mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2025-06-06 20:43:44 +02:00
AES-CTR test vectors and fixes to CTR code.
This commit is contained in:
Adam Ierymenko
parent
87890565f3
commit
4af3467757
2 changed files with 31 additions and 7 deletions
12
node/AES.cpp
12
node/AES.cpp
|
|
@ -514,6 +514,7 @@ void AES::CTR::crypt(const void *const input,unsigned int len) noexcept
|
|||
out += totalLen;
|
||||
_len = (totalLen + len);
|
||||
|
||||
#if 0
|
||||
// This is the largest chunk size that will fit in SSE registers with four
|
||||
// registers left over for round key data and temporaries.
|
||||
while (len >= 192) {
|
||||
|
|
@ -672,8 +673,9 @@ void AES::CTR::crypt(const void *const input,unsigned int len) noexcept
|
|||
len -= 192;
|
||||
out += 192;
|
||||
}
|
||||
#endif
|
||||
|
||||
while (_len >= 64) {
|
||||
while (len >= 64) {
|
||||
__m128i d0,d1,d2,d3;
|
||||
if (likely(c1 < 0xfffffffffffffffcULL)) {
|
||||
d0 = _mm_set_epi64x((long long)Utils::hton(c1),(long long)c0);
|
||||
|
|
@ -699,10 +701,10 @@ void AES::CTR::crypt(const void *const input,unsigned int len) noexcept
|
|||
d1 = _mm_xor_si128(d1,k0);
|
||||
d2 = _mm_xor_si128(d2,k0);
|
||||
d3 = _mm_xor_si128(d3,k0);
|
||||
d0 = _mm_xor_si128(d0,k1);
|
||||
d1 = _mm_xor_si128(d1,k1);
|
||||
d2 = _mm_xor_si128(d2,k1);
|
||||
d3 = _mm_xor_si128(d3,k1);
|
||||
d0 = _mm_aesenc_si128(d0,k1);
|
||||
d1 = _mm_aesenc_si128(d1,k1);
|
||||
d2 = _mm_aesenc_si128(d2,k1);
|
||||
d3 = _mm_aesenc_si128(d3,k1);
|
||||
for (int r=2;r<14;r+=2) {
|
||||
k0 = _aes._k.ni.k[r];
|
||||
k1 = _aes._k.ni.k[r+1];
|
||||
|
|
|
|||
|
|
@ -77,6 +77,11 @@ static const uint8_t AES_TEST_VECTOR_0_KEY[32] = { 0x60,0x3d,0xeb,0x10,0x15,0xca
|
|||
static const uint8_t AES_TEST_VECTOR_0_IN[16] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
|
||||
static const uint8_t AES_TEST_VECTOR_0_OUT[16] = { 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 };
|
||||
|
||||
static const uint8_t AES_CTR_TEST_VECTOR_0_KEY[32] = { 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 };
|
||||
static const uint8_t AES_CTR_TEST_VECTOR_0_IV[16] = { 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff };
|
||||
static const uint8_t AES_CTR_TEST_VECTOR_0_IN[64] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 };
|
||||
static const uint8_t AES_CTR_TEST_VECTOR_0_OUT[64] = { 0x60,0x1e,0xc3,0x13,0x77,0x57,0x89,0xa5,0xb7,0xa7,0xf5,0x04,0xbb,0xf3,0xd2,0x28,0xf4,0x43,0xe3,0xca,0x4d,0x62,0xb5,0x9a,0xca,0x84,0xe9,0x90,0xca,0xca,0xf5,0xc5,0x2b,0x09,0x30,0xda,0xa2,0x3d,0xe9,0x4c,0xe8,0x70,0x17,0xba,0x2d,0x84,0x98,0x8d,0xdf,0xc9,0xc5,0x8d,0xb6,0x7a,0xad,0xa6,0x13,0xc2,0xdd,0x08,0x45,0x79,0x41,0xa6 };
|
||||
|
||||
static const uint8_t AES_GMAC_VECTOR_0_KEY[32] = { 0xbb, 0x10, 0x10, 0x06, 0x4f, 0xb8, 0x35, 0x23, 0xea, 0x9d, 0xf3, 0x2b, 0xad, 0x9f, 0x1f, 0x2a, 0x4f, 0xce, 0xfc, 0x0f, 0x21, 0x07, 0xc0, 0xaa, 0xba, 0xd9, 0xb7, 0x56, 0xd8, 0x09, 0x21, 0x9d };
|
||||
static const uint8_t AES_GMAC_VECTOR_0_IV[12] = { 0x2f, 0x9a, 0xd0, 0x12, 0xad, 0xfc, 0x12, 0x73, 0x43, 0xfb, 0xe0, 0x56 };
|
||||
static const uint8_t AES_GMAC_VECTOR_0_IN[16] = { 0xdb, 0x98, 0xd9, 0x0d, 0x1b, 0x69, 0x5c, 0xdb, 0x74, 0x7a, 0x34, 0x3f, 0xbb, 0xc9, 0xf1, 0x41 };
|
||||
|
|
@ -514,17 +519,34 @@ extern "C" const char *ZTT_crypto()
|
|||
AES aes(AES_TEST_VECTOR_0_KEY);
|
||||
aes.encrypt(AES_TEST_VECTOR_0_IN,out);
|
||||
if (memcmp(AES_TEST_VECTOR_0_OUT,out,16) != 0) {
|
||||
ZT_T_PRINTF("FAILED (test vector 0) ZT_EOL_S");
|
||||
ZT_T_PRINTF("FAILED (test vector 0)" ZT_EOL_S);
|
||||
return "AES test vector 0 failed";
|
||||
}
|
||||
aes.decrypt(out,out);
|
||||
if (memcmp(AES_TEST_VECTOR_0_IN,out,16) != 0) {
|
||||
ZT_T_PRINTF("FAILED (test vector 0 decrypt) ZT_EOL_S");
|
||||
ZT_T_PRINTF("FAILED (test vector 0 decrypt)" ZT_EOL_S);
|
||||
return "AES test vector 0 decrypt failed";
|
||||
}
|
||||
ZT_T_PRINTF("OK" ZT_EOL_S);
|
||||
}
|
||||
|
||||
{
|
||||
uint8_t out[64];
|
||||
ZT_T_PRINTF("[crypto] Testing AES-CTR (hardware acceleration: %s)... ",AES::accelerated() ? "enabled" : "disabled");
|
||||
{
|
||||
AES aes(AES_CTR_TEST_VECTOR_0_KEY);
|
||||
AES::CTR ctr(aes);
|
||||
ctr.init(AES_CTR_TEST_VECTOR_0_IV,out);
|
||||
ctr.crypt(AES_CTR_TEST_VECTOR_0_IN,64);
|
||||
ctr.finish();
|
||||
if (memcmp(out,AES_CTR_TEST_VECTOR_0_OUT,64) != 0) {
|
||||
ZT_T_PRINTF("FAILED (test vector 0)" ZT_EOL_S);
|
||||
return "AES-CTR test vector 0 failed";
|
||||
}
|
||||
}
|
||||
ZT_T_PRINTF("OK" ZT_EOL_S);
|
||||
}
|
||||
|
||||
{
|
||||
uint8_t tag[16];
|
||||
ZT_T_PRINTF("[crypto] Testing AES-GMAC (hardware acceleration: %s)... ",AES::accelerated() ? "enabled" : "disabled");
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue