2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Internal tests for the modes module */
15 #include <openssl/aes.h>
16 #include <openssl/modes.h>
17 #include "../crypto/modes/modes_lcl.h"
23 const unsigned char *data;
26 /**********************************************************************
33 const char *case_name;
35 const AES_KEY *encrypt_key_schedule;
36 const AES_KEY *decrypt_key_schedule;
37 const unsigned char *input;
39 const SIZED_DATA *vector;
42 static CTS128_FIXTURE setup_cts128(const char *const test_case_name)
44 CTS128_FIXTURE fixture;
45 fixture.case_name = test_case_name;
49 static int execute_cts128(CTS128_FIXTURE fixture)
51 const unsigned char *test_iv = fixture.iv.data;
52 size_t test_iv_len = fixture.iv.size;
53 const unsigned char *vector = fixture.vector->data;
54 size_t len = fixture.vector->size;
55 const unsigned char *test_input = fixture.input;
56 const AES_KEY *encrypt_key_schedule = fixture.encrypt_key_schedule;
57 const AES_KEY *decrypt_key_schedule = fixture.decrypt_key_schedule;
59 unsigned char cleartext[64], ciphertext[64];
62 fprintf(stderr, "vector_%" OSSLzu "\n", len);
65 if ((tail = len % 16) == 0)
69 /* test block-based encryption */
70 memcpy(iv, test_iv, test_iv_len);
71 CRYPTO_cts128_encrypt_block(test_input, ciphertext, len,
72 encrypt_key_schedule, iv,
73 (block128_f)AES_encrypt);
74 if (memcmp(ciphertext, vector, len)) {
75 fprintf(stderr, "block encrypt: output_%" OSSLzu " mismatch\n", len);
78 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
79 fprintf(stderr, "block encrypt: iv_%" OSSLzu " mismatch\n", len);
83 /* test block-based decryption */
84 memcpy(iv, test_iv, test_iv_len);
85 CRYPTO_cts128_decrypt_block(ciphertext, cleartext, len,
86 decrypt_key_schedule, iv,
87 (block128_f)AES_decrypt);
88 if (memcmp(cleartext, test_input, len)) {
89 fprintf(stderr, "block decrypt: input_%" OSSLzu " mismatch\n", len);
92 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
93 fprintf(stderr, "block decrypt: iv_%" OSSLzu " mismatch\n", len);
97 /* test streamed encryption */
98 memcpy(iv, test_iv, test_iv_len);
99 CRYPTO_cts128_encrypt(test_input, ciphertext, len, encrypt_key_schedule,
100 iv, (cbc128_f) AES_cbc_encrypt);
101 if (memcmp(ciphertext, vector, len)) {
102 fprintf(stderr, "stream encrypt: output_%" OSSLzu " mismatch\n", len);
105 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
106 fprintf(stderr, "stream encrypt: iv_%" OSSLzu " mismatch\n", len);
110 /* test streamed decryption */
111 memcpy(iv, test_iv, test_iv_len);
112 CRYPTO_cts128_decrypt(ciphertext, cleartext, len, decrypt_key_schedule, iv,
113 (cbc128_f)AES_cbc_encrypt);
114 if (memcmp(cleartext, test_input, len)) {
115 fprintf(stderr, "stream decrypt: input_%" OSSLzu " mismatch\n", len);
118 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
119 fprintf(stderr, "stream decrypt: iv_%" OSSLzu " mismatch\n", len);
126 static int execute_cts128_nist(CTS128_FIXTURE fixture)
128 const unsigned char *test_iv = fixture.iv.data;
129 size_t test_iv_len = fixture.iv.size;
130 const unsigned char *vector = fixture.vector->data;
131 size_t len = fixture.vector->size;
132 const unsigned char *test_input = fixture.input;
133 const AES_KEY *encrypt_key_schedule = fixture.encrypt_key_schedule;
134 const AES_KEY *decrypt_key_schedule = fixture.decrypt_key_schedule;
135 unsigned char iv[16];
136 unsigned char cleartext[64], ciphertext[64], nistvector[64];
139 fprintf(stderr, "nistvector_%" OSSLzu "\n", len);
142 if ((tail = len % 16) == 0)
146 memcpy(nistvector, vector, len);
147 /* flip two last blocks */
148 memcpy(nistvector + len, vector + len + 16, tail);
149 memcpy(nistvector + len + tail, vector + len, 16);
153 /* test block-based encryption */
154 memcpy(iv, test_iv, test_iv_len);
155 CRYPTO_nistcts128_encrypt_block(test_input, ciphertext, len,
156 encrypt_key_schedule, iv,
157 (block128_f)AES_encrypt);
158 if (memcmp(ciphertext, nistvector, len)) {
159 fprintf(stderr, "output_%" OSSLzu " mismatch\n", len);
162 if (memcmp(iv, nistvector + len - tail, sizeof(iv))) {
163 fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len);
167 /* test block-based decryption */
168 memcpy(iv, test_iv, test_iv_len);
169 CRYPTO_nistcts128_decrypt_block(ciphertext, cleartext, len,
170 decrypt_key_schedule, iv,
171 (block128_f)AES_decrypt);
172 if (memcmp(cleartext, test_input, len)) {
173 fprintf(stderr, "input_%" OSSLzu " mismatch\n", len);
176 if (memcmp(iv, nistvector + len - tail, sizeof(iv))) {
177 fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len);
181 /* test streamed encryption */
182 memcpy(iv, test_iv, test_iv_len);
183 CRYPTO_nistcts128_encrypt(test_input, ciphertext, len,
184 encrypt_key_schedule, iv,
185 (cbc128_f)AES_cbc_encrypt);
186 if (memcmp(ciphertext, nistvector, len)) {
187 fprintf(stderr, "output_%" OSSLzu " mismatch\n", len);
190 if (memcmp(iv, nistvector + len - tail, sizeof(iv))) {
191 fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len);
195 /* test streamed decryption */
196 memcpy(iv, test_iv, test_iv_len);
197 CRYPTO_nistcts128_decrypt(ciphertext, cleartext, len, decrypt_key_schedule,
198 iv, (cbc128_f)AES_cbc_encrypt);
199 if (memcmp(cleartext, test_input, len)) {
200 fprintf(stderr, "input_%" OSSLzu " mismatch\n", len);
203 if (memcmp(iv, nistvector + len - tail, sizeof(iv))) {
204 fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len);
211 static void teardown_cts128(CTS128_FIXTURE fixture)
213 ERR_print_errors_fp(stderr);
216 /**********************************************************************
223 const char *case_name;
233 static GCM128_FIXTURE setup_gcm128(const char *const test_case_name)
235 GCM128_FIXTURE fixture;
236 fixture.case_name = test_case_name;
240 static int execute_gcm128(GCM128_FIXTURE fixture)
242 unsigned char out[512];
243 SIZED_DATA *K = &fixture.K;
244 SIZED_DATA *IV = &fixture.IV;
245 SIZED_DATA *A = &fixture.A;
246 SIZED_DATA *P = &fixture.P;
247 SIZED_DATA *C = &fixture.C;
248 SIZED_DATA *T = &fixture.T;
254 AES_set_encrypt_key(K->data, K->size * 8, &key);
256 CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt);
257 CRYPTO_gcm128_setiv(&ctx, IV->data, IV->size);
258 memset(out, 0, P->size);
260 CRYPTO_gcm128_aad(&ctx, A->data, A->size);
262 CRYPTO_gcm128_encrypt( &ctx, P->data, out, P->size);
263 if (CRYPTO_gcm128_finish(&ctx, T->data, 16)
264 || (C->data && memcmp(out, C->data, P->size)))
265 err++, fprintf(stderr, "encrypt test#%d failed.\n", n);
267 CRYPTO_gcm128_setiv(&ctx, IV->data, IV->size);
268 memset(out, 0, P->size);
270 CRYPTO_gcm128_aad(&ctx, A->data, A->size);
272 CRYPTO_gcm128_decrypt(&ctx, C->data, out, P->size);
273 if (CRYPTO_gcm128_finish(&ctx, T->data, 16)
274 || (P->data && memcmp(out, P->data, P->size)))
275 err++, fprintf(stderr, "decrypt test#%d failed.\n", n);
280 static void teardown_gcm128(GCM128_FIXTURE fixture)
282 ERR_print_errors_fp(stderr);
285 static void benchmark_gcm128(const unsigned char *K, size_t Klen,
286 const unsigned char *IV, size_t IVlen)
288 #ifdef OPENSSL_CPUID_OBJ
291 size_t start, gcm_t, ctr_t, OPENSSL_rdtsc();
297 AES_set_encrypt_key(K, Klen * 8, &key);
298 CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt);
299 CRYPTO_gcm128_setiv(&ctx, IV, IVlen);
301 CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
302 start = OPENSSL_rdtsc();
303 CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
304 gcm_t = OPENSSL_rdtsc() - start;
306 CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
307 &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
308 (block128_f) AES_encrypt);
309 start = OPENSSL_rdtsc();
310 CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
311 &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
312 (block128_f) AES_encrypt);
313 ctr_t = OPENSSL_rdtsc() - start;
315 printf("%.2f-%.2f=%.2f\n",
316 gcm_t / (double)sizeof(buf),
317 ctr_t / (double)sizeof(buf),
318 (gcm_t - ctr_t) / (double)sizeof(buf));
321 void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
322 const u8 *inp, size_t len) = ctx.ghash;
324 GHASH((&ctx), buf.c, sizeof(buf));
325 start = OPENSSL_rdtsc();
326 for (i = 0; i < 100; ++i)
327 GHASH((&ctx), buf.c, sizeof(buf));
328 gcm_t = OPENSSL_rdtsc() - start;
329 printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i);
334 "Benchmarking of modes isn't available on this platform\n");
338 /**********************************************************************
344 /* cts128 test vectors from RFC 3962 */
345 static const unsigned char cts128_test_key[16] = "chicken teriyaki";
346 static const unsigned char cts128_test_input[64] =
347 "I would like the" " General Gau's C"
348 "hicken, please, " "and wonton soup.";
349 static const unsigned char cts128_test_iv[] =
350 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
352 static const unsigned char vector_17[17] = {
353 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
354 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
358 static const unsigned char vector_31[31] = {
359 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
360 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
361 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
362 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
365 static const unsigned char vector_32[32] = {
366 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
367 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
368 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
369 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
372 static const unsigned char vector_47[47] = {
373 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
374 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
375 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
376 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
377 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
378 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
381 static const unsigned char vector_48[48] = {
382 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
383 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
384 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
385 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
386 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
387 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
390 static const unsigned char vector_64[64] = {
391 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
392 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
393 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
394 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
395 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
396 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
397 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
398 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
401 #define CTS128_TEST_VECTOR(len) \
403 sizeof(vector_##len), vector_##len \
405 static const SIZED_DATA cts128_vectors[] = {
406 CTS128_TEST_VECTOR(17),
407 CTS128_TEST_VECTOR(31),
408 CTS128_TEST_VECTOR(32),
409 CTS128_TEST_VECTOR(47),
410 CTS128_TEST_VECTOR(48),
411 CTS128_TEST_VECTOR(64),
414 static AES_KEY *cts128_encrypt_key_schedule()
416 static int init_key = 1;
420 AES_set_encrypt_key(cts128_test_key, 128, &ks);
426 static AES_KEY *cts128_decrypt_key_schedule()
428 static int init_key = 1;
432 AES_set_decrypt_key(cts128_test_key, 128, &ks);
438 static int drive_cts128_tests(int idx)
440 SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
442 fixture.encrypt_key_schedule = cts128_encrypt_key_schedule();
443 fixture.decrypt_key_schedule = cts128_decrypt_key_schedule();
444 fixture.input = cts128_test_input;
445 fixture.iv.size = sizeof(cts128_test_iv);
446 fixture.iv.data = cts128_test_iv;
447 fixture.vector = &cts128_vectors[idx];
448 EXECUTE_TEST(execute_cts128, teardown_cts128);
451 static int drive_cts128_nist_tests(int idx)
453 SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
455 fixture.encrypt_key_schedule = cts128_encrypt_key_schedule();
456 fixture.decrypt_key_schedule = cts128_decrypt_key_schedule();
457 fixture.input = cts128_test_input;
458 fixture.iv.size = sizeof(cts128_test_iv);
459 fixture.iv.data = cts128_test_iv;
460 fixture.vector = &cts128_vectors[idx];
461 EXECUTE_TEST(execute_cts128_nist, teardown_cts128);
465 static const u8 K1[16], P1[] = { 0 }, A1[] = { 0 }, IV1[12], C1[] = { 0 };
466 static const u8 T1[] = {
467 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
468 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
475 static const u8 P2[16];
476 static const u8 C2[] = {
477 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
478 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
481 static const u8 T2[] = {
482 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
483 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
488 static const u8 K3[] = {
489 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
490 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
493 static const u8 P3[] = {
494 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
495 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
496 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
497 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
498 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
499 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
500 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
501 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
504 static const u8 IV3[] = {
505 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
506 0xde, 0xca, 0xf8, 0x88
509 static const u8 C3[] = {
510 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
511 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
512 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
513 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
514 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
515 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
516 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
517 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
520 static const u8 T3[] = {
521 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
522 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
528 static const u8 P4[] = {
529 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
530 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
531 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
532 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
533 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
534 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
535 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
536 0xba, 0x63, 0x7b, 0x39
539 static const u8 A4[] = {
540 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
541 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
542 0xab, 0xad, 0xda, 0xd2
545 static const u8 C4[] = {
546 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
547 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
548 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
549 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
550 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
551 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
552 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
553 0x3d, 0x58, 0xe0, 0x91
556 static const u8 T4[] = {
557 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
558 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
565 static const u8 IV5[] = {
566 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
569 static const u8 C5[] = {
570 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
571 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
572 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
573 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
574 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
575 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
576 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
577 0xc2, 0x3f, 0x45, 0x98
580 static const u8 T5[] = {
581 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
582 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb
589 static const u8 IV6[] = {
590 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
591 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
592 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
593 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
594 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
595 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
596 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
597 0xa6, 0x37, 0xb3, 0x9b
600 static const u8 C6[] = {
601 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
