From: Tomas Mraz <tomas@openssl.org>
Date: Fri, 18 Jun 2021 13:02:23 +0000 (+0200)
Subject: evp_test: Support testing of stitched TLS ciphers
X-Git-Tag: openssl-3.0.0-beta2~268
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f53c079fa55e477a48b0a891af4ee20e24e15fd7;p=thirdparty%2Fopenssl.git

evp_test: Support testing of stitched TLS ciphers

Add a few testcases.

Fixes #15749

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15827)
---

diff --git a/test/evp_test.c b/test/evp_test.c
index 6ba72b405b7..d8ddf27eaf7 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -511,13 +511,17 @@ typedef struct cipher_data_st {
     size_t plaintext_len;
     unsigned char *ciphertext;
     size_t ciphertext_len;
-    /* GCM, CCM, OCB and SIV only */
+    /* AEAD ciphers only */
     unsigned char *aad[AAD_NUM];
     size_t aad_len[AAD_NUM];
+    int tls_aad;
+    int tls_version;
     unsigned char *tag;
     const char *cts_mode;
     size_t tag_len;
     int tag_late;
+    unsigned char *mac_key;
+    size_t mac_key_len;
 } CIPHER_DATA;
 
 static int cipher_test_init(EVP_TEST *t, const char *alg)
@@ -533,22 +537,28 @@ static int cipher_test_init(EVP_TEST *t, const char *alg)
         return 1;
     }
 
+    ERR_set_mark();
     if ((cipher = fetched_cipher = EVP_CIPHER_fetch(libctx, alg, NULL)) == NULL
-        && (cipher = EVP_get_cipherbyname(alg)) == NULL)
+        && (cipher = EVP_get_cipherbyname(alg)) == NULL) {
+        /* a stitched cipher might not be available */
+        if (strstr(alg, "HMAC") != NULL) {
+            ERR_pop_to_mark();
+            t->skip = 1;
+            TEST_info("skipping, '%s' is not available", alg);
+            return 1;
+        }
+        ERR_clear_last_mark();
         return 0;
+    }
+    ERR_clear_last_mark();
 
     cdat = OPENSSL_zalloc(sizeof(*cdat));
     cdat->cipher = cipher;
     cdat->fetched_cipher = fetched_cipher;
     cdat->enc = -1;
     m = EVP_CIPHER_get_mode(cipher);
-    if (m == EVP_CIPH_GCM_MODE
-            || m == EVP_CIPH_OCB_MODE
-            || m == EVP_CIPH_SIV_MODE
-            || m == EVP_CIPH_CCM_MODE)
-        cdat->aead = m;
-    else if (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
-        cdat->aead = -1;
+    if (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
+        cdat->aead = m != 0 ? m : -1;
     else
         cdat->aead = 0;
 
@@ -571,6 +581,7 @@ static void cipher_test_cleanup(EVP_TEST *t)
     for (i = 0; i < AAD_NUM; i++)
         OPENSSL_free(cdat->aad[i]);
     OPENSSL_free(cdat->tag);
+    OPENSSL_free(cdat->mac_key);
     EVP_CIPHER_free(cdat->fetched_cipher);
 }
 
@@ -605,7 +616,11 @@ static int cipher_test_parse(EVP_TEST *t, const char *keyword,
         return 1;
     }
     if (cdat->aead) {
-        if (strcmp(keyword, "AAD") == 0) {
+        int tls_aad = 0;
+
+        if (strcmp(keyword, "TLSAAD") == 0)
+            cdat->tls_aad = tls_aad = 1;
+        if (strcmp(keyword, "AAD") == 0 || tls_aad) {
             for (i = 0; i < AAD_NUM; i++) {
                 if (cdat->aad[i] == NULL)
                     return parse_bin(value, &cdat->aad[i], &cdat->aad_len[i]);
@@ -623,6 +638,14 @@ static int cipher_test_parse(EVP_TEST *t, const char *keyword,
                 return -1;
             return 1;
         }
+        if (strcmp(keyword, "MACKey") == 0)
+            return parse_bin(value, &cdat->mac_key, &cdat->mac_key_len);
+        if (strcmp(keyword, "TLSVersion") == 0) {
+            char *endptr;
+
+            cdat->tls_version = (int)strtol(value, &endptr, 0);
+            return value[0] != '\0' && endptr[0] == '\0';
+        }
     }
 
