fips_aesavs.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935
  1. /* ====================================================================
  2. * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * 1. Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. *
  11. * 2. Redistributions in binary form must reproduce the above copyright
  12. * notice, this list of conditions and the following disclaimer in
  13. * the documentation and/or other materials provided with the
  14. * distribution.
  15. *
  16. * 3. All advertising materials mentioning features or use of this
  17. * software must display the following acknowledgment:
  18. * "This product includes software developed by the OpenSSL Project
  19. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  20. *
  21. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  22. * endorse or promote products derived from this software without
  23. * prior written permission. For written permission, please contact
  24. * openssl-core@openssl.org.
  25. *
  26. * 5. Products derived from this software may not be called "OpenSSL"
  27. * nor may "OpenSSL" appear in their names without prior written
  28. * permission of the OpenSSL Project.
  29. *
  30. * 6. Redistributions of any form whatsoever must retain the following
  31. * acknowledgment:
  32. * "This product includes software developed by the OpenSSL Project
  33. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  34. *
  35. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  36. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  37. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  38. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  39. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  40. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  41. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  42. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  43. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  44. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  45. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  46. * OF THE POSSIBILITY OF SUCH DAMAGE.
  47. *
  48. */
  49. /*---------------------------------------------
  50. NIST AES Algorithm Validation Suite
  51. Test Program
  52. Donated to OpenSSL by:
  53. V-ONE Corporation
  54. 20250 Century Blvd, Suite 300
  55. Germantown, MD 20874
  56. U.S.A.
  57. ----------------------------------------------*/
  58. #define OPENSSL_FIPSAPI
  59. #include <stdio.h>
  60. #include <stdlib.h>
  61. #include <string.h>
  62. #include <errno.h>
  63. #include <assert.h>
  64. #include <ctype.h>
  65. #include <openssl/aes.h>
  66. #include <openssl/evp.h>
  67. #include <openssl/bn.h>
  68. #include <openssl/err.h>
  69. #include "e_os.h"
  70. #ifndef OPENSSL_FIPS
  71. int main(int argc, char *argv[])
  72. {
  73. printf("No FIPS AES support\n");
  74. return(0);
  75. }
  76. #else
  77. #include <openssl/fips.h>
  78. #include "fips_utl.h"
  79. #define AES_BLOCK_SIZE 16
  80. #define VERBOSE 0
  81. /*-----------------------------------------------*/
  82. static int AESTest(EVP_CIPHER_CTX *ctx,
  83. char *amode, int akeysz, unsigned char *aKey,
  84. unsigned char *iVec,
  85. int dir, /* 0 = decrypt, 1 = encrypt */
  86. unsigned char *plaintext, unsigned char *ciphertext, int len)
  87. {
