fips_aesavs.c 26 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808
  1. /* ====================================================================
  2. * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * 1. Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. *
  11. * 2. Redistributions in binary form must reproduce the above copyright
  12. * notice, this list of conditions and the following disclaimer in
  13. * the documentation and/or other materials provided with the
  14. * distribution.
  15. *
  16. * 3. All advertising materials mentioning features or use of this
  17. * software must display the following acknowledgment:
  18. * "This product includes software developed by the OpenSSL Project
  19. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  20. *
  21. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  22. * endorse or promote products derived from this software without
  23. * prior written permission. For written permission, please contact
  24. * openssl-core@openssl.org.
  25. *
  26. * 5. Products derived from this software may not be called "OpenSSL"
  27. * nor may "OpenSSL" appear in their names without prior written
  28. * permission of the OpenSSL Project.
  29. *
  30. * 6. Redistributions of any form whatsoever must retain the following
  31. * acknowledgment:
  32. * "This product includes software developed by the OpenSSL Project
  33. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  34. *
  35. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  36. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  37. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  38. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  39. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  40. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  41. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  42. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  43. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  44. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  45. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  46. * OF THE POSSIBILITY OF SUCH DAMAGE.
  47. *
  48. */
  49. /* --------------------------------------------
  50. NIST AES Algorithm Validation Suite
  51. Test Program
  52. Donated to OpenSSL by:
  53. V-ONE Corporation
  54. 20250 Century Blvd, Suite 300
  55. Germantown, MD 20874
  56. U.S.A.
  57. ----------------------------------------------*/
  58. #include <stdio.h>
  59. #include <stdlib.h>
  60. #include <string.h>
  61. #include <errno.h>
  62. #include <assert.h>
  63. #include <ctype.h>
  64. #include <openssl/aes.h>
  65. #include <openssl/evp.h>
  66. #include <openssl/bn.h>
  67. #include <openssl/err.h>
  68. #include "e_os.h"
  69. #ifndef OPENSSL_FIPS
  70. int main(int argc, char *argv[])
  71. {
  72. printf("No FIPS AES support\n");
  73. return (0);
  74. }
  75. #else
  76. # include <openssl/fips.h>
  77. # include "fips_utl.h"
  78. # define AES_BLOCK_SIZE 16
  79. # define VERBOSE 0
  80. /* ---------------------------------------------*/
  81. static int AESTest(EVP_CIPHER_CTX *ctx,
  82. char *amode, int akeysz, unsigned char *aKey,
  83. unsigned char *iVec,
  84. /* 0 = decrypt, 1 = encrypt */
  85. int dir,
  86. unsigned char *plaintext, unsigned char *ciphertext,
  87. int len)
  88. {
  89. const EVP_CIPHER *cipher = NULL;
  90. if (strcasecmp(amode, "CBC") == 0) {
  91. switch (akeysz) {
  92. case 128:
  93. cipher = EVP_aes_128_cbc();
  94. break;
  95. case 192:
  96. cipher = EVP_aes_192_cbc();
  97. break;
  98. case 256:
  99. cipher = EVP_aes_256_cbc();
  100. break;
  101. }
  102. } else if (strcasecmp(amode, "ECB") == 0) {
  103. switch (akeysz) {
  104. case 128:
  105. cipher = EVP_aes_128_ecb();
  106. break;
  107. case 192:
  108. cipher = EVP_aes_192_ecb();
  109. break;
  110. case 256:
  111. cipher = EVP_aes_256_ecb();
  112. break;
  113. }
  114. } else if (strcasecmp(amode, "CFB128") == 0) {
  115. switch (akeysz) {
  116. case 128:
  117. cipher = EVP_aes_128_cfb128();
  118. break;
  119. case 192:
  120. cipher = EVP_aes_192_cfb128();
  121. break;
  122. case 256:
  123. cipher = EVP_aes_256_cfb128();
  124. break;
  125. }
  126. } else if (strncasecmp(amode, "OFB", 3) == 0) {
  127. switch (akeysz) {
  128. case 128:
  129. cipher = EVP_aes_128_ofb();
  130. break;
  131. case 192:
  132. cipher = EVP_aes_192_ofb();
  133. break;
  134. case 256:
  135. cipher = EVP_aes_256_ofb();
  136. break;
  137. }
  138. } else if (!strcasecmp(amode, "CFB1")) {
  139. switch (akeysz) {
  140. case 128:
  141. cipher = EVP_aes_128_cfb1();
  142. break;
  143. case 192:
  144. cipher = EVP_aes_192_cfb1();
  145. break;
  146. case 256:
  147. cipher = EVP_aes_256_cfb1();
  148. break;
  149. }
  150. } else if (!strcasecmp(amode, "CFB8")) {
  151. switch (akeysz) {
  152. case 128:
  153. cipher = EVP_aes_128_cfb8();
  154. break;
  155. case 192:
  156. cipher = EVP_aes_192_cfb8();
  157. break;
  158. case 256:
  159. cipher = EVP_aes_256_cfb8();
  160. break;
  161. }
  162. } else {
  163. printf("Unknown mode: %s\n", amode);
  164. return 0;
  165. }
  166. if (!cipher) {
  167. printf("Invalid key size: %d\n", akeysz);
  168. return 0;
  169. }
  170. if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0)
  171. return 0;
  172. if (!strcasecmp(amode, "CFB1"))
  173. M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS);
  174. if (dir)
  175. EVP_Cipher(ctx, ciphertext, plaintext, len);
  176. else
  177. EVP_Cipher(ctx, plaintext, ciphertext, len);
  178. return 1;
  179. }
  180. /* ---------------------------------------------*/
  181. char *t_tag[2] = { "PLAINTEXT", "CIPHERTEXT" };
  182. char *t_mode[6] = { "CBC", "ECB", "OFB", "CFB1", "CFB8", "CFB128" };
  183. enum Mode { CBC, ECB, OFB, CFB1, CFB8, CFB128 };
  184. enum XCrypt { XDECRYPT, XENCRYPT };
  185. /*=============================*/
  186. /* Monte Carlo Tests */
  187. /* ---------------------------*/
  188. /*
  189. * #define gb(a,b) (((a)[(b)/8] >> ((b)%8))&1)
  190. */
  191. /*
  192. * #define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << ((b)%8)))|(!!(v) <<
  193. * ((b)%8)))
  194. */
  195. # define gb(a,b) (((a)[(b)/8] >> (7-(b)%8))&1)
  196. # define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << (7-(b)%8)))|(!!(v) << (7-(b)%8)))
  197. static int do_mct(char *amode,
  198. int akeysz, unsigned char *aKey, unsigned char *iVec,
  199. int dir, unsigned char *text, int len, FILE *rfp)
  200. {
  201. int ret = 0;
  202. unsigned char key[101][32];
  203. unsigned char iv[101][AES_BLOCK_SIZE];
  204. unsigned char ptext[1001][32];
  205. unsigned char ctext[1001][32];
  206. unsigned char ciphertext[64 + 4];
  207. int i, j, n, n1, n2;
  208. int imode = 0, nkeysz = akeysz / 8;
  209. EVP_CIPHER_CTX ctx;
  210. EVP_CIPHER_CTX_init(&ctx);
  211. if (len > 32) {
  212. printf("\n>>>> Length exceeds 32 for %s %d <<<<\n\n", amode, akeysz);
  213. return -1;
  214. }
  215. for (imode = 0; imode < 6; ++imode)
  216. if (strcmp(amode, t_mode[imode]) == 0)
  217. break;
  218. if (imode == 6) {
  219. printf("Unrecognized mode: %s\n", amode);
  220. return -1;
  221. }
  222. memcpy(key[0], aKey, nkeysz);
  223. if (iVec)
  224. memcpy(iv[0], iVec, AES_BLOCK_SIZE);
  225. if (dir == XENCRYPT)
  226. memcpy(ptext[0], text, len);
  227. else
  228. memcpy(ctext[0], text, len);
  229. for (i = 0; i < 100; ++i) {
  230. /* printf("Iteration %d\n", i); */
  231. if (i > 0) {
  232. fprintf(rfp, "COUNT = %d\n", i);
  233. OutputValue("KEY", key[i], nkeysz, rfp, 0);
  234. if (imode != ECB) /* ECB */
  235. OutputValue("IV", iv[i], AES_BLOCK_SIZE, rfp, 0);
  236. /* Output Ciphertext | Plaintext */
  237. OutputValue(t_tag[dir ^ 1], dir ? ptext[0] : ctext[0], len, rfp,
  238. imode == CFB1);
  239. }
  240. for (j = 0; j < 1000; ++j) {
  241. switch (imode) {
  242. case ECB:
  243. if (j == 0) { /* set up encryption */
  244. ret = AESTest(&ctx, amode, akeysz, key[i], NULL,
  245. /* 0 = decrypt, 1 = encrypt */
  246. dir, ptext[j], ctext[j], len);
  247. if (dir == XENCRYPT)
  248. memcpy(ptext[j + 1], ctext[j], len);
  249. else
  250. memcpy(ctext[j + 1], ptext[j], len);
  251. } else {
  252. if (dir == XENCRYPT) {
  253. EVP_Cipher(&ctx, ctext[j], ptext[j], len);
  254. memcpy(ptext[j + 1], ctext[j], len);
  255. } else {
  256. EVP_Cipher(&ctx, ptext[j], ctext[j], len);
  257. memcpy(ctext[j + 1], ptext[j], len);
  258. }
  259. }
  260. break;
  261. case CBC:
  262. case OFB:
  263. case CFB128:
  264. if (j == 0) {
  265. ret = AESTest(&ctx, amode, akeysz, key[i], iv[i],
  266. /* 0 = decrypt, 1 = encrypt */
  267. dir, ptext[j], ctext[j], len);
  268. if (dir == XENCRYPT)
  269. memcpy(ptext[j + 1], iv[i], len);
  270. else
  271. memcpy(ctext[j + 1], iv[i], len);
  272. } else {
  273. if (dir == XENCRYPT) {
  274. EVP_Cipher(&ctx, ctext[j], ptext[j], len);
  275. memcpy(ptext[j + 1], ctext[j - 1], len);
  276. } else {
  277. EVP_Cipher(&ctx, ptext[j], ctext[j], len);
  278. memcpy(ctext[j + 1], ptext[j - 1], len);
  279. }
  280. }
  281. break;
  282. case CFB8:
  283. if (j == 0) {
  284. ret = AESTest(&ctx, amode, akeysz, key[i], iv[i],
  285. /* 0 = decrypt, 1 = encrypt */
  286. dir, ptext[j], ctext[j], len);
  287. } else {
  288. if (dir == XENCRYPT)
  289. EVP_Cipher(&ctx, ctext[j], ptext[j], len);
  290. else
  291. EVP_Cipher(&ctx, ptext[j], ctext[j], len);
  292. }
  293. if (dir == XENCRYPT) {
  294. if (j < 16)
  295. memcpy(ptext[j + 1], &iv[i][j], len);
  296. else
  297. memcpy(ptext[j + 1], ctext[j - 16], len);
  298. } else {
  299. if (j < 16)
  300. memcpy(ctext[j + 1], &iv[i][j], len);
  301. else
  302. memcpy(ctext[j + 1], ptext[j - 16], len);
  303. }
  304. break;
  305. case CFB1:
  306. if (j == 0) {
  307. # if 0
  308. /* compensate for wrong endianness of input file */
  309. if (i == 0)
  310. ptext[0][0] <<= 7;
  311. # endif
  312. ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], dir,
  313. ptext[j], ctext[j], len);
  314. } else {
  315. if (dir == XENCRYPT)
  316. EVP_Cipher(&ctx, ctext[j], ptext[j], len);
  317. else
  318. EVP_Cipher(&ctx, ptext[j], ctext[j], len);
  319. }
  320. if (dir == XENCRYPT) {
  321. if (j < 128)
  322. sb(ptext[j + 1], 0, gb(iv[i], j));
  323. else
  324. sb(ptext[j + 1], 0, gb(ctext[j - 128], 0));
  325. } else {
  326. if (j < 128)
  327. sb(ctext[j + 1], 0, gb(iv[i], j));
  328. else
  329. sb(ctext[j + 1], 0, gb(ptext[j - 128], 0));
  330. }
  331. break;
  332. }
  333. }
  334. --j; /* reset to last of range */
  335. /* Output Ciphertext | Plaintext */
  336. OutputValue(t_tag[dir], dir ? ctext[j] : ptext[j], len, rfp,
  337. imode == CFB1);
  338. fprintf(rfp, "\n"); /* add separator */
  339. /* Compute next KEY */
  340. if (dir == XENCRYPT) {
  341. if (imode == CFB8) {
  342. /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */
  343. for (n1 = 0, n2 = nkeysz - 1; n1 < nkeysz; ++n1, --n2)
  344. ciphertext[n1] = ctext[j - n2][0];
  345. } else if (imode == CFB1) {
  346. for (n1 = 0, n2 = akeysz - 1; n1 < akeysz; ++n1, --n2)
  347. sb(ciphertext, n1, gb(ctext[j - n2], 0));
  348. } else
  349. switch (akeysz) {
  350. case 128:
  351. memcpy(ciphertext, ctext[j], 16);
  352. break;
  353. case 192:
  354. memcpy(ciphertext, ctext[j - 1] + 8, 8);
  355. memcpy(ciphertext + 8, ctext[j], 16);
  356. break;
  357. case 256:
  358. memcpy(ciphertext, ctext[j - 1], 16);
  359. memcpy(ciphertext + 16, ctext[j], 16);
  360. break;
  361. }
  362. } else {
  363. if (imode == CFB8) {
  364. /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */
  365. for (n1 = 0, n2 = nkeysz - 1; n1 < nkeysz; ++n1, --n2)
  366. ciphertext[n1] = ptext[j - n2][0];
  367. } else if (imode == CFB1) {
  368. for (n1 = 0, n2 = akeysz - 1; n1 < akeysz; ++n1, --n2)
  369. sb(ciphertext, n1, gb(ptext[j - n2], 0));
  370. } else
  371. switch (akeysz) {
  372. case 128:
  373. memcpy(ciphertext, ptext[j], 16);
  374. break;
  375. case 192:
  376. memcpy(ciphertext, ptext[j - 1] + 8, 8);
  377. memcpy(ciphertext + 8, ptext[j], 16);
  378. break;
  379. case 256:
  380. memcpy(ciphertext, ptext[j - 1], 16);
  381. memcpy(ciphertext + 16, ptext[j], 16);
  382. break;
  383. }
  384. }
  385. /* Compute next key: Key[i+1] = Key[i] xor ct */
  386. for (n = 0; n < nkeysz; ++n)
  387. key[i + 1][n] = key[i][n] ^ ciphertext[n];
  388. /* Compute next IV and text */
  389. if (dir == XENCRYPT) {
  390. switch (imode) {
  391. case ECB:
  392. memcpy(ptext[0], ctext[j], AES_BLOCK_SIZE);
  393. break;
  394. case CBC:
  395. case OFB:
  396. case CFB128:
  397. memcpy(iv[i + 1], ctext[j], AES_BLOCK_SIZE);
  398. memcpy(ptext[0], ctext[j - 1], AES_BLOCK_SIZE);
  399. break;
  400. case CFB8:
  401. /* IV[i+1] = ct */
  402. for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2)
  403. iv[i + 1][n1] = ctext[j - n2][0];
  404. ptext[0][0] = ctext[j - 16][0];
  405. break;
  406. case CFB1:
  407. for (n1 = 0, n2 = 127; n1 < 128; ++n1, --n2)
  408. sb(iv[i + 1], n1, gb(ctext[j - n2], 0));
