From 297706a14d4024d0e98bbbcae45ce0dcfbcc5c4c Mon Sep 17 00:00:00 2001 From: Constanza Heath Date: Mon, 18 Apr 2016 17:57:02 -0700 Subject: [PATCH] Adding ECC_DH, ECC_DSA, ECC_UTILS, and CMAC test cases. Adjusting namespacing to clarify when TC_ is for TinyCrypt vs Test Case. Signed-off-by: Constanza Heath --- VERSION | 2 +- documentation/tinycrypt.rst | 1 - lib/Makefile | 42 +- lib/include/tinycrypt/aes.h | 16 +- lib/include/tinycrypt/cbc_mode.h | 8 +- lib/include/tinycrypt/ccm_mode.h | 12 +- lib/include/tinycrypt/cmac_mode.h | 20 +- lib/include/tinycrypt/ctr_mode.h | 4 +- lib/include/tinycrypt/ctr_prng.h | 16 +- lib/include/tinycrypt/ecc.h | 8 +- lib/include/tinycrypt/ecc_dh.h | 8 +- lib/include/tinycrypt/ecc_dsa.h | 8 +- lib/include/tinycrypt/hmac.h | 16 +- lib/include/tinycrypt/hmac_prng.h | 12 +- lib/include/tinycrypt/sha256.h | 12 +- lib/include/tinycrypt/utils.h | 8 +- lib/source/aes_decrypt.c | 8 +- lib/source/aes_encrypt.c | 14 +- lib/source/cbc_mode.c | 8 +- lib/source/ccm_mode.c | 24 +- lib/source/cmac_mode.c | 28 +- lib/source/ctr_mode.c | 6 +- lib/source/ctr_prng.c | 15 +- lib/source/hmac.c | 16 +- lib/source/hmac_prng.c | 14 +- lib/source/sha256.c | 14 +- lib/source/utils.c | 2 +- tests/Makefile | 74 ++-- tests/include/test_ecc_utils.h | 82 ++++ tests/include/test_utils.h | 28 +- tests/test_aes.c | 50 ++- tests/test_cbc_mode.c | 31 +- tests/test_ccm_mode.c | 377 ++++++++++++++++++ tests/test_cmac_mode.c | 305 +++++++++++++++ tests/test_ctr_mode.c | 61 +-- tests/test_ctr_prng.c | 19 +- tests/test_ecc_dh.c | 418 ++++++++++++++++++++ tests/test_ecc_dsa.c | 611 ++++++++++++++++++++++++++++++ tests/test_ecc_utils.c | 230 +++++++++++ tests/test_hmac.c | 227 ++++++----- tests/test_hmac_prng.c | 33 +- tests/test_sha256.c | 144 +++---- 42 files changed, 2575 insertions(+), 457 deletions(-) create mode 100644 tests/include/test_ecc_utils.h create mode 100644 tests/test_ccm_mode.c create mode 100644 tests/test_cmac_mode.c create mode 100644 tests/test_ecc_dh.c create mode 100644 tests/test_ecc_dsa.c create mode 100644 tests/test_ecc_utils.c diff --git a/VERSION b/VERSION index 0d91a54..227cea2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.3.0 +2.0.0 diff --git a/documentation/tinycrypt.rst b/documentation/tinycrypt.rst index 3472c50..426e0f4 100644 --- a/documentation/tinycrypt.rst +++ b/documentation/tinycrypt.rst @@ -1,4 +1,3 @@ -.. _crypto: TinyCrypt Cryptographic Library ############################### diff --git a/lib/Makefile b/lib/Makefile index 3285376..8ac4220 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -9,39 +9,41 @@ include ../config.mk # Edit the OBJS content to add/remove primitives needed from TinyCrypt library: -OBJS = utils.o \ - aes_decrypt.o \ +OBJS = aes_decrypt.o \ aes_encrypt.o \ cbc_mode.o \ ctr_mode.o \ ctr_prng.o \ - ccm_mode.o \ - cmac_mode.o \ hmac.o \ hmac_prng.o \ sha256.o \ ecc.o \ ecc_dh.o \ - ecc_dsa.o + ecc_dsa.o \ + ccm_mode.o \ + cmac_mode.o \ + utils.o all: $(OBJS) +.PHONY: clean + clean: - $(RM) *.o *.gch core *dump *~ + -$(RM) *.exe *.o *~ # Dependencies -aes_decrypt.o: aes_decrypt.c aes.h utils.o -aes_encrypt.o: aes_encrypt.c aes.h utils.o -cbc_mode.o: cbc_mode.c cbc_mode.h utils.o -ctr_mode.o: ctr_mode.c ctr_mode.h utils.o -ctr_prng.o: ctr_prng.c ctr_prng.h -ccm_mode.o: ccm_mode.c ccm_mode.h utils.o -cmac_mode.o: ccm_mode.c ccm_mode.h utils.o -hmac.o: hmac.c hmac.h utils.o -hmac_prng.o: hmac_prng.c hmac_prng.h utils.o -sha256.o: sha256.c sha256.h utils.o -ecc_dh.o: ecc_dh.c ecc_dh.h ecc.o -ecc_dsa.o: ecc_dsa.c ecc_dsa.h ecc.o -ecc.o: ecc.c ecc.h -utils.o: utils.c utils.h +aes_decrypt.o: aes.h constants.h utils.h +aes_encrypt.o: aes.h constants.h utils.h +cbc_mode.o: cbc_mode.h constants.h utils.h +ctr_mode.o: ctr_mode.h constants.h utils.h +ctr_prng.o: ctr_prng.h constants.h utils.h +ccm_mode.o: ccm_mode.h constants.h utils.h +cmac_mode.o: cmac_mode.h aes.h constants.h utils.h +hmac.o: hmac.h constants.h utils.h +hmac_prng.o: hmac_prng.h constants.h utils.h +sha256.o: sha256.h constants.h utils.h +ecc.o: ecc.h +ecc_dh.o: ecc_dh.h +ecc_dsa.o: ecc_dsa.h +utils.o: utils.h diff --git a/lib/include/tinycrypt/aes.h b/lib/include/tinycrypt/aes.h index c6fcc96..b6dbbb5 100644 --- a/lib/include/tinycrypt/aes.h +++ b/lib/include/tinycrypt/aes.h @@ -69,8 +69,8 @@ typedef struct tc_aes_key_sched_struct *TCAesKeySched_t; /** * @brief Set AES-128 encryption key * Uses key k to initialize s - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: s == NULL or k == NULL + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: s == NULL or k == NULL * @note This implementation skips the additional steps required for keys * larger than 128 bits, and must not be used for AES-192 or * AES-256 key schedule -- see FIPS 197 for details @@ -85,8 +85,8 @@ int32_t tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k); * schedule s * @note Assumes s was initialized by aes_set_encrypt_key; * out and in point to 16 byte buffers - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: out == NULL or in == NULL or s == NULL + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: out == NULL or in == NULL or s == NULL * @param out IN/OUT -- buffer to receive ciphertext block * @param in IN -- a plaintext block to encrypt * @param s IN -- initialized AES key schedule @@ -98,8 +98,8 @@ int32_t tc_aes_encrypt(uint8_t *out, /** * @brief Set the AES-128 decryption key * Uses key k to initialize s - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: s == NULL or k == NULL + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: s == NULL or k == NULL * @note This is the implementation of the straightforward inverse cipher * using the cipher documented in FIPS-197 figure 12, not the * equivalent inverse cipher presented in Figure 15 @@ -114,8 +114,8 @@ int32_t tc_aes128_set_decrypt_key(TCAesKeySched_t s, const uint8_t *k); /** * @brief AES-128 Encryption procedure * Decrypts in buffer into out buffer under key schedule s - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: out is NULL or in is NULL or s is NULL + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: out is NULL or in is NULL or s is NULL * @note Assumes s was initialized by aes_set_encrypt_key * out and in point to 16 byte buffers * @param out IN/OUT -- buffer to receive ciphertext block diff --git a/lib/include/tinycrypt/cbc_mode.h b/lib/include/tinycrypt/cbc_mode.h index 25d9269..74d2914 100644 --- a/lib/include/tinycrypt/cbc_mode.h +++ b/lib/include/tinycrypt/cbc_mode.h @@ -84,8 +84,8 @@ extern "C" { * @brief CBC encryption procedure * CBC encrypts inlen bytes of the in buffer into the out buffer * using the encryption key schedule provided, prepends iv to out - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * out == NULL or * in == NULL or * ctr == NULL or @@ -115,8 +115,8 @@ int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, * @brief CBC decryption procedure * CBC decrypts inlen bytes of the in buffer into the out buffer * using the provided encryption key schedule - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * out == NULL or * in == NULL or * sched == NULL or diff --git a/lib/include/tinycrypt/ccm_mode.h b/lib/include/tinycrypt/ccm_mode.h index d018188..9fa5915 100644 --- a/lib/include/tinycrypt/ccm_mode.h +++ b/lib/include/tinycrypt/ccm_mode.h @@ -96,8 +96,8 @@ typedef struct tc_ccm_mode_struct { /** * @brief CCM configuration procedure - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * c == NULL or * sched == NULL or * nonce == NULL or @@ -113,8 +113,8 @@ int32_t tc_ccm_config(TCCcmMode_t c, TCAesKeySched_t sched, uint8_t *nonce, /** * @brief CCM tag generation and encryption procedure - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * out == NULL or * c == NULL or * ((plen > 0) and (payload == NULL)) or @@ -155,8 +155,8 @@ int32_t tc_ccm_generation_encryption(uint8_t *out, const uint8_t *associated_dat /** * @brief CCM decryption and tag verification procedure - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * out == NULL or * c == NULL or * ((plen > 0) and (payload == NULL)) or diff --git a/lib/include/tinycrypt/cmac_mode.h b/lib/include/tinycrypt/cmac_mode.h index 80f8462..9d3f130 100644 --- a/lib/include/tinycrypt/cmac_mode.h +++ b/lib/include/tinycrypt/cmac_mode.h @@ -130,8 +130,8 @@ typedef struct tc_cmac_struct { /** * @brief Configures the CMAC state to use the given AES key - * @return returns TC_SUCCESS (1) after having configured the CMAC state - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) after having configured the CMAC state + * returns TC_CRYPTO_FAIL (0) if: * s == NULL or * key == NULL * @@ -144,8 +144,8 @@ int32_t tc_cmac_setup(TCCmacState_t s, const uint8_t *key, /** * @brief Erases the CMAC state - * @return returns TC_SUCCESS (1) after having configured the CMAC state - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) after having configured the CMAC state + * returns TC_CRYPTO_FAIL (0) if: * s == NULL * * @param s IN/OUT -- the state to erase @@ -154,8 +154,8 @@ int32_t tc_cmac_erase(TCCmacState_t s); /** * @brief Initializes a new CMAC computation - * @return returns TC_SUCCESS (1) after having initialized the CMAC state - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) after having initialized the CMAC state + * returns TC_CRYPTO_FAIL (0) if: * s == NULL * * @param s IN/OUT -- the state to initialize @@ -164,8 +164,8 @@ int32_t tc_cmac_init(TCCmacState_t s); /** * @brief Incrementally computes CMAC over the next data segment - * @return returns TC_SUCCESS (1) after successfully updating the CMAC state - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) after successfully updating the CMAC state + * returns TC_CRYPTO_FAIL (0) if: * s == NULL or * if data == NULL when dlen > 0 * @@ -177,8 +177,8 @@ int32_t tc_cmac_update(TCCmacState_t s, const uint8_t *data, size_t dlen); /** * @brief Generates the tag from the CMAC state - * @return returns TC_SUCCESS (1) after successfully generating the tag - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) after successfully generating the tag + * returns TC_CRYPTO_FAIL (0) if: * tag == NULL or * s == NULL * diff --git a/lib/include/tinycrypt/ctr_mode.h b/lib/include/tinycrypt/ctr_mode.h index b587a44..5f7766d 100644 --- a/lib/include/tinycrypt/ctr_mode.h +++ b/lib/include/tinycrypt/ctr_mode.h @@ -77,8 +77,8 @@ extern "C" { /** * @brief CTR mode encryption/decryption procedure. * CTR mode encrypts (or decrypts) inlen bytes from in buffer into out buffer - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * out == NULL or * in == NULL or * ctr == NULL or diff --git a/lib/include/tinycrypt/ctr_prng.h b/lib/include/tinycrypt/ctr_prng.h index 8347638..12cac8f 100644 --- a/lib/include/tinycrypt/ctr_prng.h +++ b/lib/include/tinycrypt/ctr_prng.h @@ -61,6 +61,8 @@ #include +#define TC_CTR_PRNG_RESEED_REQ -1 + #ifdef __cplusplus extern "C" { #endif @@ -81,8 +83,8 @@ typedef struct /** * @brief CTR-PRNG initialization procedure * Initializes prng context with entropy and personalization string (if any) - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * ctx == NULL, * entropy == NULL, * entropyLen < (TC_AES_KEY_SIZE + TC_AES_BLOCK_SIZE) @@ -106,8 +108,8 @@ int32_t tc_ctr_prng_init(TCCtrPrng_t * const ctx, /** * @brief CTR-PRNG reseed procedure * Mixes entropy and additional_input into the prng context - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * ctx == NULL, * entropy == NULL, * entropylen < (TC_AES_KEY_SIZE + TC_AES_BLOCK_SIZE) @@ -131,9 +133,9 @@ int32_t tc_ctr_prng_reseed(TCCtrPrng_t * const ctx, /** * @brief CTR-PRNG generate procedure * Generates outlen pseudo-random bytes into out buffer, updates prng - * @return returns TC_SUCCESS (1) - * returns TC_RESEED_REQ (-1) if a reseed is needed - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CTR_PRNG_RESEED_REQ (-1) if a reseed is needed + * returns TC_CRYPTO_FAIL (0) if: * ctx == NULL, * out == NULL, * outlen >= 2^16 diff --git a/lib/include/tinycrypt/ecc.h b/lib/include/tinycrypt/ecc.h index 3ccccc2..7119475 100644 --- a/lib/include/tinycrypt/ecc.h +++ b/lib/include/tinycrypt/ecc.h @@ -277,8 +277,8 @@ void EccPoint_mult(EccPointJacobi *p_result, EccPoint *p_point, /* * @brief