2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32 * Decode an hexadecimal string. Returned value is the number of decoded
36 hextobin(unsigned char *dst
, const char *src
)
47 if (c
>= '0' && c
<= '9') {
49 } else if (c
>= 'A' && c
<= 'F') {
51 } else if (c
>= 'a' && c
<= 'f') {
57 *dst
++ = (acc
<< 4) + c
;
68 check_equals(const char *banner
, const void *v1
, const void *v2
, size_t len
)
71 const unsigned char *b
;
73 if (memcmp(v1
, v2
, len
) == 0) {
76 fprintf(stderr
, "\n%s failed\n", banner
);
77 fprintf(stderr
, "v1: ");
78 for (u
= 0, b
= v1
; u
< len
; u
++) {
79 fprintf(stderr
, "%02X", b
[u
]);
81 fprintf(stderr
, "\nv2: ");
82 for (u
= 0, b
= v2
; u
< len
; u
++) {
83 fprintf(stderr
, "%02X", b
[u
]);
85 fprintf(stderr
, "\n");
89 #define HASH_SIZE(cname) br_ ## cname ## _SIZE
91 #define TEST_HASH(Name, cname) \
93 test_ ## cname ## _internal(char *data, char *refres) \
95 br_ ## cname ## _context mc; \
96 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
99 hextobin(ref, refres); \
101 br_ ## cname ## _init(&mc); \
102 br_ ## cname ## _update(&mc, data, n); \
103 br_ ## cname ## _out(&mc, res); \
104 check_equals("KAT " #Name " 1", res, ref, HASH_SIZE(cname)); \
105 br_ ## cname ## _init(&mc); \
106 for (u = 0; u < n; u ++) { \
107 br_ ## cname ## _update(&mc, data + u, 1); \
109 br_ ## cname ## _out(&mc, res); \
110 check_equals("KAT " #Name " 2", res, ref, HASH_SIZE(cname)); \
111 for (u = 0; u < n; u ++) { \
112 br_ ## cname ## _context mc2; \
113 br_ ## cname ## _init(&mc); \
114 br_ ## cname ## _update(&mc, data, u); \
116 br_ ## cname ## _update(&mc, data + u, n - u); \
117 br_ ## cname ## _out(&mc, res); \
118 check_equals("KAT " #Name " 3", res, ref, HASH_SIZE(cname)); \
119 br_ ## cname ## _update(&mc2, data + u, n - u); \
120 br_ ## cname ## _out(&mc2, res); \
121 check_equals("KAT " #Name " 4", res, ref, HASH_SIZE(cname)); \
123 memset(&mc, 0, sizeof mc); \
124 memset(res, 0, sizeof res); \
125 br_ ## cname ## _vtable.init(&mc.vtable); \
126 mc.vtable->update(&mc.vtable, data, n); \
127 mc.vtable->out(&mc.vtable, res); \
128 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
129 memset(res, 0, sizeof res); \
130 mc.vtable->init(&mc.vtable); \
131 mc.vtable->update(&mc.vtable, data, n); \
132 mc.vtable->out(&mc.vtable, res); \
133 check_equals("KAT " #Name " 6", res, ref, HASH_SIZE(cname)); \
136 #define KAT_MILLION_A(Name, cname, refres) do { \
137 br_ ## cname ## _context mc; \
138 unsigned char buf[1000]; \
139 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
142 hextobin(ref, refres); \
143 memset(buf, 'a', sizeof buf); \
144 br_ ## cname ## _init(&mc); \
145 for (i = 0; i < 1000; i ++) { \
146 br_ ## cname ## _update(&mc, buf, sizeof buf); \
148 br_ ## cname ## _out(&mc, res); \
149 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
153 TEST_HASH(SHA
-1, sha1
)
154 TEST_HASH(SHA
-224, sha224
)
155 TEST_HASH(SHA
-256, sha256
)
156 TEST_HASH(SHA
-384, sha384
)
157 TEST_HASH(SHA
-512, sha512
)
162 printf("Test MD5: ");
164 test_md5_internal("", "d41d8cd98f00b204e9800998ecf8427e");
165 test_md5_internal("a", "0cc175b9c0f1b6a831c399e269772661");
166 test_md5_internal("abc", "900150983cd24fb0d6963f7d28e17f72");
167 test_md5_internal("message digest", "f96b697d7cb7938d525a2f31aaf161d0");
168 test_md5_internal("abcdefghijklmnopqrstuvwxyz",
169 "c3fcd3d76192e4007dfb496cca67e13b");
170 test_md5_internal("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstu"
171 "vwxyz0123456789", "d174ab98d277d9f5a5611c2c9f419d9f");
172 test_md5_internal("1234567890123456789012345678901234567890123456789"
173 "0123456789012345678901234567890",
174 "57edf4a22be3c955ac49da2e2107b67a");
175 KAT_MILLION_A(MD5
, md5
,
176 "7707d6ae4e027c70eea2a935c2296f21");
184 printf("Test SHA-1: ");
186 test_sha1_internal("abc", "a9993e364706816aba3e25717850c26c9cd0d89d");
187 test_sha1_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
188 "nomnopnopq", "84983e441c3bd26ebaae4aa1f95129e5e54670f1");
190 KAT_MILLION_A(SHA
-1, sha1
,
191 "34aa973cd4c4daa4f61eeb2bdbad27316534016f");
199 printf("Test SHA-224: ");
201 test_sha224_internal("abc",
202 "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7");
203 test_sha224_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
205 "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525");
207 KAT_MILLION_A(SHA
-224, sha224
,
208 "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67");
216 printf("Test SHA-256: ");
218 test_sha256_internal("abc",
219 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
220 test_sha256_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
222 "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1");
224 KAT_MILLION_A(SHA
-256, sha256
,
225 "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0");
233 printf("Test SHA-384: ");
235 test_sha384_internal("abc",
236 "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded163"
237 "1a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7");
238 test_sha384_internal(
239 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
240 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
241 "09330c33f71147e83d192fc782cd1b4753111b173b3b05d2"
242 "2fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039");
244 KAT_MILLION_A(SHA
-384, sha384
,
245 "9d0e1809716474cb086e834e310a4a1ced149e9c00f24852"
246 "7972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985");
254 printf("Test SHA-512: ");
256 test_sha512_internal("abc",
257 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
258 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
259 test_sha512_internal(
260 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
261 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
262 "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
263 "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909");
265 KAT_MILLION_A(SHA
-512, sha512
,
266 "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973eb"
267 "de0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b");
275 unsigned char buf
[500], out
[36], outM
[16], outS
[20];
276 unsigned char seed
[1];
277 br_hmac_drbg_context rc
;
280 br_md5sha1_context cc
;
283 printf("Test MD5+SHA-1: ");
287 br_hmac_drbg_init(&rc
, &br_sha256_vtable
, seed
, sizeof seed
);
288 for (u
= 0; u
< sizeof buf
; u
++) {
291 br_hmac_drbg_generate(&rc
, buf
, u
);
293 br_md5_update(&mc
, buf
, u
);
294 br_md5_out(&mc
, outM
);
296 br_sha1_update(&sc
, buf
, u
);
297 br_sha1_out(&sc
, outS
);
298 br_md5sha1_init(&cc
);
299 br_md5sha1_update(&cc
, buf
, u
);
300 br_md5sha1_out(&cc
, out
);
301 check_equals("MD5+SHA-1 [1]", out
, outM
, 16);
302 check_equals("MD5+SHA-1 [2]", out
+ 16, outS
, 20);
303 br_md5sha1_init(&cc
);
304 for (v
= 0; v
< u
; v
++) {
305 br_md5sha1_update(&cc
, buf
+ v
, 1);
307 br_md5sha1_out(&cc
, out
);
308 check_equals("MD5+SHA-1 [3]", out
, outM
, 16);
309 check_equals("MD5+SHA-1 [4]", out
+ 16, outS
, 20);
317 * Compute a hash function, on some data, by ID. Returned value is
318 * hash output length.
321 do_hash(int id
, const void *data
, size_t len
, void *out
)
324 br_sha1_context csha1
;
325 br_sha224_context csha224
;
326 br_sha256_context csha256
;
327 br_sha384_context csha384
;
328 br_sha512_context csha512
;
333 br_md5_update(&cmd5
, data
, len
);
334 br_md5_out(&cmd5
, out
);
337 br_sha1_init(&csha1
);
338 br_sha1_update(&csha1
, data
, len
);
339 br_sha1_out(&csha1
, out
);
342 br_sha224_init(&csha224
);
343 br_sha224_update(&csha224
, data
, len
);
344 br_sha224_out(&csha224
, out
);
347 br_sha256_init(&csha256
);
348 br_sha256_update(&csha256
, data
, len
);
349 br_sha256_out(&csha256
, out
);
352 br_sha384_init(&csha384
);
353 br_sha384_update(&csha384
, data
, len
);
354 br_sha384_out(&csha384
, out
);
357 br_sha512_init(&csha512
);
358 br_sha512_update(&csha512
, data
, len
);
359 br_sha512_out(&csha512
, out
);
362 fprintf(stderr
, "Uknown hash function: %d\n", id
);
369 * Tests for a multihash. Returned value should be 258 multiplied by the
370 * number of hash functions implemented by the context.
373 test_multihash_inner(br_multihash_context
*mc
)
376 * Try hashing messages for all lengths from 0 to 257 bytes
377 * (inclusive). Each attempt is done twice, with data input
378 * either in one go, or byte by byte. In the byte by byte
379 * test, intermediate result are obtained and checked.
382 unsigned char buf
[258];
387 for (len
= 0; len
< sizeof buf
; len
++) {
389 unsigned char tmp
[20];
392 br_sha1_update(&sc
, buf
, len
);
393 br_sha1_out(&sc
, tmp
);
396 for (len
= 0; len
<= 257; len
++) {
399 br_multihash_init(mc
);
400 br_multihash_update(mc
, buf
, len
);
401 for (i
= 1; i
<= 6; i
++) {
402 unsigned char tmp
[64], tmp2
[64];
405 olen
= br_multihash_out(mc
, i
, tmp
);
409 olen2
= do_hash(i
, buf
, len
, tmp2
);
412 "Bad hash output length: %u / %u\n",
413 (unsigned)olen
, (unsigned)olen2
);
416 check_equals("Hash output", tmp
, tmp2
, olen
);
420 br_multihash_init(mc
);
421 for (u
= 0; u
< len
; u
++) {
422 br_multihash_update(mc
, buf
+ u
, 1);
423 for (i
= 1; i
<= 6; i
++) {
424 unsigned char tmp
[64], tmp2
[64];
427 olen
= br_multihash_out(mc
, i
, tmp
);
431 olen2
= do_hash(i
, buf
, u
+ 1, tmp2
);
433 fprintf(stderr
, "Bad hash output"
434 " length: %u / %u\n",
439 check_equals("Hash output", tmp
, tmp2
, olen
);
449 br_multihash_context mc
;
451 printf("Test MultiHash: ");
454 br_multihash_zero(&mc
);
455 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
456 if (test_multihash_inner(&mc
) != 258) {
457 fprintf(stderr
, "Failed test count\n");
462 br_multihash_zero(&mc
);
463 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
464 if (test_multihash_inner(&mc
) != 258) {
465 fprintf(stderr
, "Failed test count\n");
470 br_multihash_zero(&mc
);
471 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
472 if (test_multihash_inner(&mc
) != 258) {
473 fprintf(stderr
, "Failed test count\n");
478 br_multihash_zero(&mc
);
479 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
480 if (test_multihash_inner(&mc
) != 258) {
481 fprintf(stderr
, "Failed test count\n");
486 br_multihash_zero(&mc
);
487 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
488 if (test_multihash_inner(&mc
) != 258) {
489 fprintf(stderr
, "Failed test count\n");
494 br_multihash_zero(&mc
);
495 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
496 if (test_multihash_inner(&mc
) != 258) {
497 fprintf(stderr
, "Failed test count\n");
502 br_multihash_zero(&mc
);
503 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
504 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
505 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
506 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
507 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
508 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
509 if (test_multihash_inner(&mc
) != 258 * 6) {
510 fprintf(stderr
, "Failed test count\n");
520 do_KAT_HMAC_bin_bin(const br_hash_class
*digest_class
,
521 const void *key
, size_t key_len
,
522 const void *data
, size_t data_len
, const char *href
)
524 br_hmac_key_context kc
;
526 unsigned char tmp
[64], ref
[64];
529 len
= hextobin(ref
, href
);
530 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
531 br_hmac_init(&ctx
, &kc
, 0);
532 br_hmac_update(&ctx
, data
, data_len
);
533 br_hmac_out(&ctx
, tmp
);
534 check_equals("KAT HMAC 1", tmp
, ref
, len
);
536 br_hmac_init(&ctx
, &kc
, 0);
537 for (u
= 0; u
< data_len
; u
++) {
538 br_hmac_update(&ctx
, (const unsigned char *)data
+ u
, 1);
540 br_hmac_out(&ctx
, tmp
);
541 check_equals("KAT HMAC 2", tmp
, ref
, len
);
543 for (u
= 0; u
< data_len
; u
++) {
544 br_hmac_init(&ctx
, &kc
, 0);
545 br_hmac_update(&ctx
, data
, u
);
546 br_hmac_out(&ctx
, tmp
);
548 (const unsigned char *)data
+ u
, data_len
- u
);
549 br_hmac_out(&ctx
, tmp
);
550 check_equals("KAT HMAC 3", tmp
, ref
, len
);
555 do_KAT_HMAC_str_str(const br_hash_class
*digest_class
, const char *key
,
556 const char *data
, const char *href
)
558 do_KAT_HMAC_bin_bin(digest_class
, key
, strlen(key
),
559 data
, strlen(data
), href
);
563 do_KAT_HMAC_hex_hex(const br_hash_class
*digest_class
, const char *skey
,
564 const char *sdata
, const char *href
)
566 unsigned char key
[1024];
567 unsigned char data
[1024];
569 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
570 data
, hextobin(data
, sdata
), href
);
574 do_KAT_HMAC_hex_str(const br_hash_class
*digest_class
,
575 const char *skey
, const char *data
, const char *href
)
577 unsigned char key
[1024];
579 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
580 data
, strlen(data
), href
);
584 test_HMAC_CT(const br_hash_class
*digest_class
,
585 const void *key
, size_t key_len
, const void *data
)
587 br_hmac_key_context kc
;
588 br_hmac_context hc1
, hc2
;
589 unsigned char buf1
[64], buf2
[64];
592 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
594 for (u
= 0; u
< 130; u
++) {
595 for (v
= 0; v
< 130; v
++) {
596 size_t min_len
, max_len
;
601 for (w
= min_len
; w
<= max_len
; w
++) {
605 br_hmac_init(&hc1
, &kc
, 0);
606 br_hmac_update(&hc1
, data
, u
+ w
);
607 hlen1
= br_hmac_out(&hc1
, buf1
);
608 br_hmac_init(&hc2
, &kc
, 0);
609 br_hmac_update(&hc2
, data
, u
);
610 hlen2
= br_hmac_outCT(&hc2
,
611 (const unsigned char *)data
+ u
, w
,
612 min_len
, max_len
, buf2
);
613 if (hlen1
!= hlen2
) {
614 fprintf(stderr
, "HMAC length mismatch:"
615 " %u / %u\n", (unsigned)hlen1
,
619 sprintf(tmp
, "HMAC CT %u,%u,%u",
620 (unsigned)u
, (unsigned)v
, (unsigned)w
);
621 check_equals(tmp
, buf1
, buf2
, hlen1
);
634 unsigned char data
[1000];
637 const char key
[] = "test HMAC key";
639 printf("Test HMAC: ");
641 do_KAT_HMAC_hex_str(&br_md5_vtable
,
642 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
644 "9294727a3638bb1c13f48ef8158bfc9d");
645 do_KAT_HMAC_str_str(&br_md5_vtable
,
647 "what do ya want for nothing?",
648 "750c783e6ab0b503eaa86e310a5db738");
649 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
650 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
651 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
652 "56be34521d144c88dbb8c733f0e8b3f6");
653 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
654 "0102030405060708090a0b0c0d0e0f10111213141516171819",
655 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
656 "697eaf0aca3a3aea3a75164746ffaa79");
657 do_KAT_HMAC_hex_str(&br_md5_vtable
,
658 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
659 "Test With Truncation",
660 "56461ef2342edc00f9bab995690efd4c");
661 do_KAT_HMAC_hex_str(&br_md5_vtable
,
662 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
663 "Test Using Larger Than Block-Size Key - Hash Key First",
664 "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd");
665 do_KAT_HMAC_hex_str(&br_md5_vtable
,
666 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
667 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
668 "6f630fad67cda0ee1fb1f562db3aa53e");
670 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
671 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
673 "b617318655057264e28bc0b6fb378c8ef146be00");
674 do_KAT_HMAC_str_str(&br_sha1_vtable
,
676 "what do ya want for nothing?",
677 "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79");
678 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
679 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
680 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
681 "125d7342b9ac11cd91a39af48aa17b4f63f175d3");
682 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
683 "0102030405060708090a0b0c0d0e0f10111213141516171819",
684 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
685 "4c9007f4026250c6bc8414f9bf50c86c2d7235da");
686 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
687 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
688 "Test With Truncation",
689 "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04");
690 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
691 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
692 "Test Using Larger Than Block-Size Key - Hash Key First",
693 "aa4ae5e15272d00e95705637ce8a3b55ed402112");
694 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
695 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
696 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
697 "e8e99d0f45237d786d6bbaa7965c7808bbff1a91");
701 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
702 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
704 "896fb1128abbdf196832107cd49df33f"
705 "47b4b1169912ba4f53684b22");
707 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
708 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
710 "b0344c61d8db38535ca8afceaf0bf12b"
711 "881dc200c9833da726e9376c2e32cff7");
713 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
714 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
716 "afd03944d84895626b0825f4ab46907f"
717 "15f9dadbe4101ec682aa034c7cebc59c"
718 "faea9ea9076ede7f4af152e8b2fa9cb6");
720 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
721 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
723 "87aa7cdea5ef619d4ff0b4241a1d6cb0"
724 "2379f4e2ce4ec2787ad0b30545e17cde"
725 "daa833b7d6b8a702038b274eaea3f4e4"
726 "be9d914eeb61f1702e696c203a126854");
728 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
730 "7768617420646f2079612077616e7420"
731 "666f72206e6f7468696e673f",
732 "a30e01098bc6dbbf45690f3a7e9e6d0f"
733 "8bbea2a39e6148008fd05e44");
735 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
737 "7768617420646f2079612077616e7420"
738 "666f72206e6f7468696e673f",
739 "5bdcc146bf60754e6a042426089575c7"
740 "5a003f089d2739839dec58b964ec3843");
742 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
744 "7768617420646f2079612077616e7420"
745 "666f72206e6f7468696e673f",
746 "af45d2e376484031617f78d2b58a6b1b"
747 "9c7ef464f5a01b47e42ec3736322445e"
748 "8e2240ca5e69e2c78b3239ecfab21649");
750 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
752 "7768617420646f2079612077616e7420"
753 "666f72206e6f7468696e673f",
754 "164b7a7bfcf819e2e395fbe73b56e0a3"
755 "87bd64222e831fd610270cd7ea250554"
756 "9758bf75c05a994a6d034f65f8f0e6fd"
757 "caeab1a34d4a6b4b636e070a38bce737");
759 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
760 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
762 "dddddddddddddddddddddddddddddddd"
763 "dddddddddddddddddddddddddddddddd"
764 "dddddddddddddddddddddddddddddddd"
766 "7fb3cb3588c6c1f6ffa9694d7d6ad264"
767 "9365b0c1f65d69d1ec8333ea");
769 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
770 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
772 "dddddddddddddddddddddddddddddddd"
773 "dddddddddddddddddddddddddddddddd"
774 "dddddddddddddddddddddddddddddddd"
776 "773ea91e36800e46854db8ebd09181a7"
777 "2959098b3ef8c122d9635514ced565fe");
779 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
780 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
782 "dddddddddddddddddddddddddddddddd"
783 "dddddddddddddddddddddddddddddddd"
784 "dddddddddddddddddddddddddddddddd"
786 "88062608d3e6ad8a0aa2ace014c8a86f"
787 "0aa635d947ac9febe83ef4e55966144b"
788 "2a5ab39dc13814b94e3ab6e101a34f27");
790 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
791 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
793 "dddddddddddddddddddddddddddddddd"
794 "dddddddddddddddddddddddddddddddd"
795 "dddddddddddddddddddddddddddddddd"
797 "fa73b0089d56a284efb0f0756c890be9"
798 "b1b5dbdd8ee81a3655f83e33b2279d39"
799 "bf3e848279a722c806b485a47e67c807"
800 "b946a337bee8942674278859e13292fb");
802 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
803 "0102030405060708090a0b0c0d0e0f10"
804 "111213141516171819",
805 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
806 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
807 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
809 "6c11506874013cac6a2abc1bb382627c"
810 "ec6a90d86efc012de7afec5a");
812 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
813 "0102030405060708090a0b0c0d0e0f10"
814 "111213141516171819",
815 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
816 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
817 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
819 "82558a389a443c0ea4cc819899f2083a"
820 "85f0faa3e578f8077a2e3ff46729665b");
822 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
823 "0102030405060708090a0b0c0d0e0f10"
824 "111213141516171819",
825 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
826 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
827 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
829 "3e8a69b7783c25851933ab6290af6ca7"
830 "7a9981480850009cc5577c6e1f573b4e"
831 "6801dd23c4a7d679ccf8a386c674cffb");
833 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
834 "0102030405060708090a0b0c0d0e0f10"
835 "111213141516171819",
836 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
837 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
838 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
840 "b0ba465637458c6990e5a8c5f61d4af7"
841 "e576d97ff94b872de76f8050361ee3db"
842 "a91ca5c11aa25eb4d679275cc5788063"
843 "a5f19741120c4f2de2adebeb10a298dd");
845 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
846 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
847 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
848 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
849 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
850 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
851 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
852 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
853 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
855 "54657374205573696e67204c61726765"
856 "72205468616e20426c6f636b2d53697a"
857 "65204b6579202d2048617368204b6579"
859 "95e9a0db962095adaebe9b2d6f0dbce2"
860 "d499f112f2d2b7273fa6870e");
862 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
863 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
864 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
865 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
866 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
867 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
868 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
869 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
870 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
872 "54657374205573696e67204c61726765"
873 "72205468616e20426c6f636b2d53697a"
874 "65204b6579202d2048617368204b6579"
876 "60e431591ee0b67f0d8a26aacbf5b77f"
877 "8e0bc6213728c5140546040f0ee37f54");
879 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
880 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
881 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
882 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
883 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
884 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
885 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
886 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
887 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
889 "54657374205573696e67204c61726765"
890 "72205468616e20426c6f636b2d53697a"
891 "65204b6579202d2048617368204b6579"
893 "4ece084485813e9088d2c63a041bc5b4"
894 "4f9ef1012a2b588f3cd11f05033ac4c6"
895 "0c2ef6ab4030fe8296248df163f44952");
897 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
898 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
899 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
900 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
901 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
902 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
903 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
904 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
905 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
907 "54657374205573696e67204c61726765"
908 "72205468616e20426c6f636b2d53697a"
909 "65204b6579202d2048617368204b6579"
911 "80b24263c7c1a3ebb71493c1dd7be8b4"
912 "9b46d1f41b4aeec1121b013783f8f352"
913 "6b56d037e05f2598bd0fd2215d6a1e52"
914 "95e64f73f63f0aec8b915a985d786598");
916 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
917 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
918 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
919 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
920 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
921 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
922 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
923 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
924 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
926 "54686973206973206120746573742075"
927 "73696e672061206c6172676572207468"
928 "616e20626c6f636b2d73697a65206b65"
929 "7920616e642061206c61726765722074"
930 "68616e20626c6f636b2d73697a652064"
931 "6174612e20546865206b6579206e6565"
932 "647320746f2062652068617368656420"
933 "6265666f7265206265696e6720757365"
934 "642062792074686520484d414320616c"
936 "3a854166ac5d9f023f54d517d0b39dbd"
937 "946770db9c2b95c9f6f565d1");
939 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
940 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
941 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
942 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
943 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
944 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
945 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
946 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
947 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
949 "54686973206973206120746573742075"
950 "73696e672061206c6172676572207468"
951 "616e20626c6f636b2d73697a65206b65"
952 "7920616e642061206c61726765722074"
953 "68616e20626c6f636b2d73697a652064"
954 "6174612e20546865206b6579206e6565"
955 "647320746f2062652068617368656420"
956 "6265666f7265206265696e6720757365"
957 "642062792074686520484d414320616c"
959 "9b09ffa71b942fcb27635fbcd5b0e944"
960 "bfdc63644f0713938a7f51535c3a35e2");
962 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
963 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
964 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
965 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
966 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
967 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
968 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
969 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
970 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
972 "54686973206973206120746573742075"
973 "73696e672061206c6172676572207468"
974 "616e20626c6f636b2d73697a65206b65"
975 "7920616e642061206c61726765722074"
976 "68616e20626c6f636b2d73697a652064"
977 "6174612e20546865206b6579206e6565"
978 "647320746f2062652068617368656420"
979 "6265666f7265206265696e6720757365"
980 "642062792074686520484d414320616c"
982 "6617178e941f020d351e2f254e8fd32c"
983 "602420feb0b8fb9adccebb82461e99c5"
984 "a678cc31e799176d3860e6110c46523e");
986 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
987 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
988 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
989 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
990 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
991 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
992 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
993 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
994 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
996 "54686973206973206120746573742075"
997 "73696e672061206c6172676572207468"
998 "616e20626c6f636b2d73697a65206b65"
999 "7920616e642061206c61726765722074"
1000 "68616e20626c6f636b2d73697a652064"
1001 "6174612e20546865206b6579206e6565"
1002 "647320746f2062652068617368656420"
1003 "6265666f7265206265696e6720757365"
1004 "642062792074686520484d414320616c"
1006 "e37b6a775dc87dbaa4dfa9f96e5e3ffd"
1007 "debd71f8867289865df5a32d20cdc944"
1008 "b6022cac3c4982b10d5eeb55c3e4de15"
1009 "134676fb6de0446065c97440fa8c6a58");
1011 for (x
= 1, u
= 0; u
< sizeof data
; u
++) {
1016 test_HMAC_CT(&br_md5_vtable
, key
, sizeof key
, data
);
1018 test_HMAC_CT(&br_sha1_vtable
, key
, sizeof key
, data
);
1019 printf("(SHA-224) ");
1020 test_HMAC_CT(&br_sha224_vtable
, key
, sizeof key
, data
);
1021 printf("(SHA-256) ");
1022 test_HMAC_CT(&br_sha256_vtable
, key
, sizeof key
, data
);
1023 printf("(SHA-384) ");
1024 test_HMAC_CT(&br_sha384_vtable
, key
, sizeof key
, data
);
1025 printf("(SHA-512) ");
1026 test_HMAC_CT(&br_sha512_vtable
, key
, sizeof key
, data
);
1033 test_HMAC_DRBG(void)
1035 br_hmac_drbg_context ctx
;
1036 unsigned char seed
[42], tmp
[30];
1037 unsigned char ref1
[30], ref2
[30], ref3
[30];
1040 printf("Test HMAC_DRBG: ");
1043 seed_len
= hextobin(seed
,
1044 "009A4D6792295A7F730FC3F2B49CBC0F62E862272F"
1045 "01795EDF0D54DB760F156D0DAC04C0322B3A204224");
1047 "9305A46DE7FF8EB107194DEBD3FD48AA"
1048 "20D5E7656CBE0EA69D2A8D4E7C67");
1050 "C70C78608A3B5BE9289BE90EF6E81A9E"
1051 "2C1516D5751D2F75F50033E45F73");
1053 "475E80E992140567FCC3A50DAB90FE84"
1054 "BCD7BB03638E9C4656A06F37F650");
1055 br_hmac_drbg_init(&ctx
, &br_sha256_vtable
, seed
, seed_len
);
1056 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1057 check_equals("KAT HMAC_DRBG 1", tmp
, ref1
, sizeof tmp
);
1058 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1059 check_equals("KAT HMAC_DRBG 2", tmp
, ref2
, sizeof tmp
);
1060 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1061 check_equals("KAT HMAC_DRBG 3", tmp
, ref3
, sizeof tmp
);
1063 memset(&ctx
, 0, sizeof ctx
);
1064 br_hmac_drbg_vtable
.init(&ctx
.vtable
,
1065 &br_sha256_vtable
, seed
, seed_len
);
1066 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1067 check_equals("KAT HMAC_DRBG 4", tmp
, ref1
, sizeof tmp
);
1068 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1069 check_equals("KAT HMAC_DRBG 5", tmp
, ref2
, sizeof tmp
);
1070 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1071 check_equals("KAT HMAC_DRBG 6", tmp
, ref3
, sizeof tmp
);
1079 void (*prf
)(void *dst
, size_t len
,
1080 const void *secret
, size_t secret_len
,
1081 const char *label
, const void *seed
, size_t seed_len
),
1082 const char *ssecret
, const char *label
, const char *sseed
,
1085 unsigned char secret
[100], seed
[100], ref
[500], out
[500];
1086 size_t secret_len
, seed_len
, ref_len
;
1088 secret_len
= hextobin(secret
, ssecret
);
1089 seed_len
= hextobin(seed
, sseed
);
1090 ref_len
= hextobin(ref
, sref
);
1091 prf(out
, ref_len
, secret
, secret_len
, label
, seed
, seed_len
);
1092 check_equals("TLS PRF KAT", out
, ref
, ref_len
);
1098 printf("Test TLS PRF: ");
1102 * Test vector taken from an email that was on:
1103 * http://www.imc.org/ietf-tls/mail-archive/msg01589.html
1104 * but no longer exists there; a version archived in 2008
1105 * can be found on http://www.archive.org/
1107 do_KAT_PRF(&br_tls10_prf
,
1108 "abababababababababababababababababababababababababababababababababababababababababababababababab",
1110 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
1111 "d3d4d1e349b5d515044666d51de32bab258cb521b6b053463e354832fd976754443bcf9a296519bc289abcbc1187e4ebd31e602353776c408aafb74cbc85eff69255f9788faa184cbb957a9819d84a5d7eb006eb459d3ae8de9810454b8b2d8f1afbc655a8c9a013");
1114 * Test vectors are taken from:
1115 * https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
1117 do_KAT_PRF(&br_tls12_sha256_prf
,
1118 "9bbe436ba940f017b17652849a71db35",
1120 "a0ba9f936cda311827a6f796ffd5198c",
1121 "e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66");
1122 do_KAT_PRF(&br_tls12_sha384_prf
,
1123 "b80b733d6ceefcdc71566ea48e5567df",
1125 "cd665cf6a8447dd6ff8b27555edb7465",
1126 "7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f");
1133 * AES known-answer tests. Order: key, plaintext, ciphertext.
1135 static const char *const KAT_AES
[] = {
1139 "000102030405060708090a0b0c0d0e0f",
1140 "00112233445566778899aabbccddeeff",
1141 "69c4e0d86a7b0430d8cdb78070b4c55a",
1143 "000102030405060708090a0b0c0d0e0f1011121314151617",
1144 "00112233445566778899aabbccddeeff",
1145 "dda97ca4864cdfe06eaf70a0ec0d7191",
1147 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
1148 "00112233445566778899aabbccddeeff",
1149 "8ea2b7ca516745bfeafc49904b496089",
1152 * From NIST validation suite (ECBVarTxt128.rsp).
1154 "00000000000000000000000000000000",
1155 "80000000000000000000000000000000",
1156 "3ad78e726c1ec02b7ebfe92b23d9ec34",
1158 "00000000000000000000000000000000",
1159 "c0000000000000000000000000000000",
1160 "aae5939c8efdf2f04e60b9fe7117b2c2",
1162 "00000000000000000000000000000000",
1163 "e0000000000000000000000000000000",
1164 "f031d4d74f5dcbf39daaf8ca3af6e527",
1166 "00000000000000000000000000000000",
1167 "f0000000000000000000000000000000",
1168 "96d9fd5cc4f07441727df0f33e401a36",
1170 "00000000000000000000000000000000",
1171 "f8000000000000000000000000000000",
1172 "30ccdb044646d7e1f3ccea3dca08b8c0",
1174 "00000000000000000000000000000000",
1175 "fc000000000000000000000000000000",
1176 "16ae4ce5042a67ee8e177b7c587ecc82",
1178 "00000000000000000000000000000000",
1179 "fe000000000000000000000000000000",
1180 "b6da0bb11a23855d9c5cb1b4c6412e0a",
1182 "00000000000000000000000000000000",
1183 "ff000000000000000000000000000000",
1184 "db4f1aa530967d6732ce4715eb0ee24b",
1186 "00000000000000000000000000000000",
1187 "ff800000000000000000000000000000",
1188 "a81738252621dd180a34f3455b4baa2f",
1190 "00000000000000000000000000000000",
1191 "ffc00000000000000000000000000000",
1192 "77e2b508db7fd89234caf7939ee5621a",
1194 "00000000000000000000000000000000",
1195 "ffe00000000000000000000000000000",
1196 "b8499c251f8442ee13f0933b688fcd19",
1198 "00000000000000000000000000000000",
1199 "fff00000000000000000000000000000",
1200 "965135f8a81f25c9d630b17502f68e53",
1202 "00000000000000000000000000000000",
1203 "fff80000000000000000000000000000",
1204 "8b87145a01ad1c6cede995ea3670454f",
1206 "00000000000000000000000000000000",
1207 "fffc0000000000000000000000000000",
1208 "8eae3b10a0c8ca6d1d3b0fa61e56b0b2",
1210 "00000000000000000000000000000000",
1211 "fffe0000000000000000000000000000",
1212 "64b4d629810fda6bafdf08f3b0d8d2c5",
1214 "00000000000000000000000000000000",
1215 "ffff0000000000000000000000000000",
1216 "d7e5dbd3324595f8fdc7d7c571da6c2a",
1218 "00000000000000000000000000000000",
1219 "ffff8000000000000000000000000000",
1220 "f3f72375264e167fca9de2c1527d9606",
1222 "00000000000000000000000000000000",
1223 "ffffc000000000000000000000000000",
1224 "8ee79dd4f401ff9b7ea945d86666c13b",
1226 "00000000000000000000000000000000",
1227 "ffffe000000000000000000000000000",
1228 "dd35cea2799940b40db3f819cb94c08b",
1230 "00000000000000000000000000000000",
1231 "fffff000000000000000000000000000",
1232 "6941cb6b3e08c2b7afa581ebdd607b87",
1234 "00000000000000000000000000000000",
1235 "fffff800000000000000000000000000",
1236 "2c20f439f6bb097b29b8bd6d99aad799",
1238 "00000000000000000000000000000000",
1239 "fffffc00000000000000000000000000",
1240 "625d01f058e565f77ae86378bd2c49b3",
1242 "00000000000000000000000000000000",
1243 "fffffe00000000000000000000000000",
1244 "c0b5fd98190ef45fbb4301438d095950",
1246 "00000000000000000000000000000000",
1247 "ffffff00000000000000000000000000",
1248 "13001ff5d99806efd25da34f56be854b",
1250 "00000000000000000000000000000000",
1251 "ffffff80000000000000000000000000",
1252 "3b594c60f5c8277a5113677f94208d82",
1254 "00000000000000000000000000000000",
1255 "ffffffc0000000000000000000000000",
1256 "e9c0fc1818e4aa46bd2e39d638f89e05",
1258 "00000000000000000000000000000000",
1259 "ffffffe0000000000000000000000000",
1260 "f8023ee9c3fdc45a019b4e985c7e1a54",
1262 "00000000000000000000000000000000",
1263 "fffffff0000000000000000000000000",
1264 "35f40182ab4662f3023baec1ee796b57",
1266 "00000000000000000000000000000000",
1267 "fffffff8000000000000000000000000",
1268 "3aebbad7303649b4194a6945c6cc3694",
1270 "00000000000000000000000000000000",
1271 "fffffffc000000000000000000000000",
1272 "a2124bea53ec2834279bed7f7eb0f938",
1274 "00000000000000000000000000000000",
1275 "fffffffe000000000000000000000000",
1276 "b9fb4399fa4facc7309e14ec98360b0a",
1278 "00000000000000000000000000000000",
1279 "ffffffff000000000000000000000000",
1280 "c26277437420c5d634f715aea81a9132",
1282 "00000000000000000000000000000000",
1283 "ffffffff800000000000000000000000",
1284 "171a0e1b2dd424f0e089af2c4c10f32f",
1286 "00000000000000000000000000000000",
1287 "ffffffffc00000000000000000000000",
1288 "7cadbe402d1b208fe735edce00aee7ce",
1290 "00000000000000000000000000000000",
1291 "ffffffffe00000000000000000000000",
1292 "43b02ff929a1485af6f5c6d6558baa0f",
1294 "00000000000000000000000000000000",
1295 "fffffffff00000000000000000000000",
1296 "092faacc9bf43508bf8fa8613ca75dea",
1298 "00000000000000000000000000000000",
1299 "fffffffff80000000000000000000000",
1300 "cb2bf8280f3f9742c7ed513fe802629c",
1302 "00000000000000000000000000000000",
1303 "fffffffffc0000000000000000000000",
1304 "215a41ee442fa992a6e323986ded3f68",
1306 "00000000000000000000000000000000",
1307 "fffffffffe0000000000000000000000",
1308 "f21e99cf4f0f77cea836e11a2fe75fb1",
1310 "00000000000000000000000000000000",
1311 "ffffffffff0000000000000000000000",
1312 "95e3a0ca9079e646331df8b4e70d2cd6",
1314 "00000000000000000000000000000000",
1315 "ffffffffff8000000000000000000000",
1316 "4afe7f120ce7613f74fc12a01a828073",
1318 "00000000000000000000000000000000",
1319 "ffffffffffc000000000000000000000",
1320 "827f000e75e2c8b9d479beed913fe678",
1322 "00000000000000000000000000000000",
1323 "ffffffffffe000000000000000000000",
1324 "35830c8e7aaefe2d30310ef381cbf691",
1326 "00000000000000000000000000000000",
1327 "fffffffffff000000000000000000000",
1328 "191aa0f2c8570144f38657ea4085ebe5",
1330 "00000000000000000000000000000000",
1331 "fffffffffff800000000000000000000",
1332 "85062c2c909f15d9269b6c18ce99c4f0",
1334 "00000000000000000000000000000000",
1335 "fffffffffffc00000000000000000000",
1336 "678034dc9e41b5a560ed239eeab1bc78",
1338 "00000000000000000000000000000000",
1339 "fffffffffffe00000000000000000000",
1340 "c2f93a4ce5ab6d5d56f1b93cf19911c1",
1342 "00000000000000000000000000000000",
1343 "ffffffffffff00000000000000000000",
1344 "1c3112bcb0c1dcc749d799743691bf82",
1346 "00000000000000000000000000000000",
1347 "ffffffffffff80000000000000000000",
1348 "00c55bd75c7f9c881989d3ec1911c0d4",
1350 "00000000000000000000000000000000",
1351 "ffffffffffffc0000000000000000000",
1352 "ea2e6b5ef182b7dff3629abd6a12045f",
1354 "00000000000000000000000000000000",
1355 "ffffffffffffe0000000000000000000",
1356 "22322327e01780b17397f24087f8cc6f",
1358 "00000000000000000000000000000000",
1359 "fffffffffffff0000000000000000000",
1360 "c9cacb5cd11692c373b2411768149ee7",
1362 "00000000000000000000000000000000",
1363 "fffffffffffff8000000000000000000",
1364 "a18e3dbbca577860dab6b80da3139256",
1366 "00000000000000000000000000000000",
1367 "fffffffffffffc000000000000000000",
1368 "79b61c37bf328ecca8d743265a3d425c",
1370 "00000000000000000000000000000000",
1371 "fffffffffffffe000000000000000000",
1372 "d2d99c6bcc1f06fda8e27e8ae3f1ccc7",
1374 "00000000000000000000000000000000",
1375 "ffffffffffffff000000000000000000",
1376 "1bfd4b91c701fd6b61b7f997829d663b",
1378 "00000000000000000000000000000000",
1379 "ffffffffffffff800000000000000000",
1380 "11005d52f25f16bdc9545a876a63490a",
1382 "00000000000000000000000000000000",
1383 "ffffffffffffffc00000000000000000",
1384 "3a4d354f02bb5a5e47d39666867f246a",
1386 "00000000000000000000000000000000",
1387 "ffffffffffffffe00000000000000000",
1388 "d451b8d6e1e1a0ebb155fbbf6e7b7dc3",
1390 "00000000000000000000000000000000",
1391 "fffffffffffffff00000000000000000",
1392 "6898d4f42fa7ba6a10ac05e87b9f2080",
1394 "00000000000000000000000000000000",
1395 "fffffffffffffff80000000000000000",
1396 "b611295e739ca7d9b50f8e4c0e754a3f",
1398 "00000000000000000000000000000000",
1399 "fffffffffffffffc0000000000000000",
1400 "7d33fc7d8abe3ca1936759f8f5deaf20",
1402 "00000000000000000000000000000000",
1403 "fffffffffffffffe0000000000000000",
1404 "3b5e0f566dc96c298f0c12637539b25c",
1406 "00000000000000000000000000000000",
1407 "ffffffffffffffff0000000000000000",
1408 "f807c3e7985fe0f5a50e2cdb25c5109e",
1410 "00000000000000000000000000000000",
1411 "ffffffffffffffff8000000000000000",
1412 "41f992a856fb278b389a62f5d274d7e9",
1414 "00000000000000000000000000000000",
1415 "ffffffffffffffffc000000000000000",
1416 "10d3ed7a6fe15ab4d91acbc7d0767ab1",
1418 "00000000000000000000000000000000",
1419 "ffffffffffffffffe000000000000000",
1420 "21feecd45b2e675973ac33bf0c5424fc",
1422 "00000000000000000000000000000000",
1423 "fffffffffffffffff000000000000000",
1424 "1480cb3955ba62d09eea668f7c708817",
1426 "00000000000000000000000000000000",
1427 "fffffffffffffffff800000000000000",
1428 "66404033d6b72b609354d5496e7eb511",
1430 "00000000000000000000000000000000",
1431 "fffffffffffffffffc00000000000000",
1432 "1c317a220a7d700da2b1e075b00266e1",
1434 "00000000000000000000000000000000",
1435 "fffffffffffffffffe00000000000000",
1436 "ab3b89542233f1271bf8fd0c0f403545",
1438 "00000000000000000000000000000000",
1439 "ffffffffffffffffff00000000000000",
1440 "d93eae966fac46dca927d6b114fa3f9e",
1442 "00000000000000000000000000000000",
1443 "ffffffffffffffffff80000000000000",
1444 "1bdec521316503d9d5ee65df3ea94ddf",
1446 "00000000000000000000000000000000",
1447 "ffffffffffffffffffc0000000000000",
1448 "eef456431dea8b4acf83bdae3717f75f",
1450 "00000000000000000000000000000000",
1451 "ffffffffffffffffffe0000000000000",
1452 "06f2519a2fafaa596bfef5cfa15c21b9",
1454 "00000000000000000000000000000000",
1455 "fffffffffffffffffff0000000000000",
1456 "251a7eac7e2fe809e4aa8d0d7012531a",
1458 "00000000000000000000000000000000",
1459 "fffffffffffffffffff8000000000000",
1460 "3bffc16e4c49b268a20f8d96a60b4058",
1462 "00000000000000000000000000000000",
1463 "fffffffffffffffffffc000000000000",
1464 "e886f9281999c5bb3b3e8862e2f7c988",
1466 "00000000000000000000000000000000",
1467 "fffffffffffffffffffe000000000000",
1468 "563bf90d61beef39f48dd625fcef1361",
1470 "00000000000000000000000000000000",
1471 "ffffffffffffffffffff000000000000",
1472 "4d37c850644563c69fd0acd9a049325b",
1474 "00000000000000000000000000000000",
1475 "ffffffffffffffffffff800000000000",
1476 "b87c921b91829ef3b13ca541ee1130a6",
1478 "00000000000000000000000000000000",
1479 "ffffffffffffffffffffc00000000000",
1480 "2e65eb6b6ea383e109accce8326b0393",
1482 "00000000000000000000000000000000",
1483 "ffffffffffffffffffffe00000000000",
1484 "9ca547f7439edc3e255c0f4d49aa8990",
1486 "00000000000000000000000000000000",
1487 "fffffffffffffffffffff00000000000",
1488 "a5e652614c9300f37816b1f9fd0c87f9",
1490 "00000000000000000000000000000000",
1491 "fffffffffffffffffffff80000000000",
1492 "14954f0b4697776f44494fe458d814ed",
1494 "00000000000000000000000000000000",
1495 "fffffffffffffffffffffc0000000000",
1496 "7c8d9ab6c2761723fe42f8bb506cbcf7",
1498 "00000000000000000000000000000000",
1499 "fffffffffffffffffffffe0000000000",
1500 "db7e1932679fdd99742aab04aa0d5a80",
1502 "00000000000000000000000000000000",
1503 "ffffffffffffffffffffff0000000000",
1504 "4c6a1c83e568cd10f27c2d73ded19c28",
1506 "00000000000000000000000000000000",
1507 "ffffffffffffffffffffff8000000000",
1508 "90ecbe6177e674c98de412413f7ac915",
1510 "00000000000000000000000000000000",
1511 "ffffffffffffffffffffffc000000000",
1512 "90684a2ac55fe1ec2b8ebd5622520b73",
1514 "00000000000000000000000000000000",
1515 "ffffffffffffffffffffffe000000000",
1516 "7472f9a7988607ca79707795991035e6",
1518 "00000000000000000000000000000000",
1519 "fffffffffffffffffffffff000000000",
1520 "56aff089878bf3352f8df172a3ae47d8",
1522 "00000000000000000000000000000000",
1523 "fffffffffffffffffffffff800000000",
1524 "65c0526cbe40161b8019a2a3171abd23",
1526 "00000000000000000000000000000000",
1527 "fffffffffffffffffffffffc00000000",
1528 "377be0be33b4e3e310b4aabda173f84f",
1530 "00000000000000000000000000000000",
1531 "fffffffffffffffffffffffe00000000",
1532 "9402e9aa6f69de6504da8d20c4fcaa2f",
1534 "00000000000000000000000000000000",
1535 "ffffffffffffffffffffffff00000000",
1536 "123c1f4af313ad8c2ce648b2e71fb6e1",
1538 "00000000000000000000000000000000",
1539 "ffffffffffffffffffffffff80000000",
1540 "1ffc626d30203dcdb0019fb80f726cf4",
1542 "00000000000000000000000000000000",
1543 "ffffffffffffffffffffffffc0000000",
1544 "76da1fbe3a50728c50fd2e621b5ad885",
1546 "00000000000000000000000000000000",
1547 "ffffffffffffffffffffffffe0000000",
1548 "082eb8be35f442fb52668e16a591d1d6",
1550 "00000000000000000000000000000000",
1551 "fffffffffffffffffffffffff0000000",
1552 "e656f9ecf5fe27ec3e4a73d00c282fb3",
1554 "00000000000000000000000000000000",
1555 "fffffffffffffffffffffffff8000000",
1556 "2ca8209d63274cd9a29bb74bcd77683a",
1558 "00000000000000000000000000000000",
1559 "fffffffffffffffffffffffffc000000",
1560 "79bf5dce14bb7dd73a8e3611de7ce026",
1562 "00000000000000000000000000000000",
1563 "fffffffffffffffffffffffffe000000",
1564 "3c849939a5d29399f344c4a0eca8a576",
1566 "00000000000000000000000000000000",
1567 "ffffffffffffffffffffffffff000000",
1568 "ed3c0a94d59bece98835da7aa4f07ca2",
1570 "00000000000000000000000000000000",
1571 "ffffffffffffffffffffffffff800000",
1572 "63919ed4ce10196438b6ad09d99cd795",
1574 "00000000000000000000000000000000",
1575 "ffffffffffffffffffffffffffc00000",
1576 "7678f3a833f19fea95f3c6029e2bc610",
1578 "00000000000000000000000000000000",
1579 "ffffffffffffffffffffffffffe00000",
1580 "3aa426831067d36b92be7c5f81c13c56",
1582 "00000000000000000000000000000000",
1583 "fffffffffffffffffffffffffff00000",
1584 "9272e2d2cdd11050998c845077a30ea0",
1586 "00000000000000000000000000000000",
1587 "fffffffffffffffffffffffffff80000",
1588 "088c4b53f5ec0ff814c19adae7f6246c",
1590 "00000000000000000000000000000000",
1591 "fffffffffffffffffffffffffffc0000",
1592 "4010a5e401fdf0a0354ddbcc0d012b17",
1594 "00000000000000000000000000000000",
1595 "fffffffffffffffffffffffffffe0000",
1596 "a87a385736c0a6189bd6589bd8445a93",
1598 "00000000000000000000000000000000",
1599 "ffffffffffffffffffffffffffff0000",
1600 "545f2b83d9616dccf60fa9830e9cd287",
1602 "00000000000000000000000000000000",
1603 "ffffffffffffffffffffffffffff8000",
1604 "4b706f7f92406352394037a6d4f4688d",
1606 "00000000000000000000000000000000",
1607 "ffffffffffffffffffffffffffffc000",
1608 "b7972b3941c44b90afa7b264bfba7387",
1610 "00000000000000000000000000000000",
1611 "ffffffffffffffffffffffffffffe000",
1612 "6f45732cf10881546f0fd23896d2bb60",
1614 "00000000000000000000000000000000",
1615 "fffffffffffffffffffffffffffff000",
1616 "2e3579ca15af27f64b3c955a5bfc30ba",
1618 "00000000000000000000000000000000",
1619 "fffffffffffffffffffffffffffff800",
1620 "34a2c5a91ae2aec99b7d1b5fa6780447",
1622 "00000000000000000000000000000000",
1623 "fffffffffffffffffffffffffffffc00",
1624 "a4d6616bd04f87335b0e53351227a9ee",
1626 "00000000000000000000000000000000",
1627 "fffffffffffffffffffffffffffffe00",
1628 "7f692b03945867d16179a8cefc83ea3f",
1630 "00000000000000000000000000000000",
1631 "ffffffffffffffffffffffffffffff00",
1632 "3bd141ee84a0e6414a26e7a4f281f8a2",
1634 "00000000000000000000000000000000",
1635 "ffffffffffffffffffffffffffffff80",
1636 "d1788f572d98b2b16ec5d5f3922b99bc",
1638 "00000000000000000000000000000000",
1639 "ffffffffffffffffffffffffffffffc0",
1640 "0833ff6f61d98a57b288e8c3586b85a6",
1642 "00000000000000000000000000000000",
1643 "ffffffffffffffffffffffffffffffe0",
1644 "8568261797de176bf0b43becc6285afb",
1646 "00000000000000000000000000000000",
1647 "fffffffffffffffffffffffffffffff0",
1648 "f9b0fda0c4a898f5b9e6f661c4ce4d07",
1650 "00000000000000000000000000000000",
1651 "fffffffffffffffffffffffffffffff8",
1652 "8ade895913685c67c5269f8aae42983e",
1654 "00000000000000000000000000000000",
1655 "fffffffffffffffffffffffffffffffc",
1656 "39bde67d5c8ed8a8b1c37eb8fa9f5ac0",
1658 "00000000000000000000000000000000",
1659 "fffffffffffffffffffffffffffffffe",
1660 "5c005e72c1418c44f569f2ea33ba54f3",
1662 "00000000000000000000000000000000",
1663 "ffffffffffffffffffffffffffffffff",
1664 "3f5b8cc9ea855a0afa7347d23e8d664e",
1667 * From NIST validation suite (ECBVarTxt192.rsp).
