1 /** @file
2 Application for Block Cipher Primitives Validation.
3
4 Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "Cryptest.h"
16
17 //
18 // TDES test vectors are extracted from OpenSSL 0.9.8l, crypto\des\destest.c
19 //
20 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbData[] = {
21 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
22 };
23
24 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbKey[] = {
25 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
26 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
27 };
28
29 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbCipher[] = {
30 0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7,
31 };
32
33 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcb2Cipher[] = {
34 0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E,
35 };
36
37 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbcData[] = {
38 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20,
39 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
40 0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20
41 };
42
43 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbcKey[] = {
44 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
45 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86,
46 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
47 };
48
49 GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TdesCbcIvec[] = {
50 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
51 };
52
53 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbc3Cipher[] = {
54 0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0,
55 0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC,
56 0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4
57 };
58
59 //
60 // AES test vectors are from NIST KAT of AES
61 //
62 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbData[] = {
63 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
64 };
65
66 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbKey[] = {
67 0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3, 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59
68 };
69
70 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbCipher[] = {
71 0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0, 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65
72 };
73
74 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbData[] = {
75 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
76 };
77
78 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbKey[] = {
79 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
80 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
81 };
82
83 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbCipher[] = {
84 0xdd, 0x8a, 0x49, 0x35, 0x14, 0x23, 0x1c, 0xbf, 0x56, 0xec, 0xce, 0xe4, 0xc4, 0x08, 0x89, 0xfb
85 };
86
87 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbData[] = {
88 0x01, 0x47, 0x30, 0xf8, 0x0a, 0xc6, 0x25, 0xfe, 0x84, 0xf0, 0x26, 0xc6, 0x0b, 0xfd, 0x54, 0x7d
89 };
90
91 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbKey[] = {
92 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
93 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
94 };
95
96 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbCipher[] = {
97 0x5c, 0x9d, 0x84, 0x4e, 0xd4, 0x6f, 0x98, 0x85, 0x08, 0x5e, 0x5d, 0x6a, 0x4f, 0x94, 0xc7, 0xd7
98 };
99
100 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcData[] = {
101 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
102 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
103 };
104
105 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcKey[] = {
106 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a
107 };
108
109 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcIvec[] = {
110 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28, 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58
111 };
112
113 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcCipher[] = {
114 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a, 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a,
115 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1
116 };
117
118 //
119 // ARC4 Test Vector defined in "Appendix A.1 Test Vectors from [CRYPTLIB]" of
120 // IETF Draft draft-kaukonen-cipher-arcfour-03 ("A Stream Cipher Encryption Algorithm 'Arcfour'").
121 //
122 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Data[] = {
123 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
124 };
125
126 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Key[] = {
127 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF
128 };
129
130 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Cipher[] = {
131 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79
132 };
133
134 /**
135 Validate UEFI-OpenSSL Block Ciphers (Symmetric Crypto) Interfaces.
136
137 @retval EFI_SUCCESS Validation succeeded.
138 @retval EFI_ABORTED Validation failed.
139
140 **/
141 EFI_STATUS
ValidateCryptBlockCipher(VOID)142 ValidateCryptBlockCipher (
143 VOID
144 )
145 {
146 UINTN CtxSize;
147 VOID *CipherCtx;
148 UINT8 Encrypt[256];
149 UINT8 Decrypt[256];
150 BOOLEAN Status;
151
152 Print (L"\nUEFI-OpenSSL Block Cipher Engine Testing: ");
153
154 CtxSize = TdesGetContextSize ();
155 CipherCtx = AllocatePool (CtxSize);
156
157 Print (L"\n- TDES Validation: ");
158
159
160 Print (L"ECB... ");
161
162 //
163 // TDES ECB Validation
164 //
165 ZeroMem (Encrypt, sizeof (Encrypt));
166 ZeroMem (Decrypt, sizeof (Decrypt));
167
168 Status = TdesInit (CipherCtx, TdesEcbKey, 64);
169 if (!Status) {
170 Print (L"[Fail]");
171 return EFI_ABORTED;
172 }
173
174 Status = TdesEcbEncrypt (CipherCtx, TdesEcbData, 8, Encrypt);
175 if (!Status) {
176 Print (L"[Fail]");
177 return EFI_ABORTED;
178 }
179
180 Status = TdesEcbDecrypt (CipherCtx, Encrypt, 8, Decrypt);
181 if (!Status) {
182 Print (L"[Fail]");
183 return EFI_ABORTED;
184 }
185
186 if (CompareMem (Encrypt, TdesEcbCipher, 8) != 0) {
187 Print (L"[Fail]");
188 return EFI_ABORTED;
189 }
190
191 if (CompareMem (Decrypt, TdesEcbData, 8) != 0) {
192 Print (L"[Fail]");
193 return EFI_ABORTED;
194 }
195
196 Print (L"EDE2 ECB... ");
197
198 //
199 // TDES EDE2 ECB Validation
200 //
201 ZeroMem (Encrypt, sizeof (Encrypt));
202 ZeroMem (Decrypt, sizeof (Decrypt));
203
204 Status = TdesInit (CipherCtx, TdesEcbKey, 128);
205 if (!Status) {
206 Print (L"[Fail]");
207 return EFI_ABORTED;
208 }
209
210 Status = TdesEcbEncrypt (CipherCtx, TdesEcbData, 8, Encrypt);
211 if (!Status) {
212 Print (L"[Fail]");
213 return EFI_ABORTED;
214 }
215
216 Status = TdesEcbDecrypt (CipherCtx, Encrypt, 8, Decrypt);
217 if (!Status) {
218 Print (L"[Fail]");
219 return EFI_ABORTED;
220 }
221
222 if (CompareMem (Encrypt, TdesEcb2Cipher, 8) != 0) {
223 Print (L"[Fail]");
224 return EFI_ABORTED;
225 }
226
227 if (CompareMem (Decrypt, TdesEcbData, 8) != 0) {
228 Print (L"[Fail]");
229 return EFI_ABORTED;
230 }
231
232 Print (L"EDE3 CBC... ");
233
234 //
235 // TDES EDE3 CBC Validation
236 //
237 ZeroMem (Encrypt, 256);
238 ZeroMem (Decrypt, 256);
239
240 Status = TdesInit (CipherCtx, TdesCbcKey, 192);
241 if (!Status) {
242 Print (L"[Fail]");
243 return EFI_ABORTED;
244 }
245
246 Status = TdesCbcEncrypt (CipherCtx, TdesCbcData, sizeof (TdesCbcData), TdesCbcIvec, Encrypt);
247 if (!Status) {
248 Print (L"[Fail]");
249 return EFI_ABORTED;
250 }
251
252 Status = TdesCbcDecrypt (CipherCtx, Encrypt, sizeof (TdesCbcData), TdesCbcIvec, Decrypt);
253 if (!Status) {
254 Print (L"[Fail]");
255 return EFI_ABORTED;
256 }
257
258 if (CompareMem (Encrypt, TdesCbc3Cipher, sizeof (TdesCbc3Cipher)) != 0) {
259 Print (L"[Fail]");
260 return EFI_ABORTED;
261 }
262
263 if (CompareMem (Decrypt, TdesCbcData, sizeof (TdesCbcData)) != 0) {
264 Print (L"[Fail]");
265 return EFI_ABORTED;
266 }
267
268 Print (L"[Pass]");
269
270 FreePool (CipherCtx);
271
272 CtxSize = AesGetContextSize ();
273 CipherCtx = AllocatePool (CtxSize);
274
275 Print (L"\n- AES Validation: ");
276
277 Print (L"ECB-128... ");
278
279 //
280 // AES-128 ECB Validation
281 //
282 ZeroMem (Encrypt, sizeof (Encrypt));
283 ZeroMem (Decrypt, sizeof (Decrypt));
284
285 Status = AesInit (CipherCtx, Aes128EcbKey, 128);
286 if (!Status) {
287 Print (L"[Fail]");
288 return EFI_ABORTED;
289 }
290
291 Status = AesEcbEncrypt (CipherCtx, Aes128EcbData, sizeof (Aes128EcbData), Encrypt);
292 if (!Status) {
293 Print (L"[Fail]");
294 return EFI_ABORTED;
295 }
296