  409. ptext[0][0] = ctext[j - 128][0] & 0x80;
  410. break;
  411. }
  412. } else {
  413. switch (imode) {
  414. case ECB:
  415. memcpy(ctext[0], ptext[j], AES_BLOCK_SIZE);
  416. break;
  417. case CBC:
  418. case OFB:
  419. case CFB128:
  420. memcpy(iv[i + 1], ptext[j], AES_BLOCK_SIZE);
  421. memcpy(ctext[0], ptext[j - 1], AES_BLOCK_SIZE);
  422. break;
  423. case CFB8:
  424. for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2)
  425. iv[i + 1][n1] = ptext[j - n2][0];
  426. ctext[0][0] = ptext[j - 16][0];
  427. break;
  428. case CFB1:
  429. for (n1 = 0, n2 = 127; n1 < 128; ++n1, --n2)
  430. sb(iv[i + 1], n1, gb(ptext[j - n2], 0));
  431. ctext[0][0] = ptext[j - 128][0] & 0x80;
  432. break;
  433. }
  434. }
  435. }
  436. return ret;
  437. }
  438. /*================================================*/
  439. /* ---------------------------
  440. # Config info for v-one
  441. # AESVS MMT test data for ECB
  442. # State : Encrypt and Decrypt
  443. # Key Length : 256
  444. # Fri Aug 30 04:07:22 PM
  445. ----------------------------*/
  446. static int proc_file(char *rqfile, char *rspfile)
  447. {
  448. char afn[256], rfn[256];
  449. FILE *afp = NULL, *rfp = NULL;
  450. char ibuf[2048];
  451. char tbuf[2048];
  452. int ilen, len, ret = 0;
  453. char algo[8] = "";
  454. char amode[8] = "";
  455. char atest[8] = "";
  456. int akeysz = 0;
  457. unsigned char iVec[20], aKey[40];
  458. int dir = -1, err = 0, step = 0;
  459. unsigned char plaintext[2048];
  460. unsigned char ciphertext[2048];
  461. char *rp;
  462. EVP_CIPHER_CTX ctx;
  463. EVP_CIPHER_CTX_init(&ctx);
  464. if (!rqfile || !(*rqfile)) {
  465. printf("No req file\n");
  466. return -1;
  467. }
  468. strcpy(afn, rqfile);
  469. if ((afp = fopen(afn, "r")) == NULL) {
  470. printf("Cannot open file: %s, %s\n", afn, strerror(errno));
  471. return -1;
  472. }
  473. if (!rspfile) {
  474. strcpy(rfn, afn);
  475. rp = strstr(rfn, "req/");
  476. # ifdef OPENSSL_SYS_WIN32
  477. if (!rp)
  478. rp = strstr(rfn, "req\\");
  479. # endif
  480. assert(rp);
  481. memcpy(rp, "rsp", 3);
  482. rp = strstr(rfn, ".req");
  483. memcpy(rp, ".rsp", 4);
  484. rspfile = rfn;
  485. }
  486. if ((rfp = fopen(rspfile, "w")) == NULL) {
  487. printf("Cannot open file: %s, %s\n", rfn, strerror(errno));
  488. fclose(afp);
  489. afp = NULL;
  490. return -1;
  491. }
  492. while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) {
  493. tidy_line(tbuf, ibuf);
  494. ilen = strlen(ibuf);
  495. /* printf("step=%d ibuf=%s",step,ibuf); */
  496. switch (step) {
  497. case 0: /* read preamble */
  498. if (ibuf[0] == '\n') { /* end of preamble */
  499. if ((*algo == '\0') || (*amode == '\0') || (akeysz == 0)) {
  500. printf("Missing Algorithm, Mode or KeySize (%s/%s/%d)\n",
  501. algo, amode, akeysz);
  502. err = 1;
  503. } else {
  504. fputs(ibuf, rfp);
  505. ++step;
  506. }
  507. } else if (ibuf[0] != '#') {
  508. printf("Invalid preamble item: %s\n", ibuf);
  509. err = 1;
  510. } else { /* process preamble */
  511. char *xp, *pp = ibuf + 2;
  512. int n;
  513. if (akeysz) { /* insert current time & date */
  514. time_t rtim = time(0);
  515. fprintf(rfp, "# %s", ctime(&rtim));
  516. } else {
  517. fputs(ibuf, rfp);
