2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Internal tests for the modes module */
15 #include <openssl/aes.h>
16 #include <openssl/modes.h>
17 #include "../crypto/modes/modes_lcl.h"
23 const unsigned char *data;
26 /**********************************************************************
32 /* cts128 test vectors from RFC 3962 */
33 static const unsigned char cts128_test_key[16] = "chicken teriyaki";
34 static const unsigned char cts128_test_input[64] =
35 "I would like the" " General Gau's C"
36 "hicken, please, " "and wonton soup.";
37 static const unsigned char cts128_test_iv[] =
38 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
40 static const unsigned char vector_17[17] = {
41 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
42 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
46 static const unsigned char vector_31[31] = {
47 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
48 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
49 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
50 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
53 static const unsigned char vector_32[32] = {
54 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
55 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
56 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
57 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
60 static const unsigned char vector_47[47] = {
61 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
62 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
63 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
64 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
65 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
66 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
69 static const unsigned char vector_48[48] = {
70 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
71 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
72 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
73 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
74 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
75 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
78 static const unsigned char vector_64[64] = {
79 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
80 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
81 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
82 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
83 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
84 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
85 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
86 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
89 #define CTS128_TEST_VECTOR(len) \
91 sizeof(vector_##len), vector_##len \
93 static const SIZED_DATA cts128_vectors[] = {
94 CTS128_TEST_VECTOR(17),
95 CTS128_TEST_VECTOR(31),
96 CTS128_TEST_VECTOR(32),
97 CTS128_TEST_VECTOR(47),
98 CTS128_TEST_VECTOR(48),
99 CTS128_TEST_VECTOR(64),
102 static AES_KEY *cts128_encrypt_key_schedule()
104 static int init_key = 1;
108 AES_set_encrypt_key(cts128_test_key, 128, &ks);
114 static AES_KEY *cts128_decrypt_key_schedule()
116 static int init_key = 1;
120 AES_set_decrypt_key(cts128_test_key, 128, &ks);
127 const char *case_name;
129 size_t (*transform_output)(const unsigned char *in, unsigned char *out,
131 size_t (*encrypt_block)(const unsigned char *in,
132 unsigned char *out, size_t len,
133 const void *key, unsigned char ivec[16],
135 size_t (*encrypt)(const unsigned char *in, unsigned char *out,
136 size_t len, const void *key,
137 unsigned char ivec[16], cbc128_f cbc);
138 size_t (*decrypt_block)(const unsigned char *in,
139 unsigned char *out, size_t len,
140 const void *key, unsigned char ivec[16],
142 size_t (*decrypt)(const unsigned char *in, unsigned char *out,
143 size_t len, const void *key,
144 unsigned char ivec[16], cbc128_f cbc);
148 static CTS128_FIXTURE setup_cts128(const char *const test_case_name)
150 CTS128_FIXTURE fixture;
151 fixture.case_name = test_case_name;
155 static size_t transform_output(const unsigned char *in, unsigned char *out,
160 memcpy(out, in, len);
161 if ((tail = len % 16) == 0)
168 static size_t transform_output_nist(const unsigned char *in, unsigned char *out,
173 if ((tail = len % 16) == 0)
176 memcpy(out, in, len);
177 /* flip two last blocks */
178 memcpy(out + len, in + len + 16, tail);
179 memcpy(out + len + tail, in + len, 16);
186 static int execute_cts128(CTS128_FIXTURE fixture)
188 const unsigned char *test_iv = cts128_test_iv;
189 size_t test_iv_len = sizeof(cts128_test_iv);
190 const unsigned char *orig_vector = cts128_vectors[fixture.num].data;
191 size_t len = cts128_vectors[fixture.num].size;
192 const unsigned char *test_input = cts128_test_input;
193 const AES_KEY *encrypt_key_schedule = cts128_encrypt_key_schedule();
194 const AES_KEY *decrypt_key_schedule = cts128_decrypt_key_schedule();
195 unsigned char iv[16];
196 /* The largest test inputs are = 64 bytes. */
197 unsigned char cleartext[64], ciphertext[64], vector[64];
200 fprintf(stderr, "%s_vector_%" OSSLzu "\n", fixture.case_name, len);
203 tail = fixture.transform_output(orig_vector, vector, len);
205 /* test block-based encryption */
206 memcpy(iv, test_iv, test_iv_len);
207 fixture.encrypt_block(test_input, ciphertext, len,
208 encrypt_key_schedule, iv,
209 (block128_f)AES_encrypt);
210 if (memcmp(ciphertext, vector, len)) {
211 fprintf(stderr, "block encrypt: output_%" OSSLzu " mismatch\n", len);
214 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
215 fprintf(stderr, "block encrypt: iv_%" OSSLzu " mismatch\n", len);
219 /* test block-based decryption */
220 memcpy(iv, test_iv, test_iv_len);
221 fixture.decrypt_block(ciphertext, cleartext, len,
222 decrypt_key_schedule, iv,
223 (block128_f)AES_decrypt);
224 if (memcmp(cleartext, test_input, len)) {
225 fprintf(stderr, "block decrypt: input_%" OSSLzu " mismatch\n", len);
228 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
229 fprintf(stderr, "block decrypt: iv_%" OSSLzu " mismatch\n", len);
233 /* test streamed encryption */
234 memcpy(iv, test_iv, test_iv_len);