Convert an integer in standard octet representation to native format. - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * out == NULL or * c == NULL or * ((plen > 0) and (payload == NULL)) or @@ -296,8 +296,8 @@ void ecc_bytes2native(uint32_t p_native[NUM_ECC_DIGITS], /* * @brief Convert an integer in native format to standard octet representation. - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * out == NULL or * c == NULL or * ((plen > 0) and (payload == NULL)) or diff --git a/lib/include/tinycrypt/ecc_dh.h b/lib/include/tinycrypt/ecc_dh.h index 7c7c98f..19a1069 100644 --- a/lib/include/tinycrypt/ecc_dh.h +++ b/lib/include/tinycrypt/ecc_dh.h @@ -80,8 +80,8 @@ extern "C" { /** * @brief Create a public/private key pair. - * @return returns TC_SUCCESS (1) if the key pair was generated successfully - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) if the key pair was generated successfully + * returns TC_CRYPTO_FAIL (0) if: * the private key is 0 * @param p_publicKey OUT -- the point representing the public key. @@ -116,8 +116,8 @@ int32_t ecc_valid_public_key(EccPoint *p_publicKey); /** * @brief Compute a shared secret given your secret key and someone else's * public key. - * @return returns TC_SUCCESS (1) if the shared secret was computed successfully - * returns TC_FAIL (0) otherwise + * @return returns TC_CRYPTO_SUCCESS (1) if the shared secret was computed successfully + * returns TC_CRYPTO_FAIL (0) otherwise * * @param p_secret OUT -- The shared secret value. * @param p_publicKey IN -- The public key of the remote party. diff --git a/lib/include/tinycrypt/ecc_dsa.h b/lib/include/tinycrypt/ecc_dsa.h index 7aaf8d5..a037fa5 100644 --- a/lib/include/tinycrypt/ecc_dsa.h +++ b/lib/include/tinycrypt/ecc_dsa.h @@ -87,8 +87,8 @@ extern "C" { /** * @brief Generate an ECDSA signature for a given hash value. - * @return returns TC_SUCCESS (1) if the the signature generated successfully - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) if the the signature generated successfully + * returns TC_CRYPTO_FAIL (0) if: * r == 0 or * p_random == 0 * @@ -112,8 +112,8 @@ int32_t ecdsa_sign(uint32_t r[NUM_ECC_DIGITS], uint32_t s[NUM_ECC_DIGITS], /** * @brief Verify an ECDSA signature. - * @return returns TC_SUCCESS (1) if the the signature generated successfully - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) if the the signature generated successfully + * returns TC_CRYPTO_FAIL (0) if: * r == 0 or * p_random == 0 * diff --git a/lib/include/tinycrypt/hmac.h b/lib/include/tinycrypt/hmac.h index 99a1d88..41e712a 100644 --- a/lib/include/tinycrypt/hmac.h +++ b/lib/include/tinycrypt/hmac.h @@ -80,8 +80,8 @@ typedef struct tc_hmac_state_struct *TCHmacState_t; /** * @brief HMAC set key procedure * Configures ctx to use key - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if * ctx == NULL or * key == NULL or * key_size == 0 @@ -96,8 +96,8 @@ int32_t tc_hmac_set_key(TCHmacState_t ctx, /** * @brief HMAC init procedure * Initializes ctx to begin the next HMAC operation - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: ctx == NULL or key == NULL + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: ctx == NULL or key == NULL * @param ctx IN/OUT -- struct tc_hmac_state_struct buffer to init */ int32_t tc_hmac_init(TCHmacState_t ctx); @@ -105,8 +105,8 @@ int32_t tc_hmac_init(TCHmacState_t ctx); /** * @brief HMAC update procedure * Mixes data_length bytes addressed by data into state - * @return returns TC_SUCCCESS (1) - * returns TC_FAIL (0) if: ctx == NULL or key == NULL + * @return returns TC_CRYPTO_SUCCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: ctx == NULL or key == NULL * @note Assumes state has been initialized by tc_hmac_init * @param ctx IN/OUT -- state of HMAC computation so far * @param data IN -- data to incorporate into state @@ -119,8 +119,8 @@ int32_t tc_hmac_update(TCHmacState_t ctx, /** * @brief HMAC final procedure * Writes the HMAC tag into the tag buffer - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * tag == NULL or * ctx == NULL or * key == NULL or diff --git a/lib/include/tinycrypt/hmac_prng.h b/lib/include/tinycrypt/hmac_prng.h index 54785f8..b631c2c 100644 --- a/lib/include/tinycrypt/hmac_prng.h +++ b/lib/include/tinycrypt/hmac_prng.h @@ -93,8 +93,8 @@ typedef struct tc_hmac_prng_struct *TCHmacPrng_t; /** * @brief HMAC-PRNG initialization procedure * Initializes prng with personalization, disables tc_hmac_prng_generate - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * prng == NULL, * personalization == NULL, * plen > MAX_PLEN @@ -119,8 +119,8 @@ int32_t tc_hmac_prng_init(TCHmacPrng_t prng, /** * @brief HMAC-PRNG reseed procedure * Mixes seed into prng, enables tc_hmac_prng_generate - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * prng == NULL, * seed == NULL, * seedlen < MIN_SLEN, @@ -143,9 +143,9 @@ int32_t tc_hmac_prng_reseed(TCHmacPrng_t prng, const uint8_t *seed, /** * @brief HMAC-PRNG generate procedure * Generates outlen pseudo-random bytes into out buffer, updates prng - * @return returns TC_SUCCESS (1) + * @return returns TC_CRYPTO_SUCCESS (1) * returns TC_HMAC_PRNG_RESEED_REQ (-1) if a reseed is needed - * returns TC_FAIL (0) if: + * returns TC_CRYPTO_FAIL (0) if: * out == NULL, * prng == NULL, * outlen == 0, diff --git a/lib/include/tinycrypt/sha256.h b/lib/include/tinycrypt/sha256.h index 2233f3e..d1e1f61 100644 --- a/lib/include/tinycrypt/sha256.h +++ b/lib/include/tinycrypt/sha256.h @@ -80,8 +80,8 @@ typedef struct tc_sha256_state_struct *TCSha256State_t; /** * @brief SHA256 initialization procedure * Initializes s - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if s == NULL + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if s == NULL * @param s Sha256 state struct */ int32_t tc_sha256_init(TCSha256State_t s); @@ -89,8 +89,8 @@ int32_t tc_sha256_init(TCSha256State_t s); /** * @brief SHA256 update procedure * Hashes data_length bytes addressed by data into state s - * @return returns TC_SUCCESS (1) - * returns TC_FAIl (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * s == NULL, * s->iv == NULL, * data == NULL @@ -109,8 +109,8 @@ int32_t tc_sha256_update(TCSha256State_t s, /** * @brief SHA256 final procedure * Inserts the completed hash computation into digest - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * s == NULL, * s->iv == NULL, * digest == NULL diff --git a/lib/include/tinycrypt/utils.h b/lib/include/tinycrypt/utils.h index 27ddc6f..429934e 100644 --- a/lib/include/tinycrypt/utils.h +++ b/lib/include/tinycrypt/utils.h @@ -46,14 +46,10 @@ extern "C" { #endif -#define TC_SUCCESS 1 -#define TC_FAIL 0 -#define TC_RESEED_REQ -1 - /** * @brief Copy the the buffer 'from' to the buffer 'to'. - * @return returns TC_SUCCESS (1) - * returns TC_FAIL (0) if: + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: * from_len > to_len. * * @param to OUT -- destination buffer diff --git a/lib/source/aes_decrypt.c b/lib/source/aes_decrypt.c index 9291d4e..2e4e3bc 100644 --- a/lib/source/aes_decrypt.c +++ b/lib/source/aes_decrypt.c @@ -134,11 +134,11 @@ int32_t tc_aes_decrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s) uint32_t i; if (out == (uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else if (in == (const uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else if (s == (TCAesKeySched_t) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } (void)_copy(state, sizeof(state), in, sizeof(state)); @@ -160,5 +160,5 @@ int32_t tc_aes_decrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s) /*zeroing out one byte state buffer */ _set(state, ZERO_BYTE, sizeof(state)); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } diff --git a/lib/source/aes_encrypt.c b/lib/source/aes_encrypt.c index 898af0a..6bc73a5 100644 --- a/lib/source/aes_encrypt.c +++ b/lib/source/aes_encrypt.c @@ -77,9 +77,9 @@ int32_t tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k) uint32_t t; if (s == (TCAesKeySched_t) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else if (k == (const uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } for (i = 0; i < Nk; ++i) { @@ -95,7 +95,7 @@ int32_t tc_aes128_set_encrypt_key(TCAesKeySched_t s, const uint8_t *k) s->words[i] = s->words[i-Nk] ^ t; } - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } static inline void add_round_key(uint8_t *s, const uint32_t *k) @@ -161,11 +161,11 @@ int32_t tc_aes_encrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s) uint32_t i; if (out == (uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else if (in == (const uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else if (s == (TCAesKeySched_t) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } (void)_copy(state, sizeof(state), in, sizeof(state)); @@ -187,5 +187,5 @@ int32_t tc_aes_encrypt(uint8_t *out, const uint8_t *in, const TCAesKeySched_t s) /* zeroing out the state buffer */ _set(state, TC_ZERO_BYTE, sizeof(state)); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } diff --git a/lib/source/cbc_mode.c b/lib/source/cbc_mode.c index 759360b..8163e0d 100644 --- a/lib/source/cbc_mode.c +++ b/lib/source/cbc_mode.c @@ -51,7 +51,7 @@ int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, (inlen % TC_AES_BLOCK_SIZE) != 0 || (outlen % TC_AES_BLOCK_SIZE) != 0 || outlen != inlen + TC_AES_BLOCK_SIZE) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* copy iv to the buffer */ @@ -71,7 +71,7 @@ int32_t tc_cbc_mode_encrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, } } - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_cbc_mode_decrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, @@ -91,7 +91,7 @@ int32_t tc_cbc_mode_decrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, (inlen % TC_AES_BLOCK_SIZE) != 0 || (outlen % TC_AES_BLOCK_SIZE) != 0 || outlen != inlen - TC_AES_BLOCK_SIZE) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* @@ -109,5 +109,5 @@ int32_t tc_cbc_mode_decrypt(uint8_t *out, uint32_t outlen, const uint8_t *in, *out++ = buffer[m++] ^ *p++; } - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } diff --git a/lib/source/ccm_mode.c b/lib/source/ccm_mode.c index ff01f21..3e3b90c 100644 --- a/lib/source/ccm_mode.c +++ b/lib/source/ccm_mode.c @@ -44,18 +44,18 @@ int32_t tc_ccm_config(TCCcmMode_t c, TCAesKeySched_t sched, uint8_t *nonce, if (c == (TCCcmMode_t) 0 || sched == (TCAesKeySched_t) 0 || nonce == (uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else if (nlen != 13) { - return TC_FAIL; /* The allowed nonce size is: 13. See documentation.*/ + return TC_CRYPTO_FAIL; /* The allowed nonce size is: 13. See documentation.*/ } else if ((mlen < 4) || (mlen > 16) || (mlen & 1)) { - return TC_FAIL; /* The allowed mac sizes are: 4, 6, 8, 10, 12, 14, 16.*/ + return TC_CRYPTO_FAIL; /* The allowed mac sizes are: 4, 6, 8, 10, 12, 14, 16.