  518. if (strncmp(pp, "AESVS ", 6) == 0) {
  519. strcpy(algo, "AES");
  520. /* get test type */
  521. pp += 6;
  522. xp = strchr(pp, ' ');
  523. n = xp - pp;
  524. strncpy(atest, pp, n);
  525. atest[n] = '\0';
  526. /* get mode */
  527. xp = strrchr(pp, ' '); /* get mode" */
  528. n = strlen(xp + 1) - 1;
  529. strncpy(amode, xp + 1, n);
  530. amode[n] = '\0';
  531. /* amode[3] = '\0'; */
  532. if (VERBOSE)
  533. printf("Test = %s, Mode = %s\n", atest, amode);
  534. } else if (strncasecmp(pp, "Key Length : ", 13) == 0) {
  535. akeysz = atoi(pp + 13);
  536. if (VERBOSE)
  537. printf("Key size = %d\n", akeysz);
  538. }
  539. }
  540. }
  541. break;
  542. case 1: /* [ENCRYPT] | [DECRYPT] */
  543. if (ibuf[0] == '[') {
  544. fputs(ibuf, rfp);
  545. ++step;
  546. if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0)
  547. dir = 1;
  548. else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0)
  549. dir = 0;
  550. else {
  551. printf("Invalid keyword: %s\n", ibuf);
  552. err = 1;
  553. }
  554. break;
  555. } else if (dir == -1) {
  556. err = 1;
  557. printf("Missing ENCRYPT/DECRYPT keyword\n");
  558. break;
  559. } else
  560. step = 2;
  561. case 2: /* KEY = xxxx */
  562. fputs(ibuf, rfp);
  563. if (*ibuf == '\n')
  564. break;
  565. if (!strncasecmp(ibuf, "COUNT = ", 8))
  566. break;
  567. if (strncasecmp(ibuf, "KEY = ", 6) != 0) {
  568. printf("Missing KEY\n");
  569. err = 1;
  570. } else {
  571. len = hex2bin((char *)ibuf + 6, aKey);
  572. if (len < 0) {
  573. printf("Invalid KEY\n");
  574. err = 1;
  575. break;
  576. }
  577. PrintValue("KEY", aKey, len);
  578. if (strcmp(amode, "ECB") == 0) {
  579. memset(iVec, 0, sizeof(iVec));
  580. step = (dir) ? 4 : 5; /* no ivec for ECB */
  581. } else
  582. ++step;
  583. }
  584. break;
  585. case 3: /* IV = xxxx */
  586. fputs(ibuf, rfp);
  587. if (strncasecmp(ibuf, "IV = ", 5) != 0) {
  588. printf("Missing IV\n");
  589. err = 1;
  590. } else {
  591. len = hex2bin((char *)ibuf + 5, iVec);
  592. if (len < 0) {
  593. printf("Invalid IV\n");
  594. err = 1;
  595. break;
  596. }
  597. PrintValue("IV", iVec, len);
  598. step = (dir) ? 4 : 5;
  599. }
  600. break;
  601. case 4: /* PLAINTEXT = xxxx */
  602. fputs(ibuf, rfp);
  603. if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0) {
  604. printf("Missing PLAINTEXT\n");
  605. err = 1;
  606. } else {
  607. int nn = strlen(ibuf + 12);
  608. if (!strcmp(amode, "CFB1"))
  609. len = bint2bin(ibuf + 12, nn - 1, plaintext);
  610. else
  611. len = hex2bin(ibuf + 12, plaintext);
  612. if (len < 0) {
  613. printf("Invalid PLAINTEXT: %s", ibuf + 12);
  614. err = 1;
  615. break;
  616. }
  617. if (len >= (int)sizeof(plaintext)) {
  618. printf("Buffer overflow\n");
  619. }
  620. PrintValue("PLAINTEXT", (unsigned char *)plaintext, len);
  621. if (strcmp(atest, "MCT") == 0) { /* Monte Carlo Test */
  622. if (do_mct(amode, akeysz, aKey, iVec,
  623. dir, (unsigned char *)plaintext, len, rfp) < 0)
  624. EXIT(1);
  625. } else {
  626. ret = AESTest(&ctx, amode, akeysz, aKey, iVec,
  627. /* 0 = decrypt, 1 = encrypt */
  628. dir, plaintext, ciphertext, len);
  629. OutputValue("CIPHERTEXT", ciphertext, len, rfp,
  630. !strcmp(amode, "CFB1"));
  631. }
  632. step = 6;