235 fixture.encrypt(test_input, ciphertext, len, encrypt_key_schedule,
236 iv, (cbc128_f) AES_cbc_encrypt);
237 if (memcmp(ciphertext, vector, len)) {
238 fprintf(stderr, "stream encrypt: output_%" OSSLzu " mismatch\n", len);
241 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
242 fprintf(stderr, "stream encrypt: iv_%" OSSLzu " mismatch\n", len);
246 /* test streamed decryption */
247 memcpy(iv, test_iv, test_iv_len);
248 fixture.decrypt(ciphertext, cleartext, len, decrypt_key_schedule, iv,
249 (cbc128_f)AES_cbc_encrypt);
250 if (memcmp(cleartext, test_input, len)) {
251 fprintf(stderr, "stream decrypt: input_%" OSSLzu " mismatch\n", len);
254 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
255 fprintf(stderr, "stream decrypt: iv_%" OSSLzu " mismatch\n", len);
262 static int test_cts128(int idx)
264 SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
265 fixture.transform_output = transform_output;
266 fixture.encrypt_block = CRYPTO_cts128_encrypt_block;
267 fixture.encrypt = CRYPTO_cts128_encrypt;
268 fixture.decrypt_block = CRYPTO_cts128_decrypt_block;
269 fixture.decrypt = CRYPTO_cts128_decrypt;
270 fixture.case_name = "cts128";
272 EXECUTE_TEST_NO_TEARDOWN(execute_cts128);
275 static int test_cts128_nist(int idx)
277 SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
278 fixture.transform_output = transform_output_nist;
279 fixture.encrypt_block = CRYPTO_nistcts128_encrypt_block;
280 fixture.encrypt = CRYPTO_nistcts128_encrypt;
281 fixture.decrypt_block = CRYPTO_nistcts128_decrypt_block;
282 fixture.decrypt = CRYPTO_nistcts128_decrypt;
283 fixture.case_name = "cts128_nist";
285 EXECUTE_TEST_NO_TEARDOWN(execute_cts128);
288 /**********************************************************************
295 static const u8 K1[16], P1[] = { 0 }, A1[] = { 0 }, IV1[12], C1[] = { 0 };
296 static const u8 T1[] = {
297 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
298 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
305 static const u8 P2[16];
306 static const u8 C2[] = {
307 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
308 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
311 static const u8 T2[] = {
312 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
313 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
318 static const u8 K3[] = {
319 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
320 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
323 static const u8 P3[] = {
324 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
325 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
326 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
327 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
328 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
329 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
330 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
331 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
334 static const u8 IV3[] = {
335 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
336 0xde, 0xca, 0xf8, 0x88
339 static const u8 C3[] = {
340 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
341 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
342 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
343 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
344 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
345 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
346 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
347 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
350 static const u8 T3[] = {
351 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
352 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
358 static const u8 P4[] = {
359 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
360 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
361 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
362 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
363 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
364 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
365 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
366 0xba, 0x63, 0x7b, 0x39
369 static const u8 A4[] = {
370 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
371 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
372 0xab, 0xad, 0xda, 0xd2
375 static const u8 C4[] = {
376 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
377 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
378 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
379 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
380 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
381 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
382 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
383 0x3d, 0x58, 0xe0, 0x91
386 static const u8 T4[] = {
387 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
388 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
395 static const u8 IV5[] = {
396 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
399 static const u8 C5[] = {
400 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
401 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
402 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
403 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
404 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
405 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
406 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
407 0xc2, 0x3f, 0x45, 0x98
410 static const u8 T5[] = {
411 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
412 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb
419 static const u8 IV6[] = {
420 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
421 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
422 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
423 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
424 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
425 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
426 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
427 0xa6, 0x37, 0xb3, 0x9b
430 static const u8 C6[] = {