602 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
603 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
604 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
605 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
606 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
607 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
608 0x4c, 0x34, 0xae, 0xe5
611 static const u8 T6[] = {
612 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
613 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50
617 static const u8 K7[24], P7[] = { 0 }, A7[] = { 0 }, IV7[12], C7[] = { 0 };
618 static const u8 T7[] = {
619 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
620 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35
627 static const u8 P8[16];
628 static const u8 C8[] = {
629 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
630 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00
633 static const u8 T8[] = {
634 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
635 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb
640 static const u8 K9[] = {
641 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
642 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
643 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
646 static const u8 P9[] = {
647 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
648 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
649 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
650 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
651 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
652 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
653 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
654 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
657 static const u8 IV9[] = {
658 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
659 0xde, 0xca, 0xf8, 0x88
662 static const u8 C9[] = {
663 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
664 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
665 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
666 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
667 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
668 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
669 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
670 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56
673 static const u8 T9[] = {
674 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
675 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14
681 static const u8 P10[] = {
682 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
683 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
684 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
685 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
686 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
687 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
688 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
689 0xba, 0x63, 0x7b, 0x39
692 static const u8 A10[] = {
693 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
694 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
695 0xab, 0xad, 0xda, 0xd2
698 static const u8 C10[] = {
699 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
700 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
701 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
702 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
703 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
704 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
705 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
706 0xcc, 0xda, 0x27, 0x10
709 static const u8 T10[] = {
710 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
711 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c
718 static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
720 static const u8 C11[] = {
721 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
722 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
723 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
724 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
725 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
726 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
727 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
728 0xa0, 0xf0, 0x62, 0xf7
731 static const u8 T11[] = {
732 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
733 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8
740 static const u8 IV12[] = {
741 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
742 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
743 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
744 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
745 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
746 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
747 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
748 0xa6, 0x37, 0xb3, 0x9b
751 static const u8 C12[] = {
752 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
753 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
754 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
755 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
756 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
757 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
758 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
759 0xe9, 0xb7, 0x37, 0x3b
762 static const u8 T12[] = {
763 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
764 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9
