]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/modes_internal_test.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Implement EVP_MAC_do_all_ex()
[thirdparty/openssl.git] / test / modes_internal_test.c
CommitLineData
f2ae2348 1/*
6738bf14 2 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
f2ae2348 3 *
909f1a2e 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
f2ae2348
RL		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/* Internal tests for the modes module */
11
12#include <stdio.h>
13#include <string.h>
14
15#include <openssl/aes.h>
16#include <openssl/modes.h>
f2ae2348 17#include "testutil.h"
459b15d4 18#include "internal/modes_int.h"
176db6dc 19#include "internal/nelem.h"
f2ae2348
RL		 20
21typedef struct {
22 size_t size;
23 const unsigned char *data;
24} SIZED_DATA;
25
26/**********************************************************************
27 *
28 * Test of cts128
29 *
30 ***/
31
f2ae2348
RL		 32/* cts128 test vectors from RFC 3962 */
33static const unsigned char cts128_test_key[16] = "chicken teriyaki";
34static const unsigned char cts128_test_input[64] =
35 "I would like the" " General Gau's C"
36 "hicken, please, " "and wonton soup.";
37static const unsigned char cts128_test_iv[] =
38 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
39
40static const unsigned char vector_17[17] = {
41 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
42 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
43 0x97
44};
45
46static const unsigned char vector_31[31] = {
47 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
48 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
49 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
50 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
51};
52
53static const unsigned char vector_32[32] = {
54 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
55 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
56 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
57 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
58};
59
60static const unsigned char vector_47[47] = {
61 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
62 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
63 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
64 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
65 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
66 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
67};
68
69static const unsigned char vector_48[48] = {
70 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
71 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
72 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
73 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
74 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
75 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
76};
77
78static const unsigned char vector_64[64] = {
79 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
80 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
81 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
82 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
83 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
84 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
85 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
86 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
87};
88
89#define CTS128_TEST_VECTOR(len) \
90 { \
91 sizeof(vector_##len), vector_##len \
92 }
fa9ad414 93static const SIZED_DATA aes_cts128_vectors[] = {
f2ae2348
RL		 94 CTS128_TEST_VECTOR(17),
95 CTS128_TEST_VECTOR(31),
96 CTS128_TEST_VECTOR(32),
97 CTS128_TEST_VECTOR(47),
98 CTS128_TEST_VECTOR(48),
99 CTS128_TEST_VECTOR(64),
100};
101
3cb7c5cf 102static AES_KEY *cts128_encrypt_key_schedule(void)
f2ae2348
RL		 103{
104 static int init_key = 1;
105 static AES_KEY ks;
106
107 if (init_key) {
108 AES_set_encrypt_key(cts128_test_key, 128, &ks);
109 init_key = 0;
110 }
111 return &ks;
112}
113
3cb7c5cf 114static AES_KEY *cts128_decrypt_key_schedule(void)
f2ae2348
RL		 115{
116 static int init_key = 1;
117 static AES_KEY ks;
118
119 if (init_key) {
120 AES_set_decrypt_key(cts128_test_key, 128, &ks);
121 init_key = 0;
122 }
123 return &ks;
124}
125
d836d71b
EK		 126typedef struct {
127 const char *case_name;
fa9ad414
P		 128 size_t (*last_blocks_correction)(const unsigned char *in,
129 unsigned char *out, size_t len);
d836d71b
EK		 130 size_t (*encrypt_block)(const unsigned char *in,
131 unsigned char *out, size_t len,
132 const void *key, unsigned char ivec[16],
133 block128_f block);
fa9ad414
P		 134 size_t (*encrypt_stream)(const unsigned char *in, unsigned char *out,
135 size_t len, const void *key,
136 unsigned char ivec[16], cbc128_f cbc);
d836d71b
EK		 137 size_t (*decrypt_block)(const unsigned char *in,
138 unsigned char *out, size_t len,
139 const void *key, unsigned char ivec[16],
140 block128_f block);
fa9ad414
P		 141 size_t (*decrypt_stream)(const unsigned char *in, unsigned char *out,
142 size_t len, const void *key,
143 unsigned char ivec[16], cbc128_f cbc);
d836d71b
EK		 144} CTS128_FIXTURE;
145
fa9ad414
P		 146static size_t last_blocks_correction(const unsigned char *in,
147 unsigned char *out, size_t len)
d836d71b
EK		 148{
149 size_t tail;
150
151 memcpy(out, in, len);
152 if ((tail = len % 16) == 0)
153 tail = 16;
154 tail += 16;
155
156 return tail;
157}
158
fa9ad414
P		 159static size_t last_blocks_correction_nist(const unsigned char *in,
160 unsigned char *out, size_t len)
d836d71b
EK		 161{
162 size_t tail;
163
164 if ((tail = len % 16) == 0)
165 tail = 16;
166 len -= 16 + tail;
167 memcpy(out, in, len);
168 /* flip two last blocks */
169 memcpy(out + len, in + len + 16, tail);
170 memcpy(out + len + tail, in + len, 16);
171 len += 16 + tail;
172 tail = 16;
173
174 return tail;
175}
176
fa9ad414 177static int execute_cts128(const CTS128_FIXTURE *fixture, int num)
d836d71b
EK		 178{
179 const unsigned char *test_iv = cts128_test_iv;
180 size_t test_iv_len = sizeof(cts128_test_iv);
fa9ad414
P		 181 const unsigned char *orig_vector = aes_cts128_vectors[num].data;
182 size_t len = aes_cts128_vectors[num].size;
d836d71b
EK		 183 const unsigned char *test_input = cts128_test_input;
184 const AES_KEY *encrypt_key_schedule = cts128_encrypt_key_schedule();
185 const AES_KEY *decrypt_key_schedule = cts128_decrypt_key_schedule();
186 unsigned char iv[16];
187 /* The largest test inputs are = 64 bytes. */
188 unsigned char cleartext[64], ciphertext[64], vector[64];
fa9ad414 189 size_t tail, size;
d836d71b 190
fa9ad414 191 TEST_info("%s_vector_%lu", fixture->case_name, (unsigned long)len);
d836d71b 192
fa9ad414 193 tail = fixture->last_blocks_correction(orig_vector, vector, len);
d836d71b
EK		 194
195 /* test block-based encryption */
196 memcpy(iv, test_iv, test_iv_len);
fa9ad414
P		 197 if (!TEST_size_t_eq(fixture->encrypt_block(test_input, ciphertext, len,
198 encrypt_key_schedule, iv,
199 (block128_f)AES_encrypt), len)
200 || !TEST_mem_eq(ciphertext, len, vector, len)
201 || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
d836d71b 202 return 0;
d836d71b
EK		 203
204 /* test block-based decryption */
205 memcpy(iv, test_iv, test_iv_len);
fa9ad414
P		 206 size = fixture->decrypt_block(ciphertext, cleartext, len,
207 decrypt_key_schedule, iv,
208 (block128_f)AES_decrypt);
209 if (!TEST_true(len == size || len + 16 == size)
210 || !TEST_mem_eq(cleartext, len, test_input, len)
211 || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
d836d71b 212 return 0;
d836d71b
EK		 213
214 /* test streamed encryption */
215 memcpy(iv, test_iv, test_iv_len);
fa9ad414
P		 216 if (!TEST_size_t_eq(fixture->encrypt_stream(test_input, ciphertext, len,
217 encrypt_key_schedule, iv,
218 (cbc128_f) AES_cbc_encrypt),
219 len)
220 || !TEST_mem_eq(ciphertext, len, vector, len)
221 || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
d836d71b 222 return 0;
d836d71b
EK		 223
224 /* test streamed decryption */
225 memcpy(iv, test_iv, test_iv_len);
fa9ad414
P		 226 if (!TEST_size_t_eq(fixture->decrypt_stream(ciphertext, cleartext, len,
227 decrypt_key_schedule, iv,
228 (cbc128_f)AES_cbc_encrypt),
229 len)
230 || !TEST_mem_eq(cleartext, len, test_input, len)
231 || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
d836d71b 232 return 0;
d836d71b
EK		 233
234 return 1;
235}
236
fa9ad414 237static int test_aes_cts128(int idx)
f2ae2348 238{
fa9ad414
P		 239 static const CTS128_FIXTURE fixture_cts128 = {
240 "aes_cts128", last_blocks_correction,
241 CRYPTO_cts128_encrypt_block, CRYPTO_cts128_encrypt,
242 CRYPTO_cts128_decrypt_block, CRYPTO_cts128_decrypt
243 };
244
245 return execute_cts128(&fixture_cts128, idx);
f2ae2348
RL		 246}
247
fa9ad414 248static int test_aes_cts128_nist(int idx)
f2ae2348 249{
fa9ad414
P		 250 static const CTS128_FIXTURE fixture_cts128_nist = {
251 "aes_cts128_nist", last_blocks_correction_nist,
252 CRYPTO_nistcts128_encrypt_block, CRYPTO_nistcts128_encrypt,
253 CRYPTO_nistcts128_decrypt_block, CRYPTO_nistcts128_decrypt
254 };
255
256 return execute_cts128(&fixture_cts128_nist, idx);
f2ae2348
RL		 257}
258
f3ab6c16 259/*
d836d71b
EK		 260 *
261 * Test of gcm128
262 *
f3ab6c16 263 */
d836d71b 264
f2ae2348
RL		 265/* Test Case 1 */
266static const u8 K1[16], P1[] = { 0 }, A1[] = { 0 }, IV1[12], C1[] = { 0 };
267static const u8 T1[] = {
268 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
269 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
270};
271
272/* Test Case 2 */
273# define K2 K1
274# define A2 A1
275# define IV2 IV1
276static const u8 P2[16];
277static const u8 C2[] = {
278 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
279 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
280};
281
282static const u8 T2[] = {
283 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
284 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
285};
286
287/* Test Case 3 */
288# define A3 A2
289static const u8 K3[] = {
290 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
291 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
292};
293
294static const u8 P3[] = {
295 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
296 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
297 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
298 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
299 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
300 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
301 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
302 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
303};
304
305static const u8 IV3[] = {
306 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
307 0xde, 0xca, 0xf8, 0x88
308};
309
310static const u8 C3[] = {
311 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
312 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
313 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
314 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
315 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
316 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
317 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
318 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
319};
320
321static const u8 T3[] = {
322 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
323 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
324};
325
326/* Test Case 4 */
327# define K4 K3
328# define IV4 IV3
329static const u8 P4[] = {
330 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
331 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
332 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
333 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
334 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
335 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
336 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
337 0xba, 0x63, 0x7b, 0x39
338};
339
340static const u8 A4[] = {
341 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
342 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
343 0xab, 0xad, 0xda, 0xd2
344};
345
346static const u8 C4[] = {
347 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
348 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
349 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
350 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
351 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
352 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
353 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
354 0x3d, 0x58, 0xe0, 0x91
355};
356
357static const u8 T4[] = {
358 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
359 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
360};
361
362/* Test Case 5 */
363# define K5 K4
364# define P5 P4
365# define A5 A4
366static const u8 IV5[] = {
367 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
368};
369
370static const u8 C5[] = {
371 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
372 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
373 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
374 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
375 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
376 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
377 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
378 0xc2, 0x3f, 0x45, 0x98
379};
380
381static const u8 T5[] = {
382 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
383 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb
384};
385
386/* Test Case 6 */
387# define K6 K5
388# define P6 P5
389# define A6 A5
390static const u8 IV6[] = {
391 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
392 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
393 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
394 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
395 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
396 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
397 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
398 0xa6, 0x37, 0xb3, 0x9b
399};
400
401static const u8 C6[] = {
402 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
403 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
404 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
405 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
406 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
407 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
408 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
409 0x4c, 0x34, 0xae, 0xe5
410};
411
412static const u8 T6[] = {
413 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
414 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50
415};
416
417/* Test Case 7 */
418static const u8 K7[24], P7[] = { 0 }, A7[] = { 0 }, IV7[12], C7[] = { 0 };
419static const u8 T7[] = {
420 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
421 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35
422};
423
424/* Test Case 8 */
425# define K8 K7
426# define IV8 IV7
427# define A8 A7
428static const u8 P8[16];
429static const u8 C8[] = {
430 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
431 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00
432};
433
434static const u8 T8[] = {
435 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
436 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb
437};
438
439/* Test Case 9 */
440# define A9 A8
441static const u8 K9[] = {
442 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
443 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
444 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
445};
446
447static const u8 P9[] = {
448 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
449 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
450 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
451 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
452 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
453 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
454 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
455 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
456};
457
458static const u8 IV9[] = {
459 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
460 0xde, 0xca, 0xf8, 0x88
461};
462
463static const u8 C9[] = {
464 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
465 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
466 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
467 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
468 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
469 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
470 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
471 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56
472};
473
474static const u8 T9[] = {
475 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
476 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14
477};
478
479/* Test Case 10 */
480# define K10 K9
481# define IV10 IV9
482static const u8 P10[] = {
483 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
484 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
485 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
486 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
487 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
488 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
489 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
490 0xba, 0x63, 0x7b, 0x39
491};
492
493static const u8 A10[] = {
494 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
495 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
496 0xab, 0xad, 0xda, 0xd2
497};
498
499static const u8 C10[] = {
500 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
501 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
502 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
503 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
504 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
505 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
506 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
507 0xcc, 0xda, 0x27, 0x10
508};
509
510static const u8 T10[] = {
511 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
512 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c
513};
514
515/* Test Case 11 */
516# define K11 K10
517# define P11 P10
518# define A11 A10
519static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
520
521static const u8 C11[] = {
522 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
523 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
524 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
525 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
526 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
527 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
528 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
529 0xa0, 0xf0, 0x62, 0xf7
530};
531
532static const u8 T11[] = {
533 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
534 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8
535};
536
537/* Test Case 12 */
538# define K12 K11
539# define P12 P11
540# define A12 A11
541static const u8 IV12[] = {
542 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
543 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
544 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
545 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
546 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
547 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
548 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
549 0xa6, 0x37, 0xb3, 0x9b
550};
551
552static const u8 C12[] = {
553 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
554 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
555 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
556 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
557 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
558 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
559 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
560 0xe9, 0xb7, 0x37, 0x3b
561};
562
563static const u8 T12[] = {
564 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
565 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9
566};
567
568/* Test Case 13 */
569static const u8 K13[32], P13[] = { 0 }, A13[] = { 0 }, IV13[12], C13[] = { 0 };
570static const u8 T13[] = {
571 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
572 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b
573};
574
575/* Test Case 14 */
576# define K14 K13
577# define A14 A13
578static const u8 P14[16], IV14[12];
579static const u8 C14[] = {
580 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
581 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
582};
583
584static const u8 T14[] = {
585 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
586 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
587};
588
589/* Test Case 15 */
590# define A15 A14
591static const u8 K15[] = {
592 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
593 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
594 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
595 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
596};
597
598static const u8 P15[] = {
599 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
600 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
601 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
602 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
603 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
604 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
605 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
606 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
607};
608
609static const u8 IV15[] = {
610 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
611 0xde, 0xca, 0xf8, 0x88
612};
613
614static const u8 C15[] = {
615 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
616 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
617 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
618 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
619 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
620 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
621 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
622 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
623};
624
625static const u8 T15[] = {
626 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
627 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
628};
629
630/* Test Case 16 */
631# define K16 K15
632# define IV16 IV15
633static const u8 P16[] = {
634 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
635 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
636 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
637 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
638 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
639 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
640 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
641 0xba, 0x63, 0x7b, 0x39
642};
643
644static const u8 A16[] = {
645 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
646 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
647 0xab, 0xad, 0xda, 0xd2
648};
649
650static const u8 C16[] = {
651 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
652 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
653 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
654 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
655 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
656 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
657 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
658 0xbc, 0xc9, 0xf6, 0x62
659};
660
661static const u8 T16[] = {
662 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
663 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
664};
665
666/* Test Case 17 */
667# define K17 K16
668# define P17 P16
669# define A17 A16
670static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
671
672static const u8 C17[] = {
673 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
674 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
675 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
676 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
677 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
678 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
679 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
680 0xf4, 0x7c, 0x9b, 0x1f
681};
682
683static const u8 T17[] = {
684 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
685 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2
686};
687
688/* Test Case 18 */
689# define K18 K17
690# define P18 P17
691# define A18 A17
692static const u8 IV18[] = {
693 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
694 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
695 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
696 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
697 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
698 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
699 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
700 0xa6, 0x37, 0xb3, 0x9b
701};
702
703static const u8 C18[] = {
704 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
705 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
706 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
707 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
708 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
709 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
710 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
711 0x44, 0xae, 0x7e, 0x3f
712};
713
714static const u8 T18[] = {
715 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
716 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a
717};
718
719/* Test Case 19 */
720# define K19 K1
721# define P19 P1
722# define IV19 IV1
723# define C19 C1
724static const u8 A19[] = {
725 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
726 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
727 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
728 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
729 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
730 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
731 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
732 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55,
733 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
734 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
735 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
736 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
737 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
738 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
739 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
740 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
741};
742
743static const u8 T19[] = {
744 0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d,
745 0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92
746};
747
748/* Test Case 20 */
749# define K20 K1
750# define A20 A1
751/* this results in 0xff in counter LSB */
752static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff };
753
754static const u8 P20[288];
755static const u8 C20[] = {
756 0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a,
757 0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14,
758 0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce,
759 0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f,
760 0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70,
761 0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18,
762 0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf,
763 0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49,
764 0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab,
765 0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c,
766 0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c,
767 0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29,
768 0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1,
769 0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76,
770 0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2,
771 0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce,
772 0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f,
773 0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86,
774 0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb,
775 0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18,
776 0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65,
777 0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42,
778 0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b,
779 0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06,
780 0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24,
781 0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c,
782 0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4,
783 0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64,
784 0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03,
785 0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6,
786 0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90,
787 0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74,
788 0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67,
789 0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46,
790 0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78,
791 0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c
792};
793
794static const u8 T20[] = {
795 0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a,
796 0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f
797};
798
799#define GCM128_TEST_VECTOR(n) \
800 { \
801 {sizeof(K##n), K##n}, \
802 {sizeof(IV##n), IV##n}, \
803 {sizeof(A##n), A##n}, \
804 {sizeof(P##n), P##n}, \
805 {sizeof(C##n), C##n}, \
806 {sizeof(T##n), T##n} \
807 }
808static struct gcm128_data {
809 const SIZED_DATA K;
810 const SIZED_DATA IV;
811 const SIZED_DATA A;
812 const SIZED_DATA P;
813 const SIZED_DATA C;
814 const SIZED_DATA T;
815} gcm128_vectors[] = {
816 GCM128_TEST_VECTOR(1),
817 GCM128_TEST_VECTOR(2),
818 GCM128_TEST_VECTOR(3),
819 GCM128_TEST_VECTOR(4),
820 GCM128_TEST_VECTOR(5),
821 GCM128_TEST_VECTOR(6),
822 GCM128_TEST_VECTOR(7),
823 GCM128_TEST_VECTOR(8),
824 GCM128_TEST_VECTOR(9),
825 GCM128_TEST_VECTOR(10),
826 GCM128_TEST_VECTOR(11),
827 GCM128_TEST_VECTOR(12),
828 GCM128_TEST_VECTOR(13),
829 GCM128_TEST_VECTOR(14),
830 GCM128_TEST_VECTOR(15),
831 GCM128_TEST_VECTOR(16),
832 GCM128_TEST_VECTOR(17),
833 GCM128_TEST_VECTOR(18),
834 GCM128_TEST_VECTOR(19),
835 GCM128_TEST_VECTOR(20)
836};
837
d836d71b 838static int test_gcm128(int idx)
f2ae2348 839{
d836d71b
EK		 840 unsigned char out[512];
841 SIZED_DATA K = gcm128_vectors[idx].K;
842 SIZED_DATA IV = gcm128_vectors[idx].IV;
843 SIZED_DATA A = gcm128_vectors[idx].A;
844 SIZED_DATA P = gcm128_vectors[idx].P;
845 SIZED_DATA C = gcm128_vectors[idx].C;
846 SIZED_DATA T = gcm128_vectors[idx].T;
847 GCM128_CONTEXT ctx;
848 AES_KEY key;
d836d71b
EK		 849
850 /* Size 1 inputs are special-cased to signal NULL. */
851 if (A.size == 1)
852 A.data = NULL;
853 if (P.size == 1)
854 P.data = NULL;
855 if (C.size == 1)
856 C.data = NULL;
857
858 AES_set_encrypt_key(K.data, K.size * 8, &key);
859
860 CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt);
861 CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size);
862 memset(out, 0, P.size);
f3ab6c16 863 if (A.data != NULL)
d836d71b 864 CRYPTO_gcm128_aad(&ctx, A.data, A.size);
f3ab6c16 865 if (P.data != NULL)
d836d71b 866 CRYPTO_gcm128_encrypt( &ctx, P.data, out, P.size);
f3ab6c16
RS		 867 if (!TEST_false(CRYPTO_gcm128_finish(&ctx, T.data, 16))
868 || (C.data != NULL
869 && !TEST_mem_eq(out, P.size, C.data, P.size)))
870 return 0;
d836d71b
EK		 871
872 CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size);
873 memset(out, 0, P.size);
f3ab6c16 874 if (A.data != NULL)
d836d71b 875 CRYPTO_gcm128_aad(&ctx, A.data, A.size);
f3ab6c16 876 if (C.data != NULL)
d836d71b 877 CRYPTO_gcm128_decrypt(&ctx, C.data, out, P.size);
f3ab6c16
RS		 878 if (!TEST_false(CRYPTO_gcm128_finish(&ctx, T.data, 16))
879 || (P.data != NULL
880 && !TEST_mem_eq(out, P.size, P.data, P.size)))
881 return 0;
d836d71b 882
f3ab6c16 883 return 1;
d836d71b
EK		 884}
885
ad887416 886int setup_tests(void)
f2ae2348 887{
fa9ad414
P		 888 ADD_ALL_TESTS(test_aes_cts128, OSSL_NELEM(aes_cts128_vectors));
889 ADD_ALL_TESTS(test_aes_cts128_nist, OSSL_NELEM(aes_cts128_vectors));
d836d71b 890 ADD_ALL_TESTS(test_gcm128, OSSL_NELEM(gcm128_vectors));
ad887416
P		 891 return 1;
892}
A mirror of the official openssl repository