xref: /illumos-gate/usr/src/test/crypto-tests/tests/modes/aes/gmac/aes_gmac_enc.c (revision 5c277ab3267e7c6f448aefd8628b381dfc90b565) 
1 /*
2  * This file and its contents are supplied under the terms of the
3  * Common Development and Distribution License ("CDDL"), version 1.0.
4  * You may only use this file in accordance with the terms of version
5  * 1.0 of the CDDL.
6  *
7  * A full copy of the text of the CDDL should have accompanied this
8  * source.  A copy of the CDDL is also available via the Internet at
9  * http://www.illumos.org/license/CDDL.
10  */
11 
12 /*
13  * Copyright 2023-2026 RackTop Systems, Inc.
14  */
15 
16 /*
17  * Verify correct hash computations using the ENCR function group.
18  * See ENCR_FG in cryptotest.h, cryptotest_mac_fg in testfuncs.c
19  * (and a DECR_FG test case)
20  *
21  * CKM_AES_GMAC supports both MAC and encrypt/decrypt functions.
22  * This is similar to aes_gmac.c with ENCR_FG in place of MAC_FG
23  * to tests AES_GMAC with C_EncryptInit, C_Encrypt, etc.
24  */
25 
26 #include <aes/aes_impl.h>
27 #include <strings.h>
28 #include <stdio.h>
29 #include "cryptotest.h"
30 #include "aes_gmac.h"
31 
32 /*
33  * Size of param (in 8-byte chunks for alignment) large enough for both
34  * CK_GCM_PARAMS and CK_AES_GMAC_PARAMS.
35  */
36 #define	PARAM_SIZE_64 8
37 
38 static size_t updatelens[] = {
39 	1, AES_BLOCK_LEN, AES_BLOCK_LEN + 1, 2*AES_BLOCK_LEN,
40 	CTEST_UPDATELEN_WHOLE, CTEST_UPDATELEN_END
41 };
42 
43 /* Settable (eg. set to 1 for debugging) */
44 int ndata = sizeof (DATA) / sizeof (DATA[0]);
45 
46 int
main(void)47 main(void)
48 {
49 	int errs = 0;
50 	int i, j;
51 	uint8_t N[1024];
52 	uint64_t param[PARAM_SIZE_64];
53 
54 	cryptotest_t args = {
55 		.out = N,
56 		.outlen = sizeof (N),
57 		.mechname = SUN_CKM_AES_GMAC,
58 		.updatelens = updatelens
59 	};
60 
61 	(void) fprintf(stderr, "\t\t\t=== encrypt ===\n----------\n\n");
62 
63 	(void) fprintf(stderr, "\t\t\t=== all input ===\n----------\n\n");
64 	for (i = 0; i < ndata; i++) {
65 		args.in = DATA[i];
66 		args.key = KEY[i];
67 
68 		args.inlen = DATALEN[i];
69 		args.keylen = KEYLEN[i];
70 
71 		bzero(param, sizeof (param));
72 		args.param = param;
73 		args.plen = gmac_param_len();
74 		gmac_init_params(param, IV[i], NULL, 0);
75 
76 		errs += run_test(&args, RES[i], RESLEN[i], ENCR_FG);
77 		(void) fprintf(stderr, "----------\n");
78 	}
79 
80 	(void) fprintf(stderr, "\t\t\t=== all AAD ===\n----------\n\n");
81 	if (cryptotest_pkcs) {
82 		/* PKCS does not support passing AAD */
83 		(void) fprintf(stderr, "(skip on PKCS)\n");
84 		j = 0;
85 	} else {
86 		j = ndata;
87 	}
88 	for (i = 0; i < j; i++) {
89 		args.in = NULL;
90 		args.key = KEY[i];
91 
92 		args.inlen = 0;
93 		args.keylen = KEYLEN[i];
94 
95 		bzero(param, sizeof (param));
96 		args.param = param;
97 		args.plen = gmac_param_len();
98 		gmac_init_params(param, IV[i], DATA[i], DATALEN[i]);
99 
100 		errs += run_test(&args, RES[i], RESLEN[i], ENCR_FG);
101 		(void) fprintf(stderr, "----------\n");
102 	}
103 
104 	(void) fprintf(stderr, "\t\t\t=== half AAD ===\n----------\n\n");
105 	if (cryptotest_pkcs) {
106 		(void) fprintf(stderr, "(skip on PKCS)\n");
107 		j = 0;
108 	} else {
109 		j = ndata;
110 	}
111 	for (i = 0; i < j; i++) {
112 		args.in = &DATA[i][DATALEN[i] / 2];
113 		args.key = KEY[i];
114 
115 		args.inlen = DATALEN[i] - DATALEN[i] / 2;
116 		args.keylen = KEYLEN[i];
117 
118 		bzero(param, sizeof (param));
119 		args.param = param;
120 		args.plen = gmac_param_len();
121 		gmac_init_params(param, IV[i], DATA[i], DATALEN[i] / 2);
122 
123 		errs += run_test(&args, RES[i], RESLEN[i], ENCR_FG);
124 		(void) fprintf(stderr, "----------\n");
125 	}
126 
127 	(void) fprintf(stderr, "\t\t\t=== 16-byte AAD ===\n----------\n\n");
128 	if (cryptotest_pkcs) {
129 		(void) fprintf(stderr, "(skip on PKCS)\n");
130 		j = 0;
131 	} else {
132 		j = ndata;
133 	}
134 	for (i = 0; i < j; i++) {
135 		if (DATALEN[i] <= 16) {
136 			(void) fprintf(stderr, "len < 16; skip\n----------\n");
137 			continue;
138 		}
139 
140 		args.in = &DATA[i][16];
141 		args.key = KEY[i];
142 
143 		args.inlen = DATALEN[i] - 16;
144 		args.keylen = KEYLEN[i];
145 
146 		bzero(param, sizeof (param));
147 		args.param = param;
148 		args.plen = gmac_param_len();
149 		gmac_init_params(param, IV[i], DATA[i], 16);
150 
151 		errs += run_test(&args, RES[i], RESLEN[i], ENCR_FG);
152 		(void) fprintf(stderr, "----------\n");
153 	}
154 
155 	(void) fprintf(stderr, "\t\t\t=== decrypt ===\n----------\n\n");
156 
157 	if (cryptotest_pkcs) {
158 		(void) fprintf(stderr, "(skip on PKCS)\n");
159 		j = 0;
160 	} else {
161 		j = ndata;
162 	}
163 	for (i = 0; i < j; i++) {
164 		args.in = RES[i];
165 		args.key = KEY[i];
166 
167 		args.inlen = RESLEN[i];
168 		args.keylen = KEYLEN[i];
169 
170 		bzero(param, sizeof (param));
171 		args.param = param;
172 		args.plen = gmac_param_len();
173 		gmac_init_params(param, IV[i], DATA[i], DATALEN[i]);
174 
175 		errs += run_test(&args, NULL, 0, DECR_FG);
176 		(void) fprintf(stderr, "----------\n");
177 	}
178 
179 	if (errs != 0) {
180 		(void) fprintf(stderr, "%d tests failed\n", errs);
181 		return (1);
182 	}
183 	(void) fprintf(stderr, "all tests pass\n");
184 
185 	return (0);
186 }
187