]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/igetest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Support SM2 certificate verification
[thirdparty/openssl.git] / test / igetest.c
CommitLineData
440e5d80 1/*
ad887416 2 * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.
aa6d1a0c 3 *
909f1a2e 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
440e5d80
RS		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
aa6d1a0c
BL		 8 */
9
a3654f05 10#include <openssl/crypto.h>
aa6d1a0c
BL		 11#include <openssl/aes.h>
12#include <openssl/rand.h>
13#include <stdio.h>
14#include <string.h>
176db6dc 15#include "internal/nelem.h"
0e534337 16#include "testutil.h"
aa6d1a0c 17
0f113f3e 18#define TEST_SIZE 128
aa6d1a0c
BL		 19#define BIG_TEST_SIZE 10240
20
0e534337
P		 21#if BIG_TEST_SIZE < TEST_SIZE
22#error BIG_TEST_SIZE is smaller than TEST_SIZE
23#endif
24
25static unsigned char rkey[16];
26static unsigned char rkey2[16];
27static unsigned char plaintext[BIG_TEST_SIZE];
28static unsigned char saved_iv[AES_BLOCK_SIZE * 4];
29
0f113f3e
MC		 30#define MAX_VECTOR_SIZE 64
31
32struct ige_test {
33 const unsigned char key[16];
34 const unsigned char iv[32];
35 const unsigned char in[MAX_VECTOR_SIZE];
36 const unsigned char out[MAX_VECTOR_SIZE];
37 const size_t length;
38 const int encrypt;
39};
aa6d1a0c
BL		 40
41static struct ige_test const ige_test_vectors[] = {
0f113f3e
MC		 42 {{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
43 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, /* key */
44 {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
45 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
46 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
47 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}, /* iv */
48 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
49 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
50 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
51 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* in */
52 {0x1a, 0x85, 0x19, 0xa6, 0x55, 0x7b, 0xe6, 0x52,
53 0xe9, 0xda, 0x8e, 0x43, 0xda, 0x4e, 0xf4, 0x45,
54 0x3c, 0xf4, 0x56, 0xb4, 0xca, 0x48, 0x8a, 0xa3,
55 0x83, 0xc7, 0x9c, 0x98, 0xb3, 0x47, 0x97, 0xcb}, /* out */
56 32, AES_ENCRYPT}, /* test vector 0 */
57
58 {{0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
59 0x61, 0x6e, 0x20, 0x69, 0x6d, 0x70, 0x6c, 0x65}, /* key */
60 {0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
61 0x6e, 0x20, 0x6f, 0x66, 0x20, 0x49, 0x47, 0x45,
62 0x20, 0x6d, 0x6f, 0x64, 0x65, 0x20, 0x66, 0x6f,
63 0x72, 0x20, 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53}, /* iv */
64 {0x4c, 0x2e, 0x20, 0x4c, 0x65, 0x74, 0x27, 0x73,
65 0x20, 0x68, 0x6f, 0x70, 0x65, 0x20, 0x42, 0x65,
66 0x6e, 0x20, 0x67, 0x6f, 0x74, 0x20, 0x69, 0x74,
67 0x20, 0x72, 0x69, 0x67, 0x68, 0x74, 0x21, 0x0a}, /* in */
68 {0x99, 0x70, 0x64, 0x87, 0xa1, 0xcd, 0xe6, 0x13,
69 0xbc, 0x6d, 0xe0, 0xb6, 0xf2, 0x4b, 0x1c, 0x7a,
70 0xa4, 0x48, 0xc8, 0xb9, 0xc3, 0x40, 0x3e, 0x34,
71 0x67, 0xa8, 0xca, 0xd8, 0x93, 0x40, 0xf5, 0x3b}, /* out */
72 32, AES_DECRYPT}, /* test vector 1 */
aa6d1a0c
BL		 73};
74
0f113f3e
MC		 75struct bi_ige_test {
76 const unsigned char key1[32];
77 const unsigned char key2[32];
78 const unsigned char iv[64];
79 const unsigned char in[MAX_VECTOR_SIZE];
80 const unsigned char out[MAX_VECTOR_SIZE];
81 const size_t keysize;
82 const size_t length;
83 const int encrypt;
84};
aa6d1a0c
BL		 85
86static struct bi_ige_test const bi_ige_test_vectors[] = {
0f113f3e
MC		 87 {{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
