1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Crypto Component */
16 /** */
17 /** Crypto Self Test */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_CRYPTO_SOURCE_CODE
23
24
25 /* Include necessary system files. */
26 #include "nx_crypto_method_self_test.h"
27
28 #ifdef NX_CRYPTO_SELF_TEST
29
30 #define INPUT_OUTPUT_LENGTH (16)
31 /* 02CF1E1D9796AD3395D8126757B6FC7C705F082FB85270427760AC173759CE07 */
32 static const UCHAR key_cbc_256_encrypt[] = {
33 0x02, 0xCF, 0x1E, 0x1D, 0x97, 0x96, 0xAD, 0x33, 0x95, 0xD8, 0x12, 0x67, 0x57, 0xB6, 0xFC, 0x7C,
34 0x70, 0x5F, 0x08, 0x2F, 0xB8, 0x52, 0x70, 0x42, 0x77, 0x60, 0xAC, 0x17, 0x37, 0x59, 0xCE, 0x07,
35 };
36
37 /* BB35190002242F28FC79C01B89022604 */
38 static const UCHAR iv_cbc_256_encrypt[] = {
39 0xBB, 0x35, 0x19, 0x00, 0x02, 0x24, 0x2F, 0x28, 0xFC, 0x79, 0xC0, 0x1B, 0x89, 0x02, 0x26, 0x04,
40 };
41
42 /* 05D4EE7191E69A0AC7CBC1625258085D */
43 static const UCHAR plain_cbc_256_encrypt[] = {
44 0x05, 0xD4, 0xEE, 0x71, 0x91, 0xE6, 0x9A, 0x0A, 0xC7, 0xCB, 0xC1, 0x62, 0x52, 0x58, 0x08, 0x5D,
45 };
46
47 /* F65F0278E9F5D525F66DC5AFAD99F205 */
48 static const UCHAR secret_cbc_256_encrypt[] = {
49 0xF6, 0x5F, 0x02, 0x78, 0xE9, 0xF5, 0xD5, 0x25, 0xF6, 0x6D, 0xC5, 0xAF, 0xAD, 0x99, 0xF2, 0x05,
50 };
51
52 /* 6CB931425732CB1F813B2F3B648A13326942421EA6BAB74E6F774764AE85541D */
53 static UCHAR key_cbc_256_decrypt[] = {
54 0x6C, 0xB9, 0x31, 0x42, 0x57, 0x32, 0xCB, 0x1F, 0x81, 0x3B, 0x2F, 0x3B, 0x64, 0x8A, 0x13, 0x32,
55 0x69, 0x42, 0x42, 0x1E, 0xA6, 0xBA, 0xB7, 0x4E, 0x6F, 0x77, 0x47, 0x64, 0xAE, 0x85, 0x54, 0x1D,
56 };
57
58 /* CDA29622B5C38C785784EC74E6F8BA31 */
59 static UCHAR iv_cbc_256_decrypt[] = {
60 0xCD, 0xA2, 0x96, 0x22, 0xB5, 0xC3, 0x8C, 0x78, 0x57, 0x84, 0xEC, 0x74, 0xE6, 0xF8, 0xBA, 0x31,
61 };
62
63 /* F19B9D43CE897F2577D10C60C82E1E17 */
64 static UCHAR plain_cbc_256_decrypt[] = {
65 0xF1, 0x9B, 0x9D, 0x43, 0xCE, 0x89, 0x7F, 0x25, 0x77, 0xD1, 0x0C, 0x60, 0xC8, 0x2E, 0x1E, 0x17,
66 };
67
68 /* 3CBB285FB0244F551DEEF7C0DDBE5BFE */
69 static UCHAR secret_cbc_256_decrypt[] = {
70 0x3C, 0xBB, 0x28, 0x5F, 0xB0, 0x24, 0x4F, 0x55, 0x1D, 0xEE, 0xF7, 0xC0, 0xDD, 0xBE, 0x5B, 0xFE,
71 };
72
73 /*Note: For CTR, the key_ctr is the conjunction of key and nonce. */
74 /* D0E78C4D0B30D33F5BF4A132B2F94A4A38963511A3904B117E35A37B5AAC8A193BF0D158 */
75 static const UCHAR key_ctr_256_encrypt[] = {
76 0xD0, 0xE7, 0x8C, 0x4D, 0x0B, 0x30, 0xD3, 0x3F, 0x5B, 0xF4, 0xA1, 0x32, 0xB2, 0xF9, 0x4A, 0x4A,
77 0x38, 0x96, 0x35, 0x11, 0xA3, 0x90, 0x4B, 0x11, 0x7E, 0x35, 0xA3, 0x7B, 0x5A, 0xAC, 0x8A, 0x19,
78 0x3B, 0xF0, 0xD1, 0x58,
79 };
80
81 /* A1A31704C8B7E16C */
82 static const UCHAR iv_ctr_256_encrypt[] = {
83 0xA1, 0xA3, 0x17, 0x04, 0xC8, 0xB7, 0xE1, 0x6C,
84 };
85
86 /* 981FA33222C5451017530155A4BF7F29 */
87 static const UCHAR plain_ctr_256_encrypt[] = {
88 0x98, 0x1F, 0xA3, 0x32, 0x22, 0xC5, 0x45, 0x10, 0x17, 0x53, 0x01, 0x55, 0xA4, 0xBF, 0x7F, 0x29,
89 };
90
91 /* 643B91B4E541B20AAAEAB77F2D328566 */
92 static const UCHAR secret_ctr_256_encrypt[] = {
93 0x64, 0x3B, 0x91, 0xB4, 0xE5, 0x41, 0xB2, 0x0A, 0xAA, 0xEA, 0xB7, 0x7F, 0x2D, 0x32, 0x85, 0x66,
94 };
95
96 /* D1C30E262F0D457A4B1F9B0B5753084793C5A627776D41430B152E6D195CA276 */
97 static UCHAR key_ctr_256_decrypt[] = {
98 0xD1, 0xC3, 0x0E, 0x26, 0x2F, 0x0D, 0x45, 0x7A, 0x4B, 0x1F, 0x9B, 0x0B, 0x57, 0x53, 0x08, 0x47,
99 0x93, 0xC5, 0xA6, 0x27, 0x77, 0x6D, 0x41, 0x43, 0x0B, 0x15, 0x2E, 0x6D, 0x19, 0x5C, 0xA2, 0x76,
100 };
101
102 /* 65F42E5B2D9EEC75DEF7017500000001 */
103 static UCHAR iv_ctr_256_decrypt[] = {
104 0x65, 0xF4, 0x2E, 0x5B, 0x2D, 0x9E, 0xEC, 0x75, 0xDE, 0xF7, 0x01, 0x75, 0x00, 0x00, 0x00, 0x01,
105 };
106
107 /* F0D0D405C53C6B67200B485B6219BB22 */
108 static UCHAR plain_ctr_256_decrypt[] = {
109 0xF0, 0xD0, 0xD4, 0x05, 0xC5, 0x3C, 0x6B, 0x67, 0x20, 0x0B, 0x48, 0x5B, 0x62, 0x19, 0xBB, 0x22,
110 };
111
112 /* 8EF64BF7EAF4390BB42D3B3B5D3611D3 */
113 static UCHAR secret_ctr_256_decrypt[] = {
114 0x8E, 0xF6, 0x4B, 0xF7, 0xEA, 0xF4, 0x39, 0x0B, 0xB4, 0x2D, 0x3B, 0x3B, 0x5D, 0x36, 0x11, 0xD3,
115 };
116
117 static UCHAR output[INPUT_OUTPUT_LENGTH];
118
119 /**************************************************************************/
120 /* */
121 /* FUNCTION RELEASE */
122 /* */
123 /* nx_crypto_method_self_test_aes PORTABLE C */
124 /* 6.1.7 */
125 /* AUTHOR */
126 /* */
127 /* Timothy Stapko, Microsoft Corporation */
128 /* */
129 /* DESCRIPTION */
130 /* */
131 /* This function performs the Known Answer Test for AES crypto method. */
132 /* */
133 /* INPUT */
134 /* */
135 /* method_ptr Pointer to the crypto method */
136 /* to be tested. */
137 /* */
138 /* OUTPUT */
139 /* */
140 /* status Completion status */
141 /* */
142 /* CALLS */
143 /* */
144 /* None */
145 /* */
146 /* CALLED BY */
147 /* */
148 /* Application Code */
149 /* */
150 /* RELEASE HISTORY */
151 /* */
152 /* DATE NAME DESCRIPTION */
153 /* */
154 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
155 /* 09-30-2020 Timothy Stapko Modified comment(s), */
156 /* resulting in version 6.1 */
157 /* 06-02-2021 Bhupendra Naphade Modified comment(s), */
158 /* renamed FIPS symbol to */
159 /* self-test, */
160 /* resulting in version 6.1.7 */
161 /* */
162 /**************************************************************************/
_nx_crypto_method_self_test_aes(NX_CRYPTO_METHOD * crypto_method_aes,VOID * metadata,UINT metadata_size)163 NX_CRYPTO_KEEP UINT _nx_crypto_method_self_test_aes(NX_CRYPTO_METHOD *crypto_method_aes,
164 VOID *metadata, UINT metadata_size)
165 {
166 UCHAR *key_encrypt, *key_decrypt;
167 UCHAR *iv_encrypt, *iv_decrypt;
168 UCHAR *plain_encrypt, *plain_decrypt;
169 UCHAR *secret_encrypt, *secret_decrypt;
170 UINT key_size;
171 UINT status;
172 VOID *handler = NX_CRYPTO_NULL;
173
174
175 /* Validate the crypto method */
176 if(crypto_method_aes == NX_CRYPTO_NULL)
177 return(NX_CRYPTO_PTR_ERROR);
178
179 key_size = crypto_method_aes -> nx_crypto_key_size_in_bits;
180
181 switch (crypto_method_aes -> nx_crypto_algorithm)
182 {
183 case NX_CRYPTO_ENCRYPTION_AES_CBC:
184 switch (key_size)
185 {
186 case 256:
187 key_encrypt = (UCHAR *)key_cbc_256_encrypt;
