9 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
13 #if defined(WANT_NOT_RND_MPI)
14 #if defined(POLARSSL_BIGNUM_C)
17 #error "not_rnd_mpi() need bignum.c"
23 typedef UINT32 uint32_t;
36 #define GET_UINT32_BE(n,b,i) \
38 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
39 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
40 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
41 | ( (uint32_t) (b)[(i) + 3] ); \
46 #define PUT_UINT32_BE(n,b,i) \
48 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
49 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
50 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
51 (b)[(i) + 3] = (unsigned char) ( (n) ); \
55 static int unhexify(
unsigned char *obuf,
const char *ibuf)
58 int len = strlen(ibuf) / 2;
59 assert(!(strlen(ibuf) %1));
64 if( c >=
'0' && c <=
'9' )
66 else if( c >=
'a' && c <=
'f' )
68 else if( c >=
'A' && c <=
'F' )
74 if( c2 >=
'0' && c2 <=
'9' )
76 else if( c2 >=
'a' && c2 <=
'f' )
78 else if( c2 >=
'A' && c2 <=
'F' )
83 *obuf++ = ( c << 4 ) | c2;
89 static void hexify(
unsigned char *obuf,
const unsigned char *ibuf,
int len)
101 *obuf++ =
'a' + h - 10;
106 *obuf++ =
'a' + l - 10;
122 static int rnd_std_rand(
void *rng_state,
unsigned char *output,
size_t len )
126 if( rng_state != NULL )
129 for( i = 0; i < len; ++i )
140 static int rnd_zero_rand(
void *rng_state,
unsigned char *output,
size_t len )
142 if( rng_state != NULL )
145 memset( output, 0, len );
172 if( rng_state == NULL )
181 memcpy( output, info->
buf, use_len );
182 info->
buf += use_len;
186 if( len - use_len > 0 )
187 return(
rnd_std_rand( NULL, output + use_len, len - use_len ) );
216 uint32_t i, *k, sum, delta=0x9E3779B9;
217 unsigned char result[4];
219 if( rng_state == NULL )
226 size_t use_len = ( len > 4 ) ? 4 : len;
229 for( i = 0; i < 32; i++ )
231 info->
v0 += (((info->
v1 << 4) ^ (info->
v1 >> 5)) + info->
v1) ^ (sum + k[sum & 3]);
233 info->
v1 += (((info->
v0 << 4) ^ (info->
v0 >> 5)) + info->
v0) ^ (sum + k[(sum>>11) & 3]);
237 memcpy( output, result, use_len );
244 #if defined(WANT_NOT_RND_MPI)
253 #define ciL (sizeof(t_uint))
254 #define CHARS_TO_LIMBS(i) (((i) + ciL - 1) / ciL)
255 static int not_rnd_mpi(
void *in,
unsigned char *out,
size_t len )
257 char *str = (
char *) in;
266 X.
n = CHARS_TO_LIMBS( len );
272 assert( strlen( str ) / 2 == len );
284 #ifdef POLARSSL_GCM_C
286 #define TEST_SUITE_ACTIVE
294 if( test_errors == 1 )
295 printf(
"FAILED\n" );
296 printf(
" %s\n", test );
301 #define TEST_ASSERT( TEST ) \
302 do { test_assert( (TEST) ? 1 : 0, #TEST ); \
303 if( test_errors) return; \
308 if( (*str)[0] !=
'"' ||
309 (*str)[strlen( *str ) - 1] !=
'"' )
311 printf(
"Expected string (with \"\") for parameter and got: %s\n", *str );
316 (*str)[strlen( *str ) - 1] =
'\0';
328 for( i = 0; i < strlen( str ); i++ )
330 if( i == 0 && str[i] ==
'-' )
336 if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
337 str[i - 1] ==
'0' && str[i] ==
'x' )
343 if( str[i] <
'0' || str[i] >
'9' )
353 *value = strtol( str, NULL, 16 );
355 *value = strtol( str, NULL, 10 );
360 if( strcmp( str,
"POLARSSL_CIPHER_ID_AES" ) == 0 )
367 printf(
"Expected integer for parameter and got: %s\n", str );
371 void test_suite_gcm_encrypt_and_tag(
int cipher_id,
372 char *hex_key_string,
char *hex_src_string,
373 char *hex_iv_string,
char *hex_add_string,
374 char *hex_dst_string,
int tag_len_bits,
375 char *hex_tag_string,
int init_result )
377 unsigned char key_str[128];
378 unsigned char src_str[128];
379 unsigned char dst_str[257];
380 unsigned char iv_str[128];
381 unsigned char add_str[128];
382 unsigned char tag_str[128];
383 unsigned char output[128];
384 unsigned char tag_output[16];
386 unsigned int key_len;
387 size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
