-
Notifications
You must be signed in to change notification settings - Fork 0
/
baesh_test.sh
executable file
·464 lines (397 loc) · 17.5 KB
/
baesh_test.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
#!/bin/bash
declare -A AES_128bit_expansions=(
['00000000000000000000000000000000']='00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
62 63 63 63 62 63 63 63 62 63 63 63 62 63 63 63
9b 98 98 c9 f9 fb fb aa 9b 98 98 c9 f9 fb fb aa
90 97 34 50 69 6c cf fa f2 f4 57 33 0b 0f ac 99
ee 06 da 7b 87 6a 15 81 75 9e 42 b2 7e 91 ee 2b
7f 2e 2b 88 f8 44 3e 09 8d da 7c bb f3 4b 92 90
ec 61 4b 85 14 25 75 8c 99 ff 09 37 6a b4 9b a7
21 75 17 87 35 50 62 0b ac af 6b 3c c6 1b f0 9b
0e f9 03 33 3b a9 61 38 97 06 0a 04 51 1d fa 9f
b1 d4 d8 e2 8a 7d b9 da 1d 7b b3 de 4c 66 49 41
b4 ef 5b cb 3e 92 e2 11 23 e9 51 cf 6f 8f 18 8e'
['ffffffffffffffffffffffffffffffff']='ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
e8 e9 e9 e9 17 16 16 16 e8 e9 e9 e9 17 16 16 16
ad ae ae 19 ba b8 b8 0f 52 51 51 e6 45 47 47 f0
09 0e 22 77 b3 b6 9a 78 e1 e7 cb 9e a4 a0 8c 6e
e1 6a bd 3e 52 dc 27 46 b3 3b ec d8 17 9b 60 b6
e5 ba f3 ce b7 66 d4 88 04 5d 38 50 13 c6 58 e6
71 d0 7d b3 c6 b6 a9 3b c2 eb 91 6b d1 2d c9 8d
e9 0d 20 8d 2f bb 89 b6 ed 50 18 dd 3c 7d d1 50
96 33 73 66 b9 88 fa d0 54 d8 e2 0d 68 a5 33 5d
8b f0 3f 23 32 78 c5 f3 66 a0 27 fe 0e 05 14 a3
d6 0a 35 88 e4 72 f0 7b 82 d2 d7 85 8c d7 c3 26'
['000102030405060708090a0b0c0d0e0f']='00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
d6 aa 74 fd d2 af 72 fa da a6 78 f1 d6 ab 76 fe
b6 92 cf 0b 64 3d bd f1 be 9b c5 00 68 30 b3 fe
b6 ff 74 4e d2 c2 c9 bf 6c 59 0c bf 04 69 bf 41
47 f7 f7 bc 95 35 3e 03 f9 6c 32 bc fd 05 8d fd
3c aa a3 e8 a9 9f 9d eb 50 f3 af 57 ad f6 22 aa
5e 39 0f 7d f7 a6 92 96 a7 55 3d c1 0a a3 1f 6b
14 f9 70 1a e3 5f e2 8c 44 0a df 4d 4e a9 c0 26
47 43 87 35 a4 1c 65 b9 e0 16 ba f4 ae bf 7a d2
54 99 32 d1 f0 85 57 68 10 93 ed 9c be 2c 97 4e
13 11 1d 7f e3 94 4a 17 f3 07 a7 8b 4d 2b 30 c5'
['6920e299a5202a6d656e636869746f2a']='69 20 e2 99 a5 20 2a 6d 65 6e 63 68 69 74 6f 2a
fa 88 07 60 5f a8 2d 0d 3a c6 4e 65 53 b2 21 4f
cf 75 83 8d 90 dd ae 80 aa 1b e0 e5 f9 a9 c1 aa
18 0d 2f 14 88 d0 81 94 22 cb 61 71 db 62 a0 db
ba ed 96 ad 32 3d 17 39 10 f6 76 48 cb 94 d6 93
88 1b 4a b2 ba 26 5d 8b aa d0 2b c3 61 44 fd 50
b3 4f 19 5d 09 69 44 d6 a3 b9 6f 15 c2 fd 92 45
a7 00 77 78 ae 69 33 ae 0d d0 5c bb cf 2d ce fe
ff 8b cc f2 51 e2 ff 5c 5c 32 a3 e7 93 1f 6d 19
24 b7 18 2e 75 55 e7 72 29 67 44 95 ba 78 29 8c
