hare

[hare] The Hare programming language
git clone https://git.torresjrjr.com/hare.git
Log | Files | Refs | README | LICENSE

ni+x86_64.ha (8851B)

      1 use bytes;
      2 use crypto::cipher;
      3 
      4 const zero_rk: [EXPKEYLEN256]u8 = [0...];
      5 
      6 // taken from fips-197.pdf Section A.1
      7 @test fn ni_enc_key_expand_128() void = {
      8 	const key: [16]u8 = [
      9 		0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
     10 		0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
     11 	];
     12 
     13 	const expected_rounds: [_]u8 = [
     14 		0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
     15 		0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
     16 		0xa0, 0xfa, 0xfe, 0x17, 0x88, 0x54, 0x2c, 0xb1,
     17 		0x23, 0xa3, 0x39, 0x39, 0x2a, 0x6c, 0x76, 0x05,
     18 		0xf2, 0xc2, 0x95, 0xf2, 0x7a, 0x96, 0xb9, 0x43,
     19 		0x59, 0x35, 0x80, 0x7a, 0x73, 0x59, 0xf6, 0x7f,
     20 		0x3d, 0x80, 0x47, 0x7d, 0x47, 0x16, 0xfe, 0x3e,
     21 		0x1e, 0x23, 0x7e, 0x44, 0x6d, 0x7a, 0x88, 0x3b,
     22 		0xef, 0x44, 0xa5, 0x41, 0xa8, 0x52, 0x5b, 0x7f,
     23 		0xb6, 0x71, 0x25, 0x3b, 0xdb, 0x0b, 0xad, 0x00,
     24 		0xd4, 0xd1, 0xc6, 0xf8, 0x7c, 0x83, 0x9d, 0x87,
     25 		0xca, 0xf2, 0xb8, 0xbc, 0x11, 0xf9, 0x15, 0xbc,
     26 		0x6d, 0x88, 0xa3, 0x7a, 0x11, 0x0b, 0x3e, 0xfd,
     27 		0xdb, 0xf9, 0x86, 0x41, 0xca, 0x00, 0x93, 0xfd,
     28 		0x4e, 0x54, 0xf7, 0x0e, 0x5f, 0x5f, 0xc9, 0xf3,
     29 		0x84, 0xa6, 0x4f, 0xb2, 0x4e, 0xa6, 0xdc, 0x4f,
     30 		0xea, 0xd2, 0x73, 0x21, 0xb5, 0x8d, 0xba, 0xd2,
     31 		0x31, 0x2b, 0xf5, 0x60, 0x7f, 0x8d, 0x29, 0x2f,
     32 		0xac, 0x77, 0x66, 0xf3, 0x19, 0xfa, 0xdc, 0x21,
     33 		0x28, 0xd1, 0x29, 0x41, 0x57, 0x5c, 0x00, 0x6e,
     34 		0xd0, 0x14, 0xf9, 0xa8, 0xc9, 0xee, 0x25, 0x89,
     35 		0xe1, 0x3f, 0x0c, 0xc8, 0xb6, 0x63, 0x0c, 0xa6,
     36 	];
     37 
     38 	let block = x86ni();
     39 	x86ni_init(&block, key[..]);
     40 
     41 	assert(block.rounds == 10);
     42 	assert(bytes::equal(expected_rounds[..], block.expkey[..EXPKEYLEN128]));
     43 
     44 	cipher::finish(&block);
     45 	assert(bytes::equal(zero_rk[..], block.expkey[..EXPKEYLEN256]));
     46 };
     47 
     48 // taken from fips-197.pdf Section A.2
     49 @test fn ni_enc_key_expand_192() void = {
     50 	const key: [24]u8 = [
     51 		0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
     52 		0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
     53 		0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
     54 	];
     55 
     56 	const expected_rounds: [_]u8 = [
     57 		0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
     58 		0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
     59 		0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b,
     60 		0xfe, 0x0c, 0x91, 0xf7, 0x24, 0x02, 0xf5, 0xa5,
     61 		0xec, 0x12, 0x06, 0x8e, 0x6c, 0x82, 0x7f, 0x6b,
     62 		0x0e, 0x7a, 0x95, 0xb9, 0x5c, 0x56, 0xfe, 0xc2,
     63 		0x4d, 0xb7, 0xb4, 0xbd, 0x69, 0xb5, 0x41, 0x18,
     64 		0x85, 0xa7, 0x47, 0x96, 0xe9, 0x25, 0x38, 0xfd,
     65 		0xe7, 0x5f, 0xad, 0x44, 0xbb, 0x09, 0x53, 0x86,
     66 		0x48, 0x5a, 0xf0, 0x57, 0x21, 0xef, 0xb1, 0x4f,
     67 		0xa4, 0x48, 0xf6, 0xd9, 0x4d, 0x6d, 0xce, 0x24,
     68 		0xaa, 0x32, 0x63, 0x60, 0x11, 0x3b, 0x30, 0xe6,
     69 		0xa2, 0x5e, 0x7e, 0xd5, 0x83, 0xb1, 0xcf, 0x9a,
     70 		0x27, 0xf9, 0x39, 0x43, 0x6a, 0x94, 0xf7, 0x67,
     71 		0xc0, 0xa6, 0x94, 0x07, 0xd1, 0x9d, 0xa4, 0xe1,
     72 		0xec, 0x17, 0x86, 0xeb, 0x6f, 0xa6, 0x49, 0x71,
     73 		0x48, 0x5f, 0x70, 0x32, 0x22, 0xcb, 0x87, 0x55,
     74 		0xe2, 0x6d, 0x13, 0x52, 0x33, 0xf0, 0xb7, 0xb3,
     75 		0x40, 0xbe, 0xeb, 0x28, 0x2f, 0x18, 0xa2, 0x59,
     76 		0x67, 0x47, 0xd2, 0x6b, 0x45, 0x8c, 0x55, 0x3e,
     77 		0xa7, 0xe1, 0x46, 0x6c, 0x94, 0x11, 0xf1, 0xdf,