88 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, /* key1 */
89 {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
90 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}, /* key2 */
91 {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
92 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
93 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
94 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
95 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
96 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
97 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
98 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f}, /* iv */
99 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
100 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
101 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
102 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* in */
103 {0x14, 0x40, 0x6f, 0xae, 0xa2, 0x79, 0xf2, 0x56,
104 0x1f, 0x86, 0xeb, 0x3b, 0x7d, 0xff, 0x53, 0xdc,
105 0x4e, 0x27, 0x0c, 0x03, 0xde, 0x7c, 0xe5, 0x16,
106 0x6a, 0x9c, 0x20, 0x33, 0x9d, 0x33, 0xfe, 0x12}, /* out */
107 16, 32, AES_ENCRYPT}, /* test vector 0 */
108 {{0x58, 0x0a, 0x06, 0xe9, 0x97, 0x07, 0x59, 0x5c,
109 0x9e, 0x19, 0xd2, 0xa7, 0xbb, 0x40, 0x2b, 0x7a,
110 0xc7, 0xd8, 0x11, 0x9e, 0x4c, 0x51, 0x35, 0x75,
111 0x64, 0x28, 0x0f, 0x23, 0xad, 0x74, 0xac, 0x37}, /* key1 */
112 {0xd1, 0x80, 0xa0, 0x31, 0x47, 0xa3, 0x11, 0x13,
113 0x86, 0x26, 0x9e, 0x6d, 0xff, 0xaf, 0x72, 0x74,
114 0x5b, 0xa2, 0x35, 0x81, 0xd2, 0xa6, 0x3d, 0x21,
115 0x67, 0x7b, 0x58, 0xa8, 0x18, 0xf9, 0x72, 0xe4}, /* key2 */
116 {0x80, 0x3d, 0xbd, 0x4c, 0xe6, 0x7b, 0x06, 0xa9,
117 0x53, 0x35, 0xd5, 0x7e, 0x71, 0xc1, 0x70, 0x70,
118 0x74, 0x9a, 0x00, 0x28, 0x0c, 0xbf, 0x6c, 0x42,
119 0x9b, 0xa4, 0xdd, 0x65, 0x11, 0x77, 0x7c, 0x67,
120 0xfe, 0x76, 0x0a, 0xf0, 0xd5, 0xc6, 0x6e, 0x6a,
121 0xe7, 0x5e, 0x4c, 0xf2, 0x7e, 0x9e, 0xf9, 0x20,
122 0x0e, 0x54, 0x6f, 0x2d, 0x8a, 0x8d, 0x7e, 0xbd,
123 0x48, 0x79, 0x37, 0x99, 0xff, 0x27, 0x93, 0xa3}, /* iv */
124 {0xf1, 0x54, 0x3d, 0xca, 0xfe, 0xb5, 0xef, 0x1c,
125 0x4f, 0xa6, 0x43, 0xf6, 0xe6, 0x48, 0x57, 0xf0,
126 0xee, 0x15, 0x7f, 0xe3, 0xe7, 0x2f, 0xd0, 0x2f,
127 0x11, 0x95, 0x7a, 0x17, 0x00, 0xab, 0xa7, 0x0b,
128 0xbe, 0x44, 0x09, 0x9c, 0xcd, 0xac, 0xa8, 0x52,
129 0xa1, 0x8e, 0x7b, 0x75, 0xbc, 0xa4, 0x92, 0x5a,
130 0xab, 0x46, 0xd3, 0x3a, 0xa0, 0xd5, 0x35, 0x1c,
131 0x55, 0xa4, 0xb3, 0xa8, 0x40, 0x81, 0xa5, 0x0b}, /* in */
132 {0x42, 0xe5, 0x28, 0x30, 0x31, 0xc2, 0xa0, 0x23,
133 0x68, 0x49, 0x4e, 0xb3, 0x24, 0x59, 0x92, 0x79,
134 0xc1, 0xa5, 0xcc, 0xe6, 0x76, 0x53, 0xb1, 0xcf,
135 0x20, 0x86, 0x23, 0xe8, 0x72, 0x55, 0x99, 0x92,
136 0x0d, 0x16, 0x1c, 0x5a, 0x2f, 0xce, 0xcb, 0x51,
137 0xe2, 0x67, 0xfa, 0x10, 0xec, 0xcd, 0x3d, 0x67,
138 0xa5, 0xe6, 0xf7, 0x31, 0x26, 0xb0, 0x0d, 0x76,
139 0x5e, 0x28, 0xdc, 0x7f, 0x01, 0xc5, 0xa5, 0x4c}, /* out */
140 32, 64, AES_ENCRYPT}, /* test vector 1 */
aa6d1a0c
BL		 141
142};
143
0e534337 144static int test_ige_vectors(int n)
0f113f3e 145{
0e534337
P		 146 const struct ige_test *const v = &ige_test_vectors[n];
147 AES_KEY key;
148 unsigned char buf[MAX_VECTOR_SIZE];
149 unsigned char iv[AES_BLOCK_SIZE * 2];
150 int testresult = 1;
151
152 if (!TEST_int_le(v->length, MAX_VECTOR_SIZE))
153 return 0;
154
155 if (v->encrypt == AES_ENCRYPT)
cbe29648 156 AES_set_encrypt_key(v->key, 8 * sizeof(v->key), &key);
0e534337 157 else
cbe29648
RS		 158 AES_set_decrypt_key(v->key, 8 * sizeof(v->key), &key);
159 memcpy(iv, v->iv, sizeof(iv));
0e534337
P		 160 AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
161