297 Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes128EcbData), Decrypt);
298 if (!Status) {
299 Print (L"[Fail]");
300 return EFI_ABORTED;
301 }
302
303 if (CompareMem (Encrypt, Aes128EcbCipher, sizeof (Aes128EcbCipher)) != 0) {
304 Print (L"[Fail]");
305 return EFI_ABORTED;
306 }
307
308 if (CompareMem (Decrypt, Aes128EcbData, sizeof (Aes128EcbData)) != 0) {
309 Print (L"[Fail]");
310 return EFI_ABORTED;
311 }
312
313 Print (L"ECB-192... ");
314
315 //
316 // AES-192 ECB Validation
317 //
318 ZeroMem (Encrypt, sizeof (Encrypt));
319 ZeroMem (Decrypt, sizeof (Decrypt));
320
321 Status = AesInit (CipherCtx, Aes192EcbKey, 192);
322 if (!Status) {
323 Print (L"[Fail]");
324 return EFI_ABORTED;
325 }
326
327 Status = AesEcbEncrypt (CipherCtx, Aes192EcbData, sizeof (Aes192EcbData), Encrypt);
328 if (!Status) {
329 Print (L"[Fail]");
330 return EFI_ABORTED;
331 }
332
333 Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes192EcbData), Decrypt);
334 if (!Status) {
335 Print (L"[Fail]");
336 return EFI_ABORTED;
337 }
338
339 if (CompareMem (Encrypt, Aes192EcbCipher, sizeof (Aes192EcbCipher)) != 0) {
340 Print (L"[Fail]");
341 return EFI_ABORTED;
342 }
343
344 if (CompareMem (Decrypt, Aes192EcbData, sizeof (Aes192EcbData)) != 0) {
345 Print (L"[Fail]");
346 return EFI_ABORTED;
347 }
348
349 Print (L"ECB-256... ");
350
351 //
352 // AES-256 ECB Validation
353 //
354 ZeroMem (Encrypt, sizeof (Encrypt));
355 ZeroMem (Decrypt, sizeof (Decrypt));
356
357 Status = AesInit (CipherCtx, Aes256EcbKey, 256);
358 if (!Status) {
359 Print (L"[Fail]");
360 return EFI_ABORTED;
361 }
362
363 Status = AesEcbEncrypt (CipherCtx, Aes256EcbData, sizeof (Aes256EcbData), Encrypt);
364 if (!Status) {
365 Print (L"[Fail]");
366 return EFI_ABORTED;
367 }
368
369 Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes256EcbData), Decrypt);
370 if (!Status) {
371 Print (L"[Fail]");
372 return EFI_ABORTED;
373 }
374
375 if (CompareMem (Encrypt, Aes256EcbCipher, sizeof (Aes256EcbCipher)) != 0) {
376 Print (L"[Fail]");
377 return EFI_ABORTED;
378 }
379
380 if (CompareMem (Decrypt, Aes256EcbData, sizeof (Aes256EcbData)) != 0) {
381 Print (L"[Fail]");
382 return EFI_ABORTED;
383 }
384
385 Print (L"CBC-128... ");
386
387 //
388 // AES-128 CBC Validation
389 //
390 ZeroMem (Encrypt, sizeof (Encrypt));
391 ZeroMem (Decrypt, sizeof (Decrypt));
392
393 Status = AesInit (CipherCtx, Aes128CbcKey, 128);
394 if (!Status) {
395 Print (L"[Fail]");
396 return EFI_ABORTED;
397 }
398
399 Status = AesCbcEncrypt (CipherCtx, Aes128CbcData, sizeof (Aes128CbcData), Aes128CbcIvec, Encrypt);
400 if (!Status) {
401 Print (L"[Fail]");
402 return EFI_ABORTED;
403 }
404
405 Status = AesCbcDecrypt (CipherCtx, Encrypt, sizeof (Aes128CbcData), Aes128CbcIvec, Decrypt);
406 if (!Status) {
407 Print (L"[Fail]");
408 return EFI_ABORTED;
409 }
410
411 if (CompareMem (Encrypt, Aes128CbcCipher, sizeof (Aes128CbcCipher)) != 0) {
412 Print (L"[Fail]");
413 return EFI_ABORTED;
414 }
415
416 if (CompareMem (Decrypt, Aes128CbcData, sizeof (Aes128CbcData)) != 0) {
417 Print (L"[Fail]");
418 return EFI_ABORTED;
419 }
420
421 Print (L"[Pass]");
422
423 Print (L"\n- ARC4 Validation: ");
424
425 //
426 // ARC4 Validation
427 //
428 CtxSize = Arc4GetContextSize ();
429 CipherCtx = AllocatePool (CtxSize);
430
431 ZeroMem (Encrypt, sizeof (Encrypt));
432 ZeroMem (Decrypt, sizeof (Decrypt));
433
434 Status = Arc4Init (CipherCtx, Arc4Key, sizeof (Arc4Key));
435 if (!Status) {
436 Print (L"[Fail]");
437 return EFI_ABORTED;
438 }
439
440 Status = Arc4Encrypt (CipherCtx, Arc4Data, sizeof (Arc4Data), Encrypt);
441 if (!Status) {
442 Print (L"[Fail]");
443 return EFI_ABORTED;
444 }
445
446 Status = Arc4Reset (CipherCtx);
447 if (!Status) {
448 Print (L"[Fail]");
449 return EFI_ABORTED;
450 }
451
452 Status = Arc4Decrypt (CipherCtx, Encrypt, sizeof (Arc4Data), Decrypt);
453 if (!Status) {
454 Print (L"[Fail]");
455 return EFI_ABORTED;
456 }
457
458 if (CompareMem (Encrypt, Arc4Cipher, sizeof (Arc4Cipher)) != 0) {
459 Print (L"[Fail]");
460 return EFI_ABORTED;
461 }
462
463 if (CompareMem (Decrypt, Arc4Data, sizeof (Arc4Data)) != 0) {
464 Print (L"[Fail]");
465 return EFI_ABORTED;
466 }
467
468 Print (L"[Pass]");
469
470 Print (L"\n");
471
472 return EFI_SUCCESS;
473 }
474