*/ } c->mlen = mlen; c->sched = sched; c->nonce = nonce; - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } /** @@ -107,7 +107,7 @@ static int32_t ccm_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in, inlen == 0 || outlen == 0 || outlen != inlen) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* copy the counter to the nonce */ @@ -121,7 +121,7 @@ static int32_t ccm_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in, nonce[14] = (uint8_t)(block_num >> 8); nonce[15] = (uint8_t)(block_num); if (!tc_aes_encrypt(buffer, nonce, sched)) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } } /* update the output */ @@ -131,7 +131,7 @@ static int32_t ccm_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in, /* update the counter */ ctr[14] = nonce[14]; ctr[15] = nonce[15]; - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_ccm_generation_encryption(uint8_t *out, const uint8_t *associated_data, @@ -145,7 +145,7 @@ int32_t tc_ccm_generation_encryption(uint8_t *out, const uint8_t *associated_dat ((alen > 0) && (associated_data == (uint8_t *) 0)) || (alen >= TC_CCM_AAD_MAX_BYTES) || /* associated data size unsupported */ (plen >= TC_CCM_PAYLOAD_MAX_BYTES)) { /* payload size unsupported */ - return TC_FAIL; + return TC_CRYPTO_FAIL; } uint8_t b[Nb * Nk]; @@ -189,7 +189,7 @@ int32_t tc_ccm_generation_encryption(uint8_t *out, const uint8_t *associated_dat *out++ = tag[i] ^ b[i]; } - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_ccm_decryption_verification(uint8_t *out, const uint8_t *associated_data, @@ -205,7 +205,7 @@ int32_t tc_ccm_decryption_verification(uint8_t *out, const uint8_t *associated_d ((alen > 0) && (associated_data == (uint8_t *) 0)) || (alen >= TC_CCM_AAD_MAX_BYTES) || /* associated data size unsupported */ (plen >= TC_CCM_PAYLOAD_MAX_BYTES)) { /* payload size unsupported */ - return TC_FAIL; + return TC_CRYPTO_FAIL; } uint8_t b[Nb * Nk]; @@ -255,8 +255,8 @@ int32_t tc_ccm_decryption_verification(uint8_t *out, const uint8_t *associated_d if (_compare(b, tag, c->mlen) != 0) { /* erase the decrypted buffer in case of mac validation failure: */ _set(out, 0, sizeof(*out)); - return TC_FAIL; + return TC_CRYPTO_FAIL; } - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } diff --git a/lib/source/cmac_mode.c b/lib/source/cmac_mode.c index 99cdf7b..3b31c3e 100644 --- a/lib/source/cmac_mode.c +++ b/lib/source/cmac_mode.c @@ -100,7 +100,7 @@ int32_t tc_cmac_setup(TCCmacState_t s, const uint8_t *key, TCAesKeySched_t sched /* input sanity check: */ if (s == (TCCmacState_t) 0 || key == (const uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* put s into a known state */ @@ -119,26 +119,26 @@ int32_t tc_cmac_setup(TCCmacState_t s, const uint8_t *key, TCAesKeySched_t sched /* reset s->iv to 0 in case someone wants to compute now */ tc_cmac_init(s); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_cmac_erase(TCCmacState_t s) { if (s == (TCCmacState_t) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* destroy the current state */ _set(s, 0, sizeof(*s)); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_cmac_init(TCCmacState_t s) { /* input sanity check: */ if (s == (TCCmacState_t) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* CMAC starts with an all zero initialization vector */ @@ -151,7 +151,7 @@ int32_t tc_cmac_init(TCCmacState_t s) /* Set countdown to max number of calls allowed before re-keying: */ s->countdown = MAX_CALLS; - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_cmac_update(TCCmacState_t s, const uint8_t *data, size_t data_length) @@ -160,17 +160,17 @@ int32_t tc_cmac_update(TCCmacState_t s, const uint8_t *data, size_t data_length) /* input sanity check: */ if (s == (TCCmacState_t) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } if (data_length == 0) { - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } if (data == (const uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } if (s->countdown == 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } s->countdown--; @@ -183,7 +183,7 @@ int32_t tc_cmac_update(TCCmacState_t s, const uint8_t *data, size_t data_length) /* still not enough data to encrypt this time either */ _copy(&s->leftover[s->leftover_offset], data_length, data, data_length); s->leftover_offset += data_length; - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } /* leftover block is now full; encrypt it first */ _copy(&s->leftover[s->leftover_offset], @@ -216,7 +216,7 @@ int32_t tc_cmac_update(TCCmacState_t s, const uint8_t *data, size_t data_length) s->leftover_offset = data_length; } - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_cmac_final(uint8_t *tag, TCCmacState_t s) @@ -227,7 +227,7 @@ int32_t tc_cmac_final(uint8_t *tag, TCCmacState_t s) /* input sanity check: */ if (tag == (uint8_t *) 0 || s == (TCCmacState_t) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } if (s->leftover_offset == TC_AES_BLOCK_SIZE) { @@ -250,5 +250,5 @@ int32_t tc_cmac_final(uint8_t *tag, TCCmacState_t s) /* erasing state: */ tc_cmac_erase(s); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } diff --git a/lib/source/ctr_mode.c b/lib/source/ctr_mode.c index cb0a08b..7ba53d0 100644 --- a/lib/source/ctr_mode.c +++ b/lib/source/ctr_mode.c @@ -51,7 +51,7 @@ int32_t tc_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in, inlen == 0 || outlen == 0 || outlen != inlen) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* copy the ctr to the nonce */ @@ -70,7 +70,7 @@ int32_t tc_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in, nonce[14] = (uint8_t)(block_num >> 8); nonce[15] = (uint8_t)(block_num); } else { - return TC_FAIL; + return TC_CRYPTO_FAIL; } } /* update the output */ @@ -81,5 +81,5 @@ int32_t tc_ctr_mode(uint8_t *out, uint32_t outlen, const uint8_t *in, ctr[12] = nonce[12]; ctr[13] = nonce[13]; ctr[14] = nonce[14]; ctr[15] = nonce[15]; - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } diff --git a/lib/source/ctr_prng.c b/lib/source/ctr_prng.c index c045b62..92fc629 100644 --- a/lib/source/ctr_prng.c +++ b/lib/source/ctr_prng.c @@ -29,6 +29,7 @@ #include #include +#include #include /* @@ -127,7 +128,7 @@ int32_t tc_ctr_prng_init(TCCtrPrng_t * const ctx, uint8_t const * const personalization, uint32_t pLen) { - int32_t result = TC_FAIL; + int32_t result = TC_CRYPTO_FAIL; uint32_t i; uint8_t personalization_buf[TC_AES_KEY_SIZE + TC_AES_BLOCK_SIZE] = {0U}; uint8_t seed_material[TC_AES_KEY_SIZE + TC_AES_BLOCK_SIZE]; @@ -167,7 +168,7 @@ int32_t tc_ctr_prng_init(TCCtrPrng_t * const ctx, /* 10.2.1.3.1 step 7 */ ctx->reseedCount = 1U; - result = TC_SUCCESS; + result = TC_CRYPTO_SUCCESS; } return result; } @@ -179,7 +180,7 @@ int32_t tc_ctr_prng_reseed(TCCtrPrng_t * const ctx, uint32_t additionallen) { uint32_t i; - int32_t result = TC_FAIL; + int32_t result = TC_CRYPTO_FAIL; uint8_t additional_input_buf[TC_AES_KEY_SIZE + TC_AES_BLOCK_SIZE] = {0U}; uint8_t seed_material[TC_AES_KEY_SIZE + TC_AES_BLOCK_SIZE]; @@ -212,7 +213,7 @@ int32_t tc_ctr_prng_reseed(TCCtrPrng_t * const ctx, /* 10.2.1.4.1 step 5 */ ctx->reseedCount = 1U; - result = TC_SUCCESS; + result = TC_CRYPTO_SUCCESS; } return result; } @@ -229,14 +230,14 @@ int32_t tc_ctr_prng_generate(TCCtrPrng_t * const ctx, /* 2^19 bits - see section 10.2.1 */ static const uint32_t MAX_BYTES_PER_REQ = 65536U; - int32_t result = TC_FAIL; + int32_t result = TC_CRYPTO_FAIL; if ((0 != ctx) && (0 != out) && (outlen < MAX_BYTES_PER_REQ)) { /* 10.2.1.5.1 step 1 */ if (ctx->reseedCount > MAX_REQS_BEFORE_RESEED) { - result = TC_RESEED_REQ; + result = TC_CTR_PRNG_RESEED_REQ; } else { @@ -285,7 +286,7 @@ int32_t tc_ctr_prng_generate(TCCtrPrng_t * const ctx, ctx->reseedCount++; /* 10.2.1.5.1 step 8 */ - result = TC_SUCCESS; + result = TC_CRYPTO_SUCCESS; } } diff --git a/lib/source/hmac.c b/lib/source/hmac.c index b9af4a6..442af54 100644 --- a/lib/source/hmac.c +++ b/lib/source/hmac.c @@ -57,7 +57,7 @@ int32_t tc_hmac_set_key(TCHmacState_t ctx, if (ctx == (TCHmacState_t) 0 || key == (const uint8_t *) 0 || key_size == 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } const uint8_t dummy_key[key_size]; @@ -90,7 +90,7 @@ int32_t tc_hmac_set_key(TCHmacState_t ctx, TC_SHA256_DIGEST_SIZE); } - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_hmac_init(TCHmacState_t ctx) @@ -98,7 +98,7 @@ int32_t tc_hmac_init(TCHmacState_t ctx) /* input sanity check: */ if (ctx == (TCHmacState_t) 0 || ctx->key == (uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } (void)tc_sha256_init(&ctx->hash_state); @@ -106,7 +106,7 @@ int32_t tc_hmac_init(TCHmacState_t ctx) ctx->key, TC_SHA256_BLOCK_SIZE); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_hmac_update(TCHmacState_t ctx, @@ -115,12 +115,12 @@ int32_t tc_hmac_update(TCHmacState_t ctx, { /* input sanity check: */ if (ctx == (TCHmacState_t) 0 || ctx->key == (uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } (void)tc_sha256_update(&ctx->hash_state, data, data_length); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_hmac_final(uint8_t *tag, uint32_t taglen, TCHmacState_t ctx) @@ -130,7 +130,7 @@ int32_t tc_hmac_final(uint8_t *tag, uint32_t taglen, TCHmacState_t ctx) taglen != TC_SHA256_DIGEST_SIZE || ctx == (TCHmacState_t) 0 || ctx->key == (uint8_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } (void) tc_sha256_final(tag, &ctx->hash_state); @@ -145,5 +145,5 @@ int32_t tc_hmac_final(uint8_t *tag, uint32_t taglen, TCHmacState_t ctx) /* destroy the current state */ _set(ctx, 0, sizeof(*ctx)); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } diff --git a/lib/source/hmac_prng.c b/lib/source/hmac_prng.c index ecfdacb..ceac27f 100644 --- a/lib/source/hmac_prng.c +++ b/lib/source/hmac_prng.c @@ -117,7 +117,7 @@ int32_t tc_hmac_prng_init(TCHmacPrng_t prng, if (prng == (TCHmacPrng_t) 0 || personalization == (uint8_t *) 0 || plen > MAX_PLEN) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* put the generator into a known state: */ @@ -131,7 +131,7 @@ int32_t tc_hmac_prng_init(TCHmacPrng_t prng, /* force a reseed before allowing tc_hmac_prng_generate to succeed: */ prng->countdown = 0; - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_hmac_prng_reseed(TCHmacPrng_t prng, @@ -145,7 +145,7 @@ int32_t tc_hmac_prng_reseed(TCHmacPrng_t prng, seed == (const uint8_t *) 0 || seedlen < MIN_SLEN || seedlen > MAX_SLEN) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } if (additional_input != (const uint8_t *) 0) { @@ -155,7 +155,7 @@ int32_t tc_hmac_prng_reseed(TCHmacPrng_t prng, */ if (additionallen == 0 || additionallen > MAX_ALEN) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else { /* call update for the seed and additional_input */ update(prng, seed, seedlen); @@ -169,7 +169,7 @@ int32_t tc_hmac_prng_reseed(TCHmacPrng_t prng, /* ... and enable hmac_prng_generate */ prng->countdown = MAX_GENS; - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_hmac_prng_generate(uint8_t *out, uint32_t outlen, TCHmacPrng_t prng) @@ -181,7 +181,7 @@ int32_t tc_hmac_prng_generate(uint8_t *out, uint32_t outlen, TCHmacPrng_t prng) prng == (TCHmacPrng_t) 0 || outlen == 0 || outlen > MAX_OUT) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else if (prng->countdown == 0) { return TC_HMAC_PRNG_RESEED_REQ; } @@ -206,5 +206,5 @@ int32_t tc_hmac_prng_generate(uint8_t *out, uint32_t outlen, TCHmacPrng_t prng) /* block future PRNG compromises from revealing past state */ update(prng, prng->v, TC_SHA256_DIGEST_SIZE); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } diff --git a/lib/source/sha256.c b/lib/source/sha256.c index 1dced76..a02e464 100644 --- a/lib/source/sha256.c +++ b/lib/source/sha256.c @@ -40,7 +40,7 @@ int32_t tc_sha256_init(TCSha256State_t s) { /* input sanity check: */ if (s == (TCSha256State_t) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } /* @@ -59,7 +59,7 @@ int32_t tc_sha256_init(TCSha256State_t s) s->iv[6] = 0x1f83d9ab; s->iv[7] = 0x5be0cd19; - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_sha256_update(TCSha256State_t s, const uint8_t *data, size_t datalen) @@ -68,9 +68,9 @@ int32_t tc_sha256_update(TCSha256State_t s, const uint8_t *data, size_t datalen) if (s == (TCSha256State_t) 0 || s->iv == (uint32_t *) 0 || data == (void *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } else if (datalen == 0) { - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } while (datalen-- > 0) { @@ -82,7 +82,7 @@ int32_t tc_sha256_update(TCSha256State_t s, const uint8_t *data, size_t datalen) } } - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } int32_t tc_sha256_final(uint8_t *digest, TCSha256State_t s) @@ -93,7 +93,7 @@ int32_t tc_sha256_final(uint8_t *digest, TCSha256State_t s) if (digest == (uint8_t *) 0 || s == (TCSha256State_t) 0 || s->iv == (uint32_t *) 0) { - return TC_FAIL; + return TC_CRYPTO_FAIL; } s->bits_hashed += (s->leftover_offset << 3); @@ -134,7 +134,7 @@ int32_t tc_sha256_final(uint8_t *digest, TCSha256State_t s) /* destroy the current state */ _set(s, 0, sizeof(*s)); - return TC_SUCCESS; + return TC_CRYPTO_SUCCESS; } /* diff --git a/lib/source/utils.c b/lib/source/utils.c index 7f05939..3338e0c 100644 --- a/lib/source/utils.c +++ b/lib/source/utils.c @@ -45,7 +45,7 @@ uint32_t _copy(uint8_t *to, uint32_t to_len, (void)memcpy(to, from, from_len); return from_len; } else { - return TC_FAIL; + return TC_CRYPTO_FAIL; } } diff --git a/tests/Makefile b/tests/Makefile index 4dd1555..305c78c 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -8,54 +8,78 @@ include ../config.mk -# Edit the all content to add/remove tests needed from TinyCrypt library: +# Edit the 'all' content to