431 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
432 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
433 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
434 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
435 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
436 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
437 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
438 0x4c, 0x34, 0xae, 0xe5
441 static const u8 T6[] = {
442 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
443 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50
447 static const u8 K7[24], P7[] = { 0 }, A7[] = { 0 }, IV7[12], C7[] = { 0 };
448 static const u8 T7[] = {
449 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
450 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35
457 static const u8 P8[16];
458 static const u8 C8[] = {
459 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
460 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00
463 static const u8 T8[] = {
464 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
465 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb
470 static const u8 K9[] = {
471 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
472 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
473 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
476 static const u8 P9[] = {
477 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
478 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
479 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
480 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
481 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
482 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
483 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
484 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
487 static const u8 IV9[] = {
488 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
489 0xde, 0xca, 0xf8, 0x88
492 static const u8 C9[] = {
493 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
494 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
495 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
496 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
497 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
498 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
499 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
500 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56
503 static const u8 T9[] = {
504 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
505 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14
511 static const u8 P10[] = {
512 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
513 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
514 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
515 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
516 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
517 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
518 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
519 0xba, 0x63, 0x7b, 0x39
522 static const u8 A10[] = {
523 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
524 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
525 0xab, 0xad, 0xda, 0xd2
528 static const u8 C10[] = {
529 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
530 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
531 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
532 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
533 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
534 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
535 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
536 0xcc, 0xda, 0x27, 0x10
539 static const u8 T10[] = {
540 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
541 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c
548 static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
550 static const u8 C11[] = {
551 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
552 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
553 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
554 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
555 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
556 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
557 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
558 0xa0, 0xf0, 0x62, 0xf7
561 static const u8 T11[] = {
562 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
563 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8
570 static const u8 IV12[] = {
571 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
572 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
573 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
574 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
575 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
576 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
577 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
578 0xa6, 0x37, 0xb3, 0x9b
581 static const u8 C12[] = {
582 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
583 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
584 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
585 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
586 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
587 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
588 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
589 0xe9, 0xb7, 0x37, 0x3b
592 static const u8 T12[] = {
593 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
594 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9
598 static const u8 K13[32], P13[] = { 0 }, A13[] = { 0 }, IV13[12], C13[] = { 0 };
599 static const u8 T13[] = {
600 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
601 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b
607 static const u8 P14[16], IV14[12];
608 static const u8 C14[] = {
609 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
610 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
613 static const u8 T14[] = {
614 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
615 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
