]>
Commit | Line | Data |
---|---|---|
f2ae2348 RL |
1 | /* |
2 | * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the OpenSSL license (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* Internal tests for the modes module */ | |
11 | ||
12 | #include <stdio.h> | |
13 | #include <string.h> | |
14 | ||
15 | #include <openssl/aes.h> | |
16 | #include <openssl/modes.h> | |
17 | #include "../crypto/modes/modes_lcl.h" | |
18 | #include "testutil.h" | |
e364c3b2 | 19 | #include "test_main_custom.h" |
f2ae2348 RL |
20 | #include "e_os.h" |
21 | ||
22 | typedef struct { | |
23 | size_t size; | |
24 | const unsigned char *data; | |
25 | } SIZED_DATA; | |
26 | ||
27 | /********************************************************************** | |
28 | * | |
29 | * Test of cts128 | |
30 | * | |
31 | ***/ | |
32 | ||
f2ae2348 RL |
33 | /* cts128 test vectors from RFC 3962 */ |
34 | static const unsigned char cts128_test_key[16] = "chicken teriyaki"; | |
35 | static const unsigned char cts128_test_input[64] = | |
36 | "I would like the" " General Gau's C" | |
37 | "hicken, please, " "and wonton soup."; | |
38 | static const unsigned char cts128_test_iv[] = | |
39 | { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; | |
40 | ||
41 | static const unsigned char vector_17[17] = { | |
42 | 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4, | |
43 | 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f, | |
44 | 0x97 | |
45 | }; | |
46 | ||
47 | static const unsigned char vector_31[31] = { | |
48 | 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1, | |
49 | 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22, | |
50 | 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, | |
51 | 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5 | |
52 | }; | |
53 | ||
54 | static const unsigned char vector_32[32] = { | |
55 | 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, | |
56 | 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8, | |
57 | 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, | |
58 | 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84 | |
59 | }; | |
60 | ||
61 | static const unsigned char vector_47[47] = { | |
62 | 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, | |
63 | 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, | |
64 | 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c, | |
65 | 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e, | |
66 | 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, | |
67 | 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5 | |
68 | }; | |
69 | ||
70 | static const unsigned char vector_48[48] = { | |
71 | 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, | |
72 | 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, | |
73 | 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0, | |
74 | 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8, | |
75 | 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, | |
76 | 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8 | |
77 | }; | |
78 | ||
79 | static const unsigned char vector_64[64] = { | |
80 | 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0, | |
81 | 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84, | |
82 | 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5, | |
83 | 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8, | |
84 | 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5, | |
85 | 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40, | |
86 | 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0, | |
87 | 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8 | |
88 | }; | |
89 | ||
90 | #define CTS128_TEST_VECTOR(len) \ | |
91 | { \ | |
92 | sizeof(vector_##len), vector_##len \ | |
93 | } | |
94 | static const SIZED_DATA cts128_vectors[] = { | |
95 | CTS128_TEST_VECTOR(17), | |
96 | CTS128_TEST_VECTOR(31), | |
97 | CTS128_TEST_VECTOR(32), | |
98 | CTS128_TEST_VECTOR(47), | |
99 | CTS128_TEST_VECTOR(48), | |
100 | CTS128_TEST_VECTOR(64), | |
101 | }; | |
102 | ||
103 | static AES_KEY *cts128_encrypt_key_schedule() | |
104 | { | |
105 | static int init_key = 1; | |
106 | static AES_KEY ks; | |
107 | ||
108 | if (init_key) { | |
109 | AES_set_encrypt_key(cts128_test_key, 128, &ks); | |
110 | init_key = 0; | |
111 | } | |
112 | return &ks; | |
113 | } | |
114 | ||
115 | static AES_KEY *cts128_decrypt_key_schedule() | |
116 | { | |
117 | static int init_key = 1; | |
118 | static AES_KEY ks; | |
119 | ||
120 | if (init_key) { | |
121 | AES_set_decrypt_key(cts128_test_key, 128, &ks); | |
122 | init_key = 0; | |
123 | } | |
124 | return &ks; | |
125 | } | |
126 | ||
d836d71b EK |
127 | typedef struct { |
128 | const char *case_name; | |
129 | int num; | |
130 | size_t (*transform_output)(const unsigned char *in, unsigned char *out, | |
131 | size_t len); | |
132 | size_t (*encrypt_block)(const unsigned char *in, | |
133 | unsigned char *out, size_t len, | |
134 | const void *key, unsigned char ivec[16], | |
135 | block128_f block); | |
136 | size_t (*encrypt)(const unsigned char *in, unsigned char *out, | |
137 | size_t len, const void *key, | |
