Proxmox-Port/libtpms
1
0
Fork 0
mirror of https://github.com/stefanberger/libtpms synced 2026-01-08 12:24:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Extend TDES test cases (CFB, OFB) with test cases for short input

Browse Source 
Add TDES test cases testing CFB and OFB with non-blocksized short
input.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This commit is contained in:
Stefan Berger 2019-05-08 14:05:18 -04:00 committed by Stefan Berger
parent c14f1b01c9
commit a829ddbdeb
5 changed files with 131 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/tpm2/AlgorithmTests.c
View File

@ -191,6 +191,12 @@ TestSymmetricAlgorithm(
BYTE encrypted[MAX_SYM_BLOCK_SIZE * 2];
BYTE decrypted[MAX_SYM_BLOCK_SIZE * 2];
TPM2B_IV iv;
// libtpms added beging
if (test->dataOut[mode - ALG_CTR_VALUE] == NULL)
return;
// libtpms added end
//
// Get the appropriate IV
iv.t.size = (UINT16)MakeIv(mode, test->ivSize, iv.t.buffer);

11
src/tpm2/SelfTest.h
View File

@ -94,19 +94,26 @@
#else
# define SM4_128 NO
#endif
// libtpms added begin
#if ALG_TDES && defined TDES_KEY_SIZE_BITS_128
# define TDES_128 YES
# define TDES_128_INDEX (AES_128 + AES_192 + AES_256 + SM4_128)
# define TDES_128_INDEX2 (AES_128 + AES_192 + AES_256 + SM4_128 + TDES_128)
#else
# define TDES_128 NO
#endif
#if ALG_TDES && defined TDES_KEY_SIZE_BITS_192
# define TDES_192 YES
# define TDES_192_INDEX (AES_128 + AES_192 + AES_256 + SM4_128 + TDES_128)
# define TDES_192_INDEX (AES_128 + AES_192 + AES_256 + SM4_128 + TDES_128 \
+ TDES_128)
# define TDES_192_INDEX2 (AES_128 + AES_192 + AES_256 + SM4_128 + TDES_128 \
+ TDES_128 + TDES_192)
#else
# define TDES_192 NO
#endif
#define NUM_SYMS (AES_128 + AES_192 + AES_256 + SM4_128 + TDES_128 + TDES_192)
// libtpms added end
#define NUM_SYMS (AES_128 + AES_192 + AES_256 + SM4_128 \
+ TDES_128 + TDES_128 + TDES_192 + TDES_192) // libtpms changed
typedef UINT32 SYM_INDEX;
/* These two defines deal with the fact that the TPM_ALG_ID table does not delimit the symmetric
mode values with a TPM_SYM_MODE_FIRST and TPM_SYM_MODE_LAST */

10
src/tpm2/SymmetricTest.h
View File

@ -104,18 +104,28 @@ const SYMMETRIC_TEST_VECTOR c_symTestValues[NUM_SYMS] = {
{dataOut_SM4128_CTR, dataOut_SM4128_OFB, dataOut_SM4128_CBC,
dataOut_SM4128_CFB, dataOut_AES128_ECB}}
#endif
// libtpms added begin
#if TDES_128
COMMA
{ALG_TDES_VALUE, 128, key_TDES128, 8, sizeof(dataIn_TDES128), dataIn_TDES128,
{dataOut_TDES128_CTR, dataOut_TDES128_OFB, dataOut_TDES128_CBC,
dataOut_TDES128_CFB, dataOut_TDES128_ECB}}
COMMA
{ALG_TDES_VALUE, 128, key_TDES128, 8, sizeof(dataInShort_TDES128), dataInShort_TDES128,
{NULL, dataOutShort_TDES128_OFB, NULL,
dataOutShort_TDES128_CFB, NULL}}
#endif
#if TDES_192
COMMA
{ALG_TDES_VALUE, 192, key_TDES192, 8, sizeof(dataIn_TDES192), dataIn_TDES192,
{dataOut_TDES192_CTR, dataOut_TDES192_OFB, dataOut_TDES192_CBC,
dataOut_TDES192_CFB, dataOut_TDES192_ECB}}
COMMA
{ALG_TDES_VALUE, 192, key_TDES192, 8, sizeof(dataInShort_TDES192), dataInShort_TDES192,
{NULL, dataOutShort_TDES192_OFB, NULL,
dataOutShort_TDES192_CFB, NULL}}
#endif
// libtpms added end
};
#undef COMMA

18
src/tpm2/SymmetricTestData.h
View File

@ -177,6 +177,7 @@ const BYTE dataOut_AES256_CTR [] = {
0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a,
0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5};
#endif
// libtpms added begin
#if TDES_128
const BYTE key_TDES128 [] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
@ -213,6 +214,14 @@ const BYTE dataOut_TDES128_CTR [] = {
0xe8, 0x07, 0xf9, 0x7a, 0x96, 0xf9, 0x6a, 0x87,
0x19, 0x22, 0x3f, 0x9d, 0x9e, 0x92, 0xc4, 0x25,
0x4a, 0x31, 0x6d, 0x3c, 0x35, 0xa6, 0x3a, 0x03};
const BYTE dataInShort_TDES128 [] = {
0x31, 0x32, 0x33, 0x34, 0x35};
// CBC and ECB need multiple of blocksize input
const BYTE dataOutShort_TDES128_CFB[] = {
0xc6, 0x14, 0x02, 0x44, 0x76};
const BYTE dataOutShort_TDES128_OFB[] = {
0xc6, 0x14, 0x02, 0x44, 0x76};
#endif
#if TDES_192
const BYTE key_TDES192 [] = {
@ -251,6 +260,15 @@ const BYTE dataOut_TDES192_CTR [] = {
0x58, 0x49, 0x76, 0xe5, 0x80, 0xbd, 0x49, 0x45,
0x64, 0x3a, 0xe4, 0x42, 0xfe, 0x4c, 0x25, 0xd4,
0x79, 0x74, 0xf0, 0xe6, 0x0b, 0x3d, 0x20, 0xac};
const BYTE dataInShort_TDES192 [] = {
0x31, 0x32, 0x33, 0x34, 0x35};
// CBC and ECB need multiple of blocksize input
const BYTE dataOutShort_TDES192_CFB[] = {
0xd3, 0xf3, 0x36, 0x3a, 0x4d};
const BYTE dataOutShort_TDES192_OFB[] = {
0xd3, 0xf3, 0x36, 0x3a, 0x4d};
#endif
// libtpms added end
#endif

