📄 fips_aesavs.c
字号:
/* ==================================================================== * Copyright (c) 2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * *//*--------------------------------------------- NIST AES Algorithm Validation Suite Test Program Donated to OpenSSL by: V-ONE Corporation 20250 Century Blvd, Suite 300 Germantown, MD 20874 U.S.A. ----------------------------------------------*/#include <stdio.h>#include <stdlib.h>#include <string.h>#include <errno.h>#include <assert.h>#include <ctype.h>#include <openssl/aes.h>#include <openssl/evp.h>#include <openssl/bn.h>#include <openssl/err.h>#include "e_os.h"#ifndef OPENSSL_FIPSint main(int argc, char *argv[]){ printf("No FIPS AES support\n"); return(0);}#else#include <openssl/fips.h>#include "fips_utl.h"#define AES_BLOCK_SIZE 16#define VERBOSE 0/*-----------------------------------------------*/int AESTest(EVP_CIPHER_CTX *ctx, char *amode, int akeysz, unsigned char *aKey, unsigned char *iVec, int dir, /* 0 = decrypt, 1 = encrypt */ unsigned char *plaintext, unsigned char *ciphertext, int len) { const EVP_CIPHER *cipher = NULL; if (strcasecmp(amode, "CBC") == 0) { switch (akeysz) { case 128: cipher = EVP_aes_128_cbc(); break; case 192: cipher = EVP_aes_192_cbc(); break; case 256: cipher = EVP_aes_256_cbc(); break; } } else if (strcasecmp(amode, "ECB") == 0) { switch (akeysz) { case 128: cipher = EVP_aes_128_ecb(); break; case 192: cipher = EVP_aes_192_ecb(); break; case 256: cipher = EVP_aes_256_ecb(); break; } } else if (strcasecmp(amode, "CFB128") == 0) { switch (akeysz) { case 128: cipher = EVP_aes_128_cfb128(); break; case 192: cipher = EVP_aes_192_cfb128(); break; case 256: cipher = EVP_aes_256_cfb128(); break; } } else if (strncasecmp(amode, "OFB", 3) == 0) { switch (akeysz) { case 128: cipher = EVP_aes_128_ofb(); break; case 192: cipher = EVP_aes_192_ofb(); break; case 256: cipher = EVP_aes_256_ofb(); break; } } else if(!strcasecmp(amode,"CFB1")) { switch (akeysz) { case 128: cipher = EVP_aes_128_cfb1(); break; case 192: cipher = EVP_aes_192_cfb1(); break; case 256: cipher = EVP_aes_256_cfb1(); break; } } else if(!strcasecmp(amode,"CFB8")) { switch (akeysz) { case 128: cipher = EVP_aes_128_cfb8(); break; case 192: cipher = EVP_aes_192_cfb8(); break; case 256: cipher = EVP_aes_256_cfb8(); break; } } else { printf("Unknown mode: %s\n", amode); return 0; } if (!cipher) { printf("Invalid key size: %d\n", akeysz); return 0; } if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0) return 0; if(!strcasecmp(amode,"CFB1")) M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS); if (dir) EVP_Cipher(ctx, ciphertext, plaintext, len); else EVP_Cipher(ctx, plaintext, ciphertext, len); return 1; }/*-----------------------------------------------*/char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB128"};enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB128};enum XCrypt {XDECRYPT, XENCRYPT};/*=============================*//* Monte Carlo Tests *//*-----------------------------*//*#define gb(a,b) (((a)[(b)/8] >> ((b)%8))&1)*//*#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << ((b)%8)))|(!!(v) << ((b)%8)))*/#define gb(a,b) (((a)[(b)/8] >> (7-(b)%8))&1)#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << (7-(b)%8)))|(!!(v) << (7-(b)%8)))int do_mct(char *amode, int akeysz, unsigned char *aKey,unsigned char *iVec, int dir, unsigned char *text, int len, FILE *rfp) { int ret = 0; unsigned char key[101][32]; unsigned char iv[101][AES_BLOCK_SIZE]; unsigned char ptext[1001][32]; unsigned char ctext[1001][32]; unsigned char ciphertext[64+4]; int i, j, n, n1, n2; int imode = 0, nkeysz = akeysz/8; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); if (len > 32) { printf("\n>>>> Length exceeds 32 for %s %d <<<<\n\n", amode, akeysz); return -1; } for (imode = 0; imode < 6; ++imode) if (strcmp(amode, t_mode[imode]) == 