ae 12 7c da db 47 9b a8 f2 20 df 3d 48 58 f6 b1'
)
declare -A AES_192bit_expansions=(
['000000000000000000000000000000000000000000000000']='00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 62 63 63 63 62 63 63 63
62 63 63 63 62 63 63 63 62 63 63 63 62 63 63 63
9b 98 98 c9 f9 fb fb aa 9b 98 98 c9 f9 fb fb aa
9b 98 98 c9 f9 fb fb aa 90 97 34 50 69 6c cf fa
f2 f4 57 33 0b 0f ac 99 90 97 34 50 69 6c cf fa
c8 1d 19 a9 a1 71 d6 53 53 85 81 60 58 8a 2d f9
c8 1d 19 a9 a1 71 d6 53 7b eb f4 9b da 9a 22 c8
89 1f a3 a8 d1 95 8e 51 19 88 97 f8 b8 f9 41 ab
c2 68 96 f7 18 f2 b4 3f 91 ed 17 97 40 78 99 c6
59 f0 0e 3e e1 09 4f 95 83 ec bc 0f 9b 1e 08 30
0a f3 1f a7 4a 8b 86 61 13 7b 88 5f f2 72 c7 ca
43 2a c8 86 d8 34 c0 b6 d2 c7 df 11 98 4c 59 70'
['ffffffffffffffffffffffffffffffffffffffffffffffff']='ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff e8 e9 e9 e9 17 16 16 16
e8 e9 e9 e9 17 16 16 16 e8 e9 e9 e9 17 16 16 16
ad ae ae 19 ba b8 b8 0f 52 51 51 e6 45 47 47 f0
ad ae ae 19 ba b8 b8 0f c5 c2 d8 ed 7f 7a 60 e2
2d 2b 31 04 68 6c 76 f4 c5 c2 d8 ed 7f 7a 60 e2
17 12 40 3f 68 68 20 dd 45 43 11 d9 2d 2f 67 2d
e8 ed bf c0 97 97 df 22 8f 8c d3 b7 e7 e4 f3 6a
a2 a7 e2 b3 8f 88 85 9e 67 65 3a 5e f0 f2 e5 7c
26 55 c3 3b c1 b1 30 51 63 16 d2 e2 ec 9e 57 7c
8b fb 6d 22 7b 09 88 5e 67 91 9b 1a a6 20 ab 4b
c5 36 79 a9 29 a8 2e d5 a2 53 43 f7 d9 5a cb a9
59 8e 48 2f ff ae e3 64 3a 98 9a cd 13 30 b4 18'
['000102030405060708090a0b0c0d0e0f1011121314151617']='00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
10 11 12 13 14 15 16 17 58 46 f2 f9 5c 43 f4 fe
54 4a fe f5 58 47 f0 fa 48 56 e2 e9 5c 43 f4 fe
40 f9 49 b3 1c ba bd 4d 48 f0 43 b8 10 b7 b3 42
58 e1 51 ab 04 a2 a5 55 7e ff b5 41 62 45 08 0c
2a b5 4b b4 3a 02 f8 f6 62 e3 a9 5d 66 41 0c 08
f5 01 85 72 97 44 8d 7e bd f1 c6 ca 87 f3 3e 3c
e5 10 97 61 83 51 9b 69 34 15 7c 9e a3 51 f1 e0
1e a0 37 2a 99 53 09 16 7c 43 9e 77 ff 12 05 1e
dd 7e 0e 88 7e 2f ff 68 60 8f c8 42 f9 dc c1 54
85 9f 5f 23 7a 8d 5a 3d c0 c0 29 52 be ef d6 3a
de 60 1e 78 27 bc df 2c a2 23 80 0f d8 ae da 32
a4 97 0a 33 1a 78 dc 09 c4 18 c2 71 e3 a4 1d 5d'
)
declare -A AES_256bit_expansions=(
['0000000000000000000000000000000000000000000000000000000000000000']='00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
62 63 63 63 62 63 63 63 62 63 63 63 62 63 63 63
aa fb fb fb aa fb fb fb aa fb fb fb aa fb fb fb
6f 6c 6c cf 0d 0f 0f ac 6f 6c 6c cf 0d 0f 0f ac
7d 8d 8d 6a d7 76 76 91 7d 8d 8d 6a d7 76 76 91