768 static const u8 K13[32], P13[] = { 0 }, A13[] = { 0 }, IV13[12], C13[] = { 0 };
769 static const u8 T13[] = {
770 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
771 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b
777 static const u8 P14[16], IV14[12];
778 static const u8 C14[] = {
779 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
780 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
783 static const u8 T14[] = {
784 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
785 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
790 static const u8 K15[] = {
791 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
792 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
793 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
794 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
797 static const u8 P15[] = {
798 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
799 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
800 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
801 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
802 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
803 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
804 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
805 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
808 static const u8 IV15[] = {
809 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
810 0xde, 0xca, 0xf8, 0x88
813 static const u8 C15[] = {
814 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
815 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
816 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
817 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
818 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
819 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
820 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
821 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
824 static const u8 T15[] = {
825 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
826 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
832 static const u8 P16[] = {
833 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
834 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
835 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
836 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
837 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
838 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
839 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
840 0xba, 0x63, 0x7b, 0x39
843 static const u8 A16[] = {
844 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
845 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
846 0xab, 0xad, 0xda, 0xd2
849 static const u8 C16[] = {
850 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
851 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
852 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
853 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
854 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
855 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
856 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
857 0xbc, 0xc9, 0xf6, 0x62
860 static const u8 T16[] = {
861 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
862 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
869 static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
871 static const u8 C17[] = {
872 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
873 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
874 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
875 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
876 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
877 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
878 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
879 0xf4, 0x7c, 0x9b, 0x1f
882 static const u8 T17[] = {
883 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
884 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2
891 static const u8 IV18[] = {
892 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
893 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
894 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
895 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
896 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
897 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
898 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
899 0xa6, 0x37, 0xb3, 0x9b
902 static const u8 C18[] = {
903 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
904 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
905 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
906 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
907 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
908 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
909 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
910 0x44, 0xae, 0x7e, 0x3f
913 static const u8 T18[] = {
914 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
915 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a
923 static const u8 A19[] = {
924 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
925 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
926 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
927 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
928 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
929 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
930 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
931 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55,
932 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
933 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
934 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
935 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
936 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
937 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
938 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
939 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
942 static const u8 T19[] = {
943 0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d,
944 0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92
950 /* this results in 0xff in counter LSB */
951 static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff };
953 static const u8 P20[288];
954 static const u8 C20[] = {
955 0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a,
956 0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14,
957 0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce,
958 0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f,
959 0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70,
960 0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18,
961 0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf,
962 0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49,
963 0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab,
964 0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c,
965 0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c,
966 0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29,
967 0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1,
968 0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76,
969 0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2,
970 0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce,
971 0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f,
972 0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86,
973 0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb,
974 0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18,
975 0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65,
976 0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42,
977 0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b,
978 0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06,
979 0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24,
980 0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c,
981 0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4,
982 0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64,
983 0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03,
984 0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6,
985 0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90,
986 0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74,
987 0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67,
988 0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46,
989 0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78,
990 0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c
993 static const u8 T20[] = {
994 0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a,
995 0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f
998 #define GCM128_TEST_VECTOR(n) \
1000 {sizeof(K##n), K##n}, \
1001 {sizeof(IV##n), IV##n}, \
1002 {sizeof(A##n), A##n}, \
1003 {sizeof(P##n), P##n}, \
1004 {sizeof(C##n), C##n}, \
1005 {sizeof(T##n), T##n} \
1007 static struct gcm128_data {
1009 const SIZED_DATA IV;
1014 } gcm128_vectors[] = {
1015 GCM128_TEST_VECTOR(1),
1016 GCM128_TEST_VECTOR(2),
1017 GCM128_TEST_VECTOR(3),
1018 GCM128_TEST_VECTOR(4),
1019 GCM128_TEST_VECTOR(5),
1020 GCM128_TEST_VECTOR(6),
1021 GCM128_TEST_VECTOR(7),
1022 GCM128_TEST_VECTOR(8),
1023 GCM128_TEST_VECTOR(9),
1024 GCM128_TEST_VECTOR(10),
1025 GCM128_TEST_VECTOR(11),
1026 GCM128_TEST_VECTOR(12),
1027 GCM128_TEST_VECTOR(13),
1028 GCM128_TEST_VECTOR(14),
1029 GCM128_TEST_VECTOR(15),
1030 GCM128_TEST_VECTOR(16),
1031 GCM128_TEST_VECTOR(17),
1032 GCM128_TEST_VECTOR(18),
1033 GCM128_TEST_VECTOR(19),
1034 GCM128_TEST_VECTOR(20)
1037 static int drive_gcm128_tests(int idx)
1039 SETUP_TEST_FIXTURE(GCM128_FIXTURE, setup_gcm128);
1041 fixture.K.size = gcm128_vectors[idx].K.size;
1042 fixture.K.data = fixture.K.size == 1 ? NULL : gcm128_vectors[idx].K.data;
1043 fixture.IV.size = gcm128_vectors[idx].IV.size;
1044 fixture.IV.data = fixture.IV.size == 1 ? NULL : gcm128_vectors[idx].IV.data;
1045 fixture.A.size = gcm128_vectors[idx].A.size;
1046 fixture.A.data = fixture.A.size == 1 ? NULL : gcm128_vectors[idx].A.data;
1047 fixture.P.size = gcm128_vectors[idx].P.size;
1048 fixture.P.data = fixture.P.size == 1 ? NULL : gcm128_vectors[idx].P.data;
1049 fixture.C.size = gcm128_vectors[idx].C.size;
1050 fixture.C.data = fixture.C.size == 1 ? NULL : gcm128_vectors[idx].C.data;
1051 fixture.T.size = gcm128_vectors[idx].T.size;
1052 fixture.T.data = fixture.T.size == 1 ? NULL : gcm128_vectors[idx].T.data;
1053 EXECUTE_TEST(execute_gcm128, teardown_gcm128);
1056 int main(int argc, char **argv)
1062 for (iter_argv = 1; iter_argv < argc; iter_argv++) {
1063 if (strcmp(argv[iter_argv], "-b") == 0)
1065 else if (strcmp(argv[iter_argv], "-h") == 0)
1069 ADD_ALL_TESTS(drive_cts128_tests, OSSL_NELEM(cts128_vectors));
1070 ADD_ALL_TESTS(drive_cts128_nist_tests, OSSL_NELEM(cts128_vectors));
1071 ADD_ALL_TESTS(drive_gcm128_tests, OSSL_NELEM(gcm128_vectors));
1073 result = run_tests(argv[0]);
1076 benchmark_gcm128(K1, sizeof(K1), IV1, sizeof(IV1));
1081 printf("-h\tThis help\n");
1082 printf("-b\tBenchmark gcm128 in addition to the tests\n");
projects / openssl.git / blob