|
|
@@ -8586,6 +8586,609 @@ static int aesecb_test(void)
|
|
|
}
|
|
|
#endif /* HAVE_AES_ECB */
|
|
|
|
|
|
+#ifdef WOLFSSL_AES_COUNTER
|
|
|
+static int aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
|
|
|
+{
|
|
|
+ int ret;
|
|
|
+
|
|
|
+ /* test vectors from "Recommendation for Block Cipher Modes of
|
|
|
+ * Operation" NIST Special Publication 800-38A */
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIv[] =
|
|
|
+ {
|
|
|
+ 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
|
|
|
+ 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrPlain[] =
|
|
|
+ {
|
|
|
+ 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
|
|
|
+ 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
|
|
|
+ 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,
|
|
|
+ 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
|
|
|
+ 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,
|
|
|
+ 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
|
|
|
+ 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,
|
|
|
+ 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
|
|
|
+ };
|
|
|
+
|
|
|
+#ifdef WOLFSSL_ARMASM
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap32[] =
|
|
|
+ {
|
|
|
+ 0xff,0xff,0xff,0xff,0x0f,0xff,0xff,0xff,
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap32_2[] =
|
|
|
+ {
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
|
|
|
+ 0xff,0xff,0xff,0xff,0x0f,0xff,0xff,0xfe
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap64[] =
|
|
|
+ {
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
|
|
|
+ 0x0f,0xff,0xff,0xff,0xff,0xff,0xff,0xff
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap64_2[] =
|
|
|
+ {
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xf0,
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xfe
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap96[] =
|
|
|
+ {
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
|
|
|
+ 0xff,0xff,0xff,0xff,0x0f,0xff,0xff,0xff
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap96_2[] =
|
|
|
+ {
|
|
|
+ 0xff,0xff,0xff,0xf0,0xff,0xff,0xff,0xff,
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xfe
|
|
|
+ };
|
|
|
+#endif
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap128[] =
|
|
|
+ {
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff
|
|
|
+ };
|
|
|
+#ifdef WOLFSSL_ARMASM
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap128_2[] =
|
|
|
+ {
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
|
|
|
+ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xfe
|
|
|
+ };
|
|
|
+#endif
|
|
|
+
|
|
|
+#ifdef WOLFSSL_AES_128
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte oddCipher[] =
|
|
|
+ {
|
|
|
+ 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
|
|
|
+ 0xc2
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Key[] =
|
|
|
+ {
|
|
|
+ 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
|
|
|
+ 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Cipher[] =
|
|
|
+ {
|
|
|
+ 0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26,
|
|
|
+ 0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce,
|
|
|
+ 0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff,
|
|
|
+ 0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff,
|
|
|
+ 0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e,
|
|
|
+ 0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab,
|
|
|
+ 0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1,
|
|
|
+ 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
|
|
|
+ };
|
|
|
+
|
|
|
+#ifdef WOLFSSL_ARMASM
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap32Cipher[] =
|
|
|
+ {
|
|
|
+ 0xb3,0x8b,0x58,0xbc,0xce,0xf4,0x71,0x78,
|
|
|
+ 0xf6,0x7c,0xdb,0xb4,0x27,0x2b,0x0a,0xbf,
|
|
|
+ 0x7e,0xad,0xea,0x5c,0xd1
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap32CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xb3,0x8b,0x58,0xbc,0xce,0xf4,0x71,0x78,
|
|
|
+ 0xf6,0x7c,0xdb,0xb4,0x27,0x2b,0x0a,0xbf,
|
|
|
+ 0x7e,0xad,0xea,0x5c,0xd1,0xb7,0x98,0xf0,
|
|
|
+ 0x22,0x20,0xfe,0x67,0xb0,0x02,0x23,0x50
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap32_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x6e,0xa1,0x27,0x4d,0xea,0x20,0x5f,0x39,
|
|
|
+ 0x68,0xc8,0xb6,0x78,0xde,0xfc,0x53,0x5c,
|
|
|
+ 0x90,0xc8,0xf6,0xc6,0xfa,0xe0,0x7b,0x09,
|
|
|
+ 0x7c,0xf8,0x9c,0x6a,0x5a,0xa5,0x17,0x7f,
|
|
|
+ 0x03,0x92,0x5f,0x4e,0x85,0xea,0x26,0xc9,
|
|
|
+ 0x5a,0xc2,0x74,0xe2,0xbf,0xe4,0x1b,0xd4
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap64Cipher[] =
|
|
|
+ {
|
|
|
+ 0xdd,0x17,0x10,0x7c,0x45,0x04,0xac,0x43,
|
|
|
+ 0xef,0xa8,0xcc,0x32,0x34,0x87,0x88,0xd7,
|
|
|
+ 0xae,0x74,0x94,0x72,0x8e
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap64CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xdd,0x17,0x10,0x7c,0x45,0x04,0xac,0x43,
|
|
|
+ 0xef,0xa8,0xcc,0x32,0x34,0x87,0x88,0xd7,
|
|
|
+ 0xae,0x74,0x94,0x72,0x8e,0xd0,0x71,0xc0,
|
