abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add more SM4 test vectors

Browse Source 
SM4 pass openssl and other known test vectors. SM4-GCM and SM4-XTS only support the GB/T GF(2^128) encoding standard.
This commit is contained in:
Zhi Guan
2024-04-21 10:10:46 +08:00
parent a485fa0b10
commit 252c9e1765
16 changed files with 1267 additions and 691 deletions
Download Patch File Download Diff File Expand all files Collapse all files

636
tests/sm4test.c
View File

@@ -90,648 +90,24 @@ static int test_sm4(void)
return 1;
}
static int test_sm4_cbc(void)
{
SM4_KEY sm4_key;
uint8_t key[16] = {0};
uint8_t iv[16] = {0};
uint8_t buf1[32] = {0};
uint8_t buf2[32] = {0};
uint8_t buf3[32] = {0};
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_encrypt(&sm4_key, iv, buf1, 2, buf2);
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_decrypt(&sm4_key, iv, buf2, 2, buf3);
if (memcmp(buf1, buf3, sizeof(buf3)) != 0) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_sm4_cbc_padding(void)
{
SM4_KEY enc_key;
SM4_KEY dec_key;
uint8_t key[16] = {0};
uint8_t iv[16] = {0};
uint8_t buf1[64];
uint8_t buf2[128];
uint8_t buf3[128];
size_t len1, len2, len3;
sm4_set_encrypt_key(&enc_key, key);
sm4_set_decrypt_key(&dec_key, key);
len1 = 0;
sm4_cbc_padding_encrypt(&enc_key, iv, buf1, len1, buf2, &len2);
sm4_cbc_padding_decrypt(&dec_key, iv, buf2, len2, buf3, &len3);
if (len1 != len3 || memcmp(buf1, buf3, len3) != 0) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return -1;
}
len1 = 7;
sm4_cbc_padding_encrypt(&enc_key, iv, buf1, len1, buf2, &len2);
sm4_cbc_padding_decrypt(&dec_key, iv, buf2, len2, buf3, &len3);
if (len1 != len3 || memcmp(buf1, buf3, len3) != 0) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return -1;
}
len1 = 16;
sm4_cbc_padding_encrypt(&enc_key, iv, buf1, len1, buf2, &len2);
sm4_cbc_padding_decrypt(&dec_key, iv, buf2, len2, buf3, &len3);
if (len1 != len3 || memcmp(buf1, buf3, len3) != 0) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return -1;
}
len1 = 33;
sm4_cbc_padding_encrypt(&enc_key, iv, buf1, len1, buf2, &len2);
sm4_cbc_padding_decrypt(&dec_key, iv, buf2, len2, buf3, &len3);
if (len1 != len3 || memcmp(buf1, buf3, len3) != 0) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return -1;
}
len1 = sizeof(buf1);
sm4_cbc_padding_encrypt(&enc_key, iv, buf1, len1, buf2, &len2);
sm4_cbc_padding_decrypt(&dec_key, iv, buf2, len2, buf3, &len3);
if (len1 != len3 || memcmp(buf1, buf3, len3) != 0) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_sm4_ctr(void)
{
SM4_KEY sm4_key;
uint8_t key[16] = {0};
uint8_t ctr[16];
uint8_t buf1[30] = {0};
uint8_t buf2[30] = {0};
uint8_t buf3[30] = {0};
sm4_set_encrypt_key(&sm4_key, key);
memset(ctr, 0, sizeof(ctr));
sm4_ctr_encrypt(&sm4_key, ctr, buf1, sizeof(buf1), buf2);
memset(ctr, 0, sizeof(ctr));
