mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
5776e92058
--HG-- rename : security/coreconf/AIX.mk => security/nss/coreconf/AIX.mk rename : security/coreconf/Android.mk => security/nss/coreconf/Android.mk rename : security/coreconf/BSD_OS.mk => security/nss/coreconf/BSD_OS.mk rename : security/coreconf/BeOS.mk => security/nss/coreconf/BeOS.mk rename : security/coreconf/Darwin.mk => security/nss/coreconf/Darwin.mk rename : security/coreconf/FreeBSD.mk => security/nss/coreconf/FreeBSD.mk rename : security/coreconf/HP-UX.mk => security/nss/coreconf/HP-UX.mk rename : security/coreconf/HP-UXA.09.03.mk => security/nss/coreconf/HP-UXA.09.03.mk rename : security/coreconf/HP-UXA.09.07.mk => security/nss/coreconf/HP-UXA.09.07.mk rename : security/coreconf/HP-UXA.09.mk => security/nss/coreconf/HP-UXA.09.mk rename : security/coreconf/HP-UXB.10.01.mk => security/nss/coreconf/HP-UXB.10.01.mk rename : security/coreconf/HP-UXB.10.10.mk => security/nss/coreconf/HP-UXB.10.10.mk rename : security/coreconf/HP-UXB.10.20.mk => security/nss/coreconf/HP-UXB.10.20.mk rename : security/coreconf/HP-UXB.10.30.mk => security/nss/coreconf/HP-UXB.10.30.mk rename : security/coreconf/HP-UXB.10.mk => security/nss/coreconf/HP-UXB.10.mk rename : security/coreconf/HP-UXB.11.00.mk => security/nss/coreconf/HP-UXB.11.00.mk rename : security/coreconf/HP-UXB.11.11.mk => security/nss/coreconf/HP-UXB.11.11.mk rename : security/coreconf/HP-UXB.11.20.mk => security/nss/coreconf/HP-UXB.11.20.mk rename : security/coreconf/HP-UXB.11.22.mk => security/nss/coreconf/HP-UXB.11.22.mk rename : security/coreconf/HP-UXB.11.23.mk => security/nss/coreconf/HP-UXB.11.23.mk rename : security/coreconf/HP-UXB.11.mk => security/nss/coreconf/HP-UXB.11.mk rename : security/coreconf/IRIX.mk => security/nss/coreconf/IRIX.mk rename : security/coreconf/IRIX5.2.mk => security/nss/coreconf/IRIX5.2.mk rename : security/coreconf/IRIX5.3.mk => security/nss/coreconf/IRIX5.3.mk rename : security/coreconf/IRIX5.mk => security/nss/coreconf/IRIX5.mk rename : security/coreconf/IRIX6.2.mk => security/nss/coreconf/IRIX6.2.mk rename : security/coreconf/IRIX6.3.mk => security/nss/coreconf/IRIX6.3.mk rename : security/coreconf/IRIX6.5.mk => security/nss/coreconf/IRIX6.5.mk rename : security/coreconf/IRIX6.mk => security/nss/coreconf/IRIX6.mk rename : security/coreconf/Linux.mk => security/nss/coreconf/Linux.mk rename : security/coreconf/Makefile => security/nss/coreconf/Makefile rename : security/coreconf/NCR3.0.mk => security/nss/coreconf/NCR3.0.mk rename : security/coreconf/NEC4.2.mk => security/nss/coreconf/NEC4.2.mk rename : security/coreconf/NetBSD.mk => security/nss/coreconf/NetBSD.mk rename : security/coreconf/OS2.mk => security/nss/coreconf/OS2.mk rename : security/coreconf/OSF1.mk => security/nss/coreconf/OSF1.mk rename : security/coreconf/OSF1V3.0.mk => security/nss/coreconf/OSF1V2.0.mk rename : security/coreconf/OSF1V3.0.mk => security/nss/coreconf/OSF1V3.0.mk rename : security/coreconf/OSF1V3.2.mk => security/nss/coreconf/OSF1V3.2.mk rename : security/coreconf/OSF1V4.0.mk => security/nss/coreconf/OSF1V4.0.mk rename : security/coreconf/OSF1V4.0B.mk => security/nss/coreconf/OSF1V4.0B.mk rename : security/coreconf/OSF1V4.0D.mk => security/nss/coreconf/OSF1V4.0D.mk rename : security/coreconf/OSF1V5.0.mk => security/nss/coreconf/OSF1V5.0.mk rename : security/coreconf/OSF1V5.1.mk => security/nss/coreconf/OSF1V5.1.mk rename : security/coreconf/OpenBSD.mk => security/nss/coreconf/OpenBSD.mk rename : security/coreconf/OpenUNIX.mk => security/nss/coreconf/OpenUNIX.mk rename : security/coreconf/QNX.mk => security/nss/coreconf/QNX.mk rename : security/coreconf/README => security/nss/coreconf/README rename : security/coreconf/RISCOS.mk => security/nss/coreconf/RISCOS.mk rename : security/coreconf/ReliantUNIX.mk => security/nss/coreconf/ReliantUNIX.mk rename : security/coreconf/ReliantUNIX5.4.mk => security/nss/coreconf/ReliantUNIX5.4.mk rename : security/coreconf/SCOOS5.0.mk => security/nss/coreconf/SCOOS5.0.mk rename : security/coreconf/SCO_SV3.2.mk => security/nss/coreconf/SCO_SV3.2.mk rename : security/coreconf/SunOS4.1.3_U1.mk => security/nss/coreconf/SunOS4.1.3_U1.mk rename : security/coreconf/UNIX.mk => security/nss/coreconf/UNIX.mk rename : security/coreconf/UNIXWARE2.1.mk => security/nss/coreconf/UNIXWARE2.1.mk rename : security/coreconf/WIN95.mk => security/nss/coreconf/WIN95.mk rename : security/coreconf/WINNT.mk => security/nss/coreconf/WINNT.mk rename : security/coreconf/arch.mk => security/nss/coreconf/arch.mk rename : security/coreconf/command.mk => security/nss/coreconf/command.mk rename : security/coreconf/coreconf.pl => security/nss/coreconf/coreconf.pl rename : security/coreconf/cpdist.pl => security/nss/coreconf/cpdist.pl rename : security/coreconf/headers.mk => security/nss/coreconf/headers.mk rename : security/coreconf/import.pl => security/nss/coreconf/import.pl rename : security/coreconf/jdk.mk => security/nss/coreconf/jdk.mk rename : security/coreconf/jniregen.pl => security/nss/coreconf/jniregen.pl rename : security/coreconf/location.mk => security/nss/coreconf/location.mk rename : security/coreconf/mkdepend/Makefile => security/nss/coreconf/mkdepend/Makefile rename : security/coreconf/mkdepend/cppsetup.c => security/nss/coreconf/mkdepend/cppsetup.c rename : security/coreconf/mkdepend/def.h => security/nss/coreconf/mkdepend/def.h rename : security/coreconf/mkdepend/ifparser.c => security/nss/coreconf/mkdepend/ifparser.c rename : security/coreconf/mkdepend/ifparser.h => security/nss/coreconf/mkdepend/ifparser.h rename : security/coreconf/mkdepend/imakemdep.h => security/nss/coreconf/mkdepend/imakemdep.h rename : security/coreconf/mkdepend/include.c => security/nss/coreconf/mkdepend/include.c rename : security/coreconf/mkdepend/main.c => security/nss/coreconf/mkdepend/main.c rename : security/coreconf/mkdepend/mkdepend.man => security/nss/coreconf/mkdepend/mkdepend.man rename : security/coreconf/mkdepend/parse.c => security/nss/coreconf/mkdepend/parse.c rename : security/coreconf/mkdepend/pr.c => security/nss/coreconf/mkdepend/pr.c rename : security/coreconf/module.mk => security/nss/coreconf/module.mk rename : security/coreconf/nsinstall/Makefile => security/nss/coreconf/nsinstall/Makefile rename : security/coreconf/nsinstall/nsinstall.c => security/nss/coreconf/nsinstall/nsinstall.c rename : security/coreconf/nsinstall/pathsub.c => security/nss/coreconf/nsinstall/pathsub.c rename : security/coreconf/nsinstall/pathsub.h => security/nss/coreconf/nsinstall/pathsub.h rename : security/coreconf/nsinstall/sunos4.h => security/nss/coreconf/nsinstall/sunos4.h rename : security/coreconf/outofdate.pl => security/nss/coreconf/outofdate.pl rename : security/coreconf/prefix.mk => security/nss/coreconf/prefix.mk rename : security/coreconf/release.pl => security/nss/coreconf/release.pl rename : security/coreconf/rules.mk => security/nss/coreconf/rules.mk rename : security/coreconf/ruleset.mk => security/nss/coreconf/ruleset.mk rename : security/coreconf/source.mk => security/nss/coreconf/source.mk rename : security/coreconf/suffix.mk => security/nss/coreconf/suffix.mk rename : security/coreconf/tree.mk => security/nss/coreconf/tree.mk rename : security/coreconf/version.mk => security/nss/coreconf/version.mk rename : security/coreconf/version.pl => security/nss/coreconf/version.pl rename : security/dbm/config/config.mk => security/nss/lib/dbm/config/config.mk rename : dbm/include/cdefs.h => security/nss/lib/dbm/include/cdefs.h rename : dbm/include/extern.h => security/nss/lib/dbm/include/extern.h rename : dbm/include/hash.h => security/nss/lib/dbm/include/hash.h rename : dbm/include/search.h => security/nss/lib/dbm/include/hsearch.h rename : dbm/include/mcom_db.h => security/nss/lib/dbm/include/mcom_db.h rename : dbm/include/mpool.h => security/nss/lib/dbm/include/mpool.h rename : dbm/include/ncompat.h => security/nss/lib/dbm/include/ncompat.h rename : dbm/include/page.h => security/nss/lib/dbm/include/page.h rename : dbm/include/queue.h => security/nss/lib/dbm/include/queue.h rename : dbm/include/search.h => security/nss/lib/dbm/include/search.h rename : dbm/include/winfile.h => security/nss/lib/dbm/include/winfile.h rename : dbm/src/db.c => security/nss/lib/dbm/src/db.c rename : security/dbm/src/dirent.c => security/nss/lib/dbm/src/dirent.c rename : security/dbm/src/dirent.h => security/nss/lib/dbm/src/dirent.h rename : dbm/src/h_bigkey.c => security/nss/lib/dbm/src/h_bigkey.c rename : dbm/src/h_func.c => security/nss/lib/dbm/src/h_func.c rename : dbm/src/h_log2.c => security/nss/lib/dbm/src/h_log2.c rename : dbm/src/h_page.c => security/nss/lib/dbm/src/h_page.c rename : dbm/src/hash.c => security/nss/lib/dbm/src/hash.c rename : dbm/src/hash_buf.c => security/nss/lib/dbm/src/hash_buf.c rename : dbm/src/memmove.c => security/nss/lib/dbm/src/memmove.c rename : dbm/src/mktemp.c => security/nss/lib/dbm/src/mktemp.c rename : dbm/src/snprintf.c => security/nss/lib/dbm/src/snprintf.c rename : dbm/src/strerror.c => security/nss/lib/dbm/src/strerror.c rename : dbm/tests/dbmtest.pkg => security/nss/lib/dbm/tests/dbmtest.pkg rename : dbm/tests/lots.c => security/nss/lib/dbm/tests/lots.c extra : rebase_source : 119dad5f824e8e760182047fd32e2a0d0f944172 extra : amend_source : 98e24aa51f9044d9091a26f013b643925e8f9dcf
458 lines
12 KiB
C
458 lines
12 KiB
C
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <ctype.h>
|
|
|
|
#include "pk11pub.h"
|
|
#include "secerr.h"
|
|
#include "nss.h"
|
|
|
|
static SECStatus
|
|
hex_to_byteval(const char *c2, unsigned char *byteval)
|
|
{
|
|
int i;
|
|
unsigned char offset;
|
|
*byteval = 0;
|
|
for (i=0; i<2; i++) {
|
|
if (c2[i] >= '0' && c2[i] <= '9') {
|
|
offset = c2[i] - '0';
|
|
*byteval |= offset << 4*(1-i);
|
|
} else if (c2[i] >= 'a' && c2[i] <= 'f') {
|
|
offset = c2[i] - 'a';
|
|
*byteval |= (offset + 10) << 4*(1-i);
|
|
} else if (c2[i] >= 'A' && c2[i] <= 'F') {
|
|
offset = c2[i] - 'A';
|
|
*byteval |= (offset + 10) << 4*(1-i);
|
|
} else {
|
|
return SECFailure;
|
|
}
|
|
}
|
|
return SECSuccess;
|
|
}
|
|
|
|
static SECStatus
|
|
aes_encrypt_buf(
|
|
const unsigned char *key, unsigned int keysize,
|
|
const unsigned char *iv, unsigned int ivsize,
|
|
unsigned char *output, unsigned int *outputlen, unsigned int maxoutputlen,
|
|
const unsigned char *input, unsigned int inputlen,
|
|
const unsigned char *aad, unsigned int aadlen, unsigned int tagsize)
|
|
{
|
|
SECStatus rv = SECFailure;
|
|
SECItem key_item;
|
|
PK11SlotInfo* slot = NULL;
|
|
PK11SymKey *symKey = NULL;
|
|
CK_GCM_PARAMS gcm_params;
|
|
SECItem param;
|
|
|
|
/* Import key into NSS. */
|
|
key_item.type = siBuffer;
|
|
key_item.data = (unsigned char *) key; /* const cast */
|
|
key_item.len = keysize;
|
|
slot = PK11_GetInternalSlot();
|
|
symKey = PK11_ImportSymKey(slot, CKM_AES_GCM, PK11_OriginUnwrap,
|
|
CKA_ENCRYPT, &key_item, NULL);
|
|
PK11_FreeSlot(slot);
|
|
slot = NULL;
|
|
if (!symKey) {
|
|
fprintf(stderr, "PK11_ImportSymKey failed\n");
|
|
goto loser;
|
|
}
|
|
|
|
gcm_params.pIv = (unsigned char *) iv; /* const cast */
|
|
gcm_params.ulIvLen = ivsize;
|
|
gcm_params.pAAD = (unsigned char *) aad; /* const cast */
|
|
gcm_params.ulAADLen = aadlen;
|
|
gcm_params.ulTagBits = tagsize * 8;
|
|
|
|
param.type = siBuffer;
|
|
param.data = (unsigned char *) &gcm_params;
|
|
param.len = sizeof(gcm_params);
|
|
|
|
if (PK11_Encrypt(symKey, CKM_AES_GCM, ¶m,
|
|
output, outputlen, maxoutputlen,
|
|
input, inputlen) != SECSuccess) {
|
|
fprintf(stderr, "PK11_Encrypt failed\n");
|
|
goto loser;
|
|
}
|
|
|
|
rv = SECSuccess;
|
|
|
|
loser:
|
|
if (symKey != NULL) {
|
|
PK11_FreeSymKey(symKey);
|
|
}
|
|
return rv;
|
|
}
|
|
|
|
static SECStatus
|
|
aes_decrypt_buf(
|
|
const unsigned char *key, unsigned int keysize,
|
|
const unsigned char *iv, unsigned int ivsize,
|
|
unsigned char *output, unsigned int *outputlen, unsigned int maxoutputlen,
|
|
const unsigned char *input, unsigned int inputlen,
|
|
const unsigned char *aad, unsigned int aadlen,
|
|
const unsigned char *tag, unsigned int tagsize)
|
|
{
|
|
SECStatus rv = SECFailure;
|
|
unsigned char concatenated[11*16]; /* 1 to 11 blocks */
|
|
SECItem key_item;
|
|
PK11SlotInfo *slot = NULL;
|
|
PK11SymKey *symKey = NULL;
|
|
CK_GCM_PARAMS gcm_params;
|
|
SECItem param;
|
|
|
|
if (inputlen + tagsize > sizeof(concatenated)) {
|
|
fprintf(stderr, "aes_decrypt_buf: local buffer too small\n");
|
|
goto loser;
|
|
}
|
|
memcpy(concatenated, input, inputlen);
|
|
memcpy(concatenated + inputlen, tag, tagsize);
|
|
|
|
/* Import key into NSS. */
|
|
key_item.type = siBuffer;
|
|
key_item.data = (unsigned char *) key; /* const cast */
|
|
key_item.len = keysize;
|
|
slot = PK11_GetInternalSlot();
|
|
symKey = PK11_ImportSymKey(slot, CKM_AES_GCM, PK11_OriginUnwrap,
|
|
CKA_DECRYPT, &key_item, NULL);
|
|
PK11_FreeSlot(slot);
|
|
slot = NULL;
|
|
if (!symKey) {
|
|
fprintf(stderr, "PK11_ImportSymKey failed\n");
|
|
goto loser;
|
|
}
|
|
|
|
gcm_params.pIv = (unsigned char *) iv;
|
|
gcm_params.ulIvLen = ivsize;
|
|
gcm_params.pAAD = (unsigned char *) aad;
|
|
gcm_params.ulAADLen = aadlen;
|
|
gcm_params.ulTagBits = tagsize * 8;
|
|
|
|
param.type = siBuffer;
|
|
param.data = (unsigned char *) &gcm_params;
|
|
param.len = sizeof(gcm_params);
|
|
|
|
if (PK11_Decrypt(symKey, CKM_AES_GCM, ¶m,
|
|
output, outputlen, maxoutputlen,
|
|
concatenated, inputlen + tagsize) != SECSuccess) {
|
|
goto loser;
|
|
}
|
|
|
|
rv = SECSuccess;
|
|
|
|
loser:
|
|
if (symKey != NULL) {
|
|
PK11_FreeSymKey(symKey);
|
|
}
|
|
return rv;
|
|
}
|
|
|
|
/*
|
|
* Perform the AES Known Answer Test (KAT) in Galois Counter Mode (GCM).
|
|
*
|
|
* respfn is the pathname of the RESPONSE file.
|
|
*/
|
|
static void
|
|
aes_gcm_kat(const char *respfn)
|
|
{
|
|
char buf[512]; /* holds one line from the input REQUEST file.
|
|
* needs to be large enough to hold the longest
|
|
* line "CIPHERTEXT = <320 hex digits>\n".
|
|
*/
|
|
FILE *aesresp; /* input stream from the RESPONSE file */
|
|
int i, j;
|
|
unsigned int test_group = 0;
|
|
unsigned int num_tests;
|
|
PRBool is_encrypt;
|
|
unsigned char key[32]; /* 128, 192, or 256 bits */
|
|
unsigned int keysize;
|
|
unsigned char iv[10*16]; /* 1 to 10 blocks */
|
|
unsigned int ivsize;
|
|
unsigned char plaintext[10*16]; /* 1 to 10 blocks */
|
|
unsigned int plaintextlen = 0;
|
|
unsigned char aad[10*16]; /* 1 to 10 blocks */
|
|
unsigned int aadlen = 0;
|
|
unsigned char ciphertext[10*16]; /* 1 to 10 blocks */
|
|
unsigned int ciphertextlen;
|
|
unsigned char tag[16];
|
|
unsigned int tagsize;
|
|
unsigned char output[10*16]; /* 1 to 10 blocks */
|
|
unsigned int outputlen;
|
|
|
|
unsigned int expected_keylen = 0;
|
|
unsigned int expected_ivlen = 0;
|
|
unsigned int expected_ptlen = 0;
|
|
unsigned int expected_aadlen = 0;
|
|
unsigned int expected_taglen = 0;
|
|
SECStatus rv;
|
|
|
|
if (strstr(respfn, "Encrypt") != NULL) {
|
|
is_encrypt = PR_TRUE;
|
|
} else if (strstr(respfn, "Decrypt") != NULL) {
|
|
is_encrypt = PR_FALSE;
|
|
} else {
|
|
fprintf(stderr, "Input file name must contain Encrypt or Decrypt\n");
|
|
exit(1);
|
|
}
|
|
aesresp = fopen(respfn, "r");
|
|
if (aesresp == NULL) {
|
|
fprintf(stderr, "Cannot open input file %s\n", respfn);
|
|
exit(1);
|
|
}
|
|
while (fgets(buf, sizeof buf, aesresp) != NULL) {
|
|
/* a comment or blank line */
|
|
if (buf[0] == '#' || buf[0] == '\n') {
|
|
continue;
|
|
}
|
|
/* [Keylen = ...], [IVlen = ...], etc. */
|
|
if (buf[0] == '[') {
|
|
if (strncmp(&buf[1], "Keylen = ", 9) == 0) {
|
|
expected_keylen = atoi(&buf[10]);
|
|
} else if (strncmp(&buf[1], "IVlen = ", 8) == 0) {
|
|
expected_ivlen = atoi(&buf[9]);
|
|
} else if (strncmp(&buf[1], "PTlen = ", 8) == 0) {
|
|
expected_ptlen = atoi(&buf[9]);
|
|
} else if (strncmp(&buf[1], "AADlen = ", 9) == 0) {
|
|
expected_aadlen = atoi(&buf[10]);
|
|
} else if (strncmp(&buf[1], "Taglen = ", 9) == 0) {
|
|
expected_taglen = atoi(&buf[10]);
|
|
|
|
test_group++;
|
|
if (test_group > 1) {
|
|
/* Report num_tests for the previous test group. */
|
|
printf("%u tests\n", num_tests);
|
|
}
|
|
num_tests = 0;
|
|
printf("Keylen = %u, IVlen = %u, PTlen = %u, AADlen = %u, "
|
|
"Taglen = %u: ", expected_keylen, expected_ivlen,
|
|
expected_ptlen, expected_aadlen, expected_taglen);
|
|
/* Convert lengths in bits to lengths in bytes. */
|
|
PORT_Assert(expected_keylen % 8 == 0);
|
|
expected_keylen /= 8;
|
|
PORT_Assert(expected_ivlen % 8 == 0);
|
|
expected_ivlen /= 8;
|
|
PORT_Assert(expected_ptlen % 8 == 0);
|
|
expected_ptlen /= 8;
|
|
PORT_Assert(expected_aadlen % 8 == 0);
|
|
expected_aadlen /= 8;
|
|
PORT_Assert(expected_taglen % 8 == 0);
|
|
expected_taglen /= 8;
|
|
} else {
|
|
fprintf(stderr, "Unexpected input line: %s\n", buf);
|
|
exit(1);
|
|
}
|
|
continue;
|
|
}
|
|
/* "Count = x" begins a new data set */
|
|
if (strncmp(buf, "Count", 5) == 0) {
|
|
/* zeroize the variables for the test with this data set */
|
|
memset(key, 0, sizeof key);
|
|
keysize = 0;
|
|
memset(iv, 0, sizeof iv);
|
|
ivsize = 0;
|
|
memset(plaintext, 0, sizeof plaintext);
|
|
plaintextlen = 0;
|
|
memset(aad, 0, sizeof aad);
|
|
aadlen = 0;
|
|
memset(ciphertext, 0, sizeof ciphertext);
|
|
ciphertextlen = 0;
|
|
memset(output, 0, sizeof output);
|
|
outputlen = 0;
|
|
num_tests++;
|
|
continue;
|
|
}
|
|
/* Key = ... */
|
|
if (strncmp(buf, "Key", 3) == 0) {
|
|
i = 3;
|
|
while (isspace(buf[i]) || buf[i] == '=') {
|
|
i++;
|
|
}
|
|
for (j=0; isxdigit(buf[i]); i+=2,j++) {
|
|
hex_to_byteval(&buf[i], &key[j]);
|
|
}
|
|
keysize = j;
|
|
if (keysize != expected_keylen) {
|
|
fprintf(stderr, "Unexpected key length: %u vs. %u\n",
|
|
keysize, expected_keylen);
|
|
exit(1);
|
|
}
|
|
continue;
|
|
}
|
|
/* IV = ... */
|
|
if (strncmp(buf, "IV", 2) == 0) {
|
|
i = 2;
|
|
while (isspace(buf[i]) || buf[i] == '=') {
|
|
i++;
|
|
}
|
|
for (j=0; isxdigit(buf[i]); i+=2,j++) {
|
|
hex_to_byteval(&buf[i], &iv[j]);
|
|
}
|
|
ivsize = j;
|
|
if (ivsize != expected_ivlen) {
|
|
fprintf(stderr, "Unexpected IV length: %u vs. %u\n",
|
|
ivsize, expected_ivlen);
|
|
exit(1);
|
|
}
|
|
continue;
|
|
}
|
|
/* PT = ... */
|
|
if (strncmp(buf, "PT", 2) == 0) {
|
|
i = 2;
|
|
while (isspace(buf[i]) || buf[i] == '=') {
|
|
i++;
|
|
}
|
|
for (j=0; isxdigit(buf[i]); i+=2,j++) {
|
|
hex_to_byteval(&buf[i], &plaintext[j]);
|
|
}
|
|
plaintextlen = j;
|
|
if (plaintextlen != expected_ptlen) {
|
|
fprintf(stderr, "Unexpected PT length: %u vs. %u\n",
|
|
plaintextlen, expected_ptlen);
|
|
exit(1);
|
|
}
|
|
|
|
if (!is_encrypt) {
|
|
rv = aes_decrypt_buf(key, keysize, iv, ivsize,
|
|
output, &outputlen, sizeof output,
|
|
ciphertext, ciphertextlen, aad, aadlen, tag, tagsize);
|
|
if (rv != SECSuccess) {
|
|
fprintf(stderr, "aes_decrypt_buf failed\n");
|
|
goto loser;
|
|
}
|
|
if (outputlen != plaintextlen) {
|
|
fprintf(stderr, "aes_decrypt_buf: wrong output size\n");
|
|
goto loser;
|
|
}
|
|
if (memcmp(output, plaintext, plaintextlen) != 0) {
|
|
fprintf(stderr, "aes_decrypt_buf: wrong plaintext\n");
|
|
goto loser;
|
|
}
|
|
}
|
|
continue;
|
|
}
|
|
/* FAIL */
|
|
if (strncmp(buf, "FAIL", 4) == 0) {
|
|
plaintextlen = 0;
|
|
|
|
PORT_Assert(!is_encrypt);
|
|
rv = aes_decrypt_buf(key, keysize, iv, ivsize,
|
|
output, &outputlen, sizeof output,
|
|
ciphertext, ciphertextlen, aad, aadlen, tag, tagsize);
|
|
if (rv != SECFailure) {
|
|
fprintf(stderr, "aes_decrypt_buf succeeded unexpectedly\n");
|
|
goto loser;
|
|
}
|
|
if (PORT_GetError() != SEC_ERROR_BAD_DATA) {
|
|
fprintf(stderr, "aes_decrypt_buf failed with incorrect "
|
|
"error code\n");
|
|
goto loser;
|
|
}
|
|
continue;
|
|
}
|
|
/* AAD = ... */
|
|
if (strncmp(buf, "AAD", 3) == 0) {
|
|
i = 3;
|
|
while (isspace(buf[i]) || buf[i] == '=') {
|
|
i++;
|
|
}
|
|
for (j=0; isxdigit(buf[i]); i+=2,j++) {
|
|
hex_to_byteval(&buf[i], &aad[j]);
|
|
}
|
|
aadlen = j;
|
|
if (aadlen != expected_aadlen) {
|
|
fprintf(stderr, "Unexpected AAD length: %u vs. %u\n",
|
|
aadlen, expected_aadlen);
|
|
exit(1);
|
|
}
|
|
continue;
|
|
}
|
|
/* CT = ... */
|
|
if (strncmp(buf, "CT", 2) == 0) {
|
|
i = 2;
|
|
while (isspace(buf[i]) || buf[i] == '=') {
|
|
i++;
|
|
}
|
|
for (j=0; isxdigit(buf[i]); i+=2,j++) {
|
|
hex_to_byteval(&buf[i], &ciphertext[j]);
|
|
}
|
|
ciphertextlen = j;
|
|
if (ciphertextlen != expected_ptlen) {
|
|
fprintf(stderr, "Unexpected CT length: %u vs. %u\n",
|
|
ciphertextlen, expected_ptlen);
|
|
exit(1);
|
|
}
|
|
continue;
|
|
}
|
|
/* Tag = ... */
|
|
if (strncmp(buf, "Tag", 3) == 0) {
|
|
i = 3;
|
|
while (isspace(buf[i]) || buf[i] == '=') {
|
|
i++;
|
|
}
|
|
for (j=0; isxdigit(buf[i]); i+=2,j++) {
|
|
hex_to_byteval(&buf[i], &tag[j]);
|
|
}
|
|
tagsize = j;
|
|
if (tagsize != expected_taglen) {
|
|
fprintf(stderr, "Unexpected tag length: %u vs. %u\n",
|
|
tagsize, expected_taglen);
|
|
exit(1);
|
|
}
|
|
|
|
if (is_encrypt) {
|
|
rv = aes_encrypt_buf(key, keysize, iv, ivsize,
|
|
output, &outputlen, sizeof output,
|
|
plaintext, plaintextlen, aad, aadlen, tagsize);
|
|
if (rv != SECSuccess) {
|
|
fprintf(stderr, "aes_encrypt_buf failed\n");
|
|
goto loser;
|
|
}
|
|
if (outputlen != plaintextlen + tagsize) {
|
|
fprintf(stderr, "aes_encrypt_buf: wrong output size\n");
|
|
goto loser;
|
|
}
|
|
if (memcmp(output, ciphertext, plaintextlen) != 0) {
|
|
fprintf(stderr, "aes_encrypt_buf: wrong ciphertext\n");
|
|
goto loser;
|
|
}
|
|
if (memcmp(output + plaintextlen, tag, tagsize) != 0) {
|
|
fprintf(stderr, "aes_encrypt_buf: wrong tag\n");
|
|
goto loser;
|
|
}
|
|
}
|
|
continue;
|
|
}
|
|
}
|
|
/* Report num_tests for the last test group. */
|
|
printf("%u tests\n", num_tests);
|
|
printf("%u test groups\n", test_group);
|
|
printf("PASS\n");
|
|
loser:
|
|
fclose(aesresp);
|
|
}
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
if (argc < 2) exit(1);
|
|
|
|
NSS_NoDB_Init(NULL);
|
|
|
|
/*************/
|
|
/* AES */
|
|
/*************/
|
|
if (strcmp(argv[1], "aes") == 0) {
|
|
/* argv[2]=kat argv[3]=gcm argv[4]=<test name>.rsp */
|
|
if (strcmp(argv[2], "kat") == 0) {
|
|
/* Known Answer Test (KAT) */
|
|
aes_gcm_kat(argv[4]);
|
|
}
|
|
}
|
|
|
|
NSS_Shutdown();
|
|
return 0;
|
|
}
|