/**************************************************************************** Copyright(c) 2019 by Aerospace C.Power (Chongqing) Microelectronics. ALL RIGHTS RESERVED. This Information is proprietary to Aerospace C.Power (Chongqing) Microelectronics and MAY NOT be copied by any method or incorporated into another program without the express written consent of Aerospace C.Power. This Information or any portion thereof remains the property of Aerospace C.Power. The Information contained herein is believed to be accurate and Aerospace C.Power assumes no responsibility or liability for its use in any way and conveys no license or title under any patent or copyright and makes no representation or warranty that this Information is free from patent or copyright infringement. ****************************************************************************/ #include "os_types.h" #include "os_mem.h" #include "iot_io.h" #include "mbedtls/aes.h" //#include "mbedtls/gcm.h" #include "sec_sys.h" #define ECB_TEST 1 #define CBC_TEST 1 #define CTR_TEST 1 #define TEST_COUNT 10000 #define mbedtls_printf iot_printf static int sw_aes = 0; /* * AES test vectors from: * * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip */ static const uint8_t aes_test_ecb_dec[3][16] = { { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58, 0x33, 0x03, 0x91, 0x7E, 0x6B, 0xE9, 0xEB, 0xE0 }, { 0x48, 0xE3, 0x1E, 0x9E, 0x25, 0x67, 0x18, 0xF2, 0x92, 0x29, 0x31, 0x9C, 0x19, 0xF1, 0x5B, 0xA4 }, { 0x05, 0x8C, 0xCF, 0xFD, 0xBB, 0xCB, 0x38, 0x2D, 0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE } }; static const uint8_t aes_test_ecb_enc[3][16] = { { 0xC3, 0x4C, 0x05, 0x2C, 0xC0, 0xDA, 0x8D, 0x73, 0x45, 0x1A, 0xFE, 0x5F, 0x03, 0xBE, 0x29, 0x7F }, { 0xF3, 0xF6, 0x75, 0x2A, 0xE8, 0xD7, 0x83, 0x11, 0x38, 0xF0, 0x41, 0x56, 0x06, 0x31, 0xB1, 0x14 }, { 0x8B, 0x79, 0xEE, 0xCC, 0x93, 0xA0, 0xEE, 0x5D, 0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 } }; static const uint8_t aes_test_cbc_dec[3][16] = { { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73, 0xDF, 0x70, 0x6E, 0x73, 0xF7, 0xC9, 0xAF, 0x86 }, { 0x5D, 0xF6, 0x78, 0xDD, 0x17, 0xBA, 0x4E, 0x75, 0xB6, 0x17, 0x68, 0xC6, 0xAD, 0xEF, 0x7C, 0x7B }, { 0x48, 0x04, 0xE1, 0x81, 0x8F, 0xE6, 0x29, 0x75, 0x19, 0xA3, 0xE8, 0x8C, 0x57, 0x31, 0x04, 0x13 } }; static const uint8_t aes_test_cbc_enc[3][16] = { { 0x8A, 0x05, 0xFC, 0x5E, 0x09, 0x5A, 0xF4, 0x84, 0x8A, 0x08, 0xD3, 0x28, 0xD3, 0x68, 0x8E, 0x3D }, { 0x7B, 0xD9, 0x66, 0xD5, 0x3A, 0xD8, 0xC1, 0xBB, 0x85, 0xD2, 0xAD, 0xFA, 0xE8, 0x7B, 0xB1, 0x04 }, { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5, 0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 } }; #if 0 /* * AES-CFB128 test vectors from: * * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */ static const uint8_t aes_test_cfb128_key[3][32] = { { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }, { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }, { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } }; static const uint8_t aes_test_cfb128_iv[16] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; static const uint8_t aes_test_cfb128_pt[64] = { 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A, 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C, 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51, 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11, 0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF, 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17, 0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10 }; static const uint8_t aes_test_cfb128_ct[3][64] = { { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, 0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A, 0xC8, 0xA6, 0x45, 0x37, 0xA0, 0xB3, 0xA9, 0x3F, 0xCD, 0xE3, 0xCD, 0xAD, 0x9F, 0x1C, 0xE5, 0x8B, 0x26, 0x75, 0x1F, 0x67, 0xA3, 0xCB, 0xB1, 0x40, 0xB1, 0x80, 0x8C, 0xF1, 0x87, 0xA4, 0xF4, 0xDF, 0xC0, 0x4B, 0x05, 0x35, 0x7C, 0x5D, 0x1C, 0x0E, 0xEA, 0xC4, 0xC6, 0x6F, 0x9F, 0xF7, 0xF2, 0xE6 }, { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB, 0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74, 0x67, 0xCE, 0x7F, 0x7F, 0x81, 0x17, 0x36, 0x21, 0x96, 0x1A, 0x2B, 0x70, 0x17, 0x1D, 0x3D, 0x7A, 0x2E, 0x1E, 0x8A, 0x1D, 0xD5, 