 8*8, 4, 8);
	cli_putstr_P(PSTR("\r\nplain:  "));
	cli_hexdump(data, 8);
	khazad_enc(data, &ctx);
	cli_putstr_P(PSTR("\r\nencrypt:"));
	cli_hexdump(data, 8);
	khazad_dec(data, &ctx);
	cli_putstr_P(PSTR("\r\ndecrypt:"));
	cli_hexdump(data, 8);
}
예제 #18
0
void shavs_test1(void){ /* KAT tests */
	uint32_t length=0;
	int32_t expect_input=0;

	if(!shavs_algo){
			cli_putstr("\r\nERROR: select algorithm first!");
		return;
	}
	char c;
	uint8_t diggest[shavs_algo->hashsize_b/8];
	shavs_ctx.buffersize_B=shavs_algo->blocksize_b/8;
	uint8_t buffer[shavs_ctx.buffersize_B+5];
	shavs_ctx.buffer = buffer;
	cli_putstr("\r\nbuffer_size = 0x");
	cli_hexdump_rev(&(shavs_ctx.buffersize_B), 2);
	cli_putstr(" bytes");
	for(;;){
		shavs_ctx.blocks = 0;
		memset(buffer, 0, shavs_ctx.buffersize_B);
		length = getLength();
		if((int32_t)length<0){
#if DEBUG
			cli_putstr("\r\n(x) Len == ");
			cli_hexdump_rev(&length, 4);
			uart_flush(0);
#endif
			return;
		}

#if DEBUG
		cli_putstr("\r\nLen == ");
		cli_hexdump_rev(&length, 4);
		uart_flush(0);
#endif
		if(length==0){
			expect_input=2;
		}else{
			expect_input=((length + 7) >> 2) & (~1L);
		}
#if DEBUG
		cli_putstr("\r\nexpected_input == ");
		cli_hexdump_rev(&expect_input, 4);
		if(expect_input==0)
			cli_putstr("\r\nexpected_input == 0 !!!");
#endif
		shavs_ctx.buffer_idx = 0;
		shavs_ctx.in_byte    = 0;
		shavs_ctx.blocks     = 0;
		uint8_t ret;
#if DEBUG
		cli_putstr("\r\n HFAL init");
		cli_putstr("\r\n (2) expected_input == ");
		cli_hexdump_rev(&expect_input, 4);
#endif
		ret = hfal_hash_init(shavs_algo, &(shavs_ctx.ctx));
		if(ret){
			cli_putstr("\r\n HFAL init returned with: ");
			cli_hexdump(&ret, 1);
			return;
		}
#if DEBUG
		cli_putstr("\r\n (3) expected_input == ");
		cli_hexdump_rev(&expect_input, 4);
		cli_putstr("\r\n");
#endif
		while((c=cli_getc_cecho())!='M' && c!='m'){
			if(!isblank((uint8_t)c)){
				cli_putstr("\r\nERROR: wrong input (1) [0x");
				cli_hexdump(&c, 1);
				cli_putstr("]!\r\n");
				hfal_hash_free(&(shavs_ctx.ctx));
				return;
			}
		}
		if((c=cli_getc_cecho())!='s' && c!='S'){
				cli_putstr("\r\nERROR: wrong input (2)!\r\n");
				hfal_hash_free(&(shavs_ctx.ctx));
				return;
		}
		if((c=cli_getc_cecho())!='g' && c!='G'){
				cli_putstr("\r\nERROR: wrong input (3)!\r\n");
				hfal_hash_free(&(shavs_ctx.ctx));
				return;
		}
		while((c=cli_getc_cecho())!='='){
			if(!isblank((uint8_t)c)){
				cli_putstr("\r\nERROR: wrong input (4)!\r\n");
				hfal_hash_free(&(shavs_ctx.ctx));
				return;
			}
		}
#if DEBUG
		cli_putstr("\r\nparsing started");
#endif
		shavs_ctx.buffer_idx = 0;
		shavs_ctx.in_byte    = 0;
		shavs_ctx.blocks     = 0;
		while(expect_input>0){
			c=cli_getc_cecho();
#if DEBUG
			cli_putstr("\r\n\t(");
			cli_hexdump_rev(&expect_input, 4);
			cli_putstr(") ");
#endif
			if(buffer_add(c)==0){
				--expect_input;
			}else{
				if(!isblank((uint16_t)c)){
					cli_putstr("\r\nERROR: wrong input (5) (");
					cli_putc(c);
					cli_putstr(")!\r\n");
					hfal_hash_free(&(shavs_ctx.ctx));
					return;
				}
			}
		}
#if DEBUG
		cli_putstr("\r\nBuffer-A:");
		cli_hexdump_block(buffer, shavs_ctx.buffersize_B, 5, 8);

		cli_putstr("\r\n starting finalization");
		cli_putstr("\r\n\tblocks     == ");
		cli_hexdump_rev(&(shavs_ctx.blocks),4);
		cli_putstr("\r\n\tbuffer_idx == ");
		cli_hexdump_rev(&(shavs_ctx.buffer_idx),2);
		cli_putstr("\r\n\tin_byte    == ");
		cli_hexdump_rev(&(shavs_ctx.in_byte),1);

		cli_putstr("\r\n starting last block");
		cli_putstr("\r\n\tlength       == ");
		cli_hexdump_rev(&length,4);
		cli_putstr("\r\n\tbuffersize_B == ");
		cli_hexdump_rev(&(shavs_ctx.buffersize_B),2);
		uint16_t temp=length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8);
		cli_putstr("\r\n\t (temp)      == ");
		cli_hexdump_rev(&temp,2);
#else
		uint16_t temp=length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8);
#endif
		hfal_hash_lastBlock( &(shavs_ctx.ctx), buffer, /* be aware of freaking compilers!!! */
		                    temp );
#if DEBUG
		cli_putstr("\r\n starting ctx2hash");
#endif
		hfal_hash_ctx2hash(diggest, &(shavs_ctx.ctx));
#if DEBUG
		cli_putstr("\r\n starting hash free");
#endif
		hfal_hash_free(&(shavs_ctx.ctx));
		cli_putstr("\r\n MD = ");
		cli_hexdump(diggest, shavs_algo->hashsize_b/8);

	}
}
예제 #19
0
void testrun_aes128_eax(void){
	uint8_t key[16];
	uint8_t nonce[16];
	uint8_t header[8];
	uint8_t tag[16];
	uint8_t msg[21];
	uint8_t msg_len;
	const void* msg_p;
	const void* cipher_p;
	uint8_t i, r;

	bcal_eax_ctx_t ctx;

	msg_p = eax_msg;
	cipher_p = eax_cipher;
	for(i=0; i<10; ++i){
		cli_putstr("\r\n\r\n** AES128-EAX-TEST #");
		cli_putc('0'+i);
		cli_putstr(" **");

		msg_len = eax_msg_len[i];
		memcpy(key, eax_key+16*i, 16);
		memcpy(nonce, eax_nonce+16*i, 16);
		memcpy(header, eax_header+8*i, 8);
		memcpy(msg, msg_p, msg_len);
		msg_p = (uint8_t*)msg_p+msg_len;

		cli_putstr("\r\n  key:     ");
		cli_hexdump(key, 16);
		cli_putstr("\r\n  msg:     ");
		if(msg_len){
			cli_hexdump(msg, msg_len);
		}
		cli_putstr("\r\n  nonce:   ");
		cli_hexdump(nonce, 16);
		cli_putstr("\r\n  header:  ");
		cli_hexdump(header, 8);

		r = bcal_eax_init(&aes128_desc, key, 128, &ctx);
		cli_putstr("\r\n  init = 0x");
		cli_hexdump(&r, 1);
		if(r)
			return;
		bcal_eax_loadNonce(nonce, 16*8, &ctx);
		bcal_eax_addLastHeader(header, 8*8, &ctx);
		bcal_eax_encLastBlock(msg, msg_len*8, &ctx);
		bcal_eax_ctx2tag(tag, 128, &ctx);

		cli_putstr("\r\n  cipher:  ");
		cli_hexdump_block(msg, msg_len, 4, 16);

		cli_putstr("\r\n  tag:     ");
		cli_hexdump_block(tag, 16, 4, 16);

		if(memcmp(msg, cipher_p, msg_len)){
			cli_putstr("\r\n cipher:  [fail]\r\n  should: ");
			memcpy(msg, cipher_p, msg_len);
			cli_hexdump_block(msg, msg_len, 4, 16);
		}else{
			cli_putstr("\r\n cipher:  [pass]");
		}
		cipher_p = ((uint8_t*)cipher_p)+msg_len;
		// *
		if(memcmp(tag, cipher_p, 16)){
			cli_putstr("\r\n tag:     [fail]");
		}else{
			cli_putstr("\r\n tag:     [pass]");
		}