     78 		0x82, 0x1f, 0x75, 0x0a, 0xad, 0x07, 0xd7, 0x53,
     79 		0xca, 0x40, 0x05, 0x38, 0x8f, 0xcc, 0x50, 0x06,
     80 		0x28, 0x2d, 0x16, 0x6a, 0xbc, 0x3c, 0xe7, 0xb5,
     81 		0xe9, 0x8b, 0xa0, 0x6f, 0x44, 0x8c, 0x77, 0x3c,
     82 		0x8e, 0xcc, 0x72, 0x04, 0x01, 0x00, 0x22, 0x02,
     83 	];
     84 
     85 	let block = x86ni();
     86 	x86ni_init(&block, key[..]);
     87 
     88 	assert(block.rounds == 12);
     89 	assert(bytes::equal(expected_rounds[..], block.expkey[..EXPKEYLEN192]));
     90 };
     91 
     92 
     93 // taken from fips-197.pdf Section A.3
     94 @test fn ni_enc_key_expand_256() void = {
     95 	const key: [32]u8 = [
     96 		0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
     97 		0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
     98 		0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
     99 		0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
    100 	];
    101 
    102 	const expected_rounds: [_]u8 = [
    103 		0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
    104 		0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
    105 		0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
    106 		0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
    107 		0x9b, 0xa3, 0x54, 0x11, 0x8e, 0x69, 0x25, 0xaf,
    108 		0xa5, 0x1a, 0x8b, 0x5f, 0x20, 0x67, 0xfc, 0xde,
    109 		0xa8, 0xb0, 0x9c, 0x1a, 0x93, 0xd1, 0x94, 0xcd,
    110 		0xbe, 0x49, 0x84, 0x6e, 0xb7, 0x5d, 0x5b, 0x9a,
    111 		0xd5, 0x9a, 0xec, 0xb8, 0x5b, 0xf3, 0xc9, 0x17,
    112 		0xfe, 0xe9, 0x42, 0x48, 0xde, 0x8e, 0xbe, 0x96,
    113 		0xb5, 0xa9, 0x32, 0x8a, 0x26, 0x78, 0xa6, 0x47,
    114 		0x98, 0x31, 0x22, 0x29, 0x2f, 0x6c, 0x79, 0xb3,
    115 		0x81, 0x2c, 0x81, 0xad, 0xda, 0xdf, 0x48, 0xba,
    116 		0x24, 0x36, 0x0a, 0xf2, 0xfa, 0xb8, 0xb4, 0x64,
    117 		0x98, 0xc5, 0xbf, 0xc9, 0xbe, 0xbd, 0x19, 0x8e,
    118 		0x26, 0x8c, 0x3b, 0xa7, 0x09, 0xe0, 0x42, 0x14,
    119 		0x68, 0x00, 0x7b, 0xac, 0xb2, 0xdf, 0x33, 0x16,
    120 		0x96, 0xe9, 0x39, 0xe4, 0x6c, 0x51, 0x8d, 0x80,
    121 		0xc8, 0x14, 0xe2, 0x04, 0x76, 0xa9, 0xfb, 0x8a,
    122 		0x50, 0x25, 0xc0, 0x2d, 0x59, 0xc5, 0x82, 0x39,
    123 		0xde, 0x13, 0x69, 0x67, 0x6c, 0xcc, 0x5a, 0x71,
    124 		0xfa, 0x25, 0x63, 0x95, 0x96, 0x74, 0xee, 0x15,
    125 		0x58, 0x86, 0xca, 0x5d, 0x2e, 0x2f, 0x31, 0xd7,
    126 		0x7e, 0x0a, 0xf1, 0xfa, 0x27, 0xcf, 0x73, 0xc3,
    127 		0x74, 0x9c, 0x47, 0xab, 0x18, 0x50, 0x1d, 0xda,
    128 		0xe2, 0x75, 0x7e, 0x4f, 0x74, 0x01, 0x90, 0x5a,
    129 		0xca, 0xfa, 0xaa, 0xe3, 0xe4, 0xd5, 0x9b, 0x34,
    130 		0x9a, 0xdf, 0x6a, 0xce, 0xbd, 0x10, 0x19, 0x0d,
    131 		0xfe, 0x48, 0x90, 0xd1, 0xe6, 0x18, 0x8d, 0x0b,
    132 		0x04, 0x6d, 0xf3, 0x44, 0x70, 0x6c, 0x63, 0x1e,
    133 	];
    134 
    135 	let block = x86ni();
    136 	x86ni_init(&block, key[..]);
    137 
    138 	assert(block.rounds == 14);
    139 	assert(bytes::equal(expected_rounds[..], block.expkey[..EXPKEYLEN256]));
    140 };
    141 
    142 @test fn ni_test_encrypt_128() void = {
    143 	let key: [_]u8 = [
    144 		0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
    145 		0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
    146 	];
    147 
    148 	let plain: [16]u8 = [
    149 		0x32, 0x43, 0xf6, 0xa8, 0x88, 0x5a, 0x30, 0x8d,
    150 		0x31, 0x31, 0x98, 0xa2, 0xe0, 0x37, 0x07, 0x34,
    151 	];
    152 
    153 	const cipher: [16]u8 = [
    154 		0x39, 0x25, 0x84, 0x1d, 0x02, 0xdc, 0x09, 0xfb,
    155 		0xdc, 0x11, 0x85, 0x97, 0x19, 0x6a, 0x0b, 0x32,
    156 	];
    157 
    158 	let result: [16]u8 = [0...];
    159 	let b = x86ni();
    160 
    161 	x86ni_init(&b, key[..]);
    162 	cipher::encrypt(&b, result[..], plain);
    163 
    164 	assert(bytes::equal(cipher, result));
    165 };
    166 
    167 @test fn ni_test_decrypt_128() void = {