     if (strcmp(keyword, "Operation") == 0) {
@@ -719,7 +742,7 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
             goto err;
         }
     }
-    if (expected->aead) {
+    if (expected->aead && !expected->tls_aad) {
         unsigned char *tag;
         /*
          * If encrypting or OCB just set tag length initially, otherwise
@@ -779,6 +802,7 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
     }
 
     /* Test that the cipher dup functions correctly if it is supported */
+    ERR_set_mark();
     if (EVP_CIPHER_CTX_copy(ctx, ctx_base)) {
         EVP_CIPHER_CTX_free(ctx_base);
         ctx_base = NULL;
@@ -786,6 +810,27 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
         EVP_CIPHER_CTX_free(ctx);
         ctx = ctx_base;
     }
+    ERR_pop_to_mark();
+
+    if (expected->mac_key != NULL
+        && !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY,
+                                (int)expected->mac_key_len,
+                                (void *)expected->mac_key)) {
+        t->err = "SET_MAC_KEY_ERROR";
+        goto err;
+    }
+
+    if (expected->tls_version) {
+        OSSL_PARAM params[2];
+
+        params[0] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_TLS_VERSION,
+                                             &expected->tls_version);
+        params[1] = OSSL_PARAM_construct_end();
+        if (!EVP_CIPHER_CTX_set_params(ctx, params)) {
+            t->err = "SET_TLS_VERSION_ERROR";
+            goto err;
+        }
+    }
 
     if (expected->aead == EVP_CIPH_CCM_MODE) {
         if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) {
@@ -793,7 +838,7 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
             goto err;
         }
     }
-    if (expected->aad[0] != NULL) {
+    if (expected->aad[0] != NULL && !expected->tls_aad) {
         t->err = "AAD_SET_ERROR";
         if (!frag) {
             for (i = 0; expected->aad[i] != NULL; i++) {
@@ -826,7 +871,26 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
         }
     }
 
-    if (!enc && (expected->aead == EVP_CIPH_OCB_MODE || expected->tag_late)) {
+    if (expected->tls_aad) {
+        OSSL_PARAM params[2];
+        char *tls_aad;
+
+        /* duplicate the aad as the implementation might modify it */
+        if ((tls_aad = OPENSSL_memdup(expected->aad[0],
+                                      expected->aad_len[0])) == NULL)
+            goto err;
+        params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD,
+                                                      tls_aad,
+                                                      expected->aad_len[0]);
+        params[1] = OSSL_PARAM_construct_end();
+        if (!EVP_CIPHER_CTX_set_params(ctx, params)) {
+            OPENSSL_free(tls_aad);
+            t->err = "TLS1_AAD_ERROR";
+            goto err;
+        }
+        OPENSSL_free(tls_aad);
+    } else if (!enc && (expected->aead == EVP_CIPH_OCB_MODE
+                        || expected->tag_late)) {
         if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
                                  expected->tag_len, expected->tag)) {
             t->err = "TAG_SET_ERROR";
@@ -869,10 +933,21 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
         t->err = "CIPHERFINAL_ERROR";
         goto err;
     }
+    if (!enc && expected->tls_aad) {
+        if (expected->tls_version >= TLS1_1_VERSION
+            && (EVP_CIPHER_is_a(expected->cipher, "AES-128-CBC-HMAC-SHA1")
+                || EVP_CIPHER_is_a(expected->cipher, "AES-256-CBC-HMAC-SHA1"))) {
+            tmplen -= expected->iv_len;
+            expected_out += expected->iv_len;
+            out_misalign += expected->iv_len;
+        }
+        if ((int)out_len > tmplen + tmpflen)
+            out_len = tmplen + tmpflen;
+    }
     if (!memory_err_compare(t, "VALUE_MISMATCH", expected_out, out_len,
                             tmp + out_misalign, tmplen + tmpflen))
         goto err;
-    if (enc && expected->aead) {
+    if (enc && expected->aead && !expected->tls_aad) {
         unsigned char rtag[16];
 
