test-crypto-xts.c (21671B)
1/* 2 * QEMU Crypto XTS cipher mode 3 * 4 * Copyright (c) 2015-2018 Red Hat, Inc. 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 * 19 * This code is originally derived from public domain / WTFPL code in 20 * LibTomCrypt crytographic library http://libtom.org. The XTS code 21 * was donated by Elliptic Semiconductor Inc (www.ellipticsemi.com) 22 * to the LibTom Projects 23 * 24 */ 25 26#include "qemu/osdep.h" 27#include "crypto/init.h" 28#include "crypto/xts.h" 29#include "crypto/aes.h" 30 31typedef struct { 32 const char *path; 33 int keylen; 34 unsigned char key1[32]; 35 unsigned char key2[32]; 36 uint64_t seqnum; 37 unsigned long PTLEN; 38 unsigned char PTX[512], CTX[512]; 39} QCryptoXTSTestData; 40 41static const QCryptoXTSTestData test_data[] = { 42 /* #1 32 byte key, 32 byte PTX */ 43 { 44 "/crypto/xts/t-1-key-32-ptx-32", 45 32, 46 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 47 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, 48 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 49 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, 50 0, 51 32, 52 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 53 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 54 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 55 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, 56 { 0x91, 0x7c, 0xf6, 0x9e, 0xbd, 0x68, 0xb2, 0xec, 57 0x9b, 0x9f, 0xe9, 0xa3, 0xea, 0xdd, 0xa6, 0x92, 58 0xcd, 0x43, 0xd2, 0xf5, 0x95, 0x98, 0xed, 0x85, 59 0x8c, 0x02, 0xc2, 0x65, 0x2f, 0xbf, 0x92, 0x2e }, 60 }, 61 62 /* #2, 32 byte key, 32 byte PTX */ 63 { 64 "/crypto/xts/t-2-key-32-ptx-32", 65 32, 66 { 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 67 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11 }, 68 { 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 69 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 }, 70 0x3333333333LL, 71 32, 72 { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 73 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 74 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 75 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 }, 76 { 0xc4, 0x54, 0x18, 0x5e, 0x6a, 0x16, 0x93, 0x6e, 77 0x39, 0x33, 0x40, 0x38, 0xac, 0xef, 0x83, 0x8b, 78 0xfb, 0x18, 0x6f, 0xff, 0x74, 0x80, 0xad, 0xc4, 79 0x28, 0x93, 0x82, 0xec, 0xd6, 0xd3, 0x94, 0xf0 }, 80 }, 81 82 /* #5 from xts.7, 32 byte key, 32 byte PTX */ 83 { 84 "/crypto/xts/t-5-key-32-ptx-32", 85 32, 86 { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8, 87 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 }, 88 { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8, 89 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 }, 90 0x123456789aLL, 91 32, 92 { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 93 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 94 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 95 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 }, 96 { 0xb0, 0x1f, 0x86, 0xf8, 0xed, 0xc1, 0x86, 0x37, 97 0x06, 0xfa, 0x8a, 0x42, 0x53, 0xe3, 0x4f, 0x28, 98 0xaf, 0x31, 0x9d, 0xe3, 0x83, 0x34, 0x87, 0x0f, 99 0x4d, 0xd1, 0xf9, 0x4c, 0xbe, 0x98, 0x32, 0xf1 }, 100 }, 101 102 /* #4, 32 byte key, 512 byte PTX */ 103 { 104 "/crypto/xts/t-4-key-32-ptx-512", 105 32, 106 { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 107 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26 }, 108 { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 109 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95 }, 110 0, 111 512, 112 { 113 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 114 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 115 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 116 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 117 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 118 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 119 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 120 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 121 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 122 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 123 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 124 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, 125 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 126 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 127 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 128 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 129 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 130 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 131 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 132 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, 133 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 134 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 135 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 136 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, 137 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 138 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 139 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 140 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 141 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 142 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 143 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 144 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, 145 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 146 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 147 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 148 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 149 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 150 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 151 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 152 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 153 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 154 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 155 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 156 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, 157 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 158 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 159 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 160 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 161 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 162 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 163 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 164 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, 165 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 166 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 167 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 168 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, 169 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 170 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 171 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 172 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 173 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 174 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 175 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 176 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, 177 }, 178 { 179 0x27, 0xa7, 0x47, 0x9b, 0xef, 0xa1, 0xd4, 0x76, 180 0x48, 0x9f, 0x30, 0x8c, 0xd4, 0xcf, 0xa6, 0xe2, 181 0xa9, 0x6e, 0x4b, 0xbe, 0x32, 0x08, 0xff, 0x25, 182 0x28, 0x7d, 0xd3, 0x81, 0x96, 0x16, 0xe8, 0x9c, 183 0xc7, 0x8c, 0xf7, 0xf5, 0xe5, 0x43, 0x44, 0x5f, 184 0x83, 0x33, 0xd8, 0xfa, 0x7f, 0x56, 0x00, 0x00, 185 0x05, 0x27, 0x9f, 0xa5, 0xd8, 0xb5, 0xe4, 0xad, 186 0x40, 0xe7, 0x36, 0xdd, 0xb4, 0xd3, 0x54, 0x12, 187 0x32, 0x80, 0x63, 0xfd, 0x2a, 0xab, 0x53, 0xe5, 188 0xea, 0x1e, 0x0a, 0x9f, 0x33, 0x25, 0x00, 0xa5, 189 0xdf, 0x94, 0x87, 0xd0, 0x7a, 0x5c, 0x92, 0xcc, 190 0x51, 0x2c, 0x88, 0x66, 0xc7, 0xe8, 0x60, 0xce, 191 0x93, 0xfd, 0xf1, 0x66, 0xa2, 0x49, 0x12, 0xb4, 192 0x22, 0x97, 0x61, 0x46, 0xae, 0x20, 0xce, 0x84, 193 0x6b, 0xb7, 0xdc, 0x9b, 0xa9, 0x4a, 0x76, 0x7a, 194 0xae, 0xf2, 0x0c, 0x0d, 0x61, 0xad, 0x02, 0x65, 195 0x5e, 0xa9, 0x2d, 0xc4, 0xc4, 0xe4, 0x1a, 0x89, 196 0x52, 0xc6, 0x51, 0xd3, 0x31, 0x74, 0xbe, 0x51, 197 0xa1, 0x0c, 0x42, 0x11, 0x10, 0xe6, 0xd8, 0x15, 198 0x88, 0xed, 0xe8, 0x21, 0x03, 0xa2, 0x52, 0xd8, 199 0xa7, 0x50, 0xe8, 0x76, 0x8d, 0xef, 0xff, 0xed, 200 0x91, 0x22, 0x81, 0x0a, 0xae, 0xb9, 0x9f, 0x91, 201 0x72, 0xaf, 0x82, 0xb6, 0x04, 0xdc, 0x4b, 0x8e, 202 0x51, 0xbc, 0xb0, 0x82, 0x35, 0xa6, 0xf4, 0x34, 203 0x13, 0x32, 0xe4, 0xca, 0x60, 0x48, 0x2a, 0x4b, 204 0xa1, 0xa0, 0x3b, 0x3e, 0x65, 0x00, 0x8f, 0xc5, 205 0xda, 0x76, 0xb7, 0x0b, 0xf1, 0x69, 0x0d, 0xb4, 206 0xea, 0xe2, 0x9c, 0x5f, 0x1b, 0xad, 0xd0, 0x3c, 207 0x5c, 0xcf, 0x2a, 0x55, 0xd7, 0x05, 0xdd, 0xcd, 208 0x86, 0xd4, 0x49, 0x51, 0x1c, 0xeb, 0x7e, 0xc3, 209 0x0b, 0xf1, 0x2b, 0x1f, 0xa3, 0x5b, 0x91, 0x3f, 210 0x9f, 0x74, 0x7a, 0x8a, 0xfd, 0x1b, 0x13, 0x0e, 211 0x94, 0xbf, 0xf9, 0x4e, 0xff, 0xd0, 0x1a, 0x91, 212 0x73, 0x5c, 0xa1, 0x72, 0x6a, 0xcd, 0x0b, 0x19, 213 0x7c, 0x4e, 0x5b, 0x03, 0x39, 0x36, 0x97, 0xe1, 214 0x26, 0x82, 0x6f, 0xb6, 0xbb, 0xde, 0x8e, 0xcc, 215 0x1e, 0x08, 0x29, 0x85, 0x16, 0xe2, 0xc9, 0xed, 216 0x03, 0xff, 0x3c, 0x1b, 0x78, 0x60, 0xf6, 0xde, 217 0x76, 0xd4, 0xce, 0xcd, 0x94, 0xc8, 0x11, 0x98, 218 0x55, 0xef, 0x52, 0x97, 0xca, 0x67, 0xe9, 0xf3, 219 0xe7, 0xff, 0x72, 0xb1, 0xe9, 0x97, 0x85, 0xca, 220 0x0a, 0x7e, 0x77, 0x20, 0xc5, 0xb3, 0x6d, 0xc6, 221 0xd7, 0x2c, 0xac, 0x95, 0x74, 0xc8, 0xcb, 0xbc, 222 0x2f, 0x80, 0x1e, 0x23, 0xe5, 0x6f, 0xd3, 0x44, 223 0xb0, 0x7f, 0x22, 0x15, 0x4b, 0xeb, 0xa0, 0xf0, 224 0x8c, 0xe8, 0x89, 0x1e, 0x64, 0x3e, 0xd9, 0x95, 225 0xc9, 0x4d, 0x9a, 0x69, 0xc9, 0xf1, 0xb5, 0xf4, 226 0x99, 0x02, 0x7a, 0x78, 0x57, 0x2a, 0xee, 0xbd, 227 0x74, 0xd2, 0x0c, 0xc3, 0x98, 0x81, 0xc2, 0x13, 228 0xee, 0x77, 0x0b, 0x10, 0x10, 0xe4, 0xbe, 0xa7, 229 0x18, 0x84, 0x69, 0x77, 0xae, 0x11, 0x9f, 0x7a, 230 0x02, 0x3a, 0xb5, 0x8c, 0xca, 0x0a, 0xd7, 0x52, 231 0xaf, 0xe6, 0x56, 0xbb, 0x3c, 0x17, 0x25, 0x6a, 232 0x9f, 0x6e, 0x9b, 0xf1, 0x9f, 0xdd, 0x5a, 0x38, 233 0xfc, 0x82, 0xbb, 0xe8, 0x72, 0xc5, 0x53, 0x9e, 234 0xdb, 0x60, 0x9e, 0xf4, 0xf7, 0x9c, 0x20, 0x3e, 235 0xbb, 0x14, 0x0f, 0x2e, 0x58, 0x3c, 0xb2, 0xad, 236 0x15, 0xb4, 0xaa, 0x5b, 0x65, 0x50, 0x16, 0xa8, 237 0x44, 0x92, 0x77, 0xdb, 0xd4, 0x77, 0xef, 0x2c, 238 0x8d, 0x6c, 0x01, 0x7d, 0xb7, 0x38, 0xb1, 0x8d, 239 0xeb, 0x4a, 0x42, 0x7d, 0x19, 0x23, 0xce, 0x3f, 240 0xf2, 0x62, 0x73, 0x57, 0x79, 0xa4, 0x18, 0xf2, 241 0x0a, 0x28, 0x2d, 0xf9, 0x20, 0x14, 0x7b, 0xea, 242 0xbe, 0x42, 0x1e, 0xe5, 0x31, 0x9d, 0x05, 0x68, 243 } 244 }, 245 246 /* #7, 32 byte key, 17 byte PTX */ 247 { 248 "/crypto/xts/t-7-key-32-ptx-17", 249 32, 250 { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8, 251 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 }, 252 { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8, 253 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 }, 254 0x123456789aLL, 255 17, 256 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 257 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10 }, 258 { 0x6c, 0x16, 0x25, 0xdb, 0x46, 0x71, 0x52, 0x2d, 259 0x3d, 0x75, 0x99, 0x60, 0x1d, 0xe7, 0xca, 0x09, 0xed }, 260 }, 261 262 /* #15, 32 byte key, 25 byte PTX */ 263 { 264 "/crypto/xts/t-15-key-32-ptx-25", 265 32, 266 { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8, 267 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 }, 268 { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8, 269 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 }, 270 0x123456789aLL, 271 25, 272 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 273 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 