162 if (!TEST_mem_eq(v->out, v->length, buf, v->length)) {
163 TEST_info("IGE test vector %d failed", n);
cbe29648
RS		 164 test_output_memory("key", v->key, sizeof(v->key));
165 test_output_memory("iv", v->iv, sizeof(v->iv));
37916462 166 test_output_memory("in", v->in, v->length);
0e534337 167 testresult = 0;
0f113f3e
MC		 168 }
169
0e534337 170 /* try with in == out */
cbe29648 171 memcpy(iv, v->iv, sizeof(iv));
0e534337
P		 172 memcpy(buf, v->in, v->length);
173 AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt);
174
175 if (!TEST_mem_eq(v->out, v->length, buf, v->length)) {
176 TEST_info("IGE test vector %d failed (with in == out)", n);
cbe29648
RS		 177 test_output_memory("key", v->key, sizeof(v->key));
178 test_output_memory("iv", v->iv, sizeof(v->iv));
37916462 179 test_output_memory("in", v->in, v->length);
0e534337 180 testresult = 0;
0f113f3e
MC		 181 }
182
0e534337 183 return testresult;
0f113f3e 184}
aa6d1a0c 185
0e534337 186static int test_bi_ige_vectors(int n)
0f113f3e 187{
0e534337
P		 188 const struct bi_ige_test *const v = &bi_ige_test_vectors[n];
189 AES_KEY key1;
0f113f3e 190 AES_KEY key2;
0e534337 191 unsigned char buf[MAX_VECTOR_SIZE];
0f113f3e 192
0e534337
P		 193 if (!TEST_int_le(v->length, MAX_VECTOR_SIZE))
194 return 0;
0f113f3e 195
0e534337
P		 196 if (v->encrypt == AES_ENCRYPT) {
197 AES_set_encrypt_key(v->key1, 8 * v->keysize, &key1);
198 AES_set_encrypt_key(v->key2, 8 * v->keysize, &key2);
199 } else {
200 AES_set_decrypt_key(v->key1, 8 * v->keysize, &key1);
201 AES_set_decrypt_key(v->key2, 8 * v->keysize, &key2);
202 }
0f113f3e 203
0e534337
P		 204 AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv,
205 v->encrypt);
0f113f3e 206
0e534337 207 if (!TEST_mem_eq(v->out, v->length, buf, v->length)) {
cbe29648
RS		 208 test_output_memory("key 1", v->key1, sizeof(v->key1));
209 test_output_memory("key 2", v->key2, sizeof(v->key2));
210 test_output_memory("iv", v->iv, sizeof(v->iv));
37916462 211 test_output_memory("in", v->in, v->length);
0e534337
P		 212 return 0;
213 }
214
215 return 1;
216}
217
218static int test_ige_enc_dec(void)
219{
220 AES_KEY key;
221 unsigned char iv[AES_BLOCK_SIZE * 4];
222 unsigned char ciphertext[BIG_TEST_SIZE];
223 unsigned char checktext[BIG_TEST_SIZE];
224
cbe29648
RS		 225 memcpy(iv, saved_iv, sizeof(iv));
226 AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
0f113f3e
MC		 227 AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv, AES_ENCRYPT);
228
cbe29648
RS		 229 AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
230 memcpy(iv, saved_iv, sizeof(iv));
0f113f3e
MC		 231 AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
232
0e534337
P		 233 return TEST_mem_eq(checktext, TEST_SIZE, plaintext, TEST_SIZE);
234}
235
236static int test_ige_enc_chaining(void)
237{
238 AES_KEY key;
239 unsigned char iv[AES_BLOCK_SIZE * 4];
240 unsigned char ciphertext[BIG_TEST_SIZE];
241 unsigned char checktext[BIG_TEST_SIZE];
0f113f3e 242
cbe29648
RS		 243 AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
244 memcpy(iv, saved_iv, sizeof(iv));
0f113f3e
MC		 245 AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
246 AES_ENCRYPT);
247 AES_ige_encrypt(plaintext + TEST_SIZE / 2,
248 ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
249 &key, iv, AES_ENCRYPT);
250
cbe29648
RS		 251 AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
252 memcpy(iv, saved_iv, sizeof(iv));
0f113f3e
MC		 253 AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
254
0e534337
P		 255 return TEST_mem_eq(checktext, TEST_SIZE, plaintext, TEST_SIZE);
256}
257
258static int test_ige_dec_chaining(void)
259{
260 AES_KEY key;
261 unsigned char iv[AES_BLOCK_SIZE * 4];
262 unsigned char ciphertext[BIG_TEST_SIZE];
263 unsigned char checktext[BIG_TEST_SIZE];
0f113f3e 264
cbe29648
RS		 265 AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
266 memcpy(iv, saved_iv, sizeof(iv));
0f113f3e
MC		 267 AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
268 AES_ENCRYPT);
269 AES_ige_encrypt(plaintext + TEST_SIZE / 2,
270 ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
271 &key, iv, AES_ENCRYPT);
272
cbe29648
RS		 273 AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
274 memcpy(iv, saved_iv, sizeof(iv));
0f113f3e
MC		 275 AES_ige_encrypt(ciphertext, checktext, TEST_SIZE / 2, &key, iv,
276 AES_DECRYPT);
277 AES_ige_encrypt(ciphertext + TEST_SIZE / 2,
278 checktext + TEST_SIZE / 2, TEST_SIZE / 2, &key, iv,
279 AES_DECRYPT);
280
0e534337
P		 281 return TEST_mem_eq(checktext, TEST_SIZE, plaintext, TEST_SIZE);
282}
283
284static int test_ige_garble_forwards(void)
285{
286 AES_KEY key;
287 unsigned char iv[AES_BLOCK_SIZE * 4];
288 unsigned char ciphertext[BIG_TEST_SIZE];
289 unsigned char checktext[BIG_TEST_SIZE];
290 unsigned int n;
291 int testresult = 1;
292 const size_t ctsize = sizeof(checktext);
293 size_t matches;
0f113f3e 294
cbe29648
RS		 295 AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
296 memcpy(iv, saved_iv, sizeof(iv));
297 AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv,
0f113f3e
MC		 298 AES_ENCRYPT);
299
300 /* corrupt halfway through */
cbe29648
RS		 301 ++ciphertext[sizeof(ciphertext) / 2];
302 AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
303 memcpy(iv, saved_iv, sizeof(iv));
304 AES_ige_encrypt(ciphertext, checktext, sizeof(checktext), &key, iv,
0f113f3e
MC		 305 AES_DECRYPT);
306
307 matches = 0;
cbe29648 308 for (n = 0; n < sizeof(checktext); ++n)
0f113f3e
MC		 309 if (checktext[n] == plaintext[n])
310 ++matches;
311
0e534337
P		 312 /* Fail if there is more than 51% matching bytes */
313 if (!TEST_size_t_le(matches, ctsize / 2 + ctsize / 100))
314 testresult = 0;
0f113f3e 315
0e534337
P		 316 /* Fail if the garble goes backwards */
317 if (!TEST_size_t_gt(matches, ctsize / 2))
318 testresult = 0;
319 return testresult;
320}
0f113f3e 321
0e534337
P		 322static int test_bi_ige_enc_dec(void)
323{
324 AES_KEY key, key2;
325 unsigned char iv[AES_BLOCK_SIZE * 4];
326 unsigned char ciphertext[BIG_TEST_SIZE];
327 unsigned char checktext[BIG_TEST_SIZE];
0f113f3e 328
cbe29648
RS		 329 memcpy(iv, saved_iv, sizeof(iv));
330 AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
331 AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
0f113f3e
MC		 332 AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
333 AES_ENCRYPT);
334
cbe29648
RS		 335 AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
336 AES_set_decrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
0f113f3e
MC		 337 AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
338 AES_DECRYPT);
339
0e534337
P		 340 return TEST_mem_eq(checktext, TEST_SIZE, plaintext, TEST_SIZE);
341}
342
343static int test_bi_ige_garble1(void)
344{
345 AES_KEY key, key2;
346 unsigned char iv[AES_BLOCK_SIZE * 4];
347 unsigned char ciphertext[BIG_TEST_SIZE];
348 unsigned char checktext[BIG_TEST_SIZE];
349 unsigned int n;
350 size_t matches;
0f113f3e 351
cbe29648
RS		 352 memcpy(iv, saved_iv, sizeof(iv));
353 AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
354 AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
355 AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv,
0f113f3e
MC		 356 AES_ENCRYPT);
357
358 /* corrupt halfway through */
cbe29648