0x9B, 0x88, 0xB1, 0xC8, 0xE6, 0x0F, 0xED, 0x1E, 0xFA, 0xC4, 0xC9, 0xC0, 0x5F, 0x9F, 0x9C, 0xA9, 0x83, 0x4F, 0xA0, 0x42, 0xAE, 0x8F, 0xBA, 0x58, 0x4B, 0x09, 0xFF }, { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B, 0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60, 0x39, 0xFF, 0xED, 0x14, 0x3B, 0x28, 0xB1, 0xC8, 0x32, 0x11, 0x3C, 0x63, 0x31, 0xE5, 0x40, 0x7B, 0xDF, 0x10, 0x13, 0x24, 0x15, 0xE5, 0x4B, 0x92, 0xA1, 0x3E, 0xD0, 0xA8, 0x26, 0x7A, 0xE2, 0xF9, 0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8, 0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 } }; #endif /* * AES-CTR test vectors from: * * http://www.faqs.org/rfcs/rfc3686.html */ static const uint8_t aes_test_ctr_key[3][16] = { { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC, 0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E }, { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7, 0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 }, { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8, 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC } }; static const uint8_t aes_test_ctr_nonce_counter[3][16] = { { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59, 0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 }, { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F, 0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 } }; static const uint8_t aes_test_ctr_pt[3][48] = { { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 }, { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F }, { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23 } }; static const uint8_t aes_test_ctr_ct[3][48] = { { 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79, 0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8 }, { 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9, 0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88, 0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8, 0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28 }, { 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9, 0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7, 0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36, 0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53, 0x25, 0xB2, 0x07, 0x2F } }; static const int aes_test_ctr_len[3] = { 16, 32, 36 }; #if 0 #define MBEDTLS_GCM_ENCRYPT 1 #define MBEDTLS_GCM_DECRYPT 0 /* * AES-GCM test vectors from: * * http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip */ #define MAX_TESTS 6 static const int key_index[MAX_TESTS] = { 0, 0, 1, 1, 1, 1 }; static const unsigned char key[MAX_TESTS][32] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, }; static const size_t iv_len[MAX_TESTS] = { 12, 12, 12, 12, 8, 60 }; static const int iv_index[MAX_TESTS] = { 0, 0, 1, 1, 1, 2 }; static const unsigned char iv[MAX_TESTS][64] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 }, { 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5, 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa, 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1, 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28, 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39, 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54, 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57, 0xa6, 0x37, 0xb3, 0x9b }, }; static const size_t add_len[MAX_TESTS] = { 0, 0, 0, 20, 20, 20 }; static const int add_index[MAX_TESTS] = { 0, 0, 0, 1, 1, 1 }; static const unsigned char additional[MAX_TESTS][64] = { { 0x00 }, { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 }, }; static const size_t pt_len[MAX_TESTS] = { 0, 16, 64, 60, 60, 60 }; static const int pt_index[MAX_TESTS] = { 0, 0, 1, 1, 1, 1 }; static const unsigned char pt[MAX_TESTS][64] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, }; static const unsigned char ct[MAX_TESTS * 3][64] = { { 0x00 }, { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 }, { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 }, { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, 0x3d, 0x58, 0xe0, 0x91 }, { 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a, 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55, 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8, 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23, 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2, 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42, 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07, 0xc2, 0x3f, 0x45, 0x98 }, { 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6, 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94, 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8, 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7, 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90, 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f, 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03, 0x4c, 0x34, 0xae, 0xe5 }, { 0x00 }, { 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41, 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00 }, { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56 }, { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, 0xcc, 0xda, 0x27, 0x10 }, { 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54, 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8, 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f, 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57, 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75, 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9, 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f, 0xa0, 0xf0, 0x62, 0xf7 }, { 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c, 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff, 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef, 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45, 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9, 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3, 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7, 0xe9, 0xb7, 0x37, 0x3b }, { 0x00 }, { 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e, 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18 }, { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad }, { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, 0xbc, 0xc9, 0xf6, 0x62 }, { 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32, 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb, 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa, 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0, 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0, 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78, 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99, 0xf4, 0x7c, 0x9b, 0x1f }, { 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1, 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20, 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19, 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4, 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45, 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde, 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e, 0x44, 0xae, 0x7e, 0x3f }, }; static const unsigned char tag[MAX_TESTS * 3][16] = { { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a }, { 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd, 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf }, { 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 }, { 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb, 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 }, { 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85, 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb }, { 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa, 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50 }, { 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b, 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 }, { 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab, 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb }, { 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf, 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 }, { 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f, 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c }, { 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24, 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8 }, { 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb, 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9 }, { 