53 54 ed c1 5e 5b e2 6d 31 37 8e a2 3c 38 81 0e
96 8a 81 c1 41 fc f7 50 3c 71 7a 3a eb 07 0c ab
9e aa 8f 28 c0 f1 6d 45 f1 c6 e3 e7 cd fe 62 e9
2b 31 2b df 6a cd dc 8f 56 bc a6 b5 bd bb aa 1e
64 06 fd 52 a4 f7 90 17 55 31 73 f0 98 cf 11 19
6d bb a9 0b 07 76 75 84 51 ca d3 31 ec 71 79 2f
e7 b0 e8 9c 43 47 78 8b 16 76 0b 7b 8e b9 1a 62
74 ed 0b a1 73 9b 7e 25 22 51 ad 14 ce 20 d4 3b
10 f8 0a 17 53 bf 72 9c 45 c9 79 e7 cb 70 63 85'
['ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff']='ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
e8 e9 e9 e9 17 16 16 16 e8 e9 e9 e9 17 16 16 16
0f b8 b8 b8 f0 47 47 47 0f b8 b8 b8 f0 47 47 47
4a 49 49 65 5d 5f 5f 73 b5 b6 b6 9a a2 a0 a0 8c
35 58 58 dc c5 1f 1f 9b ca a7 a7 23 3a e0 e0 64
af a8 0a e5 f2 f7 55 96 47 41 e3 0c e5 e1 43 80
ec a0 42 11 29 bf 5d 8a e3 18 fa a9 d9 f8 1a cd
e6 0a b7 d0 14 fd e2 46 53 bc 01 4a b6 5d 42 ca
a2 ec 6e 65 8b 53 33 ef 68 4b c9 46 b1 b3 d3 8b
9b 6c 8a 18 8f 91 68 5e dc 2d 69 14 6a 70 2b de
a0 bd 9f 78 2b ee ac 97 43 a5 65 d1 f2 16 b6 5a
fc 22 34 91 73 b3 5c cf af 9e 35 db c5 ee 1e 05
06 95 ed 13 2d 7b 41 84 6e de 24 55 9c c8 92 0f
54 6d 42 4f 27 de 1e 80 88 40 2b 5b 4d ae 35 5e'
['000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f']='00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
a5 73 c2 9f a1 76 c4 98 a9 7f ce 93 a5 72 c0 9c
16 51 a8 cd 02 44 be da 1a 5d a4 c1 06 40 ba de
ae 87 df f0 0f f1 1b 68 a6 8e d5 fb 03 fc 15 67
6d e1 f1 48 6f a5 4f 92 75 f8 eb 53 73 b8 51 8d
c6 56 82 7f c9 a7 99 17 6f 29 4c ec 6c d5 59 8b
3d e2 3a 75 52 47 75 e7 27 bf 9e b4 54 07 cf 39
0b dc 90 5f c2 7b 09 48 ad 52 45 a4 c1 87 1c 2f
45 f5 a6 60 17 b2 d3 87 30 0d 4d 33 64 0a 82 0a
7c cf f7 1c be b4 fe 54 13 e6 bb f0 d2 61 a7 df
f0 1a fa fe e7 a8 29 79 d7 a5 64 4a b3 af e6 40
25 41 fe 71 9b f5 00 25 88 13 bb d5 5a 72 1c 0a
4e 5a 66 99 a9 f2 4f e0 7e 57 2b aa cd f8 cd ea
24 fc 79 cc bf 09 79 e9 37 1a c2 3c 6d 68 de 36'
)
declare -A nist_keys=(
[128]='2b7e151628aed2a6abf7158809cf4f3c'
[192]='8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b'
[256]='603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4'
)
nist_iv='000102030405060708090a0b0c0d0e0f'
nist_counter='f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff'
nist_plaintext='6bc1bee22e409f96e93d7e117393172a
ae2d8a571e03ac9c9eb76fac45af8e51
30c81c46a35ce411e5fbc1191a0a52ef
f69f2445df4f9b17ad2b417be66c3710'
# ecb and cbc slightly modified to account for padding
declare -A nist_ciphertexts=(
[aes_128_ecb]='3ad77bb40d7a3660a89ecaf32466ef97
f5d3d58503b9699de785895a96fdbaaf
43b1cd7f598ece23881b00e3ed030688
7b0c785e27e8ad3f8223207104725dd4
a254be88e037ddd9d79fb6411c3f9df8'
[aes_192_ecb]='bd334f1d6e45f25ff712a214571fa5cc
974104846d0ad3ad7734ecb3ecee4eef
ef7afd2270e2e60adce0ba2face6444e
9a4b41ba738d6c72fb16691603c18e0e
daa0af074bd8083c8a32d4fc563c55cc'
[aes_256_ecb]='f3eed1bdb5d2a03c064b5a7e3db181f8
591ccb10d410ed26dc5ba74a31362870
b6ed21b99ca6f4f9f153e7b1beafed1d
23304b7a39f9f3ff067d8d8f9e24ecc7
4c45dfb3b3b484ec35b0512dc8c1c4d6'
[aes_128_cbc]='7649abac8119b246cee98e9b12e9197d
5086cb9b507219ee95db113a917678b2
73bed6b8e3c1743b7116e69e22229516
3ff1caa1681fac09120eca307586e1a7
8cb82807230e1321d3fae00d18cc2012'
[aes_192_cbc]='4f021db243bc633d7178183a9fa071e8
b4d9ada9ad7dedf4e5e738763f69145a
571b242012fb7ae07fa9baac3df102e0
08b0e27988598881d920a9e64f5615cd
612ccd79224b350935d45dd6a98f8176'
[aes_256_cbc]='f58c4c04d6e5f1ba779eabfb5f7bfbd6
9cfc4e967edb808d679f777bc6702c7d
39f23369a9d9bacfa530e26304231461
b2eb05e2c39be9fcda6c19078c6a9d1b
3f461796d6b0d6b2e0c2a72b4d80e644'
[aes_128_cfb]='3b3fd92eb72dad20333449f8e83cfb4a
c8a64537a0b3a93fcde3cdad9f1ce58b
26751f67a3cbb140b1808cf187a4f4df
c04b05357c5d1c0eeac4c66f9ff7f2e6'
[aes_192_cfb]='cdc80d6fddf18cab34c25909c99a4174
67ce7f7f81173621961a2b70171d3d7a
2e1e8a1dd59b88b1c8e60fed1efac4c9
c05f9f9ca9834fa042ae8fba584b09ff'
[aes_256_cfb]='dc7e84bfda79164b7ecd8486985d3860
39ffed143b28b1c832113c6331e5407b
df10132415e54b92a13ed0a8267ae2f9
75a385741ab9cef82031623d55b1e471'
[aes_128_ofb]='3b3fd92eb72dad20333449f8e83cfb4a
7789508d16918f03f53c52dac54ed825
9740051e9c5fecf64344f7a82260edcc
304c6528f659c77866a510d9c1d6ae5e'
[aes_192_ofb]='cdc80d6fddf18cab34c25909c99a4174
fcc28b8d4c63837c09e81700c1100401
8d9a9aeac0f6596f559c6d4daf59a5f2
6d9f200857ca6c3e9cac524bd9acc92a'
[aes_256_ofb]='dc7e84bfda79164b7ecd8486985d3860
4febdc6740d20b3ac88f6ad82a4fb08d
71ab47a086e86eedf39d1c5bba97c408
0126141d67f37be8538f5a8be740e484'
[aes_128_ctr]='874d6191b620e3261bef6864990db6ce
9806f66b7970fdff8617187bb9fffdff
5ae4df3edbd5d35e5b4f09020db03eab
1e031dda2fbe03d1792170a0f3009cee'
[aes_192_ctr]='1abc932417521ca24f2b0459fe7e6e0b
090339ec0aa6faefd5ccc2c6f4ce8e94
1e36b26bd1ebc670d1bd1d665620abf7
4f78a7f6d29809585a97daec58c6b050'
[aes_256_ctr]='601ec313775789a5b7a7f504bbf3d228
f443e3ca4d62b59aca84e990cacaf5c5
2b0930daa23de94ce87017ba2d84988d
dfc9c58db67aada613c2dd08457941a6'
)
declare -A plaintexts=(
[0]=''
[1]='abcdefghijklmno'
[2]='azzzzzxhijklm&&&'
[3]='a*cd[fgh!jk[mno]#'
[4]='1234567890123456123456789012345'
[5]='_-+^+-_-_-_-_-_+_/_"_x_(_)_=_?_a'
[6]='123456789012345612345678901234561'
[7]='Jun 20 18:01:49 scooter dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=xx.yy.zz.ww, lip=aa.bb.cc.dd, mpid=18174, TLS, session=<uD2Y6hRvO8W8CTgJ>'
)
declare -A IVs=(
[0]='000000000000000000000000000000ff'
[1]='12345678909876543212345678909876'
[2]='625188a5ac8ede44f84cdf07d9ae1163'
[3]='abcdefabcdefabcdefabcdefabcdefab'
)
declare -A keys128=(
[0]='0f101112131415161718191a1b1c1d1f'
[1]='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab'
[2]='00000000000100000000000000000000'
[3]='38742984797292987837878abf736aff'
)
declare -A keys192=(
[0]='01030507090b0d0f101112131415161718191a1b1c1d1e1f'
[1]='29379897977897128788788783485457592837438329834a'
[2]='f0000000000000000000000000000000000000000000000f'
[3]='02132435465768798a9bacbdcedfe0f10213243546576879'
)
declare -A keys256=(
[0]='000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f'
[1]='a3aea0458018b593464a08a2b717d04d2bf1136374237a65c641994ff55cfc15'
[2]='5e00eb116ab33f8d22822477c344d6bf9102cb9cbdc4a8c00f5776e55c827392'
[3]='5b7ed76a89206ec6b4e7a8ae5f2408bd3667ddccb00a9eede8a8ad7528d322ac'
)
print_nist_to_raw(){
local hex=$1
local join i
local -a array
join=$(tr -d '\n' <<< "$hex")
array=()
for ((i = 0; i < ${#join} / 2; i++)); do
array[i]=$(( 16#${join:i*2:2} ))
done
printf "$(printf '\\x%x' "${array[@]}")"
}
baesh_file=/tmp/baesh_result
other_file=/tmp/other_result
openssl_file=/tmp/openssl
#random_bytes=3091
random_bytes=999
: "${BAESH_FULL_TEST:=0}"
: "${ASSERT_SH_PATH:=$HOME/bin/assert.sh}" # this is a DIRECTORY name
: "${BAESH:=./bAESh}"
baesh=$BAESH
if [ ! -x "${baesh}" ]; then
echo "Cannot find bAESh script at $baesh" >&2
exit 1
fi
if [ ! -r "${ASSERT_SH_PATH}/assert.sh" ]; then
echo "Cannot find assert.sh at ${ASSERT_SH_PATH}/assert.sh" >&2
exit 1
fi
. "${ASSERT_SH_PATH}"/assert.sh -v -x
###### key expansion tests ###################
for key in "${!AES_128bit_expansions[@]}"; do
${baesh} -K "$key" -b 128 -x > $baesh_file
echo "${AES_128bit_expansions[$key]}" > $other_file
assert_raises "diff $baesh_file $other_file" 0
done
assert_end "Key expansion, 128 bits"
for key in "${!AES_192bit_expansions[@]}"; do
${baesh} -K "$key" -b 192 -x > $baesh_file
echo "${AES_192bit_expansions[$key]}" > $other_file
assert_raises "diff $baesh_file $other_file" 0
done
assert_end "Key expansion, 192 bits"
for key in "${!AES_256bit_expansions[@]}"; do
${baesh} -K "$key" -b 256 -x > $baesh_file
echo "${AES_256bit_expansions[$key]}" > $other_file
assert_raises "diff $baesh_file $other_file" 0
done
assert_end "Key expansion, 256 bits"
###### NIST tests #################
for mode in ecb cbc cfb ofb ctr; do
for bits in 128 192 256; do
declare -a iv_arg
if [ $mode = "ctr" ]; then
iv_arg=( -I "$nist_counter" )
elif [ "$mode" != "ecb" ]; then
iv_arg=( -I "$nist_iv" )
else
iv_arg=()
fi
# encryption test
assert 'print_nist_to_raw "$nist_plaintext" | ${baesh} "${iv_arg[@]}" -K "${nist_keys[$bits]}" -b $bits -m ${mode} -o hex' "${nist_ciphertexts[aes_${bits}_${mode}]}"
assert_end "${mode} ${bits} bits, NIST encryption"
# decryption_test
assert 'print_nist_to_raw "${nist_ciphertexts[aes_${bits}_${mode}]}" | ${baesh} -d "${iv_arg[@]}" -K "${nist_keys[$bits]}" -b $bits -m ${mode} -o hex' "${nist_plaintext}"
assert_end "${mode} ${bits} bits, NIST decryption"
done
done
##### other tests #################
for bits in 128 192 256; do
if [ $bits -eq 128 ]; then
declare -n key_array=keys128
elif [ $bits -eq 192 ]; then
declare -n key_array=keys192
else
declare -n key_array=keys256
fi
for plaintext_index in "${!plaintexts[@]}"; do
plaintext=${plaintexts[$plaintext_index]}
for key_index in "${!key_array[@]}"; do
key=${key_array[$key_index]}
assert 'echo "$plaintext" | ${baesh} -K "$key" -b $bits -m ecb -o raw | openssl enc -aes-${bits}-ecb -d -K "$key"' "$plaintext"
assert 'echo "$plaintext" | openssl enc -aes-${bits}-ecb -K "$key" | ${baesh} -K "$key" -d -b ${bits} -m ecb -o raw | cat' "$plaintext"
assert_end "ecb ${bits} bits, known text ${plaintext_index}, key ${key_index}, raw output"
# check base64 output
IFS= read -r -d '' openssl_output < <(printf "$plaintext" | openssl enc -aes-${bits}-ecb -K "$key" -base64)
assert 'printf "$plaintext" | ${baesh} -K "$key" -b ${bits} -m ecb -o base64' "$openssl_output"
assert_end "ecb ${bits} bits, known text ${plaintext_index}, key ${key_index}, base64 output"
done
done
if [ "$BAESH_FULL_TEST" = "1" ]; then
dd if=/dev/urandom bs=1 count=$random_bytes status=none > $other_file
for key_index in "${!key_array[@]}"; do
key=${key_array[$key_index]}
${baesh} -K "$key" -b ${bits} -m ecb -o raw < $other_file > $baesh_file
openssl enc -aes-${bits}-ecb -K "$key" -in $other_file > $openssl_file
assert_raises "diff $baesh_file $openssl_file" 0
assert_end "ecb ${bits} bits, random input, key ${key_index}, raw output"
IFS= read -r -d '' openssl_output < <(openssl enc -aes-${bits}-ecb -K "$key" -in $other_file -base64)
assert '${baesh} -K "$key" -b ${bits} -m ecb -o base64 < $other_file' "$openssl_output"
assert_end "ecb ${bits} bits, random input, key ${key_index}, base64 output"
done
fi
done
##### non-ECB encryption tests ########################
for mode in cbc cfb ofb ctr; do
for bits in 128 192 256; do
if [ $bits -eq 128 ]; then
declare -n key_array=keys128
elif [ $bits -eq 192 ]; then
declare -n key_array=keys192
else
declare -n key_array=keys256
fi
for plaintext_index in "${!plaintexts[@]}"; do
plaintext=${plaintexts[$plaintext_index]}
for key_index in "${!key_array[@]}"; do
key=${key_array[$key_index]}
for iv_index in "${!IVs[@]}"; do
iv=${IVs[$iv_index]}
assert 'echo "$plaintext" | ${baesh} -I "$iv" -K "$key" -b $bits -m $mode -o raw | openssl enc -aes-${bits}-${mode} -d -iv "$iv" -K "$key"' "$plaintext"
assert 'echo "$plaintext" | openssl enc -aes-${bits}-${mode} -iv "$iv" -K "$key" | ${baesh} -K "$key" -I "$iv" -d -b ${bits} -m ${mode} -o raw | cat' "$plaintext"
assert_end "${mode} ${bits} bits, known text ${plaintext_index}, key ${key_index}, IV ${iv_index}, raw output"
# check base64 output
IFS= read -r -d '' openssl_output < <(printf "$plaintext" | openssl enc -aes-${bits}-${mode} -iv "$iv" -K "$key" -base64)
assert 'printf "%s" "$plaintext" | ${baesh} -K "$key" -I "$iv" -b ${bits} -m ${mode} -o base64' "$openssl_output"
assert_end "${mode} ${bits} bits, known text ${plaintext_index}, key ${key_index}, IV ${iv_index}, base64 output"
done
done
done
if [ "$BAESH_FULL_TEST" = "1" ]; then
dd if=/dev/urandom bs=1 count=$random_bytes status=none > $other_file
for key_index in "${!key_array[@]}"; do
key=${key_array[$key_index]}
for iv_index in "${!IVs[@]}"; do
iv=${IVs[$iv_index]}
${baesh} -K "$key" -I "$iv" -b ${bits} -m ${mode} -o raw < $other_file > $baesh_file
openssl enc -aes-${bits}-${mode} -iv "$iv" -K "$key" -in $other_file > $openssl_file
assert_raises "diff $baesh_file $openssl_file" 0
assert_end "${mode} ${bits} bits, random input, key ${key_index}, IV ${iv_index}, raw output"
IFS= read -r -d '' openssl_output < <(openssl enc -aes-${bits}-${mode} -iv "$iv" -K "$key" -in $other_file -base64)
assert '${baesh} -K "$key" -I "$iv" -b ${bits} -m ${mode} -o base64 < $other_file' "$openssl_output"
assert_end "${mode} ${bits} bits, random input, key ${key_index}, IV ${iv_index}, base64 output"
done
done
fi
done
done
rm -f $other_file $baesh_file $openssl_file