0) break; if (imode == 6) { printf("Unrecognized mode: %s\n", amode); return -1; } memcpy(key[0], aKey, nkeysz); if (iVec) memcpy(iv[0], iVec, AES_BLOCK_SIZE); if (dir == XENCRYPT) memcpy(ptext[0], text, len); else memcpy(ctext[0], text, len); for (i = 0; i < 100; ++i) { /* printf("Iteration %d\n", i); */ if (i > 0) { fprintf(rfp,"COUNT = %d\n",i); OutputValue("KEY",key[i],nkeysz,rfp,0); if (imode != ECB) /* ECB */ OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0); /* Output Ciphertext | Plaintext */ OutputValue(t_tag[dir^1],dir ? ptext[0] : ctext[0],len,rfp, imode == CFB1); } for (j = 0; j < 1000; ++j) { switch (imode) { case ECB: if (j == 0) { /* set up encryption */ ret = AESTest(&ctx, amode, akeysz, key[i], NULL, dir, /* 0 = decrypt, 1 = encrypt */ ptext[j], ctext[j], len); if (dir == XENCRYPT) memcpy(ptext[j+1], ctext[j], len); else memcpy(ctext[j+1], ptext[j], len); } else { if (dir == XENCRYPT) { EVP_Cipher(&ctx, ctext[j], ptext[j], len); memcpy(ptext[j+1], ctext[j], len); } else { EVP_Cipher(&ctx, ptext[j], ctext[j], len); memcpy(ctext[j+1], ptext[j], len); } } break; case CBC: case OFB: case CFB128: if (j == 0) { ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], dir, /* 0 = decrypt, 1 = encrypt */ ptext[j], ctext[j], len); if (dir == XENCRYPT) memcpy(ptext[j+1], iv[i], len); else memcpy(ctext[j+1], iv[i], len); } else { if (dir == XENCRYPT) { EVP_Cipher(&ctx, ctext[j], ptext[j], len); memcpy(ptext[j+1], ctext[j-1], len); } else { EVP_Cipher(&ctx, ptext[j], ctext[j], len); memcpy(ctext[j+1], ptext[j-1], len); } } break; case CFB8: if (j == 0) { ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], dir, /* 0 = decrypt, 1 = encrypt */ ptext[j], ctext[j], len); } else { if (dir == XENCRYPT) EVP_Cipher(&ctx, ctext[j], ptext[j], len); else EVP_Cipher(&ctx, ptext[j], ctext[j], len); } if (dir == XENCRYPT) { if (j < 16) memcpy(ptext[j+1], &iv[i][j], len); else memcpy(ptext[j+1], ctext[j-16], len); } else { if (j < 16) memcpy(ctext[j+1], &iv[i][j], len); else memcpy(ctext[j+1], ptext[j-16], len); } break; case CFB1: if(j == 0) {#if 0 /* compensate for wrong endianness of input file */ if(i == 0) ptext[0][0]<<=7;#endif ret = AESTest(&ctx,amode,akeysz,key[i],iv[i],dir, ptext[j], ctext[j], len); } else { if (dir == XENCRYPT) EVP_Cipher(&ctx, ctext[j], ptext[j], len); else EVP_Cipher(&ctx, ptext[j], ctext[j], len); } if(dir == XENCRYPT) { if(j < 128) sb(ptext[j+1],0,gb(iv[i],j)); else sb(ptext[j+1],0,gb(ctext[j-128],0)); } else { if(j < 128) sb(ctext[j+1],0,gb(iv[i],j)); else sb(ctext[j+1],0,gb(ptext[j-128],0)); } break; } } --j; /* reset to last of range */ /* Output Ciphertext | Plaintext */ OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp, imode == CFB1); fprintf(rfp, "\n"); /* add separator */ /* Compute next KEY */ if (dir == XENCRYPT) { if (imode == CFB8) { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */ for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2) ciphertext[n1] = ctext[j-n2][0]; } else if(imode == CFB1) { for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2) sb(ciphertext,n1,gb(ctext[j-n2],0)); } else switch (akeysz) { case 128: memcpy(ciphertext, ctext[j], 16); break; case 192: memcpy(ciphertext, ctext[j-1]+8, 8); memcpy(ciphertext+8, ctext[j], 16); break; case 256: memcpy(ciphertext, ctext[j-1], 16); memcpy(ciphertext+16, ctext[j], 16); break; } } else { if (imode == CFB8) { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */ for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2) ciphertext[n1] = ptext[j-n2][0]; } else if(imode == CFB1) { for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2) sb(ciphertext,n1,gb(ptext[j-n2],0)); } else switch (akeysz) { case 128: memcpy(ciphertext, ptext[j], 16); break; case 192: memcpy(ciphertext, ptext[j-1]+8, 8);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -