]>
Commit | Line | Data |
---|---|---|
440e5d80 | 1 | /* |
da1c088f | 2 | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
909f1a2e | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
440e5d80 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
c6fec81b P |
10 | /* |
11 | * DES low level APIs are deprecated for public use, but still ok for internal | |
12 | * use. | |
13 | */ | |
14 | #include "internal/deprecated.h" | |
15 | ||
a5bc1e85 | 16 | #include <openssl/e_os2.h> |
d02b48c6 | 17 | #include <string.h> |
f5d7a031 | 18 | |
c491a399 | 19 | #include "testutil.h" |
3d491c05 | 20 | #include "internal/nelem.h" |
c491a399 P |
21 | |
22 | #ifndef OPENSSL_NO_DES | |
0f113f3e | 23 | # include <openssl/des.h> |
d02b48c6 | 24 | |
c491a399 P |
25 | /* In case any platform doesn't use unsigned int for its checksums */ |
26 | # define TEST_cs_eq TEST_uint_eq | |
27 | ||
28 | # define DATA_BUF_SIZE 20 | |
29 | ||
d02b48c6 RE |
30 | /* tisk tisk - the test keys don't all have odd parity :-( */ |
31 | /* test data */ | |
0f113f3e MC |
32 | # define NUM_TESTS 34 |
33 | static unsigned char key_data[NUM_TESTS][8] = { | |
34 | {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, | |
35 | {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, | |
36 | {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, | |
37 | {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, | |
38 | {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, | |
39 | {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, | |
40 | {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, | |
41 | {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}, | |
42 | {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57}, | |
43 | {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E}, | |
44 | {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86}, | |
45 | {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E}, | |
46 | {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6}, | |
47 | {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE}, | |
48 | {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6}, | |
49 | {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE}, | |
50 | {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16}, | |
51 | {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F}, | |
52 | {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46}, | |
53 | {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E}, | |
54 | {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76}, | |
55 | {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07}, | |
56 | {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F}, | |
57 | {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7}, | |
58 | {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, | |
59 | {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6}, | |
60 | {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF}, | |
61 | {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, | |
62 | {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, | |
63 | {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, | |
64 | {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, | |
65 | {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, | |
66 | {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, | |
67 | {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10} | |
68 | }; | |
69 | ||
70 | static unsigned char plain_data[NUM_TESTS][8] = { | |
71 | {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, | |
72 | {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, | |
73 | {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, | |
74 | {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, | |
75 | {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, | |
76 | {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, | |
77 | {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, | |
78 | {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, | |
79 | {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42}, | |
80 | {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA}, | |
81 | {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72}, | |
82 | {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A}, | |
83 | {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2}, | |
84 | {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A}, | |
85 | {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2}, | |
86 | {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A}, | |
87 | {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02}, | |
88 | {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A}, | |
89 | {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32}, | |
90 | {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA}, | |
91 | {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62}, | |
92 | {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2}, | |
93 | {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA}, | |
94 | {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92}, | |
95 | {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A}, | |
96 | {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2}, | |
97 | {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A}, | |
98 | {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, | |
99 | {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, | |
100 | {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF}, | |
101 | {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, | |
102 | {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, | |
103 | {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, | |
104 | {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF} | |
105 | }; | |
106 | ||
107 | static unsigned char cipher_data[NUM_TESTS][8] = { | |
108 | {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7}, | |
109 | {0x73, 0x59, 0xB2, 0x16, 0x3E, 0x4E, 0xDC, 0x58}, | |
110 | {0x95, 0x8E, 0x6E, 0x62, 0x7A, 0x05, 0x55, 0x7B}, | |
111 | {0xF4, 0x03, 0x79, 0xAB, 0x9E, 0x0E, 0xC5, 0x33}, | |
112 | {0x17, 0x66, 0x8D, 0xFC, 0x72, 0x92, 0x53, 0x2D}, | |
113 | {0x8A, 0x5A, 0xE1, 0xF8, 0x1A, 0xB8, 0xF2, 0xDD}, | |
114 | {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7}, | |
115 | {0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4}, | |
116 | {0x69, 0x0F, 0x5B, 0x0D, 0x9A, 0x26, 0x93, 0x9B}, | |
117 | {0x7A, 0x38, 0x9D, 0x10, 0x35, 0x4B, 0xD2, 0x71}, | |
118 | {0x86, 0x8E, 0xBB, 0x51, 0xCA, 0xB4, 0x59, 0x9A}, | |
119 | {0x71, 0x78, 0x87, 0x6E, 0x01, 0xF1, 0x9B, 0x2A}, | |
120 | {0xAF, 0x37, 0xFB, 0x42, 0x1F, 0x8C, 0x40, 0x95}, | |
121 | {0x86, 0xA5, 0x60, 0xF1, 0x0E, 0xC6, 0xD8, 0x5B}, | |
122 | {0x0C, 0xD3, 0xDA, 0x02, 0x00, 0x21, 0xDC, 0x09}, | |
123 | {0xEA, 0x67, 0x6B, 0x2C, 0xB7, 0xDB, 0x2B, 0x7A}, | |
124 | {0xDF, 0xD6, 0x4A, 0x81, 0x5C, 0xAF, 0x1A, 0x0F}, | |
125 | {0x5C, 0x51, 0x3C, 0x9C, 0x48, 0x86, 0xC0, 0x88}, | |
126 | {0x0A, 0x2A, 0xEE, 0xAE, 0x3F, 0xF4, 0xAB, 0x77}, | |
127 | {0xEF, 0x1B, 0xF0, 0x3E, 0x5D, 0xFA, 0x57, 0x5A}, | |
128 | {0x88, 0xBF, 0x0D, 0xB6, 0xD7, 0x0D, 0xEE, 0x56}, | |
129 | {0xA1, 0xF9, 0x91, 0x55, 0x41, 0x02, 0x0B, 0x56}, | |
130 | {0x6F, 0xBF, 0x1C, 0xAF, 0xCF, 0xFD, 0x05, 0x56}, | |
131 | {0x2F, 0x22, 0xE4, 0x9B, 0xAB, 0x7C, 0xA1, 0xAC}, | |
132 | {0x5A, 0x6B, 0x61, 0x2C, 0xC2, 0x6C, 0xCE, 0x4A}, | |
133 | {0x5F, 0x4C, 0x03, 0x8E, 0xD1, 0x2B, 0x2E, 0x41}, | |
134 | {0x63, 0xFA, 0xC0, 0xD0, 0x34, 0xD9, 0xF7, 0x93}, | |
135 | {0x61, 0x7B, 0x3A, 0x0C, 0xE8, 0xF0, 0x71, 0x00}, | |
136 | {0xDB, 0x95, 0x86, 0x05, 0xF8, 0xC8, 0xC6, 0x06}, | |
137 | {0xED, 0xBF, 0xD1, 0xC6, 0x6C, 0x29, 0xCC, 0xC7}, | |
138 | {0x35, 0x55, 0x50, 0xB2, 0x15, 0x0E, 0x24, 0x51}, | |
139 | {0xCA, 0xAA, 0xAF, 0x4D, 0xEA, 0xF1, 0xDB, 0xAE}, | |
140 | {0xD5, 0xD4, 0x4F, 0xF7, 0x20, 0x68, 0x3D, 0x0D}, | |
141 | {0x2A, 0x2B, 0xB0, 0x08, 0xDF, 0x97, 0xC2, 0xF2} | |
142 | }; | |
143 | ||
144 | static unsigned char cipher_ecb2[NUM_TESTS - 1][8] = { | |
145 | {0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E}, | |
146 | {0x19, 0x9E, 0x9D, 0x6D, 0xF3, 0x9A, 0xA8, 0x16}, | |
147 | {0x2A, 0x4B, 0x4D, 0x24, 0x52, 0x43, 0x84, 0x27}, | |
148 | {0x35, 0x84, 0x3C, 0x01, 0x9D, 0x18, 0xC5, 0xB6}, | |
149 | {0x4A, 0x5B, 0x2F, 0x42, 0xAA, 0x77, 0x19, 0x25}, | |
150 | {0xA0, 0x6B, 0xA9, 0xB8, 0xCA, 0x5B, 0x17, 0x8A}, | |
151 | {0xAB, 0x9D, 0xB7, 0xFB, 0xED, 0x95, 0xF2, 0x74}, | |
152 | {0x3D, 0x25, 0x6C, 0x23, 0xA7, 0x25, 0x2F, 0xD6}, | |
153 | {0xB7, 0x6F, 0xAB, 0x4F, 0xBD, 0xBD, 0xB7, 0x67}, | |
154 | {0x8F, 0x68, 0x27, 0xD6, 0x9C, 0xF4, 0x1A, 0x10}, | |
155 | {0x82, 0x57, 0xA1, 0xD6, 0x50, 0x5E, 0x81, 0x85}, | |
156 | {0xA2, 0x0F, 0x0A, 0xCD, 0x80, 0x89, 0x7D, 0xFA}, | |
157 | {0xCD, 0x2A, 0x53, 0x3A, 0xDB, 0x0D, 0x7E, 0xF3}, | |
158 | {0xD2, 0xC2, 0xBE, 0x27, 0xE8, 0x1B, 0x68, 0xE3}, | |
159 | {0xE9, 0x24, 0xCF, 0x4F, 0x89, 0x3C, 0x5B, 0x0A}, | |
160 | {0xA7, 0x18, 0xC3, 0x9F, 0xFA, 0x9F, 0xD7, 0x69}, | |
161 | {0x77, 0x2C, 0x79, 0xB1, 0xD2, 0x31, 0x7E, 0xB1}, | |
162 | {0x49, 0xAB, 0x92, 0x7F, 0xD0, 0x22, 0x00, 0xB7}, | |
163 | {0xCE, 0x1C, 0x6C, 0x7D, 0x85, 0xE3, 0x4A, 0x6F}, | |
164 | {0xBE, 0x91, 0xD6, 0xE1, 0x27, 0xB2, 0xE9, 0x87}, | |
165 | {0x70, 0x28, 0xAE, 0x8F, 0xD1, 0xF5, 0x74, 0x1A}, | |
166 | {0xAA, 0x37, 0x80, 0xBB, 0xF3, 0x22, 0x1D, 0xDE}, | |
167 | {0xA6, 0xC4, 0xD2, 0x5E, 0x28, 0x93, 0xAC, 0xB3}, | |
168 | {0x22, 0x07, 0x81, 0x5A, 0xE4, 0xB7, 0x1A, 0xAD}, | |
169 | {0xDC, 0xCE, 0x05, 0xE7, 0x07, 0xBD, 0xF5, 0x84}, | |
170 | {0x26, 0x1D, 0x39, 0x2C, 0xB3, 0xBA, 0xA5, 0x85}, | |
171 | {0xB4, 0xF7, 0x0F, 0x72, 0xFB, 0x04, 0xF0, 0xDC}, | |
172 | {0x95, 0xBA, 0xA9, 0x4E, 0x87, 0x36, 0xF2, 0x89}, | |
173 | {0xD4, 0x07, 0x3A, 0xF1, 0x5A, 0x17, 0x82, 0x0E}, | |
174 | {0xEF, 0x6F, 0xAF, 0xA7, 0x66, 0x1A, 0x7E, 0x89}, | |
175 | {0xC1, 0x97, 0xF5, 0x58, 0x74, 0x8A, 0x20, 0xE7}, | |
176 | {0x43, 0x34, 0xCF, 0xDA, 0x22, 0xC4, 0x86, 0xC8}, | |
177 | {0x08, 0xD7, 0xB4, 0xFB, 0x62, 0x9D, 0x08, 0x85} | |
178 | }; | |
179 | ||
180 | static unsigned char cbc_key[8] = | |
181 | { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; | |
182 | static unsigned char cbc2_key[8] = | |
183 | { 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86 }; | |
184 | static unsigned char cbc3_key[8] = | |
185 | { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }; | |
186 | static unsigned char cbc_iv[8] = | |
187 | { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }; | |
188 | /* | |
189 | * Changed the following text constant to binary so it will work on ebcdic | |
190 | * machines :-) | |
191 | */ | |
58964a49 | 192 | /* static char cbc_data[40]="7654321 Now is the time for \0001"; */ |
0f113f3e MC |
193 | static unsigned char cbc_data[40] = { |
194 | 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20, | |
195 | 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74, | |
196 | 0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20, | |
197 | 0x66, 0x6F, 0x72, 0x20, 0x00, 0x31, 0x00, 0x00, | |
198 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
199 | }; | |
200 | ||
201 | static unsigned char cbc_ok[32] = { | |
202 | 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, | |
203 | 0xac, 0xd8, 0xae, 0xfd, 0xdf, 0xd8, 0xa1, 0xeb, | |
204 | 0x46, 0x8e, 0x91, 0x15, 0x78, 0x88, 0xba, 0x68, | |
205 | 0x1d, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 | |
206 | }; | |
207 | ||
208 | # ifdef SCREW_THE_PARITY | |
60250017 | 209 | # error "SCREW_THE_PARITY is not meant to be defined." |
0f113f3e MC |
210 | # error "Original vectors are preserved for reference only." |
211 | static unsigned char cbc2_key[8] = | |
212 | { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 }; | |
213 | static unsigned char xcbc_ok[32] = { | |
214 | 0x86, 0x74, 0x81, 0x0D, 0x61, 0xA4, 0xA5, 0x48, | |
215 | 0xB9, 0x93, 0x03, 0xE1, 0xB8, 0xBB, 0xBD, 0xBD, | |
216 | 0x64, 0x30, 0x0B, 0xB9, 0x06, 0x65, 0x81, 0x76, | |
217 | 0x04, 0x1D, 0x77, 0x62, 0x17, 0xCA, 0x2B, 0xD2, | |
218 | }; | |
219 | # else | |
220 | static unsigned char xcbc_ok[32] = { | |
221 | 0x84, 0x6B, 0x29, 0x14, 0x85, 0x1E, 0x9A, 0x29, | |
222 | 0x54, 0x73, 0x2F, 0x8A, 0xA0, 0xA6, 0x11, 0xC1, | |
223 | 0x15, 0xCD, 0xC2, 0xD7, 0x95, 0x1B, 0x10, 0x53, | |
224 | 0xA6, 0x3C, 0x5E, 0x03, 0xB2, 0x1A, 0xA3, 0xC4, | |
225 | }; | |
226 | # endif | |
227 | ||
228 | static unsigned char cbc3_ok[32] = { | |
229 | 0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0, | |
230 | 0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC, | |
231 | 0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4, | |
232 | 0x1C, 0x67, 0x38, 0x12, 0xCF, 0xDE, 0x96, 0x75 | |
233 | }; | |
234 | ||
235 | static unsigned char pcbc_ok[32] = { | |
236 | 0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4, | |
237 | 0x6d, 0xec, 0xb4, 0x70, 0xa0, 0xe5, 0x6b, 0x15, | |
238 | 0xae, 0xa6, 0xbf, 0x61, 0xed, 0x7d, 0x9c, 0x9f, | |
239 | 0xf7, 0x17, 0x46, 0x3b, 0x8a, 0xb3, 0xcc, 0x88 | |
240 | }; | |
241 | ||
242 | static unsigned char cfb_key[8] = | |
243 | { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; | |
244 | static unsigned char cfb_iv[8] = | |
245 | { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef }; | |
246 | static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8]; | |
247 | static unsigned char plain[24] = { | |
248 | 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, | |
249 | 0x20, 0x74, 0x68, 0x65, 0x20, 0x74, | |
250 | 0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f, | |
251 | 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20 | |
252 | }; | |
253 | ||
254 | static unsigned char cfb_cipher8[24] = { | |
255 | 0xf3, 0x1f, 0xda, 0x07, 0x01, 0x14, 0x62, 0xee, 0x18, 0x7f, 0x43, 0xd8, | |
256 | 0x0a, 0x7c, 0xd9, 0xb5, 0xb0, 0xd2, 0x90, 0xda, 0x6e, 0x5b, 0x9a, 0x87 | |
257 | }; | |
258 | ||
259 | static unsigned char cfb_cipher16[24] = { | |
260 | 0xF3, 0x09, 0x87, 0x87, 0x7F, 0x57, 0xF7, 0x3C, 0x36, 0xB6, 0xDB, 0x70, | |
261 | 0xD8, 0xD5, 0x34, 0x19, 0xD3, 0x86, 0xB2, 0x23, 0xB7, 0xB2, 0xAD, 0x1B | |
262 | }; | |
263 | ||
264 | static unsigned char cfb_cipher32[24] = { | |
265 | 0xF3, 0x09, 0x62, 0x49, 0xA4, 0xDF, 0xA4, 0x9F, 0x33, 0xDC, 0x7B, 0xAD, | |
266 | 0x4C, 0xC8, 0x9F, 0x64, 0xE4, 0x53, 0xE5, 0xEC, 0x67, 0x20, 0xDA, 0xB6 | |
267 | }; | |
268 | ||
269 | static unsigned char cfb_cipher48[24] = { | |
270 | 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x30, 0xB5, 0x15, 0xEC, 0xBB, 0x85, | |
271 | 0x97, 0x5A, 0x13, 0x8C, 0x68, 0x60, 0xE2, 0x38, 0x34, 0x3C, 0xDC, 0x1F | |
272 | }; | |
273 | ||
274 | static unsigned char cfb_cipher64[24] = { | |
275 | 0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x6E, 0x51, 0xA6, 0x9E, 0x83, 0x9B, | |
276 | 0x1A, 0x92, 0xF7, 0x84, 0x03, 0x46, 0x71, 0x33, 0x89, 0x8E, 0xA6, 0x22 | |
277 | }; | |
278 | ||
279 | static unsigned char ofb_key[8] = | |
280 | { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; | |
281 | static unsigned char ofb_iv[8] = | |
