kaspar/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2025-12-25 06:23:53 +01:00
Code Releases Activity

Merge pull request #16183 from Ollrogge/aes_pr

Browse Source 
sys/crypto: Enable support for AES-192, AES-256
This commit is contained in:
Leandro Lanzieri 2021-05-05 09:19:12 +02:00 committed by GitHub
commit d36628d37e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
40 changed files with 8147 additions and 156 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
makefiles/pseudomodules.inc.mk
View File

@ -20,7 +20,6 @@ PSEUDOMODULES += core_%
PSEUDOMODULES += cortexm_fpu
PSEUDOMODULES += cortexm_svc
PSEUDOMODULES += cpu_check_address
PSEUDOMODULES += crypto_% # crypto_aes or crypto_3des
PSEUDOMODULES += dbgpin
PSEUDOMODULES += devfs_%
PSEUDOMODULES += dhcpv6_%
@ -306,6 +305,9 @@ PSEUDOMODULES += skald_eddystone
# define optimized read function of DS18 driver as a pseudo module
PSEUDOMODULES += ds18_optimized
PSEUDOMODULES += crypto_aes_128
PSEUDOMODULES += crypto_aes_192
PSEUDOMODULES += crypto_aes_256
# By using this pseudomodule, T tables will be precalculated.
PSEUDOMODULES += crypto_aes_precalculated
# This pseudomodule causes a loop in AES to be unrolled (more flash, less CPU)

1
pkg/openwsn/Makefile.dep
View File

@ -44,7 +44,6 @@ ifneq (,$(filter openwsn_coap,$(USEMODULE)))
endif
ifneq (,$(filter openwsn_crypto,$(USEMODULE)))
USEMODULE += crypto_3des
USEMODULE += cipher_modes
endif

6
pkg/openwsn/contrib/cryptoengine.c
View File

@ -38,7 +38,7 @@ owerror_t cryptoengine_aes_ccms_enc(uint8_t *a, uint8_t len_a, uint8_t *m,
int ret, len;
uint8_t tmp_buff[MAX_MESSAGE_LEN + CCM_MAC_MAX_LEN];
ret = cipher_init(&cipher, CIPHER_AES_128, key, CCM_BLOCK_SIZE);
ret = cipher_init(&cipher, CIPHER_AES, key, CCM_BLOCK_SIZE);
if (ret != 1) {
return E_FAIL;
@ -64,7 +64,7 @@ owerror_t cryptoengine_aes_ccms_dec(uint8_t *a, uint8_t len_a, uint8_t *m,
int ret, len;
uint8_t tmp_buff[MAX_MESSAGE_LEN];
ret = cipher_init(&cipher, CIPHER_AES_128, key, CCM_BLOCK_SIZE);
ret = cipher_init(&cipher, CIPHER_AES, key, CCM_BLOCK_SIZE);
if (ret != 1) {
return E_FAIL;
@ -88,7 +88,7 @@ owerror_t cryptoengine_aes_ecb_enc(uint8_t *buffer, uint8_t *key)
cipher_t cipher;
int ret, len;
ret = cipher_init(&cipher, CIPHER_AES_128, key, CCM_BLOCK_SIZE);
ret = cipher_init(&cipher, CIPHER_AES, key, CCM_BLOCK_SIZE);
if (ret != 1) {
return E_FAIL;

2
pkg/semtech-loramac/Makefile.dep
View File

@ -1,6 +1,6 @@
USEMODULE += random
USEMODULE += hashes
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128
USEMODULE += semtech_loramac_contrib
USEMODULE += semtech_loramac_mac

16
sys/Makefile.dep
View File

@ -42,17 +42,21 @@ ifneq (,$(filter i2c_scan,$(USEMODULE)))
endif
ifneq (,$(filter prng_fortuna,$(USEMODULE)))
USEMODULE += crypto_aes
endif
ifneq (,$(filter crypto_aes_%,$(USEMODULE)))
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128
endif
ifneq (,$(filter crypto_%,$(USEMODULE)))
USEMODULE += crypto
endif
ifneq (,$(filter cipher_modes,$(USEMODULE)))
USEMODULE += crypto
endif
ifneq (,$(filter crypto,$(USEMODULE)))
DEFAULT_MODULE += crypto_aes_128
endif
ifneq (,$(filter sys_bus_%,$(USEMODULE)))
USEMODULE += sys_bus
USEMODULE += core_msg_bus
@ -60,7 +64,7 @@ endif
ifneq (,$(filter ieee802154_security,$(USEMODULE)))
USEMODULE += crypto
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128
USEMODULE += cipher_modes
endif

37
sys/crypto/Kconfig
View File

@ -5,32 +5,23 @@
# directory for more details.
#
menu "Crypto"
config MODULE_CRYPTO
bool "Common cryptographic functionalities"
menuconfig MODULE_CRYPTO
bool "Crypto"
depends on TEST_KCONFIG
choice
bool "Crypto block ciphers API implementation"
optional
depends on TEST_KCONFIG
help
The common Crypto block ciphers API has multiple implementations. Choose
one of the following.
config MODULE_CRYPTO_AES
bool "AES"
select MODULE_CRYPTO
config MODULE_CRYPTO_3DES
bool "3DES (deprecated)"
select MODULE_CRYPTO
endchoice
if MODULE_CRYPTO
menu "Crypto AES options"
depends on MODULE_CRYPTO_AES
config MODULE_CRYPTO_AES_128
bool "AES-128"
default y
config MODULE_CRYPTO_AES_192
bool "AES-192"
config MODULE_CRYPTO_AES_256
bool "AES-256"
config MODULE_CRYPTO_AES_PRECALCULATED
bool "Pre-calculate T tables"
@ -44,4 +35,4 @@ endmenu # Crypto AES options
rsource "modes/Kconfig"
endmenu # Crypto
endif # Crypto