  88. const EVP_CIPHER *cipher = NULL;
  89. if (strcasecmp(amode, "CBC") == 0)
  90. {
  91. switch (akeysz)
  92. {
  93. case 128:
  94. cipher = EVP_aes_128_cbc();
  95. break;
  96. case 192:
  97. cipher = EVP_aes_192_cbc();
  98. break;
  99. case 256:
  100. cipher = EVP_aes_256_cbc();
  101. break;
  102. }
  103. }
  104. else if (strcasecmp(amode, "ECB") == 0)
  105. {
  106. switch (akeysz)
  107. {
  108. case 128:
  109. cipher = EVP_aes_128_ecb();
  110. break;
  111. case 192:
  112. cipher = EVP_aes_192_ecb();
  113. break;
  114. case 256:
  115. cipher = EVP_aes_256_ecb();
  116. break;
  117. }
  118. }
  119. else if (strcasecmp(amode, "CFB128") == 0)
  120. {
  121. switch (akeysz)
  122. {
  123. case 128:
  124. cipher = EVP_aes_128_cfb128();
  125. break;
  126. case 192:
  127. cipher = EVP_aes_192_cfb128();
  128. break;
  129. case 256:
  130. cipher = EVP_aes_256_cfb128();
  131. break;
  132. }
  133. }
  134. else if (strncasecmp(amode, "OFB", 3) == 0)
  135. {
  136. switch (akeysz)
  137. {
  138. case 128:
  139. cipher = EVP_aes_128_ofb();
  140. break;
  141. case 192:
  142. cipher = EVP_aes_192_ofb();
  143. break;
  144. case 256:
  145. cipher = EVP_aes_256_ofb();
  146. break;
  147. }
  148. }
  149. else if(!strcasecmp(amode,"CFB1"))
  150. {
  151. switch (akeysz)
  152. {
  153. case 128:
  154. cipher = EVP_aes_128_cfb1();
  155. break;
  156. case 192:
  157. cipher = EVP_aes_192_cfb1();
  158. break;
  159. case 256:
  160. cipher = EVP_aes_256_cfb1();
  161. break;
  162. }
  163. }
  164. else if(!strcasecmp(amode,"CFB8"))
  165. {
  166. switch (akeysz)
  167. {
  168. case 128:
  169. cipher = EVP_aes_128_cfb8();
  170. break;
  171. case 192:
  172. cipher = EVP_aes_192_cfb8();
  173. break;
  174. case 256:
  175. cipher = EVP_aes_256_cfb8();
  176. break;
  177. }
  178. }
  179. else
  180. {
  181. printf("Unknown mode: %s\n", amode);
  182. return 0;
  183. }
  184. if (!cipher)
  185. {
  186. printf("Invalid key size: %d\n", akeysz);
  187. return 0;
  188. }
  189. if (FIPS_cipherinit(ctx, cipher, aKey, iVec, dir) <= 0)
  190. return 0;
  191. if(!strcasecmp(amode,"CFB1"))
  192. M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS);
  193. if (dir)
  194. FIPS_cipher(ctx, ciphertext, plaintext, len);
  195. else
  196. FIPS_cipher(ctx, plaintext, ciphertext, len);
  197. return 1;
  198. }
  199. /*-----------------------------------------------*/
  200. char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
  201. char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB128"};
  202. enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB128};
  203. enum XCrypt {XDECRYPT, XENCRYPT};
  204. /*=============================*/
  205. /* Monte Carlo Tests */
  206. /*-----------------------------*/
  207. /*#define gb(a,b) (((a)[(b)/8] >> ((b)%8))&1)*/
  208. /*#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << ((b)%8)))|(!!(v) << ((b)%8)))*/
  209. #define gb(a,b) (((a)[(b)/8] >> (7-(b)%8))&1)
  210. #define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << (7-(b)%8)))|(!!(v) << (7-(b)%8)))
  211. static int do_mct(char *amode,
  212. int akeysz, unsigned char *aKey,unsigned char *iVec,
  213. int dir, unsigned char *text, int len,
  214. FILE *rfp)
  215. {
  216. int ret = 0;
  217. unsigned char key[101][32];
  218. unsigned char iv[101][AES_BLOCK_SIZE];