282 | { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef }; | |
283 | static unsigned char ofb_buf1[24], ofb_buf2[24], ofb_tmp[8]; | |
284 | static unsigned char ofb_cipher[24] = { | |
285 | 0xf3, 0x09, 0x62, 0x49, 0xc7, 0xf4, 0x6e, 0x51, | |
286 | 0x35, 0xf2, 0x4a, 0x24, 0x2e, 0xeb, 0x3d, 0x3f, | |
287 | 0x3d, 0x6d, 0x5b, 0xe3, 0x25, 0x5a, 0xf8, 0xc3 | |
288 | }; | |
0f113f3e | 289 | static DES_LONG cbc_cksum_ret = 0xF7FE62B4L; |
0f113f3e MC |
290 | static unsigned char cbc_cksum_data[8] = |
291 | { 0x1D, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 }; | |
d02b48c6 | 292 | |
c491a399 | 293 | static char *pt(const unsigned char *p, char buf[DATA_BUF_SIZE]) |
0f113f3e | 294 | { |
c491a399 P |
295 | char *ret; |
296 | int i; | |
4b6ae3c3 | 297 | static const char *f = "0123456789ABCDEF"; |
c491a399 P |
298 | |
299 | ret = &(buf[0]); | |
300 | for (i = 0; i < 8; i++) { | |
301 | ret[i * 2] = f[(p[i] >> 4) & 0xf]; | |
302 | ret[i * 2 + 1] = f[p[i] & 0xf]; | |
303 | } | |
304 | ret[16] = '\0'; | |
305 | return ret; | |
306 | } | |
bd91e3c8 | 307 | |
c491a399 P |
308 | static int test_des_ecb(int i) |
309 | { | |
310 | DES_key_schedule ks; | |
311 | DES_cblock in, out, outin; | |
312 | char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE]; | |
313 | ||
314 | DES_set_key_unchecked(&key_data[i], &ks); | |
315 | memcpy(in, plain_data[i], 8); | |
316 | memset(out, 0, 8); | |
317 | memset(outin, 0, 8); | |
318 | DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT); | |
319 | DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT); | |
320 | ||
321 | if (!TEST_mem_eq(out, 8, cipher_data[i], 8)) { | |
322 | TEST_info("Encryption error %2d k=%s p=%s", i + 1, | |
323 | pt(key_data[i], b1), pt(in, b2)); | |
324 | return 0; | |
325 | } | |
326 | if (!TEST_mem_eq(in, 8, outin, 8)) { | |
327 | TEST_info("Decryption error %2d k=%s p=%s", i + 1, | |
328 | pt(key_data[i], b1), pt(out, b2)); | |
329 | return 0; | |
330 | } | |
331 | return 1; | |
332 | } | |
333 | ||
334 | static int test_des_ede_ecb(int i) | |
335 | { | |
336 | DES_cblock in, out, outin; | |
24956ca0 | 337 | DES_key_schedule ks, ks2, ks3; |
c491a399 P |
338 | char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE]; |
339 | ||
340 | DES_set_key_unchecked(&key_data[i], &ks); | |
341 | DES_set_key_unchecked(&key_data[i + 1], &ks2); | |
342 | DES_set_key_unchecked(&key_data[i + 2], &ks3); | |
343 | memcpy(in, plain_data[i], 8); | |
344 | memset(out, 0, 8); | |
345 | memset(outin, 0, 8); | |
346 | DES_ecb3_encrypt(&in, &out, &ks, &ks2, &ks, DES_ENCRYPT); | |
347 | DES_ecb3_encrypt(&out, &outin, &ks, &ks2, &ks, DES_DECRYPT); | |
348 | ||
349 | if (!TEST_mem_eq(out, 8, cipher_ecb2[i], 8)) { | |
350 | TEST_info("Encryption error %2d k=%s p=%s", i + 1, | |
351 | pt(key_data[i], b1), pt(in, b2)); | |
352 | return 0; | |
353 | } | |
354 | if (!TEST_mem_eq(in, 8, outin, 8)) { | |
355 | TEST_info("Decryption error %2d k=%s p=%s ", i + 1, | |
356 | pt(key_data[i], b1), pt(out, b2)); | |
357 | return 0; | |
358 | } | |
359 | return 1; | |
360 | } | |
361 | ||
362 | static int test_des_cbc(void) | |
363 | { | |
0f113f3e MC |
364 | unsigned char cbc_in[40]; |
365 | unsigned char cbc_out[40]; | |
c491a399 P |
366 | DES_cblock iv3; |
367 | DES_key_schedule ks; | |
368 | const size_t cbc_data_len = strlen((char *)cbc_data); | |
0f113f3e | 369 | |
c491a399 P |
370 | if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) |
371 | return 0; | |
372 | memset(cbc_out, 0, sizeof(cbc_out)); | |
373 | memset(cbc_in, 0, sizeof(cbc_in)); | |
0f113f3e | 374 | memcpy(iv3, cbc_iv, sizeof(cbc_iv)); |
c491a399 | 375 | DES_ncbc_encrypt(cbc_data, cbc_out, cbc_data_len + 1, &ks, |
0f113f3e | 376 | &iv3, DES_ENCRYPT); |
c491a399 P |
377 | if (!TEST_mem_eq(cbc_out, 32, cbc_ok, 32)) |
378 | return 0; | |
0f113f3e MC |
379 | |
380 | memcpy(iv3, cbc_iv, sizeof(cbc_iv)); | |
c491a399 | 381 | DES_ncbc_encrypt(cbc_out, cbc_in, cbc_data_len + 1, &ks, |
0f113f3e | 382 | &iv3, DES_DECRYPT); |
c491a399 P |
383 | return TEST_mem_eq(cbc_in, cbc_data_len, cbc_data, cbc_data_len); |
384 | } | |
385 | ||
386 | static int test_des_ede_cbc(void) | |
387 | { | |
388 | DES_cblock iv3; | |
389 | DES_key_schedule ks; | |
390 | unsigned char cbc_in[40]; | |
391 | unsigned char cbc_out[40]; | |
392 | const size_t n = strlen((char *)cbc_data) + 1; | |
393 | ||
394 | if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) | |
395 | return 0; | |
396 | memset(cbc_out, 0, sizeof(cbc_out)); | |
397 | memset(cbc_in, 0, sizeof(cbc_in)); | |
0f113f3e | 398 | memcpy(iv3, cbc_iv, sizeof(cbc_iv)); |
c491a399 P |
399 | DES_xcbc_encrypt(cbc_data, cbc_out, n, &ks, &iv3, &cbc2_key, &cbc3_key, |
400 | DES_ENCRYPT); | |
401 | if (!TEST_mem_eq(cbc_out, sizeof(xcbc_ok), xcbc_ok, sizeof(xcbc_ok))) | |
402 | return 0; | |
0f113f3e | 403 | memcpy(iv3, cbc_iv, sizeof(cbc_iv)); |
c491a399 P |
404 | DES_xcbc_encrypt(cbc_out, cbc_in, n, &ks, &iv3, &cbc2_key, &cbc3_key, |
