github.com/emmansun/gmsm@v0.29.1/drbg/ctr_drbg_test.go (about) 1 package drbg 2 3 import ( 4 "bytes" 5 "crypto/aes" 6 "crypto/cipher" 7 "encoding/hex" 8 "testing" 9 10 "github.com/emmansun/gmsm/sm4" 11 ) 12 13 var ctrtests = []struct { 14 gm bool 15 cipherProvider func(key []byte) (cipher.Block, error) 16 keyLen int 17 entropyInput string 18 nonce string 19 personalizationString string 20 v0 string 21 key0 string 22 entropyInputReseed string 23 additionalInputReseed string 24 v1 string 25 key1 string 26 additionalInput1 string 27 v2 string 28 key2 string 29 additionalInput2 string 30 returnbits1 string 31 v3 string 32 key3 string 33 }{ 34 { // AES-128, without additional input 35 false, 36 aes.NewCipher, 37 16, 38 "0f65da13dca407999d4773c2b4a11d85", 39 "5209e5b4ed82a234", 40 "", 41 "80941680713df715056fb2a3d2e998b2", 42 "0c42ea6804303954deb197a07e6dbdd2", 43 "1dea0a12c52bf64339dd291c80d8ca89", 44 "", 45 "f2bacbb233252fba35fb0582f9286179", // v1 46 "32fbfd0109f364ed21ef21a6e5c763e7", //key1 47 "", 48 "99003d630bba500fe17c37f8c7331bf6", // v2 49 "757c8eb766f9aaa4650d6500b58624a3", //key2 50 "", 51 "2859cc468a76b08661ffd23b28547ffd0997ad526a0f51261b99ed3a37bd407bf418dbe6c6c3e26ed0ddefcb7474d899bd99f3655427519fc5b4057bcaf306d4", 52 "5907ab447a88e5106753507cc97e0fd5", 53 "e421ff2445e04992faf36cf9a5eaf1f9", 54 }, 55 { // AES-128, without additional input 56 false, 57 aes.NewCipher, 58 16, 59 "c9b8d7eb0afa5889e7f9b78a50ed453c", 60 "3058ba347ecd11b1", 61 "", 62 "b4e0180e3af0d99592249db33a29cc4e", 63 "1621bebef7e9215078459ecc74baffbc", 64 "643686b86266d9111f29eb389e1184b4", 65 "", 66 "7574911eeb85d56d385f0c8c99965c4a", // v1 67 "a4c515266cb5986825a503b39d5f398c", //key1 68 "", 69 "abca3ea049e405d3826f43e54e08c8f7", // v2 70 "edcdf23f60d3988a4d235798aa0d33a2", //key2 71 "", 72 "0a8ccadc1c5cbd20b8ce32f942505e654b91a4e9410e0ea627c961d632d3be71d6a7dfd64b8f70d28ff91869b92ced908b454936b6d18fcddd7fb77216ccc404", 73 "1d57b4e09fd920d91877a0737559ee29", 74 "e83e07722d26779d0b76a52a629b211b", 75 }, 76 { // AES-128, with additional input 77 false, 78 aes.NewCipher, 79 16, 80 "285da6cf762552634636bfee3400b156", 81 "8f8bada74820cb43", 82 "", 83 "ad2af7e4c84337cfc3116d59f02c54a8", // v0 84 "c92780982442d348cc7363dfc96a999d", // key0 85 "b4699b33354a83bfed115f770f32db0b", // EntropyInputReseed 86 "38bfec9a10e6e40c106841dae48dc3b8", // AdditionalInputReseed 87 "923f37427a8e10bf945249a5b790769a", // v1 88 "57004c8a776f5c702e83ff56acc32dcc", // key1 89 "629ead5bacfac8235711ffeb22f57558", // AdditionalInput1 90 "7ade619ed91092987d8a1d244605f85f", // v2 91 "3b5f92f511c10fef2f640de2cd8c9049", // key2 92 "dd8a02ee668ca3e03949b38cb6e6b4df", // AdditionalInput2 93 "e555aa4432bde04dcf0f0b03ead187b31df06653d444234b5c1bfc11b224285f2fb2b6cdd5a9ae6f13d99bd02c3c9fe9c3c1be46a600f5f757ab4574af893501", 94 "f5dac2375e820f797c6f1258147d8ea7", // v3 95 "6bc01c1518fe9f9dfbbb08d97c34db1e", // key3 96 }, 97 { // AES-192, without additional input 98 false, 99 aes.NewCipher, 100 24, 101 "b11d8b104a7ced9b9f37e5d92ad3dfcbb817552b1ae88f6a", 102 "017510f270c66586a51313eadc32b07e", 103 "", 104 "9e5767ab537fe663c71e4054ba618c8d", // v0 105 "b9b3d73bc0c784a7d78db344109707c73abbff7dc2dfa864", // key0 106 "6d14cfb36f30c9c1a1ba0e0a32c2f99d1b47f219a3a8ac14", // EntropyInputReseed 107 "", // AdditionalInputReseed 108 "c8563c5a4adc3b579f79f898c4b69854", // v1 109 "3e18d4984d454e5f986e49bfa7a569dab3667ece8130cba1", // key1 110 "", // AdditionalInput1 111 "087a3112e191f60619acae2a556f333b", // v2 112 "b42a24cbb9e8c014bb65350afa28a67b273a41e599bde5b8", // key2 113 "", // AdditionalInput2 114 "53fbba563ae014ebc080767aab8452a9f36ce40bbf68f1a12dc0a6388c870c8dfa4250526cbc8c983fee6449903c6bd7c2c02e327680a66b464267edbc4e6797", 115 "84f344f8277841e920464ca475b10276", // v3 116 "1f5e987ac2259b7072867e4ae59167094d0162111062f6f8", // key3 117 }, 118 { // AES-192, with additional input 119 false, 120 aes.NewCipher, 121 24, 122 "3a09c9cc5e01f152ea2ed3021d49b4d6386aa6f04521ebde", 123 "490bd4ee628cf9615035543e70fce4e2", 124 "", 125 "59a45ccbc3864f79b896c30d4a231d46", // v0 126 "a4283dc9450ac97bf22c387082e3816728243473cedaa2af", // key0 127 "df06e5668d41a6fa7660aef477eff7a0ffc0542c1cd406d5", // EntropyInputReseed 128 "59b8c26626aab69e462752722f19450d12e2c0e959882d4d06ef4177e396855d", // AdditionalInputReseed 129 "5857d49a1552923931926dca1682fbc2", // v1 130 "9c4d7784fe341619e21f2535d404866df3b75e9a7940d471", // key1 131 "28e57a9128e479985cce391e98127fd126f37ad0f317fd5f97b8c18e762f360b", // AdditionalInput1 132 "bb8ed7bcbe1203be861b8e6570fe116b", // v2 133 "6a8fddde995255f89ea3c9454cc481045ff0e16ce5a34693", // key2 134 "d488672b52e867816178369f542190685bbe8672720c1943d8a4378cc9b9dd0c", // AdditionalInput2 135 "5c233e2850e4981bab0f6513a76ca2c9f9f97b89b7fedd3d9aaffecf305d89fd5306cf24715895ad9ba7dac8c389fd87f95b4973003150871fa281e962f270cb", 136 "1cf82a0638c421bb43401943498d0f88", // v3 137 "5dec9ad1f5f3d0e7bb59ae581097a3f616e443e4f5bd804a", // key3 138 }, 139 { // AES-256, without additional input 140 false, 141 aes.NewCipher, 142 32, 143 "2d4c9f46b981c6a0b2b5d8c69391e569ff13851437ebc0fc00d616340252fed5", 144 "0bf814b411f65ec4866be1abb59d3c32", 145 "", 146 "446ce986bd722ad1a514ebb7d274ec99", // v0 147 "d64160c3e965f377caef625c7eb21dd37728bcf84bfc23b92e267611feaffda8", // key0 148 "93500fae4fa32b86033b7a7bac9d37e710dcc67ca266bc8607d665937766d207", // EntropyInputReseed 149 "", // AdditionalInputReseed 150 "0b8e38a54036f1ba80a2880d4f17bb09", // v1 151 "50d9feb33fc77303b83232b7deded04f1bfa4afaa937712f88458d6b64c046c5", // key1 152 "", // AdditionalInput1 153 "84b0a849c5459e27fe7f8c5db26fa13d", // v2 154 "a2203a6f082ecdc0cd38f0b3b19f1a8cd6a5f110a13bb488c1e70f9f95a93024", // key2 155 "", // AdditionalInput2 156 "322dd28670e75c0ea638f3cb68d6a9d6e50ddfd052b772a7b1d78263a7b8978b6740c2b65a9550c3a76325866fa97e16d74006bc96f26249b9f0a90d076f08e5", 157 "de67dd5f9a431fc46dd1825cd1a2bff3", // v3 158 "de721178a341a85eb54a2f7e2b3cd4bcc201417e739eb183fa958f9af8535b2c", // key3 159 }, 160 { // AES-256, with additional input 161 false, 