add/remove tests needed from TinyCrypt library: all: test_aes \ test_cbc_mode \ test_ctr_mode \ + test_cmac_mode \ + test_ccm_mode \ test_ctr_prng \ test_hmac \ test_hmac_prng \ - test_sha256 + test_sha256 \ + test_ecc_dh \ + test_ecc_dsa clean: - $(RM) *.o *~ - $(RM) test_aes - $(RM) test_cbc_mode - $(RM) test_ctr_mode - $(RM) test_ctr_prng - $(RM) test_hmac - $(RM) test_hmac_prng - $(RM) test_sha256 - $(RM) ../lib/*.o *~ + -$(RM) *.o *~ + -$(RM) test_aes + -$(RM) test_cbc_mode + -$(RM) test_ctr_mode + -$(RM) test_ctr_prng + -$(RM) test_hmac + -$(RM) test_hmac_prng + -$(RM) test_sha256 + -$(RM) test_ecc_dh + -$(RM) test_ecc_dsa + -$(RM) test_cmac_mode + -$(RM) test_ccm_mode # Dependencies -test_aes: test_aes.o ../lib/aes_encrypt.o \ - ../lib/aes_decrypt.o ../lib/utils.o +test_aes: test_aes.o ../lib/aes_encrypt.o \ + ../lib/aes_decrypt.o ../lib/utils.o -test_cbc_mode: test_cbc_mode.o ../lib/cbc_mode.o \ +test_cbc_mode: test_cbc_mode.o ../lib/cbc_mode.o \ ../lib/aes_encrypt.o ../lib/aes_decrypt.o \ ../lib/utils.o -test_ctr_mode: test_ctr_mode.o ../lib/ctr_mode.o \ +test_ctr_mode: test_ctr_mode.o ../lib/ctr_mode.o \ ../lib/aes_encrypt.o ../lib/utils.o -test_ctr_prng: test_ctr_prng.o ../lib/ctr_prng.o \ +test_ctr_prng: test_ctr_prng.o ../lib/ctr_prng.o \ ../lib/aes_encrypt.o ../lib/utils.o -test_hmac: test_hmac.o ../lib/hmac.o ../lib/sha256.o \ +test_cmac_mode: test_cmac_mode.o ../lib/aes_encrypt.o ../lib/utils.o \ + ../lib/cmac_mode.o + +test_ccm_mode: test_ccm_mode.o ../lib/aes_encrypt.o \ + ../lib/utils.o ../lib/ccm_mode.o + +test_hmac: test_hmac.o ../lib/hmac.o ../lib/sha256.o \ ../lib/utils.o test_hmac_prng: test_hmac_prng.o ../lib/hmac_prng.o ../lib/hmac.o \ ../lib/sha256.o ../lib/utils.o -test_sha256: test_sha256.o ../lib/sha256.o ../lib/utils.o +test_sha256: test_sha256.o ../lib/sha256.o ../lib/utils.o + +test_ecc_dh: test_ecc_dh.o ../lib/ecc.o ../lib/ecc_dh.o test_ecc_utils.o + +test_ecc_dsa: test_ecc_dsa.o ../lib/ecc.o ../lib/utils.o ../lib/ecc_dh.o \ + ../lib/ecc_dsa.o ../lib/sha256.o test_ecc_utils.o + # Sub-dependencies -test_aes.o: test_aes.c ../lib/include/tinycrypt/aes.h ../tests/include/test_utils.h -test_cbc_mode.o: test_cbc_mode.c ../lib/include/tinycrypt/cbc_mode.h ../lib/include/tinycrypt/aes.h -test_ctr_mode.o: test_ctr_mode.c ../lib/include/tinycrypt/aes.h ../lib/include/tinycrypt/ctr_mode.h -test_ctr_prng.o: test_ctr_prng.c ../lib/include/tinycrypt/aes.h ../lib/include/tinycrypt/ctr_prng.h -test_hmac.o: test_hmac.c ../lib/include/tinycrypt/hmac.h ../lib/include/tinycrypt/sha256.h -test_hmac_prng.o: test_hmac_prng.c ../lib/include/tinycrypt/hmac_prng.h ../lib/include/tinycrypt/utils.h -test_sha256.o: test_sha256.c ../lib/include/tinycrypt/sha256.h +test_aes.o: aes.h constants.h +test_cbc_mode.o: cbc_mode.h constants.h +test_ctr_mode.o: ctr_mode.h constants.h +test_ctr_prng.o: ctr_prng.h constants.h +test_cmac_mode.o: cmac_mode.h aes.h +test_ccm_mode.o: ccm_mode.h constants.h +test_hmac.o: hmac.h sha256.h constants.h +test_hmac_prng.o: hmac_prng.h constants.h +test_sha256.o: sha256.h constants.h +test_ecc_dh.o: ecc.h ecc_dh.h constants.h +test_ecc_dsa.o: ecc.h sha256.h constants.h +test_ecc_utils.o: ecc.h ecc_dh.h diff --git a/tests/include/test_ecc_utils.h b/tests/include/test_ecc_utils.h new file mode 100644 index 0000000..97c183c --- /dev/null +++ b/tests/include/test_ecc_utils.h @@ -0,0 +1,82 @@ +/* test_ecc_utils.h - TinyCrypt interface to common functions for ECC tests */ + +/* + * Copyright (C) 2015 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * test_ecc_utils.h -- Interface to common functions for ECC tests. + */ + +#ifndef __TEST_ECC_UTILS_H__ +#define __TEST_ECC_UTILS_H__ + +#include +#include +#include + +EccPoint keygen_vectors(char **d_vec, + char **qx_vec, + char **qy_vec, + int tests, + bool verbose); + +void getRandomBytes(void *p_dest, unsigned p_size); + +void string2host(uint32_t *native, const uint8_t *bytes, size_t len); + +int hex2int (char hex); + +int hex2bin( + uint8_t *buf, + const size_t buflen, + const char *hex, + const size_t hexlen); + +void string2scalar(uint32_t * scalar, uint32_t num_word32, char *str); + +void vli_print(uint32_t *p_vli, unsigned int p_size); + +void print_ecc_scalar( + const char *label, + const uint32_t * p_vli, + uint32_t num_word32); + +void check_code(const int num, + const char *name, + const int expected, + const int computed, + const int verbose); + +void check_ecc_result(const int num, const char *name, + const uint32_t *expected, + const uint32_t *computed, + const uint32_t num_word32, + const bool verbose); + +#endif + diff --git a/tests/include/test_utils.h b/tests/include/test_utils.h index 0a572de..5f51511 100644 --- a/tests/include/test_utils.h +++ b/tests/include/test_utils.h @@ -19,22 +19,28 @@ * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * test_utils.h -- Interface to common functions for tests. */ #ifndef __TEST_UTILS_H__ #define __TEST_UTILS_H__ -#include -#include +#include + #include +#include +#include +#include #define PRINT_DATA(fmt, ...) printf(fmt, ##__VA_ARGS__) @@ -48,6 +54,7 @@ #define PASS "PASS" #define FMT_ERROR "%s - %s@%d. " +/* TC_ here stands for 'Test Case' not 'TinyCrypt' */ #define TC_PASS 0 #define TC_FAIL 1 @@ -76,7 +83,6 @@ "PROJECT EXECUTION %s\n", \ result == TC_PASS ? "SUCCESSFUL" : "FAILED"); \ } while (0) - static inline void show_str(const char *label, const uint8_t *s, size_t len) { uint32_t i; diff --git a/tests/test_aes.c b/tests/test_aes.c index 9e527f3..fd12353 100644 --- a/tests/test_aes.c +++ b/tests/test_aes.c @@ -1,4 +1,4 @@ -/* test_aes.c - TinyCrypt AES-128 tests (including NIST tests) */ +/* test_aes.c - TinyCrypt implementation of some AES-128 tests (including NIST tests) */ /* * Copyright (C) 2015 by Intel Corporation, All Rights Reserved. @@ -19,14 +19,15 @@ * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. */ /* @@ -40,15 +41,17 @@ - AES128 NIST variable-key and fixed-text */ -#include #include +#include +#include + +#include +#include +#include #include #include -#include -#include -#include #define NUM_OF_NIST_KEYS 16 #define NUM_OF_FIXED_KEYS 128 @@ -81,7 +84,8 @@ uint32_t test_1(void) struct tc_aes_key_sched_struct s; if (tc_aes128_set_encrypt_key(&s, nist_key) == 0) { - TC_ERROR("AES128 test %s (NIST key schedule test) failed.\n", __func__); + TC_ERROR("AES128 test %s (NIST key schedule test) failed.\n", + __func__); result = TC_FAIL; goto exitTest1; } @@ -120,12 +124,14 @@ int32_t test_2(void) (void)tc_aes128_set_encrypt_key(&s, nist_key); if (tc_aes_encrypt(ciphertext, nist_input, &s) == 0) { - TC_ERROR("AES128 %s (NIST encryption test) failed.\n", __func__); + TC_ERROR("AES128 %s (NIST encryption test) failed.\n", + __func__); result = TC_FAIL; goto exitTest2; } - result = check_result(2, expected, sizeof(expected), ciphertext, sizeof(ciphertext)); + result = check_result(2, expected, sizeof(expected), + ciphertext, sizeof(ciphertext)); exitTest2: @@ -133,20 +139,23 @@ int32_t test_2(void) return result; } -uint32_t var_text_test(uint32_t r, const uint8_t *in, const uint8_t *out, TCAesKeySched_t s) +uint32_t var_text_test(uint32_t r, const uint8_t *in, const uint8_t *out, + TCAesKeySched_t s) { uint8_t ciphertext[NUM_OF_NIST_KEYS]; uint8_t decrypted[NUM_OF_NIST_KEYS]; uint32_t result = TC_PASS; (void)tc_aes_encrypt(ciphertext, in, s); - result = check_result(r, out, NUM_OF_NIST_KEYS, ciphertext, sizeof(ciphertext)); + result = check_result(r, out, NUM_OF_NIST_KEYS, + ciphertext, sizeof(ciphertext)); if (result != TC_FAIL){ if (tc_aes_decrypt(decrypted, ciphertext, s) == 0) { TC_ERROR("aes_decrypt failed\n"); result = TC_FAIL; } else { - result = check_result(r, in, NUM_OF_NIST_KEYS, decrypted, sizeof(decrypted)); + result = check_result(r, in, NUM_OF_NIST_KEYS, + decrypted, sizeof(decrypted)); } } return result; @@ -1095,7 +1104,8 @@ uint32_t var_key_test(uint32_t r, const uint8_t *in, const uint8_t *out) (void)tc_aes128_set_encrypt_key(&s, in); (void)tc_aes_encrypt(ciphertext, plaintext, &s); - result = check_result(r, out, NUM_OF_NIST_KEYS, ciphertext, sizeof(ciphertext)); + result = check_result(r, out, NUM_OF_NIST_KEYS, + ciphertext, sizeof(ciphertext)); return result; } diff --git a/tests/test_cbc_mode.c b/tests/test_cbc_mode.c index 5db3711..6b9b4b9 100644 --- a/tests/test_cbc_mode.c +++ b/tests/test_cbc_mode.c @@ -19,16 +19,16 @@ * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. */ - /* DESCRIPTION This module tests the following AES-CBC Mode routines: @@ -38,6 +38,7 @@ */ #include +#include #include #include @@ -112,14 +113,17 @@ uint32_t test_1_and_2(void) (void)memcpy(iv_buffer, iv, TC_AES_BLOCK_SIZE); TC_PRINT("CBC test #1 (encryption SP 800-38a tests):\n"); - if (tc_cbc_mode_encrypt(encrypted, sizeof(plaintext) + TC_AES_BLOCK_SIZE, - plaintext, sizeof(plaintext), iv_buffer, &a) == 0) { + if (tc_cbc_mode_encrypt(encrypted, + sizeof(plaintext) + TC_AES_BLOCK_SIZE, + plaintext, sizeof(plaintext), + iv_buffer, &a) == 0) { TC_ERROR("CBC test #1 (encryption SP 800-38a tests) failed in %s.\n", __func__); result = TC_FAIL; goto exitTest1; } - result = check_result(1, ciphertext, sizeof(encrypted), encrypted, sizeof(encrypted)); + result = check_result(1, ciphertext, sizeof(encrypted), + encrypted, sizeof(encrypted)); TC_END_RESULT(result); TC_PRINT("CBC test #2 (decryption SP 800-38a tests):\n"); @@ -135,7 +139,8 @@ uint32_t test_1_and_2(void) goto exitTest1; } - result = check_result(2, plaintext, sizeof(decrypted), decrypted, sizeof(decrypted)); + result = check_result(2, plaintext, sizeof(decrypted), + decrypted, sizeof(decrypted)); exitTest1: TC_END_RESULT(result); diff --git a/tests/test_ccm_mode.c b/tests/test_ccm_mode.c new file mode 100644 index 0000000..790a88c --- /dev/null +++ b/tests/test_ccm_mode.c @@ -0,0 +1,377 @@ +/* test_ccm_mode.c - TinyCrypt AES-CCM tests (RFC 3610 tests) */ + +/* + * Copyright (C) 2015 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * test_ccm_mode.c -- Implementation of some AES-CCM tests (RFC 3610 tests). + * + */ +#include +#include +#include + +#include +#include + +static void do_test ( + const uint8_t *key, + uint8_t *nonce, + size_t nlen, + const uint8_t *hdr, + size_t hlen, + const uint8_t *data, + size_t dlen, + const uint8_t *expected, + size_t elen, + const int mlen) { + + uint8_t ciphertext[50]; + uint8_t decrypted[25]; + struct tc_ccm_mode_struct c; + struct tc_aes_key_sched_struct sched; + + tc_aes128_set_encrypt_key (&sched, key); + if (tc_ccm_config (&c, &sched, nonce, nlen, mlen) == 0) { + fprintf (stderr, "ccm_config failed\n"); + exit (-1); + } + + if (tc_ccm_generation_encryption (ciphertext, hdr, hlen, data, dlen, &c) == 0) { + fprintf (stderr, "ccm_encrypt failed\n"); + exit (-1); + } + + if (memcmp (expected, ciphertext, elen) != 0) { + fprintf (stderr, "ccm_encrypt produced wrong ciphertext\n"); + show_str ("\t\tExpected", expected, elen); + show_str ("\t\tComputed", ciphertext, elen); + exit (-1); + } + + if (tc_ccm_decryption_verification (decrypted, hdr, hlen, ciphertext, dlen+mlen, &c) == 0) { + fprintf (stderr, "ccm_decrypt failed\n"); + show_str ("\t\tExpected", data, dlen); + show_str ("\t\tComputed", decrypted, sizeof (decrypted)); + exit (-1); + } + printf("Success!