         if (!TEST_size_t_le(expected->tag_len, sizeof(rtag))) {
@@ -929,7 +1004,7 @@ static int cipher_test_run(EVP_TEST *t)
             return 0;
         }
     }
-    if (cdat->aead && !cdat->tag) {
+    if (cdat->aead && cdat->tag == NULL && !cdat->tls_aad) {
         t->err = "NO_TAG";
         return 0;
     }
@@ -972,10 +1047,13 @@ static int cipher_test_run(EVP_TEST *t)
 
         if (out_misalign == 1 && frag == 0) {
             /*
-             * XTS, SIV, CCM and Wrap modes have special requirements about input
-             * lengths so we don't fragment for those
+             * XTS, SIV, CCM, stitched ciphers and Wrap modes have special
+             * requirements about input lengths so we don't fragment for those
              */
             if (cdat->aead == EVP_CIPH_CCM_MODE
+                || cdat->aead == EVP_CIPH_CBC_MODE
+                || (cdat->aead == -1
+                    && EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_STREAM_CIPHER)
                 || ((EVP_CIPHER_get_flags(cdat->cipher) & EVP_CIPH_FLAG_CTS) != 0)
                 || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_SIV_MODE
                 || EVP_CIPHER_get_mode(cdat->cipher) == EVP_CIPH_XTS_MODE
diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
index 73077142cdd..bb728a925a1 100644
--- a/test/recipes/30-test_evp.t
+++ b/test/recipes/30-test_evp.t
@@ -42,6 +42,7 @@ my @files = qw(
                 evpciph_aes_common.txt
                 evpciph_aes_cts.txt
                 evpciph_aes_wrap.txt
+                evpciph_aes_stitched.txt
                 evpciph_des3_common.txt
                 evpkdf_hkdf.txt
                 evpkdf_pbkdf1.txt
@@ -90,6 +91,7 @@ my @defltfiles = qw(
                      evpciph_idea.txt
                      evpciph_rc2.txt
                      evpciph_rc4.txt
+                     evpciph_rc4_stitched.txt
                      evpciph_rc5.txt
                      evpciph_seed.txt
                      evpciph_sm4.txt
diff --git a/test/recipes/30-test_evp_data/evpciph_aes_stitched.txt b/test/recipes/30-test_evp_data/evpciph_aes_stitched.txt
new file mode 100644
index 00000000000..40e2695fb21
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_aes_stitched.txt
@@ -0,0 +1,148 @@
+Title = AES-128-CBC-HMAC-SHA1 test vectors
+
+Cipher = AES-128-CBC-HMAC-SHA1
+Key = feffe9928665731c6d6a8f9467308308
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803010050
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
+Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be147d3f2b4f8d4d1e35487059ddc688544a04dbacd1405a7b3871c3a2ab7c71c663d
+NextIV = 4dbacd1405a7b3871c3a2ab7c71c663d
+
+Cipher = AES-128-CBC-HMAC-SHA1
+Key = feffe9928665731c6d6a8f9467308308
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803010100