138 | unsigned char ivec[16], cbc128_f cbc); | |
139 | size_t (*decrypt_block)(const unsigned char *in, | |
140 | unsigned char *out, size_t len, | |
141 | const void *key, unsigned char ivec[16], | |
142 | block128_f block); | |
143 | size_t (*decrypt)(const unsigned char *in, unsigned char *out, | |
144 | size_t len, const void *key, | |
145 | unsigned char ivec[16], cbc128_f cbc); | |
146 | } CTS128_FIXTURE; | |
147 | ||
148 | ||
149 | static CTS128_FIXTURE setup_cts128(const char *const test_case_name) | |
150 | { | |
151 | CTS128_FIXTURE fixture; | |
152 | fixture.case_name = test_case_name; | |
153 | return fixture; | |
154 | } | |
155 | ||
156 | static size_t transform_output(const unsigned char *in, unsigned char *out, | |
157 | size_t len) | |
158 | { | |
159 | size_t tail; | |
160 | ||
161 | memcpy(out, in, len); | |
162 | if ((tail = len % 16) == 0) | |
163 | tail = 16; | |
164 | tail += 16; | |
165 | ||
166 | return tail; | |
167 | } | |
168 | ||
169 | static size_t transform_output_nist(const unsigned char *in, unsigned char *out, | |
170 | size_t len) | |
171 | { | |
172 | size_t tail; | |
173 | ||
174 | if ((tail = len % 16) == 0) | |
175 | tail = 16; | |
176 | len -= 16 + tail; | |
177 | memcpy(out, in, len); | |
178 | /* flip two last blocks */ | |
179 | memcpy(out + len, in + len + 16, tail); | |
180 | memcpy(out + len + tail, in + len, 16); | |
181 | len += 16 + tail; | |
182 | tail = 16; | |
183 | ||
184 | return tail; | |
185 | } | |
186 | ||
187 | static int execute_cts128(CTS128_FIXTURE fixture) | |
188 | { | |
189 | const unsigned char *test_iv = cts128_test_iv; | |
190 | size_t test_iv_len = sizeof(cts128_test_iv); | |
191 | const unsigned char *orig_vector = cts128_vectors[fixture.num].data; | |
192 | size_t len = cts128_vectors[fixture.num].size; | |
193 | const unsigned char *test_input = cts128_test_input; | |
194 | const AES_KEY *encrypt_key_schedule = cts128_encrypt_key_schedule(); | |
195 | const AES_KEY *decrypt_key_schedule = cts128_decrypt_key_schedule(); | |
196 | unsigned char iv[16]; | |
197 | /* The largest test inputs are = 64 bytes. */ | |
198 | unsigned char cleartext[64], ciphertext[64], vector[64]; | |
199 | size_t tail; | |
200 | ||
201 | fprintf(stderr, "%s_vector_%" OSSLzu "\n", fixture.case_name, len); | |
202 | fflush(stdout); | |
203 | ||
204 | tail = fixture.transform_output(orig_vector, vector, len); | |
205 | ||
206 | /* test block-based encryption */ | |
207 | memcpy(iv, test_iv, test_iv_len); | |
208 | fixture.encrypt_block(test_input, ciphertext, len, | |
209 | encrypt_key_schedule, iv, | |
210 | (block128_f)AES_encrypt); | |
211 | if (memcmp(ciphertext, vector, len)) { | |
212 | fprintf(stderr, "block encrypt: output_%" OSSLzu " mismatch\n", len); | |
213 | return 0; | |
214 | } | |
215 | if (memcmp(iv, vector + len - tail, sizeof(iv))) { | |
216 | fprintf(stderr, "block encrypt: iv_%" OSSLzu " mismatch\n", len); | |
217 | return 0; | |
218 | } | |
219 | ||
220 | /* test block-based decryption */ | |
221 | memcpy(iv, test_iv, test_iv_len); | |
222 | fixture.decrypt_block(ciphertext, cleartext, len, | |
223 | decrypt_key_schedule, iv, | |
224 | (block128_f)AES_decrypt); | |
225 | if (memcmp(cleartext, test_input, len)) { | |
226 | fprintf(stderr, "block decrypt: input_%" OSSLzu " mismatch\n", len); | |
227 | return 0; | |
228 | } | |
229 | if (memcmp(iv, vector + len - tail, sizeof(iv))) { | |
230 | fprintf(stderr, "block decrypt: iv_%" OSSLzu " mismatch\n", len); | |
231 | return 0; | |
232 | } | |
233 | ||
234 | /* test streamed encryption */ | |
235 | memcpy(iv, test_iv, test_iv_len); | |
236 | fixture.encrypt(test_input, ciphertext, len, encrypt_key_schedule, | |
237 | iv, (cbc128_f) AES_cbc_encrypt); | |
238 | if (memcmp(ciphertext, vector, len)) { | |
239 | fprintf(stderr, "stream encrypt: output_%" OSSLzu " mismatch\n", len); | |
240 | return 0; | |
241 | } | |
242 | if (memcmp(iv, vector + len - tail, sizeof(iv))) { | |
243 | fprintf(stderr, "stream encrypt: iv_%" OSSLzu " mismatch\n", len); | |
244 | return 0; | |
245 | } | |
246 | ||
247 | /* test streamed decryption */ | |
248 | memcpy(iv, test_iv, test_iv_len); | |
249 | fixture.decrypt(ciphertext, cleartext, len, decrypt_key_schedule, iv, | |
250 | (cbc128_f)AES_cbc_encrypt); | |
251 | if (memcmp(cleartext, test_input, len)) { | |
252 | fprintf(stderr, "stream decrypt: input_%" OSSLzu " mismatch\n", len); | |
253 | return 0; | |
254 | } | |
255 | if (memcmp(iv, vector + len - tail, sizeof(iv))) { | |
256 | fprintf(stderr, "stream decrypt: iv_%" OSSLzu " mismatch\n", len); | |
257 | return 0; | |
258 | } | |
259 | ||
260 | return 1; | |
261 | } | |
262 | ||
263 | static int test_cts128(int idx) | |
f2ae2348 RL |
264 | { |
265 | SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128); | |
d836d71b EK |
266 | fixture.transform_output = transform_output; |
267 | fixture.encrypt_block = CRYPTO_cts128_encrypt_block; | |
268 | fixture.encrypt = CRYPTO_cts128_encrypt; | |
269 | fixture.decrypt_block = CRYPTO_cts128_decrypt_block; | |
270 | fixture.decrypt = CRYPTO_cts128_decrypt; | |
271 | fixture.case_name = "cts128"; | |