sm4_ctr_encrypt(&sm4_key, ctr, buf2, sizeof(buf2), buf3);
if (memcmp(buf1, buf3, sizeof(buf3)) != 0) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_sm4_ctr_with_carray(void)
{
const char *hex_key = "0123456789ABCDEFFEDCBA9876543210";
const char *hex_ctr = "0000000000000000000000000000FFFF";
const char *hex_in = "AAAAAAAAAAAAAAAABBBBBBBBBBBBBBBB"
"CCCCCCCCCCCCCCCCDDDDDDDDDDDD";
const char *hex_out = "7EA678F9F0CBE2000917C63D4E77B4C8"
"6E4E8532B0046E4AC1E97DA8B831";
SM4_KEY sm4_key;
uint8_t key[16] = {0};
uint8_t ctr[16];
uint8_t buf1[30] = {0};
uint8_t buf2[30] = {0};
uint8_t buf3[30] = {0};
size_t keylen, ctrlen, inlen, outlen;
hex_to_bytes(hex_key, strlen(hex_key), key, &keylen);
hex_to_bytes(hex_ctr, strlen(hex_ctr), ctr, &ctrlen);
hex_to_bytes(hex_in, strlen(hex_in), buf1, &inlen);
hex_to_bytes(hex_out, strlen(hex_out), buf3, &outlen);
sm4_set_encrypt_key(&sm4_key, key);
sm4_ctr_encrypt(&sm4_key, ctr, buf1, sizeof(buf1), buf2);
if (memcmp(buf2, buf3, sizeof(buf3)) != 0) {
error_print();
return -1;
}
hex_to_bytes(hex_ctr, strlen(hex_ctr), ctr, &ctrlen);
sm4_ctr_encrypt(&sm4_key, ctr, buf3, sizeof(buf3), buf2);
if (memcmp(buf2, buf1, sizeof(buf1)) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_sm4_gcm(void)
{
// gcm test vectors from rfc 8998 A.1
const char *hex_key = "0123456789ABCDEFFEDCBA9876543210";
const char *hex_iv = "00001234567800000000ABCD";
const char *hex_aad = "FEEDFACEDEADBEEFFEEDFACEDEADBEEF"
"ABADDAD2";
const char *hex_in = "AAAAAAAAAAAAAAAABBBBBBBBBBBBBBBB"
"CCCCCCCCCCCCCCCCDDDDDDDDDDDDDDDD"
"EEEEEEEEEEEEEEEEFFFFFFFFFFFFFFFF"
"EEEEEEEEEEEEEEEEAAAAAAAAAAAAAAAA";
const char *hex_out = "17F399F08C67D5EE19D0DC9969C4BB7D"
"5FD46FD3756489069157B282BB200735"
"D82710CA5C22F0CCFA7CBF93D496AC15"
"A56834CBCF98C397B4024A2691233B8D";
const char *hex_tag = "83DE3541E4C2B58177E065A9BF7B62EC";
SM4_KEY sm4_key;
uint8_t key[16];
uint8_t iv[12];
uint8_t aad[20];
uint8_t in[64];
uint8_t out[64];
uint8_t tag[16];
size_t keylen, ivlen, aadlen, inlen, outlen, taglen;
uint8_t buf[64];
uint8_t mac[16];
hex_to_bytes(hex_key, strlen(hex_key), key, &keylen);
hex_to_bytes(hex_iv, strlen(hex_iv), iv, &ivlen);
hex_to_bytes(hex_aad, strlen(hex_aad), aad, &aadlen);
hex_to_bytes(hex_in, strlen(hex_in), in, &inlen);
hex_to_bytes(hex_out, strlen(hex_out), out, &outlen);
hex_to_bytes(hex_tag, strlen(hex_tag), tag, &taglen);
memset(buf, 0, sizeof(buf));
memset(mac, 0, sizeof(mac));
sm4_set_encrypt_key(&sm4_key, key);
// test gcm encrypt
sm4_gcm_encrypt(&sm4_key, iv, ivlen, aad, aadlen, in, inlen, buf, taglen, mac);
if (memcmp(buf, out, outlen) != 0) {
error_print();
return -1;
}
if (memcmp(mac, tag, taglen) != 0) {
error_print();
return -1;
}
// test gcm decrypt
memset(buf, 0, sizeof(buf));
sm4_gcm_decrypt(&sm4_key, iv, ivlen, aad, aadlen, out, outlen, tag, taglen, buf);
if (memcmp(buf, in, inlen) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_sm4_gcm_gbt36624_1(void)
{
// gcm test vectors from GB/T 36624-2018 C.5
const char *hex_key = "00000000000000000000000000000000";
const char *hex_iv = "000000000000000000000000";
const char *hex_aad = "";
const char *hex_in = "";
const char *hex_out = "";
const char *hex_tag = "232F0CFE308B49EA6FC88229B5DC858D";
SM4_KEY sm4_key;
uint8_t key[16];
uint8_t iv[12];
uint8_t aad[20];
uint8_t in[64];
uint8_t out[64];
uint8_t tag[16];
size_t keylen, ivlen, aadlen, inlen, outlen, taglen;
uint8_t buf[64];
uint8_t mac[16];
hex_to_bytes(hex_key, strlen(hex_key), key, &keylen);
hex_to_bytes(hex_iv, strlen(hex_iv), iv, &ivlen);
hex_to_bytes(hex_aad, strlen(hex_aad), aad, &aadlen);
hex_to_bytes(hex_in, strlen(hex_in), in, &inlen);
hex_to_bytes(hex_out, strlen(hex_out), out, &outlen);
hex_to_bytes(hex_tag, strlen(hex_tag), tag, &taglen);
memset(buf, 0, sizeof(buf));
memset(mac, 0, sizeof(mac));
sm4_set_encrypt_key(&sm4_key, key);
// test gcm encrypt
sm4_gcm_encrypt(&sm4_key, iv, ivlen, aad, aadlen, in, inlen, buf, taglen, mac);
if (memcmp(buf, out, outlen) != 0) {
error_print();
return -1;
}
if (memcmp(mac, tag, taglen) != 0) {
error_print();
return -1;
}
// test gcm decrypt
memset(buf, 0, sizeof(buf));
sm4_gcm_decrypt(&sm4_key, iv, ivlen, aad, aadlen, out, outlen, tag, taglen, buf);
if (memcmp(buf, in, inlen) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_sm4_gcm_gbt36624_2(void)
{
// gcm test vectors from GB/T 36624-2018 C.5
const char *hex_key = "00000000000000000000000000000000";
const char *hex_iv = "000000000000000000000000";
const char *hex_aad = "";
const char *hex_in = "00000000000000000000000000000000";
const char *hex_out = "7DE2AA7F1110188218063BE1BFEB6D89";
const char *hex_tag = "B851B5F39493752BE508F1BB4482C557";
SM4_KEY sm4_key;
uint8_t key[16];
uint8_t iv[12];
uint8_t aad[20];
uint8_t in[64];
uint8_t out[64];
uint8_t tag[16];
size_t keylen, ivlen, aadlen, inlen, outlen, taglen;
uint8_t buf[64];
uint8_t mac[16];
hex_to_bytes(hex_key, strlen(hex_key), key, &keylen);
hex_to_bytes(hex_iv, strlen(hex_iv), iv, &ivlen);
hex_to_bytes(hex_aad, strlen(hex_aad), aad, &aadlen);
hex_to_bytes(hex_in, strlen(hex_in), in, &inlen);
hex_to_bytes(hex_out, strlen(hex_out), out, &outlen);
hex_to_bytes(hex_tag, strlen(hex_tag), tag, &taglen);
memset(buf, 0, sizeof(buf));
memset(mac, 0, sizeof(mac));
sm4_set_encrypt_key(&sm4_key, key);
// test gcm encrypt
sm4_gcm_encrypt(&sm4_key, iv, ivlen, aad, aadlen, in, inlen, buf, taglen, mac);
if (memcmp(buf, out, outlen) != 0) {
error_print();
return -1;
}
if (memcmp(mac, tag, taglen) != 0) {
error_print();
return -1;
}
// test gcm decrypt
memset(buf, 0, sizeof(buf));
sm4_gcm_decrypt(&sm4_key, iv, ivlen, aad, aadlen, out, outlen, tag, taglen, buf);
