2 * Copyright (c) 2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 /* Test vectors published in GCM Specification */
18 #include <vppinfra/clib.h>
19 #include <vnet/crypto/crypto.h>
20 #include <unittest/crypto/crypto.h>
22 static u8 tc1_key128[16] = { 0, };
24 static u8 tc1_iv[12] = { 0, };
26 static u8 tc1_tag128[] = {
27 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
28 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
31 static u8 tc1_key256[32] = { 0, };
33 static u8 tc1_tag256[] = {
34 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
35 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b,
38 static u8 tc2_ciphertext256[] = {
39 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
40 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
43 static u8 tc2_tag256[] = {
44 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
45 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
48 static u8 tc2_plaintext[16] = { 0, };
50 static u8 tc2_tag[] = {
51 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
52 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
55 static u8 tc2_ciphertext[] = {
56 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
57 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
60 static u8 tc3_key128[] = {
61 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
62 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
65 static u8 tc3_iv[] = {
66 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
67 0xde, 0xca, 0xf8, 0x88
70 static u8 tc3_plaintext[] = {
71 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
72 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
73 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
74 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
75 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
76 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
77 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
78 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
81 static u8 tc3_ciphertext128[] = {
82 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
83 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
84 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
85 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
86 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
87 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
88 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
89 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
92 static u8 tc3_tag128[] = {
93 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
94 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
97 static u8 tc3_key256[] = {
98 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
99 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
100 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
101 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
104 static u8 tc3_ciphertext256[] = {
105 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
106 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
107 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
108 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
109 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
110 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
111 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
112 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
115 static u8 tc3_tag256[] = {
116 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
117 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
120 static u8 tc4_plaintext[] = {
121 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
122 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
123 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
124 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
125 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
126 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
127 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
128 0xba, 0x63, 0x7b, 0x39,
131 static u8 tc4_aad[] = {
132 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
133 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
134 0xab, 0xad, 0xda, 0xd2
137 static u8 tc4_ciphertext128[] = {
138 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
139 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
140 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
141 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
142 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
143 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
144 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
145 0x3d, 0x58, 0xe0, 0x91
148 static u8 tc4_tag[] = {
149 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
150 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
153 static u8 tc4_ciphertext256[] = {
154 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
155 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
156 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
157 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
158 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
159 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
160 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
161 0xbc, 0xc9, 0xf6, 0x62
164 static u8 tc4_tag256[] = {
165 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
166 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
170 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm128_tc1) = {
171 .name = "128-GCM Spec. TC1",
172 .alg = VNET_CRYPTO_ALG_AES_128_GCM,
173 .iv = TEST_DATA (tc1_iv),
174 .key = TEST_DATA (tc1_key128),
175 .tag = TEST_DATA (tc1_tag128),
178 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_tc1) = {
179 .name = "256-GCM Spec. TC1",
180 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
181 .key = TEST_DATA (tc1_key256),
182 .iv = TEST_DATA (tc1_iv),
183 .tag = TEST_DATA (tc1_tag256),
186 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm128_tc2) = {
187 .name = "128-GCM Spec. TC2",
188 .alg = VNET_CRYPTO_ALG_AES_128_GCM,
189 .iv = TEST_DATA (tc1_iv),
190 .key = TEST_DATA (tc1_key128),
191 .plaintext = TEST_DATA (tc2_plaintext),
192 .ciphertext = TEST_DATA (tc2_ciphertext),
193 .tag = TEST_DATA (tc2_tag),
196 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_tc2) = {
197 .name = "256-GCM Spec. TC2",
198 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
199 .iv = TEST_DATA (tc1_iv),
200 .key = TEST_DATA (tc1_key256),
201 .plaintext = TEST_DATA(tc2_plaintext),
202 .ciphertext = TEST_DATA(tc2_ciphertext256),
203 .tag = TEST_DATA (tc2_tag256),
206 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm128_tc3) = {
207 .name = "128-GCM Spec. TC3",
208 .alg = VNET_CRYPTO_ALG_AES_128_GCM,
209 .iv = TEST_DATA (tc3_iv),
210 .key = TEST_DATA (tc3_key128),
211 .plaintext = TEST_DATA (tc3_plaintext),
212 .ciphertext = TEST_DATA (tc3_ciphertext128),
213 .tag = TEST_DATA (tc3_tag128),
216 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_tc3) = {
217 .name = "256-GCM Spec. TC3",
218 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
219 .iv = TEST_DATA (tc3_iv),
220 .key = TEST_DATA (tc3_key256),
221 .plaintext = TEST_DATA(tc3_plaintext),
222 .ciphertext = TEST_DATA(tc3_ciphertext256),
223 .tag = TEST_DATA (tc3_tag256),
226 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm128_tc4) = {
227 .name = "128-GCM Spec. TC4",
228 .alg = VNET_CRYPTO_ALG_AES_128_GCM,
229 .iv = TEST_DATA (tc3_iv),
230 .key = TEST_DATA (tc3_key128),
231 .plaintext = TEST_DATA (tc4_plaintext),
232 .ciphertext = TEST_DATA (tc4_ciphertext128),
233 .aad = TEST_DATA (tc4_aad),
234 .tag = TEST_DATA (tc4_tag),
237 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_tc4) = {
238 .name = "256-GCM Spec. TC4",
239 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
240 .iv = TEST_DATA (tc3_iv),
241 .key = TEST_DATA (tc3_key256),
242 .plaintext = TEST_DATA(tc4_plaintext),
243 .ciphertext = TEST_DATA(tc4_ciphertext256),
244 .aad = TEST_DATA(tc4_aad),
245 .tag = TEST_DATA (tc4_tag256),
248 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_tc4_chain) = {
249 .name = "256-GCM Spec. TC4 [chained]",
250 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
251 .iv = TEST_DATA (tc3_iv),
252 .key = TEST_DATA (tc3_key256),
253 .aad = TEST_DATA(tc4_aad),
254 .tag = TEST_DATA (tc4_tag256),
257 TEST_DATA_CHUNK (tc4_plaintext, 0, 20),
258 TEST_DATA_CHUNK (tc4_plaintext, 20, 20),
259 TEST_DATA_CHUNK (tc4_plaintext, 40, 20),
262 TEST_DATA_CHUNK (tc4_ciphertext256, 0, 20),
263 TEST_DATA_CHUNK (tc4_ciphertext256, 20, 20),
264 TEST_DATA_CHUNK (tc4_ciphertext256, 40, 20),
268 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_inc_1024) = {
269 .name = "256-GCM (incr 1024 B)",
270 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
271 .plaintext_incremental = 1024,
277 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_inc1) = {
278 .name = "256-GCM (incr 1056 B)",
279 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
280 .plaintext_incremental = 1024 + 32,
286 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_inc2) = {
287 .name = "256-GCM (incr 1042 B)",
288 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
289 .plaintext_incremental = 1024 + 8,
295 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_inc3) = {
296 .name = "256-GCM (incr 1025 B)",
297 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
298 .plaintext_incremental = 1024 + 1,
304 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_inc4) = {
305 .name = "256-GCM (incr 1009 B)",
306 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
307 .plaintext_incremental = 1024 - 15,
313 UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_inc5) = {
314 .name = "256-GCM (incr 1008)",
315 .alg = VNET_CRYPTO_ALG_AES_256_GCM,
316 .plaintext_incremental = 1024 - 16,
324 * fd.io coding-style-patch-verification: ON
327 * eval: (c-set-style "gnu")