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9, 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b }, { 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0, 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 }, { 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd, 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c }, { 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b }, { 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4, 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 }, { 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0, 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a }, }; #endif /* * Checkup routine */ int mbedtls_aes_self_test( int verbose ) { #if 1 int ret = 0, i, j, u, v; uint8_t key[32]; uint8_t buf[64]; uint8_t iv[16]; uint8_t prv[16]; size_t offset; uint32_t olen; size_t len; uint8_t nonce_counter[16]; uint8_t stream_block[16]; mbedtls_aes_context ctx; os_mem_set( key, 0, 32 ); mbedtls_aes_init( &ctx ); #if ECB_TEST /* * ECB mode */ for( i = 0; i < 6; i++ ) { u = i >> 1; v = i & 1; if( verbose != 0 ) mbedtls_printf( " AES-ECB-%3d (%s): ", 128 + u * 64, ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); os_mem_set( buf, 0, 16); if( v == MBEDTLS_AES_DECRYPT ) { if(sw_aes) mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 ); else sec_sys_aes_setkey_dec(key, 128 + u * 64); for( j = 0; j < 10000; j++ ){ if(sw_aes) mbedtls_aes_crypt_ecb( &ctx, v, buf, buf ); else sec_sys_aes_crypt_ecb(v, 16, buf, buf, &olen); } if( os_mem_cmp( buf, aes_test_ecb_dec[u], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } else { if(sw_aes) mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); else sec_sys_aes_setkey_enc(key, 128 + u *64 ); for( j = 0; j < 10000; j++ ){ if(sw_aes) mbedtls_aes_crypt_ecb( &ctx, v, buf, buf ); else sec_sys_aes_crypt_ecb(v, 16, buf, buf, &olen ); } if( os_mem_cmp( buf, aes_test_ecb_enc[u], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); #endif #if CBC_TEST /* * CBC mode */ for( i = 0; i < 6; i++ ) { u = i >> 1; v = i & 1; if( verbose != 0 ) mbedtls_printf( " AES-CBC-%3d (%s): ", 128 + u * 64, ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); os_mem_set( iv , 0, 16 ); os_mem_set( prv, 0, 16 ); os_mem_set( buf, 0, 16 ); if( v == MBEDTLS_AES_DECRYPT ) { if(sw_aes) mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 ); else sec_sys_aes_setkey_dec(key, 128 + u * 64); for( j = 0; j < 10000; j++ ){ if(sw_aes){ mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); } else { uint8_t tmp[16]; os_mem_cpy(tmp, buf, 16); sec_sys_aes_crypt_cbc(v, 16, iv, buf, buf, &olen); os_mem_cpy(iv, tmp, 16); } } if( os_mem_cmp( buf, aes_test_cbc_dec[u], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } else { if(sw_aes) mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); else sec_sys_aes_setkey_enc(key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) { uint8_t tmp[16]; if(sw_aes){ mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); } else{ sec_sys_aes_crypt_cbc(v, 16, iv, buf, buf, &olen); os_mem_cpy(iv, buf, 16); } os_mem_cpy( tmp, prv, 16 ); os_mem_cpy( prv, buf, 16 ); os_mem_cpy( buf, tmp, 16 ); } if( os_mem_cmp( prv, aes_test_cbc_enc[u], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); #endif #if CTR_TEST /* * CTR mode */ for( i = 0; i < 6; i++ ) { u = i >> 1; v = i & 1; if( verbose != 0 ) mbedtls_printf( " AES-CTR-128 (%s): ", ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); os_mem_cpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); os_mem_cpy( key, aes_test_ctr_key[u], 16 ); offset = 0; if(sw_aes) mbedtls_aes_setkey_enc( &ctx, key, 128 ); else sec_sys_aes_setkey_enc(key, 128); if( v == MBEDTLS_AES_DECRYPT ) { len = aes_test_ctr_len[u]; os_mem_cpy( buf, aes_test_ctr_ct[u], len ); if(sw_aes){ mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); }else { sec_sys_aes_crypt_ctr(len, &offset, nonce_counter, stream_block, buf, buf, &olen); } if( os_mem_cmp( buf, aes_test_ctr_pt[u], len ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } else { len = aes_test_ctr_len[u]; os_mem_cpy( buf, aes_test_ctr_pt[u], len ); if(sw_aes){ mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); } else { sec_sys_aes_crypt_ctr(len, &offset, nonce_counter, stream_block, buf, buf, &olen); } if( os_mem_cmp( buf, aes_test_ctr_ct[u], len ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); #endif ret = 0; exit: mbedtls_aes_free( &ctx ); return( ret ); #else int ret = 0, i, j, u, v; uint8_t key[32]; uint8_t buf[64]; uint8_t iv[16]; uint8_t prv[16]; size_t offset; int len; uint8_t nonce_counter[16]; uint8_t stream_block[16]; mbedtls_aes_context ctx; os_mem_set( key, 0, 32 ); mbedtls_aes_init( &ctx ); /* * ECB mode */ for( i = 0; i < 6; i++ ) { u = i >> 1; v = i & 1; if( verbose != 0 ) mbedtls_printf( " AES-ECB-%3d (%s): ", 128 + u * 64, ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); os_mem_set( buf, 0, 16 ); if( v == MBEDTLS_AES_DECRYPT ) { mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) mbedtls_aes_crypt_ecb( &ctx, v, buf, buf ); if( os_mem_cmp( buf, aes_test_ecb_dec[u], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } else { mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) mbedtls_aes_crypt_ecb( &ctx, v, buf, buf ); if( os_mem_cmp( buf, aes_test_ecb_enc[u], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); /* * CBC mode */ for( i = 0; i < 6; i++ ) { u = i >> 1; v = i & 1; if( verbose != 0 ) mbedtls_printf( " AES-CBC-%3d (%s): ", 128 + u * 64, ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); os_mem_set( iv , 0, 16 ); os_mem_set( prv, 0, 16 ); os_mem_set( buf, 0, 16 ); if( v == MBEDTLS_AES_DECRYPT ) { mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); if( os_mem_cmp( buf, aes_test_cbc_dec[u], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } else { mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) { uint8_t tmp[16]; mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); os_mem_cpy( tmp, prv, 16 ); os_mem_cpy( prv, buf, 16 ); os_mem_cpy( buf, tmp, 16 ); } if( os_mem_cmp( prv, aes_test_cbc_enc[u], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); #if defined(MBEDTLS_CIPHER_MODE_CFB) /* * CFB128 mode */ for( i = 0; i < 6; i++ ) { u = i >> 1; v = i & 1; if( verbose != 0 ) mbedtls_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64, ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); os_mem_cpy( iv, aes_test_cfb128_iv, 16 ); os_mem_cpy( key, aes_test_cfb128_key[u], 16 + u * 8 ); offset = 0; mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); if( v == MBEDTLS_AES_DECRYPT ) { os_mem_cpy( buf, aes_test_cfb128_ct[u], 64 ); mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); if( os_mem_cmp( buf, aes_test_cfb128_pt, 64 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } else { os_mem_cpy( buf, aes_test_cfb128_pt, 64 ); mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); if( os_mem_cmp( buf, aes_test_cfb128_ct[u], 64 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ /* * CTR mode */ for( i = 0; i < 6; i++ ) { u = i >> 1; v = i & 1; if( verbose != 0 ) mbedtls_printf( " AES-CTR-128 (%s): ", ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); os_mem_cpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); os_mem_cpy( key, aes_test_ctr_key[u], 16 ); offset = 0; mbedtls_aes_setkey_enc( &ctx, key, 128 ); if( v == MBEDTLS_AES_DECRYPT ) { len = aes_test_ctr_len[u]; os_mem_cpy( buf, aes_test_ctr_ct[u], len ); mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); if( os_mem_cmp( buf, aes_test_ctr_pt[u], len ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } else { len = aes_test_ctr_len[u]; os_mem_cpy( buf, aes_test_ctr_pt[u], len ); mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); if( os_mem_cmp( buf, aes_test_ctr_ct[u], len ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); ret = 1; goto exit; } } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } if( verbose != 0 ) mbedtls_printf( "\n" ); ret = 0; exit: mbedtls_aes_free( &ctx ); return( ret ); #endif } #if 0 int mbedtls_gcm_self_test( int verbose ) { unsigned char buf[64]; unsigned char tag_buf[16]; int i, j, ret; sec_sys_aes_init(); for( j = 0; j < 3; j++ ) { int key_len = 128 + 64 * j; for( i = 0; i < MAX_TESTS; i++ ) { if( verbose != 0 ) mbedtls_printf( " AES-GCM-%3d #%d (%s): ", key_len, i, "enc" ); sec_sys_aes_gcm_setkey( key[key_index[i]], key_len ); ret = sec_sys_aes_crypt_gcm( MBEDTLS_GCM_ENCRYPT, pt_len[i], iv[iv_index[i]], iv_len[i], additional[add_index[i]], add_len[i], pt[pt_index[i]], buf, 