mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-20 12:21:01 +00:00
test(crypto): Add AES-GCM tests.
This commit is contained in:
parent
a3adf98e47
commit
f1b5617652
@ -84,6 +84,7 @@ CFLAGS += -DUSE_NEM=1
|
||||
CFLAGS += -DUSE_CARDANO=1
|
||||
CFLAGS += -DUSE_INSECURE_PRNG=1
|
||||
CFLAGS += -DAES_128
|
||||
CFLAGS += -DAES_192
|
||||
CFLAGS += -DAES_VAR
|
||||
CFLAGS += $(shell pkg-config --cflags openssl)
|
||||
|
||||
|
@ -42,6 +42,7 @@
|
||||
#include "address.h"
|
||||
#include "aes/aes.h"
|
||||
#include "aes/aesccm.h"
|
||||
#include "aes/aesgcm.h"
|
||||
#include "base32.h"
|
||||
#include "base58.h"
|
||||
#include "bignum.h"
|
||||
@ -4406,6 +4407,273 @@ START_TEST(test_aesccm) {
|
||||
}
|
||||
END_TEST
|
||||
|
||||
// test vectors from
|
||||
// https://csrc.nist.rip/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
|
||||
START_TEST(test_aesgcm) {
|
||||
struct {
|
||||
char *key;
|
||||
char *iv;
|
||||
char *aad;
|
||||
char *plaintext;
|
||||
char *ciphertext;
|
||||
char *tag;
|
||||
} vectors[] = {
|
||||
// Test case 1
|
||||
{
|
||||
"00000000000000000000000000000000",
|
||||
"000000000000000000000000",
|
||||
"",
|
||||
"",
|
||||
"",
|
||||
"58e2fccefa7e3061367f1d57a4e7455a",
|
||||
},
|
||||
// Test case 2
|
||||
{
|
||||
"00000000000000000000000000000000",
|
||||
"000000000000000000000000",
|
||||
"",
|
||||
"00000000000000000000000000000000",
|
||||
"0388dace60b6a392f328c2b971b2fe78",
|
||||
"ab6e47d42cec13bdf53a67b21257bddf",
|
||||
},
|
||||
// Test case 3
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308",
|
||||
"cafebabefacedbaddecaf888",
|
||||
"",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
|
||||
"42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d5"
|
||||
"14b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
|
||||
"4d5c2af327cd64a62cf35abd2ba6fab4",
|
||||
},
|
||||
// Test case 4
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308",
|
||||
"cafebabefacedbaddecaf888",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d5"
|
||||
"14b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
|
||||
"5bc94fbc3221a5db94fae95ae7121a47",
|
||||
},
|
||||
// Test case 5
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308",
|
||||
"cafebabefacedbad",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c74237380"
|
||||
"6900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
|
||||
"3612d2e79e3b0785561be14aaca2fccb",
|
||||
},
|
||||
// Test case 6
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308",
|
||||
"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0"
|
||||
"c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4"
|
||||
"a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
|
||||
"619cc5aefffe0bfa462af43c1699d050",
|
||||
},
|
||||
// Test case 7
|
||||
{
|
||||
"000000000000000000000000000000000000000000000000",
|
||||
"000000000000000000000000",
|
||||
"",
|
||||
"",
|
||||
"",
|
||||
"cd33b28ac773f74ba00ed1f312572435",
|
||||
},
|
||||
// Test case 8
|
||||
{
|
||||
"000000000000000000000000000000000000000000000000",
|
||||
"000000000000000000000000",
|
||||
"",
|
||||
"00000000000000000000000000000000",
|
||||
"98e7247c07f0fe411c267e4384b0f600",
|
||||
"2ff58d80033927ab8ef4d4587514f0fb",
|
||||
},
|
||||
// Test case 9
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308feffe9928665731c",
|
||||
"cafebabefacedbaddecaf888",
|
||||
"",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
|
||||
"3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d77"
|
||||
"3d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
|
||||
"9924a7c8587336bfb118024db8674a14",
|
||||
},
|
||||
// Test case 10
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308feffe9928665731c",
|
||||
"cafebabefacedbaddecaf888",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d77"
|
||||
"3d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
|
||||
"2519498e80f1478f37ba55bd6d27618c",
|
||||
},
|
||||
// Test case 11
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308feffe9928665731c",
|
||||
"cafebabefacedbad",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc"
|
||||
"29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
|
||||
"65dcc57fcf623a24094fcca40d3533f8",
|
||||
},
|
||||
// Test case 12
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308feffe9928665731c",
|
||||
"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0"
|
||||
"c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e7"
|
||||
"9012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
|
||||
"dcf566ff291c25bbb8568fc3d376a6d9",
|
||||
},
|
||||
// Test case 13
|
||||
{
|
||||
"0000000000000000000000000000000000000000000000000000000000000000",
|
||||
"000000000000000000000000",
|
||||
"",
|
||||
"",
|
||||
"",
|
||||
"530f8afbc74536b9a963b4f1c4cb738b",
|
||||
},
|
||||
// Test case 14
|
||||
{
|
||||
"0000000000000000000000000000000000000000000000000000000000000000",
|
||||
"000000000000000000000000",
|
||||
"",
|
||||
"00000000000000000000000000000000",
|
||||
"cea7403d4d606b6e074ec5d3baf39d18",
|
||||
"d0d1c8a799996bf0265b98b5d48ab919",
|
||||
},
|
||||
// Test case 15
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
|
||||
"cafebabefacedbaddecaf888",
|
||||
"",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
|
||||
"522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb0"
|
||||
"8e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
|
||||
"b094dac5d93471bdec1a502270e3cc6c",
|
||||
},
|
||||
// Test case 16
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
|
||||
"cafebabefacedbaddecaf888",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb0"
|
||||
"8e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
|
||||
"76fc6ece0f4e1768cddf8853bb2d551b",
|
||||
},
|
||||
// Test case 17
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
|
||||
"cafebabefacedbad",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb5"
|
||||
"82d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
|
||||
"3a337dbf46a792c45e454913fe2ea8f2",
|
||||
},
|
||||
// Test case 18
|
||||
{
|
||||
"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
|
||||
"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0"
|
||||
"c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
|
||||
"feedfacedeadbeeffeedfacedeadbeefabaddad2",
|
||||
"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c"
|
||||
"0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
|
||||
"5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0"
|
||||
"c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
|
||||
"a44a8266ee1c8eb0c8b5d4cf5ae9f19a",
|
||||
},
|
||||
};
|
||||
|
||||
uint8_t iv[60] = {0};
|
||||
uint8_t aad[20] = {0};
|
||||
uint8_t msg[64] = {0};
|
||||
uint8_t tag[16] = {0};
|
||||
for (size_t i = 0; i < sizeof(vectors) / sizeof(vectors[0]); ++i) {
|
||||
size_t iv_len = strlen(vectors[i].iv) / 2;
|
||||
memcpy(iv, fromhex(vectors[i].iv), iv_len);
|
||||
size_t aad_len = strlen(vectors[i].aad) / 2;
|
||||
memcpy(aad, fromhex(vectors[i].aad), aad_len);
|
||||
size_t msg_len = strlen(vectors[i].plaintext) / 2;
|
||||
memcpy(msg, fromhex(vectors[i].plaintext), msg_len);
|
||||
size_t tag_len = strlen(vectors[i].tag) / 2;
|
||||
|
||||
// Set key.
|
||||
gcm_ctx ctx = {0};
|
||||
ret_type ret = gcm_init_and_key(fromhex(vectors[i].key),
|
||||
strlen(vectors[i].key) / 2, &ctx);
|
||||
ck_assert_int_eq(ret, RETURN_GOOD);
|
||||
|
||||
// Test encryption.
|
||||
ret = gcm_encrypt_message(iv, iv_len, aad, aad_len, msg, msg_len, tag,
|
||||
tag_len, &ctx);
|
||||
ck_assert_int_eq(ret, RETURN_GOOD);
|
||||
ck_assert_mem_eq(msg, fromhex(vectors[i].ciphertext), msg_len);
|
||||
ck_assert_mem_eq(tag, fromhex(vectors[i].tag), tag_len);
|
||||
|
||||
// Test decryption.
|
||||
ret = gcm_decrypt_message(iv, iv_len, aad, aad_len, msg, msg_len, tag,
|
||||
tag_len, &ctx);
|
||||
ck_assert_int_eq(ret, RETURN_GOOD);
|
||||
ck_assert_mem_eq(msg, fromhex(vectors[i].plaintext), msg_len);
|
||||
|
||||
// Test encryption in three chunks.
|
||||
size_t chunk1_len = msg_len / 6;
|
||||
size_t chunk2_len = msg_len / 2;
|
||||
size_t chunk3_len = msg_len - chunk1_len - chunk2_len;
|
||||
ck_assert_int_eq(gcm_init_message(iv, iv_len, &ctx), RETURN_GOOD);
|
||||
ck_assert_int_eq(gcm_auth_header(aad, aad_len, &ctx), RETURN_GOOD);
|
||||
ck_assert_int_eq(gcm_encrypt(msg, chunk1_len, &ctx), RETURN_GOOD);
|
||||
ret = gcm_encrypt(&msg[chunk1_len], chunk2_len, &ctx);
|
||||
ck_assert_int_eq(ret, RETURN_GOOD);
|
||||
ret = gcm_encrypt(&msg[chunk1_len + chunk2_len], chunk3_len, &ctx);
|
||||
ck_assert_int_eq(ret, RETURN_GOOD);
|
||||
ck_assert_int_eq(gcm_compute_tag(tag, tag_len, &ctx), RETURN_GOOD);
|
||||
ck_assert_mem_eq(msg, fromhex(vectors[i].ciphertext), msg_len);
|
||||
ck_assert_mem_eq(tag, fromhex(vectors[i].tag), tag_len);
|
||||
|
||||
// Test decryption in three chunks.
|
||||
ck_assert_int_eq(gcm_init_message(iv, iv_len, &ctx), RETURN_GOOD);
|
||||
ck_assert_int_eq(gcm_auth_header(aad, aad_len, &ctx), RETURN_GOOD);
|
||||
ck_assert_int_eq(gcm_decrypt(msg, chunk3_len, &ctx), RETURN_GOOD);
|
||||
ret = gcm_decrypt(&msg[chunk3_len], chunk2_len, &ctx);
|
||||
ck_assert_int_eq(ret, RETURN_GOOD);
|
||||
ret = gcm_decrypt(&msg[chunk3_len + chunk2_len], chunk1_len, &ctx);
|
||||
ck_assert_int_eq(ret, RETURN_GOOD);
|
||||
ck_assert_int_eq(gcm_compute_tag(tag, tag_len, &ctx), RETURN_GOOD);
|
||||
ck_assert_mem_eq(msg, fromhex(vectors[i].plaintext), msg_len);
|
||||
ck_assert_mem_eq(tag, fromhex(vectors[i].tag), tag_len);
|
||||
|
||||
// Clean up.
|
||||
ck_assert_int_eq(gcm_end(&ctx), RETURN_GOOD);
|
||||
}
|
||||
}
|
||||
END_TEST
|
||||
|
||||
#define TEST1 "abc"
|
||||
#define TEST2_1 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
|
||||
#define TEST2_2a "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
|
||||
@ -10274,6 +10542,10 @@ Suite *test_suite(void) {
|
||||
tcase_add_test(tc, test_aesccm);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("aes_gcm");
|
||||
tcase_add_test(tc, test_aesgcm);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("sha2");
|
||||
tcase_add_test(tc, test_sha1);
|
||||
tcase_add_test(tc, test_sha256);
|
||||
|
Loading…
Reference in New Issue
Block a user