405 | DES_DECRYPT); | |
406 | return TEST_mem_eq(cbc_data, n, cbc_data, n); | |
407 | } | |
0f113f3e | 408 | |
c491a399 P |
409 | static int test_ede_cbc(void) |
410 | { | |
411 | DES_cblock iv3; | |
412 | DES_key_schedule ks, ks2, ks3; | |
413 | unsigned char cbc_in[40]; | |
414 | unsigned char cbc_out[40]; | |
415 | const size_t i = strlen((char *)cbc_data) + 1; | |
416 | const size_t n = (i + 7) / 8 * 8; | |
417 | ||
418 | if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) | |
419 | return 0; | |
420 | if (!TEST_int_eq(DES_set_key_checked(&cbc2_key, &ks2), 0)) | |
421 | return 0; | |
422 | if (!TEST_int_eq(DES_set_key_checked(&cbc3_key, &ks3), 0)) | |
423 | return 0; | |
424 | memset(cbc_out, 0, sizeof(cbc_out)); | |
425 | memset(cbc_in, 0, sizeof(cbc_in)); | |
0f113f3e MC |
426 | memcpy(iv3, cbc_iv, sizeof(cbc_iv)); |
427 | ||
24956ca0 | 428 | DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, |
0f113f3e | 429 | DES_ENCRYPT); |
c491a399 | 430 | DES_ede3_cbc_encrypt(&cbc_data[16], &cbc_out[16], i - 16, &ks, &ks2, |
24956ca0 | 431 | &ks3, &iv3, DES_ENCRYPT); |
c491a399 P |
432 | if (!TEST_mem_eq(cbc_out, n, cbc3_ok, n)) |
433 | return 0; | |
0f113f3e MC |
434 | |
435 | memcpy(iv3, cbc_iv, sizeof(cbc_iv)); | |
c491a399 P |
436 | DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, |
437 | DES_DECRYPT); | |
438 | return TEST_mem_eq(cbc_in, i, cbc_data, i); | |
439 | } | |
440 | ||
441 | static int test_input_align(int i) | |
442 | { | |
443 | unsigned char cbc_out[40]; | |
444 | DES_cblock iv; | |
445 | DES_key_schedule ks; | |
446 | const size_t n = strlen(i + (char *)cbc_data) + 1; | |
447 | ||
448 | memset(cbc_out, 0, sizeof(cbc_out)); | |
449 | memcpy(iv, cbc_iv, sizeof(cbc_iv)); | |
450 | if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) | |
451 | return 0; | |
452 | DES_ncbc_encrypt(&cbc_data[i], cbc_out, n, &ks, &iv, DES_ENCRYPT); | |
453 | return 1; | |
454 | } | |
455 | ||
456 | static int test_output_align(int i) | |
457 | { | |
458 | unsigned char cbc_out[40]; | |
459 | DES_cblock iv; | |
460 | DES_key_schedule ks; | |
461 | const size_t n = strlen((char *)cbc_data) + 1; | |
462 | ||
463 | memset(cbc_out, 0, sizeof(cbc_out)); | |
464 | memcpy(iv, cbc_iv, sizeof(cbc_iv)); | |
465 | if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) | |
466 | return 0; | |
467 | DES_ncbc_encrypt(cbc_data, &cbc_out[i], n, &ks, &iv, DES_ENCRYPT); | |
468 | return 1; | |
469 | } | |
470 | ||
471 | static int test_des_crypt(void) | |
472 | { | |
473 | if (!TEST_str_eq("efGnQx2725bI2", DES_crypt("testing", "ef"))) | |
474 | return 0; | |
475 | if (!TEST_str_eq("yA1Rp/1hZXIJk", DES_crypt("bca76;23", "yA"))) | |
476 | return 0; | |
477 | ||
478 | if (!TEST_ptr_null(DES_crypt("testing", "y\202"))) | |
479 | return 0; | |
480 | if (!TEST_ptr_null(DES_crypt("testing", "\0A"))) | |
481 | return 0; | |
482 | if (!TEST_ptr_null(DES_crypt("testing", "A"))) | |
483 | return 0; | |
484 | return 1; | |
485 | } | |
486 | ||
487 | static int test_des_pcbc(void) | |
488 | { | |
489 | unsigned char cbc_in[40]; | |
490 | unsigned char cbc_out[40]; | |
491 | DES_key_schedule ks; | |
492 | const int n = strlen((char *)cbc_data) + 1; | |
493 | ||
494 | if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) | |
495 | return 0; | |
496 | memset(cbc_out, 0, sizeof(cbc_out)); | |
497 | memset(cbc_in, 0, sizeof(cbc_in)); | |
498 | DES_pcbc_encrypt(cbc_data, cbc_out, n, &ks, | |
0f113f3e | 499 | &cbc_iv, DES_ENCRYPT); |
c491a399 P |
500 | if (!TEST_mem_eq(cbc_out, sizeof(pcbc_ok), pcbc_ok, sizeof(pcbc_ok))) |
501 | return 0; | |
502 | DES_pcbc_encrypt(cbc_out, cbc_in, n, &ks, | |
0f113f3e | 503 | &cbc_iv, DES_DECRYPT); |
c491a399 P |
504 | return TEST_mem_eq(cbc_in, n, cbc_data, n); |
505 | } | |
0f113f3e | 506 | |
c491a399 P |
507 | static int cfb_test(int bits, unsigned char *cfb_cipher) |
508 | { | |
509 | DES_key_schedule ks; | |
510 | ||
511 | DES_set_key_checked(&cfb_key, &ks); | |
512 | memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); | |
513 | DES_cfb_encrypt(plain, cfb_buf1, bits, sizeof(plain), &ks, &cfb_tmp, | |
514 | DES_ENCRYPT); | |
515 | if (!TEST_mem_eq(cfb_cipher, sizeof(plain), cfb_buf1, sizeof(plain))) | |
516 | return 0; | |
517 | memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); | |
518 | DES_cfb_encrypt(cfb_buf1, cfb_buf2, bits, sizeof(plain), &ks, &cfb_tmp, | |
519 | DES_DECRYPT); | |
520 | return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); | |
521 | } | |
522 | ||
523 | static int test_des_cfb8(void) | |
524 | { | |
525 | return cfb_test(8, cfb_cipher8); | |
526 | } | |
527 | ||
528 | static int test_des_cfb16(void) | |
529 | { | |
530 | return cfb_test(16, cfb_cipher16); | |
531 | } | |
532 | ||
533 | static int test_des_cfb32(void) | |
534 | { | |
535 | return cfb_test(32, cfb_cipher32); | |
536 | } | |
537 | ||
538 | static int test_des_cfb48(void) | |
539 | { | |
540 | return cfb_test(48, cfb_cipher48); | |
541 | } | |
542 | ||
543 | static int test_des_cfb64(void) | |
544 | { | |
545 | DES_key_schedule ks; | |
546 | int n; | |
547 | size_t i; | |
548 | ||
549 | if (!cfb_test(64, cfb_cipher64)) | |
550 | return 0; | |
551 | ||
552 | DES_set_key_checked(&cfb_key, &ks); | |
553 | memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); | |
554 | n = 0; | |
555 | DES_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &cfb_tmp, &n, DES_ENCRYPT); | |
556 | DES_cfb64_encrypt(&plain[12], &cfb_buf1[12], sizeof(plain) - 12, &ks, | |
557 | &cfb_tmp, &n, DES_ENCRYPT); | |
558 | if (!TEST_mem_eq(cfb_cipher64, sizeof(plain), cfb_buf1, sizeof(plain))) | |
559 | return 0; | |
560 | memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); | |
561 | n = 0; | |
562 | DES_cfb64_encrypt(cfb_buf1, cfb_buf2, 17, &ks, &cfb_tmp, &n, DES_DECRYPT); | |
563 | DES_cfb64_encrypt(&cfb_buf1[17], &cfb_buf2[17], | |
564 | sizeof(plain) - 17, &ks, &cfb_tmp, &n, DES_DECRYPT); | |
565 | if (!TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain))) | |
566 | return 0; | |
0f113f3e MC |
567 | |
568 | memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); | |
569 | for (i = 0; i < sizeof(plain); i++) | |
c491a399 P |
570 | DES_cfb_encrypt(&plain[i], &cfb_buf1[i], 8, 1, &ks, &cfb_tmp, |
571 | DES_ENCRYPT); | |
572 | if (!TEST_mem_eq(cfb_cipher8, sizeof(plain), cfb_buf1, sizeof(plain))) | |
573 | return 0; | |
0f113f3e MC |
574 | |
575 | memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); | |
576 | for (i = 0; i < sizeof(plain); i++) | |
c491a399 P |
577 | DES_cfb_encrypt(&cfb_buf1[i], &cfb_buf2[i], 8, 1, &ks, &cfb_tmp, |
578 | DES_DECRYPT); | |
579 | return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); | |
580 | } | |
0f113f3e | 581 | |
c491a399 P |
582 | static int test_des_ede_cfb64(void) |
583 | { | |
584 | DES_key_schedule ks; | |
585 | int n; | |
0f113f3e | 586 | |
c491a399 P |
587 | DES_set_key_checked(&cfb_key, &ks); |
588 | memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); | |
589 | n = 0; | |
590 | DES_ede3_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &ks, &ks, &cfb_tmp, &n, | |
591 | DES_ENCRYPT); | |
592 | DES_ede3_cfb64_encrypt(&plain[12], &cfb_buf1[12], sizeof(plain) - 12, &ks, | |
593 | &ks, &ks, &cfb_tmp, &n, DES_ENCRYPT); | |
594 | if (!TEST_mem_eq(cfb_cipher64, sizeof(plain), cfb_buf1, sizeof(plain))) | |
595 | return 0; | |
596 | memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); | |
597 | n = 0; | |
598 | DES_ede3_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &ks, &ks, &ks, | |
599 | &cfb_tmp, &n, DES_DECRYPT); | |
600 | DES_ede3_cfb64_encrypt(&cfb_buf1[17], &cfb_buf2[17], sizeof(plain) - 17, | |
601 | &ks, &ks, &ks, &cfb_tmp, &n, DES_DECRYPT); | |
602 | return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); | |
603 | } | |
604 | ||
605 | static int test_des_ofb(void) | |
606 | { | |
607 | DES_key_schedule ks; | |
0f113f3e | 608 | |
0f113f3e MC |
609 | DES_set_key_checked(&ofb_key, &ks); |
610 | memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); | |
24956ca0 | 611 | DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp); |
c491a399 P |
612 | if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) |
613 | return 0; | |
614 | ||
0f113f3e | 615 | memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); |
24956ca0 | 616 | DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks, |
0f113f3e | 617 | &ofb_tmp); |
c491a399 P |
618 | return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); |
619 | } | |
620 | ||
621 | static int test_des_ofb64(void) | |
622 | { | |
623 | DES_key_schedule ks; | |
624 | int num; | |
625 | size_t i; | |
0f113f3e | 626 | |
0f113f3e MC |
627 | DES_set_key_checked(&ofb_key, &ks); |
628 | memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); | |
629 | memset(ofb_buf1, 0, sizeof(ofb_buf1)); | |
630 | memset(ofb_buf2, 0, sizeof(ofb_buf1)); | |
631 | num = 0; | |
632 | for (i = 0; i < sizeof(plain); i++) { | |
c491a399 | 633 | DES_ofb64_encrypt(&plain[i], &ofb_buf1[i], 1, &ks, &ofb_tmp, &num); |
0f113f3e | 634 | } |
c491a399 P |
635 | if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) |
636 | return 0; | |
0f113f3e MC |
637 | memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); |
638 | num = 0; | |
24956ca0 | 639 | DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp, |
0f113f3e | 640 | &num); |
c491a399 P |
641 | return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); |
642 | } | |
643 | ||
644 | static int test_des_ede_ofb64(void) | |
645 | { | |
646 | DES_key_schedule ks; | |
647 | int num; | |
648 | size_t i; | |
0f113f3e | 649 | |
0f113f3e MC |
650 | DES_set_key_checked(&ofb_key, &ks); |
651 | memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); | |
652 | memset(ofb_buf1, 0, sizeof(ofb_buf1)); | |
653 | memset(ofb_buf2, 0, sizeof(ofb_buf1)); | |
654 | num = 0; | |
655 | for (i = 0; i < sizeof(plain); i++) { | |
c491a399 | 656 | DES_ede3_ofb64_encrypt(&plain[i], &ofb_buf1[i], 1, &ks, &ks, |