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be1474bcdf0b104a89ca6d419254e8f602334158d188f748c5cf4b7473c7475b4cf6c099ac13859eb2c154cd9e82e18fa12ca302ce04e466ff983cde5e06235ec89ff3bd1ac175379dee12297331e242d4272d1f177a9430e4f440bedf011552ad8a9b056c21399116a0a588f4ee1f9ed6276c413062aa140f338546f6c095de3d0b76d4711d30e3938d2d55e6e15f8d2ad6cc451f6f0f7378591d1003e664d9a2eb424039091eb69a1430de10dacd919a054214f355d9e3c25e5fc77be1a10bdbf936a8396e50f3584396d2651e8080247ac
+NextIV = 6a8396e50f3584396d2651e8080247ac
+
+Cipher = AES-128-CBC-HMAC-SHA1
+Key = feffe9928665731c6d6a8f9467308308
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 000102030405060708090a0b0c0d0e0f
+TLSAAD = 90a1b2c3e4f50617280302010a
+TLSVersion = 0x0302
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ciphertext = b83b533708bf535d0aa6e52980d53b78c3fbd8571251316bd3f79d6f08ffd302a264a758bcb00d1ee17b879a4db9ba04893e639a12df518fe1e6cad76fd368fc915e8d6c440a9b19d6296fa209152eab87943a51c2d3b3ce10df2731a0d0979c69795325841bfc1d1e0ae3f2eb736d35fa349a86bc14edfd82e3c2911440b1e9f8ebfc586cf1bfc9102b8964d1a3cc96b7845f087773e0792eae277cb4a779270a02568461e96c84aba8d836dc576ac06bc5a33f9b5d9b4df9abdd038b08a3c2ec09a36b6ea56a85fb40def07cacd154380517f479bb1c3fda3579fd30d8f64ab585edc9127b79c815c69c1fc4707a8d48bf8a1a4ed190596d9991692eb1b2e00d438c309fc883a89c71b10658b29c7bf23292fbd3f1c4e655b9dd81cf58d5ee
+NextIV = f23292fbd3f1c4e655b9dd81cf58d5ee
+
+Title = AES-256-CBC-HMAC-SHA1 test vectors
+
+Cipher = AES-256-CBC-HMAC-SHA1
+Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803010050
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
+Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a127c4b68b8b6f66251e17b22362aeb2b8f10d5fa36b8728c1ba5cf83b80a42ec
+NextIV = 8f10d5fa36b8728c1ba5cf83b80a42ec
+
+Cipher = AES-256-CBC-HMAC-SHA1
+Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803010100
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a7f33ce9e9a41c30836651d73ee2c003af03a919eb41a6d70ef814e184e740f8a96221b924d9d025ef5e7150d4ca76921a025dd146fef87da738877313f11ec8f4c558b878c28ce6a9a5011d70f58c5dbd3412cf0a32154f5a4286958a5a50a86f15119835ceccf432601e4cc688cdd682ac9620500b60c0760bb93209859823778a7f2b5bab1af259bda13d84f952af9d2f07f500dadedc41a2b6a737a1296e0b2fb96ac4da4bf71fe2f0c4a1b6fc4ddcc015035678b9bc16bd2ac368e2aa93c192991cf31f8d41ff6e9dbcb2617958a
+NextIV = 192991cf31f8d41ff6e9dbcb2617958a
+
+Cipher = AES-256-CBC-HMAC-SHA1
+Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803020100
+TLSVersion = 0x0302
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a7f33ce9e9a41c30836651d73ee2c003af03a919eb41a6d70ef814e184e740f8a96221b924d9d025ef5e7150d4ca76921a025dd146fef87da738877313f11ec8f4c558b878c28ce6a9a5011d70f58c5dbd3412cf0a32154f5a4286958a5a50a86f15119835ceccf432601e4cc688cdd682ac9620500b60c0760bb93209859823778a7f2b5bab1af259bda13d84f952af9d2f07f500dadedc41a2b6a737a1296e0b2fb96ac4da4bf71fe2f0c4a1b6fc4ddefa990f60fa2643df18624c374ab1123c6eb20cfb4fd466af6dc8b7158bfbffa
+NextIV = c6eb20cfb4fd466af6dc8b7158bfbffa
+Title = AES-128-CBC-HMAC-SHA256 test vectors
+
+Cipher = AES-128-CBC-HMAC-SHA256
+Key = feffe9928665731c6d6a8f9467308308
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803010050
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be1475fa532f91d366b01aab2cd80bcdb36c3b9221886fb45c6b4a5d10c5f85b9ccabc8a394b1a360e99e37602fea04bef8a7
+NextIV = c8a394b1a360e99e37602fea04bef8a7
+
+Cipher = AES-128-CBC-HMAC-SHA256
+Key = feffe9928665731c6d6a8f9467308308
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803010100
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
+Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be1474bcdf0b104a89ca6d419254e8f602334158d188f748c5cf4b7473c7475b4cf6c099ac13859eb2c154cd9e82e18fa12ca302ce04e466ff983cde5e06235ec89ff3bd1ac175379dee12297331e242d4272d1f177a9430e4f440bedf011552ad8a9b056c21399116a0a588f4ee1f9ed6276c413062aa140f338546f6c095de3d0b76d4711d30e3938d2d55e6e15f8d2ad6cc451f6f0f7378591d1003e664d9a2eb424039091eb69a1430de10dacd919a0543c1aad8f7044cce703801c6f5a0e05e59b19527484eb48c80fac1ebdf242e0ad0a5d8c46731f434ff05d289367b03294
+NextIV = 0a5d8c46731f434ff05d289367b03294
+
+Cipher = AES-128-CBC-HMAC-SHA256
+Key = feffe9928665731c6d6a8f9467308308
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803020100
+TLSVersion = 0x0302
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
+Ciphertext = 18bd54842828fdc0ac5a3b459f32f0be305a77944b17f62fedd4442ae60a0b0a3e1c2c23c584c86877fbd9997b415959254ea06ef046dc2e1fdafe7950a77ba94494683e01a0c495dc223a2de73be1474bcdf0b104a89ca6d419254e8f602334158d188f748c5cf4b7473c7475b4cf6c099ac13859eb2c154cd9e82e18fa12ca302ce04e466ff983cde5e06235ec89ff3bd1ac175379dee12297331e242d4272d1f177a9430e4f440bedf011552ad8a9b056c21399116a0a588f4ee1f9ed6276c413062aa140f338546f6c095de3d0b76d4711d30e3938d2d55e6e15f8d2ad6cc451f6f0f7378591d1003e664d9a2eb424039091eb69a1430de10dacd919a054c64e1c36b6c8a44e6464f6ee1eb074b04f5e0ddc25a4233734a46aa23fbbc282b3be457445a9f860b9a81ec1e183bf9d
+NextIV = b3be457445a9f860b9a81ec1e183bf9d
+
+Title = AES-256-CBC-HMAC-SHA256 test vectors
+
+Cipher = AES-256-CBC-HMAC-SHA256
+Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803010050
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
+Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1ab3870c36b5d6df802b6d1c233493b7ed073099db882aeba1f0e89c5b99760569e5e6a5da9de89a419611fbdf0fe66c73
+NextIV = e5e6a5da9de89a419611fbdf0fe66c73
+
+Cipher = AES-256-CBC-HMAC-SHA256
+Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803010100
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
+Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a7f33ce9e9a41c30836651d73ee2c003af03a919eb41a6d70ef814e184e740f8a96221b924d9d025ef5e7150d4ca76921a025dd146fef87da738877313f11ec8f4c558b878c28ce6a9a5011d70f58c5dbd3412cf0a32154f5a4286958a5a50a86f15119835ceccf432601e4cc688cdd682ac9620500b60c0760bb93209859823778a7f2b5bab1af259bda13d84f952af9d2f07f500dadedc41a2b6a737a1296e0b2fb96ac4da4bf71fe2f0c4a1b6fc4ddce4fd18473b999ffa2a8ad5e5856d2969d4f21fa16899b7af7d449a202651df30f56fd035ef961d046cd211ecf78e873
+NextIV = 0f56fd035ef961d046cd211ecf78e873
+
+Cipher = AES-256-CBC-HMAC-SHA256
+Key = 6cc028952fa7c1ee09fc78b7549ae04d79b54d40ec172333e3a4a2297b62afe5
+MACKey = cafebabefacedbaddecaf88801020304
+IV = 101112131415161718191a1b1c1d1e1f
+TLSAAD = 90a1b2c3e4f506172803020100
+TLSVersion = 0x0302
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
+Ciphertext = 261cd0c88a4d4e6db7fc263257a9f6d0ce83c1ff5f2680dc57ffd8eefdbb9c00d3d507672d105a990b2b78509978625b9d93c2bd41e3fb721abd1496553c583c67dad9b662b3d58c8540e10ed9c5ed1a7f33ce9e9a41c30836651d73ee2c003af03a919eb41a6d70ef814e184e740f8a96221b924d9d025ef5e7150d4ca76921a025dd146fef87da738877313f11ec8f4c558b878c28ce6a9a5011d70f58c5dbd3412cf0a32154f5a4286958a5a50a86f15119835ceccf432601e4cc688cdd682ac9620500b60c0760bb93209859823778a7f2b5bab1af259bda13d84f952af9d2f07f500dadedc41a2b6a737a1296e0b2fb96ac4da4bf71fe2f0c4a1b6fc4dd251087e4c03d2e28c85a9b4a835ef166b48e5b7690f332a1d8db7bd9380221891f31ee82f4b8dd9ebf540cab583a0f33
+NextIV = 1f31ee82f4b8dd9ebf540cab583a0f33
+
+Title = RC4-HMAC-MD5 test vectors
+
+Availablein = legacy
+Cipher = RC4-HMAC-MD5
+Key = d48ecc0a163a06626bd1b7e172dfb5b3
+MACKey = 5973581f63768353af37d3f51ec9f6ef
+TLSAAD = 90a1b2c3e4f506172803010050
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ciphertext = eea8eba927d9b16c640958f922b3ca43b197eea520674aa1d059156dfd4c12249e2890e8f3c72676e20fe4a30848c1cc6c12f4596d6e290b5f84745ac36959645ea4acabc84e748b2fd5e4228a2fe4f8d44460dfb9a0fce1faf00f1fc7159c3c
+Operation = ENCRYPT
+
+Availablein = legacy
+Cipher = RC4-HMAC-MD5
+Key = d48ecc0a163a06626bd1b7e172dfb5b3
+MACKey = 5973581f63768353af37d3f51ec9f6ef
+TLSAAD = 90a1b2c3e4f506172803010060
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ciphertext = eea8eba927d9b16c640958f922b3ca43b197eea520674aa1d059156dfd4c12249e2890e8f3c72676e20fe4a30848c1cc6c12f4596d6e290b5f84745ac36959645ea4acabc84e748b2fd5e4228a2fe4f8d44460dfb9a0fce1faf00f1fc7159c3c
+Operation = DECRYPT
diff --git a/test/recipes/30-test_evp_data/evpciph_rc4_stitched.txt b/test/recipes/30-test_evp_data/evpciph_rc4_stitched.txt
new file mode 100644
index 00000000000..a41ddab0f2c
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_rc4_stitched.txt
@@ -0,0 +1,22 @@
+Title = RC4-HMAC-MD5 test vectors
+
+Availablein = legacy
+Cipher = RC4-HMAC-MD5
+Key = d48ecc0a163a06626bd1b7e172dfb5b3
+MACKey = 5973581f63768353af37d3f51ec9f6ef
+TLSAAD = 90a1b2c3e4f506172803010050
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ciphertext = eea8eba927d9b16c640958f922b3ca43b197eea520674aa1d059156dfd4c12249e2890e8f3c72676e20fe4a30848c1cc6c12f4596d6e290b5f84745ac36959645ea4acabc84e748b2fd5e4228a2fe4f8d44460dfb9a0fce1faf00f1fc7159c3c
+# DECRYPT must be a separate entry due to change in TLSAAD value
+Operation = ENCRYPT
+
+Availablein = legacy
+Cipher = RC4-HMAC-MD5
+Key = d48ecc0a163a06626bd1b7e172dfb5b3
+MACKey = 5973581f63768353af37d3f51ec9f6ef
+TLSAAD = 90a1b2c3e4f506172803010060
+TLSVersion = 0x0301
+Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+Ciphertext = eea8eba927d9b16c640958f922b3ca43b197eea520674aa1d059156dfd4c12249e2890e8f3c72676e20fe4a30848c1cc6c12f4596d6e290b5f84745ac36959645ea4acabc84e748b2fd5e4228a2fe4f8d44460dfb9a0fce1faf00f1fc7159c3c
+Operation = DECRYPT