f2ae2348 | 272 | fixture.num = idx; |
d836d71b | 273 | EXECUTE_TEST_NO_TEARDOWN(execute_cts128); |
f2ae2348 RL |
274 | } |
275 | ||
d836d71b | 276 | static int test_cts128_nist(int idx) |
f2ae2348 RL |
277 | { |
278 | SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128); | |
d836d71b EK |
279 | fixture.transform_output = transform_output_nist; |
280 | fixture.encrypt_block = CRYPTO_nistcts128_encrypt_block; | |
281 | fixture.encrypt = CRYPTO_nistcts128_encrypt; | |
282 | fixture.decrypt_block = CRYPTO_nistcts128_decrypt_block; | |
283 | fixture.decrypt = CRYPTO_nistcts128_decrypt; | |
284 | fixture.case_name = "cts128_nist"; | |
f2ae2348 | 285 | fixture.num = idx; |
d836d71b | 286 | EXECUTE_TEST_NO_TEARDOWN(execute_cts128); |
f2ae2348 RL |
287 | } |
288 | ||
d836d71b EK |
289 | /********************************************************************** |
290 | * | |
291 | * Test of gcm128 | |
292 | * | |
293 | ***/ | |
294 | ||
f2ae2348 RL |
295 | /* Test Case 1 */ |
296 | static const u8 K1[16], P1[] = { 0 }, A1[] = { 0 }, IV1[12], C1[] = { 0 }; | |
297 | static const u8 T1[] = { | |
298 | 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, | |
299 | 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a | |
300 | }; | |
301 | ||
302 | /* Test Case 2 */ | |
303 | # define K2 K1 | |
304 | # define A2 A1 | |
305 | # define IV2 IV1 | |
306 | static const u8 P2[16]; | |
307 | static const u8 C2[] = { | |
308 | 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, | |
309 | 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 | |
310 | }; | |
311 | ||
312 | static const u8 T2[] = { | |
313 | 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd, | |
314 | 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf | |
315 | }; | |
316 | ||
317 | /* Test Case 3 */ | |
318 | # define A3 A2 | |
319 | static const u8 K3[] = { | |
320 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | |
321 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 | |
322 | }; | |
323 | ||
324 | static const u8 P3[] = { | |
325 | 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | |
326 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | |
327 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | |
328 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | |
329 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | |
330 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | |
331 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | |
332 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 | |
333 | }; | |
334 | ||
335 | static const u8 IV3[] = { | |
336 | 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | |
337 | 0xde, 0xca, 0xf8, 0x88 | |
338 | }; | |
339 | ||
340 | static const u8 C3[] = { | |
341 | 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, | |
342 | 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, | |
343 | 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, | |
344 | 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, | |
345 | 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, | |
346 | 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, | |
347 | 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, | |
348 | 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 | |
349 | }; | |
350 | ||
351 | static const u8 T3[] = { | |
352 | 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, | |
353 | 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 | |
354 | }; | |
355 | ||
356 | /* Test Case 4 */ | |
357 | # define K4 K3 | |
358 | # define IV4 IV3 | |
359 | static const u8 P4[] = { | |
360 | 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | |
361 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | |
362 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | |
363 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | |
364 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | |
365 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | |
366 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | |
367 | 0xba, 0x63, 0x7b, 0x39 | |
368 | }; | |
369 | ||
370 | static const u8 A4[] = { | |
371 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | |
372 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | |
373 | 0xab, 0xad, 0xda, 0xd2 | |
374 | }; | |
375 | ||
376 | static const u8 C4[] = { | |
377 | 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, | |
378 | 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, | |
379 | 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, | |
380 | 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, | |
381 | 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, | |
382 | 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, | |
383 | 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, | |
384 | 0x3d, 0x58, 0xe0, 0x91 | |
385 | }; | |
386 | ||
387 | static const u8 T4[] = { | |
388 | 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb, | |
389 | 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 | |
390 | }; | |
391 | ||
392 | /* Test Case 5 */ | |
393 | # define K5 K4 | |
394 | # define P5 P4 | |
395 | # define A5 A4 | |
396 | static const u8 IV5[] = { | |
397 | 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad | |
398 | }; | |
399 | ||
400 | static const u8 C5[] = { | |
401 | 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a, | |
402 | 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55, | |
403 | 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8, | |
404 | 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23, | |
405 | 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2, | |
406 | 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42, | |
407 | 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07, | |
408 | 0xc2, 0x3f, 0x45, 0x98 | |
409 | }; | |
410 | ||
411 | static const u8 T5[] = { | |
412 | 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85, | |
413 | 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb | |
414 | }; | |
415 | ||
416 | /* Test Case 6 */ | |
417 | # define K6 K5 | |
418 | # define P6 P5 | |
419 | # define A6 A5 | |
420 | static const u8 IV6[] = { | |
421 | 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5, | |
422 | 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa, | |
423 | 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1, | |
424 | 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28, | |
425 | 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39, | |
426 | 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54, | |
427 | 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57, | |
428 | 0xa6, 0x37, 0xb3, 0x9b | |
429 | }; | |
430 | ||
431 | static const u8 C6[] = { | |
432 | 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6, | |
433 | 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94, | |
434 | 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8, | |
435 | 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7, | |
436 | 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90, | |
437 | 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f, | |
438 | 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03, | |
439 | 0x4c, 0x34, 0xae, 0xe5 | |
440 | }; | |
441 | ||
442 | static const u8 T6[] = { | |
443 | 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa, | |
444 | 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50 | |
445 | }; | |
446 | ||
447 | /* Test Case 7 */ | |
448 | static const u8 K7[24], P7[] = { 0 }, A7[] = { 0 }, IV7[12], C7[] = { 0 }; | |
449 | static const u8 T7[] = { | |
450 | 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b, | |
451 | 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 | |
452 | }; | |
453 | ||
454 | /* Test Case 8 */ | |
455 | # define K8 K7 | |
456 | # define IV8 IV7 | |
457 | # define A8 A7 | |
458 | static const u8 P8[16]; | |
459 | static const u8 C8[] = { | |
460 | 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41, | |
461 | 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00 | |
462 | }; | |
463 | ||
464 | static const u8 T8[] = { | |
465 | 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab, | |
466 | 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb | |
467 | }; | |
468 | ||
469 | /* Test Case 9 */ | |
470 | # define A9 A8 | |
471 | static const u8 K9[] = { | |
472 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | |
473 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, | |
474 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c | |
475 | }; | |
476 | ||
477 | static const u8 P9[] = { | |
478 | 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | |
479 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | |
480 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | |
481 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | |
482 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | |
483 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | |
484 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | |
485 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 | |
486 | }; | |
487 | ||
488 | static const u8 IV9[] = { | |
489 | 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | |
490 | 0xde, 0xca, 0xf8, 0x88 | |
491 | }; | |
492 | ||
493 | static const u8 C9[] = { | |
494 | 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, | |
495 | 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, | |
496 | 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, | |
497 | 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, | |
498 | 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, | |
499 | 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, | |
500 | 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, | |
501 | 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56 | |
502 | }; | |
503 | ||
504 | static const u8 T9[] = { | |
505 | 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf, | |
506 | 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 | |
507 | }; | |
508 | ||
509 | /* Test Case 10 */ | |
510 | # define K10 K9 | |
511 | # define IV10 IV9 | |
512 | static const u8 P10[] = { | |
513 | 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | |
514 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | |
515 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | |
516 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | |
517 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | |
518 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | |
519 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | |
520 | 0xba, 0x63, 0x7b, 0x39 | |
521 | }; | |
522 | ||
523 | static const u8 A10[] = { | |
524 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | |
525 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | |
526 | 0xab, 0xad, 0xda, 0xd2 | |
527 | }; | |
528 | ||
529 | static const u8 C10[] = { | |
530 | 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, | |
531 | 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, | |
532 | 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, | |
533 | 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, | |
534 | 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, | |
535 | 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, | |
536 | 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, | |
537 | 0xcc, 0xda, 0x27, 0x10 | |
538 | }; | |
539 | ||
540 | static const u8 T10[] = { | |
541 | 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f, | |
542 | 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c | |
543 | }; | |
544 | ||
545 | /* Test Case 11 */ | |
546 | # define K11 K10 | |
547 | # define P11 P10 | |
548 | # define A11 A10 | |
549 | static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad }; | |
550 | ||
551 | static const u8 C11[] = { | |
552 | 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54, | |
553 | 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8, | |
554 | 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f, | |
555 | 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57, | |
556 | 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75, | |
557 | 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9, | |
558 | 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f, | |
559 | 0xa0, 0xf0, 0x62, 0xf7 | |
560 | }; | |
561 | ||
562 | static const u8 T11[] = { | |
563 | 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24, | |
564 | 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8 | |
565 | }; | |
566 | ||
567 | /* Test Case 12 */ | |
568 | # define K12 K11 | |
569 | # define P12 P11 | |
570 | # define A12 A11 | |
571 | static const u8 IV12[] = { | |
572 | 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5, | |
573 | 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa, | |
574 | 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1, | |
575 | 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28, | |
576 | 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39, | |
577 | 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54, | |
578 | 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57, | |
579 | 0xa6, 0x37, 0xb3, 0x9b | |
580 | }; | |
581 | ||
582 | static const u8 C12[] = { | |
583 | 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c, | |
584 | 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff, | |
585 | 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef, | |
586 | 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45, | |
587 | 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9, | |
588 | 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3, | |
589 | 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7, | |
590 | 0xe9, 0xb7, 0x37, 0x3b | |
591 | }; | |
592 | ||
593 | static const u8 T12[] = { | |
594 | 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb, | |
595 | 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9 | |
596 | }; | |
597 | ||
598 | /* Test Case 13 */ | |
599 | static const u8 K13[32], P13[] = { 0 }, A13[] = { 0 }, IV13[12], C13[] = { 0 }; | |
600 | static const u8 T13[] = { | |
601 | 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9, | |
602 | 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b | |
603 | }; | |
604 | ||
605 | /* Test Case 14 */ | |
606 | # define K14 K13 | |
607 | # define A14 A13 | |
608 | static const u8 P14[16], IV14[12]; | |
609 | static const u8 C14[] = { | |
610 | 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e, | |
611 | 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18 | |
612 | }; | |
613 | ||
614 | static const u8 T14[] = { | |
615 | 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0, | |
616 | 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 | |
617 | }; | |
618 | ||
619 | /* Test Case 15 */ | |
620 | # define A15 A14 | |
621 | static const u8 K15[] = { | |
622 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | |
623 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, | |
624 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | |
625 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 | |
626 | }; | |
627 | ||
628 | static const u8 P15[] = { | |
629 | 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | |
630 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | |
631 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | |
632 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | |
633 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | |
634 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | |
635 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | |
636 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 | |
637 | }; | |
638 | ||
639 | static const u8 IV15[] = { | |
640 | 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | |
641 | 0xde, 0xca, 0xf8, 0x88 | |
642 | }; | |
643 | ||
644 | static const u8 C15[] = { | |
645 | 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, | |
646 | 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, | |
647 | 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, | |
648 | 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, | |
649 | 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, | |
650 | 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, | |
651 | 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, | |
652 | 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad | |
653 | }; | |
654 | ||
655 | static const u8 T15[] = { | |
656 | 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd, | |
657 | 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c | |
658 | }; | |
659 | ||
660 | /* Test Case 16 */ | |
661 | # define K16 K15 | |
662 | # define IV16 IV15 | |
663 | static const u8 P16[] = { | |
664 | 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | |
665 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | |
666 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | |
667 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | |
668 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | |
669 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | |
670 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | |
671 | 0xba, 0x63, 0x7b, 0x39 | |
672 | }; | |
673 | ||
674 | static const u8 A16[] = { | |
675 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | |
676 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | |
677 | 0xab, 0xad, 0xda, 0xd2 | |
678 | }; | |
679 | ||
680 | static const u8 C16[] = { | |
681 | 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, | |
682 | 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, | |
683 | 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, | |
684 | 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, | |
685 | 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, | |
686 | 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, | |
687 | 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, | |
688 | 0xbc, 0xc9, 0xf6, 0x62 | |
689 | }; | |
690 | ||
691 | static const u8 T16[] = { | |
692 | 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, | |
693 | 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b | |
694 | }; | |
695 | ||
696 | /* Test Case 17 */ | |
697 | # define K17 K16 | |
698 | # define P17 P16 | |
699 | # define A17 A16 | |
700 | static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad }; | |
701 | ||
702 | static const u8 C17[] = { | |
703 | 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32, | |
704 | 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb, | |
705 | 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa, | |
706 | 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0, | |
707 | 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0, | |
708 | 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78, | |
709 | 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99, | |
710 | 0xf4, 0x7c, 0x9b, 0x1f | |
711 | }; | |
712 | ||
713 | static const u8 T17[] = { | |
714 | 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4, | |
715 | 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 | |
716 | }; | |
717 | ||
718 | /* Test Case 18 */ | |
719 | # define K18 K17 | |
720 | # define P18 P17 | |
721 | # define A18 A17 | |
722 | static const u8 IV18[] = { | |
723 | 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5, | |
724 | 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa, | |
725 | 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1, | |
726 | 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28, | |
727 | 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39, | |
728 | 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54, | |
729 | 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57, | |
730 | 0xa6, 0x37, 0xb3, 0x9b | |
731 | }; | |
732 | ||
733 | static const u8 C18[] = { | |
734 | 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1, | |
735 | 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20, | |
736 | 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19, | |
737 | 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4, | |
738 | 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45, | |
739 | 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde, | |
740 | 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e, | |
741 | 0x44, 0xae, 0x7e, 0x3f | |
742 | }; | |
743 | ||
744 | static const u8 T18[] = { | |
745 | 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0, | |
746 | 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a | |
747 | }; | |
748 | ||
749 | /* Test Case 19 */ | |
750 | # define K19 K1 | |
751 | # define P19 P1 | |