24956ca0 | 657 | &ks, &ofb_tmp, &num); |
0f113f3e | 658 | } |
c491a399 P |
659 | if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) |
660 | return 0; | |
0f113f3e MC |
661 | memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); |
662 | num = 0; | |
24956ca0 | 663 | DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks, |
0f113f3e | 664 | &ofb_tmp, &num); |
c491a399 | 665 | return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); |
0f113f3e MC |
666 | } |
667 | ||
c491a399 | 668 | static int test_des_cbc_cksum(void) |
0f113f3e | 669 | { |
c491a399 | 670 | DES_LONG cs; |
24956ca0 | 671 | DES_key_schedule ks; |
c491a399 | 672 | unsigned char cret[8]; |
0f113f3e | 673 | |
c491a399 P |
674 | DES_set_key_checked(&cbc_key, &ks); |
675 | cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks, | |
676 | &cbc_iv); | |
677 | if (!TEST_cs_eq(cs, cbc_cksum_ret)) | |
678 | return 0; | |
679 | return TEST_mem_eq(cret, 8, cbc_cksum_data, 8); | |
0f113f3e | 680 | } |
d02b48c6 | 681 | |
c491a399 | 682 | static int test_des_quad_cksum(void) |
0f113f3e | 683 | { |
c491a399 | 684 | DES_LONG cs, lqret[4]; |
0f113f3e | 685 | |
c491a399 P |
686 | cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret, |
687 | (long)strlen((char *)cbc_data), 2, | |
688 | (DES_cblock *)cbc_iv); | |
689 | if (!TEST_cs_eq(cs, 0x70d7a63aL)) | |
690 | return 0; | |
691 | if (!TEST_cs_eq(lqret[0], 0x327eba8dL)) | |
692 | return 0; | |
693 | if (!TEST_cs_eq(lqret[1], 0x201a49ccL)) | |
694 | return 0; | |
695 | if (!TEST_cs_eq(lqret[2], 0x70d7a63aL)) | |
696 | return 0; | |
697 | if (!TEST_cs_eq(lqret[3], 0x501c2c26L)) | |
698 | return 0; | |
699 | return 1; | |
0f113f3e | 700 | } |
3d491c05 P |
701 | |
702 | /* | |
703 | * Test TDES based key wrapping. | |
704 | * The wrapping process uses a randomly generated IV so it is difficult to | |
705 | * undertake KATs. End to end testing is performed instead. | |
706 | */ | |
707 | static const int test_des_key_wrap_sizes[] = { | |
708 | 8, 16, 24, 32, 64, 80 | |
709 | }; | |
710 | ||
711 | static int test_des_key_wrap(int idx) | |
712 | { | |
713 | int in_bytes = test_des_key_wrap_sizes[idx]; | |
714 | unsigned char in[100], c_txt[200], p_txt[200], key[24]; | |
715 | int clen, clen_upd, clen_fin, plen, plen_upd, plen_fin, expect, bs, i; | |
716 | EVP_CIPHER *cipher = NULL; | |
717 | EVP_CIPHER_CTX *ctx = NULL; | |
718 | int res = 0; | |
719 | ||
720 | /* Some sanity checks and cipher loading */ | |
721 | if (!TEST_size_t_le(in_bytes, sizeof(in)) | |
722 | || !TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, "DES3-WRAP", NULL)) | |
723 | || !TEST_int_eq(bs = EVP_CIPHER_get_block_size(cipher), 8) | |
724 | || !TEST_size_t_eq(bs * 3u, sizeof(key)) | |
725 | || !TEST_true(in_bytes % bs == 0) | |
726 | || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())) | |
727 | goto err; | |
728 | ||
729 | /* Create random data to end to end test */ | |
730 | for (i = 0; i < in_bytes; i++) | |
731 | in[i] = test_random(); | |
732 | ||
733 | /* Build the key */ | |
734 | memcpy(key, cbc_key, sizeof(cbc_key)); | |
735 | memcpy(key + sizeof(cbc_key), cbc2_key, sizeof(cbc2_key)); | |
736 | memcpy(key + sizeof(cbc_key) + sizeof(cbc3_key), cbc_key, sizeof(cbc3_key)); | |
737 | ||
738 | /* Wrap / encrypt the key */ | |
739 | clen_upd = sizeof(c_txt); | |
740 | if (!TEST_true(EVP_EncryptInit(ctx, cipher, key, NULL)) | |
741 | || !TEST_true(EVP_EncryptUpdate(ctx, c_txt, &clen_upd, | |
742 | in, in_bytes))) | |
743 | goto err; | |
744 | ||
745 | expect = (in_bytes + (bs - 1)) / bs * bs + 2 * bs; | |
746 | if (!TEST_int_eq(clen_upd, expect)) | |
747 | goto err; | |
748 | ||
749 | clen_fin = sizeof(c_txt) - clen_upd; | |
750 | if (!TEST_true(EVP_EncryptFinal(ctx, c_txt + clen_upd, &clen_fin)) | |
751 | || !TEST_int_eq(clen_fin, 0)) | |
752 | goto err; | |
753 | clen = clen_upd + clen_fin; | |
754 | ||
755 | /* Decrypt the wrapped key */ | |
756 | plen_upd = sizeof(p_txt); | |
757 | if (!TEST_true(EVP_DecryptInit(ctx, cipher, key, NULL)) | |
758 | || !TEST_true(EVP_DecryptUpdate(ctx, p_txt, &plen_upd, | |
759 | c_txt, clen))) | |
760 | goto err; | |
761 | plen_fin = sizeof(p_txt) - plen_upd; | |
762 | if (!TEST_true(EVP_DecryptFinal(ctx, p_txt + plen_upd, &plen_fin))) | |
763 | goto err; | |
764 | plen = plen_upd + plen_fin; | |
765 | ||
766 | if (!TEST_mem_eq(in, in_bytes, p_txt, plen)) | |
767 | goto err; | |
768 | res = 1; | |
769 | err: | |
770 | EVP_CIPHER_free(cipher); | |
771 | EVP_CIPHER_CTX_free(ctx); | |
772 | return res; | |
773 | } | |
cc350c88 P |
774 | |
775 | /*- | |
776 | * Weak and semi weak keys as taken from | |
777 | * %A D.W. Davies | |
778 | * %A W.L. Price | |
779 | * %T Security for Computer Networks | |
780 | * %I John Wiley & Sons | |
781 | * %D 1984 | |
782 | */ | |
783 | static struct { | |
784 | const DES_cblock key; | |
785 | int expect; | |
786 | } weak_keys[] = { | |
787 | /* weak keys */ | |
788 | {{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, 1 }, | |
789 | {{0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}, 1 }, | |
790 | {{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, 1 }, | |
791 | {{0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1}, 1 }, | |
792 | /* semi-weak keys */ | |
793 | {{0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE}, 1 }, | |
794 | {{0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01}, 1 }, | |
795 | {{0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1}, 1 }, | |
796 | {{0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E}, 1 }, | |
797 | {{0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1}, 1 }, | |
798 | {{0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01}, 1 }, | |
799 | {{0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE}, 1 }, | |
800 | {{0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E}, 1 }, | |
801 | {{0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E}, 1 }, | |
802 | {{0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01}, 1 }, | |
803 | {{0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, 1 }, | |
804 | {{0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}, 1 }, | |
805 | /* good key */ | |
806 | {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 } | |
807 | }; | |
808 | ||
809 | static int test_des_weak_keys(int n) | |
810 | { | |
811 | const_DES_cblock *key = (unsigned char (*)[8])weak_keys[n].key; | |
812 | ||
813 | return TEST_int_eq(DES_is_weak_key(key), weak_keys[n].expect); | |
814 | } | |
815 | ||
816 | static struct { | |
817 | const DES_cblock key; | |
818 | int expect; | |
819 | } bad_parity_keys[] = { | |
820 | {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 0 }, | |
821 | {{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 0 }, | |
822 | /* Perturb each byte in turn to create even parity */ | |
823 | {{0x48, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, | |
824 | {{0x49, 0xE8, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, | |
825 | {{0x49, 0xE9, 0x5C, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, | |
826 | {{0x49, 0xE9, 0x5D, 0x7D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, | |
827 | {{0x49, 0xE9, 0x5D, 0x6D, 0x5C, 0xA2, 0x29, 0xBF}, 0 }, | |
828 | {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA3, 0x29, 0xBF}, 0 }, | |
829 | {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x39, 0xBF}, 0 }, | |
830 | {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBE}, 0 }, | |
831 | /* Odd parity version of above */ | |
832 | {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 1 } | |
833 | }; | |
834 | ||
835 | static int test_des_check_bad_parity(int n) | |
836 | { | |
837 | const_DES_cblock *key = (unsigned char (*)[8])bad_parity_keys[n].key; | |
838 | ||
839 | return TEST_int_eq(DES_check_key_parity(key), bad_parity_keys[n].expect); | |
840 | } | |
587e0407 P |
841 | |
842 | /* Test that two key 3DES can generate a random key without error */ | |
843 | static int test_des_two_key(void) | |
844 | { | |
845 | int res = 0; | |
846 | EVP_CIPHER *cipher = NULL; | |
847 | EVP_CIPHER_CTX *ctx = NULL; | |
848 | unsigned char key[16]; | |
849 | ||
850 | if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, "DES-EDE-ECB", NULL)) | |
851 | || !TEST_ptr(ctx = EVP_CIPHER_CTX_new()) | |
852 | || !EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) | |
853 | || !EVP_CIPHER_CTX_set_key_length(ctx, sizeof(key)) | |
854 | || !EVP_CIPHER_CTX_rand_key(ctx, key)) | |
855 | goto err; | |
856 | ||
857 | res = 1; | |
858 | err: | |
859 | EVP_CIPHER_free(cipher); | |
860 | EVP_CIPHER_CTX_free(ctx); | |
861 | return res; | |
862 | } | |
863 | ||
c491a399 | 864 | #endif |
d02b48c6 | 865 | |
ad887416 | 866 | int setup_tests(void) |
0f113f3e | 867 | { |
c491a399 P |
868 | #ifndef OPENSSL_NO_DES |
869 | ADD_ALL_TESTS(test_des_ecb, NUM_TESTS); | |
870 | ADD_TEST(test_des_cbc); | |
871 | ADD_TEST(test_ede_cbc); | |
872 | ADD_ALL_TESTS(test_des_ede_ecb, NUM_TESTS - 2); | |
873 | ADD_TEST(test_des_ede_cbc); | |
874 | ADD_TEST(test_des_pcbc); | |
875 | ADD_TEST(test_des_cfb8); | |
876 | ADD_TEST(test_des_cfb16); | |
877 | ADD_TEST(test_des_cfb32); | |
878 | ADD_TEST(test_des_cfb48); | |
879 | ADD_TEST(test_des_cfb64); | |
880 | ADD_TEST(test_des_ede_cfb64); | |
881 | ADD_TEST(test_des_ofb); | |
882 | ADD_TEST(test_des_ofb64); | |
883 | ADD_TEST(test_des_ede_ofb64); | |
884 | ADD_TEST(test_des_cbc_cksum); | |
885 | ADD_TEST(test_des_quad_cksum); | |
886 | ADD_TEST(test_des_crypt); | |
887 | ADD_ALL_TESTS(test_input_align, 4); | |
888 | ADD_ALL_TESTS(test_output_align, 4); | |
3d491c05 | 889 | ADD_ALL_TESTS(test_des_key_wrap, OSSL_NELEM(test_des_key_wrap_sizes)); |
cc350c88 P |
890 | ADD_ALL_TESTS(test_des_weak_keys, OSSL_NELEM(weak_keys)); |
891 | ADD_ALL_TESTS(test_des_check_bad_parity, OSSL_NELEM(bad_parity_keys)); | |
587e0407 | 892 | ADD_TEST(test_des_two_key); |
f5d7a031 | 893 | #endif |
ad887416 | 894 | return 1; |
c491a399 | 895 | } |