389 memset(key_str, 0x00, 128);
390 memset(src_str, 0x00, 128);
391 memset(dst_str, 0x00, 257);
392 memset(iv_str, 0x00, 128);
393 memset(add_str, 0x00, 128);
394 memset(tag_str, 0x00, 128);
395 memset(output, 0x00, 128);
396 memset(tag_output, 0x00, 16);
398 key_len =
unhexify( key_str, hex_key_string );
399 pt_len =
unhexify( src_str, hex_src_string );
400 iv_len =
unhexify( iv_str, hex_iv_string );
401 add_len =
unhexify( add_str, hex_add_string );
404 if( init_result == 0 )
406 TEST_ASSERT(
gcm_crypt_and_tag( &ctx,
GCM_ENCRYPT, pt_len, iv_str, iv_len, add_str, add_len, src_str, output, tag_len, tag_output ) == 0 );
407 hexify( dst_str, output, pt_len );
408 hexify( tag_str, tag_output, tag_len );
410 TEST_ASSERT( strcmp( (
char *) dst_str, hex_dst_string ) == 0 );
411 TEST_ASSERT( strcmp( (
char *) tag_str, hex_tag_string ) == 0 );
417 void test_suite_gcm_decrypt_and_verify(
int cipher_id,
418 char *hex_key_string,
char *hex_src_string,
419 char *hex_iv_string,
char *hex_add_string,
420 int tag_len_bits,
char *hex_tag_string,
421 char *pt_result,
int init_result )
423 unsigned char key_str[128];
424 unsigned char src_str[128];
425 unsigned char dst_str[257];
426 unsigned char iv_str[128];
427 unsigned char add_str[128];
428 unsigned char tag_str[128];
429 unsigned char output[128];
431 unsigned int key_len;
432 size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
435 memset(key_str, 0x00, 128);
436 memset(src_str, 0x00, 128);
437 memset(dst_str, 0x00, 257);
438 memset(iv_str, 0x00, 128);
439 memset(add_str, 0x00, 128);
440 memset(tag_str, 0x00, 128);
441 memset(output, 0x00, 128);
443 key_len =
unhexify( key_str, hex_key_string );
444 pt_len =
unhexify( src_str, hex_src_string );
445 iv_len =
unhexify( iv_str, hex_iv_string );
446 add_len =
unhexify( add_str, hex_add_string );
447 unhexify( tag_str, hex_tag_string );
450 if( init_result == 0 )
452 ret =
gcm_auth_decrypt( &ctx, pt_len, iv_str, iv_len, add_str, add_len, tag_str, tag_len, src_str, output );
454 if( strcmp(
"FAIL", pt_result ) == 0 )
461 hexify( dst_str, output, pt_len );
463 TEST_ASSERT( strcmp( (
char *) dst_str, pt_result ) == 0 );
470 #ifdef POLARSSL_SELF_TEST
471 void test_suite_gcm_selftest()
486 if( strcmp( str,
"POLARSSL_AES_C" ) == 0 )
488 #if defined(POLARSSL_AES_C)
505 #if defined(TEST_SUITE_ACTIVE)
506 if( strcmp( params[0],
"gcm_encrypt_and_tag" ) == 0 )
510 char *param2 = params[2];
511 char *param3 = params[3];
512 char *param4 = params[4];
513 char *param5 = params[5];
514 char *param6 = params[6];
516 char *param8 = params[8];
521 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 10 );
525 if(
verify_int( params[1], ¶m1 ) != 0 )
return( 2 );
531 if(
verify_int( params[7], ¶m7 ) != 0 )
return( 2 );
533 if(
verify_int( params[9], ¶m9 ) != 0 )
return( 2 );
535 test_suite_gcm_encrypt_and_tag( param1, param2, param3, param4, param5, param6, param7, param8, param9 );
541 if( strcmp( params[0],
"gcm_decrypt_and_verify" ) == 0 )
545 char *param2 = params[2];
546 char *param3 = params[3];
547 char *param4 = params[4];
548 char *param5 = params[5];
550 char *param7 = params[7];
551 char *param8 = params[8];
556 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 10 );
560 if(
verify_int( params[1], ¶m1 ) != 0 )
return( 2 );
565 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
568 if(
verify_int( params[9], ¶m9 ) != 0 )
return( 2 );
570 test_suite_gcm_decrypt_and_verify( param1, param2, param3, param4, param5, param6, param7, param8, param9 );
576 if( strcmp( params[0],
"gcm_selftest" ) == 0 )
578 #ifdef POLARSSL_SELF_TEST
583 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 1 );
588 test_suite_gcm_selftest( );
597 fprintf( stdout,
"FAILED\nSkipping unknown test function '%s'\n", params[0] );
611 ret = fgets( buf, len, f );
615 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\n' )
616 buf[strlen(buf) - 1] =
'\0';
617 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\r' )
618 buf[strlen(buf) - 1] =
'\0';
631 while( *p !=
'\0' && p < buf + len )
641 if( p + 1 < buf + len )
653 for( i = 0; i < cnt; i++ )
660 if( *p ==
'\\' && *(p + 1) ==
'n' )
665 else if( *p ==
'\\' && *(p + 1) ==
':' )
670 else if( *p ==
'\\' && *(p + 1) ==
'?' )
686 int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
687 const char *filename =
"/tmp/B.6b9404fc-5e27-486e-9bbd-77463d7343ee/BUILD/polarssl-1.3.2/tests/suites/test_suite_gcm.aes128_en.data";
692 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
693 unsigned char alloc_buf[1000000];
694 memory_buffer_alloc_init( alloc_buf,
sizeof(alloc_buf) );
697 file = fopen( filename,
"r" );
700 fprintf( stderr,
"Failed to open\n" );
704 while( !feof( file ) )
708 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
710 fprintf( stdout,
"%s%.66s", test_errors ?
"\n" :
"", buf );
711 fprintf( stdout,
" " );
712 for( i = strlen( buf ) + 1; i < 67; i++ )
713 fprintf( stdout,
"." );
714 fprintf( stdout,
" " );
719 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
723 if( strcmp( params[0],
"depends_on" ) == 0 )
725 for( i = 1; i < cnt; i++ )
729 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
740 if( skip == 1 || ret == 3 )
743 fprintf( stdout,
"----\n" );
746 else if( ret == 0 && test_errors == 0 )
748 fprintf( stdout,
"PASS\n" );
753 fprintf( stderr,
"FAILED: FATAL PARSE ERROR\n" );
760 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
762 if( strlen(buf) != 0 )
764 fprintf( stderr,
"Should be empty %d\n", (
int) strlen(buf) );
770 fprintf( stdout,
"\n----------------------------------------------------------------------------\n\n");
771 if( total_errors == 0 )
772 fprintf( stdout,
"PASSED" );
774 fprintf( stdout,
"FAILED" );
776 fprintf( stdout,
" (%d / %d tests (%d skipped))\n",
777 total_tests - total_errors, total_tests, total_skipped );
779 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
780 #if defined(POLARSSL_MEMORY_DEBUG)
781 memory_buffer_alloc_status();
783 memory_buffer_alloc_free();
786 return( total_errors != 0 );
int gcm_auth_decrypt(gcm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *tag, size_t tag_len, const unsigned char *input, unsigned char *output)
GCM buffer authenticated decryption using a block cipher.
Info structure for the pseudo random function.
static int unhexify(unsigned char *obuf, const char *ibuf)
int gcm_self_test(int verbose)
Checkup routine.
Configuration options (set of defines)
static int test_assert(int correct, char *test)
int main(int argc, char *argv[])
Multi-precision integer library.
#define TEST_ASSERT(TEST)
int gcm_crypt_and_tag(gcm_context *ctx, int mode, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, size_t tag_len, unsigned char *tag)
GCM buffer encryption/decryption using a block cipher.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
#define PUT_UINT32_BE(n, b, i)
int gcm_init(gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, unsigned int keysize)
GCM initialization (encryption)
int parse_arguments(char *buf, size_t len, char *params[50])
#define POLARSSL_ERR_GCM_AUTH_FAILED
Authenticated decryption failed.
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
int verify_string(char **str)
void gcm_free(gcm_context *ctx)
Free a GCM context and underlying cipher sub-context.
int dispatch_test(int cnt, char *params[50])
Galois/Counter mode for 128-bit block ciphers.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
int verify_int(char *str, int *value)
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
int get_line(FILE *f, char *buf, size_t len)