752 | # define IV19 IV1 | |
753 | # define C19 C1 | |
754 | static const u8 A19[] = { | |
755 | 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | |
756 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | |
757 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | |
758 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | |
759 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | |
760 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | |
761 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | |
762 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55, | |
763 | 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, | |
764 | 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, | |
765 | 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, | |
766 | 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, | |
767 | 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, | |
768 | 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, | |
769 | 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, | |
770 | 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad | |
771 | }; | |
772 | ||
773 | static const u8 T19[] = { | |
774 | 0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d, | |
775 | 0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92 | |
776 | }; | |
777 | ||
778 | /* Test Case 20 */ | |
779 | # define K20 K1 | |
780 | # define A20 A1 | |
781 | /* this results in 0xff in counter LSB */ | |
782 | static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff }; | |
783 | ||
784 | static const u8 P20[288]; | |
785 | static const u8 C20[] = { | |
786 | 0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a, | |
787 | 0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14, | |
788 | 0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce, | |
789 | 0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f, | |
790 | 0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70, | |
791 | 0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18, | |
792 | 0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf, | |
793 | 0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49, | |
794 | 0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab, | |
795 | 0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c, | |
796 | 0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c, | |
797 | 0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29, | |
798 | 0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1, | |
799 | 0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76, | |
800 | 0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2, | |
801 | 0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce, | |
802 | 0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f, | |
803 | 0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86, | |
804 | 0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb, | |
805 | 0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18, | |
806 | 0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65, | |
807 | 0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42, | |
808 | 0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b, | |
809 | 0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06, | |
810 | 0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24, | |
811 | 0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c, | |
812 | 0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4, | |
813 | 0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64, | |
814 | 0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03, | |
815 | 0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6, | |
816 | 0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90, | |
817 | 0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74, | |
818 | 0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67, | |
819 | 0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46, | |
820 | 0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78, | |
821 | 0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c | |
822 | }; | |
823 | ||
824 | static const u8 T20[] = { | |
825 | 0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a, | |
826 | 0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f | |
827 | }; | |
828 | ||
829 | #define GCM128_TEST_VECTOR(n) \ | |
830 | { \ | |
831 | {sizeof(K##n), K##n}, \ | |
832 | {sizeof(IV##n), IV##n}, \ | |
833 | {sizeof(A##n), A##n}, \ | |
834 | {sizeof(P##n), P##n}, \ | |
835 | {sizeof(C##n), C##n}, \ | |
836 | {sizeof(T##n), T##n} \ | |
837 | } | |
838 | static struct gcm128_data { | |
839 | const SIZED_DATA K; | |
840 | const SIZED_DATA IV; | |
841 | const SIZED_DATA A; | |
842 | const SIZED_DATA P; | |
843 | const SIZED_DATA C; | |
844 | const SIZED_DATA T; | |
845 | } gcm128_vectors[] = { | |
846 | GCM128_TEST_VECTOR(1), | |
847 | GCM128_TEST_VECTOR(2), | |
848 | GCM128_TEST_VECTOR(3), | |
849 | GCM128_TEST_VECTOR(4), | |
850 | GCM128_TEST_VECTOR(5), | |
851 | GCM128_TEST_VECTOR(6), | |
852 | GCM128_TEST_VECTOR(7), | |
853 | GCM128_TEST_VECTOR(8), | |
854 | GCM128_TEST_VECTOR(9), | |
855 | GCM128_TEST_VECTOR(10), | |
856 | GCM128_TEST_VECTOR(11), | |
857 | GCM128_TEST_VECTOR(12), | |
858 | GCM128_TEST_VECTOR(13), | |
859 | GCM128_TEST_VECTOR(14), | |
860 | GCM128_TEST_VECTOR(15), | |
861 | GCM128_TEST_VECTOR(16), | |
862 | GCM128_TEST_VECTOR(17), | |
863 | GCM128_TEST_VECTOR(18), | |
864 | GCM128_TEST_VECTOR(19), | |
865 | GCM128_TEST_VECTOR(20) | |
866 | }; | |
867 | ||
d836d71b | 868 | static int test_gcm128(int idx) |
f2ae2348 | 869 | { |
d836d71b EK |
870 | unsigned char out[512]; |
871 | SIZED_DATA K = gcm128_vectors[idx].K; | |
872 | SIZED_DATA IV = gcm128_vectors[idx].IV; | |
873 | SIZED_DATA A = gcm128_vectors[idx].A; | |
874 | SIZED_DATA P = gcm128_vectors[idx].P; | |
875 | SIZED_DATA C = gcm128_vectors[idx].C; | |
876 | SIZED_DATA T = gcm128_vectors[idx].T; | |
877 | GCM128_CONTEXT ctx; | |
878 | AES_KEY key; | |
879 | int err = 0; | |
880 | ||
881 | /* Size 1 inputs are special-cased to signal NULL. */ | |
882 | if (A.size == 1) | |
883 | A.data = NULL; | |
884 | if (P.size == 1) | |
885 | P.data = NULL; | |
886 | if (C.size == 1) | |
887 | C.data = NULL; | |
888 | ||
889 | AES_set_encrypt_key(K.data, K.size * 8, &key); | |
890 | ||
891 | CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt); | |
892 | CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size); | |
893 | memset(out, 0, P.size); | |
894 | if (A.data) | |
895 | CRYPTO_gcm128_aad(&ctx, A.data, A.size); | |
896 | if (P.data) | |
897 | CRYPTO_gcm128_encrypt( &ctx, P.data, out, P.size); | |
898 | if (CRYPTO_gcm128_finish(&ctx, T.data, 16) | |
899 | || (C.data && memcmp(out, C.data, P.size))) | |
900 | err++, fprintf(stderr, "encrypt test#%d failed.\n", idx); | |
901 | ||
902 | CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size); | |
903 | memset(out, 0, P.size); | |
904 | if (A.data) | |
905 | CRYPTO_gcm128_aad(&ctx, A.data, A.size); | |
906 | if (C.data) | |
907 | CRYPTO_gcm128_decrypt(&ctx, C.data, out, P.size); | |
908 | if (CRYPTO_gcm128_finish(&ctx, T.data, 16) | |
909 | || (P.data && memcmp(out, P.data, P.size))) | |
910 | err++, fprintf(stderr, "decrypt test#%d failed.\n", idx); | |
911 | ||
912 | return err == 0; | |
913 | } | |
914 | ||
915 | static void benchmark_gcm128(const unsigned char *K, size_t Klen, | |
916 | const unsigned char *IV, size_t IVlen) | |
917 | { | |
918 | #ifdef OPENSSL_CPUID_OBJ | |
919 | GCM128_CONTEXT ctx; | |
920 | AES_KEY key; | |
921 | size_t start, gcm_t, ctr_t, OPENSSL_rdtsc(); | |
922 | union { | |
923 | u64 u; | |
924 | u8 c[1024]; | |
925 | } buf; | |
926 | ||
927 | AES_set_encrypt_key(K, Klen * 8, &key); | |
928 | CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt); | |
929 | CRYPTO_gcm128_setiv(&ctx, IV, IVlen); | |
930 | ||
931 | CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf)); | |
932 | start = OPENSSL_rdtsc(); | |
933 | CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf)); | |
934 | gcm_t = OPENSSL_rdtsc() - start; | |
935 | ||
936 | CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf), | |
937 | &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres, | |
938 | (block128_f) AES_encrypt); | |
939 | start = OPENSSL_rdtsc(); | |
940 | CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf), | |
941 | &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres, | |
942 | (block128_f) AES_encrypt); | |
943 | ctr_t = OPENSSL_rdtsc() - start; | |
944 | ||
945 | printf("%.2f-%.2f=%.2f\n", | |
946 | gcm_t / (double)sizeof(buf), | |
947 | ctr_t / (double)sizeof(buf), | |
948 | (gcm_t - ctr_t) / (double)sizeof(buf)); | |
949 | # ifdef GHASH | |
950 | { | |
951 | void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16], | |
952 | const u8 *inp, size_t len) = ctx.ghash; | |
953 | ||
954 | GHASH((&ctx), buf.c, sizeof(buf)); | |
955 | start = OPENSSL_rdtsc(); | |
956 | for (i = 0; i < 100; ++i) | |
957 | GHASH((&ctx), buf.c, sizeof(buf)); | |
958 | gcm_t = OPENSSL_rdtsc() - start; | |
959 | printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i); | |
960 | } | |
961 | # endif | |
962 | #else | |
963 | fprintf(stderr, | |
964 | "Benchmarking of modes isn't available on this platform\n"); | |
965 | #endif | |
f2ae2348 RL |
966 | } |
967 | ||
e364c3b2 | 968 | int test_main(int argc, char **argv) |
f2ae2348 RL |
969 | { |
970 | int result = 0; | |
971 | int iter_argv; | |
972 | int benchmark = 0; | |
973 | ||
974 | for (iter_argv = 1; iter_argv < argc; iter_argv++) { | |
975 | if (strcmp(argv[iter_argv], "-b") == 0) | |
976 | benchmark = 1; | |
977 | else if (strcmp(argv[iter_argv], "-h") == 0) | |
978 | goto help; | |
979 | } | |
980 | ||
d836d71b EK |
981 | ADD_ALL_TESTS(test_cts128, OSSL_NELEM(cts128_vectors)); |
982 | ADD_ALL_TESTS(test_cts128_nist, OSSL_NELEM(cts128_vectors)); | |
983 | ADD_ALL_TESTS(test_gcm128, OSSL_NELEM(gcm128_vectors)); | |
f2ae2348 RL |
984 | |
985 | result = run_tests(argv[0]); | |
986 | ||
987 | if (benchmark) | |
988 | benchmark_gcm128(K1, sizeof(K1), IV1, sizeof(IV1)); | |
989 | ||
990 | return result; | |
991 | ||
992 | help: | |
993 | printf("-h\tThis help\n"); | |
994 | printf("-b\tBenchmark gcm128 in addition to the tests\n"); | |
995 | ||
996 | return 0; | |
997 | } |