620 static const u8 K15[] = {
621 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
622 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
623 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
624 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
627 static const u8 P15[] = {
628 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
629 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
630 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
631 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
632 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
633 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
634 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
635 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
638 static const u8 IV15[] = {
639 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
640 0xde, 0xca, 0xf8, 0x88
643 static const u8 C15[] = {
644 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
645 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
646 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
647 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
648 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
649 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
650 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
651 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
654 static const u8 T15[] = {
655 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
656 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
662 static const u8 P16[] = {
663 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
664 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
665 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
666 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
667 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
668 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
669 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
670 0xba, 0x63, 0x7b, 0x39
673 static const u8 A16[] = {
674 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
675 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
676 0xab, 0xad, 0xda, 0xd2
679 static const u8 C16[] = {
680 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
681 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
682 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
683 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
684 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
685 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
686 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
687 0xbc, 0xc9, 0xf6, 0x62
690 static const u8 T16[] = {
691 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
692 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
699 static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
701 static const u8 C17[] = {
702 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
703 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
704 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
705 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
706 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
707 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
708 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
709 0xf4, 0x7c, 0x9b, 0x1f
712 static const u8 T17[] = {
713 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
714 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2
721 static const u8 IV18[] = {
722 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
723 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
724 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
725 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
726 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
727 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
728 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
729 0xa6, 0x37, 0xb3, 0x9b
732 static const u8 C18[] = {
733 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
734 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
735 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
736 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
737 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
738 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
739 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
740 0x44, 0xae, 0x7e, 0x3f
743 static const u8 T18[] = {
744 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
745 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a
753 static const u8 A19[] = {
754 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
755 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
756 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
757 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
758 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
759 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
760 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
761 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55,
762 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
763 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
764 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
765 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
766 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
767 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
768 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
769 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
772 static const u8 T19[] = {
773 0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d,
774 0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92
780 /* this results in 0xff in counter LSB */
781 static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff };
783 static const u8 P20[288];
784 static const u8 C20[] = {
785 0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a,
786 0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14,
787 0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce,
788 0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f,
789 0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70,