  219. unsigned char ptext[1001][32];
  220. unsigned char ctext[1001][32];
  221. unsigned char ciphertext[64+4];
  222. int i, j, n, n1, n2;
  223. int imode = 0, nkeysz = akeysz/8;
  224. EVP_CIPHER_CTX ctx;
  225. FIPS_cipher_ctx_init(&ctx);
  226. if (len > 32)
  227. {
  228. printf("\n>>>> Length exceeds 32 for %s %d <<<<\n\n",
  229. amode, akeysz);
  230. return -1;
  231. }
  232. for (imode = 0; imode < 6; ++imode)
  233. if (strcmp(amode, t_mode[imode]) == 0)
  234. break;
  235. if (imode == 6)
  236. {
  237. printf("Unrecognized mode: %s\n", amode);
  238. return -1;
  239. }
  240. memcpy(key[0], aKey, nkeysz);
  241. if (iVec)
  242. memcpy(iv[0], iVec, AES_BLOCK_SIZE);
  243. if (dir == XENCRYPT)
  244. memcpy(ptext[0], text, len);
  245. else
  246. memcpy(ctext[0], text, len);
  247. for (i = 0; i < 100; ++i)
  248. {
  249. /* printf("Iteration %d\n", i); */
  250. if (i > 0)
  251. {
  252. fprintf(rfp,"COUNT = %d\n",i);
  253. OutputValue("KEY",key[i],nkeysz,rfp,0);
  254. if (imode != ECB) /* ECB */
  255. OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0);
  256. /* Output Ciphertext | Plaintext */
  257. OutputValue(t_tag[dir^1],dir ? ptext[0] : ctext[0],len,rfp,
  258. imode == CFB1);
  259. }
  260. for (j = 0; j < 1000; ++j)
  261. {
  262. switch (imode)
  263. {
  264. case ECB:
  265. if (j == 0)
  266. { /* set up encryption */
  267. ret = AESTest(&ctx, amode, akeysz, key[i], NULL,
  268. dir, /* 0 = decrypt, 1 = encrypt */
  269. ptext[j], ctext[j], len);
  270. if (dir == XENCRYPT)
  271. memcpy(ptext[j+1], ctext[j], len);
  272. else
  273. memcpy(ctext[j+1], ptext[j], len);
  274. }
  275. else
  276. {
  277. if (dir == XENCRYPT)
  278. {
  279. FIPS_cipher(&ctx, ctext[j], ptext[j], len);
  280. memcpy(ptext[j+1], ctext[j], len);
  281. }
  282. else
  283. {
  284. FIPS_cipher(&ctx, ptext[j], ctext[j], len);
  285. memcpy(ctext[j+1], ptext[j], len);
  286. }
  287. }
  288. break;
  289. case CBC:
  290. case OFB:
  291. case CFB128:
  292. if (j == 0)
  293. {
  294. ret = AESTest(&ctx, amode, akeysz, key[i], iv[i],
  295. dir, /* 0 = decrypt, 1 = encrypt */
  296. ptext[j], ctext[j], len);
  297. if (dir == XENCRYPT)
  298. memcpy(ptext[j+1], iv[i], len);
  299. else
  300. memcpy(ctext[j+1], iv[i], len);
  301. }
  302. else
  303. {
  304. if (dir == XENCRYPT)
  305. {
  306. FIPS_cipher(&ctx, ctext[j], ptext[j], len);
  307. memcpy(ptext[j+1], ctext[j-1], len);
  308. }
  309. else
  310. {
  311. FIPS_cipher(&ctx, ptext[j], ctext[j], len);
  312. memcpy(ctext[j+1], ptext[j-1], len);
  313. }
  314. }
  315. break;
  316. case CFB8:
  317. if (j == 0)
  318. {
  319. ret = AESTest(&ctx, amode, akeysz, key[i], iv[i],
  320. dir, /* 0 = decrypt, 1 = encrypt */
  321. ptext[j], ctext[j], len);
  322. }
  323. else
  324. {
  325. if (dir == XENCRYPT)
  326. FIPS_cipher(&ctx, ctext[j], ptext[j], len);
  327. else
  328. FIPS_cipher(&ctx, ptext[j], ctext[j], len);
  329. }
  330. if (dir == XENCRYPT)
  331. {
  332. if (j < 16)
  333. memcpy(ptext[j+1], &iv[i][j], len);
  334. else
  335. memcpy(ptext[j+1], ctext[j-16], len);
  336. }
  337. else
  338. {
  339. if (j < 16)
  340. memcpy(ctext[j+1], &iv[i][j], len);
  341. else
  342. memcpy(ctext[j+1], ptext[j-16], len);
  343. }
  344. break;
  345. case CFB1:
  346. if(j == 0)
  347. {
  348. #if 0
  349. /* compensate for wrong endianness of input file */
  350. if(i == 0)
  351. ptext[0][0]<<=7;
  352. #endif
  353. ret = AESTest(&ctx,amode,akeysz,key[i],iv[i],dir,
  354. ptext[j], ctext[j], len);
  355. }
  356. else
  357. {
  358. if (dir == XENCRYPT)
  359. FIPS_cipher(&ctx, ctext[j], ptext[j], len);
  360. else
  361. FIPS_cipher(&ctx, ptext[j], ctext[j], len);
  362. }
  363. if(dir == XENCRYPT)
  364. {
  365. if(j < 128)
  366. sb(ptext[j+1],0,gb(iv[i],j));
  367. else
  368. sb(ptext[j+1],0,gb(ctext[j-128],0));
  369. }
  370. else
  371. {
  372. if(j < 128)
  373. sb(ctext[j+1],0,gb(iv[i],j));
  374. else
  375. sb(ctext[j+1],0,gb(ptext[j-128],0));
  376. }
  377. break;
  378. }
  379. }
  380. --j; /* reset to last of range */
  381. /* Output Ciphertext | Plaintext */
  382. OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp,
  383. imode == CFB1);
  384. fprintf(rfp, "\n"); /* add separator */
  385. /* Compute next KEY */
  386. if (dir == XENCRYPT)
  387. {
  388. if (imode == CFB8)
  389. { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */
  390. for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2)
  391. ciphertext[n1] = ctext[j-n2][0];
  392. }
  393. else if(imode == CFB1)
  394. {
  395. for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2)
  396. sb(ciphertext,n1,gb(ctext[j-n2],0));
  397. }
  398. else
  399. switch (akeysz)
  400. {
  401. case 128:
  402. memcpy(ciphertext, ctext[j], 16);
  403. break;
  404. case 192:
  405. memcpy(ciphertext, ctext[j-1]+8, 8);
  406. memcpy(ciphertext+8, ctext[j], 16);
  407. break;
  408. case 256:
  409. memcpy(ciphertext, ctext[j-1], 16);
  410. memcpy(ciphertext+16, ctext[j], 16);
  411. break;
  412. }
  413. }
  414. else
  415. {
  416. if (imode == CFB8)
  417. { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */
  418. for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2)
  419. ciphertext[n1] = ptext[j-n2][0];
  420. }
  421. else if(imode == CFB1)
  422. {
  423. for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2)
  424. sb(ciphertext,n1,gb(ptext[j-n2],0));
  425. }
  426. else
  427. switch (akeysz)
  428. {
  429. case 128:
  430. memcpy(ciphertext, ptext[j], 16);
  431. break;
  432. case 192:
  433. memcpy(ciphertext, ptext[j-1]+8, 8);
  434. memcpy(ciphertext+8, ptext[j], 16);
  435. break;
  436. case 256:
  437. memcpy(ciphertext, ptext[j-1], 16);
  438. memcpy(ciphertext+16, ptext[j], 16);
  439. break;
  440. }
  441. }
  442. /* Compute next key: Key[i+1] = Key[i] xor ct */
  443. for (n = 0; n < nkeysz; ++n)
  444. key[i+1][n] = key[i][n] ^ ciphertext[n];
  445. /* Compute next IV and text */
  446. if (dir == XENCRYPT)
  447. {
  448. switch (imode)
  449. {
  450. case ECB:
  451. memcpy(ptext[0], ctext[j], AES_BLOCK_SIZE);
  452. break;
  453. case CBC:
  454. case OFB:
  455. case CFB128:
  456. memcpy(iv[i+1], ctext[j], AES_BLOCK_SIZE);
  457. memcpy(ptext[0], ctext[j-1], AES_BLOCK_SIZE);
  458. break;
  459. case CFB8:
  460. /* IV[i+1] = ct */
  461. for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2)
  462. iv[i+1][n1] = ctext[j-n2][0];
  463. ptext[0][0] = ctext[j-16][0];
  464. break;
  465. case CFB1:
  466. for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2)
  467. sb(iv[i+1],n1,gb(ctext[j-n2],0));
  468. ptext[0][0]=ctext[j-128][0]&0x80;
  469. break;
  470. }
  471. }