if (memcmp(buf, in, inlen) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_sm4_cbc_update(void)
{
SM4_KEY sm4_key;
SM4_CBC_CTX enc_ctx;
SM4_CBC_CTX dec_ctx;
uint8_t key[16];
uint8_t iv[16];
uint8_t mbuf[16 * 10];
uint8_t cbuf[16 * 11];
uint8_t pbuf[16 * 11];
size_t mlen = 0;
size_t clen = 0;
size_t plen = 0;
uint8_t *in;
uint8_t *out;
size_t len;
size_t lens[] = { 1,5,17,80 };
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
// first test
mlen = 16;
rand_bytes(mbuf, mlen);
if (sm4_cbc_encrypt_init(&enc_ctx, key, iv) != 1
|| sm4_cbc_encrypt_update(&enc_ctx, mbuf, mlen, cbuf, &clen) != 1
|| sm4_cbc_encrypt_finish(&enc_ctx, cbuf + clen, &len) != 1) {
error_print();
return -1;
}
clen += len;
// check ciphertext
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen, pbuf, &plen);
if (clen != plen || memcmp(cbuf, pbuf, plen) != 0) {
error_print();
return -1;
}
// check decrypt
if (sm4_cbc_decrypt_init(&dec_ctx, key, iv) != 1
|| sm4_cbc_decrypt_update(&dec_ctx, cbuf, clen, pbuf, &plen) != 1
|| sm4_cbc_decrypt_finish(&dec_ctx, pbuf + plen, &len) != 1) {
error_print();
return -1;
}
plen += len;
if (plen != mlen || memcmp(pbuf, mbuf, mlen) != 0) {
error_print();
return -1;
}
// second test
rand_bytes(mbuf, sizeof(mbuf));
if (sm4_cbc_encrypt_init(&enc_ctx, key, iv) != 1) {
error_print();
return -1;
}
in = mbuf;
out = cbuf;
mlen = 0;
clen = 0;
for (i = 0; i < sizeof(lens)/sizeof(lens[0]); i++) {
if (sm4_cbc_encrypt_update(&enc_ctx, in, lens[i], out, &len) != 1) {
error_print();
return -1;
}
in += lens[i];
mlen += lens[i];
out += len;
clen += len;
}
if (sm4_cbc_encrypt_finish(&enc_ctx, out, &len) != 1) {
error_print();
return -1;
}
clen += len;
// check ciphertest
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen, pbuf, &plen);
if (plen != clen || memcmp(pbuf, cbuf, clen) != 0) {
error_print();
return -1;
}
// check decrypt
if (sm4_cbc_decrypt_init(&dec_ctx, key, iv) != 1) {
error_print();
return -1;
}
plen = 0;
in = cbuf;
out = pbuf;
for (i = 0; i < sizeof(lens)/sizeof(lens[0]); i++) {
if (sm4_cbc_decrypt_update(&dec_ctx, in, lens[i], out, &len) != 1) {
error_print();
return -1;
}
in += lens[i];
clen -= lens[i];
out += len;
plen += len;
}
if (sm4_cbc_decrypt_update(&dec_ctx, in, clen, out, &len) != 1) {
error_print();
return -1;
}
out += len;
plen += len;
if (sm4_cbc_decrypt_finish(&dec_ctx, out, &len) != 1) {
error_print();
return -1;
}
plen += len;
if (plen != mlen || memcmp(pbuf, mbuf, mlen) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
/*
* NOTE:
* There is an compiler bug on Tencent Cloud/Windows Server 2022/Visual Studio 2022 and GitHub CI Windows env.
* When calling memcpy(ctr, iv, sizeof(iv)) multiple times. The compiler might omit the memcpy()
* As `ctr` has been changed by sm4_ctr_encrypt() and the reset to `iv` is not working, the test will fail.