790 0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18,
791 0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf,
792 0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49,
793 0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab,
794 0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c,
795 0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c,
796 0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29,
797 0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1,
798 0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76,
799 0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2,
800 0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce,
801 0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f,
802 0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86,
803 0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb,
804 0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18,
805 0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65,
806 0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42,
807 0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b,
808 0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06,
809 0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24,
810 0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c,
811 0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4,
812 0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64,
813 0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03,
814 0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6,
815 0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90,
816 0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74,
817 0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67,
818 0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46,
819 0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78,
820 0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c
823 static const u8 T20[] = {
824 0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a,
825 0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f
828 #define GCM128_TEST_VECTOR(n) \
830 {sizeof(K##n), K##n}, \
831 {sizeof(IV##n), IV##n}, \
832 {sizeof(A##n), A##n}, \
833 {sizeof(P##n), P##n}, \
834 {sizeof(C##n), C##n}, \
835 {sizeof(T##n), T##n} \
837 static struct gcm128_data {
844 } gcm128_vectors[] = {
845 GCM128_TEST_VECTOR(1),
846 GCM128_TEST_VECTOR(2),
847 GCM128_TEST_VECTOR(3),
848 GCM128_TEST_VECTOR(4),
849 GCM128_TEST_VECTOR(5),
850 GCM128_TEST_VECTOR(6),
851 GCM128_TEST_VECTOR(7),
852 GCM128_TEST_VECTOR(8),
853 GCM128_TEST_VECTOR(9),
854 GCM128_TEST_VECTOR(10),
855 GCM128_TEST_VECTOR(11),
856 GCM128_TEST_VECTOR(12),
857 GCM128_TEST_VECTOR(13),
858 GCM128_TEST_VECTOR(14),
859 GCM128_TEST_VECTOR(15),
860 GCM128_TEST_VECTOR(16),
861 GCM128_TEST_VECTOR(17),
862 GCM128_TEST_VECTOR(18),
863 GCM128_TEST_VECTOR(19),
864 GCM128_TEST_VECTOR(20)
867 static int test_gcm128(int idx)
869 unsigned char out[512];
870 SIZED_DATA K = gcm128_vectors[idx].K;
871 SIZED_DATA IV = gcm128_vectors[idx].IV;
872 SIZED_DATA A = gcm128_vectors[idx].A;
873 SIZED_DATA P = gcm128_vectors[idx].P;
874 SIZED_DATA C = gcm128_vectors[idx].C;
875 SIZED_DATA T = gcm128_vectors[idx].T;
880 /* Size 1 inputs are special-cased to signal NULL. */
888 AES_set_encrypt_key(K.data, K.size * 8, &key);
890 CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt);
891 CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size);
892 memset(out, 0, P.size);
894 CRYPTO_gcm128_aad(&ctx, A.data, A.size);
896 CRYPTO_gcm128_encrypt( &ctx, P.data, out, P.size);
897 if (CRYPTO_gcm128_finish(&ctx, T.data, 16)
898 || (C.data && memcmp(out, C.data, P.size)))
899 err++, fprintf(stderr, "encrypt test#%d failed.\n", idx);
901 CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size);
902 memset(out, 0, P.size);
904 CRYPTO_gcm128_aad(&ctx, A.data, A.size);
906 CRYPTO_gcm128_decrypt(&ctx, C.data, out, P.size);
907 if (CRYPTO_gcm128_finish(&ctx, T.data, 16)
908 || (P.data && memcmp(out, P.data, P.size)))
909 err++, fprintf(stderr, "decrypt test#%d failed.\n", idx);
914 static void benchmark_gcm128(const unsigned char *K, size_t Klen,
915 const unsigned char *IV, size_t IVlen)
917 #ifdef OPENSSL_CPUID_OBJ
920 size_t start, gcm_t, ctr_t, OPENSSL_rdtsc();
926 AES_set_encrypt_key(K, Klen * 8, &key);
927 CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt);
928 CRYPTO_gcm128_setiv(&ctx, IV, IVlen);
930 CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
931 start = OPENSSL_rdtsc();
932 CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
933 gcm_t = OPENSSL_rdtsc() - start;
935 CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
936 &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
937 (block128_f) AES_encrypt);
938 start = OPENSSL_rdtsc();
939 CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
940 &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
941 (block128_f) AES_encrypt);
942 ctr_t = OPENSSL_rdtsc() - start;
944 printf("%.2f-%.2f=%.2f\n",
945 gcm_t / (double)sizeof(buf),
946 ctr_t / (double)sizeof(buf),
947 (gcm_t - ctr_t) / (double)sizeof(buf));
950 void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
951 const u8 *inp, size_t len) = ctx.ghash;
953 GHASH((&ctx), buf.c, sizeof(buf));
954 start = OPENSSL_rdtsc();
955 for (i = 0; i < 100; ++i)
956 GHASH((&ctx), buf.c, sizeof(buf));
957 gcm_t = OPENSSL_rdtsc() - start;
958 printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i);
963 "Benchmarking of modes isn't available on this platform\n");
967 int main(int argc, char **argv)
973 for (iter_argv = 1; iter_argv < argc; iter_argv++) {
974 if (strcmp(argv[iter_argv], "-b") == 0)
976 else if (strcmp(argv[iter_argv], "-h") == 0)
980 ADD_ALL_TESTS(test_cts128, OSSL_NELEM(cts128_vectors));
981 ADD_ALL_TESTS(test_cts128_nist, OSSL_NELEM(cts128_vectors));
982 ADD_ALL_TESTS(test_gcm128, OSSL_NELEM(gcm128_vectors));
984 result = run_tests(argv[0]);
987 benchmark_gcm128(K1, sizeof(K1), IV1, sizeof(IV1));
992 printf("-h\tThis help\n");
993 printf("-b\tBenchmark gcm128 in addition to the tests\n");
projects / openssl.git / blob