45
sys/crypto/aes.c
View File

@ -39,6 +39,28 @@
#include <stdint.h>
#include "crypto/aes.h"
#include "crypto/ciphers.h"
#include "kernel_defines.h"
#if !IS_USED(MODULE_CRYPTO_AES_128) && !IS_USED(MODULE_CRYPTO_AES_192) && \
!IS_USED(MODULE_CRYPTO_AES_256)
#error "sys/crypto/aes: No aes module used."
#endif
/**
* @brief AES key size used
*/
#if IS_USED(MODULE_CRYPTO_AES_128) && !IS_USED(MODULE_CRYPTO_AES_192) && \
!IS_USED(MODULE_CRYPTO_AES_256)
# define AES_KEY_SIZE(ctx) AES_KEY_SIZE_128
#elif !IS_USED(MODULE_CRYPTO_AES_128) && IS_USED(MODULE_CRYPTO_AES_192) && \
!IS_USED(MODULE_CRYPTO_AES_256)
# define AES_KEY_SIZE(ctx) AES_KEY_SIZE_192
#elif !IS_USED(MODULE_CRYPTO_AES_128) && !IS_USED(MODULE_CRYPTO_AES_192) && \
IS_USED(MODULE_CRYPTO_AES_256)
# define AES_KEY_SIZE(ctx) AES_KEY_SIZE_256
#else
# define AES_KEY_SIZE(ctx) ctx->key_size
#endif
/**
* Interface to the aes cipher
@ -49,7 +71,9 @@ static const cipher_interface_t aes_interface = {
aes_encrypt,
aes_decrypt
};
const cipher_id_t CIPHER_AES_128 = &aes_interface;
const cipher_id_t CIPHER_AES = &aes_interface;
static const u32 Te0[256] = {
0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
@ -794,19 +818,26 @@ static const u32 rcon[] = {
0x1B000000, 0x36000000,
};
int aes_init(cipher_context_t *context, const uint8_t *key, uint8_t keySize)
{
uint8_t i;
/* This implementation only supports a single key size (defined in AES_KEY_SIZE) */
if (keySize != AES_KEY_SIZE) {
if (keySize != AES_KEY_SIZE_128 && keySize != AES_KEY_SIZE_192 &&
keySize != AES_KEY_SIZE_256) {
return CIPHER_ERR_INVALID_KEY_SIZE;
}
if ((keySize == AES_KEY_SIZE_128 && !IS_USED(MODULE_CRYPTO_AES_128)) ||
(keySize == AES_KEY_SIZE_192 && !IS_USED(MODULE_CRYPTO_AES_192)) ||
(keySize == AES_KEY_SIZE_256 && !IS_USED(MODULE_CRYPTO_AES_256))) {
return CIPHER_ERR_INVALID_KEY_SIZE;
}
context->key_size = keySize;
/* Make sure that context is large enough. If this is not the case,
you should build with -DAES */
if (CIPHER_MAX_CONTEXT_SIZE < AES_KEY_SIZE) {
if (CIPHER_MAX_CONTEXT_SIZE < keySize) {
return CIPHER_ERR_BAD_CONTEXT_SIZE;
}
@ -1036,13 +1067,14 @@ int aes_encrypt(const cipher_context_t *context, const uint8_t *plainBlock,
const AES_KEY *key = &aeskey;
res = aes_set_encrypt_key((unsigned char *)context->context,
AES_KEY_SIZE * 8, &aeskey);
AES_KEY_SIZE(context) * 8, &aeskey);
if (res < 0) {
return res;
}
const u32 *rk;
u32 s0, s1, s2, s3, t0, t1, t2, t3;
#ifndef MODULE_CRYPTO_AES_UNROLL
int r;
#endif /* ?MODULE_CRYPTO_AES_UNROLL */
@ -1304,7 +1336,7 @@ int aes_decrypt(const cipher_context_t *context, const uint8_t *cipherBlock,
const AES_KEY *key = &aeskey;
res = aes_set_decrypt_key((unsigned char *)context->context,
AES_KEY_SIZE * 8, &aeskey);
AES_KEY_SIZE(context) * 8, &aeskey);
if (res < 0) {
return res;
@ -1312,6 +1344,7 @@ int aes_decrypt(const cipher_context_t *context, const uint8_t *cipherBlock,
const u32 *rk;
u32 s0, s1, s2, s3, t0, t1, t2, t3;
#ifndef MODULE_CRYPTO_AES_UNROLL
int r;
#endif /* ?MODULE_CRYPTO_AES_UNROLL */

9
sys/crypto/doc.txt
View File

@ -16,12 +16,11 @@
* @section ciphers Ciphers
*
* RIOT supports the following block ciphers:
* * AES-128
* * 3DES (deprecated)
* * AES-128, AES-192, AES-256
* * NULL
*
* You can use them directly by adding `crypto_aes` or `crypto_3des` to your
* USEMODULE-List.
* You can use them directly by adding `crypto_aes_128`, `crypto_aes_192` or
* `crypto_aes_256` to your USEMODULE-List.
* While you can use the ciphers functions directly, you should resort to
* the generic API for block ciphers whenever possible.
*
@ -37,7 +36,7 @@
* plain_text[AES_BLOCK_SIZE] = {0},
* cipher_text[AES_BLOCK_SIZE] = {0};
*
* if (cipher_init(&cipher, CIPHER_AES_128, key, AES_KEY_SIZE) < 0)
* if (cipher_init(&cipher, CIPHER_AES, key, AES_KEY_SIZE) < 0)
* printf("Cipher init failed!\n");
*
* if (cipher_encrypt(&cipher, plain_text, cipher_text) < 0)

