On Wed, May 14, 2008 at 8:58 PM, Florent Daigni?re <nextgens at freenetproject.org> wrote: > * Daniel Cheng <j16sdiz+freenet at gmail.com> [2008-05-14 19:31:37]: > >> On Wed, May 14, 2008 at 2:33 PM, Florent Daigni?re >> <nextgens at freenetproject.org> wrote: >> > * Daniel Cheng <j16sdiz+freenet at gmail.com> [2008-05-14 11:34:19]: >> > > On 5/14/08, Florent Daigni?re <nextgens at freenetproject.org> wrote: >> > > > * j16sdiz at freenetproject.org <j16sdiz at freenetproject.org> >> > [2008-05-13 16:11:59]: >> > > > >> > > > > Author: j16sdiz >> > > > > Date: 2008-05-13 16:11:59 +0000 (Tue, 13 May 2008) >> > > > > New Revision: 19914 >> > > > > >> > > > > Added: >> > > > > trunk/freenet/src/freenet/crypt/ciphers/RijndaelTest.java >> > > > > Log: >> > > > > JUnit for Rijndael >> > > > > >> > > > > >> > > > > Added: trunk/freenet/src/freenet/crypt/ciphers/RijndaelTest.java >> > > > > =================================================================== >> > > > > --- trunk/freenet/src/freenet/crypt/ciphers/RijndaelTest.java >> > (rev 0) >> > > > > +++ trunk/freenet/src/freenet/crypt/ciphers/RijndaelTest.java >> > 2008-05-13 16:11:59 UTC (rev 19914) >> > > > > @@ -0,0 +1,95 @@ >> > > > > +/* This code is part of Freenet. It is distributed under the GNU >> > General >> > > > > + * Public License, version 2 (or at your option any later >> > version). See >> > > > > + * http://www.gnu.org/ for further details of the GPL. */ >> > > > > +package freenet.crypt.ciphers; >> > > > > + >> > > > > +import java.util.Arrays; >> > > > > +import java.util.Random; >> > > > > + >> > > > > +import javax.crypto.Cipher; >> > > > > + >> > > > > +import freenet.crypt.UnsupportedCipherException; >> > > > > +import freenet.support.HexUtil; >> > > > > +import junit.framework.TestCase; >> > > > > + >> > > > > +/** >> > > > > + * @author sdiz >> > > > > + */ >> > > > > +public class RijndaelTest extends TestCase { >> > > > > + private final byte[] PLAINTXT128_1 = >> > HexUtil.hexToBytes("0123456789abcdef1123456789abcdef"); >> > > > > + private final byte[] KEY128_1 = >> > HexUtil.hexToBytes("deadbeefcafebabe0123456789abcdef"); >> > > > > + private final byte[] CIPHER128_1 = >> > HexUtil.hexToBytes("8c5b8c04805c0e07dd62b381730d5d10"); >> > > > > + >> > > > > + private final byte[] PLAINTXT192_1 = >> > HexUtil.hexToBytes("0123456789abcdef1123456789abcdef2123456789abcdef"); >> > > > > + private final byte[] KEY192_1 = >> > HexUtil.hexToBytes("deadbeefcafebabe0123456789abcdefcafebabedeadbeef"); >> > > > > + private final byte[] CIPHER192_1 = >> > HexUtil.hexToBytes("7fae974786a9741d96693654bc7a8aff09b3f116840ffced"); >> > > > > + >> > > > > + private final byte[] PLAINTXT256_1 = HexUtil >> > > > > + >> > .hexToBytes("0123456789abcdef1123456789abcdef2123456789abcdef3123456789abcdef"); >> > > > > + private final byte[] KEY256_1 = HexUtil >> > > > > + >> > .hexToBytes("deadbeefcafebabe0123456789abcdefcafebabedeadbeefcafebabe01234567"); >> > > > > + private final byte[] CIPHER256_1 = HexUtil >> > > > > + >> > .hexToBytes("6fcbc68fc938e5f5a7c24d7422f4b5f153257b6fb53e0bca26770497dd65078c"); >> > > > > + >> > > > > + private static final Random rand = new Random(); >> > > > >> > > > Where did you dig those constants from? presumably FIPS but would you >> > > > mind putting a reference in a comment please ? >> > > > >> > > >> > > No, it's not from any know reference. I just pick a random key and >> > > plain text, enipher it, get the ciphertext. >> > > >> > >> > Using our implementation or a 3rd party one ? >> > >> > >> > > I was planning to implement JVM-based AES (bug 2330), this test is >> > > just a casual test to verify the pure java implementation and jvm >> > > implementation matches. >> > > >> > >> > Well then you should be testing it against the live jvm's code and not >> > some pre-computed value if that's the point... >> > >> > Anyway I do suggest you check it against known to be good values: >> > http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf for >> > instance. >> > >> >> No, >> The code we are using is *not* FIPS-197 compliance. The standard test >> vector does not test the use cases we have. > > Okay my bad I didn't check it... still, could we check our code against > their test vectors anyway? On top of the checks you've already > written...
hmmm... Our code failed the ECB_VT test for keySize > 128. This is because NIST changed part of Rijndael when promoting it to AES. (okay, this means bugs#2330 is not fixable) > That might catch things like the infamous encryption bug we had at some > point. (The code was fine on .5, the usecase changed on .7 and it > wasn't anymore) >