\n"); +} + +void test_vector_1 (void) { + + printf ("\tPerforming CCM test #1 (RFC 3610 test vector #1)..."); + /* RFC 3610 test vector #1 */ + const uint8_t key[16] = { + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, + 0xcc, 0xcd, 0xce, 0xcf + }; + uint8_t nonce[13] = { + 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, + 0xa5 + }; + + const uint8_t hdr[8] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + const uint8_t data[23] = { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e + }; + const uint8_t expected[31] = { + 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, 0xf0, 0x66, 0xd0, 0xc2, + 0xc0, 0xf9, 0x89, 0x80, 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84, 0x17, + 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 + }; + + uint16_t mlen = 8; + + do_test (key, nonce, sizeof(nonce), hdr, sizeof (hdr), data, sizeof (data), expected, + sizeof (expected), mlen); +} + +void test_vector_2 (void) { + printf ("\tPerforming CCM test #2 (RFC 3610 test vector #2)..."); + /* RFC 3610 test vector #2 */ + const uint8_t key[16] = { + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, + 0xcc, 0xcd, 0xce, 0xcf + }; + uint8_t nonce[13] = { + 0x00, 0x00, 0x00, 0x04, 0x03, 0x02, 0x01, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, + 0xa5 + }; + const uint8_t hdr[8] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + const uint8_t data[24] = { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f + }; + const uint8_t expected[32] = { + 0x72, 0xc9, 0x1a, 0x36, 0xe1, 0x35, 0xf8, 0xcf, 0x29, 0x1c, 0xa8, 0x94, + 0x08, 0x5c, 0x87, 0xe3, 0xcc, 0x15, 0xc4, 0x39, 0xc9, 0xe4, 0x3a, 0x3b, + 0xa0, 0x91, 0xd5, 0x6e, 0x10, 0x40, 0x09, 0x16 + }; + + uint16_t mlen = 8; + + do_test (key, nonce, sizeof(nonce), hdr, sizeof (hdr), data, sizeof (data), expected, + sizeof (expected), mlen); +} + +void test_vector_3 (void) { + printf ("\tPerforming CCM test #3 (RFC 3610 test vector #3)..."); + /* RFC 3610 test vector #3 */ + const uint8_t key[16] = { + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, + 0xcc, 0xcd, 0xce, 0xcf + }; + uint8_t nonce[13] = { + 0x00, 0x00, 0x00, 0x05, 0x04, 0x03, 0x02, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, + 0xa5 + }; + const uint8_t hdr[8] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + const uint8_t data[25] = { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20 + }; + const uint8_t expected[33] = { + 0x51, 0xb1, 0xe5, 0xf4, 0x4a, 0x19, 0x7d, 0x1d, 0xa4, 0x6b, 0x0f, 0x8e, + 0x2d, 0x28, 0x2a, 0xe8, 0x71, 0xe8, 0x38, 0xbb, 0x64, 0xda, 0x85, 0x96, + 0x57, 0x4a, 0xda, 0xa7, 0x6f, 0xbd, 0x9f, 0xb0, 0xc5 + }; + + uint16_t mlen = 8; + + do_test (key, nonce, sizeof(nonce), hdr, sizeof (hdr), data, sizeof (data), expected, + sizeof (expected), mlen); +} + +void test_vector_4 (void) { + printf ("\tPerforming CCM test #4 (RFC 3610 test vector #7)..."); + /* RFC 3610 test vector #7 */ + const uint8_t key[16] = { + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, + 0xcc, 0xcd, 0xce, 0xcf + }; + uint8_t nonce[13] = { + 0x00, 0x00, 0x00, 0x09, 0x08, 0x07, 0x06, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, + 0xa5 + }; + const uint8_t hdr[8] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + const uint8_t data[23] = { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e + }; + const uint8_t expected[33] = { + 0x01, 0x35, 0xD1, 0xB2, 0xC9, 0x5F, 0x41, 0xD5, + 0xD1, 0xD4, 0xFE, 0xC1, 0x85, 0xD1, 0x66, 0xB8, + 0x09, 0x4E, 0x99, 0x9D, 0xFE, 0xD9, 0x6C, 0x04, + 0x8C, 0x56, 0x60, 0x2C, 0x97, 0xAC, 0xBB, 0x74, 0x90 + }; + + uint16_t mlen = 10; + + do_test (key, nonce, sizeof(nonce), hdr, sizeof (hdr), data, sizeof (data), expected, + sizeof (expected), mlen); +} + +void test_vector_5 (void) { + printf ("\tPerforming CCM test #5 (RFC 3610 test vector #8)..."); + /* RFC 3610 test vector #8 */ + const uint8_t key[16] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF + }; + uint8_t nonce[13] = { + 0x00, 0x00, 0x00, 0x0A, 0x09, 0x08, 0x07, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 + }; + const uint8_t hdr[8] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + const uint8_t data[24] = { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f + }; + const uint8_t expected[34] = { + 0x7B, 0x75, 0x39, 0x9A, 0xC0, 0x83, 0x1D, 0xD2, + 0xF0, 0xBB, 0xD7, 0x58, 0x79, 0xA2, 0xFD, 0x8F, + 0x6C, 0xAE, 0x6B, 0x6C, 0xD9, 0xB7, 0xDB, 0x24, + 0xC1, 0x7B, 0x44, 0x33, 0xF4, 0x34, 0x96, 0x3F, 0x34, 0xB4 + }; + + uint16_t mlen = 10; + + do_test (key, nonce, sizeof(nonce), hdr, sizeof (hdr), data, sizeof (data), expected, + sizeof (expected), mlen); +} + + +void test_vector_6 (void) { + printf ("\tPerforming CCM test #6 (RFC 3610 test vector #9)..."); + /* RFC 3610 test vector #9 */ + const uint8_t key[16] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF + }; + uint8_t nonce[13] = { + 0x00, 0x00, 0x00, 0x0B, 0x0A, 0x09, 0x08, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 + }; + const uint8_t hdr[8] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + const uint8_t data[25] = { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 + }; + const uint8_t expected[35] = { + 0x82, 0x53, 0x1a, 0x60, 0xCC, 0x24, 0x94, 0x5a, + 0x4b, 0x82, 0x79, 0x18, 0x1a, 0xb5, 0xc8, 0x4d, + 0xf2, 0x1c, 0xe7, 0xf9, 0xb7, 0x3f, 0x42, 0xe1, + 0x97, 0xea, 0x9c, 0x07, 0xe5, 0x6b, 0x5e, 0xb1, 0x7e, 0x5f, 0x4e + }; + + uint16_t mlen = 10; + + do_test (key, nonce, sizeof(nonce), hdr, sizeof (hdr), data, sizeof (data), expected, + sizeof (expected), mlen); +} + +void test_vector_7 (void) { + printf ("\tPerforming CCM test #7 (no associated data)..."); + /* Test based on RFC 3610 test vector #9 but with no associated data */ + const uint8_t key[16] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF + }; + uint8_t nonce[13] = { + 0x00, 0x00, 0x00, 0x0B, 0x0A, 0x09, 0x08, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 + }; + uint8_t * hdr = NULL; + + uint8_t data[25] = { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 + }; + + struct tc_ccm_mode_struct c; + struct tc_aes_key_sched_struct sched; + uint8_t decrypted[25]; + uint8_t ciphertext[50]; + + uint16_t mlen = 10; + + tc_aes128_set_encrypt_key (&sched, key); + if (tc_ccm_config (&c, &sched, nonce, sizeof(nonce), mlen) == 0) { + fprintf (stderr, "ccm_config failed\n"); + exit (-1); + } + + if (tc_ccm_generation_encryption (ciphertext, hdr, 0, data, sizeof(data), &c) == 0) { + fprintf (stderr, "ccm_encrypt failed\n"); + exit (-1); + } + + if (tc_ccm_decryption_verification (decrypted, hdr, 0, ciphertext, sizeof(data)+mlen, &c) == 0) { + fprintf (stderr, "ccm_decrypt failed\n"); + show_str ("\t\tExpected", data, sizeof(data)); + show_str ("\t\tComputed", decrypted, sizeof (decrypted)); + exit (-1); + } + printf("Success!\n"); + +} + +void test_vector_8 (void) { + printf ("\tPerforming CCM test #8 (no payload data)..."); + /* Test based on RFC 3610 test vector #9 but with no payload data */ + const uint8_t key[16] = { + 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, + 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF + }; + uint8_t nonce[13] = { + 0x00, 0x00, 0x00, 0x0B, 0x0A, 0x09, 0x08, 0xA0, + 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 + }; + const uint8_t hdr[8] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + + uint8_t *data = NULL; + + struct tc_ccm_mode_struct c; + struct tc_aes_key_sched_struct sched; + uint8_t decrypted[25]; + uint8_t ciphertext[50]; + + uint16_t mlen = 10; + + tc_aes128_set_encrypt_key (&sched, key); + if (tc_ccm_config (&c, &sched, nonce, sizeof(nonce), mlen) == 0) { + fprintf (stderr, "ccm_config failed\n"); + exit (-1); + } + + if (tc_ccm_generation_encryption (ciphertext, hdr, sizeof(hdr), data, 0, &c) == 0) { + fprintf (stderr, "ccm_encrypt failed\n"); + exit (-1); + } + + if (tc_ccm_decryption_verification (decrypted, hdr, sizeof(hdr), ciphertext, mlen, &c) == 0) { + fprintf (stderr, "ccm_decrypt failed\n"); + show_str ("\t\tExpected", data, sizeof(data)); + show_str ("\t\tComputed", decrypted, sizeof (decrypted)); + exit (-1); + } + printf("Success!\n"); + +} + +int main (void) { + setbuf(stdout, NULL); + printf ("Performing CCM tests...\n"); + test_vector_1 (); + test_vector_2 (); + test_vector_3 (); + test_vector_4 (); + test_vector_5 (); + test_vector_6 (); + test_vector_7 (); + test_vector_8 (); + printf ("All CCM tests succeeded!\n\n"); + return 0; +} diff --git a/tests/test_cmac_mode.c b/tests/test_cmac_mode.c new file mode 100644 index 0000000..3435b5b --- /dev/null +++ b/tests/test_cmac_mode.c @@ -0,0 +1,305 @@ +/* test_cmac_mode.c - TinyCrypt AES-CMAC tests (including SP 800-38B tests) */ + +/* + * Copyright (C) 2015 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +/* + * DESCRIPTION + * This module tests the following AES-CMAC test (including SP 800-38B): + * + * Scenarios tested include: + * - CMAC test #1 (GF(2^128) double)) + * - CMAC test #2 null msg (SP 800-38B test vector #1) + * - CMAC test #3 1 block msg (SP 800-38B test vector #2) + * - CMAC test #4 320 bit msg (SP 800-38B test vector #3) + * - CMAC test #5 512 bit msg(SP 800-38B test vector #4) + */ + +#include +#include +#include +#include + +#include +#include + +#define BUF_LEN 16 + +static void show(const char *label, const uint8_t *s, size_t slen) +{ + uint32_t i; + + TC_PRINT("%s\t", label); + for (i = 0; i < slen; ++i) { + TC_PRINT("%02x", s[i]); + } + TC_PRINT("\n"); +} + +extern void gf_double(uint8_t *out, uint8_t *in); + +static uint32_t verify_gf_2_128_double(uint8_t *K1, uint8_t *K2, struct tc_cmac_struct s) +{ + uint32_t result = TC_PASS; + + TC_PRINT("Performing CMAC test #1 (GF(2^128) double):\n"); + + uint8_t zero[BUF_LEN]; + uint8_t L[BUF_LEN]; + const uint8_t l[BUF_LEN] = { + 0x7d, 0xf7, 0x6b, 0x0c, 0x1a, 0xb8, 0x99, 0xb3, + 0x3e, 0x42, 0xf0, 0x47, 0xb9, 0x1b, 0x54, 0x6f + }; + const uint8_t k1[BUF_LEN] = { + 0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66, + 0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde + }; + const uint8_t k2[BUF_LEN] = { + 0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc, + 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b + }; + + (void) memset(zero, '\0', sizeof(zero)); + tc_aes_encrypt(L, zero, s.sched); + if (memcmp(L, l, BUF_LEN) != 0) { + TC_ERROR("AES encryption failed in %s.\n", __func__); + show("expected L =", l, sizeof(l)); + show("computed L =", L, sizeof(L)); + return TC_FAIL; + } + + gf_double(K1, L); + if (memcmp(K1, k1, BUF_LEN) != 0) { + TC_ERROR("gf_2_128_double failed when msb = 0\n"); + show("expected K1 =", k1, sizeof(k1)); + show("computed K1 =", K1, sizeof(k1)); + return TC_FAIL; + } + + gf_double(K2, K1); + if (memcmp(K2, k2, BUF_LEN) != 0) { + TC_ERROR("gf_2_128_double failed when msb = 1\n"); + show("expected K2 =", k2, sizeof(k2)); + show("computed K2 =", K2, sizeof(k2)); + return TC_FAIL; + } + + TC_END_RESULT(result); + return result; +} + +static uint32_t verify_cmac_null_msg(TCCmacState_t s) +{ + uint32_t result = TC_PASS; + + TC_PRINT("Performing CMAC test #2 (SP 800-38B test vector #1):\n"); + + const uint8_t tag[BUF_LEN] = { + 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, + 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 + }; + uint8_t Tag[BUF_LEN]; + + (void) tc_cmac_init(s); + (void) tc_cmac_update(s, (const uint8_t *) 0, 0); + (void) tc_cmac_final(Tag, s); + + if (memcmp(Tag, tag, BUF_LEN) != 0) { + TC_ERROR("aes_cmac failed with null msg = 1\n"); + show("expected Tag =", tag, sizeof(tag)); + show("computed Tag =", Tag, sizeof(Tag)); + return TC_FAIL; + } + + TC_END_RESULT(result); + return result; +} + +static uint32_t verify_cmac_1_block_msg(TCCmacState_t s) +{ + uint32_t result = TC_PASS; + + TC_PRINT("Performing CMAC test #3 (SP 800-38B test vector #2):\n"); + + const uint8_t msg[BUF_LEN] = { + 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }; + const uint8_t tag[BUF_LEN] = { + 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, + 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c + }; + uint8_t Tag[BUF_LEN]; + + (void) tc_cmac_init(s); + (void) tc_cmac_update(s, msg, sizeof(msg)); + (void) tc_cmac_final(Tag, s); + + if (memcmp(Tag, tag, BUF_LEN) != 0) { + TC_ERROR("aes_cmac failed with 1 block msg\n"); + show("aes_cmac failed with 1 block msg =", msg, sizeof(msg)); + show("expected Tag =", tag, sizeof(tag)); + show("computed Tag =", Tag, sizeof(Tag)); + return TC_FAIL; + } + + TC_END_RESULT(result); + return result; +} + +static uint32_t verify_cmac_320_bit_msg(TCCmacState_t s) +{ + uint32_t result = TC_PASS; + + TC_PRINT("Performing CMAC test #4 (SP 800-38B test vector #3):\n"); + + const uint8_t msg[40] = { + 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, + 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, + 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, + 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11 + }; + const uint8_t tag[BUF_LEN] = { + 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30, + 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27 + }; + uint8_t Tag[BUF_LEN]; + + (void) tc_cmac_init(s); + (void) tc_cmac_update(s, msg, sizeof(msg)); + (void) tc_cmac_final(Tag, s); + + if (memcmp(Tag, tag, BUF_LEN) != 0) { + TC_ERROR("aes_cmac failed with 320 bit msg\n"); + show("aes_cmac failed with 320 bit msg =", msg, sizeof(msg)); + show("expected Tag =", tag, sizeof(tag)); + show("computed Tag =", Tag, sizeof(Tag)); + return TC_FAIL; + } + + TC_END_RESULT(result); + return result; +} + +static uint32_t verify_cmac_512_bit_msg(TCCmacState_t s) +{ + uint32_t result = TC_PASS; + + TC_PRINT("Performing CMAC test #5 (SP 800-38B test vector #4)\n"); + + const uint8_t msg[64] = { + 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, + 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, + 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, + 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, + 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, + 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, + 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 + }; + const uint8_t tag[BUF_LEN] = { + 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92, + 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe + }; + uint8_t Tag[BUF_LEN]; + + (void)tc_cmac_init(s); + (void)tc_cmac_update(s, msg, sizeof(msg)); + (void)tc_cmac_final(Tag, s); + + if (memcmp(Tag, tag, BUF_LEN) != 0) { + TC_ERROR("aes_cmac failed with 512 bit msg\n"); + show("aes_cmac failed with 512 bit msg =", msg, sizeof(msg)); + show("expected Tag =", tag, sizeof(tag)); + show("computed Tag =", Tag, sizeof(Tag)); + return TC_FAIL; + } + + TC_END_RESULT(result); + return result; +} + +/* + * Main task to test CMAC + */ + +int main(void) +{ + + uint32_t result = TC_PASS; + + struct tc_cmac_struct state; + struct tc_aes_key_sched_struct sched; + + const uint8_t key[BUF_LEN] = { + 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c + }; + uint8_t K1[BUF_LEN], K2[BUF_LEN]; + + TC_START("Performing CMAC tests:"); + + (void) tc_cmac_setup(&state, key, &sched); + result = verify_gf_2_128_double(K1, K2, state); + if (result == TC_FAIL) { /* terminate test */ + TC_ERROR("CMAC test #1 (128 double) failed.\n"); + goto exitTest; + } + (void) tc_cmac_setup(&state, key, &sched); + result = verify_cmac_null_msg(&state); + if (result == TC_FAIL) { /* terminate test */ + TC_ERROR("CMAC test #2 (null msg) failed.\n"); + goto exitTest; + } + (void) tc_cmac_setup(&state, key, &sched); + result = verify_cmac_1_block_msg(&state); + if (result == TC_FAIL) { /* terminate test */ + TC_ERROR("CMAC test #3 (1 block msg)failed.\n"); + goto exitTest; + } + (void) tc_cmac_setup(&state, key, &sched); + result = verify_cmac_320_bit_msg(&state); + if (result == TC_FAIL) { /* terminate test */ + TC_ERROR("CMAC test #4 (320 bit msg) failed.\n"); + goto exitTest; + } + (void) tc_cmac_setup(&state, key, &sched); + result = verify_cmac_512_bit_msg(&state); + if (result == TC_FAIL) { /* terminate test */ + TC_ERROR("CMAC test #5 (512 bit msg)failed.\n"); + goto exitTest; + } + + TC_PRINT("All CMAC tests succeeded!\n"); + +exitTest: + TC_END_RESULT(result); + TC_END_REPORT(result); +} diff --git a/tests/test_ctr_mode.c b/tests/test_ctr_mode.c index fec588a..d185aee 100644 --- a/tests/test_ctr_mode.c +++ b/tests/test_ctr_mode.c @@ -19,14 +19,15 @@ * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. */ /* @@ -38,6 +39,8 @@ */ #include +#include +#include #include #include @@ -50,29 +53,29 @@ uint32_t test_1_and_2(void) { const uint8_t key[16] = { - 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, - 0x09, 0xcf, 0x4f, 0x3c + 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, + 0x09, 0xcf, 0x4f, 0x3c }; uint8_t ctr[16] = { - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, - 0xfc, 0xfd, 0xfe, 0xff + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, + 0xfc, 0xfd, 0xfe, 0xff }; const uint8_t plaintext[64] = { - 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, - 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, - 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, - 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, - 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, - 0xe6, 0x6c, 0x37, 0x10 + 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, + 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, + 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 0x30, 0xc8, 0x1c, 0x46, + 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, + 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, + 0xe6, 0x6c, 0x37, 0x10 }; const uint8_t ciphertext[80] = { - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, - 0xfc, 0xfd, 0xfe, 0xff, 0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26, - 0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce, 0x98, 0x06, 0xf6, 0x6b, - 0x79, 0x70, 0xfd, 0xff, 0x86, 0x17, 0x18, 0x7b, 0xb9, 0xff, 0xfd, 0xff, - 0x5a, 0xe4, 0xdf, 0x3e, 0xdb, 0xd5, 0xd3, 0x5e, 0x5b, 0x4f, 0x09, 0x02, - 0x0d, 0xb0, 0x3e, 0xab, 0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe, 0x03, 0xd1, - 0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, + 0xfc, 0xfd, 0xfe, 0xff, 0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26, + 0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce, 0x98, 0x06, 0xf6, 0x6b, + 0x79, 0x70, 0xfd, 0xff, 0x86, 0x17, 0x18, 0x7b, 0xb9, 0xff, 0xfd, 0xff, + 0x5a, 0xe4, 0xdf, 0x3e, 0xdb, 0xd5, 0xd3, 0x5e, 0x5b, 0x4f, 0x09, 0x02, + 0x0d, 0xb0, 0x3e, 0xab, 0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe, 0x03, 0xd1, + 0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee }; struct tc_aes_key_sched_struct sched; uint8_t out[80]; @@ -83,8 +86,8 @@ uint32_t test_1_and_2(void) (void)tc_aes128_set_encrypt_key(&sched, key); (void)memcpy(out, ctr, sizeof(ctr)); - if (tc_ctr_mode(&out[TC_AES_BLOCK_SIZE], sizeof(plaintext), plaintext, sizeof(plaintext), - ctr, &sched) == 0) { + if (tc_ctr_mode(&out[TC_AES_BLOCK_SIZE], sizeof(plaintext), plaintext, + sizeof(plaintext), ctr, &sched) == 0) { TC_ERROR("CTR test #1 (encryption SP 800-38a tests) failed in %s.\n", __func__); result = TC_FAIL; goto exitTest1; @@ -102,7 +105,8 @@ uint32_t test_1_and_2(void) goto exitTest1; } - result = check_result(2, plaintext, sizeof(plaintext), decrypted, sizeof(plaintext)); + result = check_result(2, plaintext, sizeof(plaintext), + decrypted, sizeof(plaintext)); exitTest1: TC_END_RESULT(result); @@ -132,4 +136,3 @@ int main(void) TC_END_RESULT(result); TC_END_REPORT(result); } - diff --git a/tests/test_ctr_prng.c b/tests/test_ctr_prng.c index 0e23088..01ee578 100644 --- a/tests/test_ctr_prng.c +++ b/tests/test_ctr_prng.c @@ -1,8 +1,7 @@ /* test_ctr_prng.c - TinyCrypt implementation of some CTR-PRNG tests */ /* - * Copyright (c) 2016, Chris Morrison - * All rights reserved. + * Copyright (c) 2016, Chris Morrison, All Rights Reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: @@ -17,7 +16,7 @@ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS @@ -27,11 +26,20 @@ * POSSIBILITY OF SUCH DAMAGE. */ +/* + DESCRIPTION + This module tests the CTR-PRNG routines +*/ + +#include +#include +#include #include + + #include #include - -#include +#include /* utility function to convert hex character representation to their nibble (4 bit) values */ static uint8_t nibbleFromChar(char c) @@ -542,4 +550,3 @@ int main(void) TC_END_REPORT(result); } - diff --git a/tests/test_ecc_dh.c b/tests/test_ecc_dh.c new file mode 100644 index 0000000..540aa7a --- /dev/null +++ b/tests/test_ecc_dh.c @@ -0,0 +1,418 @@ +/* test_ecc_ecdh.c - TinyCrypt implementation of some EC-DH tests */ + +/* + * Copyright (C) 2015 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * test_ecc_ecdh.c -- Implementation of some EC-DH tests + * + */ +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +void ecdh_vectors(char **qx_vec, + char **qy_vec, + char **d_vec, + char **z_vec, + int tests, + int verbose) { + + EccPoint Q; + uint32_t prv[NUM_ECC_DIGITS]; + uint32_t z[NUM_ECC_DIGITS]; + + int rc; + uint32_t exp_z[NUM_ECC_DIGITS]; + + for (int i=0; i 2*NUM_ECC_BYTES || + strlen(qy_vec[i]) > 2*NUM_ECC_BYTES) { + // invalid input to ECC digit conversion (string2native()) + rc = -2; + } else { + string2scalar(pub.x, NUM_ECC_DIGITS, qx_vec[i]); + string2scalar(pub.y, NUM_ECC_DIGITS, qy_vec[i]); + rc = ecc_valid_public_key(&pub); + } + + /* + * map to CAVP error codes + * 0 => 0 - success + * -1 => ? - (x,y) = (0,0) (not covered) + * -2 => 1 - out of bounds (pubverify or ecc import) + * -3 => 2 - not on curve + */ + + if (rc == -3) rc = 2; + if (rc == -2) rc = 1; + + check_code(i, res_vec[i], exp_rc, rc, verbose); + } +} + +void cavp_pkv(bool verbose) { + + /* + * [P-256] + */ + char *x[] = { + "e0f7449c5588f24492c338f2bc8f7865f755b958d48edb0f2d0056e50c3fd5b7", + "d17c446237d9df87266ba3a91ff27f45abfdcb77bfd83536e92903efb861a9a9", + "17875397ae87369365656d490e8ce956911bd97607f2aff41b56f6f3a61989826", + "f2d1c0dc0852c3d8a2a2500a23a44813ccce1ac4e58444175b440469ffc12273", + "10b0ca230fff7c04768f4b3d5c75fa9f6c539bea644dffbec5dc796a213061b58", + "2c1052f25360a15062d204a056274e93cbe8fc4c4e9b9561134ad5c15ce525da", + "a40d077a87dae157d93dcccf3fe3aca9c6479a75aa2669509d2ef05c7de6782f", + "2633d398a3807b1895548adbb0ea2495ef4b930f91054891030817df87d4ac0a", + "14bf57f76c260b51ec6bbc72dbd49f02a56eaed070b774dc4bad75a54653c3d56", + "2fa74931ae816b426f484180e517f5050c92decfc8daf756cd91f54d51b302f1", + "f8c6dd3181a76aa0e36c2790bba47041acbe7b1e473ff71eee39a824dc595ff0", + "7a81a7e0b015252928d8b36e4ca37e92fdc328eb25c774b4f872693028c4be38", + }; + + char *y[] = { + "86d7e9255d0f4b6f44fa2cd6f8ba3c0aa828321d6d8cc430ca6284ce1d5b43a0", + "1eabb6a349ce2cd447d777b6739c5fc066add2002d2029052c408d0701066231c", + "980a3c4f61b9692633fbba5ef04c9cb546dd05cdec9fa8428b8849670e2fba92", + "32bfe992831b305d8c37b9672df5d29fcb5c29b4a40534683e3ace23d24647dd", + "f5edf37c11052b75f771b7f9fa050e353e464221fec916684ed45b6fead38205", + "ced9783713a8a2a09eff366987639c625753295d9a85d0f5325e32dedbcada0b", + "503d86b87d743ba20804fd7e7884aa017414a7b5b5963e0d46e3a9611419ddf3", + "d6b2f738e3873cc8364a2d364038ce7d0798bb092e3dd77cbdae7c263ba618d2", + "7a231a23bf8b3aa31d9600d888a0678677a30e573decd3dc56b33f365cc11236", + "5b994346137988c58c14ae2152ac2f6ad96d97decb33099bd8a0210114cd1141", + "9c965f227f281b3072b95b8daf29e88b35284f3574462e268e529bbdc50e9e52", + "08862f7335147261e7b1c3d055f9a316e4cab7daf99cc09d1c647f5dd6e7d5bb", + }; + + char *Result[] = { + "P (0 )", "F (1 - Q_x or Q_y out of range)", + "F (1 - Q_x or Q_y out of range)", "F (2 - Point not on curve)", + "F (1 - Q_x or Q_y out of range)", "P (0 )", + "F (2 - Point not on curve)", "P (0 )", + "F (1 - Q_x or Q_y out of range)", "P (0 )", + "F (2 - Point not on curve)", "F (2 - Point not on curve)", + }; + + printf("Test #3: PubKeyVerify "); + printf("NIST-p256-SHA2-256\n"); + + pkv_vectors(x, y, Result, 12, verbose); +} + +int randfd; + +void montecarlo_ecdh(uint32_t num, bool verbose) { + + EccPoint l_Q1, l_Q2; /* public keys */ + uint32_t l_secret1[NUM_ECC_DIGITS]; + uint32_t l_secret2[NUM_ECC_DIGITS]; + + uint32_t l_shared1[NUM_ECC_DIGITS]; + uint32_t l_shared2[NUM_ECC_DIGITS]; + + randfd = open("/dev/urandom", O_RDONLY); + if(randfd == -1) { + printf("No access to urandom\n"); + exit(-1); + } + + printf("Test #4: Monte Carlo (Randomized EC-DH key-exchange) "); + printf("NIST-p256\n"); + + for(uint32_t i=0; i +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#define BUF_SIZE 256 + +int sign_vectors(TCSha256State_t hash, + char **d_vec, + char **k_vec, + char **msg_vec, + char **qx_vec, + char **qy_vec, + char **r_vec, + char **s_vec, + int tests, + bool verbose) { + + uint32_t seed[2*NUM_ECC_DIGITS]; + uint32_t prv[NUM_ECC_DIGITS]; + uint32_t r[NUM_ECC_DIGITS]; + uint32_t s[NUM_ECC_DIGITS]; + uint8_t digest[TC_SHA256_DIGEST_SIZE]; + uint32_t dig32[NUM_ECC_DIGITS]; + + /* expected outputs (converted input vectors) */ + uint32_t exp_r[NUM_ECC_DIGITS]; + uint32_t exp_s[NUM_ECC_DIGITS]; + + uint8_t msg[BUF_SIZE]; + size_t msglen; + + for (int i=0; i +#include +#include +#include + +#include +#include +#include +#include + +extern int randfd; + +void getRandomBytes(void *p_dest, unsigned p_size) { + if(read(randfd, p_dest, p_size) != (int)p_size) { + printf("Failed to get random bytes.