2
sys/hashes/cmac.c
View File

@ -49,7 +49,7 @@ int cmac_init(cmac_context_t *ctx, const uint8_t *key, uint8_t key_size)
}
memset(ctx, 0, sizeof(cmac_context_t));
return cipher_init(&(ctx->aes_ctx), CIPHER_AES_128, key, key_size);
return cipher_init(&(ctx->aes_ctx), CIPHER_AES, key, key_size);
}
void cmac_update(cmac_context_t *ctx, const void *data, size_t len)

24
sys/include/crypto/aes.h
View File

@ -13,6 +13,14 @@
* @file
* @brief Headers for the implementation of the AES cipher-algorithm
*
* The default key size is 128 bits. To use a different key size add
* USEMODULE += crypto_aes_192 and/or USEMODULE += crypto_aes_256 to
* your Makefile.
*
* If only one key size is needed and that key size is not 128 bits, the 128 bit
* key size can be disabled with DISABLE_MODULE += crypto_aes_128 as an
* optimization.
*
* @author Freie Universitaet Berlin, Computer Systems & Telematics
* @author Nicolai Schmittberger <nicolai.schmittberger@fu-berlin.de>
* @author Fabrice Bellard
@ -46,20 +54,26 @@ typedef uint8_t u8;
#define AES_MAXNR 14
#define AES_BLOCK_SIZE 16
#define AES_KEY_SIZE 16
/**
* @name AES key sizes
* @{
*/
#define AES_KEY_SIZE_128 16
#define AES_KEY_SIZE_192 24
#define AES_KEY_SIZE_256 32
/** @} */
/**
* @brief AES key
* @see cipher_context_t
*/
struct aes_key_st {
typedef struct aes_key_st {
/** @cond INTERNAL */
uint32_t rd_key[4 * (AES_MAXNR + 1)];
int rounds;
/** @endcond */
};
typedef struct aes_key_st AES_KEY;
} AES_KEY;
/**
* @brief the cipher_context_t-struct adapted for AES

38
sys/include/crypto/ciphers.h
View File

@ -23,6 +23,7 @@
#define CRYPTO_CIPHERS_H
#include <stdint.h>
#include "kernel_defines.h"
#ifdef __cplusplus
extern "C" {
@ -30,20 +31,29 @@ extern "C" {
/* Shared header file for all cipher algorithms */
/** @brief the length of keys in bytes */
#define CIPHERS_MAX_KEY_SIZE 20
/** @brief the length of keys in bytes
*
* As of now AES is the only cipher which supports different key sizes.
* Here we optimize the CIPHERS_MAX_KEY_SIZE to always have the smallest possible
* value based on which AES key sizes are used.
*/
#if IS_USED(MODULE_CRYPTO_AES_256)
#define CIPHERS_MAX_KEY_SIZE 32
#elif IS_USED(MODULE_CRYPTO_AES_192)
#define CIPHERS_MAX_KEY_SIZE 24
#else
#define CIPHERS_MAX_KEY_SIZE 16
#endif
#define CIPHER_MAX_BLOCK_SIZE 16
/**
* Context sizes needed for the different ciphers.
* Always order by number of bytes descending!!! <br><br>
*
* threedes needs 24 bytes <br>
* aes needs CIPHERS_MAX_KEY_SIZE bytes <br>
*/
#if defined(MODULE_CRYPTO_3DES)
#define CIPHER_MAX_CONTEXT_SIZE 24
#elif defined(MODULE_CRYPTO_AES)
#if IS_USED(MODULE_CRYPTO_AES_256) || IS_USED(MODULE_CRYPTO_AES_192) || \
IS_USED(MODULE_CRYPTO_AES_128)
#define CIPHER_MAX_CONTEXT_SIZE CIPHERS_MAX_KEY_SIZE
#else
/* 0 is not a possibility because 0-sized arrays are not allowed in ISO C */
@ -56,7 +66,8 @@ extern "C" {
#define CIPHER_ERR_INVALID_LENGTH -4
#define CIPHER_ERR_ENC_FAILED -5
#define CIPHER_ERR_DEC_FAILED -6
/** Is returned by the cipher_init functions, if the corresponding alogirithm has not been included in the build */
/** Is returned by the cipher_init functions, if the corresponding algorithm
* has not been included in the build */
#define CIPHER_ERR_BAD_CONTEXT_SIZE 0
/** Returned by cipher_init upon successful initialization of a cipher. */
#define CIPHER_INIT_SUCCESS 1
@ -65,7 +76,8 @@ extern "C" {
* @brief the context for cipher-operations
*/
typedef struct {
uint8_t context[CIPHER_MAX_CONTEXT_SIZE]; /**< buffer for cipher operations */
uint8_t key_size; /**< key size used */
uint8_t context[CIPHER_MAX_CONTEXT_SIZE]; /**< buffer for cipher operations */
} cipher_context_t;
@ -96,8 +108,18 @@ typedef struct cipher_interface_st {
typedef const cipher_interface_t *cipher_id_t;
/**
* @brief AES_128 cipher id
*
* @deprecated Use @ref CIPHER_AES instead. Will be removed after 2021.07
* release.
*/
extern const cipher_id_t CIPHER_AES_128;
/**
* @brief AES cipher id
*/
extern const cipher_id_t CIPHER_AES;
/**
* @brief basic struct for using block ciphers

2
sys/net/gnrc/Makefile.dep
View File

@ -28,7 +28,7 @@ ifneq (,$(filter gnrc_lorawan,$(USEMODULE)))
USEMODULE += xtimer
USEMODULE += random
USEMODULE += hashes
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128
USEMODULE += netdev_layer
USEMODULE += gnrc_nettype_lorawan
endif

6
sys/net/gnrc/link_layer/lorawan/gnrc_lorawan_crypto.c
View File

@ -95,7 +95,7 @@ void gnrc_lorawan_encrypt_payload(iolist_t *iolist, const le_uint32_t *dev_addr,
lorawan_block_t *block = (lorawan_block_t *)a_block;
cipher_init(&AesContext, CIPHER_AES_128, appskey, LORAMAC_APPKEY_LEN);
cipher_init(&AesContext, CIPHER_AES, appskey, LORAMAC_APPKEY_LEN);
block->fb = CRYPT_B0_START;
@ -127,7 +127,7 @@ void gnrc_lorawan_encrypt_payload(iolist_t *iolist, const le_uint32_t *dev_addr,
void gnrc_lorawan_decrypt_join_accept(const uint8_t *key, uint8_t *pkt,
int has_clist, uint8_t *out)
{
cipher_init(&AesContext, CIPHER_AES_128, key, LORAMAC_APPKEY_LEN);
cipher_init(&AesContext, CIPHER_AES, key, LORAMAC_APPKEY_LEN);
cipher_encrypt(&AesContext, pkt, out);
if (has_clist) {
@ -145,7 +145,7 @@ void gnrc_lorawan_generate_session_keys(const uint8_t *app_nonce,
memset(buf, 0, sizeof(buf));
cipher_init(&AesContext, CIPHER_AES_128, appkey, LORAMAC_APPSKEY_LEN);
cipher_init(&AesContext, CIPHER_AES, appkey, LORAMAC_APPSKEY_LEN);
/* net_id comes right after app_nonce */
memcpy(buf + 1, app_nonce,

2
sys/net/link_layer/ieee802154/security.c
View File

@ -403,7 +403,7 @@ void ieee802154_sec_init(ieee802154_sec_context_t *ctx)
ctx->frame_counter = 0;
uint8_t key[] = IEEE802154_SEC_DEFAULT_KEY;
assert(CIPHER_MAX_CONTEXT_SIZE >= IEEE802154_SEC_KEY_LENGTH);
cipher_init(&ctx->cipher, CIPHER_AES_128, key, IEEE802154_SEC_KEY_LENGTH);
cipher_init(&ctx->cipher, CIPHER_AES, key, IEEE802154_SEC_KEY_LENGTH);
}
int ieee802154_sec_encrypt_frame(ieee802154_sec_context_t *ctx,

2
sys/random/Kconfig
View File

@ -25,7 +25,7 @@ config MODULE_PRNG_FORTUNA
select MODULE_XTIMER
select MODULE_FORTUNA
select MODULE_CRYPTO
depends on MODULE_CRYPTO_AES
select MODULE_CRYPTO_AES_128
config MODULE_PRNG_HWRNG
bool "Hardware RNG"

4
tests/sys_crypto/Makefile
View File

@ -2,7 +2,9 @@ include ../Makefile.tests_common
USEMODULE += embunit
USEMODULE += crypto_3des
USEMODULE += cipher_modes
USEMODULE += crypto_aes_128
USEMODULE += crypto_aes_192
USEMODULE += crypto_aes_256
include $(RIOTBASE)/Makefile.include

6
tests/sys_crypto/Makefile.ci
View File

@ -4,9 +4,14 @@ BOARD_INSUFFICIENT_MEMORY := \
arduino-mega2560 \
arduino-nano \
arduino-uno \
atmega1284p \
atmega328p \
atmega328p-xplained-mini \
atxmega-a1u-xpro \
atxmega-a3bu-xplained \
derfmega128 \
mega-xplained \
microduino-corerf \
msb-430 \
msb-430h \
nucleo-f031k6 \
@ -19,4 +24,5 @@ BOARD_INSUFFICIENT_MEMORY := \
telosb \
waspmote-pro \
z1 \
zigduino \
#

33
tests/sys_crypto/README.md Normal file
View File

@ -0,0 +1,33 @@
# Overview
This test application tests all the components of the crypto module in RIOT.
Specifically these are:
* ChaCha. Test vectors from [draft-strombergson-chacha-test-vectors-00].
* Poly1305. Test vectors from [draft-nir-cfrg-chacha20-poly1305-06].
* ChaCha20-Poly1305. Test vectors from [rfc7539].
* AES-CBC. Test vectors from [SP 800-38C].
* AES-CCM. Test vectors from [RFC3610], [SP 800-38C], [Wycheproof].
* AES-CTR. Test vectors from [SP 800-38C].
* AES-ECB. Test vectors from [SP 800-38C].
* AES-OCB. Test vectors from [RFC7253].
To build the test application run
```
make
```
To execute the test run
```
make term
```
[draft-nir-cfrg-chacha20-poly1305-06]: https://tools.ietf.org/html/draft-nir-cfrg-chacha20-poly1305-06#appendix-A.3
[draft-strombergson-chacha-test-vectors-00]: https://tools.ietf.org/html/draft-strombergson-chacha-test-vectors-00
[rfc7539]: https://tools.ietf.org/html/rfc7539#appendix-A
[SP 800-38C]: http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
[RFC3610]: https://tools.ietf.org/html/rfc3610
[Wycheproof]: https://github.com/google/wycheproof/blob/master/testvectors/aes_ccm_test.json
[RFC7253]: https://tools.ietf.org/html/rfc7253#appendix-A

5
tests/sys_crypto/app.config.test
View File

@ -1,7 +1,10 @@
# this file enables modules defined in Kconfig. Do not use this file for
# application configuration. This is only needed during migration.
CONFIG_MODULE_CRYPTO_3DES=y
CONFIG_MODULE_CRYPTO=y
CONFIG_MODULE_CRYPTO_AES_128=y
CONFIG_MODULE_CRYPTO_AES_192=y
CONFIG_MODULE_CRYPTO_AES_256=y
CONFIG_MODULE_CIPHER_MODES=y
CONFIG_MODULE_EMBUNIT=y

19
tests/sys_crypto/tests-crypto-aes.c
View File

@ -91,27 +91,12 @@ static void test_crypto_aes_init_key_length(void)
cipher_context_t ctx;
int err;
/* A keylength of 192 bit is not supported by the current implementation */
uint8_t unsupported_key_1[24];
/* A keylength of 64 bit is not supported by AES */
uint8_t unsupported_key_1[8];
memset(unsupported_key_1, 0, sizeof(unsupported_key_1));
/* A keylength of 256 bit is not supported by the current implementation */
uint8_t unsupported_key_2[32];
memset(unsupported_key_2, 0, sizeof(unsupported_key_2));
/* A keylength of 64 bit is not supported by AES */
uint8_t unsupported_key_3[8];
memset(unsupported_key_3, 0, sizeof(unsupported_key_3));
err = aes_init(&ctx, unsupported_key_1, sizeof(unsupported_key_1));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
err = aes_init(&ctx, unsupported_key_2, sizeof(unsupported_key_2));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
err = aes_init(&ctx, unsupported_key_3, sizeof(unsupported_key_3));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
}
Test *tests_crypto_aes_tests(void)

7
tests/sys_crypto/tests-crypto-chacha.c
View File

@ -13,6 +13,13 @@
#include <string.h>
/*
* Test Vectors for the Stream Cipher ChaCha
* draft-strombergson-chacha-test-vectors-00
*
* https://tools.ietf.org/html/draft-strombergson-chacha-test-vectors-00
*/
static const uint8_t TC8_KEY[32] = {
0xc4, 0x6e, 0xc1, 0xb1, 0x8c, 0xe8, 0xa8, 0x78,
0x72, 0x5a, 0x37, 0xe7, 0x80, 0xdf, 0xb7, 0x35,

6
tests/sys_crypto/tests-crypto-chacha20poly1305.c
View File

@ -15,6 +15,12 @@
#include "crypto/chacha20poly1305.h"
/*
* Example and Test Vector for AEAD_CHACHA20_POLY1305
*
* https://tools.ietf.org/html/rfc7539#appendix-A
*/
/* ciphertext buffer */
uint8_t ebuf[1024];
/* Plaintext buffer */

29
tests/sys_crypto/tests-crypto-cipher.c
View File

@ -34,7 +34,7 @@ static void test_crypto_cipher_aes_encrypt(void)
int err, cmp;
uint8_t data[16] = { 0 };
err = cipher_init(&cipher, CIPHER_AES_128, TEST_KEY, 16);
err = cipher_init(&cipher, CIPHER_AES, TEST_KEY, 16);
TEST_ASSERT_EQUAL_INT(1, err);
err = cipher_encrypt(&cipher, TEST_INP, data);
@ -50,7 +50,7 @@ static void test_crypto_cipher_aes_decrypt(void)
int err, cmp;
uint8_t data[16];
err = cipher_init(&cipher, CIPHER_AES_128, TEST_KEY, 16);
err = cipher_init(&cipher, CIPHER_AES, TEST_KEY, 16);
TEST_ASSERT_EQUAL_INT(1, err);
err = cipher_decrypt(&cipher, TEST_ENC_AES, data);
@ -65,33 +65,14 @@ static void test_crypto_cipher_init_aes_key_length(void)
cipher_t cipher;
int err;
/* A keylength of 192 bit is not supported by the current implementation */
uint8_t unsupported_key_1[24];
/* A keylength of 64 bit is not supported by AES */
uint8_t unsupported_key_1[8];
memset(unsupported_key_1, 0, sizeof(unsupported_key_1));
/* A keylength of 256 bit is not supported by the current implementation */
uint8_t unsupported_key_2[32];
memset(unsupported_key_2, 0, sizeof(unsupported_key_2));
/* A keylength of 64 bit is not supported by AES */
uint8_t unsupported_key_3[8];
memset(unsupported_key_3, 0, sizeof(unsupported_key_3));
err =
cipher_init(&cipher, CIPHER_AES_128, unsupported_key_1,
cipher_init(&cipher, CIPHER_AES, unsupported_key_1,
sizeof(unsupported_key_1));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
err =
cipher_init(&cipher, CIPHER_AES_128, unsupported_key_2,
sizeof(unsupported_key_2));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
err =
cipher_init(&cipher, CIPHER_AES_128, unsupported_key_3,
sizeof(unsupported_key_3));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
}
Test *tests_crypto_cipher_tests(void)

154
tests/sys_crypto/tests-crypto-modes-cbc.c
View File

@ -32,12 +32,27 @@ static uint8_t TEST_1_KEY[] = {
};
static uint8_t TEST_1_KEY_LEN = 16;
static uint8_t TEST_1_IV[16] = {
static uint8_t TEST_2_KEY[] = {
0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
};
static uint8_t TEST_2_KEY_LEN = 24;
static uint8_t TEST_3_KEY[] = {
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
static uint8_t TEST_3_KEY_LEN = 32;
static uint8_t TEST_IV[16] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};
static uint8_t TEST_1_PLAIN[] = {
static uint8_t TEST_PLAIN[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
@ -47,7 +62,7 @@ static uint8_t TEST_1_PLAIN[] = {
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
static uint8_t TEST_1_PLAIN_LEN = 64;
static uint8_t TEST_PLAIN_LEN = 64;
static uint8_t TEST_1_CIPHER[] = {
0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
@ -59,9 +74,31 @@ static uint8_t TEST_1_CIPHER[] = {
0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7
};
static uint8_t TEST_1_CIPHER_LEN = 64;
static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
static uint8_t TEST_2_CIPHER[] = {
0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d,
0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8,
0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4,
0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a,
0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0,
0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0,
0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81,
0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd
};
static uint8_t TEST_3_CIPHER[] = {
0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b
};
static uint8_t TEST_CIPHER_LEN = 64;
static void test_encrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -69,7 +106,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_cbc(&cipher, iv, input, input_len, data);
@ -81,7 +118,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
}
static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
static void test_encrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -89,10 +126,29 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_cbc(&cipher, iv, input, input_len, data);
len = cipher_encrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_encrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
@ -101,16 +157,88 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
}
static void test_decrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Decryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong plaintext");
}
static void test_decrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Decryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong plaintext");
}
static void test_decrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Decryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong plaintext");
}
static void test_crypto_modes_cbc_encrypt(void)
{
test_encrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_IV, TEST_1_PLAIN,
TEST_1_PLAIN_LEN, TEST_1_CIPHER, TEST_1_CIPHER_LEN);
test_encrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, TEST_IV, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_1_CIPHER, TEST_CIPHER_LEN);
test_encrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, TEST_IV, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_2_CIPHER, TEST_CIPHER_LEN);
test_encrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, TEST_IV, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_3_CIPHER, TEST_CIPHER_LEN);
}
static void test_crypto_modes_cbc_decrypt(void)
{
test_decrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_IV, TEST_1_CIPHER,
TEST_1_CIPHER_LEN, TEST_1_PLAIN, TEST_1_PLAIN_LEN);
test_decrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, TEST_IV, TEST_1_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
test_decrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, TEST_IV, TEST_2_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
test_decrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, TEST_IV, TEST_3_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
}

6
tests/sys_crypto/tests-crypto-modes-ccm.c
View File

@ -1105,7 +1105,7 @@ static void test_encrypt_op(const uint8_t *key, uint8_t key_len,
TEST_ASSERT_MESSAGE(sizeof(data) >= output_expected_len,
"Output buffer too small");
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ccm(&cipher, adata, adata_len,
@ -1133,7 +1133,7 @@ static void test_decrypt_op(const uint8_t *key, uint8_t key_len,
TEST_ASSERT_MESSAGE(sizeof(data) >= output_expected_len,
"Output buffer too small");
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ccm(&cipher, adata, adata_len,
@ -1271,7 +1271,7 @@ static int _test_ccm_len(func_ccm_t func, uint8_t len_encoding,
uint8_t nonce_len = nonce_and_len_encoding_size - len_encoding;
cipher_init(&cipher, CIPHER_AES_128, key, 16);
cipher_init(&cipher, CIPHER_AES, key, 16);
ret = func(&cipher, NULL, adata_len, mac_length, len_encoding,
nonce, nonce_len, input, input_len, data);

156
tests/sys_crypto/tests-crypto-modes-ctr.c
View File

@ -32,12 +32,27 @@ static uint8_t TEST_1_KEY[] = {
};
static uint8_t TEST_1_KEY_LEN = 16;
static uint8_t TEST_1_COUNTER[16] = {
static uint8_t TEST_2_KEY[] = {
0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
};
static uint8_t TEST_2_KEY_LEN = 24;
static uint8_t TEST_3_KEY[] = {
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
static uint8_t TEST_3_KEY_LEN = 32;
static uint8_t TEST_COUNTER[16] = {
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
};
static uint8_t TEST_1_PLAIN[] = {
static uint8_t TEST_PLAIN[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
@ -47,7 +62,7 @@ static uint8_t TEST_1_PLAIN[] = {
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
static uint8_t TEST_1_PLAIN_LEN = 64;
static uint8_t TEST_PLAIN_LEN = 64;
static uint8_t TEST_1_CIPHER[] = {
0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26,
@ -59,9 +74,31 @@ static uint8_t TEST_1_CIPHER[] = {
0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe, 0x03, 0xd1,
0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee
};
static uint8_t TEST_1_CIPHER_LEN = 64;
static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
static uint8_t TEST_2_CIPHER[] = {
0x1a, 0xbc, 0x93, 0x24, 0x17, 0x52, 0x1c, 0xa2,
0x4f, 0x2b, 0x04, 0x59, 0xfe, 0x7e, 0x6e, 0x0b,
0x09, 0x03, 0x39, 0xec, 0x0a, 0xa6, 0xfa, 0xef,
0xd5, 0xcc, 0xc2, 0xc6, 0xf4, 0xce, 0x8e, 0x94,
0x1e, 0x36, 0xb2, 0x6b, 0xd1, 0xeb, 0xc6, 0x70,
0xd1, 0xbd, 0x1d, 0x66, 0x56, 0x20, 0xab, 0xf7,
0x4f, 0x78, 0xa7, 0xf6, 0xd2, 0x98, 0x09, 0x58,
0x5a, 0x97, 0xda, 0xec, 0x58, 0xc6, 0xb0, 0x50
};
static uint8_t TEST_3_CIPHER[] = {
0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5,
0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28,
0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a,
0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5,
0x2b, 0x09, 0x30, 0xda, 0xa2, 0x3d, 0xe9, 0x4c,
0xe8, 0x70, 0x17, 0xba, 0x2d, 0x84, 0x98, 0x8d,
0xdf, 0xc9, 0xc5, 0x8d, 0xb6, 0x7a, 0xad, 0xa6,
0x13, 0xc2, 0xdd, 0x08, 0x45, 0x79, 0x41, 0xa6
};
static uint8_t TEST_CIPHER_LEN = 64;
static void test_encrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -69,7 +106,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ctr(&cipher, ctr, 0, input, input_len, data);
@ -81,7 +118,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
}
static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
static void test_encrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -89,7 +126,45 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ctr(&cipher, ctr, 0, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_encrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ctr(&cipher, ctr, 0, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ctr(&cipher, ctr, 0, input, input_len, data);
@ -98,25 +173,78 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ctr(&cipher, ctr, 0, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ctr(&cipher, ctr, 0, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_crypto_modes_ctr_encrypt(void)
{
uint8_t ctr[16];
memcpy(ctr, TEST_1_COUNTER, 16);
test_encrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, ctr, TEST_1_PLAIN,
TEST_1_PLAIN_LEN, TEST_1_CIPHER, TEST_1_CIPHER_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_encrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, ctr, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_1_CIPHER, TEST_CIPHER_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_encrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, ctr, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_2_CIPHER, TEST_CIPHER_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_encrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, ctr, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_3_CIPHER, TEST_CIPHER_LEN);
}
static void test_crypto_modes_ctr_decrypt(void)
{
uint8_t ctr[16];
memcpy(ctr, TEST_1_COUNTER, 16);
test_decrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, ctr, TEST_1_CIPHER,
TEST_1_CIPHER_LEN, TEST_1_PLAIN, TEST_1_PLAIN_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_decrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, ctr, TEST_1_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_decrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, ctr, TEST_2_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_decrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, ctr, TEST_3_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
}

156
tests/sys_crypto/tests-crypto-modes-ecb.c
View File

@ -32,7 +32,22 @@ static uint8_t TEST_1_KEY[] = {
};
static uint8_t TEST_1_KEY_LEN = 16;
static uint8_t TEST_1_PLAIN[] = {
static uint8_t TEST_2_KEY[] = {
0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
};
static uint8_t TEST_2_KEY_LEN = 24;
static uint8_t TEST_3_KEY[] = {
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
static uint8_t TEST_3_KEY_LEN = 32;
static uint8_t TEST_PLAIN[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
@ -42,7 +57,7 @@ static uint8_t TEST_1_PLAIN[] = {
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
static uint8_t TEST_1_PLAIN_LEN = 64;
static uint8_t TEST_PLAIN_LEN = 64;
static uint8_t TEST_1_CIPHER[] = {
0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60,
@ -54,9 +69,31 @@ static uint8_t TEST_1_CIPHER[] = {
0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f,
0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4
};
static uint8_t TEST_1_CIPHER_LEN = 64;
static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
static uint8_t TEST_2_CIPHER[] = {
0xbd, 0x33, 0x4f, 0x1d, 0x6e, 0x45, 0xf2, 0x5f,
0xf7, 0x12, 0xa2, 0x14, 0x57, 0x1f, 0xa5, 0xcc,
0x97, 0x41, 0x04, 0x84, 0x6d, 0x0a, 0xd3, 0xad,
0x77, 0x34, 0xec, 0xb3, 0xec, 0xee, 0x4e, 0xef,
0xef, 0x7a, 0xfd, 0x22, 0x70, 0xe2, 0xe6, 0x0a,
0xdc, 0xe0, 0xba, 0x2f, 0xac, 0xe6, 0x44, 0x4e,
0x9a, 0x4b, 0x41, 0xba, 0x73, 0x8d, 0x6c, 0x72,
0xfb, 0x16, 0x69, 0x16, 0x03, 0xc1, 0x8e, 0x0e
};
static uint8_t TEST_3_CIPHER[] = {
0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
0x59, 0x1c, 0xcb, 0x10, 0xd4, 0x10, 0xed, 0x26,
0xdc, 0x5b, 0xa7, 0x4a, 0x31, 0x36, 0x28, 0x70,
0xb6, 0xed, 0x21, 0xb9, 0x9c, 0xa6, 0xf4, 0xf9,
0xf1, 0x53, 0xe7, 0xb1, 0xbe, 0xaf, 0xed, 0x1d,
0x23, 0x30, 0x4b, 0x7a, 0x39, 0xf9, 0xf3, 0xff,
0x06, 0x7d, 0x8d, 0x8f, 0x9e, 0x24, 0xec, 0xc7
};
static uint8_t TEST_CIPHER_LEN = 64;
static void test_encrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -64,7 +101,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ecb(&cipher, input, input_len, data);
@ -76,7 +113,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
}
static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
static void test_encrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -84,7 +121,87 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ecb(&cipher, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_encrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ecb(&cipher, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ecb(&cipher, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ecb(&cipher, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ecb(&cipher, input, input_len, data);
@ -98,17 +215,30 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
static void test_crypto_modes_ecb_encrypt(void)
{
test_encrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_PLAIN, TEST_1_PLAIN_LEN,
TEST_1_CIPHER, TEST_1_CIPHER_LEN);
test_encrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, TEST_PLAIN, TEST_PLAIN_LEN,
TEST_1_CIPHER, TEST_CIPHER_LEN);
test_encrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, TEST_PLAIN, TEST_PLAIN_LEN,
TEST_2_CIPHER, TEST_CIPHER_LEN);
test_encrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, TEST_PLAIN, TEST_PLAIN_LEN,
TEST_3_CIPHER, TEST_CIPHER_LEN);
}
static void test_crypto_modes_ecb_decrypt(void)
{
test_decrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_CIPHER,
TEST_1_CIPHER_LEN,
TEST_1_PLAIN, TEST_1_PLAIN_LEN);
}
test_decrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_CIPHER,
TEST_CIPHER_LEN,
TEST_PLAIN, TEST_PLAIN_LEN);
test_decrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, TEST_2_CIPHER,
TEST_CIPHER_LEN,
TEST_PLAIN, TEST_PLAIN_LEN);
test_decrypt_op_256(TEST_2_KEY, TEST_2_KEY_LEN, TEST_2_CIPHER,
TEST_CIPHER_LEN,
TEST_PLAIN, TEST_PLAIN_LEN);
}
Test *tests_crypto_modes_ecb_tests(void)
{

6
tests/sys_crypto/tests-crypto-modes-ocb.c
View File

@ -277,7 +277,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len,
TEST_ASSERT_MESSAGE(sizeof(data) >= output_expected_len,
"Output buffer too small");
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ocb(&cipher, adata, adata_len,
@ -327,7 +327,7 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len,
TEST_ASSERT_MESSAGE(sizeof(data) >= output_expected_len,
"Output buffer too small");
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ocb(&cipher, adata, adata_len,
@ -412,7 +412,7 @@ static void test_crypto_modes_ocb_bad_parameter_values(void)
uint8_t key[16], auth_data[1], nonce[16], input[16], output[32];
cipher_t cipher;
cipher_init(&cipher, CIPHER_AES_128, key, 16);
cipher_init(&cipher, CIPHER_AES, key, 16);
/* tag length must be positive */
int rv = cipher_encrypt_ocb(&cipher, auth_data, sizeof(auth_data), 0, nonce,
15, input, sizeof(input), output);

6
tests/sys_crypto/tests-crypto-poly1305.c
View File

@ -14,6 +14,12 @@
#include <string.h>
/*
* Poly1305 Message Authentication Code
*
* https://tools.ietf.org/html/draft-nir-cfrg-chacha20-poly1305-06#appendix-A.3
*/
static const uint8_t key_1[32] = { 0 };
static const uint8_t msg_1[64] = { 0 };
static const uint8_t tag_1[16] = { 0 };

10
tests/sys_crypto_aes_ccm/Makefile Normal file
View File

@ -0,0 +1,10 @@
include ../Makefile.tests_common
USEMODULE += embunit
USEMODULE += cipher_modes
USEMODULE += crypto_aes_128
USEMODULE += crypto_aes_192
USEMODULE += crypto_aes_256
include $(RIOTBASE)/Makefile.include

28
tests/sys_crypto_aes_ccm/Makefile.ci Normal file
View File

@ -0,0 +1,28 @@
BOARD_INSUFFICIENT_MEMORY := \
arduino-duemilanove \
arduino-leonardo \
arduino-mega2560 \
arduino-nano \
arduino-uno \
atmega1284p \
atmega328p \
atmega328p-xplained-mini \
atxmega-a1u-xpro \
atxmega-a3bu-xplained \
derfmega128 \
mega-xplained \
microduino-corerf \
msb-430 \
msb-430h \
nucleo-f031k6 \
nucleo-f042k6 \
nucleo-l011k4 \
nucleo-l031k6 \
samd10-xmini \
stk3200 \
stm32f030f4-demo \
telosb \
waspmote-pro \
z1 \
zigduino \
#

18
tests/sys_crypto_aes_ccm/README.md Normal file
View File

@ -0,0 +1,18 @@
# Overview
This test application specifically tests the AES CCM implementation for 128, 192 and 256
bit keys. The test utilizes the [CAVP AES CCM DVTP] test vectors.
To build the test application run
```
make
```
To execute the test run
```
make term
```
[CAVP AES CCM DVTP]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/cavp-testing-block-cipher-modes

11
tests/sys_crypto_aes_ccm/app.config.test Normal file
View File

@ -0,0 +1,11 @@
# this file enables modules defined in Kconfig. Do not use this file for
# application configuration. This is only needed during migration.
CONFIG_MODULE_CRYPTO=y
CONFIG_MODULE_CRYPTO_AES_128=y
CONFIG_MODULE_CRYPTO_AES_192=y
CONFIG_MODULE_CRYPTO_AES_256=y
CONFIG_MODULE_CIPHER_MODES=y
CONFIG_MODULE_EMBUNIT=y
CONFIG_MODULE_TEST_UTILS_INTERACTIVE_SYNC=y

19
tests/sys_crypto_aes_ccm/main.c Normal file
View File

@ -0,0 +1,19 @@
/*
* Copyright (C) 2021 Nils Ollrogge
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
#include "tests-crypto.h"
int main(void)
{
TESTS_START();
TESTS_RUN(tests_crypto_modes_ccm_tests_128());
TESTS_RUN(tests_crypto_modes_ccm_tests_192());
TESTS_RUN(tests_crypto_modes_ccm_tests_256());
TESTS_END();
return 0;
}

2438
tests/sys_crypto_aes_ccm/tests-crypto-modes-ccm-128.c Normal file
View File

File diff suppressed because it is too large Load Diff

2454
tests/sys_crypto_aes_ccm/tests-crypto-modes-ccm-192.c Normal file
View File

File diff suppressed because it is too large Load Diff

2470
tests/sys_crypto_aes_ccm/tests-crypto-modes-ccm-256.c Normal file
View File

File diff suppressed because it is too large Load Diff

50
tests/sys_crypto_aes_ccm/tests-crypto.h Normal file
View File

@ -0,0 +1,50 @@
/*
* Copyright (C) 2021 Freie Universität Berlin
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @addtogroup unittests
* @{
*
* @file
* @brief Unittests for the ``crypto`` module
*
* @author Nils Ollrogge <nils-ollrogge@outlook.de>
*/
#ifndef TESTS_CRYPTO_H
#define TESTS_CRYPTO_H
#include <stddef.h>
#include <stdint.h>
#include "embUnit.h"
#ifdef __cplusplus
extern "C" {
#endif
static inline int compare(const uint8_t *a, const uint8_t *b, uint8_t len)
{
int result = 1;
for (uint8_t i = 0; i < len; ++i) {
result &= a[i] == b[i];
}
return result;
}
Test *tests_crypto_modes_ccm_tests_128(void);
Test *tests_crypto_modes_ccm_tests_192(void);
Test *tests_crypto_modes_ccm_tests_256(void);
#ifdef __cplusplus
}
#endif
#endif /* TESTS_CRYPTO_H */
/** @} */

14
tests/sys_crypto_aes_ccm/tests/01-run.py Executable file
View File

@ -0,0 +1,14 @@
#!/usr/bin/env python3
# Copyright (C) 2019 Freie Universität Berlin
#
# This file is subject to the terms and conditions of the GNU Lesser
# General Public License v2.1. See the file LICENSE in the top level
# directory for more details.
import sys
from testrunner import run_check_unittests
if __name__ == "__main__":
sys.exit(run_check_unittests())

2
tests/unittests/tests-hashes/Makefile.include
View File

@ -1,2 +1,2 @@
USEMODULE += hashes
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128