aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoachim StroĢˆmbergson <joachim@secworks.se>2018-06-29 09:06:01 +0200
committerJoachim StroĢˆmbergson <joachim@secworks.se>2018-06-29 09:06:01 +0200
commitd50f8723dc82f35a92c352a6d7fdb9d76bbad848 (patch)
treecc53cbdcfdf99656ec1e6c1b0e76dd3ec4a79e7e
parent404075f7dbd1661e7abeb1aec370907cfff1bfb2 (diff)
Added test vectors from NISTs set of vectors for SP800-38F KWP. Added header with short description and copyright, license used in Cryptech.
-rwxr-xr-xsrc/model/aes_keywrap.py111
1 files changed, 105 insertions, 6 deletions
diff --git a/src/model/aes_keywrap.py b/src/model/aes_keywrap.py
index 382c310..49d02e1 100755
--- a/src/model/aes_keywrap.py
+++ b/src/model/aes_keywrap.py
@@ -1,10 +1,13 @@
#!/usr/bin/env python
-
-"""
-Python implementation of RFC 5649 AES Key Wrap With Padding,
-using PyCrypto to supply the AES code.
-"""
-
+#======================================================================
+#
+# aes_keywrap.py
+# --------------
+# Python funnctional model of AES Key Wrap including test cases.
+# Used to generate test vectors for internal states to drive
+# verification of the hardware implementation.
+#
+#
# Terminology mostly follows the RFC, including variable names.
#
# Block sizes get confusing: AES Key Wrap uses 64-bit blocks, not to
@@ -13,6 +16,43 @@ using PyCrypto to supply the AES code.
# concatenate two 64-bit blocks just prior to performing an AES ECB
# operation, then immediately split the result back into a pair of
# 64-bit blocks.
+#
+#
+# Copyright (c) 2018, NORDUnet A/S
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+# - Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+#
+# - Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# - Neither the name of the NORDUnet nor the names of its contributors may
+# be used to endorse or promote products derived from this software
+# without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+# IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+# PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+#======================================================================
+
+"""
+Python implementation of RFC 5649 AES Key Wrap With Padding,
+using PyCrypto to supply the AES code.
+"""
class AESKeyWrapWithPadding(object):
"""
@@ -155,6 +195,7 @@ if __name__ == "__main__":
self.assertEqual(q, Q, "Input and output plaintext did not match: {} <> {}".format(self.bin2hex(Q), self.bin2hex(q)))
self.assertEqual(c, C, "Input and output ciphertext did not match: {} <> {}".format(self.bin2hex(C), self.bin2hex(c)))
+
def test_rfc5649_1(self):
self.rfc5649_test(K = "5840df6e29b02af1 ab493b705bf16ea1 ae8338f4dcc176a8",
Q = "c37b7e6492584340 bed1220780894115 5068f738",
@@ -165,6 +206,7 @@ if __name__ == "__main__":
Q = "466f7250617369",
C = "afbeb0f07dfbf541 9200f2ccb50bb24f")
+
def test_mangled_1(self):
self.assertRaises(AESKeyWrapWithPadding.UnwrapError, self.rfc5649_test,
K = "5840df6e29b02af0 ab493b705bf16ea1 ae8338f4dcc176a8",
@@ -183,6 +225,59 @@ if __name__ == "__main__":
Q = "c37b7e6492584340 bed1220780894115 5068f738",
C = "138bdeaa9b8fa7fc 61f97742e72248ee 5ae6ae5360d1ae6a")
+
+ # This one should fail. But it doesn't. Que pasa?!?
+ def test_mangled_4(self):
+ self.assertRaises(AESKeyWrapWithPadding.UnwrapError, self.rfc5649_test,
+ K = "5840df6e29b02af1 ab493b705bf16ea1 ae8338f4dcc176a8",
+ Q = "c37b7e6492584340 bed1220780894115 5068f738",
+ C = "238bdeaa9b8fa7fc 61f97742e72248ee 5ae6ae5360d1ae6a")
+
+
+ # Test vectors from NISTs set of test vectors for SP800-38F KWP algorithm.
+ # 128 bit key.
+ def test_kwp_ae_128_1(self):
+ self.rfc5649_test(K = "7efb9b3964de316e 7245c86186d98b5f",
+ Q = "3e",
+ C = "116a4054c13b7fea de9c22aa57b3caed")
+
+ def test_kwp_ae_128_2(self):
+ self.rfc5649_test(K = "45c770fc26717507 2d70a38269c54685",
+ Q = "cc5fb15a17795c34",
+ C = "78ffa3f03b65c55b 812f355730af71ac")
+
+ def test_kwp_ae_128_3(self):
+ self.rfc5649_test(K = "853e2bac0f1e6298 67acea0d2b3c087e",
+ Q = "49575527bc59530f be",
+ C = "b43781062eb0317e b2dec6329f2d64de 1c33d85570d57db6")
+
+ def test_kwp_ae_128_4(self):
+ self.rfc5649_test(K = "c03db3cc1416dcd1 c069a195a8d77e3d",
+ Q = "46f87f58cdda4200 f53d99ce2e49bdb7 6212511fe0cd4d0 b5f37a27d45a288",
+ C = "57e3b6699c6e8177 59a69492bb7e2cd0 0160d2ebef9bf4d 4eb16fbf798f134 0f6df6558a4fb84cd0")
+
+
+ def test_kwp_ae_256_1(self):
+ self.rfc5649_test(K = "2800f18237cf8d2b a1dfe361784fd751 9b0fdb0ec73e2ab1 c0b966b9173fc5b5",
+ Q = "ad",
+ C = "c1eccf2d077a385e 67aaeb35552c893c")
+
+ def test_kwp_ae_256_2(self):
+ self.rfc5649_test(K = "1c997c2bb5a15a45 93e337b3249675d55 7467417917f6bc51 65c9af6a3e29504",
+ Q = "3e3eafc50cd4e939",
+ C = "163eb9e7dbc8ed00 86dffbc6ab00e329")
+
+ def test_kwp_ae_256_3(self):
+ self.rfc5649_test(K = "8df1533f99be6fe6 0f951057fed1daccd 14bd4e34118f24af 677bbf46bf11fe7",
+ Q = "fb36b1f3907fb5ed ce",
+ C = "6974d7bae0221b4e d91336c26af77e327 61f6024d8bbf292")
+
+ def test_kwp_ae_256_4(self):
+ self.rfc5649_test(K = "dea4667d911b5c9e c996cdb35da0e29bc 996cbfb0e0a56bac 12fccc334d732eb",
+ Q = "25d58d437a56a733 2a18541333201f992 9fccde11b06844c1 9ba1ca224cfd6",
+ C = "86d4e258391f15d7 d4f0ab3e15d6f45e6 5dd2f8caf4c67209 63bb8970fc2f3a4 a58dc74674347ec9")
+
+
def test_loopback_1(self):
self.loopback_test("!")
@@ -219,3 +314,7 @@ if __name__ == "__main__":
self.assertEqual(I, O, "Input and output plaintext did not match: {!r} <> {!r}".format(I, O))
unittest.main(verbosity = 9)
+
+#======================================================================
+# OEF aes_keywrap.py
+#======================================================================