\n"); + } +} + +int hex2int (char hex) { + uint8_t dec; + + if ('0' <= hex && hex <= '9') dec = hex - '0'; + else if ('a' <= hex && hex <= 'f') dec = hex - 'a' + 10; + else if ('A' <= hex && hex <= 'F') dec = hex - 'A' + 10; + else return -1; + + return dec; +} + +/* + * Convert hex string to byte string + * Return number of bytes written to buf, or 0 on error + */ +int hex2bin( + uint8_t *buf, + const size_t buflen, + const char *hex, + const size_t hexlen) { + + int dec; + + if (buflen < hexlen/2 + hexlen%2) + return false; + + // if hexlen is uneven, insert leading zero nibble + if (hexlen%2) { + dec = hex2int(hex[0]); + if (dec == -1) + return false; + buf[0] = dec; + buf++; + hex++; + } + + // regular hex conversion + for (size_t i = 0; i (padding = 2*num_bytes - strlen(str))) { + printf( + "Error: 2*num_bytes(%d) < strlen(hex) (%zu)\n", + 2*num_bytes, + strlen(str)); + exit(-1); + } + + memset(tmp, 0, padding/2); + + if (false == hex2bin(tmp+padding/2, num_bytes, str, hexlen)) + exit(-1); + ecc_bytes2native(scalar, tmp); + +} + +void vli_print(uint32_t *p_vli, unsigned int p_size) { + while(p_size) { + printf("%08X ", (unsigned)p_vli[p_size - 1]); + --p_size; + } +} + +void print_ecc_scalar( + const char *label, + const uint32_t * p_vli, + uint32_t num_word32) { + uint32_t i; + + if (label) + printf("%s = { ", label); + + for(i=0; i #include +#include +#include +#include + +#include +#include +#include +#include -uint32_t do_hmac_test(TCHmacState_t h, uint32_t testnum, const uint8_t *data, size_t datalen, - const uint8_t *expected, size_t expectedlen) +uint32_t do_hmac_test(TCHmacState_t h, uint32_t testnum, const uint8_t *data, + size_t datalen, const uint8_t *expected, + size_t expectedlen) { uint8_t digest[32]; uint32_t result = TC_PASS; @@ -49,7 +58,8 @@ uint32_t do_hmac_test(TCHmacState_t h, uint32_t testnum, const uint8_t *data, si (void)tc_hmac_init(h); (void)tc_hmac_update(h, data, datalen); (void)tc_hmac_final(digest, TC_SHA256_DIGEST_SIZE, h); - result = check_result(testnum, expected, expectedlen, digest, sizeof(digest)); + result = check_result(testnum, expected, expectedlen, + digest, sizeof(digest)); return result; } @@ -63,22 +73,23 @@ uint32_t test_1(void) TC_PRINT("HMAC %s:\n", __func__); const uint8_t key[20] = { - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; const uint8_t data[8] = { - 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 + 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 }; const uint8_t expected[32] = { - 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, - 0xaf, 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, - 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 + 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, + 0xaf, 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, + 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 }; struct tc_hmac_state_struct h; (void)memset(&h, 0x00, sizeof(h)); (void)tc_hmac_set_key(&h, key, sizeof(key)); - result = do_hmac_test(&h, 1, data, sizeof(data), expected, sizeof(expected)); + result = do_hmac_test(&h, 1, data, sizeof(data), + expected, sizeof(expected)); TC_END_RESULT(result); return result; } @@ -92,21 +103,22 @@ uint32_t test_2(void) 0x4a, 0x65, 0x66, 0x65 }; const uint8_t data[28] = { - 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, 0x79, 0x61, 0x20, 0x77, - 0x61, 0x6e, 0x74, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, - 0x69, 0x6e, 0x67, 0x3f + 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, 0x79, 0x61, 0x20, 0x77, + 0x61, 0x6e, 0x74, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, + 0x69, 0x6e, 0x67, 0x3f }; const uint8_t expected[32] = { - 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, 0x6a, 0x04, 0x24, 0x26, - 0x08, 0x95, 0x75, 0xc7, 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, - 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 + 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, 0x6a, 0x04, 0x24, 0x26, + 0x08, 0x95, 0x75, 0xc7, 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, + 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 }; struct tc_hmac_state_struct h; (void)memset(&h, 0x00, sizeof(h)); (void)tc_hmac_set_key(&h, key, sizeof(key)); - result = do_hmac_test(&h, 2, data, sizeof(data), expected, sizeof(expected)); + result = do_hmac_test(&h, 2, data, sizeof(data), + expected, sizeof(expected)); TC_END_RESULT(result); return result; } @@ -117,27 +129,28 @@ uint32_t test_3(void) TC_PRINT("HMAC %s:\n", __func__); const uint8_t key[20] = { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; const uint8_t data[50] = { - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd }; const uint8_t expected[32] = { - 0x77, 0x3e, 0xa9, 0x1e, 0x36, 0x80, 0x0e, 0x46, 0x85, 0x4d, 0xb8, 0xeb, - 0xd0, 0x91, 0x81, 0xa7, 0x29, 0x59, 0x09, 0x8b, 0x3e, 0xf8, 0xc1, 0x22, - 0xd9, 0x63, 0x55, 0x14, 0xce, 0xd5, 0x65, 0xfe + 0x77, 0x3e, 0xa9, 0x1e, 0x36, 0x80, 0x0e, 0x46, 0x85, 0x4d, 0xb8, 0xeb, + 0xd0, 0x91, 0x81, 0xa7, 0x29, 0x59, 0x09, 0x8b, 0x3e, 0xf8, 0xc1, 0x22, + 0xd9, 0x63, 0x55, 0x14, 0xce, 0xd5, 0x65, 0xfe }; struct tc_hmac_state_struct h; (void)memset(&h, 0x00, sizeof(h)); (void)tc_hmac_set_key(&h, key, sizeof(key)); - result = do_hmac_test(&h, 3, data, sizeof(data), expected, sizeof(expected)); + result = do_hmac_test(&h, 3, data, sizeof(data), + expected, sizeof(expected)); TC_END_RESULT(result); return result; } @@ -148,28 +161,29 @@ uint32_t test_4(void) TC_PRINT("HMAC %s:\n", __func__); const uint8_t key[25] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, - 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, - 0x19 + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, + 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19 }; const uint8_t data[50] = { - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd }; const uint8_t expected[32] = { - 0x82, 0x55, 0x8a, 0x38, 0x9a, 0x44, 0x3c, 0x0e, 0xa4, 0xcc, 0x81, 0x98, - 0x99, 0xf2, 0x08, 0x3a, 0x85, 0xf0, 0xfa, 0xa3, 0xe5, 0x78, 0xf8, 0x07, - 0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29, 0x66, 0x5b + 0x82, 0x55, 0x8a, 0x38, 0x9a, 0x44, 0x3c, 0x0e, 0xa4, 0xcc, 0x81, 0x98, + 0x99, 0xf2, 0x08, 0x3a, 0x85, 0xf0, 0xfa, 0xa3, 0xe5, 0x78, 0xf8, 0x07, + 0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29, 0x66, 0x5b }; struct tc_hmac_state_struct h; (void)memset(&h, 0x00, sizeof(h)); (void)tc_hmac_set_key(&h, key, sizeof(key)); - result = do_hmac_test(&h, 4, data, sizeof(data), expected, sizeof(expected)); + result = do_hmac_test(&h, 4, data, sizeof(data), + expected, sizeof(expected)); TC_END_RESULT(result); return result; } @@ -180,24 +194,25 @@ uint32_t test_5(void) TC_PRINT("HMAC %s:\n", __func__); const uint8_t key[20] = { - 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, - 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c }; const uint8_t data[20] = { - 0x54, 0x65, 0x73, 0x74, 0x20, 0x57, 0x69, 0x74, 0x68, 0x20, 0x54, 0x72, - 0x75, 0x6e, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e + 0x54, 0x65, 0x73, 0x74, 0x20, 0x57, 0x69, 0x74, 0x68, 0x20, 0x54, 0x72, + 0x75, 0x6e, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e }; const uint8_t expected[32] = { - 0xa3, 0xb6, 0x16, 0x74, 0x73, 0x10, 0x0e, 0xe0, 0x6e, 0x0c, 0x79, 0x6c, - 0x29, 0x55, 0x55, 0x2b, 0xfa, 0x6f, 0x7c, 0x0a, 0x6a, 0x8a, 0xef, 0x8b, - 0x93, 0xf8, 0x60, 0xaa, 0xb0, 0xcd, 0x20, 0xc5 + 0xa3, 0xb6, 0x16, 0x74, 0x73, 0x10, 0x0e, 0xe0, 0x6e, 0x0c, 0x79, 0x6c, + 0x29, 0x55, 0x55, 0x2b, 0xfa, 0x6f, 0x7c, 0x0a, 0x6a, 0x8a, 0xef, 0x8b, + 0x93, 0xf8, 0x60, 0xaa, 0xb0, 0xcd, 0x20, 0xc5 }; struct tc_hmac_state_struct h; (void)memset(&h, 0x00, sizeof(h)); (void)tc_hmac_set_key(&h, key, sizeof(key)); - result = do_hmac_test(&h, 5, data, sizeof(data), expected, sizeof(expected)); + result = do_hmac_test(&h, 5, data, sizeof(data), + expected, sizeof(expected)); TC_END_RESULT(result); return result; } @@ -208,36 +223,37 @@ uint32_t test_6(void) TC_PRINT("HMAC %s:\n", __func__); const uint8_t key[131] = { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; const uint8_t data[54] = { - 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x4c, - 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, - 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20, 0x4b, 0x65, - 0x79, 0x20, 0x2d, 0x20, 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, - 0x20, 0x46, 0x69, 0x72, 0x73, 0x74 + 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x4c, + 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20, 0x4b, 0x65, + 0x79, 0x20, 0x2d, 0x20, 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, + 0x20, 0x46, 0x69, 0x72, 0x73, 0x74 }; const uint8_t expected[32] = { - 0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a, 0x26, 0xaa, - 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28, 0xc5, 0x14, - 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54 + 0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a, 0x26, 0xaa, + 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28, 0xc5, 0x14, + 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54 }; struct tc_hmac_state_struct h; (void)memset(&h, 0x00, sizeof(h)); (void)tc_hmac_set_key(&h, key, sizeof(key)); - result = do_hmac_test(&h, 6, data, sizeof(data), expected, sizeof(expected)); + result = do_hmac_test(&h, 6, data, sizeof(data), + expected, sizeof(expected)); TC_END_RESULT(result); return result; } @@ -248,44 +264,45 @@ uint32_t test_7(void) TC_PRINT("HMAC %s:\n", __func__); const uint8_t key[131] = { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; const uint8_t data[152] = { - 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, 0x74, 0x65, - 0x73, 0x74, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x61, 0x20, 0x6c, - 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x74, 0x68, 0x61, 0x6e, 0x20, 0x62, - 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x6b, 0x65, - 0x79, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x61, 0x20, 0x6c, 0x61, 0x72, 0x67, - 0x65, 0x72, 0x20, 0x74, 0x68, 0x61, 0x6e, 0x20, 0x62, 0x6c, 0x6f, 0x63, - 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x2e, - 0x20, 0x54, 0x68, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x6e, 0x65, 0x65, - 0x64, 0x73, 0x20, 0x74, 0x6f, 0x20, 0x62, 0x65, 0x20, 0x68, 0x61, 0x73, - 0x68, 0x65, 0x64, 0x20, 0x62, 0x65, 0x66, 0x6f, 0x72, 0x65, 0x20, 0x62, - 0x65, 0x69, 0x6e, 0x67, 0x20, 0x75, 0x73, 0x65, 0x64, 0x20, 0x62, 0x79, - 0x20, 0x74, 0x68, 0x65, 0x20, 0x48, 0x4d, 0x41, 0x43, 0x20, 0x61, 0x6c, - 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x2e + 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, 0x74, 0x65, + 0x73, 0x74, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x61, 0x20, 0x6c, + 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x74, 0x68, 0x61, 0x6e, 0x20, 0x62, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x6b, 0x65, + 0x79, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x61, 0x20, 0x6c, 0x61, 0x72, 0x67, + 0x65, 0x72, 0x20, 0x74, 0x68, 0x61, 0x6e, 0x20, 0x62, 0x6c, 0x6f, 0x63, + 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x64, 0x61, 0x74, 0x61, 0x2e, + 0x20, 0x54, 0x68, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x6e, 0x65, 0x65, + 0x64, 0x73, 0x20, 0x74, 0x6f, 0x20, 0x62, 0x65, 0x20, 0x68, 0x61, 0x73, + 0x68, 0x65, 0x64, 0x20, 0x62, 0x65, 0x66, 0x6f, 0x72, 0x65, 0x20, 0x62, + 0x65, 0x69, 0x6e, 0x67, 0x20, 0x75, 0x73, 0x65, 0x64, 0x20, 0x62, 0x79, + 0x20, 0x74, 0x68, 0x65, 0x20, 0x48, 0x4d, 0x41, 0x43, 0x20, 0x61, 0x6c, + 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x2e }; const uint8_t expected[32] = { - 0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, 0x27, 0x63, 0x5f, 0xbc, - 0xd5, 0xb0, 0xe9, 0x44, 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07, 0x13, 0x93, - 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2 + 0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, 0x27, 0x63, 0x5f, 0xbc, + 0xd5, 0xb0, 0xe9, 0x44, 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07, 0x13, 0x93, + 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2 }; struct tc_hmac_state_struct h; (void)memset(&h, 0x00, sizeof(h)); (void)tc_hmac_set_key(&h, key, sizeof(key)); - result = do_hmac_test(&h, 7, data, sizeof(data), expected, sizeof(expected)); + result = do_hmac_test(&h, 7, data, sizeof(data), + expected, sizeof(expected)); TC_END_RESULT(result); return result; } diff --git a/tests/test_hmac_prng.c b/tests/test_hmac_prng.c index fe1705c..9071305 100644 --- a/tests/test_hmac_prng.c +++ b/tests/test_hmac_prng.c @@ -19,14 +19,15 @@ * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. */ /* @@ -39,10 +40,13 @@ - HMAC-PRNG generate) */ +#include +#include #include -#include -#include +#include +#include +#include /* * Main task to test AES @@ -65,12 +69,15 @@ int main(void) seed[i] = i; } - /* Fake personalization and additional_input (replace by appropriate values): */ - uint8_t *personalization = (uint8_t *) "HOSTNAME"; /* e.g.: hostname+timestamp */ + /* Fake personalization and additional_input (replace by appropriate + * values): * + * e.g.: hostname+timestamp */ + uint8_t *personalization = (uint8_t *) "HOSTNAME"; uint8_t *additional_input = (uint8_t *) "additional input"; TC_PRINT("HMAC-PRNG test#1 (init):\n"); - if (tc_hmac_prng_init(&h, personalization, sizeof(personalization)) == 0) { + if (tc_hmac_prng_init(&h, personalization, + sizeof(personalization)) == 0) { TC_ERROR("HMAC-PRNG initialization failed.