16, tag_buf ); if( ret != 0 || os_mem_cmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 || os_mem_cmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); if( verbose != 0 ) mbedtls_printf( " AES-GCM-%3d #%d (%s): ", key_len, i, "dec" ); sec_sys_aes_gcm_setkey( key[key_index[i]], key_len ); ret = sec_sys_aes_crypt_gcm( MBEDTLS_GCM_DECRYPT, pt_len[i], iv[iv_index[i]], iv_len[i], additional[add_index[i]], add_len[i], ct[j * 6 + i], buf, 16, tag_buf ); if( ret != 0 || os_mem_cmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 || os_mem_cmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); if( verbose != 0 ) mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", key_len, i, "enc" ); sec_sys_aes_gcm_setkey( key[key_index[i]], key_len ); ret = sec_sys_gcm_starts( MBEDTLS_GCM_ENCRYPT, iv[iv_index[i]], iv_len[i], additional[add_index[i]], add_len[i] ); if( ret != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } if( pt_len[i] > 32 ) { size_t rest_len = pt_len[i] - 32; ret = sec_sys_gcm_update( 32, pt[pt_index[i]], buf ); if( ret != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } ret = sec_sys_gcm_update( rest_len, pt[pt_index[i]] + 32, buf + 32 ); if( ret != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } } else { ret = sec_sys_gcm_update( pt_len[i], pt[pt_index[i]], buf ); if( ret != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } } ret = sec_sys_gcm_finish(tag_buf, 16 ); if( ret != 0 || os_mem_cmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 || os_mem_cmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); if( verbose != 0 ) mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", key_len, i, "dec" ); sec_sys_aes_gcm_setkey(key[key_index[i]], key_len ); ret = sec_sys_gcm_starts(MBEDTLS_GCM_DECRYPT, iv[iv_index[i]], iv_len[i], additional[add_index[i]], add_len[i] ); if( ret != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } if( pt_len[i] > 32 ) { size_t rest_len = pt_len[i] - 32; ret = sec_sys_gcm_update(32, ct[j * 6 + i], buf ); if( ret != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } ret = sec_sys_gcm_update(rest_len, ct[j * 6 + i] + 32, buf + 32 ); if( ret != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } } else { ret = sec_sys_gcm_update( pt_len[i], ct[j * 6 + i], buf ); if( ret != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } } ret = sec_sys_gcm_finish( tag_buf, 16 ); if( ret != 0 || os_mem_cmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 || os_mem_cmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); continue; } if( verbose != 0 ) mbedtls_printf( "passed\n" ); } } if( verbose != 0 ) mbedtls_printf( "\n" ); return true; } #define MBEDTLS_GCM_ENCRYPT 1 #define MBEDTLS_GCM_DECRYPT 0 uint32_t aes_128_gcm_test() { static const uint8_t key[] = { 0xfe,0xff,0xe9,0x92,0x86,0x65,0x73,0x1c, 0x6d,0x6a,0x8f,0x94,0x67,0x30,0x83,0x08 }; static const uint8_t iv[] = { 0xca,0xfe,0xba,0xbe,0xfa,0xce,0xdb,0xad,0xde,0xca,0xf8,0x88 }; static const uint8_t add[] = { 0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef,0xfe,0xed,0xfa,0xce,0xde,0xad,0xbe,0xef, 0xab,0xad,0xda,0xd2 }; static const uint8_t pt[] = { 0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39 }; static uint8_t ct[] = { 0x42,0x83,0x1e,0xc2,0x21,0x77,0x74,0x24,0x4b,0x72,0x21,0xb7,0x84,0xd0,0xd4,0x9c, 0xe3,0xaa,0x21,0x2f,0x2c,0x02,0xa4,0xe0,0x35,0xc1,0x7e,0x23,0x29,0xac,0xa1,0x2e, 0x21,0xd5,0x14,0xb2,0x54,0x66,0x93,0x1c,0x7d,0x8f,0x6a,0x5a,0xac,0x84,0xaa,0x05, 0x1b,0xa3,0x0b,0x39,0x6a,0x0a,0xac,0x97,0x3d,0x58,0xe0,0x91 }; static uint8_t tag[16] = { /*0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a*/ 0x5b,0xc9,0x4f,0xbc,0x32,0x21,0xa5,0xdb,0x94,0xfa,0xe9,0x5a,0xe7,0x12,0x1a,0x47 }; static uint8_t buf[256]; static uint8_t tag_buf[16]; sec_sys_aes_init(); sec_sys_aes_gcm_setkey( key, sizeof(key)*8 ); sec_sys_aes_crypt_gcm(MBEDTLS_GCM_ENCRYPT, sizeof(pt), iv, sizeof(iv), add, sizeof(add), pt, buf, 16, tag_buf ); if( (os_mem_cmp(tag, tag_buf, 16) != 0) && (os_mem_cmp(buf, ct, 16) != 0)){ mbedtls_printf( "GCM failed\n" ); } else { mbedtls_printf( "GCM passed\n" ); } return 0; } #endif int aes_main( ) { sec_sys_aes_init(); mbedtls_aes_self_test(1); //mbedtls_gcm_self_test(1); return 0; }