274 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18 }, 275 { 0x8f, 0x4d, 0xcb, 0xad, 0x55, 0x55, 0x8d, 0x7b, 276 0x4e, 0x01, 0xd9, 0x37, 0x9c, 0xd4, 0xea, 0x22, 277 0xed, 0xbf, 0x9d, 0xac, 0xe4, 0x5d, 0x6f, 0x6a, 0x73 }, 278 }, 279 280 /* #21, 32 byte key, 31 byte PTX */ 281 { 282 "/crypto/xts/t-21-key-32-ptx-31", 283 32, 284 { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8, 285 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0 }, 286 { 0xbf, 0xbe, 0xbd, 0xbc, 0xbb, 0xba, 0xb9, 0xb8, 287 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, 0xb0 }, 288 0x123456789aLL, 289 31, 290 { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 291 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 292 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 293 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, 294 { 0xd0, 0x5b, 0xc0, 0x90, 0xa8, 0xe0, 0x4f, 0x1b, 295 0x3d, 0x3e, 0xcd, 0xd5, 0xba, 0xec, 0x0f, 0xd4, 296 0xed, 0xbf, 0x9d, 0xac, 0xe4, 0x5d, 0x6f, 0x6a, 297 0x73, 0x06, 0xe6, 0x4b, 0xe5, 0xdd, 0x82 }, 298 }, 299}; 300 301#define STORE64L(x, y) \ 302 do { \ 303 (y)[7] = (unsigned char)(((x) >> 56) & 255); \ 304 (y)[6] = (unsigned char)(((x) >> 48) & 255); \ 305 (y)[5] = (unsigned char)(((x) >> 40) & 255); \ 306 (y)[4] = (unsigned char)(((x) >> 32) & 255); \ 307 (y)[3] = (unsigned char)(((x) >> 24) & 255); \ 308 (y)[2] = (unsigned char)(((x) >> 16) & 255); \ 309 (y)[1] = (unsigned char)(((x) >> 8) & 255); \ 310 (y)[0] = (unsigned char)((x) & 255); \ 311 } while (0) 312 313struct TestAES { 314 AES_KEY enc; 315 AES_KEY dec; 316}; 317 318static void test_xts_aes_encrypt(const void *ctx, 319 size_t length, 320 uint8_t *dst, 321 const uint8_t *src) 322{ 323 const struct TestAES *aesctx = ctx; 324 325 AES_encrypt(src, dst, &aesctx->enc); 326} 327 328 329static void test_xts_aes_decrypt(const void *ctx, 330 size_t length, 331 uint8_t *dst, 332 const uint8_t *src) 333{ 334 const struct TestAES *aesctx = ctx; 335 336 AES_decrypt(src, dst, &aesctx->dec); 337} 338 339 340static void test_xts(const void *opaque) 341{ 342 const QCryptoXTSTestData *data = opaque; 343 uint8_t out[512], Torg[16], T[16]; 344 uint64_t seq; 345 struct TestAES aesdata; 346 struct TestAES aestweak; 347 348 AES_set_encrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.enc); 349 AES_set_decrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.dec); 350 AES_set_encrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.enc); 351 AES_set_decrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.dec); 352 353 seq = data->seqnum; 354 STORE64L(seq, Torg); 355 memset(Torg + 8, 0, 8); 356 357 memcpy(T, Torg, sizeof(T)); 358 xts_encrypt(&aesdata, &aestweak, 359 test_xts_aes_encrypt, 360 test_xts_aes_decrypt, 361 T, data->PTLEN, out, data->PTX); 362 363 g_assert(memcmp(out, data->CTX, data->PTLEN) == 0); 364 365 memcpy(T, Torg, sizeof(T)); 366 xts_decrypt(&aesdata, &aestweak, 367 test_xts_aes_encrypt, 368 test_xts_aes_decrypt, 369 T, data->PTLEN, out, data->CTX); 370 371 g_assert(memcmp(out, data->PTX, data->PTLEN) == 0); 372} 373 374 375static void test_xts_split(const void *opaque) 376{ 377 const QCryptoXTSTestData *data = opaque; 378 uint8_t out[512], Torg[16], T[16]; 379 uint64_t seq; 380 unsigned long len = data->PTLEN / 2; 381 struct TestAES aesdata; 382 struct TestAES aestweak; 383 384 AES_set_encrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.enc); 385 AES_set_decrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.dec); 386 AES_set_encrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.enc); 387 AES_set_decrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.dec); 388 389 seq = data->seqnum; 390 STORE64L(seq, Torg); 391 memset(Torg + 8, 0, 8); 392 393 memcpy(T, Torg, sizeof(T)); 394 xts_encrypt(&aesdata, &aestweak, 395 test_xts_aes_encrypt, 396 test_xts_aes_decrypt, 397 T, len, out, data->PTX); 398 xts_encrypt(&aesdata, &aestweak, 399 test_xts_aes_encrypt, 400 test_xts_aes_decrypt, 401 T, len, &out[len], &data->PTX[len]); 402 403 g_assert(memcmp(out, data->CTX, data->PTLEN) == 0); 404 405 memcpy(T, Torg, sizeof(T)); 406 xts_decrypt(&aesdata, &aestweak, 407 test_xts_aes_encrypt, 408 test_xts_aes_decrypt, 409 T, len, out, data->CTX); 410 xts_decrypt(&aesdata, &aestweak, 411 test_xts_aes_encrypt, 412 test_xts_aes_decrypt, 413 T, len, &out[len], &data->CTX[len]); 414 415 g_assert(memcmp(out, data->PTX, data->PTLEN) == 0); 416} 417 418 419static void test_xts_unaligned(const void *opaque) 420{ 421#define BAD_ALIGN 3 422 const QCryptoXTSTestData *data = opaque; 423 uint8_t in[512 + BAD_ALIGN], out[512 + BAD_ALIGN]; 424 uint8_t Torg[16], T[16 + BAD_ALIGN]; 425 uint64_t seq; 426 struct TestAES aesdata; 427 struct TestAES aestweak; 428 429 AES_set_encrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.enc); 430 AES_set_decrypt_key(data->key1, data->keylen / 2 * 8, &aesdata.dec); 431 AES_set_encrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.enc); 432 AES_set_decrypt_key(data->key2, data->keylen / 2 * 8, &aestweak.dec); 433 434 seq = data->seqnum; 435 STORE64L(seq, Torg); 436 memset(Torg + 8, 0, 8); 437 438 /* IV not aligned */ 439 memcpy(T + BAD_ALIGN, Torg, 16); 440 memcpy(in, data->PTX, data->PTLEN); 441 xts_encrypt(&aesdata, &aestweak, 442 test_xts_aes_encrypt, 443 test_xts_aes_decrypt, 444 T + BAD_ALIGN, data->PTLEN, out, in); 445 446 g_assert(memcmp(out, data->CTX, data->PTLEN) == 0); 447 448 /* plain text not aligned */ 449 memcpy(T, Torg, 16); 450 memcpy(in + BAD_ALIGN, data->PTX, data->PTLEN); 451 xts_encrypt(&aesdata, &aestweak, 452 test_xts_aes_encrypt, 453 test_xts_aes_decrypt, 454 T, data->PTLEN, out, in + BAD_ALIGN); 455 456 g_assert(memcmp(out, data->CTX, data->PTLEN) == 0); 457 458 /* cipher text not aligned */ 459 memcpy(T, Torg, 16); 460 memcpy(in, data->PTX, data->PTLEN); 461 xts_encrypt(&aesdata, &aestweak, 462 test_xts_aes_encrypt, 463 test_xts_aes_decrypt, 464 T, data->PTLEN, out + BAD_ALIGN, in); 465 466 g_assert(memcmp(out + BAD_ALIGN, data->CTX, data->PTLEN) == 0); 467 468 469 /* IV not aligned */ 470 memcpy(T + BAD_ALIGN, Torg, 16); 471 memcpy(in, data->CTX, data->PTLEN); 472 xts_decrypt(&aesdata, &aestweak, 473 test_xts_aes_encrypt, 474 test_xts_aes_decrypt, 475 T + BAD_ALIGN, data->PTLEN, out, in); 476 477 g_assert(memcmp(out, data->PTX, data->PTLEN) == 0); 478 479 /* cipher text not aligned */ 480 memcpy(T, Torg, 16); 481 memcpy(in + BAD_ALIGN, data->CTX, data->PTLEN); 482 xts_decrypt(&aesdata, &aestweak, 483 test_xts_aes_encrypt, 484 test_xts_aes_decrypt, 485 T, data->PTLEN, out, in + BAD_ALIGN); 486 487 g_assert(memcmp(out, data->PTX, data->PTLEN) == 0); 488 489 /* plain text not aligned */ 490 memcpy(T, Torg, 16); 491 memcpy(in, data->CTX, data->PTLEN); 492 xts_decrypt(&aesdata, &aestweak, 493 test_xts_aes_encrypt, 494 test_xts_aes_decrypt, 495 T, data->PTLEN, out + BAD_ALIGN, in); 496 497 g_assert(memcmp(out + BAD_ALIGN, data->PTX, data->PTLEN) == 0); 498} 499 500 501int main(int argc, char **argv) 502{ 503 size_t i; 504 505 g_test_init(&argc, &argv, NULL); 506 507 g_assert(qcrypto_init(NULL) == 0); 508 509 for (i = 0; i < G_N_ELEMENTS(test_data); i++) { 510 gchar *path = g_strdup_printf("%s/basic", test_data[i].path); 511 g_test_add_data_func(path, &test_data[i], test_xts); 512 g_free(path); 513 514 /* skip the cases where the length is smaller than 2*blocklen 515 * or the length is not a multiple of 32 516 */ 517 if ((test_data[i].PTLEN >= 32) && !(test_data[i].PTLEN % 32)) { 518 path = g_strdup_printf("%s/split", test_data[i].path); 519 g_test_add_data_func(path, &test_data[i], test_xts_split); 520 g_free(path); 521 } 522 523 path = g_strdup_printf("%s/unaligned", test_data[i].path); 524 g_test_add_data_func(path, &test_data[i], test_xts_unaligned); 525 g_free(path); 526 } 527 528 return g_test_run(); 529}