162 aes.NewCipher, 163 32, 164 "6f60f0f9d486bc23e1223b934e61c0c78ae9232fa2e9a87c6dacd447c3f10e9e", 165 "401e3f87762fa8a14ab232ccb8480a2f", 166 "", 167 "ee534dcfd9d2be3a3f9c65a6c5f599b0", // v0 168 "6d9aa2e029466438d3e4c22530bd071dbe57b549b87370957b28da8ae083f8d6", // key0 169 "350be52552a65a804a106543ebb7dd046cffae104e4e8b2f18936d564d3c1950", // EntropyInputReseed 170 "7a3688adb1cfb6c03264e2762ece96bfe4daf9558fabf74d7fff203c08b4dd9f", // AdditionalInputReseed 171 "433725f6c4b8c662c3b2db4b75f38d86", // v1 172 "b5953178a900b2fcf052b5cbc1d882ea944da2965e84fef59c4919bb4d5c892d", // key1 173 "67cf4a56d081c53670f257c25557014cd5e8b0e919aa58f23d6861b10b00ea80", // AdditionalInput1 174 "2c342b2ab12bd3484e4660b8dd5f85eb", // v2 175 "b2b9e9f1ffcfd84c050445f93dfad90d6ca240494bbed5d44a0deb38fbaeb751", // key2 176 "648d4a229198b43f33dd7dd8426650be11c5656adcdf913bb3ee5eb49a2a3892", // AdditionalInput2 177 "2d819fb9fee38bfc3f15a07ef0e183ff36db5d3184cea1d24e796ba103687415abe6d9f2c59a11931439a3d14f45fc3f4345f331a0675a3477eaf7cd89107e37", 178 "a9729f842063b9464e74018c0ab30df3", // v3 179 "770600434fe0af64e045f5530e2b9732da9e3b4c3af342994a4f1f7ee5c4144e", // key3 180 }, 181 { // SM4-128, without additional input 182 true, 183 sm4.NewCipher, 184 16, 185 "2d4c9f46b981c6a0b2b5d8c69391e569ff13851437ebc0fc00d616340252fed5", 186 "0bf814b411f65ec4866be1abb59d3c32", 187 "", 188 "044f9ff3b7e8ad2b60a7b2c05fe6b5b7", 189 "7fce60b97d8ceb60506bff1d37b1a936", 190 "93500fae4fa32b86033b7a7bac9d37e710dcc67ca266bc8607d665937766d207", 191 "", 192 "8bd44b2e39f8186497f889c73555797d", // v1 193 "02b9a8f88124bd9cec909e1fd7ec9971", //key1 194 "", 195 "fbc91ad876ba3a84588be2f358b9e13c", // v2 196 "4804b2a1a971ca729abff5bada051cf6", //key2 197 "", 198 "e732a524de8ad239aa293ac8ae588f9d", 199 "ce60250d77048bdbe48ade354b6869f6", 200 "6788e31ae27aae09a14aed967ce8b219", 201 }, 202 { // SM4-128, with additional input 203 false, 204 sm4.NewCipher, 205 16, 206 "6f60f0f9d486bc23e1223b934e61c0c78ae9232fa2e9a87c6dacd447c3f10e9e", 207 "401e3f87762fa8a14ab232ccb8480a2f", 208 "", 209 "5e8c10afe142dc9c8caf35411b38730a", // v0 210 "d72aefa9fd527383ad418f6158627feb", // key0 211 "350be52552a65a804a106543ebb7dd046cffae104e4e8b2f18936d564d3c1950", // EntropyInputReseed 212 "7a3688adb1cfb6c03264e2762ece96bfe4daf9558fabf74d7fff203c08b4dd9f", // AdditionalInputReseed 213 "c00836da0fd780cdc81dabec80e344ce", // v1 214 "f5f3abdeff30df22f4866d83cd96bc1b", // key1 215 "67cf4a56d081c53670f257c25557014cd5e8b0e919aa58f23d6861b10b00ea80", // AdditionalInput1 216 "6ddb205ec76567b31a07ee48437acebc", // v2 217 "5e23cbe8b97065102ca0d87bfd9ae0da", // key2 218 "648d4a229198b43f33dd7dd8426650be11c5656adcdf913bb3ee5eb49a2a3892", // AdditionalInput2 219 "b0ac91f148efbdc3570d7e434aba8d24", 220 "d1f029bb089613d836ddc6fe1d6fb96f", // v3 221 "8adfe65e9137b18f060ae91e7a6224c1", // key3 222 }, 223 } 224 225 func TestCtrDRBG(t *testing.T) { 226 for i, test := range ctrtests { 227 entropyInput, _ := hex.DecodeString(test.entropyInput) 228 nonce, _ := hex.DecodeString(test.nonce) 229 personalizationString, _ := hex.DecodeString(test.personalizationString) 230 v0, _ := hex.DecodeString(test.v0) 231 key0, _ := hex.DecodeString(test.key0) 232 hd, err := NewCtrDrbg(test.cipherProvider, test.keyLen, SECURITY_LEVEL_ONE, test.gm, entropyInput, nonce, personalizationString) 233 if err != nil { 234 t.Fatal(err) 235 } 236 if !bytes.Equal(hd.v[:len(v0)], v0) { 237 t.Errorf("case %v, not same v0 %s", i+1, hex.EncodeToString(hd.v)) 238 } 239 if !bytes.Equal(hd.key[:len(key0)], key0) { 240 t.Errorf("case %v, not same key0 %s", i+1, hex.EncodeToString(hd.key)) 241 } 242 // Reseed 243 entropyInputReseed, _ := hex.DecodeString(test.entropyInputReseed) 244 additionalInputReseed, _ := hex.DecodeString(test.additionalInputReseed) 245 v1, _ := hex.DecodeString(test.v1) 246 key1, _ := hex.DecodeString(test.key1) 247 err = hd.Reseed(entropyInputReseed, additionalInputReseed) 248 if err != nil { 249 t.Fatal(err) 250 } 251 if !bytes.Equal(hd.v, v1) { 252 t.Errorf("case %v, not same v1 %s", i+1, hex.EncodeToString(hd.v)) 253 } 254 if !bytes.Equal(hd.key, key1) { 255 t.Errorf("case %v, not same key1 %s", i+1, hex.EncodeToString(hd.key)) 256 } 257 // Generate 1 258 returnbits1, _ := hex.DecodeString(test.returnbits1) 259 v2, _ := hex.DecodeString(test.v2) 260 key2, _ := hex.DecodeString(test.key2) 261 output := make([]byte, len(returnbits1)) 262 additionalInput1, _ := hex.DecodeString(test.additionalInput1) 263 hd.Generate(output, additionalInput1) 264 if !bytes.Equal(hd.v, v2) { 265 t.Errorf("case %v, not same v2 %s", i+1, hex.EncodeToString(hd.v)) 266 } 267 if !bytes.Equal(hd.key, key2) { 268 t.Errorf("case %v, not same key2 %s", i+1, hex.EncodeToString(hd.key)) 269 } 270 // Generate 2 271 v3, _ := hex.DecodeString(test.v3) 272 key3, _ := hex.DecodeString(test.key3) 273 additionalInput2, _ := hex.DecodeString(test.additionalInput2) 274 hd.Generate(output, additionalInput2) 275 if !bytes.Equal(hd.v[:len(v0)], v3) { 276 t.Errorf("case %v, not same v3 %s", i+1, hex.EncodeToString(hd.v)) 277 } 278 if !bytes.Equal(hd.key, key3) { 279 t.Errorf("case %v, not same key3 %s", i+1, hex.EncodeToString(hd.key)) 280 } 281 if !bytes.Equal(returnbits1, output) { 282 t.Errorf("case %v, not expected return bits %s", i+1, hex.EncodeToString(output)) 283 } 284 } 285 } 286 287 func TestGmCtrDRBG_Validation(t *testing.T) { 288 entropyInput := make([]byte, 64) 289 _, err := NewCtrDrbg(sm4.NewCipher, 16, SECURITY_LEVEL_ONE, true, entropyInput[:16], entropyInput[16:24], nil) 290 if err == nil { 291 t.Fatalf("expected error here") 292 } 293 _, err = NewCtrDrbg(sm4.NewCipher, 16, SECURITY_LEVEL_ONE, true, entropyInput[:32], entropyInput[32:40], nil) 294 if err == nil { 295 t.Fatalf("expected error here") 296 } 297 hd, err := NewCtrDrbg(sm4.NewCipher, 16, SECURITY_LEVEL_ONE, true, entropyInput[:32], entropyInput[32:48], nil) 298 if err != nil { 299 t.Fatal(err) 300 } 301 err = hd.Reseed(entropyInput[:16], nil) 302 if err == nil { 303 t.Fatalf("expected error here") 304 } 305 }