    168 	const key: [_]u8 = [
    169 		0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
    170 		0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
    171 	];
    172 
    173 	const plain: [16]u8 = [
    174 		0x32, 0x43, 0xf6, 0xa8, 0x88, 0x5a, 0x30, 0x8d,
    175 		0x31, 0x31, 0x98, 0xa2, 0xe0, 0x37, 0x07, 0x34,
    176 	];
    177 
    178 	const cipher: [16]u8 = [
    179 		0x39, 0x25, 0x84, 0x1d, 0x02, 0xdc, 0x09, 0xfb,
    180 		0xdc, 0x11, 0x85, 0x97, 0x19, 0x6a, 0x0b, 0x32,
    181 	];
    182 
    183 	let result: [16]u8 = [0...];
    184 	let b = x86ni();
    185 
    186 	x86ni_init(&b, key[..]);
    187 	cipher::decrypt(&b, result[..], cipher);
    188 	assert(bytes::equal(plain, result));
    189 };
    190 
    191 // fips-197.pdf Appendix C.1
    192 @test fn ni_test_example_vector1() void = {
    193 	const key: []u8 = [
    194 		0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
    195 		0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
    196 	];
    197 
    198 	const plain: []u8 = [
    199 		0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
    200 		0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
    201 	];
    202 
    203 	const cipher: []u8 = [
    204 		0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30,
    205 		0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a,
    206 	];
    207 
    208 	let result: [16]u8 = [0...];
    209 	let b = x86ni();
    210 
    211 	x86ni_init(&b, key[..]);
    212 
    213 	cipher::encrypt(&b, result[..], plain);
    214 	assert(bytes::equal(cipher, result));
    215 
    216 	cipher::decrypt(&b, result[..], cipher);
    217 	assert(bytes::equal(plain, result));
    218 };
    219 
    220 // fips-197.pdf Appendix C.2
    221 @test fn ni_test_example_vector2() void = {
    222 	const key: []u8 = [
    223 		0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
    224 		0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
    225 		0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
    226 	];
    227 
    228 	const plain: []u8 = [
    229 		0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
    230 		0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
    231 	];
    232 
    233 	const cipher: []u8 = [
    234 		0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0,
    235 		0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91,
    236 	];
    237 
    238 	let result: [16]u8 = [0...];
    239 	let b = x86ni();
    240 
    241 	x86ni_init(&b, key[..]);
    242 
    243 	cipher::encrypt(&b, result[..], plain);
    244 	assert(bytes::equal(cipher, result));
    245 
    246 	cipher::decrypt(&b, result[..], cipher);
    247 	assert(bytes::equal(plain, result));
    248 };
    249 
    250 // fips-197.pdf Appendix C.3
    251 @test fn ni_test_example_vector3() void = {
    252 	const key: []u8 = [
    253 		0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
    254 		0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
    255 		0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
    256 		0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
    257 	];
    258 
    259 	const plain: []u8 = [
    260 		0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
    261 		0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
    262 	];
    263 
    264 	const cipher: []u8 = [
    265 		0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf,
    266 		0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89,
    267 	];
    268 
    269 	let result: [16]u8 = [0...];
    270 	let b = x86ni();
    271 
    272 	x86ni_init(&b, key[..]);
    273 
    274 	cipher::encrypt(&b, result[..], plain);
    275 	assert(bytes::equal(cipher, result));
    276 
    277 	cipher::decrypt(&b, result[..], cipher);
    278 	assert(bytes::equal(plain, result));
    279 };