1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Secure Component */
16 /** */
17 /** Transport Layer Security (TLS) */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_SECURE_SOURCE_CODE
23
24
25 /* Include necessary system files. */
26
27 #include "nx_secure_crypto_table_self_test.h"
28
29
30 #ifdef NX_SECURE_POWER_ON_SELF_TEST_MODULE_INTEGRITY_CHECK
31
32 #define INPUT_OUTPUT_LENGTH (16)
33
34 /* A42E843B22E6CC7C09AD783FACE7F251 */
35 static const UCHAR key_cbc_128[] = {
36 0xA4, 0x2E, 0x84, 0x3B, 0x22, 0xE6, 0xCC, 0x7C, 0x09, 0xAD, 0x78, 0x3F, 0xAC, 0xE7, 0xF2, 0x51,
37 };
38
39 /* 87BFAE15B37B90751B426240F5BC0C16 */
40 static const UCHAR iv_cbc_128[] = {
41 0x87, 0xBF, 0xAE, 0x15, 0xB3, 0x7B, 0x90, 0x75, 0x1B, 0x42, 0x62, 0x40, 0xF5, 0xBC, 0x0C, 0x16,
42 };
43
44 /* 997F8E2A478FF2479A83B90BD44EDE5C */
45 static const UCHAR plain_cbc_128[] = {
46 0x99, 0x7F, 0x8E, 0x2A, 0x47, 0x8F, 0xF2, 0x47, 0x9A, 0x83, 0xB9, 0x0B, 0xD4, 0x4E, 0xDE, 0x5C,
47 };
48
49 /* 24E38770FF9397AFA5A5F7F0689610EF */
50 static const UCHAR secret_cbc_128[] = {
51 0x24, 0xE3, 0x87, 0x70, 0xFF, 0x93, 0x97, 0xAF, 0xA5, 0xA5, 0xF7, 0xF0, 0x68, 0x96, 0x10, 0xEF,
52 };
53
54 /* DCF688403AB1C0079D3FCC1B046398675FAF971E50A92525 */
55 static const UCHAR key_cbc_192[] = {
56 0xDC, 0xF6, 0x88, 0x40, 0x3A, 0xB1, 0xC0, 0x07, 0x9D, 0x3F, 0xCC, 0x1B, 0x04, 0x63, 0x98, 0x67,
57 0x5F, 0xAF, 0x97, 0x1E, 0x50, 0xA9, 0x25, 0x25, };
58
59 /* 78E45F7E3868534D38B45B7E8F549243 */
60 static const UCHAR iv_cbc_192[] = {
61 0x78, 0xE4, 0x5F, 0x7E, 0x38, 0x68, 0x53, 0x4D, 0x38, 0xB4, 0x5B, 0x7E, 0x8F, 0x54, 0x92, 0x43,
62 };
63
64 /* 178BB520EBE2D330539EB315A5EDE75B */
65 static const UCHAR plain_cbc_192[] = {
66 0x17, 0x8B, 0xB5, 0x20, 0xEB, 0xE2, 0xD3, 0x30, 0x53, 0x9E, 0xB3, 0x15, 0xA5, 0xED, 0xE7, 0x5B,
67 };
68
69 /* 58266726FD6E7E9FA64501681B73FE88 */
70 static const UCHAR secret_cbc_192[] = {
71 0x58, 0x26, 0x67, 0x26, 0xFD, 0x6E, 0x7E, 0x9F, 0xA6, 0x45, 0x01, 0x68, 0x1B, 0x73, 0xFE, 0x88,
72 };
73
74 static const UCHAR key_cbc_256[] = {
75 0x02, 0xCF, 0x1E, 0x1D, 0x97, 0x96, 0xAD, 0x33, 0x95, 0xD8, 0x12, 0x67, 0x57, 0xB6, 0xFC, 0x7C,
76 0x70, 0x5F, 0x08, 0x2F, 0xB8, 0x52, 0x70, 0x42, 0x77, 0x60, 0xAC, 0x17, 0x37, 0x59, 0xCE, 0x07,
77 };
78
79 /* BB35190002242F28FC79C01B89022604 */
80 static const UCHAR iv_cbc_256[] = {