\n"); result = TC_FAIL; goto exitTest; diff --git a/tests/test_sha256.c b/tests/test_sha256.c index 78ed36e..5da973f 100644 --- a/tests/test_sha256.c +++ b/tests/test_sha256.c @@ -19,14 +19,15 @@ * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. */ /* @@ -38,6 +39,7 @@ */ #include +#include #include #include @@ -54,9 +56,9 @@ uint32_t test_1(void) TC_PRINT("SHA256 test #1:\n"); const uint8_t expected[32] = { - 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, - 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, - 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad + 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, + 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, + 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }; const char *m = "abc"; uint8_t digest[32]; @@ -65,7 +67,8 @@ uint32_t test_1(void) (void)tc_sha256_init(&s); tc_sha256_update(&s, (const uint8_t *) m, strlen(m)); (void)tc_sha256_final(digest, &s); - result = check_result(1, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(1, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -79,9 +82,9 @@ uint32_t test_2(void) TC_PRINT("SHA256 test #2:\n"); const uint8_t expected[32] = { - 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, 0xe5, 0xc0, 0x26, 0x93, - 0x0c, 0x3e, 0x60, 0x39, 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, - 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 + 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, 0xe5, 0xc0, 0x26, 0x93, + 0x0c, 0x3e, 0x60, 0x39, 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, + 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 }; const char *m = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; uint8_t digest[32]; @@ -91,7 +94,8 @@ uint32_t test_2(void) tc_sha256_update(&s, (const uint8_t *) m, strlen(m)); (void) tc_sha256_final(digest, &s); - result = check_result(2, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(2, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -102,9 +106,9 @@ uint32_t test_3(void) TC_PRINT("SHA256 test #3:\n"); const uint8_t expected[32] = { - 0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, - 0x31, 0x3d, 0x05, 0x70, 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, - 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b + 0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, + 0x31, 0x3d, 0x05, 0x70, 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, + 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b }; const uint8_t m[1] = { 0xbd }; uint8_t digest[32]; @@ -114,7 +118,8 @@ uint32_t test_3(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(3, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(3, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -125,9 +130,9 @@ uint32_t test_4(void) TC_PRINT("SHA256 test #4:\n"); const uint8_t expected[32] = { - 0x7a, 0xbc, 0x22, 0xc0, 0xae, 0x5a, 0xf2, 0x6c, 0xe9, 0x3d, 0xbb, 0x94, - 0x43, 0x3a, 0x0e, 0x0b, 0x2e, 0x11, 0x9d, 0x01, 0x4f, 0x8e, 0x7f, 0x65, - 0xbd, 0x56, 0xc6, 0x1c, 0xcc, 0xcd, 0x95, 0x04 + 0x7a, 0xbc, 0x22, 0xc0, 0xae, 0x5a, 0xf2, 0x6c, 0xe9, 0x3d, 0xbb, 0x94, + 0x43, 0x3a, 0x0e, 0x0b, 0x2e, 0x11, 0x9d, 0x01, 0x4f, 0x8e, 0x7f, 0x65, + 0xbd, 0x56, 0xc6, 0x1c, 0xcc, 0xcd, 0x95, 0x04 }; const uint8_t m[4] = { 0xc9, 0x8c, 0x8e, 0x55 }; uint8_t digest[32]; @@ -137,7 +142,8 @@ uint32_t test_4(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(4, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(4, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -148,9 +154,9 @@ uint32_t test_5(void) TC_PRINT("SHA256 test #5:\n"); const uint8_t expected[32] = { - 0x02, 0x77, 0x94, 0x66, 0xcd, 0xec, 0x16, 0x38, 0x11, 0xd0, 0x78, 0x81, - 0x5c, 0x63, 0x3f, 0x21, 0x90, 0x14, 0x13, 0x08, 0x14, 0x49, 0x00, 0x2f, - 0x24, 0xaa, 0x3e, 0x80, 0xf0, 0xb8, 0x8e, 0xf7 + 0x02, 0x77, 0x94, 0x66, 0xcd, 0xec, 0x16, 0x38, 0x11, 0xd0, 0x78, 0x81, + 0x5c, 0x63, 0x3f, 0x21, 0x90, 0x14, 0x13, 0x08, 0x14, 0x49, 0x00, 0x2f, + 0x24, 0xaa, 0x3e, 0x80, 0xf0, 0xb8, 0x8e, 0xf7 }; uint8_t m[55]; uint8_t digest[32]; @@ -162,7 +168,8 @@ uint32_t test_5(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(5, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(5, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -173,9 +180,9 @@ uint32_t test_6(void) TC_PRINT("SHA256 test #6:\n"); const uint8_t expected[32] = { - 0xd4, 0x81, 0x7a, 0xa5, 0x49, 0x76, 0x28, 0xe7, 0xc7, 0x7e, 0x6b, 0x60, - 0x61, 0x07, 0x04, 0x2b, 0xbb, 0xa3, 0x13, 0x08, 0x88, 0xc5, 0xf4, 0x7a, - 0x37, 0x5e, 0x61, 0x79, 0xbe, 0x78, 0x9f, 0xbb + 0xd4, 0x81, 0x7a, 0xa5, 0x49, 0x76, 0x28, 0xe7, 0xc7, 0x7e, 0x6b, 0x60, + 0x61, 0x07, 0x04, 0x2b, 0xbb, 0xa3, 0x13, 0x08, 0x88, 0xc5, 0xf4, 0x7a, + 0x37, 0x5e, 0x61, 0x79, 0xbe, 0x78, 0x9f, 0xbb }; uint8_t m[56]; uint8_t digest[32]; @@ -187,7 +194,8 @@ uint32_t test_6(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(6, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(6, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -198,9 +206,9 @@ uint32_t test_7(void) TC_PRINT("SHA256 test #7:\n"); const uint8_t expected[32] = { - 0x65, 0xa1, 0x6c, 0xb7, 0x86, 0x13, 0x35, 0xd5, 0xac, 0xe3, 0xc6, 0x07, - 0x18, 0xb5, 0x05, 0x2e, 0x44, 0x66, 0x07, 0x26, 0xda, 0x4c, 0xd1, 0x3b, - 0xb7, 0x45, 0x38, 0x1b, 0x23, 0x5a, 0x17, 0x85 + 0x65, 0xa1, 0x6c, 0xb7, 0x86, 0x13, 0x35, 0xd5, 0xac, 0xe3, 0xc6, 0x07, + 0x18, 0xb5, 0x05, 0x2e, 0x44, 0x66, 0x07, 0x26, 0xda, 0x4c, 0xd1, 0x3b, + 0xb7, 0x45, 0x38, 0x1b, 0x23, 0x5a, 0x17, 0x85 }; uint8_t m[57]; uint8_t digest[32]; @@ -212,7 +220,8 @@ uint32_t test_7(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(7, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(7, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -223,9 +232,9 @@ uint32_t test_8(void) TC_PRINT("SHA256 test #8:\n"); const uint8_t expected[32] = { - 0xf5, 0xa5, 0xfd, 0x42, 0xd1, 0x6a, 0x20, 0x30, 0x27, 0x98, 0xef, 0x6e, - 0xd3, 0x09, 0x97, 0x9b, 0x43, 0x00, 0x3d, 0x23, 0x20, 0xd9, 0xf0, 0xe8, - 0xea, 0x98, 0x31, 0xa9, 0x27, 0x59, 0xfb, 0x4b + 0xf5, 0xa5, 0xfd, 0x42, 0xd1, 0x6a, 0x20, 0x30, 0x27, 0x98, 0xef, 0x6e, + 0xd3, 0x09, 0x97, 0x9b, 0x43, 0x00, 0x3d, 0x23, 0x20, 0xd9, 0xf0, 0xe8, + 0xea, 0x98, 0x31, 0xa9, 0x27, 0x59, 0xfb, 0x4b }; uint8_t m[64]; uint8_t digest[32]; @@ -237,7 +246,8 @@ uint32_t test_8(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(8, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(8, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -248,9 +258,9 @@ uint32_t test_9(void) TC_PRINT("SHA256 test #9:\n"); const uint8_t expected[32] = { - 0x54, 0x1b, 0x3e, 0x9d, 0xaa, 0x09, 0xb2, 0x0b, 0xf8, 0x5f, 0xa2, 0x73, - 0xe5, 0xcb, 0xd3, 0xe8, 0x01, 0x85, 0xaa, 0x4e, 0xc2, 0x98, 0xe7, 0x65, - 0xdb, 0x87, 0x74, 0x2b, 0x70, 0x13, 0x8a, 0x53 + 0x54, 0x1b, 0x3e, 0x9d, 0xaa, 0x09, 0xb2, 0x0b, 0xf8, 0x5f, 0xa2, 0x73, + 0xe5, 0xcb, 0xd3, 0xe8, 0x01, 0x85, 0xaa, 0x4e, 0xc2, 0x98, 0xe7, 0x65, + 0xdb, 0x87, 0x74, 0x2b, 0x70, 0x13, 0x8a, 0x53 }; uint8_t m[1000]; uint8_t digest[32]; @@ -262,7 +272,8 @@ uint32_t test_9(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(9, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(9, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -273,9 +284,9 @@ uint32_t test_10(void) TC_PRINT("SHA256 test #10:\n"); const uint8_t expected[32] = { - 0xc2, 0xe6, 0x86, 0x82, 0x34, 0x89, 0xce, 0xd2, 0x01, 0x7f, 0x60, 0x59, - 0xb8, 0xb2, 0x39, 0x31, 0x8b, 0x63, 0x64, 0xf6, 0xdc, 0xd8, 0x35, 0xd0, - 0xa5, 0x19, 0x10, 0x5a, 0x1e, 0xad, 0xd6, 0xe4 + 0xc2, 0xe6, 0x86, 0x82, 0x34, 0x89, 0xce, 0xd2, 0x01, 0x7f, 0x60, 0x59, + 0xb8, 0xb2, 0x39, 0x31, 0x8b, 0x63, 0x64, 0xf6, 0xdc, 0xd8, 0x35, 0xd0, + 0xa5, 0x19, 0x10, 0x5a, 0x1e, 0xad, 0xd6, 0xe4 }; uint8_t m[1000]; uint8_t digest[32]; @@ -287,7 +298,8 @@ uint32_t test_10(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(10, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(10, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -298,9 +310,9 @@ uint32_t test_11(void) TC_PRINT("SHA256 test #11:\n"); const uint8_t expected[32] = { - 0xf4, 0xd6, 0x2d, 0xde, 0xc0, 0xf3, 0xdd, 0x90, 0xea, 0x13, 0x80, 0xfa, - 0x16, 0xa5, 0xff, 0x8d, 0xc4, 0xc5, 0x4b, 0x21, 0x74, 0x06, 0x50, 0xf2, - 0x4a, 0xfc, 0x41, 0x20, 0x90, 0x35, 0x52, 0xb0 + 0xf4, 0xd6, 0x2d, 0xde, 0xc0, 0xf3, 0xdd, 0x90, 0xea, 0x13, 0x80, 0xfa, + 0x16, 0xa5, 0xff, 0x8d, 0xc4, 0xc5, 0x4b, 0x21, 0x74, 0x06, 0x50, 0xf2, + 0x4a, 0xfc, 0x41, 0x20, 0x90, 0x35, 0x52, 0xb0 }; uint8_t m[1005]; uint8_t digest[32]; @@ -312,7 +324,8 @@ uint32_t test_11(void) tc_sha256_update(&s, m, sizeof(m)); (void)tc_sha256_final(digest, &s); - result = check_result(11, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(11, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -323,9 +336,9 @@ uint32_t test_12(void) TC_PRINT("SHA256 test #12:\n"); const uint8_t expected[32] = { - 0xd2, 0x97, 0x51, 0xf2, 0x64, 0x9b, 0x32, 0xff, 0x57, 0x2b, 0x5e, 0x0a, - 0x9f, 0x54, 0x1e, 0xa6, 0x60, 0xa5, 0x0f, 0x94, 0xff, 0x0b, 0xee, 0xdf, - 0xb0, 0xb6, 0x92, 0xb9, 0x24, 0xcc, 0x80, 0x25 + 0xd2, 0x97, 0x51, 0xf2, 0x64, 0x9b, 0x32, 0xff, 0x57, 0x2b, 0x5e, 0x0a, + 0x9f, 0x54, 0x1e, 0xa6, 0x60, 0xa5, 0x0f, 0x94, 0xff, 0x0b, 0xee, 0xdf, + 0xb0, 0xb6, 0x92, 0xb9, 0x24, 0xcc, 0x80, 0x25 }; uint8_t m[1000]; uint8_t digest[32]; @@ -340,7 +353,8 @@ uint32_t test_12(void) } (void)tc_sha256_final(digest, &s); - result = check_result(12, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(12, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -351,9 +365,9 @@ uint32_t test_13(void) TC_PRINT("SHA256 test #13:\n"); const uint8_t expected[32] = { - 0x15, 0xa1, 0x86, 0x8c, 0x12, 0xcc, 0x53, 0x95, 0x1e, 0x18, 0x23, 0x44, - 0x27, 0x74, 0x47, 0xcd, 0x09, 0x79, 0x53, 0x6b, 0xad, 0xcc, 0x51, 0x2a, - 0xd2, 0x4c, 0x67, 0xe9, 0xb2, 0xd4, 0xf3, 0xdd + 0x15, 0xa1, 0x86, 0x8c, 0x12, 0xcc, 0x53, 0x95, 0x1e, 0x18, 0x23, 0x44, + 0x27, 0x74, 0x47, 0xcd, 0x09, 0x79, 0x53, 0x6b, 0xad, 0xcc, 0x51, 0x2a, + 0xd2, 0x4c, 0x67, 0xe9, 0xb2, 0xd4, 0xf3, 0xdd }; uint8_t m[32768]; uint8_t digest[32]; @@ -368,7 +382,8 @@ uint32_t test_13(void) } (void)tc_sha256_final(digest, &s); - result = check_result(13, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(13, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; } @@ -379,9 +394,9 @@ uint32_t test_14(void) TC_PRINT("SHA256 test #14:\n"); const uint8_t expected[32] = { - 0x46, 0x1c, 0x19, 0xa9, 0x3b, 0xd4, 0x34, 0x4f, 0x92, 0x15, 0xf5, 0xec, - 0x64, 0x35, 0x70, 0x90, 0x34, 0x2b, 0xc6, 0x6b, 0x15, 0xa1, 0x48, 0x31, - 0x7d, 0x27, 0x6e, 0x31, 0xcb, 0xc2, 0x0b, 0x53 + 0x46, 0x1c, 0x19, 0xa9, 0x3b, 0xd4, 0x34, 0x4f, 0x92, 0x15, 0xf5, 0xec, + 0x64, 0x35, 0x70, 0x90, 0x34, 0x2b, 0xc6, 0x6b, 0x15, 0xa1, 0x48, 0x31, + 0x7d, 0x27, 0x6e, 0x31, 0xcb, 0xc2, 0x0b, 0x53 }; uint8_t m[32768]; uint8_t digest[32]; @@ -396,7 +411,8 @@ uint32_t test_14(void) } (void) tc_sha256_final(digest, &s); - result = check_result(14, expected, sizeof(expected), digest, sizeof(digest)); + result = check_result(14, expected, sizeof(expected), + digest, sizeof(digest)); TC_END_RESULT(result); return result; }