[test] Add NIST self-tests for AES128 and AES256 in ECB mode
[ipxe.git] / src / tests / aes_test.c
1 /*
2 * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 * You can also choose to distribute this program under the terms of
20 * the Unmodified Binary Distribution Licence (as given in the file
21 * COPYING.UBDL), provided that you have satisfied its requirements.
22 */
23
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25
26 /** @file
27 *
28 * AES tests
29 *
30 * These test vectors are provided by NIST as part of the
31 * Cryptographic Toolkit Examples, downloadable from:
32 *
33 * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_Core_All.pdf
34 * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_ECB.pdf
35 * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CBC.pdf
36 *
37 */
38
39 /* Forcibly enable assertions */
40 #undef NDEBUG
41
42 #include <assert.h>
43 #include <string.h>
44 #include <ipxe/aes.h>
45 #include <ipxe/test.h>
46 #include "cipher_test.h"
47
48 /** Key used for NIST 128-bit test vectors */
49 #define AES_KEY_NIST_128 \
50 KEY ( 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, \
51 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c )
52
53 /** Key used for NIST 256-bit test vectors */
54 #define AES_KEY_NIST_256 \
55 KEY ( 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, \
56 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, \
57 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, \
58 0xa3, 0x09, 0x14, 0xdf, 0xf4 )
59
60 /** Dummy initialisation vector used for NIST ECB-mode test vectors */
61 #define AES_IV_NIST_DUMMY \
62 IV ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
63 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 )
64
65 /** Initialisation vector used for NIST CBC-mode test vectors */
66 #define AES_IV_NIST_CBC \
67 IV ( 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, \
68 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f )
69
70 /** Plaintext used for NIST test vectors */
71 #define AES_PLAINTEXT_NIST \
72 PLAINTEXT ( 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, \
73 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, \
74 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, \
75 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, \
76 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, \
77 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, \
78 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, \
79 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 )
80
81 /** AES-128-ECB (same test as AES-128-Core) */
82 CIPHER_TEST ( aes_128_ecb, &aes_ecb_algorithm,
83 AES_KEY_NIST_128, AES_IV_NIST_DUMMY, AES_PLAINTEXT_NIST,
84 CIPHERTEXT ( 0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60,
85 0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97,
86 0xf5, 0xd3, 0xd5, 0x85, 0x03, 0xb9, 0x69, 0x9d,
87 0xe7, 0x85, 0x89, 0x5a, 0x96, 0xfd, 0xba, 0xaf,
88 0x43, 0xb1, 0xcd, 0x7f, 0x59, 0x8e, 0xce, 0x23,
89 0x88, 0x1b, 0x00, 0xe3, 0xed, 0x03, 0x06, 0x88,
90 0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f,
91 0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4 ) );
92
93 /** AES-128-CBC */
94 CIPHER_TEST ( aes_128_cbc, &aes_cbc_algorithm,
95 AES_KEY_NIST_128, AES_IV_NIST_CBC, AES_PLAINTEXT_NIST,
96 CIPHERTEXT ( 0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
97 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
98 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
99 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
100 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b,
101 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
102 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
103 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7 ) );
104
105 /** AES-256-ECB (same test as AES-256-Core) */
106 CIPHER_TEST ( aes_256_ecb, &aes_ecb_algorithm,
107 AES_KEY_NIST_256, AES_IV_NIST_DUMMY, AES_PLAINTEXT_NIST,
108 CIPHERTEXT ( 0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
109 0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
110 0x59, 0x1c, 0xcb, 0x10, 0xd4, 0x10, 0xed, 0x26,
111 0xdc, 0x5b, 0xa7, 0x4a, 0x31, 0x36, 0x28, 0x70,
112 0xb6, 0xed, 0x21, 0xb9, 0x9c, 0xa6, 0xf4, 0xf9,
113 0xf1, 0x53, 0xe7, 0xb1, 0xbe, 0xaf, 0xed, 0x1d,
114 0x23, 0x30, 0x4b, 0x7a, 0x39, 0xf9, 0xf3, 0xff,
115 0x06, 0x7d, 0x8d, 0x8f, 0x9e, 0x24, 0xec, 0xc7 ) );
116
117 /** AES-256-CBC */
118 CIPHER_TEST ( aes_256_cbc, &aes_cbc_algorithm,
119 AES_KEY_NIST_256, AES_IV_NIST_CBC, AES_PLAINTEXT_NIST,
120 CIPHERTEXT ( 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
121 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
122 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
123 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
124 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
125 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
126 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
127 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b ) );
128
129 /**
130 * Perform AES self-test
131 *
132 */
133 static void aes_test_exec ( void ) {
134 struct cipher_algorithm *ecb = &aes_ecb_algorithm;
135 struct cipher_algorithm *cbc = &aes_cbc_algorithm;
136 unsigned int keylen;
137
138 /* Correctness tests */
139 cipher_ok ( &aes_128_ecb );
140 cipher_ok ( &aes_128_cbc );
141 cipher_ok ( &aes_256_ecb );
142 cipher_ok ( &aes_256_cbc );
143
144 /* Speed tests */
145 for ( keylen = 128 ; keylen <= 256 ; keylen += 128 ) {
146 DBG ( "AES-%d-ECB encryption required %ld cycles per byte\n",
147 keylen, cipher_cost_encrypt ( ecb, ( keylen / 8 ) ) );
148 DBG ( "AES-%d-ECB decryption required %ld cycles per byte\n",
149 keylen, cipher_cost_decrypt ( ecb, ( keylen / 8 ) ) );
150 DBG ( "AES-%d-CBC encryption required %ld cycles per byte\n",
151 keylen, cipher_cost_encrypt ( cbc, ( keylen / 8 ) ) );
152 DBG ( "AES-%d-CBC decryption required %ld cycles per byte\n",
153 keylen, cipher_cost_decrypt ( cbc, ( keylen / 8 ) ) );
154 }
155 }
156
157 /** AES self-test */
158 struct self_test aes_test __self_test = {
159 .name = "aes",
160 .exec = aes_test_exec,
161 };