  633. }
  634. break;
  635. case 5: /* CIPHERTEXT = xxxx */
  636. fputs(ibuf, rfp);
  637. if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0) {
  638. printf("Missing KEY\n");
  639. err = 1;
  640. } else {
  641. if (!strcmp(amode, "CFB1"))
  642. len =
  643. bint2bin(ibuf + 13, strlen(ibuf + 13) - 1,
  644. ciphertext);
  645. else
  646. len = hex2bin(ibuf + 13, ciphertext);
  647. if (len < 0) {
  648. printf("Invalid CIPHERTEXT\n");
  649. err = 1;
  650. break;
  651. }
  652. PrintValue("CIPHERTEXT", ciphertext, len);
  653. if (strcmp(atest, "MCT") == 0) { /* Monte Carlo Test */
  654. do_mct(amode, akeysz, aKey, iVec,
  655. dir, ciphertext, len, rfp);
  656. } else {
  657. ret = AESTest(&ctx, amode, akeysz, aKey, iVec,
  658. /* 0 = decrypt, 1 = encrypt */
  659. dir, plaintext, ciphertext, len);
  660. OutputValue("PLAINTEXT", (unsigned char *)plaintext, len,
  661. rfp, !strcmp(amode, "CFB1"));
  662. }
  663. step = 6;
  664. }
  665. break;
  666. case 6:
  667. if (ibuf[0] != '\n') {
  668. err = 1;
  669. printf("Missing terminator\n");
  670. } else if (strcmp(atest, "MCT") != 0) { /* MCT already added
  671. * terminating nl */
  672. fputs(ibuf, rfp);
  673. }
  674. step = 1;
  675. break;
  676. }
  677. }
  678. if (rfp)
  679. fclose(rfp);
  680. if (afp)
  681. fclose(afp);
  682. return err;
  683. }
  684. /* -------------------------------------------------
  685. Processes either a single file or
  686. a set of files whose names are passed in a file.
  687. A single file is specified as:
  688. aes_test -f xxx.req
  689. A set of files is specified as:
  690. aes_test -d xxxxx.xxx
  691. The default is: -d req.txt
  692. --------------------------------------------------*/
  693. int main(int argc, char **argv)
  694. {
  695. char *rqlist = "req.txt", *rspfile = NULL;
  696. FILE *fp = NULL;
  697. char fn[250] = "", rfn[256] = "";
  698. int f_opt = 0, d_opt = 1;
  699. # ifdef OPENSSL_FIPS
  700. if (!FIPS_mode_set(1)) {
  701. do_print_errors();
  702. EXIT(1);
  703. }
  704. # endif
  705. if (argc > 1) {
  706. if (strcasecmp(argv[1], "-d") == 0) {
  707. d_opt = 1;
  708. } else if (strcasecmp(argv[1], "-f") == 0) {
  709. f_opt = 1;
  710. d_opt = 0;
  711. } else {
  712. printf("Invalid parameter: %s\n", argv[1]);
  713. return 0;
  714. }
  715. if (argc < 3) {
  716. printf("Missing parameter\n");
  717. return 0;
  718. }
  719. if (d_opt)
  720. rqlist = argv[2];
  721. else {
  722. strcpy(fn, argv[2]);
  723. rspfile = argv[3];
  724. }
  725. }
  726. if (d_opt) { /* list of files (directory) */
  727. if (!(fp = fopen(rqlist, "r"))) {
  728. printf("Cannot open req list file\n");
  729. return -1;
  730. }
  731. while (fgets(fn, sizeof(fn), fp)) {
  732. strtok(fn, "\r\n");
  733. strcpy(rfn, fn);
  734. if (VERBOSE)
  735. printf("Processing: %s\n", rfn);
  736. if (proc_file(rfn, rspfile)) {
  737. printf(">>> Processing failed for: %s <<<\n", rfn);
  738. EXIT(1);
  739. }
  740. }
  741. fclose(fp);
  742. } else { /* single file */
  743. if (VERBOSE)
  744. printf("Processing: %s\n", fn);
  745. if (proc_file(fn, rspfile)) {
  746. printf(">>> Processing failed for: %s <<<\n", fn);
  747. }
  748. }
  749. EXIT(0);
  750. return 0;
  751. }
  752. #endif