1 /**************************************************************************/
2 /* */
3 /* Copyright (c) Microsoft Corporation. All rights reserved. */
4 /* */
5 /* This software is licensed under the Microsoft Software License */
6 /* Terms for Microsoft Azure RTOS. Full text of the license can be */
7 /* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */
8 /* and in the root directory of this software. */
9 /* */
10 /**************************************************************************/
11
12
13 /**************************************************************************/
14 /**************************************************************************/
15 /** */
16 /** NetX Secure Component */
17 /** */
18 /** Transport Layer Security (TLS) */
19 /** */
20 /**************************************************************************/
21 /**************************************************************************/
22
23 #define NX_SECURE_SOURCE_CODE
24
25
26 /* Include necessary system files. */
27
28 #include "nx_secure_crypto_table_self_test.h"
29
30
31 #ifdef NX_SECURE_POWER_ON_SELF_TEST_MODULE_INTEGRITY_CHECK
32
33 #define INPUT_OUTPUT_LENGTH (16)
34
35 /* A42E843B22E6CC7C09AD783FACE7F251 */
36 static const UCHAR key_cbc_128[] = {
37 0xA4, 0x2E, 0x84, 0x3B, 0x22, 0xE6, 0xCC, 0x7C, 0x09, 0xAD, 0x78, 0x3F, 0xAC, 0xE7, 0xF2, 0x51,
38 };
39
40 /* 87BFAE15B37B90751B426240F5BC0C16 */
41 static const UCHAR iv_cbc_128[] = {
42 0x87, 0xBF, 0xAE, 0x15, 0xB3, 0x7B, 0x90, 0x75, 0x1B, 0x42, 0x62, 0x40, 0xF5, 0xBC, 0x0C, 0x16,
43 };
44
45 /* 997F8E2A478FF2479A83B90BD44EDE5C */
46 static const UCHAR plain_cbc_128[] = {
47 0x99, 0x7F, 0x8E, 0x2A, 0x47, 0x8F, 0xF2, 0x47, 0x9A, 0x83, 0xB9, 0x0B, 0xD4, 0x4E, 0xDE, 0x5C,
48 };
49
50 /* 24E38770FF9397AFA5A5F7F0689610EF */
51 static const UCHAR secret_cbc_128[] = {
52 0x24, 0xE3, 0x87, 0x70, 0xFF, 0x93, 0x97, 0xAF, 0xA5, 0xA5, 0xF7, 0xF0, 0x68, 0x96, 0x10, 0xEF,
53 };
54
55 /* DCF688403AB1C0079D3FCC1B046398675FAF971E50A92525 */
56 static const UCHAR key_cbc_192[] = {
57 0xDC, 0xF6, 0x88, 0x40, 0x3A, 0xB1, 0xC0, 0x07, 0x9D, 0x3F, 0xCC, 0x1B, 0x04, 0x63, 0x98, 0x67,
58 0x5F, 0xAF, 0x97, 0x1E, 0x50, 0xA9, 0x25, 0x25, };
59
60 /* 78E45F7E3868534D38B45B7E8F549243 */
61 static const UCHAR iv_cbc_192[] = {
62 0x78, 0xE4, 0x5F, 0x7E, 0x38, 0x68, 0x53, 0x4D, 0x38, 0xB4, 0x5B, 0x7E, 0x8F, 0x54, 0x92, 0x43,
63 };
64
65 /* 178BB520EBE2D330539EB315A5EDE75B */
66 static const UCHAR plain_cbc_192[] = {
67 0x17, 0x8B, 0xB5, 0x20, 0xEB, 0xE2, 0xD3, 0x30, 0x53, 0x9E, 0xB3, 0x15, 0xA5, 0xED, 0xE7, 0x5B,
68 };
69
70 /* 58266726FD6E7E9FA64501681B73FE88 */
71 static const UCHAR secret_cbc_192[] = {
72 0x58, 0x26, 0x67, 0x26, 0xFD, 0x6E, 0x7E, 0x9F, 0xA6, 0x45, 0x01, 0x68, 0x1B, 0x73, 0xFE, 0x88,
73 };
74
75 static const UCHAR key_cbc_256[] = {
76 0x02, 0xCF, 0x1E, 0x1D, 0x97, 0x96, 0xAD, 0x33, 0x95, 0xD8, 0x12, 0x67, 0x57, 0xB6, 0xFC, 0x7C,
77 0x70, 0x5F, 0x08, 0x2F, 0xB8, 0x52, 0x70, 0x42, 0x77, 0x60, 0xAC, 0x17, 0x37, 0x59, 0xCE, 0x07,
78 };
79
80 /* BB35190002242F28FC79C01B89022604 */
81 static const UCHAR iv_cbc_256[] = {
82 0xBB, 0x35, 0x19, 0x00, 0x02, 0x24, 0x2F, 0x28, 0xFC, 0x79, 0xC0, 0x1B, 0x89, 0x02, 0x26, 0x04,
83 };
84
85 /* 05D4EE7191E69A0AC7CBC1625258085D */
86 static const UCHAR plain_cbc_256[] = {
87 0x05, 0xD4, 0xEE, 0x71, 0x91, 0xE6, 0x9A, 0x0A, 0xC7, 0xCB, 0xC1, 0x62, 0x52, 0x58, 0x08, 0x5D,
88 };
89
90 /* F65F0278E9F5D525F66DC5AFAD99F205 */
91 static const UCHAR secret_cbc_256[] = {
92 0xF6, 0x5F, 0x02, 0x78, 0xE9, 0xF5, 0xD5, 0x25, 0xF6, 0x6D, 0xC5, 0xAF, 0xAD, 0x99, 0xF2, 0x05,
93 };
94
95
96 /*Note: For CTR, the key_ctr_128, key_ctr_192 and key_ctr_256 is the conjunction of key and nonce. */
97 /* 3982F50DA5D5D9587EE8FD7078F2BB309C19BD6C */
98 static const UCHAR key_ctr_128[] = {
99 0x39, 0x82, 0xF5, 0x0D, 0xA5, 0xD5, 0xD9, 0x58, 0x7E, 0xE8, 0xFD, 0x70, 0x78, 0xF2, 0xBB, 0x30,
100 0x9C, 0x19, 0xBD, 0x6C,
101 };
102
103 /* C3834608D6198033 */
104 static const UCHAR iv_ctr_128[] = {
105 0xC3, 0x83, 0x46, 0x08, 0xD6, 0x19, 0x80, 0x33,
106 };
107
108 /* 8854117807D40A6837520939CA38FA2A */
109 static const UCHAR plain_ctr_128[] = {
110 0x88, 0x54, 0x11, 0x78, 0x07, 0xD4, 0x0A, 0x68, 0x37, 0x52, 0x09, 0x39, 0xCA, 0x38, 0xFA, 0x2A,
111 };
112
113 /* 33B8C6FF1ED6A85B4E29AB6585869FEE */
114 static const UCHAR secret_ctr_128[] = {
115 0x33, 0xB8, 0xC6, 0xFF, 0x1E, 0xD6, 0xA8, 0x5B, 0x4E, 0x29, 0xAB, 0x65, 0x85, 0x86, 0x9F, 0xEE,
116 };
117
118 /* AE5DB35787511A77E554FF2258E1A15D62CB7F416E8BDA223E25646D */
119 static const UCHAR key_ctr_192[] = {
120 0xAE, 0x5D, 0xB3, 0x57, 0x87, 0x51, 0x1A, 0x77, 0xE5, 0x54, 0xFF, 0x22, 0x58, 0xE1, 0xA1, 0x5D,
121 0x62, 0xCB, 0x7F, 0x41, 0x6E, 0x8B, 0xDA, 0x22, 0x3E, 0x25, 0x64, 0x6D, };
122
123 /* 0C3605005954FF2A */
124 static const UCHAR iv_ctr_192[] = {
125 0x0C, 0x36, 0x05, 0x00, 0x59, 0x54, 0xFF, 0x2A,
126 };
127
128 /* BB924D2DDE863F2C01F2A549C9D06444 */
129 static const UCHAR plain_ctr_192[] = {
130 0xBB, 0x92, 0x4D, 0x2D, 0xDE, 0x86, 0x3F, 0x2C, 0x01, 0xF2, 0xA5, 0x49, 0xC9, 0xD0, 0x64, 0x44,
131 };
132
133 /* ED988DC30B5C6394D21A3F2477836FBB */
134 static const UCHAR secret_ctr_192[] = {
135 0xED, 0x98, 0x8D, 0xC3, 0x0B, 0x5C, 0x63, 0x94, 0xD2, 0x1A, 0x3F, 0x24, 0x77, 0x83, 0x6F, 0xBB,
136 };
137
138 /* D0E78C4D0B30D33F5BF4A132B2F94A4A38963511A3904B117E35A37B5AAC8A193BF0D158 */
139 static const UCHAR key_ctr_256[] = {
140 0xD0, 0xE7, 0x8C, 0x4D, 0x0B, 0x30, 0xD3, 0x3F, 0x5B, 0xF4, 0xA1, 0x32, 0xB2, 0xF9, 0x4A, 0x4A,
141 0x38, 0x96, 0x35, 0x11, 0xA3, 0x90, 0x4B, 0x11, 0x7E, 0x35, 0xA3, 0x7B, 0x5A, 0xAC, 0x8A, 0x19,
142 0x3B, 0xF0, 0xD1, 0x58,
143 };
144
145 /* A1A31704C8B7E16C */
146 static const UCHAR iv_ctr_256[] = {
147 0xA1, 0xA3, 0x17, 0x04, 0xC8, 0xB7, 0xE1, 0x6C,
148 };
149
150 /* 981FA33222C5451017530155A4BF7F29 */
151 static const UCHAR plain_ctr_256[] = {
152 0x98, 0x1F, 0xA3, 0x32, 0x22, 0xC5, 0x45, 0x10, 0x17, 0x53, 0x01, 0x55, 0xA4, 0xBF, 0x7F, 0x29,
153 };
154
155 /* 643B91B4E541B20AAAEAB77F2D328566 */
156 static const UCHAR secret_ctr_256[] = {
157 0x64, 0x3B, 0x91, 0xB4, 0xE5, 0x41, 0xB2, 0x0A, 0xAA, 0xEA, 0xB7, 0x7F, 0x2D, 0x32, 0x85, 0x66,
158 };
159
160 /* 83F9D97D4AB759FDDCC3EF54A0E2A8EC */
161 static const UCHAR key_gcm_128[] = {
162 0x83, 0xF9, 0xD9, 0x7D, 0x4A, 0xB7, 0x59, 0xFD, 0xDC, 0xC3, 0xEF, 0x54, 0xA0, 0xE2, 0xA8, 0xEC,
163 };
164
165 /* 01CF */
166 static const UCHAR iv_gcm_128[] = {
167 0x01, 0xCF,
168 };
169
170 /* 77E6329CF9424F71C808DF9170BFD298 */
171 static const UCHAR plain_gcm_128[] = {
172 0x77, 0xE6, 0x32, 0x9C, 0xF9, 0x42, 0x4F, 0x71, 0xC8, 0x08, 0xDF, 0x91, 0x70, 0xBF, 0xD2, 0x98,
173 };
174
175 /* 6DD49EAEB4103DAC8F97E3234946DD2D */
176 static const UCHAR aad_gcm_128[] = {
177 0x6D, 0xD4, 0x9E, 0xAE, 0xB4, 0x10, 0x3D, 0xAC, 0x8F, 0x97, 0xE3, 0x23, 0x49, 0x46, 0xDD, 0x2D,
178 };
179
180 /* 50DE86A7A92A8A5EA33DB5696B96CD77AA181E84BC8B4BF5A68927C409D422CB */
181 static const UCHAR secret_gcm_128[] = {
182 0x50, 0xDE, 0x86, 0xA7, 0xA9, 0x2A, 0x8A, 0x5E, 0xA3, 0x3D, 0xB5, 0x69, 0x6B, 0x96, 0xCD, 0x77,
183 0xAA, 0x18, 0x1E, 0x84, 0xBC, 0x8B, 0x4B, 0xF5, 0xA6, 0x89, 0x27, 0xC4, 0x09, 0xD4, 0x22, 0xCB
184 };
185
186 static UCHAR output[INPUT_OUTPUT_LENGTH * 2];
187
188 /**************************************************************************/
189 /* */
190 /* FUNCTION RELEASE */
191 /* */
192 /* nx_secure_crypto_method_self_test_aes PORTABLE C */
193 /* 6.1 */
194 /* AUTHOR */
195 /* */
196 /* Timothy Stapko, Microsoft Corporation */
197 /* */
198 /* DESCRIPTION */
199 /* */
200 /* This function performs the Known Answer Test for AES crypto method. */
201 /* */
202 /* INPUT */
203 /* */
204 /* method_ptr Pointer to the crypto method */
205 /* to be tested. */
206 /* */
207 /* OUTPUT */
208 /* */
209 /* status Completion status */
210 /* */
211 /* CALLS */
212 /* */
213 /* None */
214 /* */
215 /* CALLED BY */
216 /* */
217 /* Application Code */
218 /* */
219 /* RELEASE HISTORY */
220 /* */
221 /* DATE NAME DESCRIPTION */
222 /* */
223 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
224 /* 09-30-2020 Timothy Stapko Modified comment(s), */
225 /* resulting in version 6.1 */
226 /* */
227 /**************************************************************************/
_nx_secure_crypto_method_self_test_aes(NX_CRYPTO_METHOD * crypto_method_aes,VOID * metadata,UINT metadata_size)228 UINT _nx_secure_crypto_method_self_test_aes(NX_CRYPTO_METHOD *crypto_method_aes,
229 VOID *metadata, UINT metadata_size)
230 {
231 UCHAR *key;
232 UCHAR *iv;
233 UCHAR *plain;
234 UCHAR *secret;
235 UCHAR *aad = NX_NULL;
236 UINT key_size;
237 UINT secret_size = INPUT_OUTPUT_LENGTH;
238 UINT status;
239 VOID *handler = NX_NULL;
240
241
242 /* Validate the crypto method */
243 if(crypto_method_aes == NX_NULL)
244 return(NX_PTR_ERROR);
245
246 key_size = crypto_method_aes -> nx_crypto_key_size_in_bits;
247
248 switch (crypto_method_aes -> nx_crypto_algorithm)
249 {
250 case NX_CRYPTO_ENCRYPTION_AES_CBC:
251 switch (key_size)
252 {
253 case 128:
254 key = (UCHAR *)key_cbc_128;
255 iv = (UCHAR *)iv_cbc_128;
256 plain = (UCHAR *)plain_cbc_128;
257 secret = (UCHAR *)secret_cbc_128;
258 break;
259 case 192:
260 key = (UCHAR *)key_cbc_192;
261 iv = (UCHAR *)iv_cbc_192;
262 plain = (UCHAR *)plain_cbc_192;
263 secret = (UCHAR *)secret_cbc_192;
264 break;
265 case 256:
266 key = (UCHAR *)key_cbc_256;
267 iv = (UCHAR *)iv_cbc_256;
268 plain = (UCHAR *)plain_cbc_256;
269 secret = (UCHAR *)secret_cbc_256;
270 break;
271 default:
272 return(1);
273 }
274 break;
275
276 case NX_CRYPTO_ENCRYPTION_AES_CTR:
277 switch (key_size)
278 {
279 case 128:
280 key = (UCHAR *)key_ctr_128;
281 iv = (UCHAR *)iv_ctr_128;
282 plain = (UCHAR *)plain_ctr_128;
283 secret = (UCHAR *)secret_ctr_128;
284 break;
285 case 192:
286 key = (UCHAR *)key_ctr_192;
287 iv = (UCHAR *)iv_ctr_192;
288 plain = (UCHAR *)plain_ctr_192;
289 secret = (UCHAR *)secret_ctr_192;
290 break;
291 case 256:
292 key = (UCHAR *)key_ctr_256;
293 iv = (UCHAR *)iv_ctr_256;
294 plain = (UCHAR *)plain_ctr_256;
295 secret = (UCHAR *)secret_ctr_256;
296 break;
297 default:
298 return(1);
299 }
300 break;
301
302 case NX_CRYPTO_ENCRYPTION_AES_GCM_16:
303 switch (key_size)
304 {
305 case 128:
306 key = (UCHAR *)key_gcm_128;
307 iv = (UCHAR *)iv_gcm_128;
308 plain = (UCHAR *)plain_gcm_128;
309 secret = (UCHAR *)secret_gcm_128;
310 aad = (UCHAR *)aad_gcm_128;
311 secret_size = sizeof(secret_gcm_128);
312 break;
313 default:
314 return(1);
315 }
316 break;
317
318 default:
319 return(1);
320 }
321
322 if (crypto_method_aes -> nx_crypto_init)
323 {
324 status = crypto_method_aes -> nx_crypto_init(crypto_method_aes,
325 key,
326 key_size,
327 &handler,
328 metadata,
329 metadata_size);
330 if (status != NX_CRYPTO_SUCCESS)
331 {
332 return(status);
333 }
334 }
335
336 if (crypto_method_aes -> nx_crypto_operation == NX_NULL)
337 {
338 return(NX_PTR_ERROR);
339 }
340
341 if (aad != NX_NULL)
342 {
343 /* Set additional data pointer and length. */
344 status = crypto_method_aes -> nx_crypto_operation(NX_CRYPTO_SET_ADDITIONAL_DATA,
345 NX_NULL,
346 crypto_method_aes,
347 key,
348 key_size,
349 aad,
350 INPUT_OUTPUT_LENGTH,
351 (UCHAR *)iv,
352 (UCHAR *)NX_NULL,
353 0,
354 metadata,
355 metadata_size,
356 NX_NULL, NX_NULL);
357 if (status != NX_CRYPTO_SUCCESS)
358 {
359 return(status);
360 }
361 }
362
363 /* Encryption. */
364 status = crypto_method_aes -> nx_crypto_operation(NX_CRYPTO_ENCRYPT,
365 handler,
366 crypto_method_aes,
367 key,
368 key_size,
369 plain,
370 INPUT_OUTPUT_LENGTH,
371 iv,
372 output,
373 secret_size,
374 metadata,
375 metadata_size,
376 NX_NULL, NX_NULL);
377 if (status != NX_CRYPTO_SUCCESS)
378 {
379 return(status);
380 }
381
382 if (NX_SECURE_MEMCMP(output, secret, secret_size) != 0)
383 {
384 return(NX_NOT_SUCCESSFUL);
385 }
386
387 /* Decryption. */
388 status = crypto_method_aes -> nx_crypto_operation(NX_CRYPTO_DECRYPT,
389 handler,
390 crypto_method_aes,
391 key,
392 key_size,
393 secret,
394 secret_size,
395 iv,
396 output,
397 INPUT_OUTPUT_LENGTH,
398 metadata,
399 metadata_size,
400 NX_NULL, NX_NULL);
401 if (status != NX_CRYPTO_SUCCESS)
402 {
403 return(status);
404 }
405
406 if (NX_SECURE_MEMCMP(output, plain, INPUT_OUTPUT_LENGTH) != 0)
407 {
408 return(NX_NOT_SUCCESSFUL);
409 }
410
411 if (crypto_method_aes -> nx_crypto_cleanup)
412 {
413 status = crypto_method_aes -> nx_crypto_cleanup(metadata);
414 }
415
416 return(status);
417 }
418 #endif
419
420
421