RS		 359 ++ciphertext[sizeof(ciphertext) / 2];
360 AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
361 AES_set_decrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
362 AES_ige_encrypt(ciphertext, checktext, sizeof(checktext), &key, iv,
0f113f3e
MC		 363 AES_DECRYPT);
364
365 matches = 0;
cbe29648 366 for (n = 0; n < sizeof(checktext); ++n)
0f113f3e
MC		 367 if (checktext[n] == plaintext[n])
368 ++matches;
369
0e534337 370 /* Fail if there is more than 1% matching bytes */
cbe29648 371 return TEST_size_t_le(matches, sizeof(checktext) / 100);
0e534337
P		 372}
373
374static int test_bi_ige_garble2(void)
375{
376 AES_KEY key, key2;
377 unsigned char iv[AES_BLOCK_SIZE * 4];
378 unsigned char ciphertext[BIG_TEST_SIZE];
379 unsigned char checktext[BIG_TEST_SIZE];
380 unsigned int n;
381 size_t matches;
0f113f3e 382
cbe29648
RS		 383 memcpy(iv, saved_iv, sizeof(iv));
384 AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
385 AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
386 AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv,
0f113f3e
MC		 387 AES_ENCRYPT);
388
389 /* corrupt right at the end */
cbe29648
RS		 390 ++ciphertext[sizeof(ciphertext) - 1];
391 AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
392 AES_set_decrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
393 AES_ige_encrypt(ciphertext, checktext, sizeof(checktext), &key, iv,
0f113f3e
MC		 394 AES_DECRYPT);
395
396 matches = 0;
cbe29648 397 for (n = 0; n < sizeof(checktext); ++n)
0f113f3e
MC		 398 if (checktext[n] == plaintext[n])
399 ++matches;
400
0e534337 401 /* Fail if there is more than 1% matching bytes */
cbe29648 402 return TEST_size_t_le(matches, sizeof(checktext) / 100);
0e534337
P		 403}
404
405static int test_bi_ige_garble3(void)
406{
407 AES_KEY key, key2;
408 unsigned char iv[AES_BLOCK_SIZE * 4];
409 unsigned char ciphertext[BIG_TEST_SIZE];
410 unsigned char checktext[BIG_TEST_SIZE];
411 unsigned int n;
412 size_t matches;
0f113f3e 413
cbe29648
RS		 414 memcpy(iv, saved_iv, sizeof(iv));
415 AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key);
416 AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
417 AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv,
0f113f3e
MC		 418 AES_ENCRYPT);
419
420 /* corrupt right at the start */
421 ++ciphertext[0];
cbe29648
RS		 422 AES_set_decrypt_key(rkey, 8 * sizeof(rkey), &key);
423 AES_set_decrypt_key(rkey2, 8 * sizeof(rkey2), &key2);
424 AES_ige_encrypt(ciphertext, checktext, sizeof(checktext), &key, iv,
0f113f3e
MC		 425 AES_DECRYPT);
426
427 matches = 0;
cbe29648 428 for (n = 0; n < sizeof(checktext); ++n)
0f113f3e
MC		 429 if (checktext[n] == plaintext[n])
430 ++matches;
431
0e534337 432 /* Fail if there is more than 1% matching bytes */
cbe29648 433 return TEST_size_t_le(matches, sizeof(checktext) / 100);
0e534337 434}
0f113f3e 435
ad887416 436int setup_tests(void)
0e534337 437{
cbe29648
RS		 438 RAND_bytes(rkey, sizeof(rkey));
439 RAND_bytes(rkey2, sizeof(rkey2));
440 RAND_bytes(plaintext, sizeof(plaintext));
441 RAND_bytes(saved_iv, sizeof(saved_iv));
0e534337
P		 442
443 ADD_TEST(test_ige_enc_dec);
444 ADD_TEST(test_ige_enc_chaining);
445 ADD_TEST(test_ige_dec_chaining);
446 ADD_TEST(test_ige_garble_forwards);
447 ADD_TEST(test_bi_ige_enc_dec);
448 ADD_TEST(test_bi_ige_garble1);
449 ADD_TEST(test_bi_ige_garble2);
450 ADD_TEST(test_bi_ige_garble3);
451 ADD_ALL_TESTS(test_ige_vectors, OSSL_NELEM(ige_test_vectors));
452 ADD_ALL_TESTS(test_bi_ige_vectors, OSSL_NELEM(bi_ige_test_vectors));
ad887416 453 return 1;
0f113f3e 454}
A mirror of the official openssl repository