1 /* ====================================================================
2 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
30 * 6. Redistributions of any form whatsoever must retain the following
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 /*---------------------------------------------
50 NIST DES Modes of Operation Validation System
53 Based on the AES Validation Suite, which was:
54 Donated to OpenSSL by:
56 20250 Century Blvd, Suite 300
59 ----------------------------------------------*/
61 #define OPENSSL_FIPSAPI
69 #include <openssl/crypto.h>
70 #include <openssl/des.h>
71 #include <openssl/evp.h>
72 #include <openssl/bn.h>
74 #include <openssl/err.h>
79 int main(int argc, char *argv[])
81 printf("No FIPS DES support\n");
88 #include <openssl/fips.h>
90 #define DES_BLOCK_SIZE 8
94 static int DESTest(EVP_CIPHER_CTX *ctx,
95 char *amode, int akeysz, unsigned char *aKey,
97 int dir, /* 0 = decrypt, 1 = encrypt */
98 unsigned char *out, unsigned char *in, int len)
100 const EVP_CIPHER *cipher = NULL;
104 printf("Invalid key size: %d\n", akeysz);
108 if (fips_strcasecmp(amode, "CBC") == 0)
109 cipher = EVP_des_ede3_cbc();
110 else if (fips_strcasecmp(amode, "ECB") == 0)
111 cipher = EVP_des_ede3_ecb();
112 else if (fips_strcasecmp(amode, "CFB64") == 0)
113 cipher = EVP_des_ede3_cfb64();
114 else if (fips_strncasecmp(amode, "OFB", 3) == 0)
115 cipher = EVP_des_ede3_ofb();
116 else if(!fips_strcasecmp(amode,"CFB8"))
117 cipher = EVP_des_ede3_cfb8();
118 else if(!fips_strcasecmp(amode,"CFB1"))
119 cipher = EVP_des_ede3_cfb1();
122 printf("Unknown mode: %s\n", amode);
126 if (FIPS_cipherinit(ctx, cipher, aKey, iVec, dir) <= 0)
128 if(!fips_strcasecmp(amode,"CFB1"))
129 M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS);
130 FIPS_cipher(ctx, out, in, len);
135 static void DebugValue(char *tag, unsigned char *val, int len)
139 olen = bin2hex(val, len, obuf);
140 printf("%s = %.*s\n", tag, olen, obuf);
143 static void shiftin(unsigned char *dst,unsigned char *src,int nbits)
147 /* move the bytes... */
148 memmove(dst,dst+nbits/8,3*8-nbits/8);
149 /* append new data */
150 memcpy(dst+3*8-nbits/8,src,(nbits+7)/8);
151 /* left shift the bits */
153 for(n=0 ; n < 3*8 ; ++n)
154 dst[n]=(dst[n] << (nbits%8))|(dst[n+1] >> (8-nbits%8));
157 /*-----------------------------------------------*/
158 char *tdes_t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"};
159 char *tdes_t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"};
160 enum tdes_Mode {TCBC, TECB, TOFB, TCFB1, TCFB8, TCFB64};
161 int Sizes[6]={64,64,64,1,8,64};
163 static int do_tmct(char *amode,
164 int akeysz, int numkeys, unsigned char *akey,unsigned char *ivec,
165 int dir, unsigned char *text, int len,
169 unsigned char nk[4*8]; /* longest key+8 */
170 unsigned char text0[8];
172 for (imode=0 ; imode < 6 ; ++imode)
173 if(!strcmp(amode,tdes_t_mode[imode]))
177 printf("Unrecognized mode: %s\n", amode);
180 for(i=0 ; i < 400 ; ++i)
185 unsigned char old_iv[8];
187 FIPS_cipher_ctx_init(&ctx);
189 fprintf(rfp,RESP_EOL "COUNT = %d" RESP_EOL,i);
191 OutputValue("KEY",akey,8,rfp,0);
193 for(n=0 ; n < kp ; ++n)
195 fprintf(rfp,"KEY%d",n+1);
196 OutputValue("",akey+n*8,8,rfp,0);
200 OutputValue("IV",ivec,8,rfp,0);
201 OutputValue(tdes_t_tag[dir^1],text,len,rfp,imode == TCFB1);
203 /* compensate for endianness */
207 memcpy(text0,text,8);
209 for(j=0 ; j < 10000 ; ++j)
211 unsigned char old_text[8];
213 memcpy(old_text,text,8);
216 memcpy(old_iv,ivec,8);
217 DESTest(&ctx,amode,akeysz,akey,ivec,dir,text,text,len);
221 memcpy(old_iv,ctx.iv,8);
222 FIPS_cipher(&ctx,text,text,len);
226 OutputValue(tdes_t_tag[dir],text,len,rfp,imode == TCFB1);
227 /* memcpy(ivec,text,8); */
229 /* DebugValue("iv",ctx.iv,8); */
230 /* accumulate material for the next key */
231 shiftin(nk,text,Sizes[imode]);
232 /* DebugValue("nk",nk,24);*/
233 if((dir && (imode == TCFB1 || imode == TCFB8
234 || imode == TCFB64 || imode == TCBC)) || imode == TOFB)
235 memcpy(text,old_iv,8);
237 if(!dir && (imode == TCFB1 || imode == TCFB8 || imode == TCFB64))
239 /* the test specifies using the output of the raw DES operation
240 which we don't have, so reconstruct it... */
241 for(n=0 ; n < 8 ; ++n)
242 text[n]^=old_text[n];
245 for(n=0 ; n < 8 ; ++n)
247 for(n=0 ; n < 8 ; ++n)
249 for(n=0 ; n < 8 ; ++n)
252 memcpy(&akey[2*8],akey,8);
254 memcpy(&akey[8],akey,8);
255 DES_set_odd_parity((DES_cblock *)akey);
256 DES_set_odd_parity((DES_cblock *)(akey+8));
257 DES_set_odd_parity((DES_cblock *)(akey+16));
258 memcpy(ivec,ctx.iv,8);
260 /* pointless exercise - the final text doesn't depend on the
261 initial text in OFB mode, so who cares what it is? (Who
262 designed these tests?) */
264 for(n=0 ; n < 8 ; ++n)
265 text[n]=text0[n]^old_iv[n];
266 FIPS_cipher_ctx_cleanup(&ctx);
271 static int tproc_file(char *rqfile, char *rspfile)
273 char afn[256], rfn[256];
274 FILE *afp = NULL, *rfp = NULL;
275 char ibuf[2048], tbuf[2048];
278 char atest[100] = "";
280 unsigned char iVec[20], aKey[40];
281 int dir = -1, err = 0, step = 0, echo = 1;
282 unsigned char plaintext[2048];
283 unsigned char ciphertext[2048];
287 FIPS_cipher_ctx_init(&ctx);
289 if (!rqfile || !(*rqfile))
291 printf("No req file\n");
296 if ((afp = fopen(afn, "r")) == NULL)
298 printf("Cannot open file: %s, %s\n",
299 afn, strerror(errno));
305 rp=strstr(rfn,"req/");
306 #ifdef OPENSSL_SYS_WIN32
308 rp=strstr(rfn,"req\\");
312 rp = strstr(rfn, ".req");
313 memcpy(rp, ".rsp", 4);
316 if ((rfp = fopen(rspfile, "w")) == NULL)
318 printf("Cannot open file: %s, %s\n",
319 rfn, strerror(errno));
324 while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL)
326 tidy_line(tbuf, ibuf);
327 /* printf("step=%d ibuf=%s",step,ibuf);*/
328 if(step == 3 && !strcmp(amode,"ECB"))
330 memset(iVec, 0, sizeof(iVec));
331 step = (dir)? 4: 5; /* no ivec for ECB */
335 case 0: /* read preamble */
337 { /* end of preamble */
340 printf("Missing Mode\n");
345 copy_line(ibuf, rfp);
349 else if (ibuf[0] != '#')
351 printf("Invalid preamble item: %s\n", ibuf);
355 { /* process preamble */
356 char *xp, *pp = ibuf+2;
359 { /* insert current time & date */
360 time_t rtim = time(0);
362 copy_line(ctime(&rtim), rfp);
366 copy_line(ibuf, rfp);
367 if(!strncmp(pp,"INVERSE ",8) || !strncmp(pp,"DES ",4)
368 || !strncmp(pp,"TDES ",5)
369 || !strncmp(pp,"PERMUTATION ",12)
370 || !strncmp(pp,"SUBSTITUTION ",13)
371 || !strncmp(pp,"VARIABLE ",9))
374 if(!strncmp(pp,"DES ",4))
376 else if(!strncmp(pp,"TDES ",5))
378 xp = strchr(pp, ' ');
380 strncpy(atest, pp, n);
383 xp = strrchr(pp, ' '); /* get mode" */
385 strncpy(amode, xp+1, n);
387 if (!strcmp(atest, "Monte"))
389 /* amode[3] = '\0'; */
391 printf("Test=%s, Mode=%s\n",atest,amode);
397 case 1: /* [ENCRYPT] | [DECRYPT] */
402 copy_line(ibuf, rfp);
404 if (fips_strncasecmp(ibuf, "[ENCRYPT]", 9) == 0)
406 else if (fips_strncasecmp(ibuf, "[DECRYPT]", 9) == 0)
410 printf("Invalid keyword: %s\n", ibuf);
418 printf("Missing ENCRYPT/DECRYPT keyword\n");
424 case 2: /* KEY = xxxx */
427 copy_line(ibuf, rfp);
430 if(!fips_strncasecmp(ibuf,"COUNT = ",8))
432 copy_line(ibuf, rfp);
435 if(!fips_strncasecmp(ibuf,"COUNT=",6))
437 copy_line(ibuf, rfp);
440 if(!fips_strncasecmp(ibuf,"NumKeys = ",10))
442 numkeys=atoi(ibuf+10);
446 copy_line(ibuf, rfp);
447 if(!fips_strncasecmp(ibuf,"KEY = ",6))
450 len = hex2bin((char*)ibuf+6, aKey);
453 printf("Invalid KEY\n");
457 PrintValue("KEY", aKey, len);
460 else if(!fips_strncasecmp(ibuf,"KEYs = ",7))
463 len=hex2bin(ibuf+7,aKey);
466 printf("Invalid KEY\n");
470 memcpy(aKey+8,aKey,8);
471 memcpy(aKey+16,aKey,8);
473 PrintValue("KEYs",aKey,len);
476 else if(!fips_strncasecmp(ibuf,"KEY",3))
481 len=hex2bin(ibuf+7,aKey+n*8);
484 printf("Invalid KEY\n");
489 PrintValue(ibuf,aKey,len);
495 printf("Missing KEY\n");
500 case 3: /* IV = xxxx */
502 copy_line(ibuf, rfp);
503 if (fips_strncasecmp(ibuf, "IV = ", 5) != 0)
505 printf("Missing IV\n");
510 len = hex2bin((char*)ibuf+5, iVec);
513 printf("Invalid IV\n");
517 PrintValue("IV", iVec, len);
522 case 4: /* PLAINTEXT = xxxx */
524 copy_line(ibuf, rfp);
525 if (fips_strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0)
527 printf("Missing PLAINTEXT\n");
532 int nn = strlen(ibuf+12);
533 if(!strcmp(amode,"CFB1"))
534 len=bint2bin(ibuf+12,nn-1,plaintext);
536 len=hex2bin(ibuf+12, plaintext);
539 printf("Invalid PLAINTEXT: %s", ibuf+12);
543 if (len >= (int)sizeof(plaintext))
545 printf("Buffer overflow\n");
547 PrintValue("PLAINTEXT", (unsigned char*)plaintext, len);
548 if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */
550 if (!do_tmct(amode,akeysz,numkeys,aKey,iVec,
551 dir,plaintext,len,rfp))
557 DESTest(&ctx, amode, akeysz, aKey, iVec,
558 dir, /* 0 = decrypt, 1 = encrypt */
559 ciphertext, plaintext, len);
560 OutputValue("CIPHERTEXT",ciphertext,len,rfp,
561 !strcmp(amode,"CFB1"));
567 case 5: /* CIPHERTEXT = xxxx */
569 copy_line(ibuf, rfp);
570 if (fips_strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0)
572 printf("Missing KEY\n");
577 if(!strcmp(amode,"CFB1"))
578 len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext);
580 len = hex2bin(ibuf+13,ciphertext);
583 printf("Invalid CIPHERTEXT\n");
588 PrintValue("CIPHERTEXT", ciphertext, len);
589 if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */
591 do_tmct(amode, akeysz, numkeys, aKey, iVec,
592 dir, ciphertext, len, rfp);
597 DESTest(&ctx, amode, akeysz, aKey, iVec,
598 dir, /* 0 = decrypt, 1 = encrypt */
599 plaintext, ciphertext, len);
600 OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp,
601 !strcmp(amode,"CFB1"));
611 printf("Missing terminator\n");
613 else if (strcmp(atest, "MCT") != 0)
614 { /* MCT already added terminating nl */
615 copy_line(ibuf, rfp);
625 FIPS_cipher_ctx_cleanup(&ctx);
629 /*--------------------------------------------------
630 Processes either a single file or
631 a set of files whose names are passed in a file.
632 A single file is specified as:
634 A set of files is specified as:
635 aes_test -d xxxxx.xxx
636 The default is: -d req.txt
637 --------------------------------------------------*/
639 int fips_desmovs_main(int argc, char **argv)
641 int main(int argc, char **argv)
644 char *rqlist = "req.txt", *rspfile = NULL;
646 char fn[250] = "", rfn[256] = "";
652 if (fips_strcasecmp(argv[1], "-d") == 0)
656 else if (fips_strcasecmp(argv[1], "-f") == 0)
662 printf("Invalid parameter: %s\n", argv[1]);
667 printf("Missing parameter\n");
679 { /* list of files (directory) */
680 if (!(fp = fopen(rqlist, "r")))
682 printf("Cannot open req list file\n");
685 while (fgets(fn, sizeof(fn), fp))
689 printf("Processing: %s\n", rfn);
690 if (tproc_file(rfn, rspfile))
692 printf(">>> Processing failed for: %s <<<\n", rfn);
698 else /* single file */
701 printf("Processing: %s\n", fn);
702 if (tproc_file(fn, rspfile))
704 printf(">>> Processing failed for: %s <<<\n", fn);