diff --git a/ChangeLog b/ChangeLog index 0daed08d0..5295e178e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,7 @@ PolarSSL ChangeLog (Sorted per branch, date) Features * Support for the Koblitz curves: secp192k1, secp224k1, secp256k1 * Support for RIPEMD-160 + * Support for AES CFB8 mode * Allow for use of PKCS#1 v2.1 via the PK layer (pk_rsa_set_padding() and rsa_set_padding()) diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h index 9513a71ac..7399995f2 100644 --- a/include/polarssl/aes.h +++ b/include/polarssl/aes.h @@ -154,6 +154,29 @@ int aes_crypt_cfb128( aes_context *ctx, const unsigned char *input, unsigned char *output ); +/** + * \brief AES-CFB8 buffer encryption/decryption. + * + * Note: Due to the nature of CFB you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful + */ +int aes_crypt_cfb8( aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + /** * \brief AES-CTR buffer encryption/decryption * diff --git a/library/aes.c b/library/aes.c index 69da3f681..bc4b178ed 100644 --- a/library/aes.c +++ b/library/aes.c @@ -906,6 +906,39 @@ int aes_crypt_cfb128( aes_context *ctx, return( 0 ); } + +/* + * AES-CFB8 buffer encryption/decryption + */ +#include +int aes_crypt_cfb8( aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + unsigned char c; + unsigned char ov[17]; + + while( length-- ) + { + memcpy(ov, iv, 16); + aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); + + if( mode == AES_DECRYPT ) + ov[16] = *input; + + c = *output++ = (unsigned char)( iv[0] ^ *input++ ); + + if( mode == AES_ENCRYPT ) + ov[16] = c; + + memcpy(iv, ov + 1, 16); + } + + return( 0 ); +} #endif /*POLARSSL_CIPHER_MODE_CFB */ #if defined(POLARSSL_CIPHER_MODE_CTR) diff --git a/tests/suites/test_suite_aes.cfb.data b/tests/suites/test_suite_aes.cfb.data index 0a83c72e4..74c2519a4 100644 --- a/tests/suites/test_suite_aes.cfb.data +++ b/tests/suites/test_suite_aes.cfb.data @@ -285,3 +285,183 @@ aes_decrypt_cfb128:"000000000000000000000000000000000000000000000000000000000000 AES-256-CFB128 Decrypt NIST KAT #12 depends_on:POLARSSL_CIPHER_MODE_CFB aes_decrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"f8000000000000000000000000000000":"7818d800dcf6f4be1e0e94f403d1e4c2":"00000000000000000000000000000000" + +AES-128-CFB8 Encrypt NIST MMT #0 +aes_encrypt_cfb8:"c57d699d89df7cfbef71c080a6b10ac3":"fcb2bc4c006b87483978796a2ae2c42e":"61":"24" + +AES-128-CFB8 Encrypt NIST MMT #1 +aes_encrypt_cfb8:"0d8f3dc3edee60db658bb97faf46fba3":"e481fdc42e606b96a383c0a1a5520ebb":"aacd":"5066" + +AES-128-CFB8 Encrypt NIST MMT #2 +aes_encrypt_cfb8:"c8fe9bf77b930f46d2078b8c0e657cd4":"f475c64991b20eaee183a22629e21e22":"c90635":"d27691" + +AES-128-CFB8 Encrypt NIST MMT #3 +aes_encrypt_cfb8:"280cf81af5cc7e7363579c1da03390e6":"5d6cf4722d0e21f1d9ced53a0e36c342":"b2a22ced":"73f3aebf" + +AES-128-CFB8 Encrypt NIST MMT #4 +aes_encrypt_cfb8:"5d5e7f20e0a66d3e09e0e5a9912f8a46":"052d7ea0ad1f2956a23b27afe1d87b6b":"b84a90fc6d":"1a9a61c307" + +AES-128-CFB8 Encrypt NIST MMT #5 +aes_encrypt_cfb8:"ec89fb348787cf902ca973c47081438d":"528fe95c711bd13f37bc52cc9e96d45c":"14253472e99d":"cfc247e33a3b" + +AES-128-CFB8 Encrypt NIST MMT #6 +aes_encrypt_cfb8:"6607987c354809cba818639dcd185147":"552c101a0b7c0ca143af258453937fa3":"9b1a5a1369166e":"b7ab2a4cc71904" + +AES-128-CFB8 Encrypt NIST MMT #7 +aes_encrypt_cfb8:"c028e6bf2b749ffa86759f2f84e93cb0":"288c752d9faccf367e5d0cca1fa6ec3b":"324015878cdc82bf":"873250152fc6a5bb" + +AES-128-CFB8 Encrypt NIST MMT #8 +aes_encrypt_cfb8:"d01da95d2c2a61da06ea78cfba59cc30":"f9a393ad90814faf262e3a5b1d97592e":"57c1a30e48166d9640":"e9a8c3b776edd39e3d" + +AES-128-CFB8 Encrypt NIST MMT #9 +aes_encrypt_cfb8:"3a6f9159263fa6cef2a075caface5817":"0fc23662b7dbf73827f0c7de321ca36e":"87efeb8d559ed3367728":"8e9c50425614d540ce11" + +AES-128-CFB8 Decrypt NIST MMT #0 +aes_decrypt_cfb8:"03edfe082550bd5ac8ddf64f42a0547f":"52acd8dab62c981da08e51939cc08dab":"21":"09" + +AES-128-CFB8 Decrypt NIST MMT #1 +aes_decrypt_cfb8:"38cf776750162edc63c3b5dbe311ab9f":"98fbbd288872c40f1926b16ecaec1561":"4878":"eb24" + +AES-128-CFB8 Decrypt NIST MMT #2 +aes_decrypt_cfb8:"c9053c87c3e56bc5e52bd31f6545f991":"b8f9640d0923da13fe6eb87b01f0cfa0":"aeb6d2":"910949" + +AES-128-CFB8 Decrypt NIST MMT #3 +aes_decrypt_cfb8:"e96771f5f20a89ee871261d2d18e1e46":"6e86403e33396655907ae06ef192262f":"83cab2f3":"3b7f1f1c" + +AES-128-CFB8 Decrypt NIST MMT #4 +aes_decrypt_cfb8:"92ad13ecb60bde1bb3b34ce07867672b":"f95a4060b8f80e3f839d4c3ca33dad94":"49f73e652b":"17b9b9e16d" + +AES-128-CFB8 Decrypt NIST MMT #5 +aes_decrypt_cfb8:"eb57b8dd076e7bbb33d4bfc4d7ecb27e":"51135997a067dcd2e016c57134c5fa52":"b0eacbf2ca46":"ca989fa4e818" + +AES-128-CFB8 Decrypt NIST MMT #6 +aes_decrypt_cfb8:"70abc48bb1be490183f0fe3df56195ff":"e251f179174b71ee1e488ab3dd200483":"08fbef9b2a369a":"5405da1186b7e0" + +AES-128-CFB8 Decrypt NIST MMT #7 +aes_decrypt_cfb8:"1273b8e0eee1a1ca827059b4d0a3a55d":"622cab49092d026f554dd98a6441dc26":"b3cb9d8892423aeb":"d497df73afb9787c" + +AES-128-CFB8 Decrypt NIST MMT #8 +aes_decrypt_cfb8:"49437e06b6faa5f20fd98bf71f8ff554":"63c818e0d3cb5b7054ef3e1e87df0e12":"01992a986279c3685e":"f203bcd402b65919da" + +AES-128-CFB8 Decrypt NIST MMT #9 +aes_decrypt_cfb8:"6399c1dc068ba3509845628fa9ed1a96":"1157c2766c86b754df485be9dd5851df":"c9c284e9abbfe6fb11fe":"feff4e2e2458addf2a54" + +AES-192-CFB8 Encrypt NIST MMT #0 +aes_encrypt_cfb8:"32a1b0e3da368db563d7316b9779d3327e53d9a6d287ed97":"3dd0e7e21f09d5842f3a699da9b57346":"54":"6d" + +AES-192-CFB8 Encrypt NIST MMT #1 +aes_encrypt_cfb8:"a6381dcc18dd85d7729c1dce90743bbe1df580d857f5b9c4":"c0ac501fad7f4a1465daf32e18fc1a4f":"a456":"8fb6" + +AES-192-CFB8 Encrypt NIST MMT #2 +aes_encrypt_cfb8:"d08dbee4732c7ffc544c1695b201d30e795037325ef0aa18":"a1e39aeeb972a8d70aa0fc7d6fac6eac":"fd115d":"c4c016" + +AES-192-CFB8 Encrypt NIST MMT #3 +aes_encrypt_cfb8:"277185a4a440869920f523c4d578fc5bedd33aee8d2ebaf7":"67be00572f82aabc13d6e5a2e51d1f08":"88e07061":"8bb630ba" + +AES-192-CFB8 Encrypt NIST MMT #4 +aes_encrypt_cfb8:"83f70fdce47306fcbb8c21b6a8b3209f7ec185fef4deebd4":"ff73b310cf7e62ce6f501092fa6cc888":"36664e222d":"20855555d1" + +AES-192-CFB8 Encrypt NIST MMT #5 +aes_encrypt_cfb8:"c5be271a29f4a29e085e8e98196601dcb88ccc03e559a304":"9f51fa2eb8a084718f7240e47d135dce":"b57f12342a62":"73ff9bf3ec4b" + +AES-192-CFB8 Encrypt NIST MMT #6 +aes_encrypt_cfb8:"9c55322e6d495be01076d4b80371ad1479ae5636ff9861f5":"2b79cfc1ff37254dedf5924a6b61e3e0":"6dcede43c2ee65":"7c897658282220" + +AES-192-CFB8 Encrypt NIST MMT #7 +aes_encrypt_cfb8:"6e78ccece7d1b2a3c08cf0de738bee33cbbbf78d9bf4922c":"4bbe15b1e94a7b97250a2136d8804e46":"ceda42527871f802":"d92ff89045b1917f" + +AES-192-CFB8 Encrypt NIST MMT #8 +aes_encrypt_cfb8:"13c98665746f7825b37b404916240adbd1e4364be1d05c63":"0e479fbd5f3961f38b8a26be1f2d65c5":"1b0a63d73464ab3c8a":"5485847e5d3c2e2cc4" + +AES-192-CFB8 Encrypt NIST MMT #9 +aes_encrypt_cfb8:"537e7bf661fd4024a024613f15b13690f7d0c847c1e18965":"3a81f9d9d3c155b0caad5d73349476fc":"d3d8b9b984adc24237ee":"3879fea72ac99929e53a" + +AES-192-CFB8 Decrypt NIST MMT #0 +aes_decrypt_cfb8:"7dbdc15ad4034ed828dc862799b7adc9abd68eaf9d526d5d":"4359683af5a3a85c248fb7f5506f317b":"25":"2d" + +AES-192-CFB8 Decrypt NIST MMT #1 +aes_decrypt_cfb8:"3a2cdf9c9608c1dd6233d03dd855293b0885915114b25279":"e7a28ee34acc52128ddae658ec6398a2":"0678":"7b04" + +AES-192-CFB8 Decrypt NIST MMT #2 +aes_decrypt_cfb8:"c984b99a6cc5bc88003143cbe4b755e6e30ba94114f7ad1e":"41e3b8fd138f8c358dfeef420302f634":"037cf6":"658d0a" + +AES-192-CFB8 Decrypt NIST MMT #3 +aes_decrypt_cfb8:"39747da225bdc0c53c3463fd686dbe19d14157535171f91d":"77d3a5ad8bbdb169f8d29e5f21798651":"0fb0cee2":"2d191f2f" + +AES-192-CFB8 Decrypt NIST MMT #4 +aes_decrypt_cfb8:"4cd13179dfa16d01c6a8633dfc8783e723e72114c9b0d50a":"6657c46c99d642474c330d8016b71dbe":"09d914cf0b":"105a64c872" + +AES-192-CFB8 Decrypt NIST MMT #5 +aes_decrypt_cfb8:"5dcc9b8d8a456e9917cd8d54d7f7100b34964b4ed2d398a0":"4fa295a8987f1b010ce4e011fbf94156":"288c752d9fac":"98f332d37b78" + +AES-192-CFB8 Decrypt NIST MMT #6 +aes_decrypt_cfb8:"c8baf0204ef80b8e0125efe43a0bccdfd0f356b62e6c75fe":"e9144bf2cbc5720a1b4cb6f37d11edff":"c9981a34b7aa89":"56bb4c3cae53b3" + +AES-192-CFB8 Decrypt NIST MMT #7 +aes_decrypt_cfb8:"64e40763f38a63ae378c32052b0ae3aa538bb868a04ac985":"aacf65089e4b285438451ffdcd0f6389":"d8fcf83a88510a0d":"b567411bc61b0a76" + +AES-192-CFB8 Decrypt NIST MMT #8 +aes_decrypt_cfb8:"7bfdca9605f17253f203efffc92da96fde023007d22cdad0":"45c09e44036070f8a7737a5176b8cf26":"9c195b1944c4af5bfb":"89358df65c3ef14d26" + +AES-192-CFB8 Decrypt NIST MMT #9 +aes_decrypt_cfb8:"baf08b76317a65c5f07ae6f57eb0e65488659324d29709e3":"0a02846b62abb693ef31d754842eed29":"729c0b6deb75fa6eb5e8":"9895932402393dc33a60" + +AES-256-CFB8 Encrypt NIST MMT #0 +aes_encrypt_cfb8:"34e8091cee09f1bd3ebf1e8f05f51bfbd4899ef2ae006a3a0f7875052cdd46c8":"43eb4dcc4b04a80216a20e4a09a7abb5":"f9":"28" + +AES-256-CFB8 Encrypt NIST MMT #1 +aes_encrypt_cfb8:"e04e43173113109e1343393842fe6caef3f8a2e506d7f55f83dcb10444c6ad23":"a38b88a293b077fb5546636aad90d663":"2914":"69a6" + +AES-256-CFB8 Encrypt NIST MMT #2 +aes_encrypt_cfb8:"064874092f7a13cc4462247ad423d0e96edf42e8b67a5a23b7a0a6477b098e66":"338c552ff1eca14408e05d8cf9f3b31b":"b974fa":"1cff95" + +AES-256-CFB8 Encrypt NIST MMT #3 +aes_encrypt_cfb8:"56794adb0ef04aeddeabd650de736531d408837954b919002c33edfdff976cc2":"71b5526facea4236d33f1f4107e4b04f":"db774912":"f04d9d4f" + +AES-256-CFB8 Encrypt NIST MMT #4 +aes_encrypt_cfb8:"dddd7f234e7d0e6ec64560b96430986a856f2ee9805443a7946e31601ef6679d":"e20f39db0025eb24491bd06012887108":"ad1d5311ea":"19cc97a662" + +AES-256-CFB8 Encrypt NIST MMT #5 +aes_encrypt_cfb8:"ec73a760272c83f91771b3ab7b188715c6d6afb9c554feae83856e966a3863d0":"ae7bfa38fd25778fcf66ce8157f6e42e":"02fe724fbc5d":"b0eca63405f4" + +AES-256-CFB8 Encrypt NIST MMT #6 +aes_encrypt_cfb8:"a66874ca0b70fb98b37c033ec96413f339adae02acade015b9f016b459db3309":"6ed480d9e4ed031cf66bb1e07f8d5514":"b4777e6bcd9a05":"8c017397ad5bab" + +AES-256-CFB8 Encrypt NIST MMT #7 +aes_encrypt_cfb8:"a3dbbb775ada92b0b8ed1632444e21c1c86ff3eba8f628307306e766b8c15b5c":"4ec56a8e541f5cfe7b8ab947bfa4fd08":"1d70a5a82badf5ea":"1e22bebebeacd81d" + +AES-256-CFB8 Encrypt NIST MMT #8 +aes_encrypt_cfb8:"64135e67c0ca1acef3360d930afcd726c5b04861a69c1b6a48bde1daf20f3b1f":"5377a154d5f948189f9aa57b466c16b2":"a36ca5ea382a322eef":"3105016567d3174aed" + +AES-256-CFB8 Encrypt NIST MMT #9 +aes_encrypt_cfb8:"ebbb4566b5e182e0f072466b0b311df38f9175bc0213a5530bce2ec4d74f400d":"0956a48e01002c9e16376d6e308dbad1":"b0fe25ac8d3d28a2f471":"638c6823e7256fb5626e" + +AES-256-CFB8 Decrypt NIST MMT #0 +aes_decrypt_cfb8:"1687831580cb764321a9d674dbd0a9640f668b0f58ef01b87a710b3095d5f855":"6cd5bec6d6e1fd23afc543b8f80d3f89":"6f":"98" + +AES-256-CFB8 Decrypt NIST MMT #1 +aes_decrypt_cfb8:"b6b504e8b7065373ea31cd549e52eda7cb96fd1db14eddacbc420085ab48b747":"870ecd45b1241803ddaf8bad15a025d7":"17d4":"3572" + +AES-256-CFB8 Decrypt NIST MMT #2 +aes_decrypt_cfb8:"6ad3105e15fb5b742bf4fe1eb8e98c6c1ffea653107c84f6b42ed1232a0bbc21":"17534c89c4eae5dea6ea353dde7b1623":"a9841e":"f9411a" + +AES-256-CFB8 Decrypt NIST MMT #3 +aes_decrypt_cfb8:"758f3fa8b2b289f19fd59e7316be40b904eff7f565caac4570f972360e0da787":"b21335ae980898fa92c4b3069e532973":"84b35e25":"47887872" + +AES-256-CFB8 Decrypt NIST MMT #4 +aes_decrypt_cfb8:"802e854eb799500975d960a67885820d195e02ab23d51f15e5cdbcee86a1580c":"94478c4e44e2fa8d2e6bc43d384597e6":"d1e96bf1e8":"ed414b5689" + +AES-256-CFB8 Decrypt NIST MMT #5 +aes_decrypt_cfb8:"3a0c03ca9d1e5d49bb37f9041f88d159c3f1d5ce26c798f59ed54a93f0a0e600":"9aae38ba832e4b093b50444074517d20":"74410ccd12da":"8207eee2a7ab" + +AES-256-CFB8 Decrypt NIST MMT #6 +aes_decrypt_cfb8:"ee05462128fea75e919f6f436cb198f222847d698a283f5767df682d33d3ce77":"d2ad55e41887075184635112a22fc093":"ff039e89877b44":"aff3aa4c24e353" + +AES-256-CFB8 Decrypt NIST MMT #7 +aes_decrypt_cfb8:"08abbdcc3eb9c1717db1faa38dcd0893afd5e16e2596747af58f8d61ebedf9cd":"b925c8dc9a9b55a4372ea6d37d21c1eb":"e176ba99ea602fd9":"b7370050288bf600" + +AES-256-CFB8 Decrypt NIST MMT #8 +aes_decrypt_cfb8:"56d404a893fb3b3f594aab18939230b096646a37a781629fbd9270f3891a5cea":"e5906b36f2d97e6f2db19b6c7a3ce319":"c55a9a917a809a784b":"e44995bbb0fff40fee" + +AES-256-CFB8 Decrypt NIST MMT #9 +aes_decrypt_cfb8:"ec13062551e4d7291e320f565b749eea1809b663b26f2c4d53b52058b833e0ad":"fbfa5a528e20863012790c2abafb5a0c":"2bfc3f0209307140101a":"547bfd642cf6e12ed942" diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index e5386bdf1..b92e80dc8 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -197,6 +197,66 @@ void aes_decrypt_cfb128( char *hex_key_string, char *hex_iv_string, } /* END_CASE */ +/* BEGIN_CASE depends_on:POLARSSL_CIPHER_MODE_CFB */ +void aes_encrypt_cfb8( char *hex_key_string, char *hex_iv_string, + char *hex_src_string, char *hex_dst_string ) +{ + unsigned char key_str[100]; + unsigned char iv_str[100]; + unsigned char src_str[100]; + unsigned char dst_str[100]; + unsigned char output[100]; + aes_context ctx; + int key_len, src_len; + + memset(key_str, 0x00, 100); + memset(iv_str, 0x00, 100); + memset(src_str, 0x00, 100); + memset(dst_str, 0x00, 100); + memset(output, 0x00, 100); + + key_len = unhexify( key_str, hex_key_string ); + unhexify( iv_str, hex_iv_string ); + src_len = unhexify( src_str, hex_src_string ); + + aes_setkey_enc( &ctx, key_str, key_len * 8 ); + TEST_ASSERT( aes_crypt_cfb8( &ctx, AES_ENCRYPT, src_len, iv_str, src_str, output ) == 0 ); + hexify( dst_str, output, src_len ); + + TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:POLARSSL_CIPHER_MODE_CFB */ +void aes_decrypt_cfb8( char *hex_key_string, char *hex_iv_string, + char *hex_src_string, char *hex_dst_string ) +{ + unsigned char key_str[100]; + unsigned char iv_str[100]; + unsigned char src_str[100]; + unsigned char dst_str[100]; + unsigned char output[100]; + aes_context ctx; + int key_len, src_len; + + memset(key_str, 0x00, 100); + memset(iv_str, 0x00, 100); + memset(src_str, 0x00, 100); + memset(dst_str, 0x00, 100); + memset(output, 0x00, 100); + + key_len = unhexify( key_str, hex_key_string ); + unhexify( iv_str, hex_iv_string ); + src_len = unhexify( src_str, hex_src_string ); + + aes_setkey_enc( &ctx, key_str, key_len * 8 ); + TEST_ASSERT( aes_crypt_cfb8( &ctx, AES_DECRYPT, src_len, iv_str, src_str, output ) == 0 ); + hexify( dst_str, output, src_len ); + + TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */ void aes_selftest() {