		cipher_p = ((uint8_t*)cipher_p)+16;
		bcal_eax_free(&ctx);
	}
}
예제 #20
0
uint8_t rsa_encrypt_oaep(void* dest, uint16_t* out_length,
		              const void* src, uint16_t length_B,
		              rsa_publickey_t* key, const rsa_oaep_parameter_t *p,
		              const rsa_label_t* label, const void* seed){

	if(!p){
		p = &rsa_oaep_default_parameter;
	}
	if(!label){
		label = &rsa_oaep_default_label;
	}
	uint16_t hv_len = (hfal_hash_getHashsize(p->hf)+7)/8;
	if(length_B > bigint_length_B(&key->modulus) - 2*hv_len - 2){
		/* message too long */
		return 1;
	}
	uint16_t buffer_len = bigint_length_B(&key->modulus);
#if DEBUG
	cli_putstr("\r\n buffer_len = ");
	cli_hexdump_rev(&buffer_len, 2);
	cli_putstr("\r\n modulus_len = ");
	cli_hexdump_rev(&key->modulus.length_B, 2);
#endif
	uint8_t* buffer = (uint8_t*)dest;
	uint8_t off;
	/* the following needs some explanation:
	 * off is the offset which is used for compensating the effect of
	 * changeendian() when it operates on multi-byte words.
	 * */
	off = (sizeof(bigint_word_t) - (bigint_get_first_set_bit(&key->modulus)/8+1) % sizeof(bigint_word_t))
			% (sizeof(bigint_word_t));
	buffer += off;
    buffer_len -= off;
	uint8_t* seed_buffer = buffer + 1;
	uint16_t db_len = buffer_len - hv_len - 1;
	uint8_t* db = seed_buffer + hv_len;
	uint16_t maskbuffer_len = db_len>hv_len?db_len:hv_len;
	uint8_t maskbuffer[maskbuffer_len];
	bigint_t x;

	memset(dest, 0, seed_buffer - buffer + off);
	memset(db + hv_len, 0, db_len - hv_len - length_B -1);
	hfal_hash_mem(p->hf, db, label->label, label->length_b);
	db[db_len - length_B - 1] = 0x01;
	memcpy(db+db_len - length_B, src, length_B);
	if(seed){
		memcpy(seed_buffer, seed, hv_len);
	}else{
		/* generate random seed */
		if(!prng_get_byte){
			return 2; /* ERROR: no random generator specified */
		}
		uint16_t i;
		for(i=0; i<hv_len; ++i){
			seed_buffer[i] = prng_get_byte();
		}
	}
#if DEBUG
	cli_putstr("\r\n  msg (raw, pre-feistel):\r\n");
	cli_hexdump_block(dest, bigint_length_B(&key->modulus), 4, 16);
#endif
	p->mgf(maskbuffer, seed_buffer, hv_len, db_len, p->mgf_parameter);
	memxor(db, maskbuffer, db_len);
	p->mgf(maskbuffer, db, db_len, hv_len, p->mgf_parameter);
	memxor(seed_buffer, maskbuffer, hv_len);
#if DEBUG
	cli_putstr("\r\n  msg (raw, post-feistel):\r\n");
	cli_hexdump_block(dest, bigint_length_B(&key->modulus), 4, 16);
#endif
	x.info = 0;
	x.length_B = key->modulus.length_B;
	x.wordv = dest;
	bigint_adjust(&x);
	rsa_os2ip(&x, NULL, bigint_length_B(&key->modulus));
#if DEBUG
	cli_putstr("\r\ninput-msg (pre enc):\r\n");
	cli_hexdump_rev(&src, 2);
	cli_hexdump_block(src, length_B, 4, 16);
#endif
	rsa_enc(&x, key);
#if DEBUG
	cli_putstr("\r\ninput-msg (post enc):\r\n");
	cli_hexdump_rev(&src, 2);
	cli_hexdump_block(src, length_B, 4, 16);
#endif
	rsa_i2osp(NULL, &x, out_length);
	return 0;
}
예제 #21
0
void shavs_test1(void){ /* KAT tests */
	uint32_t length=0;
	int32_t expect_input=0;

	if(!shavs_algo){
			fputs_P(PSTR("\r\nERROR: select algorithm first!"), shavs_out_file);
		return;
	}
	char c;
	uint8_t diggest[pgm_read_word(&(shavs_algo->hashsize_b))/8];
	shavs_ctx.buffersize_B=pgm_read_word(&(shavs_algo->blocksize_b))/8;
	uint8_t buffer[shavs_ctx.buffersize_B+5];
	shavs_ctx.buffer = buffer;
	fprintf_P(shavs_out_file, PSTR("\nbuffer_size = 0x%04"PRIx16" bytes"), shavs_ctx.buffersize_B);
	for(;;){
		shavs_ctx.blocks = 0;
		memset(buffer, 0, shavs_ctx.buffersize_B);
		length = getLength();
		if(length<0){
			return;
		}