188 iv_encrypt = (UCHAR *)iv_cbc_256_encrypt;
189 plain_encrypt = (UCHAR *)plain_cbc_256_encrypt;
190 secret_encrypt = (UCHAR *)secret_cbc_256_encrypt;
191 key_decrypt = (UCHAR *)key_cbc_256_decrypt;
192 iv_decrypt = (UCHAR *)iv_cbc_256_decrypt;
193 plain_decrypt = (UCHAR *)plain_cbc_256_decrypt;
194 secret_decrypt = (UCHAR *)secret_cbc_256_decrypt;
195 break;
196 default:
197 return(1);
198 }
199 break;
200
201 case NX_CRYPTO_ENCRYPTION_AES_CTR:
202 switch (key_size)
203 {
204 case 256:
205 key_encrypt = (UCHAR *)key_ctr_256_encrypt;
206 iv_encrypt = (UCHAR *)iv_ctr_256_encrypt;
207 plain_encrypt = (UCHAR *)plain_ctr_256_encrypt;
208 secret_encrypt = (UCHAR *)secret_ctr_256_encrypt;
209 key_decrypt = (UCHAR *)key_ctr_256_decrypt;
210 iv_decrypt = (UCHAR *)iv_ctr_256_decrypt;
211 plain_decrypt = (UCHAR *)plain_ctr_256_decrypt;
212 secret_decrypt = (UCHAR *)secret_ctr_256_decrypt;
213 break;
214 default:
215 return(1);
216 }
217 break;
218
219 default:
220 return(1);
221 }
222
223 if (crypto_method_aes -> nx_crypto_init)
224 {
225 status = crypto_method_aes -> nx_crypto_init(crypto_method_aes,
226 key_encrypt,
227 key_size,
228 &handler,
229 metadata,
230 metadata_size);
231 if (status != NX_CRYPTO_SUCCESS)
232 {
233 return(status);
234 }
235 }
236
237 if (crypto_method_aes -> nx_crypto_operation == NX_CRYPTO_NULL)
238 {
239 return(NX_CRYPTO_PTR_ERROR);
240 }
241
242 /* Encryption. */
243 status = crypto_method_aes -> nx_crypto_operation(NX_CRYPTO_ENCRYPT,
244 handler,
245 crypto_method_aes,
246 key_encrypt,
247 key_size,
248 plain_encrypt,
249 INPUT_OUTPUT_LENGTH,
250 iv_encrypt,
251 output,
252 INPUT_OUTPUT_LENGTH,
253 metadata,
254 metadata_size,
255 NX_CRYPTO_NULL, NX_CRYPTO_NULL);
256 if (status != NX_CRYPTO_SUCCESS)
257 {
258 return(status);
259 }
260
261 if (NX_CRYPTO_MEMCMP(output, secret_encrypt, INPUT_OUTPUT_LENGTH) != 0)
262 {
263 return(NX_CRYPTO_NOT_SUCCESSFUL);
264 }
265
266 if (crypto_method_aes -> nx_crypto_cleanup)
267 {
268 status = crypto_method_aes -> nx_crypto_cleanup(metadata);
269
270 if (status != NX_CRYPTO_SUCCESS)
271 {
272 return(status);
273 }
274 }
275
276 /* Decryption. */
277 if (crypto_method_aes -> nx_crypto_init)
278 {
279 status = crypto_method_aes -> nx_crypto_init(crypto_method_aes,
280 key_decrypt,
281 key_size,
282 &handler,
283 metadata,
284 metadata_size);
285 if (status != NX_CRYPTO_SUCCESS)
286 {
287 return(status);
288 }
289 }
290
291 status = crypto_method_aes -> nx_crypto_operation(NX_CRYPTO_DECRYPT,
292 handler,
293 crypto_method_aes,
294 key_decrypt,
295 key_size,
296 secret_decrypt,
297 INPUT_OUTPUT_LENGTH,
298 iv_decrypt,
299 output,
300 INPUT_OUTPUT_LENGTH,
301 metadata,
302 metadata_size,
303 NX_CRYPTO_NULL, NX_CRYPTO_NULL);
304 if (status != NX_CRYPTO_SUCCESS)
305 {
306 return(status);
307 }
308
309 if (NX_CRYPTO_MEMCMP(output, plain_decrypt, INPUT_OUTPUT_LENGTH) != 0)
310 {
311 return(NX_CRYPTO_NOT_SUCCESSFUL);
312 }
313
314 if (crypto_method_aes -> nx_crypto_cleanup)
315 {
316 status = crypto_method_aes -> nx_crypto_cleanup(metadata);
317 }
318
319 return(status);
320 }
321 #endif
322
323
324
