diff --git a/mcapi/crypto.c b/mcapi/crypto.c index 1e430bc7b..e7e697013 100644 --- a/mcapi/crypto.c +++ b/mcapi/crypto.c @@ -34,6 +34,7 @@ #include #include #include +#include /* Initialize MD5 */ @@ -317,7 +318,44 @@ int CRYPT_TDES_CBC_Decrypt(CRYPT_TDES_CTX* tdes, unsigned char* out, } - +/* AES Key Set, may have iv, will have direction */ +int CRYPT_AES_KeySet(CRYPT_AES_CTX* aes, const unsigned char* key, + unsigned int keyLen, const unsigned char* iv, int dir) +{ + typedef char aes_test[sizeof(CRYPT_AES_CTX) >= sizeof(Aes) ? 1 : -1]; + (void)sizeof(aes_test); + + return AesSetKey((Aes*)aes, key, keyLen, iv, dir); +} + + +/* AES Iv Set, sometimes added later */ +int CRYPT_AES_IvSet(CRYPT_AES_CTX* aes, const unsigned char* iv) +{ + AesSetIV((Aes*)aes, iv); + + return 0; +} + + +/* AES CBC Encrypt */ +int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out, + const unsigned char* in, unsigned int inSz) +{ + AesCbcEncrypt((Aes*)aes, out, in, inSz); + + return 0; +} + + +/* AES CBC Decrypt */ +int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out, + const unsigned char* in, unsigned int inSz) +{ + AesCbcDecrypt((Aes*)aes, out, in, inSz); + + return 0; +} diff --git a/mcapi/crypto.h b/mcapi/crypto.h index cf71d83f4..218289d71 100644 --- a/mcapi/crypto.h +++ b/mcapi/crypto.h @@ -161,6 +161,29 @@ enum { }; +/* AES */ +typedef struct CRYPT_AES_CTX { + int holder[100]; /* big enough to hold internal, but check on init */ +} CRYPT_AES_CTX; + +/* key */ +int CRYPT_AES_KeySet(CRYPT_AES_CTX*, const unsigned char*, unsigned int, + const unsigned char*, int); +int CRYPT_AES_IvSet(CRYPT_AES_CTX*, const unsigned char*); + +/* cbc */ +int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX*, unsigned char*, + const unsigned char*, unsigned int); +int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX*, unsigned char*, + const unsigned char*, unsigned int); + +/* key direction flags for setup */ +enum { + CRYPT_AES_ENCRYPTION = 0, + CRYPT_AES_DECRYPTION = 1 +}; + + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/mcapi/test.c b/mcapi/test.c index 70831cd23..f6bbb5226 100644 --- a/mcapi/test.c +++ b/mcapi/test.c @@ -36,6 +36,7 @@ #include #include #include +#include /* c stdlib headers */ #include @@ -60,6 +61,7 @@ static int check_hmac(void); static int check_compress(void); static int check_rng(void); static int check_des3(void); +static int check_aescbc(void); int main(int argc, char** argv) @@ -144,6 +146,12 @@ int main(int argc, char** argv) return -1; } + ret = check_aescbc(); + if (ret != 0) { + printf("mcapi check_aes failed\n"); + return -1; + } + XFREE(iv, NULL, DYNAMIC_TYPE_KEY); @@ -577,4 +585,185 @@ static int check_des3(void) } +#define AES_TEST_SIZE 32 + +/* check mcapi aes */ +static int check_aescbc(void) +{ + CRYPT_AES_CTX mcAes; + Aes defAes; + int ret; + byte out1[AES_TEST_SIZE]; + byte out2[AES_TEST_SIZE]; + + strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); + strncpy((char*)iv, "1234567890abcdef", 16); + + /* 128 cbc encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-128 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-128 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-128 cbc encrypt failed\n"); + return -1; + } + AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-128 cbc encrypt cmp failed\n"); + return -1; + } + + /* 128 cbc decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-128 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION); + if (ret != 0) { + printf("default aes-128 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-128 cbc decrypt failed\n"); + return -1; + } + AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-128 cbc decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-128 cbc decrypt orig cmp failed\n"); + return -1; + } + + /* 192 cbc encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-192 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-192 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-192 cbc encrypt failed\n"); + return -1; + } + AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-192 cbc encrypt cmp failed\n"); + return -1; + } + + /* 192 cbc decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-192 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 24, iv, DES_DECRYPTION); + if (ret != 0) { + printf("default aes-192 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-192 cbc decrypt failed\n"); + return -1; + } + AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-192 cbc decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-192 cbc decrypt orig cmp failed\n"); + return -1; + } + + /* 256 cbc encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-256 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-256 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-256 cbc encrypt failed\n"); + return -1; + } + AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-256 cbc encrypt cmp failed\n"); + return -1; + } + + /* 256 cbc decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-256 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 32, iv, DES_DECRYPTION); + if (ret != 0) { + printf("default aes-256 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-256 cbc decrypt failed\n"); + return -1; + } + AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-256 cbc decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-256 cbc decrypt orig cmp failed\n"); + return -1; + } + + + + printf("aes-cbc mcapi test passed\n"); + + return 0; +} + +