#if DEBUG
		fprintf_P(shavs_out_file, PSTR("\nLen == %"PRIu32), length)
#endif
		if(length==0){
			expect_input=2;
		}else{
			expect_input=((length + 7) >> 2) & (~1L);
		}
#if DEBUG
		fprintf_P(shavs_out_file, PSTR("\r\nexpected_input == %"PRId32), expected_input);
#endif
		shavs_ctx.buffer_idx = 0;
		shavs_ctx.in_byte    = 0;
		shavs_ctx.blocks     = 0;
		uint8_t ret;
#if DEBUG
		fprintf_P(shavs_out_file, PSTR("\n HFAL init\n (2) expected_input == "), expected_input);
#endif
		ret = hfal_hash_init(shavs_algo, &(shavs_ctx.ctx));
		if(ret){
			fprintf_P(shavs_out_file, PSTR("\r\n HFAL init returned with: %"PRIx8), ret);
			return;
		}
#if DEBUG
		fprintf_P(shavs_out_file, PSTR("\r\n (3) expected_input == %"PRId32"\n"), expected_input)
#endif
		while((c=cli_getc_cecho())!='M' && c!='m'){
			if(!isblank(c)){
			    fprintf_P(shavs_out_file, PSTR("\nERROR: wrong input (1) [0x%"PRIx8"]!\n"), c);
				hfal_hash_free(&(shavs_ctx.ctx));
				return;
			}
		}
		if((c=cli_getc_cecho())!='s' && c!='S'){
            fputs_P(PSTR("\nERROR: wrong input (2)!\n"), shavs_out_file);
            hfal_hash_free(&(shavs_ctx.ctx));
            return;
		}
		if((c=cli_getc_cecho())!='g' && c!='G'){
            fputs_P(PSTR("\nERROR: wrong input (3)!\n"), shavs_out_file);
            hfal_hash_free(&(shavs_ctx.ctx));
            return;
		}
		while((c=cli_getc_cecho())!='='){
			if(!isblank(c)){
                fputs_P(PSTR("\nERROR: wrong input (4)!\n"), shavs_out_file);
				hfal_hash_free(&(shavs_ctx.ctx));
				return;
			}
		}
#if DEBUG
		fputs_P(PSTR("\r\nparsing started"), shavs_out_file);
#endif
		shavs_ctx.buffer_idx = 0;
		shavs_ctx.in_byte    = 0;
		shavs_ctx.blocks     = 0;
		while(expect_input>0){
			c=cli_getc_cecho();
#if DEBUG
			fprintf_P(shavs_out_file, PSTR("\n\t(%"PRId32") "), expected_input);
			_delay_ms(500);
#endif
			if(buffer_add(c)==0){
				--expect_input;
			}else{
				if(!isblank((uint16_t)c)){
				    fprintf_P(shavs_out_file, PSTR("\nERROR: wrong input (5) (%c)!\n"), c);
					hfal_hash_free(&(shavs_ctx.ctx));
					return;
				}
			}
		}
#if DEBUG
		cli_putstr_P(PSTR("\r\nBuffer-A:"));
		cli_hexdump_block(buffer, shavs_ctx.buffersize_B, 5, 8);

		cli_putstr_P(PSTR("\r\n starting finalisation"));
		cli_putstr_P(PSTR("\r\n\tblocks     == "));
		cli_hexdump_rev(&(shavs_ctx.blocks),4);
		cli_putstr_P(PSTR("\r\n\tbuffer_idx == "));
		cli_hexdump_rev(&(shavs_ctx.buffer_idx),2);
		cli_putstr_P(PSTR("\r\n\tin_byte    == "));
		cli_hexdump_rev(&(shavs_ctx.in_byte),1);
		_delay_ms(500);

		cli_putstr_P(PSTR("\r\n starting last block"));
		cli_putstr_P(PSTR("\r\n\tlength       == "));
		cli_hexdump_rev(&length,4);
		cli_putstr_P(PSTR("\r\n\tbuffersize_B == "));
		cli_hexdump_rev(&(shavs_ctx.buffersize_B),2);
		uint16_t temp=length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8);
		cli_putstr_P(PSTR("\r\n\t (temp)      == "));
		cli_hexdump_rev(&temp,2);
		_delay_ms(500);
		temp=length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8);
#else
		uint16_t temp=length-(shavs_ctx.blocks)*((shavs_ctx.buffersize_B)*8);
#endif
		hfal_hash_lastBlock( &(shavs_ctx.ctx), buffer, /* be aware of freaking compilers!!! */
		                    temp );
#if DEBUG
		cli_putstr_P(PSTR("\r\n starting ctx2hash"));
		_delay_ms(500);
#endif
		hfal_hash_ctx2hash(diggest, &(shavs_ctx.ctx));
#if DEBUG
		cli_putstr_P(PSTR("\r\n starting hash free"));
#endif
		hfal_hash_free(&(shavs_ctx.ctx));
		cli_putstr_P(PSTR("\r\n MD = "));
		cli_hexdump(diggest, pgm_read_word(&(shavs_algo->hashsize_b))/8);

	}
}
예제 #22
0
void testrun_aes128_cfb1(void){
	uint8_t key[16];
	uint8_t iv[16];
	uint8_t plain[64];

	bcal_cfb_b_ctx_t ctx;
	uint8_t r;

	memcpy(key,   modes_key,   16);
	memcpy(iv,    modes_iv,    16);
	memcpy(plain, modes_plain, 64);

	cli_putstr("\r\n** AES128-CFB1-TEST **");
	r = bcal_cfb_b_init(&aes128_desc, key, 128, 1, &ctx);
	cli_putstr("\r\n  init = 0x");
	cli_hexdump(&r, 1);
	cli_putstr("\r\n  key:   ");
	cli_hexdump(key, 128/8);
	cli_putstr("\r\n  IV:    ");
	cli_hexdump(iv, 128/8);
	cli_putstr("\r\n  plaintext:");
	cli_hexdump_block(plain, 2, 4, 16);
	if(r)
		return;
	uint8_t i, bit_offset, byte_offset;
	bcal_cfb_b_loadIV(iv, &ctx);
	for(i=0; i<16; ++i){
		byte_offset = i/8;
		bit_offset = i&7;
		cli_putstr("\r\n  plain bit:   ");
		cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
		bcal_cfb_b_encNext(plain+byte_offset, bit_offset, &ctx);
		cli_putstr("\r\n  cipher bit:  ");
		cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
	}
	cli_putstr("\r\n  ciphertext:  ");
	cli_hexdump_block(plain, 2, 4, 16);

	bcal_cfb_b_loadIV(iv, &ctx);
	for(i=0; i<16; ++i){
		byte_offset = i/8;
		bit_offset = i&7;
		cli_putstr("\r\n  plain bit:   ");
		cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
		bcal_cfb_b_decNext(plain+byte_offset, bit_offset, &ctx);
		cli_putstr("\r\n  cipher bit:  ");
		cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
	}
	cli_putstr("\r\n  plaintext:   ");
	cli_hexdump_block(plain, 2, 4, 16);


	bcal_cfb_b_encMsg(iv, plain, 0, 64*8, &ctx);
	cli_putstr("\r\n  ciphertext:  ");
	cli_hexdump_block(plain, 64, 4, 16);

	bcal_cfb_b_decMsg(iv, plain, 0, 64*8, &ctx);
	cli_putstr("\r\n  plaintext:   ");
	cli_hexdump_block(plain, 64, 4, 16);

	bcal_cfb_b_free(&ctx);
}
void run_seed_test(void){
	uint8_t *msg, *ciph, *msg_;
	uint16_t ciph_len, msg_len;
	uint16_t msg_len_;
	uint16_t seed_len;
	uint8_t *seed, *seed_out;
	char read_int_str[18];
	cli_putstr_P(PSTR("\r\n== test with given seed =="));
	cli_putstr_P(PSTR("\r\n = message ="));
	cli_putstr_P(PSTR("\r\n  length: "));
	cli_getsn(read_int_str, 16);
	msg_len = own_atou(read_int_str);
	seed_len = rsa_pkcs1v15_compute_padlength_B(&pub_key.modulus, msg_len);
	seed = malloc(seed_len);
#if DEBUG
	cli_putstr_P(PSTR("\r\nDBG: @seed: 0x"));
	cli_hexdump_rev(&seed, 2);
#endif
	if(!seed){
		cli_putstr_P(PSTR("\r\nERROR: OOM!"));
		return;
	}
	seed_out = malloc(seed_len);
#if DEBUG
	cli_putstr_P(PSTR("\r\nDBG: @seed_out: 0x"));
	cli_hexdump_rev(&seed_out, 2);
#endif
	if(!seed_out){
		cli_putstr_P(PSTR("\r\nERROR: OOM!"));
		return;
	}
	msg = malloc(msg_len);
#if DEBUG
	cli_putstr_P(PSTR("\r\nDBG: @msg: 0x"));
	cli_hexdump_rev(&msg, 2);
#endif
	if(!msg){
		cli_putstr_P(PSTR("\r\nERROR: OOM!"));
		return;
	}
	ciph = malloc(bigint_length_B(&pub_key.modulus));
#if DEBUG
	cli_putstr_P(PSTR("\r\nDBG: @ciph: 0x"));
	cli_hexdump_rev(&ciph, 2);
#endif
	if(!ciph){
		cli_putstr_P(PSTR("\r\nERROR: OOM!"));
		return;
	}
	msg_ = malloc(bigint_length_B(&pub_key.modulus) /* + sizeof(bigint_word_t) */ );
#if DEBUG
	cli_putstr_P(PSTR("\r\nDBG: @msg_: 0x"));
	cli_hexdump_rev(&msg_, 2);
#endif
	if(!msg_){
		cli_putstr_P(PSTR("\r\nERROR: OOM!"));
		return;
	}
	cli_putstr_P(PSTR("\r\n  data: "));
	read_os(msg, msg_len, NULL);
	cli_putstr_P(PSTR("\r\n  seed (0x"));
	cli_hexdump_rev(&seed_len, 2);
	cli_putstr_P(PSTR(" bytes): "));
	read_os(seed, seed_len, NULL);

	cli_putstr_P(PSTR("\r\n  encrypting ..."));
/*
	cli_putstr_P(PSTR("\r\n plaintext:"));
	cli_hexdump_block(msg, msg_len, 4, 16);
	cli_putstr_P(PSTR("\r\n seed:"));
	cli_hexdump_block(seed, seed_len, 4, 16);
*/
#if DEBUG
	cli_putstr_P(PSTR("\r\n  first prime:"));
	bigint_print_hex(&priv_key.components[0]);
#endif
	rsa_encrypt_pkcs1v15(ciph, &ciph_len, msg, msg_len, &pub_key, seed);
	cli_putstr_P(PSTR("\r\n  ciphertext:"));
	cli_hexdump_block(ciph, ciph_len, 4, 16);
#if DEBUG
	cli_putstr_P(PSTR("\r\n  first prime:"));
	bigint_print_hex(&priv_key.components[0]);
#endif
	cli_putstr_P(PSTR("\r\n  decrypting ... "));

	rsa_decrypt_pkcs1v15(msg_, &msg_len_, ciph, ciph_len, &priv_key, seed_out);

	cli_putstr_P(PSTR("[done]"));
	if(msg_len != msg_len_){
		char tstr[16];
		cli_putstr_P(PSTR("\r\nERROR: wrong decrypted message length ("));
		itoa(msg_len_, tstr, 10);
		cli_putstr(tstr);
		cli_putstr_P(PSTR(" instead of "));
		itoa(msg_len, tstr, 10);
		cli_putstr(tstr);
		cli_putc(')');
		goto end;
	}
	if(memcmp(msg, msg_, msg_len)){
		cli_putstr_P(PSTR("\r\nERROR: wrong decrypted message:"));
		cli_hexdump_block(msg_, msg_len_, 4, 16);
		cli_putstr_P(PSTR("\r\nreference:"));
		cli_hexdump_block(msg, msg_len, 4, 16);
		goto end;
	}

	if(memcmp(seed, seed_out, seed_len)){
		cli_putstr_P(PSTR("\r\nERROR: wrong decrypted seed:"));
		cli_hexdump_block(seed_out, seed_len, 4, 16);
		cli_putstr_P(PSTR("\r\nreference:"));
		cli_hexdump_block(seed, seed_len, 4, 16);
		goto end;
	}

	cli_putstr_P(PSTR("\r\n  >>OK<<"));
end:
	free(msg_);
	free(ciph);
	free(msg);
	free(seed_out);
	free(seed);
}