  472. else
  473. {
  474. switch (imode)
  475. {
  476. case ECB:
  477. memcpy(ctext[0], ptext[j], AES_BLOCK_SIZE);
  478. break;
  479. case CBC:
  480. case OFB:
  481. case CFB128:
  482. memcpy(iv[i+1], ptext[j], AES_BLOCK_SIZE);
  483. memcpy(ctext[0], ptext[j-1], AES_BLOCK_SIZE);
  484. break;
  485. case CFB8:
  486. for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2)
  487. iv[i+1][n1] = ptext[j-n2][0];
  488. ctext[0][0] = ptext[j-16][0];
  489. break;
  490. case CFB1:
  491. for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2)
  492. sb(iv[i+1],n1,gb(ptext[j-n2],0));
  493. ctext[0][0]=ptext[j-128][0]&0x80;
  494. break;
  495. }
  496. }
  497. }
  498. return ret;
  499. }
  500. /*================================================*/
  501. /*----------------------------
  502. # Config info for v-one
  503. # AESVS MMT test data for ECB
  504. # State : Encrypt and Decrypt
  505. # Key Length : 256
  506. # Fri Aug 30 04:07:22 PM
  507. ----------------------------*/
  508. static int proc_file(char *rqfile, char *rspfile)
  509. {
  510. char afn[256], rfn[256];
  511. FILE *afp = NULL, *rfp = NULL;
  512. char ibuf[2048];
  513. char tbuf[2048];
  514. int ilen, len, ret = 0;
  515. char algo[8] = "";
  516. char amode[8] = "";
  517. char atest[8] = "";
  518. int akeysz = 0;
  519. unsigned char iVec[20], aKey[40];
  520. int dir = -1, err = 0, step = 0;
  521. unsigned char plaintext[2048];
  522. unsigned char ciphertext[2048];
  523. char *rp;
  524. EVP_CIPHER_CTX ctx;
  525. FIPS_cipher_ctx_init(&ctx);
  526. if (!rqfile || !(*rqfile))
  527. {
  528. printf("No req file\n");
  529. return -1;
  530. }
  531. strcpy(afn, rqfile);
  532. if ((afp = fopen(afn, "r")) == NULL)
  533. {
  534. printf("Cannot open file: %s, %s\n",
  535. afn, strerror(errno));
  536. return -1;
  537. }
  538. if (!rspfile)
  539. {
  540. strcpy(rfn,afn);
  541. rp=strstr(rfn,"req/");
  542. #ifdef OPENSSL_SYS_WIN32
  543. if (!rp)
  544. rp=strstr(rfn,"req\\");
  545. #endif
  546. assert(rp);
  547. memcpy(rp,"rsp",3);
  548. rp = strstr(rfn, ".req");
  549. memcpy(rp, ".rsp", 4);
  550. rspfile = rfn;
  551. }
  552. if ((rfp = fopen(rspfile, "w")) == NULL)
  553. {
  554. printf("Cannot open file: %s, %s\n",
  555. rfn, strerror(errno));
  556. fclose(afp);
  557. afp = NULL;
  558. return -1;
  559. }
  560. while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL)
  561. {
  562. tidy_line(tbuf, ibuf);
  563. ilen = strlen(ibuf);
  564. /* printf("step=%d ibuf=%s",step,ibuf); */
  565. switch (step)
  566. {
  567. case 0: /* read preamble */
  568. if (ibuf[0] == '\n')
  569. { /* end of preamble */
  570. if ((*algo == '\0') ||
  571. (*amode == '\0') ||
  572. (akeysz == 0))
  573. {
  574. printf("Missing Algorithm, Mode or KeySize (%s/%s/%d)\n",
  575. algo,amode,akeysz);
  576. err = 1;
  577. }
  578. else
  579. {
  580. fputs(ibuf, rfp);
  581. ++ step;
  582. }
  583. }
  584. else if (ibuf[0] != '#')
  585. {
  586. printf("Invalid preamble item: %s\n", ibuf);
  587. err = 1;
  588. }
  589. else
  590. { /* process preamble */
  591. char *xp, *pp = ibuf+2;
  592. int n;
  593. if (akeysz)
  594. { /* insert current time & date */
  595. time_t rtim = time(0);
  596. fprintf(rfp, "# %s", ctime(&rtim));
  597. }
  598. else
  599. {
  600. fputs(ibuf, rfp);