146
src/tpm2/gensymtestsdata.sh
View File

@ -1,71 +1,101 @@
#!/bin/bash
function do_aes() {
local data="$1"
local osslflag="$2"
for keysize in 128 192 256; do
tmp=AES_KEY_${keysize}
key=$(eval echo \$$tmp)
for mode in ecb cbc cfb ofb ctr; do
cipher="aes-${keysize}-${mode}"
bs=$((128 / 8))
iv=""
ivparm=""
case $mode in
ecb)
;;
ctr)
v=255
for ((c=0; c < bs; c++)); do
iv="$(printf "%02x" $v)${iv}"
v=$((v - 1))
done
ivparm="-iv ${iv}"
;;
*)
for ((c=0; c < bs; c++)); do
iv="${iv}$(printf "%02x" $c)"
done
ivparm="-iv ${iv}"
;;
esac
echo -n "$cipher: "
openssl enc -e -K "${key}" ${ivparm} -${cipher} -in <(echo -en "$data") ${osslflag} | \
od -t x1 -w128 -An | \
sed -n 's/ \([a-f0-9]\{2\}\)/ 0x\1/pg'
done
done
}
function do_tdes() {
local data="$1"
local osslflag="$2"
for keysize in 128 192; do
tmp=TDES_KEY_${keysize}
key=$(eval echo \$$tmp)
for mode in ecb cbc cfb ofb; do
cipher="des-ede3-${mode}"
iv=""
ivparm=""
bs=8
case $mode in
ecb)
;;
*)
for ((c=0; c < bs; c++)); do
iv="${iv}$(printf "%02x" $c)"
done
ivparm="-iv ${iv}"
;;
esac
echo -n "$cipher [${keysize}]: "
case $mode in
ecb|cbc)
if [[ "${osslflag}" =~ "nopad" ]]; then
echo " Not supported without padding to blocksize"
continue
fi
;;
esac
openssl enc -e -K "${key}" ${ivparm} -${cipher} -in <(echo -en "$data") ${osslflag} | \
od -t x1 -w128 -An | \
sed -n 's/ \([a-f0-9]\{2\}\)/ 0x\1/pg'
done
done
}
AES_KEY_128='2b7e151628aed2a6abf7158809cf4f3c'
AES_KEY_192='8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b'
AES_KEY_256='603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4'
AES_DATA_IN='\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51'
echo -en "$AES_DATA_IN" >/tmp/data
for keysize in 128 192 256; do
tmp=AES_KEY_${keysize}
key=$(eval echo \$$tmp)
for mode in ecb cbc cfb ofb ctr; do
cipher="aes-${keysize}-${mode}"
bs=$((128 / 8))
iv=""
ivparm=""
case $mode in
ecb)
;;
ctr)
v=255
for ((c=0; c < bs; c++)); do
iv="$(printf "%02x" $v)${iv}"
v=$((v - 1))
done
ivparm="-iv ${iv}"
;;
*)
for ((c=0; c < bs; c++)); do
iv="${iv}$(printf "%02x" $c)"
done
ivparm="-iv ${iv}"
;;
esac
echo -n "$cipher: "
openssl enc -e -K "${key}" ${ivparm} -${cipher} -in <(echo -en "$AES_DATA_IN") | \
od -t x1 -w128 -An | \
sed -n 's/ \([a-f0-9]\{2\}\)/ 0x\1/pg'
done
done
echo "----- AES -----"
do_aes "${AES_DATA_IN}" ""
echo "---------------"
# We need to extend the 128 bit key to be 192 bit key otherwise 3rd schedule is all zeroes
TDES_KEY_128=${AES_KEY_128}${AES_KEY_128:0:16}
TDES_KEY_192=${AES_KEY_192}
TDES_DATA_IN=${AES_DATA_IN}
for keysize in 128 192; do
tmp=TDES_KEY_${keysize}
key=$(eval echo \$$tmp)
for mode in ecb cbc cfb ofb; do
cipher="des-ede3-${mode}"
iv=""
ivparm=""
bs=8
case $mode in
ecb)
;;
*)
for ((c=0; c < bs; c++)); do
iv="${iv}$(printf "%02x" $c)"
done
ivparm="-iv ${iv}"
;;
esac
echo -n "$cipher [${keysize}]: "
openssl enc -e -K "${key}" ${ivparm} -${cipher} -in <(echo -en "$TDES_DATA_IN") | \
od -t x1 -w128 -An | \
sed -n 's/ \([a-f0-9]\{2\}\)/ 0x\1/pg'
done
done
echo "----- TDES -----"
do_tdes "${TDES_DATA_IN}" ""
echo "----------------"
echo "---- TDES (short input) -----"
do_tdes "\x31\x32\x33\x34\x35" "-nopad"
echo "----------------"