*/
static int test_sm4_ctr_update_once(void)
{
SM4_KEY sm4_key;
SM4_CTR_CTX enc_ctx;
SM4_CTR_CTX dec_ctx;
uint8_t key[16];
uint8_t iv[16];
uint8_t ctr[16];
uint8_t mbuf[16];
uint8_t cbuf[16];
uint8_t pbuf[32];
size_t mlen = 0;
size_t clen = 0;
size_t plen = 0;
size_t len;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
mlen = sizeof(mbuf);
rand_bytes(mbuf, mlen);
if (sm4_ctr_encrypt_init(&enc_ctx, key, iv) != 1
|| sm4_ctr_encrypt_update(&enc_ctx, mbuf, mlen, cbuf, &clen) != 1
|| sm4_ctr_encrypt_finish(&enc_ctx, cbuf + clen, &len) != 1) {
error_print();
return -1;
}
clen += len;
// check ciphertext
sm4_set_encrypt_key(&sm4_key, key);
memcpy(ctr, iv, sizeof(iv)); // ctr is a variable
sm4_ctr_encrypt(&sm4_key, ctr, mbuf, mlen, pbuf); // NOTE: sm4_ctr_encrypt() change ctr value
if (memcmp(cbuf, pbuf, clen) != 0) {
error_print();
return -1;
}
// check decrypt
if (sm4_ctr_encrypt_init(&dec_ctx, key, iv) != 1
|| sm4_ctr_encrypt_update(&dec_ctx, cbuf, clen, pbuf, &plen) != 1
|| sm4_ctr_encrypt_finish(&dec_ctx, pbuf + plen, &len) != 1) {
error_print();
return -1;
}
plen += len;
if (plen != mlen || memcmp(pbuf, mbuf, mlen) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_sm4_ctr_update_multi_times(void)
{
SM4_KEY sm4_key;
SM4_CTR_CTX enc_ctx;
SM4_CTR_CTX dec_ctx;
uint8_t key[16];
uint8_t iv[16];
uint8_t ctr[16];
uint8_t mbuf[16 * 10];
uint8_t cbuf[16 * 11];
uint8_t pbuf[16 * 11];
size_t mlen = 0;
size_t clen = 0;
size_t plen = 0;
uint8_t *in;
uint8_t *out;
size_t len;
size_t lens[] = { 1,5,17,80 };
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
rand_bytes(mbuf, sizeof(mbuf));
if (sm4_ctr_encrypt_init(&enc_ctx, key, iv) != 1) {
error_print();
return -1;
}
in = mbuf;
out = cbuf;
mlen = 0;
clen = 0;
for (i = 0; i < sizeof(lens)/sizeof(lens[0]); i++) {
if (sm4_ctr_encrypt_update(&enc_ctx, in, lens[i], out, &len) != 1) {
error_print();
return -1;
}
in += lens[i];
mlen += lens[i];
assert(mlen <= sizeof(mbuf));
out += len;
clen += len;
}
if (sm4_ctr_encrypt_finish(&enc_ctx, out, &len) != 1) {
error_print();
return -1;
}
clen += len;
// check ciphertest
sm4_set_encrypt_key(&sm4_key, key);
memcpy(ctr, iv, sizeof(iv));
sm4_ctr_encrypt(&sm4_key, ctr, mbuf, mlen, pbuf);
if (memcmp(pbuf, cbuf, mlen) != 0) {
error_print();
return -1;
}
// check decrypt
if (sm4_ctr_encrypt_init(&dec_ctx, key, iv) != 1) {
error_print();
return -1;
}
plen = 0;
in = cbuf;
out = pbuf;
for (i = 0; i < sizeof(lens)/sizeof(lens[0]); i++) {
if (sm4_ctr_encrypt_update(&dec_ctx, in, lens[i], out, &len) != 1) {
error_print();
return -1;
}
in += lens[i];
clen -= lens[i];
out += len;
plen += len;
}
if (sm4_ctr_encrypt_update(&dec_ctx, in, clen, out, &len) != 1) {
error_print();
return -1;
}
out += len;
plen += len;
if (sm4_ctr_encrypt_finish(&dec_ctx, out, &len) != 1) {
error_print();
return -1;
}
plen += len;
if (plen != mlen || memcmp(pbuf, mbuf, mlen) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 1;
}
int main(void)
{
if (test_sm4() != 1) goto err;
/*
if (test_sm4_cbc() != 1) goto err;
if (test_sm4_cbc_padding() != 1) goto err;
if (test_sm4_ctr() != 1) goto err;
if (test_sm4_gcm() != 1) goto err;
if (test_sm4_gcm_gbt36624_1() != 1) goto err;
if (test_sm4_gcm_gbt36624_2() != 1) goto err;
if (test_sm4_cbc_update() != 1) goto err;
if (test_sm4_ctr_update_once() != 1) goto err;
if (test_sm4_ctr_update_multi_times() != 1) goto err;
*/
printf("%s all tests passed\n", __FILE__);
return 0;
err: