| /* |
| * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. |
| * |
| * Licensed under the Apache License 2.0 (the "License"). You may not use |
| * this file except in compliance with the License. You can obtain a copy |
| * in the file LICENSE in the source distribution or at |
| * https://www.openssl.org/source/license.html |
| */ |
| |
| /* |
| * CMAC low level APIs are deprecated for public use, but still ok for internal |
| * use. |
| */ |
| #include "internal/deprecated.h" |
| |
| #include <stdio.h> |
| #include <string.h> |
| #include <stdlib.h> |
| |
| #include "internal/nelem.h" |
| |
| #include <openssl/cmac.h> |
| #include <openssl/aes.h> |
| #include <openssl/evp.h> |
| |
| #include "testutil.h" |
| |
| static const char xtskey[32] = { |
| 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, |
| 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, |
| 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f |
| }; |
| |
| static struct test_st { |
| const char key[32]; |
| int key_len; |
| const unsigned char data[64]; |
| int data_len; |
| const char *mac; |
| } test[3] = { |
| { |
| { |
| 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, |
| 0x0b, 0x0c, 0x0d, 0x0e, 0x0f |
| }, |
| 16, |
| "My test data", |
| 12, |
| "29cec977c48f63c200bd5c4a6881b224" |
| }, |
| { |
| { |
| 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, |
| 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, |
| 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f |
| }, |
| 32, |
| "My test data", |
| 12, |
| "db6493aa04e4761f473b2b453c031c9a" |
| }, |
| { |
| { |
| 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, |
| 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, |
| 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f |
| }, |
| 32, |
| "My test data again", |
| 18, |
| "65c11c75ecf590badd0a5e56cbb8af60" |
| }, |
| }; |
| |
| static char *pt(unsigned char *md, unsigned int len); |
| |
| static int test_cmac_bad(void) |
| { |
| CMAC_CTX *ctx = NULL; |
| int ret = 0; |
| |
| ctx = CMAC_CTX_new(); |
| if (!TEST_ptr(ctx) |
| || !TEST_false(CMAC_Init(ctx, NULL, 0, NULL, NULL)) |
| || !TEST_false(CMAC_Update(ctx, test[0].data, test[0].data_len)) |
| /* Should be able to pass cipher first, and then key */ |
| || !TEST_true(CMAC_Init(ctx, NULL, 0, EVP_aes_128_cbc(), NULL)) |
| /* Must have a key */ |
| || !TEST_false(CMAC_Update(ctx, test[0].data, test[0].data_len)) |
| /* Now supply the key */ |
| || !TEST_true(CMAC_Init(ctx, test[0].key, test[0].key_len, NULL, NULL)) |
| /* Update should now work */ |
| || !TEST_true(CMAC_Update(ctx, test[0].data, test[0].data_len)) |
| /* XTS is not a suitable cipher to use */ |
| || !TEST_false(CMAC_Init(ctx, xtskey, sizeof(xtskey), EVP_aes_128_xts(), |
| NULL)) |
| || !TEST_false(CMAC_Update(ctx, test[0].data, test[0].data_len))) |
| goto err; |
| |
| ret = 1; |
| err: |
| CMAC_CTX_free(ctx); |
| return ret; |
| } |
| |
| static int test_cmac_run(void) |
| { |
| char *p; |
| CMAC_CTX *ctx = NULL; |
| unsigned char buf[AES_BLOCK_SIZE]; |
| size_t len; |
| int ret = 0; |
| |
| ctx = CMAC_CTX_new(); |
| |
| if (!TEST_true(CMAC_Init(ctx, test[0].key, test[0].key_len, |
| EVP_aes_128_cbc(), NULL)) |
| || !TEST_true(CMAC_Update(ctx, test[0].data, test[0].data_len)) |
| || !TEST_true(CMAC_Final(ctx, buf, &len))) |
| goto err; |
| |
| p = pt(buf, len); |
| if (!TEST_str_eq(p, test[0].mac)) |
| goto err; |
| |
| if (!TEST_true(CMAC_Init(ctx, test[1].key, test[1].key_len, |
| EVP_aes_256_cbc(), NULL)) |
| || !TEST_true(CMAC_Update(ctx, test[1].data, test[1].data_len)) |
| || !TEST_true(CMAC_Final(ctx, buf, &len))) |
| goto err; |
| |
| p = pt(buf, len); |
| if (!TEST_str_eq(p, test[1].mac)) |
| goto err; |
| |
| if (!TEST_true(CMAC_Init(ctx, test[2].key, test[2].key_len, NULL, NULL)) |
| || !TEST_true(CMAC_Update(ctx, test[2].data, test[2].data_len)) |
| || !TEST_true(CMAC_Final(ctx, buf, &len))) |
| goto err; |
| p = pt(buf, len); |
| if (!TEST_str_eq(p, test[2].mac)) |
| goto err; |
| /* Test reusing a key */ |
| if (!TEST_true(CMAC_Init(ctx, NULL, 0, NULL, NULL)) |
| || !TEST_true(CMAC_Update(ctx, test[2].data, test[2].data_len)) |
| || !TEST_true(CMAC_Final(ctx, buf, &len))) |
| goto err; |
| p = pt(buf, len); |
| if (!TEST_str_eq(p, test[2].mac)) |
| goto err; |
| |
| /* Test setting the cipher and key separately */ |
| if (!TEST_true(CMAC_Init(ctx, NULL, 0, EVP_aes_256_cbc(), NULL)) |
| || !TEST_true(CMAC_Init(ctx, test[2].key, test[2].key_len, NULL, NULL)) |
| || !TEST_true(CMAC_Update(ctx, test[2].data, test[2].data_len)) |
| || !TEST_true(CMAC_Final(ctx, buf, &len))) |
| goto err; |
| p = pt(buf, len); |
| if (!TEST_str_eq(p, test[2].mac)) |
| goto err; |
| |
| ret = 1; |
| err: |
| CMAC_CTX_free(ctx); |
| return ret; |
| } |
| |
| static int test_cmac_copy(void) |
| { |
| char *p; |
| CMAC_CTX *ctx = NULL, *ctx2 = NULL; |
| unsigned char buf[AES_BLOCK_SIZE]; |
| size_t len; |
| int ret = 0; |
| |
| ctx = CMAC_CTX_new(); |
| ctx2 = CMAC_CTX_new(); |
| if (!TEST_ptr(ctx) || !TEST_ptr(ctx2)) |
| goto err; |
| |
| if (!TEST_true(CMAC_Init(ctx, test[0].key, test[0].key_len, |
| EVP_aes_128_cbc(), NULL)) |
| || !TEST_true(CMAC_Update(ctx, test[0].data, test[0].data_len)) |
| || !TEST_true(CMAC_CTX_copy(ctx2, ctx)) |
| || !TEST_true(CMAC_Final(ctx2, buf, &len))) |
| goto err; |
| |
| p = pt(buf, len); |
| if (!TEST_str_eq(p, test[0].mac)) |
| goto err; |
| |
| ret = 1; |
| err: |
| CMAC_CTX_free(ctx2); |
| CMAC_CTX_free(ctx); |
| return ret; |
| } |
| |
| static char *pt(unsigned char *md, unsigned int len) |
| { |
| unsigned int i; |
| static char buf[80]; |
| |
| for (i = 0; i < len; i++) |
| sprintf(&(buf[i * 2]), "%02x", md[i]); |
| return buf; |
| } |
| |
| int setup_tests(void) |
| { |
| ADD_TEST(test_cmac_bad); |
| ADD_TEST(test_cmac_run); |
| ADD_TEST(test_cmac_copy); |
| return 1; |
| } |
| |