|
|
+ 0x89,0x8a,0xa1,0xb0,0x29,0xa0,0x10,0x9e
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap64_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x3f,0xe7,0xd5,0xf3,0xfa,0x09,0xfe,0x40,
|
|
|
+ 0xa6,0xa1,0x32,0x8b,0x57,0x12,0xb9,0xfa,
|
|
|
+ 0xf2,0x2d,0xe4,0x3c,0x66,0x1d,0x0a,0x8e,
|
|
|
+ 0x46,0xf8,0x2e,0x33,0xce,0x8d,0x4e,0x3b,
|
|
|
+ 0x17,0x67,0x9e,0x9f,0x76,0x9e,0xc2,0x99,
|
|
|
+ 0xd5,0xd4,0x71,0xed,0xb4,0x33,0xb2,0xcd
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap96Cipher[] =
|
|
|
+ {
|
|
|
+ 0x55,0x24,0xc2,0x73,0xca,0xa3,0x48,0x03,
|
|
|
+ 0x0b,0x72,0x8d,0xd7,0x6c,0x99,0x8e,0x04,
|
|
|
+ 0x9d,0x77,0xc9,0x5f,0x38
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap96CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x55,0x24,0xc2,0x73,0xca,0xa3,0x48,0x03,
|
|
|
+ 0x0b,0x72,0x8d,0xd7,0x6c,0x99,0x8e,0x04,
|
|
|
+ 0x9d,0x77,0xc9,0x5f,0x38,0xb5,0x6e,0x44,
|
|
|
+ 0x21,0x8e,0xda,0x57,0xe0,0x41,0xc7,0x6a
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap96_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xc8,0x81,0x1a,0xbe,0xc7,0x5b,0x93,0x6f,
|
|
|
+ 0xe6,0x52,0xe4,0xb1,0x2d,0x1c,0x39,0xbc,
|
|
|
+ 0xeb,0x82,0x27,0x0a,0x7e,0xa5,0x0e,0x2d,
|
|
|
+ 0x32,0xda,0xbe,0x10,0x7a,0x10,0xcc,0xd3,
|
|
|
+ 0x6f,0xc6,0x83,0x28,0x05,0x57,0x8a,0x24,
|
|
|
+ 0x44,0x76,0x17,0x81,0xb9,0x5c,0x94,0x81
|
|
|
+ };
|
|
|
+#endif
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap128Cipher[] =
|
|
|
+ {
|
|
|
+ 0xe1,0x33,0x38,0xe3,0x6c,0xb7,0x19,0x62,
|
|
|
+ 0xe0,0x0d,0x02,0x0b,0x4c,0xed,0xbd,0x86,
|
|
|
+ 0xd3,0xda,0xe1,0x5b,0x04
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap128CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xe1,0x33,0x38,0xe3,0x6c,0xb7,0x19,0x62,
|
|
|
+ 0xe0,0x0d,0x02,0x0b,0x4c,0xed,0xbd,0x86,
|
|
|
+ 0xd3,0xda,0xe1,0x5b,0x04,0xbb,0x35,0x2f,
|
|
|
+ 0xa0,0xf5,0x9f,0xeb,0xfc,0xb4,0xda,0x3e
|
|
|
+ };
|
|
|
+#ifdef WOLFSSL_ARMASM
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr128Wrap128_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xba,0x76,0xaa,0x54,0xd5,0xb5,0x60,0x67,
|
|
|
+ 0xc1,0xa7,0x90,0x3b,0x3f,0xdd,0xfa,0x89,
|
|
|
+ 0x24,0xdf,0x0c,0x56,0x5c,0xf4,0x2a,0x68,
|
|
|
+ 0x97,0x87,0x13,0xb6,0x7a,0xd1,0x24,0xfd,
|
|
|
+ 0x4d,0x3f,0x77,0x4a,0xb9,0xe4,0x7d,0xa2,
|
|
|
+ 0xdb,0xb9,0x31,0x5e,0xa3,0x11,0x06,0x80
|
|
|
+ };
|
|
|
+#endif
|
|
|
+#endif /* WOLFSSL_AES_128 */
|
|
|
+
|
|
|
+#ifdef WOLFSSL_AES_192
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Key[] =
|
|
|
+ {
|
|
|
+ 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
|
|
|
+ 0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,
|
|
|
+ 0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Cipher[] =
|
|
|
+ {
|
|
|
+ 0x1a,0xbc,0x93,0x24,0x17,0x52,0x1c,0xa2,
|
|
|
+ 0x4f,0x2b,0x04,0x59,0xfe,0x7e,0x6e,0x0b,
|
|
|
+ 0x09,0x03,0x39,0xec,0x0a,0xa6,0xfa,0xef,
|
|
|
+ 0xd5,0xcc,0xc2,0xc6,0xf4,0xce,0x8e,0x94,
|
|
|
+ 0x1e,0x36,0xb2,0x6b,0xd1,0xeb,0xc6,0x70,
|
|
|
+ 0xd1,0xbd,0x1d,0x66,0x56,0x20,0xab,0xf7,
|
|
|
+ 0x4f,0x78,0xa7,0xf6,0xd2,0x98,0x09,0x58,
|
|
|
+ 0x5a,0x97,0xda,0xec,0x58,0xc6,0xb0,0x50
|
|
|
+ };
|
|
|
+
|
|
|
+#ifdef WOLFSSL_ARMASM
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap32Cipher[] =
|
|
|
+ {
|
|
|
+ 0x28,0xaa,0xfa,0x90,0x72,0x74,0x86,0xaf,
|
|
|
+ 0x72,0x73,0x35,0x17,0x70,0x4e,0x7d,0xca,
|
|
|
+ 0x0c,0x33,0x97,0x06,0xc0
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap32CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x28,0xaa,0xfa,0x90,0x72,0x74,0x86,0xaf,
|
|
|
+ 0x72,0x73,0x35,0x17,0x70,0x4e,0x7d,0xca,
|
|
|
+ 0x0c,0x33,0x97,0x06,0xc0,0xbe,0x83,0x87,
|
|
|
+ 0xdd,0xd3,0xff,0xd8,0xe4,0x6a,0x5b,0x84
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap32_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xf5,0x00,0xa2,0x91,0x54,0xa3,0x76,0xa2,
|
|
|
+ 0xdd,0xad,0x16,0x89,0xe5,0xf0,0x1d,0x40,
|
|
|
+ 0x84,0xcd,0x74,0x84,0xcb,0x8b,0x9e,0x29,
|
|
|
+ 0xa9,0x8a,0x12,0x65,0xa0,0x79,0x5e,0xce,
|
|
|
+ 0xd9,0x50,0x65,0x21,0x86,0xb0,0x85,0x0d,
|
|
|
+ 0x98,0x2d,0x9a,0x5a,0x11,0xbe,0xa5,0x7f
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap64Cipher[] =
|
|
|
+ {
|
|
|
+ 0xfe,0x39,0x27,0x97,0xac,0xe5,0xb8,0x74,
|
|
|
+ 0xb9,0x8c,0xbf,0x58,0x71,0xa4,0x80,0x33,
|
|
|
+ 0x3d,0xf7,0xb4,0xfd,0x8c
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap64CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xfe,0x39,0x27,0x97,0xac,0xe5,0xb8,0x74,
|
|
|
+ 0xb9,0x8c,0xbf,0x58,0x71,0xa4,0x80,0x33,
|
|
|
+ 0x3d,0xf7,0xb4,0xfd,0x8c,0x55,0x47,0x10,
|
|
|
+ 0xd5,0x91,0x35,0xbe,0xd8,0x0d,0xa5,0x9e
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap64_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x59,0xf1,0xed,0x70,0x62,0x42,0xa8,0x06,
|
|
|
+ 0x07,0x36,0xe1,0xc5,0x04,0x79,0xc3,0x9b,
|
|
|
+ 0xd1,0x14,0x5c,0xcc,0x6f,0x81,0x5f,0x2f,
|
|
|
+ 0xa0,0xde,0xcf,0x61,0x55,0x18,0x7a,0xac,
|
|
|
+ 0xb0,0x59,0x37,0x90,0x53,0xb3,0x00,0x88,
|
|
|
