From: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org> Neither RFC 3610 nor SP 800-38C contains test vectors for 192 and 256 bit keys and none contains test vectors for 11-bit IV (used in IPsec). So I've used 1st test vector from RFC 3610 and generated the rest of test vectors.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org> --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 5718327018debbb02aacb464493504c95fbe57a3 ** Merge commit sha: c5d9389a8d3b1a532e290aff4508756a920173ee **/ test/validation/api/crypto/odp_crypto_test_inp.c | 71 +++++++++++++ test/validation/api/crypto/test_vectors.h | 128 +++++++++++++++++++++++ 2 files changed, 199 insertions(+) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 5c38ae85f..ae843acf7 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -52,6 +52,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GCM"; case ODP_AUTH_ALG_AES_GMAC: return "ODP_AUTH_ALG_AES_GMAC"; + case ODP_AUTH_ALG_AES_CCM: + return "ODP_AUTH_ALG_AES_CCM"; case ODP_AUTH_ALG_CHACHA20_POLY1305: return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: @@ -72,6 +74,8 @@ static const char *cipher_alg_name(odp_cipher_alg_t cipher) return "ODP_CIPHER_ALG_AES_CBC"; case ODP_CIPHER_ALG_AES_GCM: return "ODP_CIPHER_ALG_AES_GCM"; + case ODP_CIPHER_ALG_AES_CCM: + return "ODP_CIPHER_ALG_AES_CCM"; case ODP_CIPHER_ALG_CHACHA20_POLY1305: return "ODP_CIPHER_ALG_CHACHA20_POLY1305"; default: @@ -477,6 +481,9 @@ static void check_alg(odp_crypto_op_t op, if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && !(capa.ciphers.bit.aes_gcm)) rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CCM && + !(capa.ciphers.bit.aes_ccm)) + rc = -1; if (cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305 && !(capa.ciphers.bit.chacha20_poly1305)) rc = -1; @@ -496,6 +503,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_CCM && + !(capa.auths.bit.aes_ccm)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_CHACHA20_POLY1305 && !(capa.auths.bit.chacha20_poly1305)) rc = -1; @@ -664,6 +674,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_AES_CCM: + if (!capability.ciphers.bit.aes_ccm) + return ODP_TEST_INACTIVE; + break; case ODP_CIPHER_ALG_CHACHA20_POLY1305: if (!capability.ciphers.bit.chacha20_poly1305) return ODP_TEST_INACTIVE; @@ -703,6 +717,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_AES_CCM: + if (!capability.auths.bit.aes_ccm) + return ODP_TEST_INACTIVE; + break; case ODP_AUTH_ALG_CHACHA20_POLY1305: if (!capability.auths.bit.chacha20_poly1305) return ODP_TEST_INACTIVE; @@ -912,6 +930,51 @@ static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) true); } +static int check_alg_aes_ccm(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CCM, ODP_AUTH_ALG_AES_CCM); +} + +static void crypto_test_enc_alg_aes_ccm(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + false); +} + +static void crypto_test_enc_alg_aes_ccm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + true); +} + +static void crypto_test_dec_alg_aes_ccm(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + false); +} + +static void crypto_test_dec_alg_aes_ccm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + true); +} + static int check_alg_aes_cbc(void) { return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); @@ -1311,6 +1374,14 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gcm), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ccm, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ccm_ovr_iv, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ccm, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ccm_ovr_iv, + check_alg_aes_ccm), ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305, check_alg_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305_ovr_iv, diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 97f0620a5..15cd91d21 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -444,6 +444,134 @@ static crypto_test_reference_t aes_gcm_reference[] = { } }; +static crypto_test_reference_t aes_ccm_reference[] = { + /* + * AES-CCM reference from RFC 3610 + */ + { + .cipher_key_length = AES128_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, + 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, + 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84 }, + .digest_length = 8, + .digest = { 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 } + }, + /* The rest of test vectors are generated manually, no "interesting" + * vectors for use cases in RFC 3610 or SP 800-38C. */ + { + .cipher_key_length = AES192_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x57, 0x9f, 0xb8, 0x6e, 0xdd, 0xb4, 0xa6, 0x4a, + 0xae, 0x5f, 0xe9, 0x6d, 0xbd, 0x75, 0x44, 0x05, + 0x33, 0xa9, 0xfc, 0x3a, 0x84, 0x57, 0x36 }, + .digest_length = 8, + .digest = { 0x67, 0xae, 0xc8, 0x0a, 0xc5, 0x88, 0xab, 0x16 } + }, + { + .cipher_key_length = AES256_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x59, 0x61, 0x55, 0x10, 0xa7, 0xc4, 0x3b, 0xfb, + 0x12, 0x3d, 0x63, 0x6b, 0x46, 0x13, 0xc0, 0x3c, + 0x6c, 0xe2, 0x69, 0x07, 0x10, 0x2a, 0x3f }, + .digest_length = 8, + .digest = { 0xb5, 0x57, 0x2a, 0x17, 0x2d, 0x49, 0x16, 0xd5 } + }, + { + .cipher_key_length = AES128_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xaa, 0x2d, 0x3e, 0xcb, 0xa6, 0x68, 0x63, 0x75, + 0x8f, 0x03, 0x01, 0x51, 0x16, 0xde, 0x30, 0xed, + 0x8a, 0xb5, 0x42, 0xdc, 0xfa, 0x72, 0xd0 }, + .digest_length = 8, + .digest = { 0x63, 0xe7, 0x01, 0x5c, 0x69, 0xaf, 0xb4, 0x0c } + }, + { + .cipher_key_length = AES192_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xee, 0x99, 0x99, 0x1e, 0xc5, 0x8f, 0xd7, 0x7e, + 0x56, 0x71, 0x16, 0x39, 0x8e, 0xc4, 0x4f, 0xcc, + 0x14, 0x45, 0x57, 0x3e, 0x38, 0x76, 0x51 }, + .digest_length = 8, + .digest = { 0x31, 0x29, 0x47, 0xa4, 0x6d, 0x76, 0x34, 0xb4 } + }, + { + .cipher_key_length = AES256_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xfa, 0x07, 0x47, 0x5c, 0xe8, 0xc9, 0x37, 0x88, + 0x54, 0x64, 0xb8, 0xc3, 0x85, 0xbb, 0x76, 0x0b, + 0xf2, 0xc2, 0x4c, 0x4e, 0x31, 0x16, 0x77 }, + .digest_length = 8, + .digest = { 0x88, 0x56, 0x7e, 0x19, 0x84, 0x13, 0x29, 0xc4 } + }, +}; + static crypto_test_reference_t aes_gmac_reference[] = { { .auth_key_length = AES128_KEY_LEN,