81 0xBB, 0x35, 0x19, 0x00, 0x02, 0x24, 0x2F, 0x28, 0xFC, 0x79, 0xC0, 0x1B, 0x89, 0x02, 0x26, 0x04,
82 };
83
84 /* 05D4EE7191E69A0AC7CBC1625258085D */
85 static const UCHAR plain_cbc_256[] = {
86 0x05, 0xD4, 0xEE, 0x71, 0x91, 0xE6, 0x9A, 0x0A, 0xC7, 0xCB, 0xC1, 0x62, 0x52, 0x58, 0x08, 0x5D,
87 };
88
89 /* F65F0278E9F5D525F66DC5AFAD99F205 */
90 static const UCHAR secret_cbc_256[] = {
91 0xF6, 0x5F, 0x02, 0x78, 0xE9, 0xF5, 0xD5, 0x25, 0xF6, 0x6D, 0xC5, 0xAF, 0xAD, 0x99, 0xF2, 0x05,
92 };
93
94
95 /*Note: For CTR, the key_ctr_128, key_ctr_192 and key_ctr_256 is the conjunction of key and nonce. */
96 /* 3982F50DA5D5D9587EE8FD7078F2BB309C19BD6C */
97 static const UCHAR key_ctr_128[] = {
98 0x39, 0x82, 0xF5, 0x0D, 0xA5, 0xD5, 0xD9, 0x58, 0x7E, 0xE8, 0xFD, 0x70, 0x78, 0xF2, 0xBB, 0x30,
99 0x9C, 0x19, 0xBD, 0x6C,
100 };
101
102 /* C3834608D6198033 */
103 static const UCHAR iv_ctr_128[] = {
104 0xC3, 0x83, 0x46, 0x08, 0xD6, 0x19, 0x80, 0x33,
105 };
106
107 /* 8854117807D40A6837520939CA38FA2A */
108 static const UCHAR plain_ctr_128[] = {
109 0x88, 0x54, 0x11, 0x78, 0x07, 0xD4, 0x0A, 0x68, 0x37, 0x52, 0x09, 0x39, 0xCA, 0x38, 0xFA, 0x2A,
110 };
111
112 /* 33B8C6FF1ED6A85B4E29AB6585869FEE */
113 static const UCHAR secret_ctr_128[] = {
114 0x33, 0xB8, 0xC6, 0xFF, 0x1E, 0xD6, 0xA8, 0x5B, 0x4E, 0x29, 0xAB, 0x65, 0x85, 0x86, 0x9F, 0xEE,
115 };
116
117 /* AE5DB35787511A77E554FF2258E1A15D62CB7F416E8BDA223E25646D */
118 static const UCHAR key_ctr_192[] = {
119 0xAE, 0x5D, 0xB3, 0x57, 0x87, 0x51, 0x1A, 0x77, 0xE5, 0x54, 0xFF, 0x22, 0x58, 0xE1, 0xA1, 0x5D,
120 0x62, 0xCB, 0x7F, 0x41, 0x6E, 0x8B, 0xDA, 0x22, 0x3E, 0x25, 0x64, 0x6D, };
121
122 /* 0C3605005954FF2A */
123 static const UCHAR iv_ctr_192[] = {
124 0x0C, 0x36, 0x05, 0x00, 0x59, 0x54, 0xFF, 0x2A,
125 };
126
127 /* BB924D2DDE863F2C01F2A549C9D06444 */
128 static const UCHAR plain_ctr_192[] = {
129 0xBB, 0x92, 0x4D, 0x2D, 0xDE, 0x86, 0x3F, 0x2C, 0x01, 0xF2, 0xA5, 0x49, 0xC9, 0xD0, 0x64, 0x44,
130 };
131
132 /* ED988DC30B5C6394D21A3F2477836FBB */
133 static const UCHAR secret_ctr_192[] = {
134 0xED, 0x98, 0x8D, 0xC3, 0x0B, 0x5C, 0x63, 0x94, 0xD2, 0x1A, 0x3F, 0x24, 0x77, 0x83, 0x6F, 0xBB,
135 };
136
137 /* D0E78C4D0B30D33F5BF4A132B2F94A4A38963511A3904B117E35A37B5AAC8A193BF0D158 */
138 static const UCHAR key_ctr_256[] = {
139 0xD0, 0xE7, 0x8C, 0x4D, 0x0B, 0x30, 0xD3, 0x3F, 0x5B, 0xF4, 0xA1, 0x32, 0xB2, 0xF9, 0x4A, 0x4A,
140 0x38, 0x96, 0x35, 0x11, 0xA3, 0x90, 0x4B, 0x11, 0x7E, 0x35, 0xA3, 0x7B, 0x5A, 0xAC, 0x8A, 0x19,
141 0x3B, 0xF0, 0xD1, 0x58,
142 };
143
144 /* A1A31704C8B7E16C */
145 static const UCHAR iv_ctr_256[] = {
146 0xA1, 0xA3, 0x17, 0x04, 0xC8, 0xB7, 0xE1, 0x6C,
147 };
148
149 /* 981FA33222C5451017530155A4BF7F29 */
150 static const UCHAR plain_ctr_256[] = {
151 0x98, 0x1F, 0xA3, 0x32, 0x22, 0xC5, 0x45, 0x10, 0x17, 0x53, 0x01, 0x55, 0xA4, 0xBF, 0x7F, 0x29,
152 };
153
154 /* 643B91B4E541B20AAAEAB77F2D328566 */
155 static const UCHAR secret_ctr_256[] = {
156 0x64, 0x3B, 0x91, 0xB4, 0xE5, 0x41, 0xB2, 0x0A, 0xAA, 0xEA, 0xB7, 0x7F, 0x2D, 0x32, 0x85, 0x66,
157 };
158
159 /* 83F9D97D4AB759FDDCC3EF54A0E2A8EC */
160 static const UCHAR key_gcm_128[] = {
161 0x83, 0xF9, 0xD9, 0x7D, 0x4A, 0xB7, 0x59, 0xFD, 0xDC, 0xC3, 0xEF, 0x54, 0xA0, 0xE2, 0xA8, 0xEC,
162 };
163
164 /* 01CF */
165 static const UCHAR iv_gcm_128[] = {
166 0x01, 0xCF,
167 };
168
169 /* 77E6329CF9424F71C808DF9170BFD298 */
170 static const UCHAR plain_gcm_128[] = {
171 0x77, 0xE6, 0x32, 0x9C, 0xF9, 0x42, 0x4F, 0x71, 0xC8, 0x08, 0xDF, 0x91, 0x70, 0xBF, 0xD2, 0x98,
172 };
173
174 /* 6DD49EAEB4103DAC8F97E3234946DD2D */
175 static const UCHAR aad_gcm_128[] = {
176 0x6D, 0xD4, 0x9E, 0xAE, 0xB4, 0x10, 0x3D, 0xAC, 0x8F, 0x97, 0xE3, 0x23, 0x49, 0x46, 0xDD, 0x2D,
177 };
178
179 /* 50DE86A7A92A8A5EA33DB5696B96CD77AA181E84BC8B4BF5A68927C409D422CB */
180 static const UCHAR secret_gcm_128[] = {
181 0x50, 0xDE, 0x86, 0xA7, 0xA9, 0x2A, 0x8A, 0x5E, 0xA3, 0x3D, 0xB5, 0x69, 0x6B, 0x96, 0xCD, 0x77,
182 0xAA, 0x18, 0x1E, 0x84, 0xBC, 0x8B, 0x4B, 0xF5, 0xA6, 0x89, 0x27, 0xC4, 0x09, 0xD4, 0x22, 0xCB
183 };
184
185 static UCHAR output[INPUT_OUTPUT_LENGTH * 2];
186
187 /**************************************************************************/
188 /* */
189 /* FUNCTION RELEASE */
190 /* */
191 /* nx_secure_crypto_method_self_test_aes PORTABLE C */
192 /* 6.1 */
193 /* AUTHOR */
194 /* */
195 /* Timothy Stapko, Microsoft Corporation */
196 /* */
197 /* DESCRIPTION */
198 /* */
199 /* This function performs the Known Answer Test for AES crypto method. */
200 /* */
201 /* INPUT */
202 /* */
203 /* method_ptr Pointer to the crypto method */
204 /* to be tested. */
205 /* */
206 /* OUTPUT */
207 /* */
208 /* status Completion status */
209 /* */
210 /* CALLS */
211 /* */
212 /* None */
213 /* */
214 /* CALLED BY */
215 /* */
216 /* Application Code */
217 /* */
218 /* RELEASE HISTORY */
219 /* */
220 /* DATE NAME DESCRIPTION */
221 /* */
222 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
223 /* 09-30-2020 Timothy Stapko Modified comment(s), */
224 /* resulting in version 6.1 */
225 /* */
226 /**************************************************************************/
_nx_secure_crypto_method_self_test_aes(NX_CRYPTO_METHOD * crypto_method_aes,VOID * metadata,UINT metadata_size)227 UINT _nx_secure_crypto_method_self_test_aes(NX_CRYPTO_METHOD *crypto_method_aes,
228 VOID *metadata, UINT metadata_size)
229 {
230 UCHAR *key;
231 UCHAR *iv;
232 UCHAR *plain;
233 UCHAR *secret;
234 UCHAR *aad = NX_NULL;
235 UINT key_size;
236 UINT secret_size = INPUT_OUTPUT_LENGTH;
237 UINT status;
238 VOID *handler = NX_NULL;
239
240
241 /* Validate the crypto method */
242 if(crypto_method_aes == NX_NULL)
243 return(NX_PTR_ERROR);
244
245 key_size = crypto_method_aes -> nx_crypto_key_size_in_bits;
246
247 switch (crypto_method_aes -> nx_crypto_algorithm)
248 {
249 case NX_CRYPTO_ENCRYPTION_AES_CBC:
250 switch (key_size)
251 {
252 case 128:
253 key = (UCHAR *)key_cbc_128;
254 iv = (UCHAR *)iv_cbc_128;
255 plain = (UCHAR *)plain_cbc_128;
256 secret = (UCHAR *)secret_cbc_128;
257 break;
258 case 192:
259 key = (UCHAR *)key_cbc_192;
260 iv = (UCHAR *)iv_cbc_192;
261 plain = (UCHAR *)plain_cbc_192;
262 secret = (UCHAR *)secret_cbc_192;
263 break;
264 case 256:
265 key = (UCHAR *)key_cbc_256;
266 iv = (UCHAR *)iv_cbc_256;
267 plain = (UCHAR *)plain_cbc_256;
268 secret = (UCHAR *)secret_cbc_256;
269 break;
270 default:
271 return(1);
272 }
273 break;
274
275 case NX_CRYPTO_ENCRYPTION_AES_CTR:
276 switch (key_size)
277 {
278 case 128:
279 key = (UCHAR *)key_ctr_128;
280 iv = (UCHAR *)iv_ctr_128;
281 plain = (UCHAR *)plain_ctr_128;
282 secret = (UCHAR *)secret_ctr_128;
283 break;
284 case 192:
285 key = (UCHAR *)key_ctr_192;
286 iv = (UCHAR *)iv_ctr_192;
287 plain = (UCHAR *)plain_ctr_192;
288 secret = (UCHAR *)secret_ctr_192;
289 break;
290 case 256:
291 key = (UCHAR *)key_ctr_256;
292 iv = (UCHAR *)iv_ctr_256;
293 plain = (UCHAR *)plain_ctr_256;
294 secret = (UCHAR *)secret_ctr_256;
295 break;
296 default:
297 return(1);
298 }
299 break;
300
301 case NX_CRYPTO_ENCRYPTION_AES_GCM_16:
302 switch (key_size)
303 {
304 case 128:
305 key = (UCHAR *)key_gcm_128;
306 iv = (UCHAR *)iv_gcm_128;
307 plain = (UCHAR *)plain_gcm_128;
308 secret = (UCHAR *)secret_gcm_128;
309 aad = (UCHAR *)aad_gcm_128;
310 secret_size = sizeof(secret_gcm_128);
311 break;
312 default:
313 return(1);
314 }
315 break;
316
317 default:
318 return(1);
319 }
320
321 if (crypto_method_aes -> nx_crypto_init)
322 {
323 status = crypto_method_aes -> nx_crypto_init(crypto_method_aes,
324 key,
325 key_size,
326 &handler,
327 metadata,
328 metadata_size);
329 if (status != NX_CRYPTO_SUCCESS)
330 {
331 return(status);
332 }
333 }
334
335 if (crypto_method_aes -> nx_crypto_operation == NX_NULL)
336 {
337 return(NX_PTR_ERROR);
338 }
339
340 if (aad != NX_NULL)
341 {
342 /* Set additional data pointer and length. */
343 status = crypto_method_aes -> nx_crypto_operation(NX_CRYPTO_SET_ADDITIONAL_DATA,
344 NX_NULL,
345 crypto_method_aes,
346 key,
347 key_size,
348 aad,
349 INPUT_OUTPUT_LENGTH,
350 (UCHAR *)iv,
351 (UCHAR *)NX_NULL,
352 0,
353 metadata,
354 metadata_size,
355 NX_NULL, NX_NULL);
356 if (status != NX_CRYPTO_SUCCESS)
357 {
358 return(status);
359 }
360 }
361
362 /* Encryption. */
363 status = crypto_method_aes -> nx_crypto_operation(NX_CRYPTO_ENCRYPT,
364 handler,
365 crypto_method_aes,
366 key,
367 key_size,
368 plain,
369 INPUT_OUTPUT_LENGTH,
370 iv,
371 output,
372 secret_size,
373 metadata,
374 metadata_size,
375 NX_NULL, NX_NULL);
376 if (status != NX_CRYPTO_SUCCESS)
377 {
378 return(status);
379 }
380
381 if (NX_SECURE_MEMCMP(output, secret, secret_size) != 0)
382 {
383 return(NX_NOT_SUCCESSFUL);
384 }
385
386 /* Decryption. */
387 status = crypto_method_aes -> nx_crypto_operation(NX_CRYPTO_DECRYPT,
388 handler,
389 crypto_method_aes,
390 key,
391 key_size,
392 secret,
393 secret_size,
394 iv,
395 output,
396 INPUT_OUTPUT_LENGTH,
397 metadata,
398 metadata_size,
399 NX_NULL, NX_NULL);
400 if (status != NX_CRYPTO_SUCCESS)
401 {
402 return(status);
403 }
404
405 if (NX_SECURE_MEMCMP(output, plain, INPUT_OUTPUT_LENGTH) != 0)
406 {
407 return(NX_NOT_SUCCESSFUL);
408 }
409
410 if (crypto_method_aes -> nx_crypto_cleanup)
411 {
412 status = crypto_method_aes -> nx_crypto_cleanup(metadata);
413 }
414
415 return(status);
416 }
417 #endif
418
419
420