  601. if (strncmp(pp, "AESVS ", 6) == 0)
  602. {
  603. strcpy(algo, "AES");
  604. /* get test type */
  605. pp += 6;
  606. xp = strchr(pp, ' ');
  607. n = xp-pp;
  608. strncpy(atest, pp, n);
  609. atest[n] = '\0';
  610. /* get mode */
  611. xp = strrchr(pp, ' '); /* get mode" */
  612. n = strlen(xp+1)-1;
  613. strncpy(amode, xp+1, n);
  614. amode[n] = '\0';
  615. /* amode[3] = '\0'; */
  616. if (VERBOSE)
  617. printf("Test = %s, Mode = %s\n", atest, amode);
  618. }
  619. else if (strncasecmp(pp, "Key Length : ", 13) == 0)
  620. {
  621. akeysz = atoi(pp+13);
  622. if (VERBOSE)
  623. printf("Key size = %d\n", akeysz);
  624. }
  625. }
  626. }
  627. break;
  628. case 1: /* [ENCRYPT] | [DECRYPT] */
  629. if (ibuf[0] == '[')
  630. {
  631. fputs(ibuf, rfp);
  632. ++step;
  633. if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0)
  634. dir = 1;
  635. else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0)
  636. dir = 0;
  637. else
  638. {
  639. printf("Invalid keyword: %s\n", ibuf);
  640. err = 1;
  641. }
  642. break;
  643. }
  644. else if (dir == -1)
  645. {
  646. err = 1;
  647. printf("Missing ENCRYPT/DECRYPT keyword\n");
  648. break;
  649. }
  650. else
  651. step = 2;
  652. case 2: /* KEY = xxxx */
  653. fputs(ibuf, rfp);
  654. if(*ibuf == '\n')
  655. break;
  656. if(!strncasecmp(ibuf,"COUNT = ",8))
  657. break;
  658. if (strncasecmp(ibuf, "KEY = ", 6) != 0)
  659. {
  660. printf("Missing KEY\n");
  661. err = 1;
  662. }
  663. else
  664. {
  665. len = hex2bin((char*)ibuf+6, aKey);
  666. if (len < 0)
  667. {
  668. printf("Invalid KEY\n");
  669. err =1;
  670. break;
  671. }
  672. PrintValue("KEY", aKey, len);
  673. if (strcmp(amode, "ECB") == 0)
  674. {
  675. memset(iVec, 0, sizeof(iVec));
  676. step = (dir)? 4: 5; /* no ivec for ECB */
  677. }
  678. else
  679. ++step;
  680. }
  681. break;
  682. case 3: /* IV = xxxx */
  683. fputs(ibuf, rfp);
  684. if (strncasecmp(ibuf, "IV = ", 5) != 0)
  685. {
  686. printf("Missing IV\n");
  687. err = 1;
  688. }
  689. else
  690. {
  691. len = hex2bin((char*)ibuf+5, iVec);
  692. if (len < 0)
  693. {
  694. printf("Invalid IV\n");
  695. err =1;
  696. break;
  697. }
  698. PrintValue("IV", iVec, len);
  699. step = (dir)? 4: 5;
  700. }
  701. break;
  702. case 4: /* PLAINTEXT = xxxx */
  703. fputs(ibuf, rfp);
  704. if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0)
  705. {
  706. printf("Missing PLAINTEXT\n");
  707. err = 1;
  708. }
  709. else
  710. {
  711. int nn = strlen(ibuf+12);
  712. if(!strcmp(amode,"CFB1"))
  713. len=bint2bin(ibuf+12,nn-1,plaintext);
  714. else
  715. len=hex2bin(ibuf+12, plaintext);
  716. if (len < 0)
  717. {
  718. printf("Invalid PLAINTEXT: %s", ibuf+12);
  719. err =1;
  720. break;
  721. }
  722. if (len >= (int)sizeof(plaintext))
  723. {
  724. printf("Buffer overflow\n");
  725. }
  726. PrintValue("PLAINTEXT", (unsigned char*)plaintext, len);
  727. if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */
  728. {
  729. if(do_mct(amode, akeysz, aKey, iVec,
  730. dir, (unsigned char*)plaintext, len,
  731. rfp) < 0)
  732. EXIT(1);
  733. }
  734. else
  735. {
  736. ret = AESTest(&ctx, amode, akeysz, aKey, iVec,
  737. dir, /* 0 = decrypt, 1 = encrypt */
  738. plaintext, ciphertext, len);
  739. OutputValue("CIPHERTEXT",ciphertext,len,rfp,
  740. !strcmp(amode,"CFB1"));
  741. }
  742. step = 6;
  743. }
  744. break;
  745. case 5: /* CIPHERTEXT = xxxx */
  746. fputs(ibuf, rfp);
  747. if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0)
  748. {
  749. printf("Missing KEY\n");
  750. err = 1;
  751. }
  752. else
  753. {
  754. if(!strcmp(amode,"CFB1"))
  755. len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext);
  756. else
  757. len = hex2bin(ibuf+13,ciphertext);
  758. if (len < 0)
  759. {
  760. printf("Invalid CIPHERTEXT\n");
  761. err =1;
  762. break;
  763. }
  764. PrintValue("CIPHERTEXT", ciphertext, len);
  765. if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */
  766. {
  767. do_mct(amode, akeysz, aKey, iVec,
  768. dir, ciphertext, len, rfp);
  769. }
  770. else
  771. {
  772. ret = AESTest(&ctx, amode, akeysz, aKey, iVec,
  773. dir, /* 0 = decrypt, 1 = encrypt */
  774. plaintext, ciphertext, len);
  775. OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp,
  776. !strcmp(amode,"CFB1"));
  777. }
  778. step = 6;
  779. }
  780. break;
  781. case 6:
  782. if (ibuf[0] != '\n')
  783. {
  784. err = 1;
  785. printf("Missing terminator\n");
  786. }
  787. else if (strcmp(atest, "MCT") != 0)
  788. { /* MCT already added terminating nl */
  789. fputs(ibuf, rfp);
  790. }
  791. step = 1;
  792. break;
  793. }
  794. }
  795. if (rfp)
  796. fclose(rfp);
  797. if (afp)
  798. fclose(afp);
  799. return err;
  800. }
  801. /*--------------------------------------------------
  802. Processes either a single file or
  803. a set of files whose names are passed in a file.
  804. A single file is specified as:
  805. aes_test -f xxx.req
  806. A set of files is specified as:
  807. aes_test -d xxxxx.xxx
  808. The default is: -d req.txt
  809. --------------------------------------------------*/
  810. int main(int argc, char **argv)
  811. {
  812. char *rqlist = "req.txt", *rspfile = NULL;
  813. FILE *fp = NULL;
  814. char fn[250] = "", rfn[256] = "";
  815. int f_opt = 0, d_opt = 1;
  816. fips_algtest_init();
  817. if (argc > 1)
  818. {
  819. if (strcasecmp(argv[1], "-d") == 0)
  820. {
  821. d_opt = 1;
  822. }
  823. else if (strcasecmp(argv[1], "-f") == 0)
  824. {
  825. f_opt = 1;
  826. d_opt = 0;
  827. }
  828. else
  829. {
  830. printf("Invalid parameter: %s\n", argv[1]);
  831. return 0;
  832. }
  833. if (argc < 3)
  834. {
  835. printf("Missing parameter\n");
  836. return 0;
  837. }
  838. if (d_opt)
  839. rqlist = argv[2];
  840. else
  841. {
  842. strcpy(fn, argv[2]);
  843. rspfile = argv[3];
  844. }
  845. }
  846. if (d_opt)
  847. { /* list of files (directory) */
  848. if (!(fp = fopen(rqlist, "r")))
  849. {
  850. printf("Cannot open req list file\n");
  851. return -1;
  852. }
  853. while (fgets(fn, sizeof(fn), fp))
  854. {
  855. strtok(fn, "\r\n");
  856. strcpy(rfn, fn);
  857. if (VERBOSE)
  858. printf("Processing: %s\n", rfn);
  859. if (proc_file(rfn, rspfile))
  860. {
  861. printf(">>> Processing failed for: %s <<<\n", rfn);
  862. EXIT(1);
  863. }
  864. }
  865. fclose(fp);
  866. }
  867. else /* single file */
  868. {
  869. if (VERBOSE)
  870. printf("Processing: %s\n", fn);
  871. if (proc_file(fn, rspfile))
  872. {
  873. printf(">>> Processing failed for: %s <<<\n", fn);
  874. }
  875. }
  876. EXIT(0);
  877. return 0;
  878. }
  879. #endif