Allow AES XTS decryption using duplicate keys.

[openssl.git] / test / recipes / 30-test_evp_data / evpciph.txt

diff --git a/test/recipes/30-test_evp_data/evpciph.txt b/test/recipes/30-test_evp_data/evpciph.txt
index 916ba15922e2da87db60f447211e1278bd293dd4..3dd5a87ba7a3e8d6b9a00c66facf7c4346d0f4f1 100644 (file)
--- a/test/recipes/30-test_evp_data/evpciph.txt
+++ b/test/recipes/30-test_evp_data/evpciph.txt
@@ -1190,13 +1190,34 @@ Result = CIPHERFINAL_ERROR
 
 Title = AES XTS test vectors from IEEE Std 1619-2007
 
+# Using the same key twice for encryption is always banned.
 Cipher = aes-128-xts
+Operation = ENCRYPT
 Key = 0000000000000000000000000000000000000000000000000000000000000000
 IV = 00000000000000000000000000000000
 Plaintext = 0000000000000000000000000000000000000000000000000000000000000000
 Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
 Result = KEY_SET_ERROR
 
+# Using the same key twice for decryption is banned in FIPS mode.
+#Cipher = aes-128-xts
+#FIPS = YES
+#Operation = DECRYPT
+#Key = 0000000000000000000000000000000000000000000000000000000000000000
+#IV = 00000000000000000000000000000000
+#Plaintext = 0000000000000000000000000000000000000000000000000000000000000000
+#Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
+#Result = KEY_SET_ERROR
+
+# Using the same key twice for decryption is allowed outside of FIPS mode.
+Cipher = aes-128-xts
+#FIPS = NO
+Operation = DECRYPT
+Key = 0000000000000000000000000000000000000000000000000000000000000000
+IV = 00000000000000000000000000000000
+Plaintext = 0000000000000000000000000000000000000000000000000000000000000000
+Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
+
 Cipher = aes-128-xts
 Key = 1111111111111111111111111111111122222222222222222222222222222222
 IV = 33333333330000000000000000000000