+ 0xb4,0x49,0x90,0x7b,0x96,0xcd,0xcc,0xc3
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap96Cipher[] =
|
|
|
+ {
|
|
|
+ 0x41,0x21,0x40,0x31,0xfb,0xc8,0xad,0x23,
|
|
|
+ 0xde,0x00,0x03,0xd8,0x96,0x45,0xc7,0xb5,
|
|
|
+ 0x47,0xb5,0xf3,0x30,0x3b
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap96CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x41,0x21,0x40,0x31,0xfb,0xc8,0xad,0x23,
|
|
|
+ 0xde,0x00,0x03,0xd8,0x96,0x45,0xc7,0xb5,
|
|
|
+ 0x47,0xb5,0xf3,0x30,0x3b,0xef,0xcd,0x80,
|
|
|
+ 0xe3,0x61,0x34,0xef,0x4e,0x1b,0x79,0xc1
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap96_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x3c,0xb2,0xff,0xc0,0x24,0xe1,0xf5,0xc4,
|
|
|
+ 0x0f,0xd1,0x0a,0x1b,0xbe,0x1f,0x23,0xa1,
|
|
|
+ 0x8e,0xbf,0x2b,0x96,0xb6,0x37,0xc8,0x25,
|
|
|
+ 0x06,0x90,0xe2,0xca,0x71,0x24,0x52,0x95,
|
|
|
+ 0xaa,0x8c,0x80,0xdf,0xb7,0xd7,0x30,0xb0,
|
|
|
+ 0xcc,0x06,0x4f,0x28,0xa2,0x74,0x27,0xf8
|
|
|
+ };
|
|
|
+#endif
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap128Cipher[] =
|
|
|
+ {
|
|
|
+ 0x5c,0xc3,0x8f,0xab,0x30,0xb6,0xac,0x67,
|
|
|
+ 0xdc,0xc2,0x1e,0x7b,0x01,0x2e,0xcf,0x98,
|
|
|
+ 0x8c,0x68,0xa7,0xd9,0x57
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap128CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x5c,0xc3,0x8f,0xab,0x30,0xb6,0xac,0x67,
|
|
|
+ 0xdc,0xc2,0x1e,0x7b,0x01,0x2e,0xcf,0x98,
|
|
|
+ 0x8c,0x68,0xa7,0xd9,0x57,0xab,0x09,0x0f,
|
|
|
+ 0x01,0xc4,0x4e,0x62,0xaf,0xc2,0xdf,0x1a
|
|
|
+ };
|
|
|
+#ifdef WOLFSSL_ARMASM
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr192Wrap128_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x88,0x0a,0x26,0x4e,0xa8,0x26,0x21,0xe0,
|
|
|
+ 0xfc,0xbc,0x63,0xdc,0xd9,0x60,0x52,0xb2,
|
|
|
+ 0x99,0x2f,0xbb,0x1e,0x00,0xf5,0x9f,0x6d,
|
|
|
+ 0xab,0x48,0x0f,0xc6,0x37,0x12,0x56,0xe3,
|
|
|
+ 0x12,0x8d,0x31,0xc8,0xea,0xf4,0x41,0x82,
|
|
|
+ 0x7a,0x88,0xe0,0xd7,0xf0,0x67,0x03,0xa4
|
|
|
+ };
|
|
|
+#endif
|
|
|
+#endif
|
|
|
+#ifdef WOLFSSL_AES_256
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Key[] =
|
|
|
+ {
|
|
|
+ 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
|
|
|
+ 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
|
|
|
+ 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
|
|
|
+ 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Cipher[] =
|
|
|
+ {
|
|
|
+ 0x60,0x1e,0xc3,0x13,0x77,0x57,0x89,0xa5,
|
|
|
+ 0xb7,0xa7,0xf5,0x04,0xbb,0xf3,0xd2,0x28,
|
|
|
+ 0xf4,0x43,0xe3,0xca,0x4d,0x62,0xb5,0x9a,
|
|
|
+ 0xca,0x84,0xe9,0x90,0xca,0xca,0xf5,0xc5,
|
|
|
+ 0x2b,0x09,0x30,0xda,0xa2,0x3d,0xe9,0x4c,
|
|
|
+ 0xe8,0x70,0x17,0xba,0x2d,0x84,0x98,0x8d,
|
|
|
+ 0xdf,0xc9,0xc5,0x8d,0xb6,0x7a,0xad,0xa6,
|
|
|
+ 0x13,0xc2,0xdd,0x08,0x45,0x79,0x41,0xa6
|
|
|
+ };
|
|
|
+
|
|
|
+#ifdef WOLFSSL_ARMASM
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap32Cipher[] =
|
|
|
+ {
|
|
|
+ 0xb0,0xa8,0xc0,0x65,0x85,0x20,0x0d,0x5c,
|
|
|
+ 0x25,0xcf,0xe7,0x58,0x63,0xc8,0xd4,0xea,
|
|
|
+ 0xa2,0x13,0x47,0x74,0xda
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap32CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xb0,0xa8,0xc0,0x65,0x85,0x20,0x0d,0x5c,
|
|
|
+ 0x25,0xcf,0xe7,0x58,0x63,0xc8,0xd4,0xea,
|
|
|
+ 0xa2,0x13,0x47,0x74,0xda,0x89,0x77,0x40,
|
|
|
+ 0x28,0x9c,0xe8,0x19,0x26,0x32,0xd8,0x1f
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap32_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xf6,0xd9,0x22,0xc6,0x80,0x29,0xaf,0x14,
|
|
|
+ 0x54,0x6c,0x0a,0xce,0x42,0xea,0x3c,0xa1,
|
|
|
+ 0x7c,0xeb,0x36,0x0d,0x8e,0xd7,0x8c,0x59,
|
|
|
+ 0xa8,0x09,0x9f,0x9e,0xba,0x5b,0x95,0xfa,
|
|
|
+ 0x26,0x8c,0x37,0x59,0xf8,0xae,0x8e,0xaa,
|
|
|
+ 0x4d,0xe4,0x1c,0xfe,0x51,0xc7,0xb7,0xcc
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap64Cipher[] =
|
|
|
+ {
|
|
|
+ 0x74,0x1a,0x52,0x41,0x76,0xb4,0x11,0x8f,
|
|
|
+ 0xfd,0x57,0x31,0xfd,0x3d,0x76,0x8f,0x07,
|
|
|
+ 0xd4,0x94,0x4c,0xcd,0x4d
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap64CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x74,0x1a,0x52,0x41,0x76,0xb4,0x11,0x8f,
|
|
|
+ 0xfd,0x57,0x31,0xfd,0x3d,0x76,0x8f,0x07,
|
|
|
+ 0xd4,0x94,0x4c,0xcd,0x4d,0x47,0x5a,0x92,
|
|
|
+ 0x26,0x49,0x81,0x7a,0xda,0x36,0x27,0x01
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap64_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xf7,0x9c,0xbf,0xf6,0xa2,0xaa,0x8a,0x0a,
|
|
|
+ 0x63,0x8a,0x20,0x2f,0x12,0xf1,0x8e,0x49,
|
|
|
+ 0x30,0xc0,0x8d,0x5c,0x5f,0x8b,0xbc,0x16,
|
|
|
+ 0xdd,0x71,0xee,0x13,0x14,0x7b,0xe1,0x25,
|
|
|
+ 0xcb,0x87,0x8a,0xc6,0xdc,0x1d,0x54,0x7a,
|
|
|
+ 0xe1,0xe4,0x6f,0x0d,0x95,0x1b,0xd1,0x8b
|
|
|
+ };
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap96Cipher[] =
|
|
|
+ {
|
|
|
+ 0xb9,0x07,0x02,0xb8,0xbe,0x94,0xbf,0x53,
|
|
|
+ 0xdf,0x83,0x8e,0x23,0x8c,0x67,0x0c,0x81,
|
|
|
+ 0xb8,0x69,0xa1,0x48,0x45
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap96CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xb9,0x07,0x02,0xb8,0xbe,0x94,0xbf,0x53,
|
|
|
+ 0xdf,0x83,0x8e,0x23,0x8c,0x67,0x0c,0x81,
|
|
|
+ 0xb8,0x69,0xa1,0x48,0x45,0xf1,0xc6,0x27,
|
|
|
+ 0x36,0xa8,0xb2,0x4b,0x0e,0x62,0x6b,0x72
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap96_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0xd5,0x56,0x73,0xaa,0xb8,0xe4,0x06,0xf6,
|
|
|
+ 0x83,0x45,0x3a,0xb4,0xb9,0x63,0xec,0xad,
|
|
|
+ 0x73,0xc5,0xab,0x78,0xb1,0x21,0xab,0xef,
|
|
|
+ 0x69,0x15,0xb7,0x0c,0xe9,0xb4,0x3a,0xe7,
|
|
|
+ 0xbc,0xc4,0x22,0xbd,0x93,0xba,0x52,0xe0,
|
|
|
+ 0x91,0x2f,0x5e,0x8d,0x6d,0x59,0xf7,0xc2
|
|
|
+ };
|
|
|
+#endif
|
|
|
+
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap128Cipher[] =
|
|
|
+ {
|
|
|
+ 0x50,0xfd,0x97,0xc3,0xe6,0x1a,0xbb,0x48,
|
|
|
+ 0x73,0xfb,0x78,0xdf,0x1e,0x8e,0x77,0xe6,
|
|
|
+ 0x4b,0x45,0x7c,0xd6,0x8a
|
|
|
+ };
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap128CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x50,0xfd,0x97,0xc3,0xe6,0x1a,0xbb,0x48,
|
|
|
+ 0x73,0xfb,0x78,0xdf,0x1e,0x8e,0x77,0xe6,
|
|
|
+ 0x4b,0x45,0x7c,0xd6,0x8a,0xcc,0xda,0x4a,
|
|
|
+ 0x89,0xfa,0x23,0x6c,0x06,0xbf,0x26,0x05
|
|
|
+ };
|
|
|
+#ifdef WOLFSSL_ARMASM
|
|
|
+ WOLFSSL_SMALL_STACK_STATIC const byte ctr256Wrap128_2CipherLong[] =
|
|
|
+ {
|
|
|
+ 0x24,0x5c,0x09,0xa0,0x3b,0x1a,0x5a,0x94,
|
|
|
+ 0x2b,0x93,0x56,0x13,0x48,0xa0,0x21,0xce,
|
|
|
+ 0x95,0x11,0xa3,0x76,0xd6,0x59,0x88,0x42,
|
|
|
+ 0x04,0x71,0x69,0x62,0x28,0xb2,0xee,0x9d,
|
|
|
+ 0xd5,0xa0,0xea,0xc7,0x37,0x93,0x92,0xc7,
|
|
|
+ 0xf2,0xb6,0x8d,0xd9,0x59,0x1a,0xfa,0xbb
|
|
|
+ };
|
|
|
+#endif
|
|
|
+#endif
|
|
|
+ int i;
|
|
|
+ struct {
|
|
|
+ const byte* key;
|
|
|
+ int keySz;
|
|
|
+ const byte* iv;
|
|
|
+ const byte* plain;
|
|
|
+ int len;
|
|
|
+ const byte* cipher;
|
|
|
+ } testVec[] = {
|
|
|
+#ifdef WOLFSSL_AES_128
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIv,
|
|
|
+ ctrPlain, (int)sizeof(ctrPlain), ctr128Cipher },
|
|
|
+ /* let's try with just 9 bytes, non block size test */
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIv,
|
|
|
+ ctrPlain, (int)sizeof(oddCipher), ctr128Cipher },
|
|
|
+ /* and an additional 9 bytes to reuse tmp left buffer */
|
|
|
+ { NULL, 0, NULL, ctrPlain, (int)sizeof(oddCipher), oddCipher },
|
|
|
+ /* Counter wrapping */
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap128Cipher), ctr128Wrap128Cipher },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap128CipherLong),
|
|
|
+ ctr128Wrap128CipherLong },
|
|
|
+ #ifdef WOLFSSL_ARMASM
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap128_2CipherLong),
|
|
|
+ ctr128Wrap128_2CipherLong },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap96,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap96Cipher), ctr128Wrap96Cipher },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap96,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap96CipherLong),
|
|
|
+ ctr128Wrap96CipherLong },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap96_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap96_2CipherLong),
|
|
|
+ ctr128Wrap96_2CipherLong },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap64,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap64Cipher), ctr128Wrap64Cipher },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap64,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap64CipherLong),
|
|
|
+ ctr128Wrap64CipherLong },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap64_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap64_2CipherLong),
|
|
|
+ ctr128Wrap64_2CipherLong },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap32,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap32Cipher), ctr128Wrap32Cipher },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap32,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap32CipherLong),
|
|
|
+ ctr128Wrap32CipherLong },
|
|
|
+ { ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap32_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr128Wrap32_2CipherLong),
|
|
|
+ ctr128Wrap32_2CipherLong },
|
|
|
+ #endif
|
|
|
+#endif
|
|
|
+#ifdef WOLFSSL_AES_192
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIv,
|
|
|
+ ctrPlain, (int)sizeof(ctrPlain), ctr192Cipher },
|
|
|
+ /* let's try with just 9 bytes, non block size test */
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIv,
|
|
|
+ ctrPlain, (int)sizeof(oddCipher), ctr192Cipher },
|
|
|
+ /* Counter wrapping */
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap128Cipher), ctr192Wrap128Cipher },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap128CipherLong),
|
|
|
+ ctr192Wrap128CipherLong },
|
|
|
+ #ifdef WOLFSSL_ARMASM
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap128_2CipherLong),
|
|
|
+ ctr192Wrap128_2CipherLong },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap96,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap96Cipher), ctr192Wrap96Cipher },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap96,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap96CipherLong),
|
|
|
+ ctr192Wrap96CipherLong },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap96_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap96_2CipherLong),
|
|
|
+ ctr192Wrap96_2CipherLong },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap64,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap64Cipher), ctr192Wrap64Cipher },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap64,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap64CipherLong),
|
|
|
+ ctr192Wrap64CipherLong },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap64_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap64_2CipherLong),
|
|
|
+ ctr192Wrap64_2CipherLong },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap32,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap32Cipher), ctr192Wrap32Cipher },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap32,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap32CipherLong),
|
|
|
+ ctr192Wrap32CipherLong },
|
|
|
+ { ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap32_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr192Wrap32_2CipherLong),
|
|
|
+ ctr192Wrap32_2CipherLong },
|
|
|
+ #endif
|
|
|
+#endif
|
|
|
+#ifdef WOLFSSL_AES_256
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIv,
|
|
|
+ ctrPlain, (int)sizeof(ctrPlain), ctr256Cipher },
|
|
|
+ /* let's try with just 9 bytes, non block size test */
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIv,
|
|
|
+ ctrPlain, (int)sizeof(oddCipher), ctr256Cipher },
|
|
|
+ /* Counter wrapping */
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap128Cipher), ctr256Wrap128Cipher },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap128CipherLong),
|
|
|
+ ctr256Wrap128CipherLong },
|
|
|
+ #ifdef WOLFSSL_ARMASM
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap128_2CipherLong),
|
|
|
+ ctr256Wrap128_2CipherLong },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap96,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap96Cipher), ctr256Wrap96Cipher },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap96,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap96CipherLong),
|
|
|
+ ctr256Wrap96CipherLong },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap96_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap96_2CipherLong),
|
|
|
+ ctr256Wrap96_2CipherLong },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap64,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap64Cipher), ctr256Wrap64Cipher },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap64,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap64CipherLong),
|
|
|
+ ctr256Wrap64CipherLong },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap64_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap64_2CipherLong),
|
|
|
+ ctr256Wrap64_2CipherLong },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap32,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap32Cipher), ctr256Wrap32Cipher },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap32,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap32CipherLong),
|
|
|
+ ctr256Wrap32CipherLong },
|
|
|
+ { ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap32_2,
|
|
|
+ ctrPlain, (int)sizeof(ctr256Wrap32_2CipherLong),
|
|
|
+ ctr256Wrap32_2CipherLong },
|
|
|
+ #endif
|
|
|
+#endif
|
|
|
+ };
|
|
|
+ #define AES_CTR_TEST_LEN (int)(sizeof(testVec) / sizeof(*testVec))
|
|
|
+
|
|
|
+ for (i = 0; i < AES_CTR_TEST_LEN; i++) {
|
|
|
+ if (testVec[i].key != NULL) {
|
|
|
+ ret = wc_AesSetKeyDirect(enc, testVec[i].key, testVec[i].keySz,
|
|
|
+ testVec[i].iv, AES_ENCRYPTION);
|
|
|
+ if (ret != 0) {
|
|
|
+ ERROR_OUT(-5930 - i * 10, out);
|
|
|
+ }
|
|
|
+ /* Ctr only uses encrypt, even on key setup */
|
|
|
+ ret = wc_AesSetKeyDirect(dec, testVec[i].key, testVec[i].keySz,
|
|
|
+ testVec[i].iv, AES_ENCRYPTION);
|
|
|
+ if (ret != 0) {
|
|
|
+ ERROR_OUT(-5931 - i * 10, out);
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ ret = wc_AesCtrEncrypt(enc, cipher, testVec[i].plain, testVec[i].len);
|
|
|
+ if (ret != 0) {
|
|
|
+ ERROR_OUT(-5932 - i * 10, out);
|
|
|
+ }
|
|
|
+ ret = wc_AesCtrEncrypt(dec, plain, cipher, testVec[i].len);
|
|
|
+ if (ret != 0) {
|
|
|
+ ERROR_OUT(-5933 - i * 10, out);
|
|
|
+ }
|
|
|
+
|
|
|
+ if (XMEMCMP(plain, ctrPlain, testVec[i].len)) {
|
|
|
+ ERROR_OUT(-5934 - i * 10, out);
|
|
|
+ }
|
|
|
+ if (XMEMCMP(cipher, testVec[i].cipher, testVec[i].len)) {
|
|
|
+ ERROR_OUT(-5935 - i * 10, out);
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+out:
|
|
|
+ return ret;
|
|
|
+}
|
|
|
+#endif /* WOLFSSL_AES_COUNTER */
|
|
|
+
|
|
|
|
|
|
WOLFSSL_TEST_SUBROUTINE int aes_test(void)
|
|
|
{
|
|
|
@@ -8887,457 +9490,11 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
|
|
|
#endif /* HAVE_AES_CBC */
|
|
|
|
|
|
#ifdef WOLFSSL_AES_COUNTER
|
|
|
- {
|
|
|
- /* test vectors from "Recommendation for Block Cipher Modes of
|
|
|
- * Operation" NIST Special Publication 800-38A */
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctrIv[] =
|
|
|
- {
|
|
|
- 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
|
|
|
- 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctrPlain[] =
|
|
|
- {
|
|
|
- 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
|
|
|
- 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
|
|
|
- 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,
|
|
|
- 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
|
|
|
- 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,
|
|
|
- 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
|
|
|
- 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,
|
|
|
- 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctrIvWrap[] =
|
|
|
- {
|
|
|
- 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
|
|
|
- 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff
|
|
|
- };
|
|
|
-
|
|
|
-#ifdef WOLFSSL_AES_128
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte oddCipher[] =
|
|
|
- {
|
|
|
- 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
|
|
|
- 0xc2
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr128Key[] =
|
|
|
- {
|
|
|
- 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
|
|
|
- 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr128Cipher[] =
|
|
|
- {
|
|
|
- 0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26,
|
|
|
- 0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce,
|
|
|
- 0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff,
|
|
|
- 0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff,
|
|
|
- 0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e,
|
|
|
- 0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab,
|
|
|
- 0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1,
|
|
|
- 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr128WrapCipher[] =
|
|
|
- {
|
|
|
- 0xe1,0x33,0x38,0xe3,0x6c,0xb7,0x19,0x62,
|
|
|
- 0xe0,0x0d,0x02,0x0b,0x4c,0xed,0xbd,0x86,
|
|
|
- 0xd3,0xda,0xe1,0x5b,0x04
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr128WrapCipherLong[] =
|
|
|
- {
|
|
|
- 0xe1,0x33,0x38,0xe3,0x6c,0xb7,0x19,0x62,
|
|
|
- 0xe0,0x0d,0x02,0x0b,0x4c,0xed,0xbd,0x86,
|
|
|
- 0xd3,0xda,0xe1,0x5b,0x04,0xbb,0x35,0x2f,
|
|
|
- 0xa0,0xf5,0x9f,0xeb,0xfc,0xb4,0xda,0x3e
|
|
|
- };
|
|
|
-#endif /* WOLFSSL_AES_128 */
|
|
|
-
|
|
|
-#ifdef WOLFSSL_AES_192
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr192Key[] =
|
|
|
- {
|
|
|
- 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
|
|
|
- 0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,
|
|
|
- 0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr192Cipher[] =
|
|
|
- {
|
|
|
- 0x1a,0xbc,0x93,0x24,0x17,0x52,0x1c,0xa2,
|
|
|
- 0x4f,0x2b,0x04,0x59,0xfe,0x7e,0x6e,0x0b,
|
|
|
- 0x09,0x03,0x39,0xec,0x0a,0xa6,0xfa,0xef,
|
|
|
- 0xd5,0xcc,0xc2,0xc6,0xf4,0xce,0x8e,0x94,
|
|
|
- 0x1e,0x36,0xb2,0x6b,0xd1,0xeb,0xc6,0x70,
|
|
|
- 0xd1,0xbd,0x1d,0x66,0x56,0x20,0xab,0xf7,
|
|
|
- 0x4f,0x78,0xa7,0xf6,0xd2,0x98,0x09,0x58,
|
|
|
- 0x5a,0x97,0xda,0xec,0x58,0xc6,0xb0,0x50
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr192WrapCipher[] =
|
|
|
- {
|
|
|
- 0x5c,0xc3,0x8f,0xab,0x30,0xb6,0xac,0x67,
|
|
|
- 0xdc,0xc2,0x1e,0x7b,0x01,0x2e,0xcf,0x98,
|
|
|
- 0x8c,0x68,0xa7,0xd9,0x57
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr192WrapCipherLong[] =
|
|
|
- {
|
|
|
- 0x5c,0xc3,0x8f,0xab,0x30,0xb6,0xac,0x67,
|
|
|
- 0xdc,0xc2,0x1e,0x7b,0x01,0x2e,0xcf,0x98,
|
|
|
- 0x8c,0x68,0xa7,0xd9,0x57,0xab,0x09,0x0f,
|
|
|
- 0x01,0xc4,0x4e,0x62,0xaf,0xc2,0xdf,0x1a,
|
|
|
- };
|
|
|
-#endif
|
|
|
-#ifdef WOLFSSL_AES_256
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr256Key[] =
|
|
|
- {
|
|
|
- 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
|
|
|
- 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
|
|
|
- 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
|
|
|
- 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr256Cipher[] =
|
|
|
- {
|
|
|
- 0x60,0x1e,0xc3,0x13,0x77,0x57,0x89,0xa5,
|
|
|
- 0xb7,0xa7,0xf5,0x04,0xbb,0xf3,0xd2,0x28,
|
|
|
- 0xf4,0x43,0xe3,0xca,0x4d,0x62,0xb5,0x9a,
|
|
|
- 0xca,0x84,0xe9,0x90,0xca,0xca,0xf5,0xc5,
|
|
|
- 0x2b,0x09,0x30,0xda,0xa2,0x3d,0xe9,0x4c,
|
|
|
- 0xe8,0x70,0x17,0xba,0x2d,0x84,0x98,0x8d,
|
|
|
- 0xdf,0xc9,0xc5,0x8d,0xb6,0x7a,0xad,0xa6,
|
|
|
- 0x13,0xc2,0xdd,0x08,0x45,0x79,0x41,0xa6
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr256WrapCipher[] =
|
|
|
- {
|
|
|
- 0x50,0xfd,0x97,0xc3,0xe6,0x1a,0xbb,0x48,
|
|
|
- 0x73,0xfb,0x78,0xdf,0x1e,0x8e,0x77,0xe6,
|
|
|
- 0x4b,0x45,0x7c,0xd6,0x8a
|
|
|
- };
|
|
|
-
|
|
|
- WOLFSSL_SMALL_STACK_STATIC const byte ctr256WrapCipherLong[] =
|
|
|
- {
|
|
|
- 0x50,0xfd,0x97,0xc3,0xe6,0x1a,0xbb,0x48,
|
|
|
- 0x73,0xfb,0x78,0xdf,0x1e,0x8e,0x77,0xe6,
|
|
|
- 0x4b,0x45,0x7c,0xd6,0x8a,0xcc,0xda,0x4a,
|
|
|
- 0x89,0xfa,0x23,0x6c,0x06,0xbf,0x26,0x05,
|
|
|
- };
|
|
|
+ ret = aesctr_test(enc, dec, cipher, plain);
|
|
|
+ if (ret != 0)
|
|
|
+ return ret;
|
|
|
#endif
|
|
|
|
|
|
-#ifdef WOLFSSL_AES_128
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr128Key, sizeof(ctr128Key),
|
|
|
- ctrIv, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5930, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr128Key, sizeof(ctr128Key),
|
|
|
- ctrIv, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5931, out);
|
|
|
- }
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(ctrPlain));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5932, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(ctrPlain));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5933, out);
|
|
|
- }
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain)))
|
|
|
- ERROR_OUT(-5934, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, ctr128Cipher, sizeof(ctr128Cipher)))
|
|
|
- ERROR_OUT(-5935, out);
|
|
|
-
|
|
|
- /* let's try with just 9 bytes, non block size test */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr128Key, AES_BLOCK_SIZE,
|
|
|
- ctrIv, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5936, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr128Key, AES_BLOCK_SIZE,
|
|
|
- ctrIv, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5937, out);
|
|
|
- }
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5938, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(oddCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5939, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher)))
|
|
|
- ERROR_OUT(-5940, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, ctr128Cipher, sizeof(oddCipher)))
|
|
|
- ERROR_OUT(-5941, out);
|
|
|
-
|
|
|
- /* and an additional 9 bytes to reuse tmp left buffer */
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5942, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(oddCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5943, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher)))
|
|
|
- ERROR_OUT(-5944, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, oddCipher, sizeof(oddCipher)))
|
|
|
- ERROR_OUT(-5945, out);
|
|
|
-
|
|
|
- /* When more than a block but less than two and wrapping ctr */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr128Key, sizeof(ctr128Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5946, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr128Key, sizeof(ctr128Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5947, out);
|
|
|
- }
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(ctr128WrapCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5948, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(ctr128WrapCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5949, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctr128WrapCipher)))
|
|
|
- ERROR_OUT(-5950, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, ctr128WrapCipher, sizeof(ctr128WrapCipher)))
|
|
|
- ERROR_OUT(-5951, out);
|
|
|
-
|
|
|
- /* When more than a block but less than two and wrapping ctr */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr128Key, sizeof(ctr128Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5952, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr128Key, sizeof(ctr128Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5953, out);
|
|
|
- }
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain,
|
|
|
- sizeof(ctr128WrapCipherLong));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5954, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher,
|
|
|
- sizeof(ctr128WrapCipherLong));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5955, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctr128WrapCipherLong)))
|
|
|
- ERROR_OUT(-5956, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, ctr128WrapCipherLong, sizeof(ctr128WrapCipherLong)))
|
|
|
- ERROR_OUT(-5957, out);
|
|
|
-#endif /* WOLFSSL_AES_128 */
|
|
|
-
|
|
|
-#ifdef WOLFSSL_AES_192
|
|
|
- /* 192 bit key */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr192Key, sizeof(ctr192Key),
|
|
|
- ctrIv, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5958, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr192Key, sizeof(ctr192Key),
|
|
|
- ctrIv, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5959, out);
|
|
|
- }
|
|
|
-
|
|
|
- XMEMSET(plain, 0, sizeof(plain));
|
|
|
- ret = wc_AesCtrEncrypt(enc, plain, ctr192Cipher, sizeof(ctr192Cipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5960, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctr192Cipher)))
|
|
|
- ERROR_OUT(-5961, out);
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(dec, cipher, ctrPlain, sizeof(ctrPlain));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5962, out);
|
|
|
- }
|
|
|
- if (XMEMCMP(ctr192Cipher, cipher, sizeof(ctr192Cipher)))
|
|
|
- ERROR_OUT(-5963, out);
|
|
|
-
|
|
|
- /* When more than a block but less than two and wrapping ctr */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr192Key, sizeof(ctr192Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5964, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr192Key, sizeof(ctr192Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5965, out);
|
|
|
- }
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(ctr192WrapCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5966, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(ctr192WrapCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5967, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctr192WrapCipher)))
|
|
|
- ERROR_OUT(-5968, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, ctr192WrapCipher, sizeof(ctr192WrapCipher)))
|
|
|
- ERROR_OUT(-5969, out);
|
|
|
-
|
|
|
- /* When more than a block but less than two and wrapping ctr */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr192Key, sizeof(ctr192Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5970, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr192Key, sizeof(ctr192Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5971, out);
|
|
|
- }
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain,
|
|
|
- sizeof(ctr192WrapCipherLong));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5972, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher,
|
|
|
- sizeof(ctr192WrapCipherLong));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5973, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctr192WrapCipherLong)))
|
|
|
- ERROR_OUT(-5974, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, ctr192WrapCipherLong, sizeof(ctr192WrapCipherLong)))
|
|
|
- ERROR_OUT(-5975, out);
|
|
|
-#endif /* WOLFSSL_AES_192 */
|
|
|
-
|
|
|
-#ifdef WOLFSSL_AES_256
|
|
|
- /* 256 bit key */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr256Key, sizeof(ctr256Key),
|
|
|
- ctrIv, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5976, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr256Key, sizeof(ctr256Key),
|
|
|
- ctrIv, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5977, out);
|
|
|
- }
|
|
|
-
|
|
|
- XMEMSET(plain, 0, sizeof(plain));
|
|
|
- ret = wc_AesCtrEncrypt(enc, plain, ctr256Cipher, sizeof(ctr256Cipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5978, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain)))
|
|
|
- ERROR_OUT(-5979, out);
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(dec, cipher, ctrPlain, sizeof(ctrPlain));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5980, out);
|
|
|
- }
|
|
|
- if (XMEMCMP(ctr256Cipher, cipher, sizeof(ctr256Cipher)))
|
|
|
- ERROR_OUT(-5981, out);
|
|
|
-
|
|
|
- /* When more than a block but less than two and wrapping ctr */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr256Key, sizeof(ctr256Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5982, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr256Key, sizeof(ctr256Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5983, out);
|
|
|
- }
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(ctr256WrapCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5984, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(ctr256WrapCipher));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5985, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctr256WrapCipher)))
|
|
|
- ERROR_OUT(-5986, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, ctr256WrapCipher, sizeof(ctr256WrapCipher)))
|
|
|
- ERROR_OUT(-5987, out);
|
|
|
-
|
|
|
- /* When more than a block but less than two and wrapping ctr */
|
|
|
- ret = wc_AesSetKeyDirect(enc, ctr256Key, sizeof(ctr256Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5888, out);
|
|
|
- }
|
|
|
- /* Ctr only uses encrypt, even on key setup */
|
|
|
- ret = wc_AesSetKeyDirect(dec, ctr256Key, sizeof(ctr256Key),
|
|
|
- ctrIvWrap, AES_ENCRYPTION);
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5989, out);
|
|
|
- }
|
|
|
-
|
|
|
- ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain,
|
|
|
- sizeof(ctr256WrapCipherLong));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5990, out);
|
|
|
- }
|
|
|
- ret = wc_AesCtrEncrypt(dec, plain, cipher,
|
|
|
- sizeof(ctr256WrapCipherLong));
|
|
|
- if (ret != 0) {
|
|
|
- ERROR_OUT(-5991, out);
|
|
|
- }
|
|
|
-
|
|
|
- if (XMEMCMP(plain, ctrPlain, sizeof(ctr256WrapCipherLong)))
|
|
|
- ERROR_OUT(-5992, out);
|
|
|
-
|
|
|
- if (XMEMCMP(cipher, ctr256WrapCipherLong, sizeof(ctr256WrapCipherLong)))
|
|
|
- ERROR_OUT(-5993, out);
|
|
|
-#endif /* WOLFSSL_AES_256 */
|
|
|
- }
|
|
|
-#endif /* WOLFSSL_AES_COUNTER */
|
|
|
-
|
|
|
#if defined(WOLFSSL_AES_DIRECT) && defined(WOLFSSL_AES_256)
|
|
|
{
|
|
|
WOLFSSL_SMALL_STACK_STATIC const byte niPlain[] =
|
Sean Parkinson