implemented append mode for xcbc, testcase
[strongswan.git] / src / charon / plugins / unit_tester / tests / test_aes.c
index 5b69dc2..06e891d 100644 (file)
@@ -178,7 +178,7 @@ static bool do_xcbc_test(u_int8_t *key, size_t keylen, u_int8_t *mac,
        prf_t *prf;
        u_int8_t res[16];
        
-       prf = lib->crypto->create_prf(lib->crypto, PRF_AES128_CBC);
+       prf = lib->crypto->create_prf(lib->crypto, PRF_AES128_XCBC);
        if (!prf)
        {
                return FALSE;
@@ -403,6 +403,65 @@ bool test_aes_xcbc()
        {
                return FALSE;
        }
+       
+       
+       /* Test Case #10  : AES-XCBC-MAC-96 with 32-byte input using append mode
+        * Key (K)        : 000102030405060708090a0b0c0d0e0f
+        * Message (M)    : 000102030405060708090a0b0c0d0e0f10111213141516171819
+        *                      1a1b1c1d1e1f
+        * AES-XCBC-MAC   : f54f0ec8d2b9f3d36807734bd5283fd4
+        * AES-XCBC-MAC-96: f54f0ec8d2b9f3d36807734b
+        */
+       u_char key10[] = {
+               0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+               0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+       };
+       u_char plain10[] = {
+               0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+               0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+               0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
+               0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f
+       };
+       u_char mac10[] = {
+               0xf5,0x4f,0x0e,0xc8,0xd2,0xb9,0xf3,0xd3,
+               0x68,0x07,0x73,0x4b,0xd5,0x28,0x3f,0xd4
+       };
+       int i;
+       prf_t *prf = lib->crypto->create_prf(lib->crypto, PRF_AES128_XCBC);
+       u_char res[16];
+       if (!prf)
+       {
+               return FALSE;
+       }
+       prf->set_key(prf, chunk_create(key10, sizeof(key10)));
+       for (i = 0; i < 4; i++)
+       {       /* bytes 0 - 3, 1 byte at once */
+               prf->get_bytes(prf, chunk_create(plain10 + i, 1), NULL);
+       }
+       for (i = 4; i < 5; i+=8)
+       {       /* bytes 4 - 11, at once */
+               prf->get_bytes(prf, chunk_create(plain10 + i, 8), NULL);
+       }
+       for (i = 12; i < 24; i+=4)
+       {       /* bytes 12 - 23, in blocks of 4 */
+               prf->get_bytes(prf, chunk_create(plain10 + i, 4), NULL);
+       }
+       for (i = 0; i < 4; i++)
+       {       /* 4 zero blobs */
+               prf->get_bytes(prf, chunk_create(NULL, 0), NULL);
+       }
+       for (i = 24; i < 25; i+=8)
+       {       /* bytes 24 - 32, at once */
+               prf->get_bytes(prf, chunk_create(plain10 + i, 8), res);
+       }
+       if (!memeq(res, mac10, 16))
+       {
+               DBG1(DBG_CFG, "expected %b\ngot %b", mac10, 16, res, 16);
+               prf->destroy(prf);
+               return FALSE;
+       }
+       prf->destroy(prf);
+       
        return TRUE; 
 }