1/** @file 2 Application for Block Cipher Primitives Validation. 3 4Copyright (c) 2010, Intel Corporation. All rights reserved.<BR> 5This program and the accompanying materials 6are licensed and made available under the terms and conditions of the BSD License 7which accompanies this distribution. The full text of the license may be found at 8http://opensource.org/licenses/bsd-license.php 9 10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 12 13**/ 14 15#include "Cryptest.h" 16 17// 18// TDES test vectors are extracted from OpenSSL 0.9.8l, crypto\des\destest.c 19// 20GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbData[] = { 21 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 22 }; 23 24GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbKey[] = { 25 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 26 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 27 }; 28 29GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcbCipher[] = { 30 0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7, 31 }; 32 33GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesEcb2Cipher[] = { 34 0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E, 35 }; 36 37GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbcData[] = { 38 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, 39 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, 40 0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20 41 }; 42 43GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbcKey[] = { 44 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 45 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86, 46 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 47 }; 48 49GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TdesCbcIvec[] = { 50 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 51 }; 52 53GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 TdesCbc3Cipher[] = { 54 0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0, 55 0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC, 56 0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4 57 }; 58 59// 60// AES test vectors are from NIST KAT of AES 61// 62GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbData[] = { 63 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 64 }; 65 66GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbKey[] = { 67 0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3, 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59 68 }; 69 70GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128EcbCipher[] = { 71 0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0, 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65 72 }; 73 74GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbData[] = { 75 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 76 }; 77 78GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbKey[] = { 79 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 80 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff 81 }; 82 83GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes192EcbCipher[] = { 84 0xdd, 0x8a, 0x49, 0x35, 0x14, 0x23, 0x1c, 0xbf, 0x56, 0xec, 0xce, 0xe4, 0xc4, 0x08, 0x89, 0xfb 85 }; 86 87GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbData[] = { 88 0x01, 0x47, 0x30, 0xf8, 0x0a, 0xc6, 0x25, 0xfe, 0x84, 0xf0, 0x26, 0xc6, 0x0b, 0xfd, 0x54, 0x7d 89 }; 90 91GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbKey[] = { 92 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 93 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 94 }; 95 96GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes256EcbCipher[] = { 97 0x5c, 0x9d, 0x84, 0x4e, 0xd4, 0x6f, 0x98, 0x85, 0x08, 0x5e, 0x5d, 0x6a, 0x4f, 0x94, 0xc7, 0xd7 98 }; 99 100GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcData[] = { 101 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 102 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f 103 }; 104 105GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcKey[] = { 106 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a 107 }; 108 109GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcIvec[] = { 110 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28, 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58 111 }; 112 113GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Aes128CbcCipher[] = { 114 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a, 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a, 115 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 116 }; 117 118// 119// ARC4 Test Vector defined in "Appendix A.1 Test Vectors from [CRYPTLIB]" of 120// IETF Draft draft-kaukonen-cipher-arcfour-03 ("A Stream Cipher Encryption Algorithm 'Arcfour'"). 121// 122GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Data[] = { 123 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 124 }; 125 126GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Key[] = { 127 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF 128 }; 129 130GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Cipher[] = { 131 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 132 }; 133 134/** 135 Validate UEFI-OpenSSL Block Ciphers (Symmetric Crypto) Interfaces. 136 137 @retval EFI_SUCCESS Validation succeeded. 138 @retval EFI_ABORTED Validation failed. 139 140**/ 141EFI_STATUS 142ValidateCryptBlockCipher ( 143 VOID 144 ) 145{ 146 UINTN CtxSize; 147 VOID *CipherCtx; 148 UINT8 Encrypt[256]; 149 UINT8 Decrypt[256]; 150 BOOLEAN Status; 151 152 Print (L"\nUEFI-OpenSSL Block Cipher Engine Testing: "); 153 154 CtxSize = TdesGetContextSize (); 155 CipherCtx = AllocatePool (CtxSize); 156 157 Print (L"\n- TDES Validation: "); 158 159 160 Print (L"ECB... "); 161 162 // 163 // TDES ECB Validation 164 // 165 ZeroMem (Encrypt, sizeof (Encrypt)); 166 ZeroMem (Decrypt, sizeof (Decrypt)); 167 168 Status = TdesInit (CipherCtx, TdesEcbKey, 64); 169 if (!Status) { 170 Print (L"[Fail]"); 171 return EFI_ABORTED; 172 } 173 174 Status = TdesEcbEncrypt (CipherCtx, TdesEcbData, 8, Encrypt); 175 if (!Status) { 176 Print (L"[Fail]"); 177 return EFI_ABORTED; 178 } 179 180 Status = TdesEcbDecrypt (CipherCtx, Encrypt, 8, Decrypt); 181 if (!Status) { 182 Print (L"[Fail]"); 183 return EFI_ABORTED; 184 } 185 186 if (CompareMem (Encrypt, TdesEcbCipher, 8) != 0) { 187 Print (L"[Fail]"); 188 return EFI_ABORTED; 189 } 190 191 if (CompareMem (Decrypt, TdesEcbData, 8) != 0) { 192 Print (L"[Fail]"); 193 return EFI_ABORTED; 194 } 195 196 Print (L"EDE2 ECB... "); 197 198 // 199 // TDES EDE2 ECB Validation 200 // 201 ZeroMem (Encrypt, sizeof (Encrypt)); 202 ZeroMem (Decrypt, sizeof (Decrypt)); 203 204 Status = TdesInit (CipherCtx, TdesEcbKey, 128); 205 if (!Status) { 206 Print (L"[Fail]"); 207 return EFI_ABORTED; 208 } 209 210 Status = TdesEcbEncrypt (CipherCtx, TdesEcbData, 8, Encrypt); 211 if (!Status) { 212 Print (L"[Fail]"); 213 return EFI_ABORTED; 214 } 215 216 Status = TdesEcbDecrypt (CipherCtx, Encrypt, 8, Decrypt); 217 if (!Status) { 218 Print (L"[Fail]"); 219 return EFI_ABORTED; 220 } 221 222 if (CompareMem (Encrypt, TdesEcb2Cipher, 8) != 0) { 223 Print (L"[Fail]"); 224 return EFI_ABORTED; 225 } 226 227 if (CompareMem (Decrypt, TdesEcbData, 8) != 0) { 228 Print (L"[Fail]"); 229 return EFI_ABORTED; 230 } 231 232 Print (L"EDE3 CBC... "); 233 234 // 235 // TDES EDE3 CBC Validation 236 // 237 ZeroMem (Encrypt, 256); 238 ZeroMem (Decrypt, 256); 239 240 Status = TdesInit (CipherCtx, TdesCbcKey, 192); 241 if (!Status) { 242 Print (L"[Fail]"); 243 return EFI_ABORTED; 244 } 245 246 Status = TdesCbcEncrypt (CipherCtx, TdesCbcData, sizeof (TdesCbcData), TdesCbcIvec, Encrypt); 247 if (!Status) { 248 Print (L"[Fail]"); 249 return EFI_ABORTED; 250 } 251 252 Status = TdesCbcDecrypt (CipherCtx, Encrypt, sizeof (TdesCbcData), TdesCbcIvec, Decrypt); 253 if (!Status) { 254 Print (L"[Fail]"); 255 return EFI_ABORTED; 256 } 257 258 if (CompareMem (Encrypt, TdesCbc3Cipher, sizeof (TdesCbc3Cipher)) != 0) { 259 Print (L"[Fail]"); 260 return EFI_ABORTED; 261 } 262 263 if (CompareMem (Decrypt, TdesCbcData, sizeof (TdesCbcData)) != 0) { 264 Print (L"[Fail]"); 265 return EFI_ABORTED; 266 } 267 268 Print (L"[Pass]"); 269 270 FreePool (CipherCtx); 271 272 CtxSize = AesGetContextSize (); 273 CipherCtx = AllocatePool (CtxSize); 274 275 Print (L"\n- AES Validation: "); 276 277 Print (L"ECB-128... "); 278 279 // 280 // AES-128 ECB Validation 281 // 282 ZeroMem (Encrypt, sizeof (Encrypt)); 283 ZeroMem (Decrypt, sizeof (Decrypt)); 284 285 Status = AesInit (CipherCtx, Aes128EcbKey, 128); 286 if (!Status) { 287 Print (L"[Fail]"); 288 return EFI_ABORTED; 289 } 290 291 Status = AesEcbEncrypt (CipherCtx, Aes128EcbData, sizeof (Aes128EcbData), Encrypt); 292 if (!Status) { 293 Print (L"[Fail]"); 294 return EFI_ABORTED; 295 } 296 297 Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes128EcbData), Decrypt); 298 if (!Status) { 299 Print (L"[Fail]"); 300 return EFI_ABORTED; 301 } 302 303 if (CompareMem (Encrypt, Aes128EcbCipher, sizeof (Aes128EcbCipher)) != 0) { 304 Print (L"[Fail]"); 305 return EFI_ABORTED; 306 } 307 308 if (CompareMem (Decrypt, Aes128EcbData, sizeof (Aes128EcbData)) != 0) { 309 Print (L"[Fail]"); 310 return EFI_ABORTED; 311 } 312 313 Print (L"ECB-192... "); 314 315 // 316 // AES-192 ECB Validation 317 // 318 ZeroMem (Encrypt, sizeof (Encrypt)); 319 ZeroMem (Decrypt, sizeof (Decrypt)); 320 321 Status = AesInit (CipherCtx, Aes192EcbKey, 192); 322 if (!Status) { 323 Print (L"[Fail]"); 324 return EFI_ABORTED; 325 } 326 327 Status = AesEcbEncrypt (CipherCtx, Aes192EcbData, sizeof (Aes192EcbData), Encrypt); 328 if (!Status) { 329 Print (L"[Fail]"); 330 return EFI_ABORTED; 331 } 332 333 Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes192EcbData), Decrypt); 334 if (!Status) { 335 Print (L"[Fail]"); 336 return EFI_ABORTED; 337 } 338 339 if (CompareMem (Encrypt, Aes192EcbCipher, sizeof (Aes192EcbCipher)) != 0) { 340 Print (L"[Fail]"); 341 return EFI_ABORTED; 342 } 343 344 if (CompareMem (Decrypt, Aes192EcbData, sizeof (Aes192EcbData)) != 0) { 345 Print (L"[Fail]"); 346 return EFI_ABORTED; 347 } 348 349 Print (L"ECB-256... "); 350 351 // 352 // AES-256 ECB Validation 353 // 354 ZeroMem (Encrypt, sizeof (Encrypt)); 355 ZeroMem (Decrypt, sizeof (Decrypt)); 356 357 Status = AesInit (CipherCtx, Aes256EcbKey, 256); 358 if (!Status) { 359 Print (L"[Fail]"); 360 return EFI_ABORTED; 361 } 362 363 Status = AesEcbEncrypt (CipherCtx, Aes256EcbData, sizeof (Aes256EcbData), Encrypt); 364 if (!Status) { 365 Print (L"[Fail]"); 366 return EFI_ABORTED; 367 } 368 369 Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes256EcbData), Decrypt); 370 if (!Status) { 371 Print (L"[Fail]"); 372 return EFI_ABORTED; 373 } 374 375 if (CompareMem (Encrypt, Aes256EcbCipher, sizeof (Aes256EcbCipher)) != 0) { 376 Print (L"[Fail]"); 377 return EFI_ABORTED; 378 } 379 380 if (CompareMem (Decrypt, Aes256EcbData, sizeof (Aes256EcbData)) != 0) { 381 Print (L"[Fail]"); 382 return EFI_ABORTED; 383 } 384 385 Print (L"CBC-128... "); 386 387 // 388 // AES-128 CBC Validation 389 // 390 ZeroMem (Encrypt, sizeof (Encrypt)); 391 ZeroMem (Decrypt, sizeof (Decrypt)); 392 393 Status = AesInit (CipherCtx, Aes128CbcKey, 128); 394 if (!Status) { 395 Print (L"[Fail]"); 396 return EFI_ABORTED; 397 } 398 399 Status = AesCbcEncrypt (CipherCtx, Aes128CbcData, sizeof (Aes128CbcData), Aes128CbcIvec, Encrypt); 400 if (!Status) { 401 Print (L"[Fail]"); 402 return EFI_ABORTED; 403 } 404 405 Status = AesCbcDecrypt (CipherCtx, Encrypt, sizeof (Aes128CbcData), Aes128CbcIvec, Decrypt); 406 if (!Status) { 407 Print (L"[Fail]"); 408 return EFI_ABORTED; 409 } 410 411 if (CompareMem (Encrypt, Aes128CbcCipher, sizeof (Aes128CbcCipher)) != 0) { 412 Print (L"[Fail]"); 413 return EFI_ABORTED; 414 } 415 416 if (CompareMem (Decrypt, Aes128CbcData, sizeof (Aes128CbcData)) != 0) { 417 Print (L"[Fail]"); 418 return EFI_ABORTED; 419 } 420 421 Print (L"[Pass]"); 422 423 Print (L"\n- ARC4 Validation: "); 424 425 // 426 // ARC4 Validation 427 // 428 CtxSize = Arc4GetContextSize (); 429 CipherCtx = AllocatePool (CtxSize); 430 431 ZeroMem (Encrypt, sizeof (Encrypt)); 432 ZeroMem (Decrypt, sizeof (Decrypt)); 433 434 Status = Arc4Init (CipherCtx, Arc4Key, sizeof (Arc4Key)); 435 if (!Status) { 436 Print (L"[Fail]"); 437 return EFI_ABORTED; 438 } 439 440 Status = Arc4Encrypt (CipherCtx, Arc4Data, sizeof (Arc4Data), Encrypt); 441 if (!Status) { 442 Print (L"[Fail]"); 443 return EFI_ABORTED; 444 } 445 446 Status = Arc4Reset (CipherCtx); 447 if (!Status) { 448 Print (L"[Fail]"); 449 return EFI_ABORTED; 450 } 451 452 Status = Arc4Decrypt (CipherCtx, Encrypt, sizeof (Arc4Data), Decrypt); 453 if (!Status) { 454 Print (L"[Fail]"); 455 return EFI_ABORTED; 456 } 457 458 if (CompareMem (Encrypt, Arc4Cipher, sizeof (Arc4Cipher)) != 0) { 459 Print (L"[Fail]"); 460 return EFI_ABORTED; 461 } 462 463 if (CompareMem (Decrypt, Arc4Data, sizeof (Arc4Data)) != 0) { 464 Print (L"[Fail]"); 465 return EFI_ABORTED; 466 } 467 468 Print (L"[Pass]"); 469 470 Print (L"\n"); 471 472 return EFI_SUCCESS; 473} 474