2
0

aesgcm.c 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121
  1. /*
  2. * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * Simple AES GCM test program, uses the same NIST data used for the FIPS
  11. * self test but uses the application level EVP APIs.
  12. */
  13. #include <stdio.h>
  14. #include <openssl/bio.h>
  15. #include <openssl/evp.h>
  16. /* AES-GCM test data from NIST public test vectors */
  17. static const unsigned char gcm_key[] = {
  18. 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66,
  19. 0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69,
  20. 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f
  21. };
  22. static const unsigned char gcm_iv[] = {
  23. 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84
  24. };
  25. static const unsigned char gcm_pt[] = {
  26. 0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea,
  27. 0xcc, 0x2b, 0xf2, 0xa5
  28. };
  29. static const unsigned char gcm_aad[] = {
  30. 0x4d, 0x23, 0xc3, 0xce, 0xc3, 0x34, 0xb4, 0x9b, 0xdb, 0x37, 0x0c, 0x43,
  31. 0x7f, 0xec, 0x78, 0xde
  32. };
  33. static const unsigned char gcm_ct[] = {
  34. 0xf7, 0x26, 0x44, 0x13, 0xa8, 0x4c, 0x0e, 0x7c, 0xd5, 0x36, 0x86, 0x7e,
  35. 0xb9, 0xf2, 0x17, 0x36
  36. };
  37. static const unsigned char gcm_tag[] = {
  38. 0x67, 0xba, 0x05, 0x10, 0x26, 0x2a, 0xe4, 0x87, 0xd7, 0x37, 0xee, 0x62,
  39. 0x98, 0xf7, 0x7e, 0x0c
  40. };
  41. void aes_gcm_encrypt(void)
  42. {
  43. EVP_CIPHER_CTX *ctx;
  44. int outlen, tmplen;
  45. unsigned char outbuf[1024];
  46. printf("AES GCM Encrypt:\n");
  47. printf("Plaintext:\n");
  48. BIO_dump_fp(stdout, gcm_pt, sizeof(gcm_pt));
  49. ctx = EVP_CIPHER_CTX_new();
  50. /* Set cipher type and mode */
  51. EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
  52. /* Set IV length if default 96 bits is not appropriate */
  53. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL);
  54. /* Initialise key and IV */
  55. EVP_EncryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv);
  56. /* Zero or more calls to specify any AAD */
  57. EVP_EncryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad));
  58. /* Encrypt plaintext */
  59. EVP_EncryptUpdate(ctx, outbuf, &outlen, gcm_pt, sizeof(gcm_pt));
  60. /* Output encrypted block */
  61. printf("Ciphertext:\n");
  62. BIO_dump_fp(stdout, outbuf, outlen);
  63. /* Finalise: note get no output for GCM */
  64. EVP_EncryptFinal_ex(ctx, outbuf, &outlen);
  65. /* Get tag */
  66. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outbuf);
  67. /* Output tag */
  68. printf("Tag:\n");
  69. BIO_dump_fp(stdout, outbuf, 16);
  70. EVP_CIPHER_CTX_free(ctx);
  71. }
  72. void aes_gcm_decrypt(void)
  73. {
  74. EVP_CIPHER_CTX *ctx;
  75. int outlen, tmplen, rv;
  76. unsigned char outbuf[1024];
  77. printf("AES GCM Decrypt:\n");
  78. printf("Ciphertext:\n");
  79. BIO_dump_fp(stdout, gcm_ct, sizeof(gcm_ct));
  80. ctx = EVP_CIPHER_CTX_new();
  81. /* Select cipher */
  82. EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
  83. /* Set IV length, omit for 96 bits */
  84. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL);
  85. /* Specify key and IV */
  86. EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv);
  87. /* Zero or more calls to specify any AAD */
  88. EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad));
  89. /* Decrypt plaintext */
  90. EVP_DecryptUpdate(ctx, outbuf, &outlen, gcm_ct, sizeof(gcm_ct));
  91. /* Output decrypted block */
  92. printf("Plaintext:\n");
  93. BIO_dump_fp(stdout, outbuf, outlen);
  94. /* Set expected tag value. */
  95. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag),
  96. (void *)gcm_tag);
  97. /* Finalise: note get no output for GCM */
  98. rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen);
  99. /*
  100. * Print out return value. If this is not successful authentication
  101. * failed and plaintext is not trustworthy.
  102. */
  103. printf("Tag Verify %s\n", rv > 0 ? "Successful!" : "Failed!");
  104. EVP_CIPHER_CTX_free(ctx);
  105. }
  106. int main(int argc, char **argv)
  107. {
  108. aes_gcm_encrypt();
  109. aes_gcm_decrypt();
  110. }