1669 "000000000000000000000000000000000000000000000000",
1670 "80000000000000000000000000000000",
1671 "6cd02513e8d4dc986b4afe087a60bd0c",
1673 "000000000000000000000000000000000000000000000000",
1674 "c0000000000000000000000000000000",
1675 "2ce1f8b7e30627c1c4519eada44bc436",
1677 "000000000000000000000000000000000000000000000000",
1678 "e0000000000000000000000000000000",
1679 "9946b5f87af446f5796c1fee63a2da24",
1681 "000000000000000000000000000000000000000000000000",
1682 "f0000000000000000000000000000000",
1683 "2a560364ce529efc21788779568d5555",
1685 "000000000000000000000000000000000000000000000000",
1686 "f8000000000000000000000000000000",
1687 "35c1471837af446153bce55d5ba72a0a",
1689 "000000000000000000000000000000000000000000000000",
1690 "fc000000000000000000000000000000",
1691 "ce60bc52386234f158f84341e534cd9e",
1693 "000000000000000000000000000000000000000000000000",
1694 "fe000000000000000000000000000000",
1695 "8c7c27ff32bcf8dc2dc57c90c2903961",
1697 "000000000000000000000000000000000000000000000000",
1698 "ff000000000000000000000000000000",
1699 "32bb6a7ec84499e166f936003d55a5bb",
1701 "000000000000000000000000000000000000000000000000",
1702 "ff800000000000000000000000000000",
1703 "a5c772e5c62631ef660ee1d5877f6d1b",
1705 "000000000000000000000000000000000000000000000000",
1706 "ffc00000000000000000000000000000",
1707 "030d7e5b64f380a7e4ea5387b5cd7f49",
1709 "000000000000000000000000000000000000000000000000",
1710 "ffe00000000000000000000000000000",
1711 "0dc9a2610037009b698f11bb7e86c83e",
1713 "000000000000000000000000000000000000000000000000",
1714 "fff00000000000000000000000000000",
1715 "0046612c766d1840c226364f1fa7ed72",
1717 "000000000000000000000000000000000000000000000000",
1718 "fff80000000000000000000000000000",
1719 "4880c7e08f27befe78590743c05e698b",
1721 "000000000000000000000000000000000000000000000000",
1722 "fffc0000000000000000000000000000",
1723 "2520ce829a26577f0f4822c4ecc87401",
1725 "000000000000000000000000000000000000000000000000",
1726 "fffe0000000000000000000000000000",
1727 "8765e8acc169758319cb46dc7bcf3dca",
1729 "000000000000000000000000000000000000000000000000",
1730 "ffff0000000000000000000000000000",
1731 "e98f4ba4f073df4baa116d011dc24a28",
1733 "000000000000000000000000000000000000000000000000",
1734 "ffff8000000000000000000000000000",
1735 "f378f68c5dbf59e211b3a659a7317d94",
1737 "000000000000000000000000000000000000000000000000",
1738 "ffffc000000000000000000000000000",
1739 "283d3b069d8eb9fb432d74b96ca762b4",
1741 "000000000000000000000000000000000000000000000000",
1742 "ffffe000000000000000000000000000",
1743 "a7e1842e8a87861c221a500883245c51",
1745 "000000000000000000000000000000000000000000000000",
1746 "fffff000000000000000000000000000",
1747 "77aa270471881be070fb52c7067ce732",
1749 "000000000000000000000000000000000000000000000000",
1750 "fffff800000000000000000000000000",
1751 "01b0f476d484f43f1aeb6efa9361a8ac",
1753 "000000000000000000000000000000000000000000000000",
1754 "fffffc00000000000000000000000000",
1755 "1c3a94f1c052c55c2d8359aff2163b4f",
1757 "000000000000000000000000000000000000000000000000",
1758 "fffffe00000000000000000000000000",
1759 "e8a067b604d5373d8b0f2e05a03b341b",
1761 "000000000000000000000000000000000000000000000000",
1762 "ffffff00000000000000000000000000",
1763 "a7876ec87f5a09bfea42c77da30fd50e",
1765 "000000000000000000000000000000000000000000000000",
1766 "ffffff80000000000000000000000000",
1767 "0cf3e9d3a42be5b854ca65b13f35f48d",
1769 "000000000000000000000000000000000000000000000000",
1770 "ffffffc0000000000000000000000000",
1771 "6c62f6bbcab7c3e821c9290f08892dda",
1773 "000000000000000000000000000000000000000000000000",
1774 "ffffffe0000000000000000000000000",
1775 "7f5e05bd2068738196fee79ace7e3aec",
1777 "000000000000000000000000000000000000000000000000",
1778 "fffffff0000000000000000000000000",
1779 "440e0d733255cda92fb46e842fe58054",
1781 "000000000000000000000000000000000000000000000000",
1782 "fffffff8000000000000000000000000",
1783 "aa5d5b1c4ea1b7a22e5583ac2e9ed8a7",
1785 "000000000000000000000000000000000000000000000000",
1786 "fffffffc000000000000000000000000",
1787 "77e537e89e8491e8662aae3bc809421d",
1789 "000000000000000000000000000000000000000000000000",
1790 "fffffffe000000000000000000000000",
1791 "997dd3e9f1598bfa73f75973f7e93b76",
1793 "000000000000000000000000000000000000000000000000",
1794 "ffffffff000000000000000000000000",
1795 "1b38d4f7452afefcb7fc721244e4b72e",
1797 "000000000000000000000000000000000000000000000000",
1798 "ffffffff800000000000000000000000",
1799 "0be2b18252e774dda30cdda02c6906e3",
1801 "000000000000000000000000000000000000000000000000",
1802 "ffffffffc00000000000000000000000",
1803 "d2695e59c20361d82652d7d58b6f11b2",
1805 "000000000000000000000000000000000000000000000000",
1806 "ffffffffe00000000000000000000000",
1807 "902d88d13eae52089abd6143cfe394e9",
1809 "000000000000000000000000000000000000000000000000",
1810 "fffffffff00000000000000000000000",
1811 "d49bceb3b823fedd602c305345734bd2",
1813 "000000000000000000000000000000000000000000000000",
1814 "fffffffff80000000000000000000000",
1815 "707b1dbb0ffa40ef7d95def421233fae",
1817 "000000000000000000000000000000000000000000000000",
1818 "fffffffffc0000000000000000000000",
1819 "7ca0c1d93356d9eb8aa952084d75f913",
1821 "000000000000000000000000000000000000000000000000",
1822 "fffffffffe0000000000000000000000",
1823 "f2cbf9cb186e270dd7bdb0c28febc57d",
1825 "000000000000000000000000000000000000000000000000",
1826 "ffffffffff0000000000000000000000",
1827 "c94337c37c4e790ab45780bd9c3674a0",
1829 "000000000000000000000000000000000000000000000000",
1830 "ffffffffff8000000000000000000000",
1831 "8e3558c135252fb9c9f367ed609467a1",
1833 "000000000000000000000000000000000000000000000000",
1834 "ffffffffffc000000000000000000000",
1835 "1b72eeaee4899b443914e5b3a57fba92",
1837 "000000000000000000000000000000000000000000000000",
1838 "ffffffffffe000000000000000000000",
1839 "011865f91bc56868d051e52c9efd59b7",
1841 "000000000000000000000000000000000000000000000000",
1842 "fffffffffff000000000000000000000",
1843 "e4771318ad7a63dd680f6e583b7747ea",
1845 "000000000000000000000000000000000000000000000000",
1846 "fffffffffff800000000000000000000",
1847 "61e3d194088dc8d97e9e6db37457eac5",
1849 "000000000000000000000000000000000000000000000000",
1850 "fffffffffffc00000000000000000000",
1851 "36ff1ec9ccfbc349e5d356d063693ad6",
1853 "000000000000000000000000000000000000000000000000",
1854 "fffffffffffe00000000000000000000",
1855 "3cc9e9a9be8cc3f6fb2ea24088e9bb19",
1857 "000000000000000000000000000000000000000000000000",
1858 "ffffffffffff00000000000000000000",
1859 "1ee5ab003dc8722e74905d9a8fe3d350",
1861 "000000000000000000000000000000000000000000000000",
1862 "ffffffffffff80000000000000000000",
1863 "245339319584b0a412412869d6c2eada",
1865 "000000000000000000000000000000000000000000000000",
1866 "ffffffffffffc0000000000000000000",
1867 "7bd496918115d14ed5380852716c8814",
1869 "000000000000000000000000000000000000000000000000",
1870 "ffffffffffffe0000000000000000000",
1871 "273ab2f2b4a366a57d582a339313c8b1",
1873 "000000000000000000000000000000000000000000000000",
1874 "fffffffffffff0000000000000000000",
1875 "113365a9ffbe3b0ca61e98507554168b",
1877 "000000000000000000000000000000000000000000000000",
1878 "fffffffffffff8000000000000000000",
1879 "afa99c997ac478a0dea4119c9e45f8b1",
1881 "000000000000000000000000000000000000000000000000",
1882 "fffffffffffffc000000000000000000",
1883 "9216309a7842430b83ffb98638011512",
1885 "000000000000000000000000000000000000000000000000",
1886 "fffffffffffffe000000000000000000",
1887 "62abc792288258492a7cb45145f4b759",
1889 "000000000000000000000000000000000000000000000000",
1890 "ffffffffffffff000000000000000000",
1891 "534923c169d504d7519c15d30e756c50",
1893 "000000000000000000000000000000000000000000000000",
1894 "ffffffffffffff800000000000000000",
1895 "fa75e05bcdc7e00c273fa33f6ee441d2",
1897 "000000000000000000000000000000000000000000000000",
1898 "ffffffffffffffc00000000000000000",
1899 "7d350fa6057080f1086a56b17ec240db",
1901 "000000000000000000000000000000000000000000000000",
1902 "ffffffffffffffe00000000000000000",
1903 "f34e4a6324ea4a5c39a661c8fe5ada8f",
1905 "000000000000000000000000000000000000000000000000",
1906 "fffffffffffffff00000000000000000",
1907 "0882a16f44088d42447a29ac090ec17e",
1909 "000000000000000000000000000000000000000000000000",
1910 "fffffffffffffff80000000000000000",
1911 "3a3c15bfc11a9537c130687004e136ee",
1913 "000000000000000000000000000000000000000000000000",
1914 "fffffffffffffffc0000000000000000",
1915 "22c0a7678dc6d8cf5c8a6d5a9960767c",
1917 "000000000000000000000000000000000000000000000000",
1918 "fffffffffffffffe0000000000000000",
1919 "b46b09809d68b9a456432a79bdc2e38c",
1921 "000000000000000000000000000000000000000000000000",
1922 "ffffffffffffffff0000000000000000",
1923 "93baaffb35fbe739c17c6ac22eecf18f",
1925 "000000000000000000000000000000000000000000000000",
1926 "ffffffffffffffff8000000000000000",
1927 "c8aa80a7850675bc007c46df06b49868",
1929 "000000000000000000000000000000000000000000000000",
1930 "ffffffffffffffffc000000000000000",
1931 "12c6f3877af421a918a84b775858021d",
1933 "000000000000000000000000000000000000000000000000",
1934 "ffffffffffffffffe000000000000000",
1935 "33f123282c5d633924f7d5ba3f3cab11",
1937 "000000000000000000000000000000000000000000000000",
1938 "fffffffffffffffff000000000000000",
1939 "a8f161002733e93ca4527d22c1a0c5bb",
1941 "000000000000000000000000000000000000000000000000",
1942 "fffffffffffffffff800000000000000",
1943 "b72f70ebf3e3fda23f508eec76b42c02",
1945 "000000000000000000000000000000000000000000000000",
1946 "fffffffffffffffffc00000000000000",
1947 "6a9d965e6274143f25afdcfc88ffd77c",
1949 "000000000000000000000000000000000000000000000000",
1950 "fffffffffffffffffe00000000000000",
1951 "a0c74fd0b9361764ce91c5200b095357",
1953 "000000000000000000000000000000000000000000000000",
1954 "ffffffffffffffffff00000000000000",
1955 "091d1fdc2bd2c346cd5046a8c6209146",
1957 "000000000000000000000000000000000000000000000000",
1958 "ffffffffffffffffff80000000000000",
1959 "e2a37580116cfb71856254496ab0aca8",
1961 "000000000000000000000000000000000000000000000000",
1962 "ffffffffffffffffffc0000000000000",
1963 "e0b3a00785917c7efc9adba322813571",
1965 "000000000000000000000000000000000000000000000000",
1966 "ffffffffffffffffffe0000000000000",
1967 "733d41f4727b5ef0df4af4cf3cffa0cb",
1969 "000000000000000000000000000000000000000000000000",
1970 "fffffffffffffffffff0000000000000",
1971 "a99ebb030260826f981ad3e64490aa4f",
1973 "000000000000000000000000000000000000000000000000",
1974 "fffffffffffffffffff8000000000000",
1975 "73f34c7d3eae5e80082c1647524308ee",
1977 "000000000000000000000000000000000000000000000000",
1978 "fffffffffffffffffffc000000000000",
1979 "40ebd5ad082345b7a2097ccd3464da02",
1981 "000000000000000000000000000000000000000000000000",
1982 "fffffffffffffffffffe000000000000",
1983 "7cc4ae9a424b2cec90c97153c2457ec5",
1985 "000000000000000000000000000000000000000000000000",
1986 "ffffffffffffffffffff000000000000",
1987 "54d632d03aba0bd0f91877ebdd4d09cb",
1989 "000000000000000000000000000000000000000000000000",
1990 "ffffffffffffffffffff800000000000",
1991 "d3427be7e4d27cd54f5fe37b03cf0897",
1993 "000000000000000000000000000000000000000000000000",
1994 "ffffffffffffffffffffc00000000000",
1995 "b2099795e88cc158fd75ea133d7e7fbe",
1997 "000000000000000000000000000000000000000000000000",
1998 "ffffffffffffffffffffe00000000000",
1999 "a6cae46fb6fadfe7a2c302a34242817b",
2001 "000000000000000000000000000000000000000000000000",
2002 "fffffffffffffffffffff00000000000",
2003 "026a7024d6a902e0b3ffccbaa910cc3f",
2005 "000000000000000000000000000000000000000000000000",
2006 "fffffffffffffffffffff80000000000",
2007 "156f07767a85a4312321f63968338a01",
2009 "000000000000000000000000000000000000000000000000",
2010 "fffffffffffffffffffffc0000000000",
2011 "15eec9ebf42b9ca76897d2cd6c5a12e2",
2013 "000000000000000000000000000000000000000000000000",
2014 "fffffffffffffffffffffe0000000000",
2015 "db0d3a6fdcc13f915e2b302ceeb70fd8",
2017 "000000000000000000000000000000000000000000000000",
2018 "ffffffffffffffffffffff0000000000",
2019 "71dbf37e87a2e34d15b20e8f10e48924",
2021 "000000000000000000000000000000000000000000000000",
2022 "ffffffffffffffffffffff8000000000",
2023 "c745c451e96ff3c045e4367c833e3b54",
2025 "000000000000000000000000000000000000000000000000",
2026 "ffffffffffffffffffffffc000000000",
2027 "340da09c2dd11c3b679d08ccd27dd595",
2029 "000000000000000000000000000000000000000000000000",
2030 "ffffffffffffffffffffffe000000000",
2031 "8279f7c0c2a03ee660c6d392db025d18",
2033 "000000000000000000000000000000000000000000000000",
2034 "fffffffffffffffffffffff000000000",
2035 "a4b2c7d8eba531ff47c5041a55fbd1ec",
2037 "000000000000000000000000000000000000000000000000",
2038 "fffffffffffffffffffffff800000000",
2039 "74569a2ca5a7bd5131ce8dc7cbfbf72f",
2041 "000000000000000000000000000000000000000000000000",
2042 "fffffffffffffffffffffffc00000000",
2043 "3713da0c0219b63454035613b5a403dd",
2045 "000000000000000000000000000000000000000000000000",
2046 "fffffffffffffffffffffffe00000000",
2047 "8827551ddcc9df23fa72a3de4e9f0b07",
2049 "000000000000000000000000000000000000000000000000",
2050 "ffffffffffffffffffffffff00000000",
2051 "2e3febfd625bfcd0a2c06eb460da1732",
2053 "000000000000000000000000000000000000000000000000",
2054 "ffffffffffffffffffffffff80000000",
2055 "ee82e6ba488156f76496311da6941deb",
2057 "000000000000000000000000000000000000000000000000",
2058 "ffffffffffffffffffffffffc0000000",
2059 "4770446f01d1f391256e85a1b30d89d3",
2061 "000000000000000000000000000000000000000000000000",
2062 "ffffffffffffffffffffffffe0000000",
2063 "af04b68f104f21ef2afb4767cf74143c",
2065 "000000000000000000000000000000000000000000000000",
2066 "fffffffffffffffffffffffff0000000",
2067 "cf3579a9ba38c8e43653173e14f3a4c6",
2069 "000000000000000000000000000000000000000000000000",
2070 "fffffffffffffffffffffffff8000000",
2071 "b3bba904f4953e09b54800af2f62e7d4",
2073 "000000000000000000000000000000000000000000000000",
2074 "fffffffffffffffffffffffffc000000",
2075 "fc4249656e14b29eb9c44829b4c59a46",
2077 "000000000000000000000000000000000000000000000000",
2078 "fffffffffffffffffffffffffe000000",
2079 "9b31568febe81cfc2e65af1c86d1a308",
2081 "000000000000000000000000000000000000000000000000",
2082 "ffffffffffffffffffffffffff000000",
2083 "9ca09c25f273a766db98a480ce8dfedc",
2085 "000000000000000000000000000000000000000000000000",
2086 "ffffffffffffffffffffffffff800000",
2087 "b909925786f34c3c92d971883c9fbedf",
2089 "000000000000000000000000000000000000000000000000",
2090 "ffffffffffffffffffffffffffc00000",
2091 "82647f1332fe570a9d4d92b2ee771d3b",
2093 "000000000000000000000000000000000000000000000000",
2094 "ffffffffffffffffffffffffffe00000",
2095 "3604a7e80832b3a99954bca6f5b9f501",
2097 "000000000000000000000000000000000000000000000000",
2098 "fffffffffffffffffffffffffff00000",
2099 "884607b128c5de3ab39a529a1ef51bef",
2101 "000000000000000000000000000000000000000000000000",
2102 "fffffffffffffffffffffffffff80000",
2103 "670cfa093d1dbdb2317041404102435e",
2105 "000000000000000000000000000000000000000000000000",
2106 "fffffffffffffffffffffffffffc0000",
2107 "7a867195f3ce8769cbd336502fbb5130",
2109 "000000000000000000000000000000000000000000000000",
2110 "fffffffffffffffffffffffffffe0000",
2111 "52efcf64c72b2f7ca5b3c836b1078c15",
2113 "000000000000000000000000000000000000000000000000",
2114 "ffffffffffffffffffffffffffff0000",
2115 "4019250f6eefb2ac5ccbcae044e75c7e",
2117 "000000000000000000000000000000000000000000000000",
2118 "ffffffffffffffffffffffffffff8000",
2119 "022c4f6f5a017d292785627667ddef24",
2121 "000000000000000000000000000000000000000000000000",
2122 "ffffffffffffffffffffffffffffc000",
2123 "e9c21078a2eb7e03250f71000fa9e3ed",
2125 "000000000000000000000000000000000000000000000000",
2126 "ffffffffffffffffffffffffffffe000",
2127 "a13eaeeb9cd391da4e2b09490b3e7fad",
2129 "000000000000000000000000000000000000000000000000",
2130 "fffffffffffffffffffffffffffff000",
2131 "c958a171dca1d4ed53e1af1d380803a9",
2133 "000000000000000000000000000000000000000000000000",
2134 "fffffffffffffffffffffffffffff800",
2135 "21442e07a110667f2583eaeeee44dc8c",
2137 "000000000000000000000000000000000000000000000000",
2138 "fffffffffffffffffffffffffffffc00",
2139 "59bbb353cf1dd867a6e33737af655e99",
2141 "000000000000000000000000000000000000000000000000",
2142 "fffffffffffffffffffffffffffffe00",
2143 "43cd3b25375d0ce41087ff9fe2829639",
2145 "000000000000000000000000000000000000000000000000",
2146 "ffffffffffffffffffffffffffffff00",
2147 "6b98b17e80d1118e3516bd768b285a84",
2149 "000000000000000000000000000000000000000000000000",
2150 "ffffffffffffffffffffffffffffff80",
2151 "ae47ed3676ca0c08deea02d95b81db58",
2153 "000000000000000000000000000000000000000000000000",
2154 "ffffffffffffffffffffffffffffffc0",
2155 "34ec40dc20413795ed53628ea748720b",
2157 "000000000000000000000000000000000000000000000000",
2158 "ffffffffffffffffffffffffffffffe0",
2159 "4dc68163f8e9835473253542c8a65d46",
2161 "000000000000000000000000000000000000000000000000",
2162 "fffffffffffffffffffffffffffffff0",
2163 "2aabb999f43693175af65c6c612c46fb",
2165 "000000000000000000000000000000000000000000000000",
2166 "fffffffffffffffffffffffffffffff8",
2167 "e01f94499dac3547515c5b1d756f0f58",
2169 "000000000000000000000000000000000000000000000000",
2170 "fffffffffffffffffffffffffffffffc",
2171 "9d12435a46480ce00ea349f71799df9a",
2173 "000000000000000000000000000000000000000000000000",
2174 "fffffffffffffffffffffffffffffffe",
2175 "cef41d16d266bdfe46938ad7884cc0cf",
2177 "000000000000000000000000000000000000000000000000",
2178 "ffffffffffffffffffffffffffffffff",
2179 "b13db4da1f718bc6904797c82bcf2d32",
2182 * From NIST validation suite (ECBVarTxt256.rsp).
2184 "0000000000000000000000000000000000000000000000000000000000000000",
2185 "80000000000000000000000000000000",
2186 "ddc6bf790c15760d8d9aeb6f9a75fd4e",
2188 "0000000000000000000000000000000000000000000000000000000000000000",
2189 "c0000000000000000000000000000000",
2190 "0a6bdc6d4c1e6280301fd8e97ddbe601",
2192 "0000000000000000000000000000000000000000000000000000000000000000",
2193 "e0000000000000000000000000000000",
2194 "9b80eefb7ebe2d2b16247aa0efc72f5d",
2196 "0000000000000000000000000000000000000000000000000000000000000000",
2197 "f0000000000000000000000000000000",
2198 "7f2c5ece07a98d8bee13c51177395ff7",
2200 "0000000000000000000000000000000000000000000000000000000000000000",
2201 "f8000000000000000000000000000000",
2202 "7818d800dcf6f4be1e0e94f403d1e4c2",
2204 "0000000000000000000000000000000000000000000000000000000000000000",
2205 "fc000000000000000000000000000000",
2206 "e74cd1c92f0919c35a0324123d6177d3",
2208 "0000000000000000000000000000000000000000000000000000000000000000",
2209 "fe000000000000000000000000000000",
2210 "8092a4dcf2da7e77e93bdd371dfed82e",
2212 "0000000000000000000000000000000000000000000000000000000000000000",
2213 "ff000000000000000000000000000000",
2214 "49af6b372135acef10132e548f217b17",
2216 "0000000000000000000000000000000000000000000000000000000000000000",
2217 "ff800000000000000000000000000000",
2218 "8bcd40f94ebb63b9f7909676e667f1e7",
2220 "0000000000000000000000000000000000000000000000000000000000000000",
2221 "ffc00000000000000000000000000000",
2222 "fe1cffb83f45dcfb38b29be438dbd3ab",
2224 "0000000000000000000000000000000000000000000000000000000000000000",
2225 "ffe00000000000000000000000000000",
2226 "0dc58a8d886623705aec15cb1e70dc0e",
2228 "0000000000000000000000000000000000000000000000000000000000000000",
2229 "fff00000000000000000000000000000",
2230 "c218faa16056bd0774c3e8d79c35a5e4",
2232 "0000000000000000000000000000000000000000000000000000000000000000",
2233 "fff80000000000000000000000000000",
2234 "047bba83f7aa841731504e012208fc9e",
2236 "0000000000000000000000000000000000000000000000000000000000000000",
2237 "fffc0000000000000000000000000000",
2238 "dc8f0e4915fd81ba70a331310882f6da",
2240 "0000000000000000000000000000000000000000000000000000000000000000",
2241 "fffe0000000000000000000000000000",
2242 "1569859ea6b7206c30bf4fd0cbfac33c",
2244 "0000000000000000000000000000000000000000000000000000000000000000",
2245 "ffff0000000000000000000000000000",
2246 "300ade92f88f48fa2df730ec16ef44cd",
2248 "0000000000000000000000000000000000000000000000000000000000000000",
2249 "ffff8000000000000000000000000000",
2250 "1fe6cc3c05965dc08eb0590c95ac71d0",
2252 "0000000000000000000000000000000000000000000000000000000000000000",
2253 "ffffc000000000000000000000000000",
2254 "59e858eaaa97fec38111275b6cf5abc0",
2256 "0000000000000000000000000000000000000000000000000000000000000000",
2257 "ffffe000000000000000000000000000",
2258 "2239455e7afe3b0616100288cc5a723b",
2260 "0000000000000000000000000000000000000000000000000000000000000000",
2261 "fffff000000000000000000000000000",
2262 "3ee500c5c8d63479717163e55c5c4522",
2264 "0000000000000000000000000000000000000000000000000000000000000000",
2265 "fffff800000000000000000000000000",
2266 "d5e38bf15f16d90e3e214041d774daa8",
2268 "0000000000000000000000000000000000000000000000000000000000000000",
2269 "fffffc00000000000000000000000000",
2270 "b1f4066e6f4f187dfe5f2ad1b17819d0",
2272 "0000000000000000000000000000000000000000000000000000000000000000",
2273 "fffffe00000000000000000000000000",
2274 "6ef4cc4de49b11065d7af2909854794a",
2276 "0000000000000000000000000000000000000000000000000000000000000000",
2277 "ffffff00000000000000000000000000",
2278 "ac86bc606b6640c309e782f232bf367f",
2280 "0000000000000000000000000000000000000000000000000000000000000000",
2281 "ffffff80000000000000000000000000",
2282 "36aff0ef7bf3280772cf4cac80a0d2b2",
2284 "0000000000000000000000000000000000000000000000000000000000000000",
2285 "ffffffc0000000000000000000000000",
2286 "1f8eedea0f62a1406d58cfc3ecea72cf",
2288 "0000000000000000000000000000000000000000000000000000000000000000",
2289 "ffffffe0000000000000000000000000",
2290 "abf4154a3375a1d3e6b1d454438f95a6",
2292 "0000000000000000000000000000000000000000000000000000000000000000",
2293 "fffffff0000000000000000000000000",
2294 "96f96e9d607f6615fc192061ee648b07",
2296 "0000000000000000000000000000000000000000000000000000000000000000",
2297 "fffffff8000000000000000000000000",
2298 "cf37cdaaa0d2d536c71857634c792064",
2300 "0000000000000000000000000000000000000000000000000000000000000000",
2301 "fffffffc000000000000000000000000",
2302 "fbd6640c80245c2b805373f130703127",
2304 "0000000000000000000000000000000000000000000000000000000000000000",
2305 "fffffffe000000000000000000000000",
2306 "8d6a8afe55a6e481badae0d146f436db",
2308 "0000000000000000000000000000000000000000000000000000000000000000",
2309 "ffffffff000000000000000000000000",
2310 "6a4981f2915e3e68af6c22385dd06756",
2312 "0000000000000000000000000000000000000000000000000000000000000000",
2313 "ffffffff800000000000000000000000",
2314 "42a1136e5f8d8d21d3101998642d573b",
2316 "0000000000000000000000000000000000000000000000000000000000000000",
2317 "ffffffffc00000000000000000000000",
2318 "9b471596dc69ae1586cee6158b0b0181",
2320 "0000000000000000000000000000000000000000000000000000000000000000",
2321 "ffffffffe00000000000000000000000",
2322 "753665c4af1eff33aa8b628bf8741cfd",
2324 "0000000000000000000000000000000000000000000000000000000000000000",
2325 "fffffffff00000000000000000000000",
2326 "9a682acf40be01f5b2a4193c9a82404d",
2328 "0000000000000000000000000000000000000000000000000000000000000000",
2329 "fffffffff80000000000000000000000",
2330 "54fafe26e4287f17d1935f87eb9ade01",
2332 "0000000000000000000000000000000000000000000000000000000000000000",
2333 "fffffffffc0000000000000000000000",
2334 "49d541b2e74cfe73e6a8e8225f7bd449",
2336 "0000000000000000000000000000000000000000000000000000000000000000",
2337 "fffffffffe0000000000000000000000",
2338 "11a45530f624ff6f76a1b3826626ff7b",
2340 "0000000000000000000000000000000000000000000000000000000000000000",
2341 "ffffffffff0000000000000000000000",
2342 "f96b0c4a8bc6c86130289f60b43b8fba",
2344 "0000000000000000000000000000000000000000000000000000000000000000",
2345 "ffffffffff8000000000000000000000",
2346 "48c7d0e80834ebdc35b6735f76b46c8b",
2348 "0000000000000000000000000000000000000000000000000000000000000000",
2349 "ffffffffffc000000000000000000000",
2350 "2463531ab54d66955e73edc4cb8eaa45",
2352 "0000000000000000000000000000000000000000000000000000000000000000",
2353 "ffffffffffe000000000000000000000",
2354 "ac9bd8e2530469134b9d5b065d4f565b",
2356 "0000000000000000000000000000000000000000000000000000000000000000",
2357 "fffffffffff000000000000000000000",
2358 "3f5f9106d0e52f973d4890e6f37e8a00",
2360 "0000000000000000000000000000000000000000000000000000000000000000",
2361 "fffffffffff800000000000000000000",
2362 "20ebc86f1304d272e2e207e59db639f0",
2364 "0000000000000000000000000000000000000000000000000000000000000000",
2365 "fffffffffffc00000000000000000000",
2366 "e67ae6426bf9526c972cff072b52252c",
2368 "0000000000000000000000000000000000000000000000000000000000000000",
2369 "fffffffffffe00000000000000000000",
2370 "1a518dddaf9efa0d002cc58d107edfc8",
2372 "0000000000000000000000000000000000000000000000000000000000000000",
2373 "ffffffffffff00000000000000000000",
2374 "ead731af4d3a2fe3b34bed047942a49f",
2376 "0000000000000000000000000000000000000000000000000000000000000000",
2377 "ffffffffffff80000000000000000000",
2378 "b1d4efe40242f83e93b6c8d7efb5eae9",
2380 "0000000000000000000000000000000000000000000000000000000000000000",
2381 "ffffffffffffc0000000000000000000",
2382 "cd2b1fec11fd906c5c7630099443610a",
2384 "0000000000000000000000000000000000000000000000000000000000000000",
2385 "ffffffffffffe0000000000000000000",
2386 "a1853fe47fe29289d153161d06387d21",
2388 "0000000000000000000000000000000000000000000000000000000000000000",
2389 "fffffffffffff0000000000000000000",
2390 "4632154179a555c17ea604d0889fab14",
2392 "0000000000000000000000000000000000000000000000000000000000000000",
2393 "fffffffffffff8000000000000000000",
2394 "dd27cac6401a022e8f38f9f93e774417",
2396 "0000000000000000000000000000000000000000000000000000000000000000",
2397 "fffffffffffffc000000000000000000",
2398 "c090313eb98674f35f3123385fb95d4d",
2400 "0000000000000000000000000000000000000000000000000000000000000000",
2401 "fffffffffffffe000000000000000000",
2402 "cc3526262b92f02edce548f716b9f45c",
2404 "0000000000000000000000000000000000000000000000000000000000000000",
2405 "ffffffffffffff000000000000000000",
2406 "c0838d1a2b16a7c7f0dfcc433c399c33",
2408 "0000000000000000000000000000000000000000000000000000000000000000",
2409 "ffffffffffffff800000000000000000",
2410 "0d9ac756eb297695eed4d382eb126d26",
2412 "0000000000000000000000000000000000000000000000000000000000000000",
2413 "ffffffffffffffc00000000000000000",
2414 "56ede9dda3f6f141bff1757fa689c3e1",
2416 "0000000000000000000000000000000000000000000000000000000000000000",
2417 "ffffffffffffffe00000000000000000",
2418 "768f520efe0f23e61d3ec8ad9ce91774",
2420 "0000000000000000000000000000000000000000000000000000000000000000",
2421 "fffffffffffffff00000000000000000",
2422 "b1144ddfa75755213390e7c596660490",
2424 "0000000000000000000000000000000000000000000000000000000000000000",
2425 "fffffffffffffff80000000000000000",
2426 "1d7c0c4040b355b9d107a99325e3b050",
2428 "0000000000000000000000000000000000000000000000000000000000000000",
2429 "fffffffffffffffc0000000000000000",
2430 "d8e2bb1ae8ee3dcf5bf7d6c38da82a1a",
2432 "0000000000000000000000000000000000000000000000000000000000000000",
2433 "fffffffffffffffe0000000000000000",
2434 "faf82d178af25a9886a47e7f789b98d7",
2436 "0000000000000000000000000000000000000000000000000000000000000000",
2437 "ffffffffffffffff0000000000000000",
2438 "9b58dbfd77fe5aca9cfc190cd1b82d19",
2440 "0000000000000000000000000000000000000000000000000000000000000000",
2441 "ffffffffffffffff8000000000000000",
2442 "77f392089042e478ac16c0c86a0b5db5",
2444 "0000000000000000000000000000000000000000000000000000000000000000",
2445 "ffffffffffffffffc000000000000000",
2446 "19f08e3420ee69b477ca1420281c4782",
2448 "0000000000000000000000000000000000000000000000000000000000000000",
2449 "ffffffffffffffffe000000000000000",
2450 "a1b19beee4e117139f74b3c53fdcb875",
2452 "0000000000000000000000000000000000000000000000000000000000000000",
2453 "fffffffffffffffff000000000000000",
2454 "a37a5869b218a9f3a0868d19aea0ad6a",
2456 "0000000000000000000000000000000000000000000000000000000000000000",
2457 "fffffffffffffffff800000000000000",
2458 "bc3594e865bcd0261b13202731f33580",
2460 "0000000000000000000000000000000000000000000000000000000000000000",
2461 "fffffffffffffffffc00000000000000",
2462 "811441ce1d309eee7185e8c752c07557",
2464 "0000000000000000000000000000000000000000000000000000000000000000",
2465 "fffffffffffffffffe00000000000000",
2466 "959971ce4134190563518e700b9874d1",
2468 "0000000000000000000000000000000000000000000000000000000000000000",
2469 "ffffffffffffffffff00000000000000",
2470 "76b5614a042707c98e2132e2e805fe63",
2472 "0000000000000000000000000000000000000000000000000000000000000000",
2473 "ffffffffffffffffff80000000000000",
2474 "7d9fa6a57530d0f036fec31c230b0cc6",
2476 "0000000000000000000000000000000000000000000000000000000000000000",
2477 "ffffffffffffffffffc0000000000000",
2478 "964153a83bf6989a4ba80daa91c3e081",
2480 "0000000000000000000000000000000000000000000000000000000000000000",
2481 "ffffffffffffffffffe0000000000000",
2482 "a013014d4ce8054cf2591d06f6f2f176",
2484 "0000000000000000000000000000000000000000000000000000000000000000",
2485 "fffffffffffffffffff0000000000000",
2486 "d1c5f6399bf382502e385eee1474a869",
2488 "0000000000000000000000000000000000000000000000000000000000000000",
2489 "fffffffffffffffffff8000000000000",
2490 "0007e20b8298ec354f0f5fe7470f36bd",
2492 "0000000000000000000000000000000000000000000000000000000000000000",
2493 "fffffffffffffffffffc000000000000",
2494 "b95ba05b332da61ef63a2b31fcad9879",
2496 "0000000000000000000000000000000000000000000000000000000000000000",
2497 "fffffffffffffffffffe000000000000",
2498 "4620a49bd967491561669ab25dce45f4",
2500 "0000000000000000000000000000000000000000000000000000000000000000",
2501 "ffffffffffffffffffff000000000000",
2502 "12e71214ae8e04f0bb63d7425c6f14d5",
2504 "0000000000000000000000000000000000000000000000000000000000000000",
2505 "ffffffffffffffffffff800000000000",
2506 "4cc42fc1407b008fe350907c092e80ac",
2508 "0000000000000000000000000000000000000000000000000000000000000000",
2509 "ffffffffffffffffffffc00000000000",
2510 "08b244ce7cbc8ee97fbba808cb146fda",
2512 "0000000000000000000000000000000000000000000000000000000000000000",
2513 "ffffffffffffffffffffe00000000000",
2514 "39b333e8694f21546ad1edd9d87ed95b",
2516 "0000000000000000000000000000000000000000000000000000000000000000",
2517 "fffffffffffffffffffff00000000000",
2518 "3b271f8ab2e6e4a20ba8090f43ba78f3",
2520 "0000000000000000000000000000000000000000000000000000000000000000",
2521 "fffffffffffffffffffff80000000000",
2522 "9ad983f3bf651cd0393f0a73cccdea50",
2524 "0000000000000000000000000000000000000000000000000000000000000000",
2525 "fffffffffffffffffffffc0000000000",
2526 "8f476cbff75c1f725ce18e4bbcd19b32",
2528 "0000000000000000000000000000000000000000000000000000000000000000",
2529 "fffffffffffffffffffffe0000000000",
2530 "905b6267f1d6ab5320835a133f096f2a",
2532 "0000000000000000000000000000000000000000000000000000000000000000",
2533 "ffffffffffffffffffffff0000000000",
2534 "145b60d6d0193c23f4221848a892d61a",
2536 "0000000000000000000000000000000000000000000000000000000000000000",
2537 "ffffffffffffffffffffff8000000000",
2538 "55cfb3fb6d75cad0445bbc8dafa25b0f",
2540 "0000000000000000000000000000000000000000000000000000000000000000",
2541 "ffffffffffffffffffffffc000000000",
2542 "7b8e7098e357ef71237d46d8b075b0f5",
2544 "0000000000000000000000000000000000000000000000000000000000000000",
2545 "ffffffffffffffffffffffe000000000",
2546 "2bf27229901eb40f2df9d8398d1505ae",
2548 "0000000000000000000000000000000000000000000000000000000000000000",
2549 "fffffffffffffffffffffff000000000",
2550 "83a63402a77f9ad5c1e931a931ecd706",
2552 "0000000000000000000000000000000000000000000000000000000000000000",
2553 "fffffffffffffffffffffff800000000",
2554 "6f8ba6521152d31f2bada1843e26b973",
2556 "0000000000000000000000000000000000000000000000000000000000000000",
2557 "fffffffffffffffffffffffc00000000",
2558 "e5c3b8e30fd2d8e6239b17b44bd23bbd",
2560 "0000000000000000000000000000000000000000000000000000000000000000",
2561 "fffffffffffffffffffffffe00000000",
2562 "1ac1f7102c59933e8b2ddc3f14e94baa",
2564 "0000000000000000000000000000000000000000000000000000000000000000",
2565 "ffffffffffffffffffffffff00000000",
2566 "21d9ba49f276b45f11af8fc71a088e3d",
2568 "0000000000000000000000000000000000000000000000000000000000000000",
2569 "ffffffffffffffffffffffff80000000",
2570 "649f1cddc3792b4638635a392bc9bade",
2572 "0000000000000000000000000000000000000000000000000000000000000000",
2573 "ffffffffffffffffffffffffc0000000",
2574 "e2775e4b59c1bc2e31a2078c11b5a08c",
2576 "0000000000000000000000000000000000000000000000000000000000000000",
2577 "ffffffffffffffffffffffffe0000000",
2578 "2be1fae5048a25582a679ca10905eb80",
2580 "0000000000000000000000000000000000000000000000000000000000000000",
2581 "fffffffffffffffffffffffff0000000",
2582 "da86f292c6f41ea34fb2068df75ecc29",
2584 "0000000000000000000000000000000000000000000000000000000000000000",
2585 "fffffffffffffffffffffffff8000000",
2586 "220df19f85d69b1b562fa69a3c5beca5",
2588 "0000000000000000000000000000000000000000000000000000000000000000",
2589 "fffffffffffffffffffffffffc000000",
2590 "1f11d5d0355e0b556ccdb6c7f5083b4d",
2592 "0000000000000000000000000000000000000000000000000000000000000000",
2593 "fffffffffffffffffffffffffe000000",
2594 "62526b78be79cb384633c91f83b4151b",
2596 "0000000000000000000000000000000000000000000000000000000000000000",
2597 "ffffffffffffffffffffffffff000000",
2598 "90ddbcb950843592dd47bbef00fdc876",
2600 "0000000000000000000000000000000000000000000000000000000000000000",
2601 "ffffffffffffffffffffffffff800000",
2602 "2fd0e41c5b8402277354a7391d2618e2",
2604 "0000000000000000000000000000000000000000000000000000000000000000",
2605 "ffffffffffffffffffffffffffc00000",
2606 "3cdf13e72dee4c581bafec70b85f9660",
2608 "0000000000000000000000000000000000000000000000000000000000000000",
2609 "ffffffffffffffffffffffffffe00000",
2610 "afa2ffc137577092e2b654fa199d2c43",
2612 "0000000000000000000000000000000000000000000000000000000000000000",
2613 "fffffffffffffffffffffffffff00000",
2614 "8d683ee63e60d208e343ce48dbc44cac",
2616 "0000000000000000000000000000000000000000000000000000000000000000",
2617 "fffffffffffffffffffffffffff80000",
2618 "705a4ef8ba2133729c20185c3d3a4763",
2620 "0000000000000000000000000000000000000000000000000000000000000000",
2621 "fffffffffffffffffffffffffffc0000",
2622 "0861a861c3db4e94194211b77ed761b9",
2624 "0000000000000000000000000000000000000000000000000000000000000000",
2625 "fffffffffffffffffffffffffffe0000",
2626 "4b00c27e8b26da7eab9d3a88dec8b031",
2628 "0000000000000000000000000000000000000000000000000000000000000000",
2629 "ffffffffffffffffffffffffffff0000",
2630 "5f397bf03084820cc8810d52e5b666e9",
2632 "0000000000000000000000000000000000000000000000000000000000000000",
2633 "ffffffffffffffffffffffffffff8000",
2634 "63fafabb72c07bfbd3ddc9b1203104b8",
2636 "0000000000000000000000000000000000000000000000000000000000000000",
2637 "ffffffffffffffffffffffffffffc000",
2638 "683e2140585b18452dd4ffbb93c95df9",
2640 "0000000000000000000000000000000000000000000000000000000000000000",
2641 "ffffffffffffffffffffffffffffe000",
2642 "286894e48e537f8763b56707d7d155c8",
2644 "0000000000000000000000000000000000000000000000000000000000000000",
2645 "fffffffffffffffffffffffffffff000",
2646 "a423deabc173dcf7e2c4c53e77d37cd1",
2648 "0000000000000000000000000000000000000000000000000000000000000000",
2649 "fffffffffffffffffffffffffffff800",
2650 "eb8168313e1cfdfdb5e986d5429cf172",
2652 "0000000000000000000000000000000000000000000000000000000000000000",
2653 "fffffffffffffffffffffffffffffc00",
2654 "27127daafc9accd2fb334ec3eba52323",
2656 "0000000000000000000000000000000000000000000000000000000000000000",
2657 "fffffffffffffffffffffffffffffe00",
2658 "ee0715b96f72e3f7a22a5064fc592f4c",
2660 "0000000000000000000000000000000000000000000000000000000000000000",
2661 "ffffffffffffffffffffffffffffff00",
2662 "29ee526770f2a11dcfa989d1ce88830f",
2664 "0000000000000000000000000000000000000000000000000000000000000000",
2665 "ffffffffffffffffffffffffffffff80",
2666 "0493370e054b09871130fe49af730a5a",
2668 "0000000000000000000000000000000000000000000000000000000000000000",
2669 "ffffffffffffffffffffffffffffffc0",
2670 "9b7b940f6c509f9e44a4ee140448ee46",
2672 "0000000000000000000000000000000000000000000000000000000000000000",
2673 "ffffffffffffffffffffffffffffffe0",
2674 "2915be4a1ecfdcbe3e023811a12bb6c7",
2676 "0000000000000000000000000000000000000000000000000000000000000000",
2677 "fffffffffffffffffffffffffffffff0",
2678 "7240e524bc51d8c4d440b1be55d1062c",
2680 "0000000000000000000000000000000000000000000000000000000000000000",
2681 "fffffffffffffffffffffffffffffff8",
2682 "da63039d38cb4612b2dc36ba26684b93",
2684 "0000000000000000000000000000000000000000000000000000000000000000",
2685 "fffffffffffffffffffffffffffffffc",
2686 "0f59cb5a4b522e2ac56c1a64f558ad9a",
2688 "0000000000000000000000000000000000000000000000000000000000000000",
2689 "fffffffffffffffffffffffffffffffe",
2690 "7bfe9d876c6d63c1d035da8fe21c409d",
2692 "0000000000000000000000000000000000000000000000000000000000000000",
2693 "ffffffffffffffffffffffffffffffff",
2694 "acdace8078a32b1a182bfa4987ca1347",
2703 * AES known-answer tests for CBC. Order: key, IV, plaintext, ciphertext.
2705 static const char *const KAT_AES_CBC
[] = {
2707 * From NIST validation suite "Multiblock Message Test"
2710 "1f8e4973953f3fb0bd6b16662e9a3c17",
2711 "2fe2b333ceda8f98f4a99b40d2cd34a8",
2712 "45cf12964fc824ab76616ae2f4bf0822",
2713 "0f61c4d44c5147c03c195ad7e2cc12b2",
2715 "0700d603a1c514e46b6191ba430a3a0c",
2716 "aad1583cd91365e3bb2f0c3430d065bb",
2717 "068b25c7bfb1f8bdd4cfc908f69dffc5ddc726a197f0e5f720f730393279be91",
2718 "c4dc61d9725967a3020104a9738f23868527ce839aab1752fd8bdb95a82c4d00",
2720 "3348aa51e9a45c2dbe33ccc47f96e8de",
2721 "19153c673160df2b1d38c28060e59b96",
2722 "9b7cee827a26575afdbb7c7a329f887238052e3601a7917456ba61251c214763d5e1847a6ad5d54127a399ab07ee3599",
2723 "d5aed6c9622ec451a15db12819952b6752501cf05cdbf8cda34a457726ded97818e1f127a28d72db5652749f0c6afee5",
2725 "b7f3c9576e12dd0db63e8f8fac2b9a39",
2726 "c80f095d8bb1a060699f7c19974a1aa0",
2727 "9ac19954ce1319b354d3220460f71c1e373f1cd336240881160cfde46ebfed2e791e8d5a1a136ebd1dc469dec00c4187722b841cdabcb22c1be8a14657da200e",
2728 "19b9609772c63f338608bf6eb52ca10be65097f89c1e0905c42401fd47791ae2c5440b2d473116ca78bd9ff2fb6015cfd316524eae7dcb95ae738ebeae84a467",
2730 "b6f9afbfe5a1562bba1368fc72ac9d9c",
2731 "3f9d5ebe250ee7ce384b0d00ee849322",
2732 "db397ec22718dbffb9c9d13de0efcd4611bf792be4fce0dc5f25d4f577ed8cdbd4eb9208d593dda3d4653954ab64f05676caa3ce9bfa795b08b67ceebc923fdc89a8c431188e9e482d8553982cf304d1",
2733 "10ea27b19e16b93af169c4a88e06e35c99d8b420980b058e34b4b8f132b13766f72728202b089f428fecdb41c79f8aa0d0ef68f5786481cca29e2126f69bc14160f1ae2187878ba5c49cf3961e1b7ee9",
2735 "bbe7b7ba07124ff1ae7c3416fe8b465e",
2736 "7f65b5ee3630bed6b84202d97fb97a1e",
2737 "2aad0c2c4306568bad7447460fd3dac054346d26feddbc9abd9110914011b4794be2a9a00a519a51a5b5124014f4ed2735480db21b434e99a911bb0b60fe0253763725b628d5739a5117b7ee3aefafc5b4c1bf446467e7bf5f78f31ff7caf187",
2738 "3b8611bfc4973c5cd8e982b073b33184cd26110159172e44988eb5ff5661a1e16fad67258fcbfee55469267a12dc374893b4e3533d36f5634c3095583596f135aa8cd1138dc898bc5651ee35a92ebf89ab6aeb5366653bc60a70e0074fc11efe",
2740 "89a553730433f7e6d67d16d373bd5360",
2741 "f724558db3433a523f4e51a5bea70497",
2742 "807bc4ea684eedcfdcca30180680b0f1ae2814f35f36d053c5aea6595a386c1442770f4d7297d8b91825ee7237241da8925dd594ccf676aecd46ca2068e8d37a3a0ec8a7d5185a201e663b5ff36ae197110188a23503763b8218826d23ced74b31e9f6e2d7fbfa6cb43420c7807a8625",
2743 "406af1429a478c3d07e555c5287a60500d37fc39b68e5bbb9bafd6ddb223828561d6171a308d5b1a4551e8a5e7d572918d25c968d3871848d2f16635caa9847f38590b1df58ab5efb985f2c66cfaf86f61b3f9c0afad6c963c49cee9b8bc81a2ddb06c967f325515a4849eec37ce721a",
2745 "c491ca31f91708458e29a925ec558d78",
2746 "9ef934946e5cd0ae97bd58532cb49381",
2747 "cb6a787e0dec56f9a165957f81af336ca6b40785d9e94093c6190e5152649f882e874d79ac5e167bd2a74ce5ae088d2ee854f6539e0a94796b1e1bd4c9fcdbc79acbef4d01eeb89776d18af71ae2a4fc47dd66df6c4dbe1d1850e466549a47b636bcc7c2b3a62495b56bb67b6d455f1eebd9bfefecbca6c7f335cfce9b45cb9d",
2748 "7b2931f5855f717145e00f152a9f4794359b1ffcb3e55f594e33098b51c23a6c74a06c1d94fded7fd2ae42c7db7acaef5844cb33aeddc6852585ed0020a6699d2cb53809cefd169148ce42292afab063443978306c582c18b9ce0da3d084ce4d3c482cfd8fcf1a85084e89fb88b40a084d5e972466d07666126fb761f84078f2",
2750 "f6e87d71b0104d6eb06a68dc6a71f498",
2751 "1c245f26195b76ebebc2edcac412a2f8",
2752 "f82bef3c73a6f7f80db285726d691db6bf55eec25a859d3ba0e0445f26b9bb3b16a3161ed1866e4dd8f2e5f8ecb4e46d74a7a78c20cdfc7bcc9e479ba7a0caba9438238ad0c01651d5d98de37f03ddce6e6b4bd4ab03cf9e8ed818aedfa1cf963b932067b97d776dce1087196e7e913f7448e38244509f0caf36bd8217e15336d35c149fd4e41707893fdb84014f8729",
2753 "b09512f3eff9ed0d85890983a73dadbb7c3678d52581be64a8a8fc586f490f2521297a478a0598040ebd0f5509fafb0969f9d9e600eaef33b1b93eed99687b167f89a5065aac439ce46f3b8d22d30865e64e45ef8cd30b6984353a844a11c8cd60dba0e8866b3ee30d24b3fa8a643b328353e06010fa8273c8fd54ef0a2b6930e5520aae5cd5902f9b86a33592ca4365",
2755 "2c14413751c31e2730570ba3361c786b",
2756 "1dbbeb2f19abb448af849796244a19d7",
2757 "40d930f9a05334d9816fe204999c3f82a03f6a0457a8c475c94553d1d116693adc618049f0a769a2eed6a6cb14c0143ec5cccdbc8dec4ce560cfd206225709326d4de7948e54d603d01b12d7fed752fb23f1aa4494fbb00130e9ded4e77e37c079042d828040c325b1a5efd15fc842e44014ca4374bf38f3c3fc3ee327733b0c8aee1abcd055772f18dc04603f7b2c1ea69ff662361f2be0a171bbdcea1e5d3f",
2758 "6be8a12800455a320538853e0cba31bd2d80ea0c85164a4c5c261ae485417d93effe2ebc0d0a0b51d6ea18633d210cf63c0c4ddbc27607f2e81ed9113191ef86d56f3b99be6c415a4150299fb846ce7160b40b63baf1179d19275a2e83698376d28b92548c68e06e6d994e2c1501ed297014e702cdefee2f656447706009614d801de1caaf73f8b7fa56cf1ba94b631933bbe577624380850f117435a0355b2b",
2761 * From NIST validation suite "Multiblock Message Test"
2764 "ba75f4d1d9d7cf7f551445d56cc1a8ab2a078e15e049dc2c",
2765 "531ce78176401666aa30db94ec4a30eb",
2766 "c51fc276774dad94bcdc1d2891ec8668",
2767 "70dd95a14ee975e239df36ff4aee1d5d",
2769 "eab3b19c581aa873e1981c83ab8d83bbf8025111fb2e6b21",
2770 "f3d6667e8d4d791e60f7505ba383eb05",
2771 "9d4e4cccd1682321856df069e3f1c6fa391a083a9fb02d59db74c14081b3acc4",
2772 "51d44779f90d40a80048276c035cb49ca2a47bcb9b9cf7270b9144793787d53f",
2774 "16c93bb398f1fc0cf6d68fc7a5673cdf431fa147852b4a2d",
2775 "eaaeca2e07ddedf562f94df63f0a650f",
2776 "c5ce958613bf741718c17444484ebaf1050ddcacb59b9590178cbe69d7ad7919608cb03af13bbe04f3506b718a301ea0",
2777 "ed6a50e0c6921d52d6647f75d67b4fd56ace1fedb8b5a6a997b4d131640547d22c5d884a75e6752b5846b5b33a5181f4",
2779 "067bb17b4df785697eaccf961f98e212cb75e6797ce935cb",
2780 "8b59c9209c529ca8391c9fc0ce033c38",
2781 "db3785a889b4bd387754da222f0e4c2d2bfe0d79e05bc910fba941beea30f1239eacf0068f4619ec01c368e986fca6b7c58e490579d29611bd10087986eff54f",
2782 "d5f5589760bf9c762228fde236de1fa2dd2dad448db3fa9be0c4196efd46a35c84dd1ac77d9db58c95918cb317a6430a08d2fb6a8e8b0f1c9b72c7a344dc349f",
2784 "0fd39de83e0be77a79c8a4a612e3dd9c8aae2ce35e7a2bf8",
2785 "7e1d629b84f93b079be51f9a5f5cb23c",
2786 "38fbda37e28fa86d9d83a4345e419dea95d28c7818ff25925db6ac3aedaf0a86154e20a4dfcc5b1b4192895393e5eb5846c88bdbd41ecf7af3104f410eaee470f5d9017ed460475f626953035a13db1f",
2787 "edadae2f9a45ff3473e02d904c94d94a30a4d92da4deb6bcb4b0774472694571842039f21c496ef93fd658842c735f8a81fcd0aa578442ab893b18f606aed1bab11f81452dd45e9b56adf2eccf4ea095",
2789 "e3fecc75f0075a09b383dfd389a3d33cc9b854b3b254c0f4",
2790 "36eab883afef936cc38f63284619cd19",
2791 "931b2f5f3a5820d53a6beaaa6431083a3488f4eb03b0f5b57ef838e1579623103bd6e6800377538b2e51ef708f3c4956432e8a8ee6a34e190642b26ad8bdae6c2af9a6c7996f3b6004d2671e41f1c9f40ee03d1c4a52b0a0654a331f15f34dce",
2792 "75395974bd32b3665654a6c8e396b88ae34b123575872a7ab687d8e76b46df911a8a590cd01d2f5c330be3a6626e9dd3aa5e10ed14e8ff829811b6fed50f3f533ca4385a1cbca78f5c4744e50f2f8359165c2485d1324e76c3eae76a0ccac629",
2794 "f9c27565eb07947c8cb51b79248430f7b1066c3d2fdc3d13",
2795 "2bd67cc89ab7948d644a49672843cbd9",
2796 "6abcc270173cf114d44847e911a050db57ba7a2e2c161c6f37ccb6aaa4677bddcaf50cad0b5f8758fcf7c0ebc650ceb5cd52cafb8f8dd3edcece55d9f1f08b9fa8f54365cf56e28b9596a7e1dd1d3418e4444a7724add4cf79d527b183ec88de4be4eeff29c80a97e54f85351cb189ee",
2797 "ca282924a61187feb40520979106e5cc861957f23828dcb7285e0eaac8a0ca2a6b60503d63d6039f4693dba32fa1f73ae2e709ca94911f28a5edd1f30eaddd54680c43acc9c74cd90d8bb648b4e544275f47e514daa20697f66c738eb30337f017fca1a26da4d1a0cc0a0e98e2463070",
2799 "fb09cf9e00dbf883689d079c920077c0073c31890b55bab5",
2800 "e3c89bd097c3abddf64f4881db6dbfe2",
2801 "c1a37683fb289467dd1b2c89efba16bbd2ee24cf18d19d44596ded2682c79a2f711c7a32bf6a24badd32a4ee637c73b7a41da6258635650f91fb9ffa45bdfc3cb122136241b3deced8996aa51ea8d3e81c9d70e006a44bc0571ed48623a0d622a93fa9da290baaedf5d9e876c94620945ff8ecc83f27379ed55cf490c5790f27",
2802 "8158e21420f25b59d6ae943fa1cbf21f02e979f419dab0126a721b7eef55bee9ad97f5ccff7d239057bbc19a8c378142f7672f1d5e7e17d7bebcb0070e8355cace6660171a53b61816ae824a6ef69ce470b6ffd3b5bb4b438874d91d27854d3b6f25860d3868958de3307d62b1339bdddb8a318c0ce0f33c17caf0e9f6040820",
2804 "bca6fa3c67fd294e958f66fe8bd64f45f428f5bc8e9733a7",
2805 "92a47f2833f1450d1da41717bdc6e83c",
2806 "5becbc31d8bead6d36ae014a5863d14a431e6b55d29ea6baaa417271716db3a33b2e506b452086dfe690834ac2de30bc41254ec5401ec47d064237c7792fdcd7914d8af20eb114756642d519021a8c75a92f6bc53d326ae9a5b7e1b10a9756574692934d9939fc399e0c203f7edf8e7e6482eadd31a0400770e897b48c6bca2b404593045080e93377358c42a0f4dede",
2807 "926db248cc1ba20f0c57631a7c8aef094f791937b905949e3460240e8bfa6fa483115a1b310b6e4369caebc5262888377b1ddaa5800ea496a2bdff0f9a1031e7129c9a20e35621e7f0b8baca0d87030f2ae7ca8593c8599677a06fd4b26009ead08fecac24caa9cf2cad3b470c8227415a7b1e0f2eab3fad96d70a209c8bb26c627677e2531b9435ca6e3c444d195b5f",
2809 "162ad50ee64a0702aa551f571dedc16b2c1b6a1e4d4b5eee",
2810 "24408038161a2ccae07b029bb66355c1",
2811 "be8abf00901363987a82cc77d0ec91697ba3857f9e4f84bd79406c138d02698f003276d0449120bef4578d78fecabe8e070e11710b3f0a2744bd52434ec70015884c181ebdfd51c604a71c52e4c0e110bc408cd462b248a80b8a8ac06bb952ac1d7faed144807f1a731b7febcaf7835762defe92eccfc7a9944e1c702cffe6bc86733ed321423121085ac02df8962bcbc1937092eebf0e90a8b20e3dd8c244ae",
2812 "c82cf2c476dea8cb6a6e607a40d2f0391be82ea9ec84a537a6820f9afb997b76397d005424faa6a74dc4e8c7aa4a8900690f894b6d1dca80675393d2243adac762f159301e357e98b724762310cd5a7bafe1c2a030dba46fd93a9fdb89cc132ca9c17dc72031ec6822ee5a9d99dbca66c784c01b0885cbb62e29d97801927ec415a5d215158d325f9ee689437ad1b7684ad33c0d92739451ac87f39ff8c31b84",
2815 * From NIST validation suite "Multiblock Message Test"
2818 "6ed76d2d97c69fd1339589523931f2a6cff554b15f738f21ec72dd97a7330907",
2819 "851e8764776e6796aab722dbb644ace8",
2820 "6282b8c05c5c1530b97d4816ca434762",
2821 "6acc04142e100a65f51b97adf5172c41",
2823 "dce26c6b4cfb286510da4eecd2cffe6cdf430f33db9b5f77b460679bd49d13ae",
2824 "fdeaa134c8d7379d457175fd1a57d3fc",
2825 "50e9eee1ac528009e8cbcd356975881f957254b13f91d7c6662d10312052eb00",
2826 "2fa0df722a9fd3b64cb18fb2b3db55ff2267422757289413f8f657507412a64c",
2828 "fe8901fecd3ccd2ec5fdc7c7a0b50519c245b42d611a5ef9e90268d59f3edf33",
2829 "bd416cb3b9892228d8f1df575692e4d0",
2830 "8d3aa196ec3d7c9b5bb122e7fe77fb1295a6da75abe5d3a510194d3a8a4157d5c89d40619716619859da3ec9b247ced9",
2831 "608e82c7ab04007adb22e389a44797fed7de090c8c03ca8a2c5acd9e84df37fbc58ce8edb293e98f02b640d6d1d72464",
2833 "0493ff637108af6a5b8e90ac1fdf035a3d4bafd1afb573be7ade9e8682e663e5",
2834 "c0cd2bebccbb6c49920bd5482ac756e8",
2835 "8b37f9148df4bb25956be6310c73c8dc58ea9714ff49b643107b34c9bff096a94fedd6823526abc27a8e0b16616eee254ab4567dd68e8ccd4c38ac563b13639c",
2836 "05d5c77729421b08b737e41119fa4438d1f570cc772a4d6c3df7ffeda0384ef84288ce37fc4c4c7d1125a499b051364c389fd639bdda647daa3bdadab2eb5594",
2838 "9adc8fbd506e032af7fa20cf5343719de6d1288c158c63d6878aaf64ce26ca85",
2839 "11958dc6ab81e1c7f01631e9944e620f",
2840 "c7917f84f747cd8c4b4fedc2219bdbc5f4d07588389d8248854cf2c2f89667a2d7bcf53e73d32684535f42318e24cd45793950b3825e5d5c5c8fcd3e5dda4ce9246d18337ef3052d8b21c5561c8b660e",
2841 "9c99e68236bb2e929db1089c7750f1b356d39ab9d0c40c3e2f05108ae9d0c30b04832ccdbdc08ebfa426b7f5efde986ed05784ce368193bb3699bc691065ac62e258b9aa4cc557e2b45b49ce05511e65",
2843 "73b8faf00b3302ac99855cf6f9e9e48518690a5906a4869d4dcf48d282faae2a",
2844 "b3cb97a80a539912b8c21f450d3b9395",
2845 "3adea6e06e42c4f041021491f2775ef6378cb08824165edc4f6448e232175b60d0345b9f9c78df6596ec9d22b7b9e76e8f3c76b32d5d67273f1d83fe7a6fc3dd3c49139170fa5701b3beac61b490f0a9e13f844640c4500f9ad3087adfb0ae10",
2846 "ac3d6dbafe2e0f740632fd9e820bf6044cd5b1551cbb9cc03c0b25c39ccb7f33b83aacfca40a3265f2bbff879153448acacb88fcfb3bb7b10fe463a68c0109f028382e3e557b1adf02ed648ab6bb895df0205d26ebbfa9a5fd8cebd8e4bee3dc",
2848 "9ddf3745896504ff360a51a3eb49c01b79fccebc71c3abcb94a949408b05b2c9",
2849 "e79026639d4aa230b5ccffb0b29d79bc",
2850 "cf52e5c3954c51b94c9e38acb8c9a7c76aebdaa9943eae0a1ce155a2efdb4d46985d935511471452d9ee64d2461cb2991d59fc0060697f9a671672163230f367fed1422316e52d29eceacb8768f56d9b80f6d278093c9a8acd3cfd7edd8ebd5c293859f64d2f8486ae1bd593c65bc014",
2851 "34df561bd2cfebbcb7af3b4b8d21ca5258312e7e2e4e538e35ad2490b6112f0d7f148f6aa8d522a7f3c61d785bd667db0e1dc4606c318ea4f26af4fe7d11d4dcff0456511b4aed1a0d91ba4a1fd6cd9029187bc5881a5a07fe02049d39368e83139b12825bae2c7be81e6f12c61bb5c5",
2853 "458b67bf212d20f3a57fce392065582dcefbf381aa22949f8338ab9052260e1d",
2854 "4c12effc5963d40459602675153e9649",
2855 "256fd73ce35ae3ea9c25dd2a9454493e96d8633fe633b56176dce8785ce5dbbb84dbf2c8a2eeb1e96b51899605e4f13bbc11b93bf6f39b3469be14858b5b720d4a522d36feed7a329c9b1e852c9280c47db8039c17c4921571a07d1864128330e09c308ddea1694e95c84500f1a61e614197e86a30ecc28df64ccb3ccf5437aa",
2856 "90b7b9630a2378f53f501ab7beff039155008071bc8438e789932cfd3eb1299195465e6633849463fdb44375278e2fdb1310821e6492cf80ff15cb772509fb426f3aeee27bd4938882fd2ae6b5bd9d91fa4a43b17bb439ebbe59c042310163a82a5fe5388796eee35a181a1271f00be29b852d8fa759bad01ff4678f010594cd",
2858 "d2412db0845d84e5732b8bbd642957473b81fb99ca8bff70e7920d16c1dbec89",
2859 "51c619fcf0b23f0c7925f400a6cacb6d",
2860 "026006c4a71a180c9929824d9d095b8faaa86fc4fa25ecac61d85ff6de92dfa8702688c02a282c1b8af4449707f22d75e91991015db22374c95f8f195d5bb0afeb03040ff8965e0e1339dba5653e174f8aa5a1b39fe3ac839ce307a4e44b4f8f1b0063f738ec18acdbff2ebfe07383e734558723e741f0a1836dafdf9de82210a9248bc113b3c1bc8b4e252ca01bd803",
2861 "0254b23463bcabec5a395eb74c8fb0eb137a07bc6f5e9f61ec0b057de305714f8fa294221c91a159c315939b81e300ee902192ec5f15254428d8772f79324ec43298ca21c00b370273ee5e5ed90e43efa1e05a5d171209fe34f9f29237dba2a6726650fd3b1321747d1208863c6c3c6b3e2d879ab5f25782f08ba8f2abbe63e0bedb4a227e81afb36bb6645508356d34",
2863 "48be597e632c16772324c8d3fa1d9c5a9ecd010f14ec5d110d3bfec376c5532b",
2864 "d6d581b8cf04ebd3b6eaa1b53f047ee1",
2865 "0c63d413d3864570e70bb6618bf8a4b9585586688c32bba0a5ecc1362fada74ada32c52acfd1aa7444ba567b4e7daaecf7cc1cb29182af164ae5232b002868695635599807a9a7f07a1f137e97b1e1c9dabc89b6a5e4afa9db5855edaa575056a8f4f8242216242bb0c256310d9d329826ac353d715fa39f80cec144d6424558f9f70b98c920096e0f2c855d594885a00625880e9dfb734163cecef72cf030b8",
2866 "fc5873e50de8faf4c6b84ba707b0854e9db9ab2e9f7d707fbba338c6843a18fc6facebaf663d26296fb329b4d26f18494c79e09e779647f9bafa87489630d79f4301610c2300c19dbf3148b7cac8c4f4944102754f332e92b6f7c5e75bc6179eb877a078d4719009021744c14f13fd2a55a2b9c44d18000685a845a4f632c7c56a77306efa66a24d05d088dcd7c13fe24fc447275965db9e4d37fbc9304448cd",
2869 * End-of-table marker.
2875 * AES known-answer tests for CTR. Order: key, IV, plaintext, ciphertext.
2877 static const char *const KAT_AES_CTR
[] = {
2881 "ae6852f8121067cc4bf7a5765577f39e",
2882 "000000300000000000000000",
2883 "53696e676c6520626c6f636b206d7367",
2884 "e4095d4fb7a7b3792d6175a3261311b8",
2886 "7e24067817fae0d743d6ce1f32539163",
2887 "006cb6dbc0543b59da48d90b",
2888 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2889 "5104a106168a72d9790d41ee8edad388eb2e1efc46da57c8fce630df9141be28",
2891 "7691be035e5020a8ac6e618529f9a0dc",
2892 "00e0017b27777f3f4a1786f0",
2893 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2894 "c1cf48a89f2ffdd9cf4652e9efdb72d74540a42bde6d7836d59a5ceaaef3105325b2072f",
2896 "16af5b145fc9f579c175f93e3bfb0eed863d06ccfdb78515",
2897 "0000004836733c147d6d93cb",
2898 "53696e676c6520626c6f636b206d7367",
2899 "4b55384fe259c9c84e7935a003cbe928",
2901 "7c5cb2401b3dc33c19e7340819e0f69c678c3db8e6f6a91a",
2902 "0096b03b020c6eadc2cb500d",
2903 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2904 "453243fc609b23327edfaafa7131cd9f8490701c5ad4a79cfc1fe0ff42f4fb00",
2906 "02bf391ee8ecb159b959617b0965279bf59b60a786d3e0fe",
2907 "0007bdfd5cbd60278dcc0912",
2908 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2909 "96893fc55e5c722f540b7dd1ddf7e758d288bc95c69165884536c811662f2188abee0935",
2911 "776beff2851db06f4c8a0542c8696f6c6a81af1eec96b4d37fc1d689e6c1c104",
2912 "00000060db5672c97aa8f0b2",
2913 "53696e676c6520626c6f636b206d7367",
2914 "145ad01dbf824ec7560863dc71e3e0c0",
2916 "f6d66d6bd52d59bb0796365879eff886c66dd51a5b6a99744b50590c87a23884",
2917 "00faac24c1585ef15a43d875",
2918 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2919 "f05e231b3894612c49ee000b804eb2a9b8306b508f839d6a5530831d9344af1c",
2921 "ff7a617ce69148e4f1726e2f43581de2aa62d9f805532edff1eed687fb54153d",
2922 "001cc5b751a51d70a1c11148",
2923 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2924 "eb6c52821d0bbbf7ce7594462aca4faab407df866569fd07f48cc0b583d6071f1ec0e6b8",
2927 * End-of-table marker.
2933 monte_carlo_AES_encrypt(const br_block_cbcenc_class
*ve
,
2934 char *skey
, char *splain
, char *scipher
)
2936 unsigned char key
[32];
2937 unsigned char buf
[16];
2938 unsigned char pbuf
[16];
2939 unsigned char cipher
[16];
2942 br_aes_gen_cbcenc_keys v_ec
;
2943 const br_block_cbcenc_class
**ec
;
2946 key_len
= hextobin(key
, skey
);
2947 hextobin(buf
, splain
);
2948 hextobin(cipher
, scipher
);
2949 for (i
= 0; i
< 100; i
++) {
2950 ve
->init(ec
, key
, key_len
);
2951 for (j
= 0; j
< 1000; j
++) {
2952 unsigned char iv
[16];
2954 memcpy(pbuf
, buf
, sizeof buf
);
2955 memset(iv
, 0, sizeof iv
);
2956 ve
->run(ec
, iv
, buf
, sizeof buf
);
2960 for (k
= 0; k
< 16; k
++) {
2965 for (k
= 0; k
< 8; k
++) {
2966 key
[k
] ^= pbuf
[8 + k
];
2968 for (k
= 0; k
< 16; k
++) {
2969 key
[8 + k
] ^= buf
[k
];
2973 for (k
= 0; k
< 16; k
++) {
2975 key
[16 + k
] ^= buf
[k
];
2984 check_equals("MC AES encrypt", buf
, cipher
, sizeof buf
);
2988 monte_carlo_AES_decrypt(const br_block_cbcdec_class
*vd
,
2989 char *skey
, char *scipher
, char *splain
)
2991 unsigned char key
[32];
2992 unsigned char buf
[16];
2993 unsigned char pbuf
[16];
2994 unsigned char plain
[16];
2997 br_aes_gen_cbcdec_keys v_dc
;
2998 const br_block_cbcdec_class
**dc
;
3001 key_len
= hextobin(key
, skey
);
3002 hextobin(buf
, scipher
);
3003 hextobin(plain
, splain
);
3004 for (i
= 0; i
< 100; i
++) {
3005 vd
->init(dc
, key
, key_len
);
3006 for (j
= 0; j
< 1000; j
++) {
3007 unsigned char iv
[16];
3009 memcpy(pbuf
, buf
, sizeof buf
);
3010 memset(iv
, 0, sizeof iv
);
3011 vd
->run(dc
, iv
, buf
, sizeof buf
);
3015 for (k
= 0; k
< 16; k
++) {
3020 for (k
= 0; k
< 8; k
++) {
3021 key
[k
] ^= pbuf
[8 + k
];
3023 for (k
= 0; k
< 16; k
++) {
3024 key
[8 + k
] ^= buf
[k
];
3028 for (k
= 0; k
< 16; k
++) {
3030 key
[16 + k
] ^= buf
[k
];
3039 check_equals("MC AES decrypt", buf
, plain
, sizeof buf
);
3043 test_AES_generic(char *name
,
3044 const br_block_cbcenc_class
*ve
,
3045 const br_block_cbcdec_class
*vd
,
3046 const br_block_ctr_class
*vc
,
3047 int with_MC
, int with_CBC
)
3051 printf("Test %s: ", name
);
3054 if (ve
->block_size
!= 16 || vd
->block_size
!= 16
3055 || ve
->log_block_size
!= 4 || vd
->log_block_size
!= 4)
3057 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3061 for (u
= 0; KAT_AES
[u
]; u
+= 3) {
3062 unsigned char key
[32];
3063 unsigned char plain
[16];
3064 unsigned char cipher
[16];
3065 unsigned char buf
[16];
3066 unsigned char iv
[16];
3068 br_aes_gen_cbcenc_keys v_ec
;
3069 br_aes_gen_cbcdec_keys v_dc
;
3070 const br_block_cbcenc_class
**ec
;
3071 const br_block_cbcdec_class
**dc
;
3075 key_len
= hextobin(key
, KAT_AES
[u
]);
3076 hextobin(plain
, KAT_AES
[u
+ 1]);
3077 hextobin(cipher
, KAT_AES
[u
+ 2]);
3078 ve
->init(ec
, key
, key_len
);
3079 memcpy(buf
, plain
, sizeof plain
);
3080 memset(iv
, 0, sizeof iv
);
3081 ve
->run(ec
, iv
, buf
, sizeof buf
);
3082 check_equals("KAT AES encrypt", buf
, cipher
, sizeof cipher
);
3083 vd
->init(dc
, key
, key_len
);
3084 memset(iv
, 0, sizeof iv
);
3085 vd
->run(dc
, iv
, buf
, sizeof buf
);
3086 check_equals("KAT AES decrypt", buf
, plain
, sizeof plain
);
3090 for (u
= 0; KAT_AES_CBC
[u
]; u
+= 4) {
3091 unsigned char key
[32];
3092 unsigned char ivref
[16];
3093 unsigned char plain
[200];
3094 unsigned char cipher
[200];
3095 unsigned char buf
[200];
3096 unsigned char iv
[16];
3097 size_t key_len
, data_len
, v
;
3098 br_aes_gen_cbcenc_keys v_ec
;
3099 br_aes_gen_cbcdec_keys v_dc
;
3100 const br_block_cbcenc_class
**ec
;
3101 const br_block_cbcdec_class
**dc
;
3105 key_len
= hextobin(key
, KAT_AES_CBC
[u
]);
3106 hextobin(ivref
, KAT_AES_CBC
[u
+ 1]);
3107 data_len
= hextobin(plain
, KAT_AES_CBC
[u
+ 2]);
3108 hextobin(cipher
, KAT_AES_CBC
[u
+ 3]);
3109 ve
->init(ec
, key
, key_len
);
3111 memcpy(buf
, plain
, data_len
);
3112 memcpy(iv
, ivref
, 16);
3113 ve
->run(ec
, iv
, buf
, data_len
);
3114 check_equals("KAT CBC AES encrypt",
3115 buf
, cipher
, data_len
);
3116 vd
->init(dc
, key
, key_len
);
3117 memcpy(iv
, ivref
, 16);
3118 vd
->run(dc
, iv
, buf
, data_len
);
3119 check_equals("KAT CBC AES decrypt",
3120 buf
, plain
, data_len
);
3122 memcpy(buf
, plain
, data_len
);
3123 memcpy(iv
, ivref
, 16);
3124 for (v
= 0; v
< data_len
; v
+= 16) {
3125 ve
->run(ec
, iv
, buf
+ v
, 16);
3127 check_equals("KAT CBC AES encrypt (2)",
3128 buf
, cipher
, data_len
);
3129 memcpy(iv
, ivref
, 16);
3130 for (v
= 0; v
< data_len
; v
+= 16) {
3131 vd
->run(dc
, iv
, buf
+ v
, 16);
3133 check_equals("KAT CBC AES decrypt (2)",
3134 buf
, plain
, data_len
);
3139 if (vc
->block_size
!= 16 || vc
->log_block_size
!= 4) {
3140 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3143 for (u
= 0; KAT_AES_CTR
[u
]; u
+= 4) {
3144 unsigned char key
[32];
3145 unsigned char iv
[12];
3146 unsigned char plain
[200];
3147 unsigned char cipher
[200];
3148 unsigned char buf
[200];
3149 size_t key_len
, data_len
, v
;
3151 br_aes_gen_ctr_keys v_xc
;
3152 const br_block_ctr_class
**xc
;
3155 key_len
= hextobin(key
, KAT_AES_CTR
[u
]);
3156 hextobin(iv
, KAT_AES_CTR
[u
+ 1]);
3157 data_len
= hextobin(plain
, KAT_AES_CTR
[u
+ 2]);
3158 hextobin(cipher
, KAT_AES_CTR
[u
+ 3]);
3159 vc
->init(xc
, key
, key_len
);
3161 memcpy(buf
, plain
, data_len
);
3162 vc
->run(xc
, iv
, 1, buf
, data_len
);
3163 check_equals("KAT CTR AES (1)", buf
, cipher
, data_len
);
3164 vc
->run(xc
, iv
, 1, buf
, data_len
);
3165 check_equals("KAT CTR AES (2)", buf
, plain
, data_len
);
3167 memcpy(buf
, plain
, data_len
);
3169 for (v
= 0; v
< data_len
; v
+= 32) {
3172 clen
= data_len
- v
;
3176 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3178 check_equals("KAT CTR AES (3)", buf
, cipher
, data_len
);
3180 memcpy(buf
, plain
, data_len
);
3182 for (v
= 0; v
< data_len
; v
+= 16) {
3185 clen
= data_len
- v
;
3189 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3191 check_equals("KAT CTR AES (4)", buf
, cipher
, data_len
);
3196 monte_carlo_AES_encrypt(
3198 "139a35422f1d61de3c91787fe0507afd",
3199 "b9145a768b7dc489a096b546f43b231f",
3200 "fb2649694783b551eacd9d5db6126d47");
3201 monte_carlo_AES_decrypt(
3203 "0c60e7bf20ada9baa9e1ddf0d1540726",
3204 "b08a29b11a500ea3aca42c36675b9785",
3205 "d1d2bfdc58ffcad2341b095bce55221e");
3207 monte_carlo_AES_encrypt(
3209 "b9a63e09e1dfc42e93a90d9bad739e5967aef672eedd5da9",
3210 "85a1f7a58167b389cddc8a9ff175ee26",
3211 "5d1196da8f184975e240949a25104554");
3212 monte_carlo_AES_decrypt(
3214 "4b97585701c03fbebdfa8555024f589f1482c58a00fdd9fd",
3215 "d0bd0e02ded155e4516be83f42d347a4",
3216 "b63ef1b79507a62eba3dafcec54a6328");
3218 monte_carlo_AES_encrypt(
3220 "f9e8389f5b80712e3886cc1fa2d28a3b8c9cd88a2d4a54c6aa86ce0fef944be0",
3221 "b379777f9050e2a818f2940cbbd9aba4",
3222 "c5d2cb3d5b7ff0e23e308967ee074825");
3223 monte_carlo_AES_decrypt(
3225 "2b09ba39b834062b9e93f48373b8dd018dedf1e5ba1b8af831ebbacbc92a2643",
3226 "89649bd0115f30bd878567610223a59d",
3227 "e3d3868f578caf34e36445bf14cefc68");
3237 test_AES_generic("AES_big",
3238 &br_aes_big_cbcenc_vtable
,
3239 &br_aes_big_cbcdec_vtable
,
3240 &br_aes_big_ctr_vtable
,
3245 test_AES_small(void)
3247 test_AES_generic("AES_small",
3248 &br_aes_small_cbcenc_vtable
,
3249 &br_aes_small_cbcdec_vtable
,
3250 &br_aes_small_ctr_vtable
,
3257 test_AES_generic("AES_ct",
3258 &br_aes_ct_cbcenc_vtable
,
3259 &br_aes_ct_cbcdec_vtable
,
3260 &br_aes_ct_ctr_vtable
,
3267 test_AES_generic("AES_ct64",
3268 &br_aes_ct64_cbcenc_vtable
,
3269 &br_aes_ct64_cbcdec_vtable
,
3270 &br_aes_ct64_ctr_vtable
,
3275 * DES known-answer tests. Order: plaintext, key, ciphertext.
3276 * (mostly from NIST SP 800-20).
3278 static const char *const KAT_DES
[] = {
3279 "10316E028C8F3B4A", "0000000000000000", "82DCBAFBDEAB6602",
3280 "8000000000000000", "0000000000000000", "95A8D72813DAA94D",
3281 "4000000000000000", "0000000000000000", "0EEC1487DD8C26D5",
3282 "2000000000000000", "0000000000000000", "7AD16FFB79C45926",
3283 "1000000000000000", "0000000000000000", "D3746294CA6A6CF3",
3284 "0800000000000000", "0000000000000000", "809F5F873C1FD761",
3285 "0400000000000000", "0000000000000000", "C02FAFFEC989D1FC",
3286 "0200000000000000", "0000000000000000", "4615AA1D33E72F10",
3287 "0100000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3288 "0080000000000000", "0000000000000000", "2055123350C00858",
3289 "0040000000000000", "0000000000000000", "DF3B99D6577397C8",
3290 "0020000000000000", "0000000000000000", "31FE17369B5288C9",
3291 "0010000000000000", "0000000000000000", "DFDD3CC64DAE1642",
3292 "0008000000000000", "0000000000000000", "178C83CE2B399D94",
3293 "0004000000000000", "0000000000000000", "50F636324A9B7F80",
3294 "0002000000000000", "0000000000000000", "A8468EE3BC18F06D",
3295 "0001000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3296 "0000800000000000", "0000000000000000", "A2DC9E92FD3CDE92",
3297 "0000400000000000", "0000000000000000", "CAC09F797D031287",
3298 "0000200000000000", "0000000000000000", "90BA680B22AEB525",
3299 "0000100000000000", "0000000000000000", "CE7A24F350E280B6",
3300 "0000080000000000", "0000000000000000", "882BFF0AA01A0B87",
3301 "0000040000000000", "0000000000000000", "25610288924511C2",
3302 "0000020000000000", "0000000000000000", "C71516C29C75D170",
3303 "0000010000000000", "0000000000000000", "8CA64DE9C1B123A7",
3304 "0000008000000000", "0000000000000000", "5199C29A52C9F059",
3305 "0000004000000000", "0000000000000000", "C22F0A294A71F29F",
3306 "0000002000000000", "0000000000000000", "EE371483714C02EA",
3307 "0000001000000000", "0000000000000000", "A81FBD448F9E522F",
3308 "0000000800000000", "0000000000000000", "4F644C92E192DFED",
3309 "0000000400000000", "0000000000000000", "1AFA9A66A6DF92AE",
3310 "0000000200000000", "0000000000000000", "B3C1CC715CB879D8",
3311 "0000000100000000", "0000000000000000", "8CA64DE9C1B123A7",
3312 "0000000080000000", "0000000000000000", "19D032E64AB0BD8B",
3313 "0000000040000000", "0000000000000000", "3CFAA7A7DC8720DC",
3314 "0000000020000000", "0000000000000000", "B7265F7F447AC6F3",
3315 "0000000010000000", "0000000000000000", "9DB73B3C0D163F54",
3316 "0000000008000000", "0000000000000000", "8181B65BABF4A975",
3317 "0000000004000000", "0000000000000000", "93C9B64042EAA240",
3318 "0000000002000000", "0000000000000000", "5570530829705592",
3319 "0000000001000000", "0000000000000000", "8CA64DE9C1B123A7",
3320 "0000000000800000", "0000000000000000", "8638809E878787A0",
3321 "0000000000400000", "0000000000000000", "41B9A79AF79AC208",
3322 "0000000000200000", "0000000000000000", "7A9BE42F2009A892",
3323 "0000000000100000", "0000000000000000", "29038D56BA6D2745",
3324 "0000000000080000", "0000000000000000", "5495C6ABF1E5DF51",
3325 "0000000000040000", "0000000000000000", "AE13DBD561488933",
3326 "0000000000020000", "0000000000000000", "024D1FFA8904E389",
3327 "0000000000010000", "0000000000000000", "8CA64DE9C1B123A7",
3328 "0000000000008000", "0000000000000000", "D1399712F99BF02E",
3329 "0000000000004000", "0000000000000000", "14C1D7C1CFFEC79E",
3330 "0000000000002000", "0000000000000000", "1DE5279DAE3BED6F",
3331 "0000000000001000", "0000000000000000", "E941A33F85501303",
3332 "0000000000000800", "0000000000000000", "DA99DBBC9A03F379",
3333 "0000000000000400", "0000000000000000", "B7FC92F91D8E92E9",
3334 "0000000000000200", "0000000000000000", "AE8E5CAA3CA04E85",
3335 "0000000000000100", "0000000000000000", "8CA64DE9C1B123A7",
3336 "0000000000000080", "0000000000000000", "9CC62DF43B6EED74",
3337 "0000000000000040", "0000000000000000", "D863DBB5C59A91A0",
3338 "0000000000000020", "0000000000000000", "A1AB2190545B91D7",
3339 "0000000000000010", "0000000000000000", "0875041E64C570F7",
3340 "0000000000000008", "0000000000000000", "5A594528BEBEF1CC",
3341 "0000000000000004", "0000000000000000", "FCDB3291DE21F0C0",
3342 "0000000000000002", "0000000000000000", "869EFD7F9F265A09",
3343 "0000000000000001", "0000000000000000", "8CA64DE9C1B123A7",
3344 "0000000000000000", "8000000000000000", "95F8A5E5DD31D900",
3345 "0000000000000000", "4000000000000000", "DD7F121CA5015619",
3346 "0000000000000000", "2000000000000000", "2E8653104F3834EA",
3347 "0000000000000000", "1000000000000000", "4BD388FF6CD81D4F",
3348 "0000000000000000", "0800000000000000", "20B9E767B2FB1456",
3349 "0000000000000000", "0400000000000000", "55579380D77138EF",
3350 "0000000000000000", "0200000000000000", "6CC5DEFAAF04512F",
3351 "0000000000000000", "0100000000000000", "0D9F279BA5D87260",
3352 "0000000000000000", "0080000000000000", "D9031B0271BD5A0A",
3353 "0000000000000000", "0040000000000000", "424250B37C3DD951",
3354 "0000000000000000", "0020000000000000", "B8061B7ECD9A21E5",
3355 "0000000000000000", "0010000000000000", "F15D0F286B65BD28",
3356 "0000000000000000", "0008000000000000", "ADD0CC8D6E5DEBA1",
3357 "0000000000000000", "0004000000000000", "E6D5F82752AD63D1",
3358 "0000000000000000", "0002000000000000", "ECBFE3BD3F591A5E",
3359 "0000000000000000", "0001000000000000", "F356834379D165CD",
3360 "0000000000000000", "0000800000000000", "2B9F982F20037FA9",
3361 "0000000000000000", "0000400000000000", "889DE068A16F0BE6",
3362 "0000000000000000", "0000200000000000", "E19E275D846A1298",
3363 "0000000000000000", "0000100000000000", "329A8ED523D71AEC",
3364 "0000000000000000", "0000080000000000", "E7FCE22557D23C97",
3365 "0000000000000000", "0000040000000000", "12A9F5817FF2D65D",
3366 "0000000000000000", "0000020000000000", "A484C3AD38DC9C19",
3367 "0000000000000000", "0000010000000000", "FBE00A8A1EF8AD72",
3368 "0000000000000000", "0000008000000000", "750D079407521363",
3369 "0000000000000000", "0000004000000000", "64FEED9C724C2FAF",
3370 "0000000000000000", "0000002000000000", "F02B263B328E2B60",
3371 "0000000000000000", "0000001000000000", "9D64555A9A10B852",
3372 "0000000000000000", "0000000800000000", "D106FF0BED5255D7",
3373 "0000000000000000", "0000000400000000", "E1652C6B138C64A5",
3374 "0000000000000000", "0000000200000000", "E428581186EC8F46",
3375 "0000000000000000", "0000000100000000", "AEB5F5EDE22D1A36",
3376 "0000000000000000", "0000000080000000", "E943D7568AEC0C5C",
3377 "0000000000000000", "0000000040000000", "DF98C8276F54B04B",
3378 "0000000000000000", "0000000020000000", "B160E4680F6C696F",
3379 "0000000000000000", "0000000010000000", "FA0752B07D9C4AB8",
3380 "0000000000000000", "0000000008000000", "CA3A2B036DBC8502",
3381 "0000000000000000", "0000000004000000", "5E0905517BB59BCF",
3382 "0000000000000000", "0000000002000000", "814EEB3B91D90726",
3383 "0000000000000000", "0000000001000000", "4D49DB1532919C9F",
3384 "0000000000000000", "0000000000800000", "25EB5FC3F8CF0621",
3385 "0000000000000000", "0000000000400000", "AB6A20C0620D1C6F",
3386 "0000000000000000", "0000000000200000", "79E90DBC98F92CCA",
3387 "0000000000000000", "0000000000100000", "866ECEDD8072BB0E",
3388 "0000000000000000", "0000000000080000", "8B54536F2F3E64A8",
3389 "0000000000000000", "0000000000040000", "EA51D3975595B86B",
3390 "0000000000000000", "0000000000020000", "CAFFC6AC4542DE31",
3391 "0000000000000000", "0000000000010000", "8DD45A2DDF90796C",
3392 "0000000000000000", "0000000000008000", "1029D55E880EC2D0",
3393 "0000000000000000", "0000000000004000", "5D86CB23639DBEA9",
3394 "0000000000000000", "0000000000002000", "1D1CA853AE7C0C5F",
3395 "0000000000000000", "0000000000001000", "CE332329248F3228",
3396 "0000000000000000", "0000000000000800", "8405D1ABE24FB942",
3397 "0000000000000000", "0000000000000400", "E643D78090CA4207",
3398 "0000000000000000", "0000000000000200", "48221B9937748A23",
3399 "0000000000000000", "0000000000000100", "DD7C0BBD61FAFD54",
3400 "0000000000000000", "0000000000000080", "2FBC291A570DB5C4",
3401 "0000000000000000", "0000000000000040", "E07C30D7E4E26E12",
3402 "0000000000000000", "0000000000000020", "0953E2258E8E90A1",
3403 "0000000000000000", "0000000000000010", "5B711BC4CEEBF2EE",
3404 "0000000000000000", "0000000000000008", "CC083F1E6D9E85F6",
3405 "0000000000000000", "0000000000000004", "D2FD8867D50D2DFE",
3406 "0000000000000000", "0000000000000002", "06E7EA22CE92708F",
3407 "0000000000000000", "0000000000000001", "166B40B44ABA4BD6",
3408 "0000000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3409 "0101010101010101", "0101010101010101", "994D4DC157B96C52",
3410 "0202020202020202", "0202020202020202", "E127C2B61D98E6E2",
3411 "0303030303030303", "0303030303030303", "984C91D78A269CE3",
3412 "0404040404040404", "0404040404040404", "1F4570BB77550683",
3413 "0505050505050505", "0505050505050505", "3990ABF98D672B16",
3414 "0606060606060606", "0606060606060606", "3F5150BBA081D585",
3415 "0707070707070707", "0707070707070707", "C65242248C9CF6F2",
3416 "0808080808080808", "0808080808080808", "10772D40FAD24257",
3417 "0909090909090909", "0909090909090909", "F0139440647A6E7B",
3418 "0A0A0A0A0A0A0A0A", "0A0A0A0A0A0A0A0A", "0A288603044D740C",
3419 "0B0B0B0B0B0B0B0B", "0B0B0B0B0B0B0B0B", "6359916942F7438F",
3420 "0C0C0C0C0C0C0C0C", "0C0C0C0C0C0C0C0C", "934316AE443CF08B",
3421 "0D0D0D0D0D0D0D0D", "0D0D0D0D0D0D0D0D", "E3F56D7F1130A2B7",
3422 "0E0E0E0E0E0E0E0E", "0E0E0E0E0E0E0E0E", "A2E4705087C6B6B4",
3423 "0F0F0F0F0F0F0F0F", "0F0F0F0F0F0F0F0F", "D5D76E09A447E8C3",
3424 "1010101010101010", "1010101010101010", "DD7515F2BFC17F85",
3425 "1111111111111111", "1111111111111111", "F40379AB9E0EC533",
3426 "1212121212121212", "1212121212121212", "96CD27784D1563E5",
3427 "1313131313131313", "1313131313131313", "2911CF5E94D33FE1",
3428 "1414141414141414", "1414141414141414", "377B7F7CA3E5BBB3",
3429 "1515151515151515", "1515151515151515", "701AA63832905A92",
3430 "1616161616161616", "1616161616161616", "2006E716C4252D6D",
3431 "1717171717171717", "1717171717171717", "452C1197422469F8",
3432 "1818181818181818", "1818181818181818", "C33FD1EB49CB64DA",
3433 "1919191919191919", "1919191919191919", "7572278F364EB50D",
3434 "1A1A1A1A1A1A1A1A", "1A1A1A1A1A1A1A1A", "69E51488403EF4C3",
3435 "1B1B1B1B1B1B1B1B", "1B1B1B1B1B1B1B1B", "FF847E0ADF192825",
3436 "1C1C1C1C1C1C1C1C", "1C1C1C1C1C1C1C1C", "521B7FB3B41BB791",
3437 "1D1D1D1D1D1D1D1D", "1D1D1D1D1D1D1D1D", "26059A6A0F3F6B35",
3438 "1E1E1E1E1E1E1E1E", "1E1E1E1E1E1E1E1E", "F24A8D2231C77538",
3439 "1F1F1F1F1F1F1F1F", "1F1F1F1F1F1F1F1F", "4FD96EC0D3304EF6",
3440 "2020202020202020", "2020202020202020", "18A9D580A900B699",
3441 "2121212121212121", "2121212121212121", "88586E1D755B9B5A",
3442 "2222222222222222", "2222222222222222", "0F8ADFFB11DC2784",
3443 "2323232323232323", "2323232323232323", "2F30446C8312404A",
3444 "2424242424242424", "2424242424242424", "0BA03D9E6C196511",
3445 "2525252525252525", "2525252525252525", "3E55E997611E4B7D",
3446 "2626262626262626", "2626262626262626", "B2522FB5F158F0DF",
3447 "2727272727272727", "2727272727272727", "2109425935406AB8",
3448 "2828282828282828", "2828282828282828", "11A16028F310FF16",
3449 "2929292929292929", "2929292929292929", "73F0C45F379FE67F",
3450 "2A2A2A2A2A2A2A2A", "2A2A2A2A2A2A2A2A", "DCAD4338F7523816",
3451 "2B2B2B2B2B2B2B2B", "2B2B2B2B2B2B2B2B", "B81634C1CEAB298C",
3452 "2C2C2C2C2C2C2C2C", "2C2C2C2C2C2C2C2C", "DD2CCB29B6C4C349",
3453 "2D2D2D2D2D2D2D2D", "2D2D2D2D2D2D2D2D", "7D07A77A2ABD50A7",
3454 "2E2E2E2E2E2E2E2E", "2E2E2E2E2E2E2E2E", "30C1B0C1FD91D371",
3455 "2F2F2F2F2F2F2F2F", "2F2F2F2F2F2F2F2F", "C4427B31AC61973B",
3456 "3030303030303030", "3030303030303030", "F47BB46273B15EB5",
3457 "3131313131313131", "3131313131313131", "655EA628CF62585F",
3458 "3232323232323232", "3232323232323232", "AC978C247863388F",
3459 "3333333333333333", "3333333333333333", "0432ED386F2DE328",
3460 "3434343434343434", "3434343434343434", "D254014CB986B3C2",
3461 "3535353535353535", "3535353535353535", "B256E34BEDB49801",
3462 "3636363636363636", "3636363636363636", "37F8759EB77E7BFC",
3463 "3737373737373737", "3737373737373737", "5013CA4F62C9CEA0",
3464 "3838383838383838", "3838383838383838", "8940F7B3EACA5939",
3465 "3939393939393939", "3939393939393939", "E22B19A55086774B",
3466 "3A3A3A3A3A3A3A3A", "3A3A3A3A3A3A3A3A", "B04A2AAC925ABB0B",
3467 "3B3B3B3B3B3B3B3B", "3B3B3B3B3B3B3B3B", "8D250D58361597FC",
3468 "3C3C3C3C3C3C3C3C", "3C3C3C3C3C3C3C3C", "51F0114FB6A6CD37",
3469 "3D3D3D3D3D3D3D3D", "3D3D3D3D3D3D3D3D", "9D0BB4DB830ECB73",
3470 "3E3E3E3E3E3E3E3E", "3E3E3E3E3E3E3E3E", "E96089D6368F3E1A",
3471 "3F3F3F3F3F3F3F3F", "3F3F3F3F3F3F3F3F", "5C4CA877A4E1E92D",
3472 "4040404040404040", "4040404040404040", "6D55DDBC8DEA95FF",
3473 "4141414141414141", "4141414141414141", "19DF84AC95551003",
3474 "4242424242424242", "4242424242424242", "724E7332696D08A7",
3475 "4343434343434343", "4343434343434343", "B91810B8CDC58FE2",
3476 "4444444444444444", "4444444444444444", "06E23526EDCCD0C4",
3477 "4545454545454545", "4545454545454545", "EF52491D5468D441",
3478 "4646464646464646", "4646464646464646", "48019C59E39B90C5",
3479 "4747474747474747", "4747474747474747", "0544083FB902D8C0",
3480 "4848484848484848", "4848484848484848", "63B15CADA668CE12",
3481 "4949494949494949", "4949494949494949", "EACC0C1264171071",
3482 "4A4A4A4A4A4A4A4A", "4A4A4A4A4A4A4A4A", "9D2B8C0AC605F274",
3483 "4B4B4B4B4B4B4B4B", "4B4B4B4B4B4B4B4B", "C90F2F4C98A8FB2A",
3484 "4C4C4C4C4C4C4C4C", "4C4C4C4C4C4C4C4C", "03481B4828FD1D04",
3485 "4D4D4D4D4D4D4D4D", "4D4D4D4D4D4D4D4D", "C78FC45A1DCEA2E2",
3486 "4E4E4E4E4E4E4E4E", "4E4E4E4E4E4E4E4E", "DB96D88C3460D801",
3487 "4F4F4F4F4F4F4F4F", "4F4F4F4F4F4F4F4F", "6C69E720F5105518",
3488 "5050505050505050", "5050505050505050", "0D262E418BC893F3",
3489 "5151515151515151", "5151515151515151", "6AD84FD7848A0A5C",
3490 "5252525252525252", "5252525252525252", "C365CB35B34B6114",
3491 "5353535353535353", "5353535353535353", "1155392E877F42A9",
3492 "5454545454545454", "5454545454545454", "531BE5F9405DA715",
3493 "5555555555555555", "5555555555555555", "3BCDD41E6165A5E8",
3494 "5656565656565656", "5656565656565656", "2B1FF5610A19270C",
3495 "5757575757575757", "5757575757575757", "D90772CF3F047CFD",
3496 "5858585858585858", "5858585858585858", "1BEA27FFB72457B7",
3497 "5959595959595959", "5959595959595959", "85C3E0C429F34C27",
3498 "5A5A5A5A5A5A5A5A", "5A5A5A5A5A5A5A5A", "F9038021E37C7618",
3499 "5B5B5B5B5B5B5B5B", "5B5B5B5B5B5B5B5B", "35BC6FF838DBA32F",
3500 "5C5C5C5C5C5C5C5C", "5C5C5C5C5C5C5C5C", "4927ACC8CE45ECE7",
3501 "5D5D5D5D5D5D5D5D", "5D5D5D5D5D5D5D5D", "E812EE6E3572985C",
3502 "5E5E5E5E5E5E5E5E", "5E5E5E5E5E5E5E5E", "9BB93A89627BF65F",
3503 "5F5F5F5F5F5F5F5F", "5F5F5F5F5F5F5F5F", "EF12476884CB74CA",
3504 "6060606060606060", "6060606060606060", "1BF17E00C09E7CBF",
3505 "6161616161616161", "6161616161616161", "29932350C098DB5D",
3506 "6262626262626262", "6262626262626262", "B476E6499842AC54",
3507 "6363636363636363", "6363636363636363", "5C662C29C1E96056",
3508 "6464646464646464", "6464646464646464", "3AF1703D76442789",
3509 "6565656565656565", "6565656565656565", "86405D9B425A8C8C",
3510 "6666666666666666", "6666666666666666", "EBBF4810619C2C55",
3511 "6767676767676767", "6767676767676767", "F8D1CD7367B21B5D",
3512 "6868686868686868", "6868686868686868", "9EE703142BF8D7E2",
3513 "6969696969696969", "6969696969696969", "5FDFFFC3AAAB0CB3",
3514 "6A6A6A6A6A6A6A6A", "6A6A6A6A6A6A6A6A", "26C940AB13574231",
3515 "6B6B6B6B6B6B6B6B", "6B6B6B6B6B6B6B6B", "1E2DC77E36A84693",
3516 "6C6C6C6C6C6C6C6C", "6C6C6C6C6C6C6C6C", "0F4FF4D9BC7E2244",
3517 "6D6D6D6D6D6D6D6D", "6D6D6D6D6D6D6D6D", "A4C9A0D04D3280CD",
3518 "6E6E6E6E6E6E6E6E", "6E6E6E6E6E6E6E6E", "9FAF2C96FE84919D",
3519 "6F6F6F6F6F6F6F6F", "6F6F6F6F6F6F6F6F", "115DBC965E6096C8",
3520 "7070707070707070", "7070707070707070", "AF531E9520994017",
3521 "7171717171717171", "7171717171717171", "B971ADE70E5C89EE",
3522 "7272727272727272", "7272727272727272", "415D81C86AF9C376",
3523 "7373737373737373", "7373737373737373", "8DFB864FDB3C6811",
3524 "7474747474747474", "7474747474747474", "10B1C170E3398F91",
3525 "7575757575757575", "7575757575757575", "CFEF7A1C0218DB1E",
3526 "7676767676767676", "7676767676767676", "DBAC30A2A40B1B9C",
3527 "7777777777777777", "7777777777777777", "89D3BF37052162E9",
3528 "7878787878787878", "7878787878787878", "80D9230BDAEB67DC",
3529 "7979797979797979", "7979797979797979", "3440911019AD68D7",
3530 "7A7A7A7A7A7A7A7A", "7A7A7A7A7A7A7A7A", "9626FE57596E199E",
3531 "7B7B7B7B7B7B7B7B", "7B7B7B7B7B7B7B7B", "DEA0B796624BB5BA",
3532 "7C7C7C7C7C7C7C7C", "7C7C7C7C7C7C7C7C", "E9E40542BDDB3E9D",
3533 "7D7D7D7D7D7D7D7D", "7D7D7D7D7D7D7D7D", "8AD99914B354B911",
3534 "7E7E7E7E7E7E7E7E", "7E7E7E7E7E7E7E7E", "6F85B98DD12CB13B",
3535 "7F7F7F7F7F7F7F7F", "7F7F7F7F7F7F7F7F", "10130DA3C3A23924",
3536 "8080808080808080", "8080808080808080", "EFECF25C3C5DC6DB",
3537 "8181818181818181", "8181818181818181", "907A46722ED34EC4",
3538 "8282828282828282", "8282828282828282", "752666EB4CAB46EE",
3539 "8383838383838383", "8383838383838383", "161BFABD4224C162",
3540 "8484848484848484", "8484848484848484", "215F48699DB44A45",
3541 "8585858585858585", "8585858585858585", "69D901A8A691E661",
3542 "8686868686868686", "8686868686868686", "CBBF6EEFE6529728",
3543 "8787878787878787", "8787878787878787", "7F26DCF425149823",
3544 "8888888888888888", "8888888888888888", "762C40C8FADE9D16",
3545 "8989898989898989", "8989898989898989", "2453CF5D5BF4E463",
3546 "8A8A8A8A8A8A8A8A", "8A8A8A8A8A8A8A8A", "301085E3FDE724E1",
3547 "8B8B8B8B8B8B8B8B", "8B8B8B8B8B8B8B8B", "EF4E3E8F1CC6706E",
3548 "8C8C8C8C8C8C8C8C", "8C8C8C8C8C8C8C8C", "720479B024C397EE",
3549 "8D8D8D8D8D8D8D8D", "8D8D8D8D8D8D8D8D", "BEA27E3795063C89",
3550 "8E8E8E8E8E8E8E8E", "8E8E8E8E8E8E8E8E", "468E5218F1A37611",
3551 "8F8F8F8F8F8F8F8F", "8F8F8F8F8F8F8F8F", "50ACE16ADF66BFE8",
3552 "9090909090909090", "9090909090909090", "EEA24369A19F6937",
3553 "9191919191919191", "9191919191919191", "6050D369017B6E62",
3554 "9292929292929292", "9292929292929292", "5B365F2FB2CD7F32",
3555 "9393939393939393", "9393939393939393", "F0B00B264381DDBB",
3556 "9494949494949494", "9494949494949494", "E1D23881C957B96C",
3557 "9595959595959595", "9595959595959595", "D936BF54ECA8BDCE",
3558 "9696969696969696", "9696969696969696", "A020003C5554F34C",
3559 "9797979797979797", "9797979797979797", "6118FCEBD407281D",
3560 "9898989898989898", "9898989898989898", "072E328C984DE4A2",
3561 "9999999999999999", "9999999999999999", "1440B7EF9E63D3AA",
3562 "9A9A9A9A9A9A9A9A", "9A9A9A9A9A9A9A9A", "79BFA264BDA57373",
3563 "9B9B9B9B9B9B9B9B", "9B9B9B9B9B9B9B9B", "C50E8FC289BBD876",
3564 "9C9C9C9C9C9C9C9C", "9C9C9C9C9C9C9C9C", "A399D3D63E169FA9",
3565 "9D9D9D9D9D9D9D9D", "9D9D9D9D9D9D9D9D", "4B8919B667BD53AB",
3566 "9E9E9E9E9E9E9E9E", "9E9E9E9E9E9E9E9E", "D66CDCAF3F6724A2",
3567 "9F9F9F9F9F9F9F9F", "9F9F9F9F9F9F9F9F", "E40E81FF3F618340",
3568 "A0A0A0A0A0A0A0A0", "A0A0A0A0A0A0A0A0", "10EDB8977B348B35",
3569 "A1A1A1A1A1A1A1A1", "A1A1A1A1A1A1A1A1", "6446C5769D8409A0",
3570 "A2A2A2A2A2A2A2A2", "A2A2A2A2A2A2A2A2", "17ED1191CA8D67A3",
3571 "A3A3A3A3A3A3A3A3", "A3A3A3A3A3A3A3A3", "B6D8533731BA1318",
3572 "A4A4A4A4A4A4A4A4", "A4A4A4A4A4A4A4A4", "CA439007C7245CD0",
3573 "A5A5A5A5A5A5A5A5", "A5A5A5A5A5A5A5A5", "06FC7FDE1C8389E7",
3574 "A6A6A6A6A6A6A6A6", "A6A6A6A6A6A6A6A6", "7A3C1F3BD60CB3D8",
3575 "A7A7A7A7A7A7A7A7", "A7A7A7A7A7A7A7A7", "E415D80048DBA848",
3576 "A8A8A8A8A8A8A8A8", "A8A8A8A8A8A8A8A8", "26F88D30C0FB8302",
3577 "A9A9A9A9A9A9A9A9", "A9A9A9A9A9A9A9A9", "D4E00A9EF5E6D8F3",
3578 "AAAAAAAAAAAAAAAA", "AAAAAAAAAAAAAAAA", "C4322BE19E9A5A17",
3579 "ABABABABABABABAB", "ABABABABABABABAB", "ACE41A06BFA258EA",
3580 "ACACACACACACACAC", "ACACACACACACACAC", "EEAAC6D17880BD56",
3581 "ADADADADADADADAD", "ADADADADADADADAD", "3C9A34CA4CB49EEB",
3582 "AEAEAEAEAEAEAEAE", "AEAEAEAEAEAEAEAE", "9527B0287B75F5A3",
3583 "AFAFAFAFAFAFAFAF", "AFAFAFAFAFAFAFAF", "F2D9D1BE74376C0C",
3584 "B0B0B0B0B0B0B0B0", "B0B0B0B0B0B0B0B0", "939618DF0AEFAAE7",
3585 "B1B1B1B1B1B1B1B1", "B1B1B1B1B1B1B1B1", "24692773CB9F27FE",
3586 "B2B2B2B2B2B2B2B2", "B2B2B2B2B2B2B2B2", "38703BA5E2315D1D",
3587 "B3B3B3B3B3B3B3B3", "B3B3B3B3B3B3B3B3", "FCB7E4B7D702E2FB",
3588 "B4B4B4B4B4B4B4B4", "B4B4B4B4B4B4B4B4", "36F0D0B3675704D5",
3589 "B5B5B5B5B5B5B5B5", "B5B5B5B5B5B5B5B5", "62D473F539FA0D8B",
3590 "B6B6B6B6B6B6B6B6", "B6B6B6B6B6B6B6B6", "1533F3ED9BE8EF8E",
3591 "B7B7B7B7B7B7B7B7", "B7B7B7B7B7B7B7B7", "9C4EA352599731ED",
3592 "B8B8B8B8B8B8B8B8", "B8B8B8B8B8B8B8B8", "FABBF7C046FD273F",
3593 "B9B9B9B9B9B9B9B9", "B9B9B9B9B9B9B9B9", "B7FE63A61C646F3A",
3594 "BABABABABABABABA", "BABABABABABABABA", "10ADB6E2AB972BBE",
3595 "BBBBBBBBBBBBBBBB", "BBBBBBBBBBBBBBBB", "F91DCAD912332F3B",
3596 "BCBCBCBCBCBCBCBC", "BCBCBCBCBCBCBCBC", "46E7EF47323A701D",
3597 "BDBDBDBDBDBDBDBD", "BDBDBDBDBDBDBDBD", "8DB18CCD9692F758",
3598 "BEBEBEBEBEBEBEBE", "BEBEBEBEBEBEBEBE", "E6207B536AAAEFFC",
3599 "BFBFBFBFBFBFBFBF", "BFBFBFBFBFBFBFBF", "92AA224372156A00",
3600 "C0C0C0C0C0C0C0C0", "C0C0C0C0C0C0C0C0", "A3B357885B1E16D2",
3601 "C1C1C1C1C1C1C1C1", "C1C1C1C1C1C1C1C1", "169F7629C970C1E5",
3602 "C2C2C2C2C2C2C2C2", "C2C2C2C2C2C2C2C2", "62F44B247CF1348C",
3603 "C3C3C3C3C3C3C3C3", "C3C3C3C3C3C3C3C3", "AE0FEEB0495932C8",
3604 "C4C4C4C4C4C4C4C4", "C4C4C4C4C4C4C4C4", "72DAF2A7C9EA6803",
3605 "C5C5C5C5C5C5C5C5", "C5C5C5C5C5C5C5C5", "4FB5D5536DA544F4",
3606 "C6C6C6C6C6C6C6C6", "C6C6C6C6C6C6C6C6", "1DD4E65AAF7988B4",
3607 "C7C7C7C7C7C7C7C7", "C7C7C7C7C7C7C7C7", "76BF084C1535A6C6",
3608 "C8C8C8C8C8C8C8C8", "C8C8C8C8C8C8C8C8", "AFEC35B09D36315F",
3609 "C9C9C9C9C9C9C9C9", "C9C9C9C9C9C9C9C9", "C8078A6148818403",
3610 "CACACACACACACACA", "CACACACACACACACA", "4DA91CB4124B67FE",
3611 "CBCBCBCBCBCBCBCB", "CBCBCBCBCBCBCBCB", "2DABFEB346794C3D",
3612 "CCCCCCCCCCCCCCCC", "CCCCCCCCCCCCCCCC", "FBCD12C790D21CD7",
3613 "CDCDCDCDCDCDCDCD", "CDCDCDCDCDCDCDCD", "536873DB879CC770",
3614 "CECECECECECECECE", "CECECECECECECECE", "9AA159D7309DA7A0",
3615 "CFCFCFCFCFCFCFCF", "CFCFCFCFCFCFCFCF", "0B844B9D8C4EA14A",
3616 "D0D0D0D0D0D0D0D0", "D0D0D0D0D0D0D0D0", "3BBD84CE539E68C4",
3617 "D1D1D1D1D1D1D1D1", "D1D1D1D1D1D1D1D1", "CF3E4F3E026E2C8E",
3618 "D2D2D2D2D2D2D2D2", "D2D2D2D2D2D2D2D2", "82F85885D542AF58",
3619 "D3D3D3D3D3D3D3D3", "D3D3D3D3D3D3D3D3", "22D334D6493B3CB6",
3620 "D4D4D4D4D4D4D4D4", "D4D4D4D4D4D4D4D4", "47E9CB3E3154D673",
3621 "D5D5D5D5D5D5D5D5", "D5D5D5D5D5D5D5D5", "2352BCC708ADC7E9",
3622 "D6D6D6D6D6D6D6D6", "D6D6D6D6D6D6D6D6", "8C0F3BA0C8601980",
3623 "D7D7D7D7D7D7D7D7", "D7D7D7D7D7D7D7D7", "EE5E9FD70CEF00E9",
3624 "D8D8D8D8D8D8D8D8", "D8D8D8D8D8D8D8D8", "DEF6BDA6CABF9547",
3625 "D9D9D9D9D9D9D9D9", "D9D9D9D9D9D9D9D9", "4DADD04A0EA70F20",
3626 "DADADADADADADADA", "DADADADADADADADA", "C1AA16689EE1B482",
3627 "DBDBDBDBDBDBDBDB", "DBDBDBDBDBDBDBDB", "F45FC26193E69AEE",
3628 "DCDCDCDCDCDCDCDC", "DCDCDCDCDCDCDCDC", "D0CFBB937CEDBFB5",
3629 "DDDDDDDDDDDDDDDD", "DDDDDDDDDDDDDDDD", "F0752004EE23D87B",
3630 "DEDEDEDEDEDEDEDE", "DEDEDEDEDEDEDEDE", "77A791E28AA464A5",
3631 "DFDFDFDFDFDFDFDF", "DFDFDFDFDFDFDFDF", "E7562A7F56FF4966",
3632 "E0E0E0E0E0E0E0E0", "E0E0E0E0E0E0E0E0", "B026913F2CCFB109",
3633 "E1E1E1E1E1E1E1E1", "E1E1E1E1E1E1E1E1", "0DB572DDCE388AC7",
3634 "E2E2E2E2E2E2E2E2", "E2E2E2E2E2E2E2E2", "D9FA6595F0C094CA",
3635 "E3E3E3E3E3E3E3E3", "E3E3E3E3E3E3E3E3", "ADE4804C4BE4486E",
3636 "E4E4E4E4E4E4E4E4", "E4E4E4E4E4E4E4E4", "007B81F520E6D7DA",
3637 "E5E5E5E5E5E5E5E5", "E5E5E5E5E5E5E5E5", "961AEB77BFC10B3C",
3638 "E6E6E6E6E6E6E6E6", "E6E6E6E6E6E6E6E6", "8A8DD870C9B14AF2",
3639 "E7E7E7E7E7E7E7E7", "E7E7E7E7E7E7E7E7", "3CC02E14B6349B25",
3640 "E8E8E8E8E8E8E8E8", "E8E8E8E8E8E8E8E8", "BAD3EE68BDDB9607",
3641 "E9E9E9E9E9E9E9E9", "E9E9E9E9E9E9E9E9", "DFF918E93BDAD292",
3642 "EAEAEAEAEAEAEAEA", "EAEAEAEAEAEAEAEA", "8FE559C7CD6FA56D",
3643 "EBEBEBEBEBEBEBEB", "EBEBEBEBEBEBEBEB", "C88480835C1A444C",
3644 "ECECECECECECECEC", "ECECECECECECECEC", "D6EE30A16B2CC01E",
3645 "EDEDEDEDEDEDEDED", "EDEDEDEDEDEDEDED", "6932D887B2EA9C1A",
3646 "EEEEEEEEEEEEEEEE", "EEEEEEEEEEEEEEEE", "0BFC865461F13ACC",
3647 "EFEFEFEFEFEFEFEF", "EFEFEFEFEFEFEFEF", "228AEA0D403E807A",
3648 "F0F0F0F0F0F0F0F0", "F0F0F0F0F0F0F0F0", "2A2891F65BB8173C",
3649 "F1F1F1F1F1F1F1F1", "F1F1F1F1F1F1F1F1", "5D1B8FAF7839494B",
3650 "F2F2F2F2F2F2F2F2", "F2F2F2F2F2F2F2F2", "1C0A9280EECF5D48",
3651 "F3F3F3F3F3F3F3F3", "F3F3F3F3F3F3F3F3", "6CBCE951BBC30F74",
3652 "F4F4F4F4F4F4F4F4", "F4F4F4F4F4F4F4F4", "9CA66E96BD08BC70",
3653 "F5F5F5F5F5F5F5F5", "F5F5F5F5F5F5F5F5", "F5D779FCFBB28BF3",
3654 "F6F6F6F6F6F6F6F6", "F6F6F6F6F6F6F6F6", "0FEC6BBF9B859184",
3655 "F7F7F7F7F7F7F7F7", "F7F7F7F7F7F7F7F7", "EF88D2BF052DBDA8",
3656 "F8F8F8F8F8F8F8F8", "F8F8F8F8F8F8F8F8", "39ADBDDB7363090D",
3657 "F9F9F9F9F9F9F9F9", "F9F9F9F9F9F9F9F9", "C0AEAF445F7E2A7A",
3658 "FAFAFAFAFAFAFAFA", "FAFAFAFAFAFAFAFA", "C66F54067298D4E9",
3659 "FBFBFBFBFBFBFBFB", "FBFBFBFBFBFBFBFB", "E0BA8F4488AAF97C",
3660 "FCFCFCFCFCFCFCFC", "FCFCFCFCFCFCFCFC", "67B36E2875D9631C",
3661 "FDFDFDFDFDFDFDFD", "FDFDFDFDFDFDFDFD", "1ED83D49E267191D",
3662 "FEFEFEFEFEFEFEFE", "FEFEFEFEFEFEFEFE", "66B2B23EA84693AD",
3663 "FFFFFFFFFFFFFFFF", "FFFFFFFFFFFFFFFF", "7359B2163E4EDC58",
3664 "0001020304050607", "0011223344556677", "3EF0A891CF8ED990",
3665 "2BD6459F82C5B300", "EA024714AD5C4D84", "126EFE8ED312190A",
3671 * Known-answer tests for DES/3DES in CBC mode. Order: key, IV,
3672 * plaintext, ciphertext.
3674 static const char *const KAT_DES_CBC
[] = {
3676 * From NIST validation suite (tdesmmt.zip).
3678 "34a41a8c293176c1b30732ecfe38ae8a34a41a8c293176c1",
3683 "70a88fa1dfb9942fa77f40157ffef2ad70a88fa1dfb9942f",
3685 "bc225304d5a3a5c9918fc5006cbc40cc",
3686 "27f67dc87af7ddb4b68f63fa7c2d454a",
3688 "e091790be55be0bc0780153861a84adce091790be55be0bc",
3690 "03c7fffd7f36499c703dedc9df4de4a92dd4382e576d6ae9",
3691 "053aeba85dd3a23bfbe8440a432f9578f312be60fb9f0035",
3693 "857feacd16157c58e5347a70e56e578a857feacd16157c58",
3695 "1f13701c7f0d7385307507a18e89843ebd295bd5e239ef109347a6898c6d3fd5",
3696 "a0e4edde34f05bd8397ce279e49853e9387ba04be562f5fa19c3289c3f5a3391",
3698 "a173545b265875ba852331fbb95b49a8a173545b265875ba",
3700 "d08894c565608d9ae51dda63b85b3b33b1703bb5e4f1abcbb8794e743da5d6f3bf630f2e9b6d5b54",
3701 "370b47acf89ac6bdbb13c9a7336787dc41e1ad8beead32281d0609fb54968404bdf2894892590658",
3703 "26376bcb2f23df1083cd684fe00ed3c726376bcb2f23df10",
3705 "903a1911da1e6877f23c1985a9b61786ef438e0ce1240885035ad60fc916b18e5d71a1fb9c5d1eff61db75c0076f6efb",
3706 "7a4f7510f6ec0b93e2495d21a8355684d303a770ebda2e0e51ff33d72b20cb73e58e2e3de2ef6b2e12c504c0f181ba63",
3708 "3e1f98135d027cec752f67765408a7913e1f98135d027cec",
3710 "7c022f5af24f7925d323d4d0e20a2ce49272c5e764b22c806f4b6ddc406d864fe5bd1c3f45556d3eb30c8676c2f8b54a5a32423a0bd95a07",
3711 "2bb4b131fa4ae0b4f0378a2cdb68556af6eee837613016d7ea936f3931f25f8b3ae351d5e9d00be665676e2400408b5db9892d95421e7f1a",
3713 "13b9d549cd136ec7bf9e9810ef2cdcbf13b9d549cd136ec7",
3715 "1fff1563bc1645b55cb23ea34a0049dfc06607150614b621dedcb07f20433402a2d869c95ac4a070c7a3da838c928a385f899c5d21ecb58f4e5cbdad98d39b8c",
3716 "75f804d4a2c542a31703e23df26cc38861a0729090e6eae5672c1db8c0b09fba9b125bbca7d6c7d330b3859e6725c6d26de21c4e3af7f5ea94df3cde2349ce37",
3718 "20320dfdad579bb57c6e4acd769dbadf20320dfdad579bb5",
3720 "0431283cc8bb4dc7750a9d5c68578486932091632a12d0a79f2c54e3d122130881fff727050f317a40fcd1a8d13793458b99fc98254ba6a233e3d95b55cf5a3faff78809999ea4bf",
3721 "85d17840eb2af5fc727027336bfd71a2b31bd14a1d9eb64f8a08bfc4f56eaa9ca7654a5ae698287869cc27324813730de4f1384e0b8cfbc472ff5470e3c5e4bd8ceb23dc2d91988c",
3723 "23abb073a2df34cb3d1fdce6b092582c23abb073a2df34cb",
3725 "31e718fd95e6d7ca4f94763191add2674ab07c909d88c486916c16d60a048a0cf8cdb631cebec791362cd0c202eb61e166b65c1f65d0047c8aec57d3d84b9e17032442dce148e1191b06a12c284cc41e",
3726 "c9a3f75ab6a7cd08a7fd53ca540aafe731d257ee1c379fadcc4cc1a06e7c12bddbeb7562c436d1da849ed072629e82a97b56d9becc25ff4f16f21c5f2a01911604f0b5c49df96cb641faee662ca8aa68",
3728 "b5cb1504802326c73df186e3e352a20de643b0d63ee30e37",
3733 "a49d7564199e97cb529d2c9d97bf2f98d35edf57ba1f7358",
3735 "c689aee38a301bb316da75db36f110b5",
3736 "e9afaba5ec75ea1bbe65506655bb4ecb",
3738 "1a5d4c0825072a15a8ad9dfdaeda8c048adffb85bc4fced0",
3740 "983c3edacd939406010e1bc6ff9e12320ac5008117fa8f84",
3741 "d84fa24f38cf451ca2c9adc960120bd8ff9871584fe31cee",
3743 "d98aadc76d4a3716158c32866efbb9ce834af2297379a49d",
3745 "6174079dda53ca723ebf00a66837f8d5ce648c08acaa5ee45ffe62210ef79d3e",
3746 "f5bd4d600bed77bec78409e3530ebda1d815506ed53103015b87e371ae000958",
3748 "ef6d3e54266d978ffb0b8ce6689d803e2cd34cc802fd0252",
3750 "c4f228b537223cd01c0debb5d9d4e12ba71656618d119b2f8f0af29d23efa3a9e43c4c458a1b79a0",
3751 "9e3289fb18379f55aa4e45a7e0e6df160b33b75f8627ad0954f8fdcb78cee55a4664caeda1000fe5",
3753 "625bc19b19df83abfb2f5bec9d4f2062017525a75bc26e70",
3755 "8152d2ab876c3c8201403a5a406d3feaf27319dbea6ad01e24f4d18203704b86de70da6bbb6d638e5aba3ff576b79b28",
3756 "706fe7a973fac40e25b2b4499ce527078944c70e976d017b6af86a3a7a6b52943a72ba18a58000d2b61fdc3bfef2bc4a",
3758 "b6383176046e6880a1023bf45768b5bf5119022fe054bfe5",
3760 "cd5a886e9af011346c4dba36a424f96a78a1ddf28aaa4188bf65451f4efaffc7179a6dd237c0ae35d9b672314e5cb032612597f7e462c6f3",
3761 "b030f976f46277ee211c4a324d5c87555d1084513a1223d3b84416b52bbc28f4b77f3a9d8d0d91dc37d3dbe8af8be98f74674b02f9a38527",
3763 "3d8cf273d343b9aedccddacb91ad86206737adc86b4a49a7",
3765 "1fde3991c32ce220b5b6666a9234f2fd7bd24b921829fd9cdc6eb4218be9eac9faa9c2351777349128086b6d58776bc86ff2f76ee1b3b2850a318462b8983fa1",
3766 "422ce705a46bb52ad928dab6c863166d617c6fc24003633120d91918314bbf464cea7345c3c35f2042f2d6929735d74d7728f22fea618a0b9cf5b1281acb13fb",
3768 "fbceb5cb646b925be0b92f7f6b493d5e5b16e9159732732a",
3770 "4c309bc8e1e464fdd2a2b8978645d668d455f7526bd8d7b6716a722f6a900b815c4a73cc30e788065c1dfca7bf5958a6cc5440a5ebe7f8691c20278cde95db764ff8ce8994ece89c",
3771 "c02129bdf4bbbd75e71605a00b12c80db6b4e05308e916615011f09147ed915dd1bc67f27f9e027e4e13df36b55464a31c11b4d1fe3d855d89df492e1a7201b995c1ba16a8dbabee",
3773 "9b162a0df8ad9b61c88676e3d586434570b902f12a2046e0",
3775 "f4c1c918e77355c8156f0fd778da52bff121ae5f2f44eaf4d2754946d0e10d1f18ce3a0176e69c18b7d20b6e0d0bee5eb5edfe4bd60e4d92adcd86bce72e76f94ee5cbcaa8b01cfddcea2ade575e66ac",
3776 "1ff3c8709f403a8eff291aedf50c010df5c5ff64a8b205f1fce68564798897a390db16ee0d053856b75898009731da290fcc119dad987277aacef694872e880c4bb41471063fae05c89f25e4bd0cad6a",
3782 xor_buf(unsigned char *dst
, const unsigned char *src
, size_t len
)
3784 while (len
-- > 0) {
3790 monte_carlo_DES_encrypt(const br_block_cbcenc_class
*ve
)
3792 unsigned char k1
[8], k2
[8], k3
[8];
3793 unsigned char buf
[8];
3794 unsigned char cipher
[8];
3796 br_des_gen_cbcenc_keys v_ec
;
3800 hextobin(k1
, "9ec2372c86379df4");
3801 hextobin(k2
, "ad7ac4464f73805d");
3802 hextobin(k3
, "20c4f87564527c91");
3803 hextobin(buf
, "b624d6bd41783ab1");
3804 hextobin(cipher
, "eafd97b190b167fe");
3805 for (i
= 0; i
< 400; i
++) {
3806 unsigned char key
[24];
3809 memcpy(key
+ 8, k2
, 8);
3810 memcpy(key
+ 16, k3
, 8);
3811 ve
->init(ec
, key
, sizeof key
);
3812 for (j
= 0; j
< 10000; j
++) {
3813 unsigned char iv
[8];
3815 memset(iv
, 0, sizeof iv
);
3816 ve
->run(ec
, iv
, buf
, sizeof buf
);
3818 case 9997: xor_buf(k3
, buf
, 8); break;
3819 case 9998: xor_buf(k2
, buf
, 8); break;
3820 case 9999: xor_buf(k1
, buf
, 8); break;
3828 check_equals("MC DES encrypt", buf
, cipher
, sizeof buf
);
3832 monte_carlo_DES_decrypt(const br_block_cbcdec_class
*vd
)
3834 unsigned char k1
[8], k2
[8], k3
[8];
3835 unsigned char buf
[8];
3836 unsigned char plain
[8];
3838 br_des_gen_cbcdec_keys v_dc
;
3842 hextobin(k1
, "79b63486e0ce37e0");
3843 hextobin(k2
, "08e65231abae3710");
3844 hextobin(k3
, "1f5eb69e925ef185");
3845 hextobin(buf
, "2783aa729432fe96");
3846 hextobin(plain
, "44937ca532cdbf98");
3847 for (i
= 0; i
< 400; i
++) {
3848 unsigned char key
[24];
3851 memcpy(key
+ 8, k2
, 8);
3852 memcpy(key
+ 16, k3
, 8);
3853 vd
->init(dc
, key
, sizeof key
);
3854 for (j
= 0; j
< 10000; j
++) {
3855 unsigned char iv
[8];
3857 memset(iv
, 0, sizeof iv
);
3858 vd
->run(dc
, iv
, buf
, sizeof buf
);
3860 case 9997: xor_buf(k3
, buf
, 8); break;
3861 case 9998: xor_buf(k2
, buf
, 8); break;
3862 case 9999: xor_buf(k1
, buf
, 8); break;
3870 check_equals("MC DES decrypt", buf
, plain
, sizeof buf
);
3874 test_DES_generic(char *name
,
3875 const br_block_cbcenc_class
*ve
,
3876 const br_block_cbcdec_class
*vd
,
3877 int with_MC
, int with_CBC
)
3881 printf("Test %s: ", name
);
3884 if (ve
->block_size
!= 8 || vd
->block_size
!= 8) {
3885 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3889 for (u
= 0; KAT_DES
[u
]; u
+= 3) {
3890 unsigned char key
[24];
3891 unsigned char plain
[8];
3892 unsigned char cipher
[8];
3893 unsigned char buf
[8];
3894 unsigned char iv
[8];
3896 br_des_gen_cbcenc_keys v_ec
;
3897 br_des_gen_cbcdec_keys v_dc
;
3898 const br_block_cbcenc_class
**ec
;
3899 const br_block_cbcdec_class
**dc
;
3903 key_len
= hextobin(key
, KAT_DES
[u
]);
3904 hextobin(plain
, KAT_DES
[u
+ 1]);
3905 hextobin(cipher
, KAT_DES
[u
+ 2]);
3906 ve
->init(ec
, key
, key_len
);
3907 memcpy(buf
, plain
, sizeof plain
);
3908 memset(iv
, 0, sizeof iv
);
3909 ve
->run(ec
, iv
, buf
, sizeof buf
);
3910 check_equals("KAT DES encrypt", buf
, cipher
, sizeof cipher
);
3911 vd
->init(dc
, key
, key_len
);
3912 memset(iv
, 0, sizeof iv
);
3913 vd
->run(dc
, iv
, buf
, sizeof buf
);
3914 check_equals("KAT DES decrypt", buf
, plain
, sizeof plain
);
3917 memcpy(key
+ 8, key
, 8);
3918 memcpy(key
+ 16, key
, 8);
3919 ve
->init(ec
, key
, 24);
3920 memcpy(buf
, plain
, sizeof plain
);
3921 memset(iv
, 0, sizeof iv
);
3922 ve
->run(ec
, iv
, buf
, sizeof buf
);
3923 check_equals("KAT DES->3 encrypt",
3924 buf
, cipher
, sizeof cipher
);
3925 vd
->init(dc
, key
, 24);
3926 memset(iv
, 0, sizeof iv
);
3927 vd
->run(dc
, iv
, buf
, sizeof buf
);
3928 check_equals("KAT DES->3 decrypt",
3929 buf
, plain
, sizeof plain
);
3934 for (u
= 0; KAT_DES_CBC
[u
]; u
+= 4) {
3935 unsigned char key
[24];
3936 unsigned char ivref
[8];
3937 unsigned char plain
[200];
3938 unsigned char cipher
[200];
3939 unsigned char buf
[200];
3940 unsigned char iv
[8];
3941 size_t key_len
, data_len
, v
;
3942 br_des_gen_cbcenc_keys v_ec
;
3943 br_des_gen_cbcdec_keys v_dc
;
3944 const br_block_cbcenc_class
**ec
;
3945 const br_block_cbcdec_class
**dc
;
3949 key_len
= hextobin(key
, KAT_DES_CBC
[u
]);
3950 hextobin(ivref
, KAT_DES_CBC
[u
+ 1]);
3951 data_len
= hextobin(plain
, KAT_DES_CBC
[u
+ 2]);
3952 hextobin(cipher
, KAT_DES_CBC
[u
+ 3]);
3953 ve
->init(ec
, key
, key_len
);
3955 memcpy(buf
, plain
, data_len
);
3956 memcpy(iv
, ivref
, 8);
3957 ve
->run(ec
, iv
, buf
, data_len
);
3958 check_equals("KAT CBC DES encrypt",
3959 buf
, cipher
, data_len
);
3960 vd
->init(dc
, key
, key_len
);
3961 memcpy(iv
, ivref
, 8);
3962 vd
->run(dc
, iv
, buf
, data_len
);
3963 check_equals("KAT CBC DES decrypt",
3964 buf
, plain
, data_len
);
3966 memcpy(buf
, plain
, data_len
);
3967 memcpy(iv
, ivref
, 8);
3968 for (v
= 0; v
< data_len
; v
+= 8) {
3969 ve
->run(ec
, iv
, buf
+ v
, 8);
3971 check_equals("KAT CBC DES encrypt (2)",
3972 buf
, cipher
, data_len
);
3973 memcpy(iv
, ivref
, 8);
3974 for (v
= 0; v
< data_len
; v
+= 8) {
3975 vd
->run(dc
, iv
, buf
+ v
, 8);
3977 check_equals("KAT CBC DES decrypt (2)",
3978 buf
, plain
, data_len
);
3983 monte_carlo_DES_encrypt(ve
);
3984 monte_carlo_DES_decrypt(vd
);
3994 test_DES_generic("DES_tab",
3995 &br_des_tab_cbcenc_vtable
,
3996 &br_des_tab_cbcdec_vtable
,
4003 test_DES_generic("DES_ct",
4004 &br_des_ct_cbcenc_vtable
,
4005 &br_des_ct_cbcdec_vtable
,
4009 static const struct {
4014 const char *scipher
;
4015 } KAT_CHACHA20
[] = {
4017 "0000000000000000000000000000000000000000000000000000000000000000",
4018 "000000000000000000000000",
4020 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
4021 "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586"
4024 "0000000000000000000000000000000000000000000000000000000000000001",
4025 "000000000000000000000002",
4027 "416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f",
4028 "a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec2a97948bd3722915c8f3d337f7d370050e9e96d647b7c39f56e031ca5eb6250d4042e02785ececfa4b4bb5e8ead0440e20b6e8db09d881a7c6132f420e52795042bdfa7773d8a9051447b3291ce1411c680465552aa6c405b7764d5e87bea85ad00f8449ed8f72d0d662ab052691ca66424bc86d2df80ea41f43abf937d3259dc4b2d0dfb48a6c9139ddd7f76966e928e635553ba76c5c879d7b35d49eb2e62b0871cdac638939e25e8a1e0ef9d5280fa8ca328b351c3c765989cbcf3daa8b6ccc3aaf9f3979c92b3720fc88dc95ed84a1be059c6499b9fda236e7e818b04b0bc39c1e876b193bfe5569753f88128cc08aaa9b63d1a16f80ef2554d7189c411f5869ca52c5b83fa36ff216b9c1d30062bebcfd2dc5bce0911934fda79a86f6e698ced759c3ff9b6477338f3da4f9cd8514ea9982ccafb341b2384dd902f3d1ab7ac61dd29c6f21ba5b862f3730e37cfdc4fd806c22f221"
4031 "1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0",
4032 "000000000000000000000002",
4034 "2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e",
4035 "62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1"
4041 test_ChaCha20_ct(void)
4045 printf("Test ChaCha20_ct: ");
4048 for (u
= 0; KAT_CHACHA20
[u
].skey
; u
++) {
4049 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4053 hextobin(key
, KAT_CHACHA20
[u
].skey
);
4054 hextobin(nonce
, KAT_CHACHA20
[u
].snonce
);
4055 cc
= KAT_CHACHA20
[u
].counter
;
4056 len
= hextobin(plain
, KAT_CHACHA20
[u
].splain
);
4057 hextobin(cipher
, KAT_CHACHA20
[u
].scipher
);
4059 for (v
= 0; v
< len
; v
++) {
4060 unsigned char tmp
[400];
4063 memset(tmp
, 0, sizeof tmp
);
4064 memcpy(tmp
, plain
, v
);
4065 if (br_chacha20_ct_run(key
, nonce
, cc
, tmp
, v
)
4066 != cc
+ (uint32_t)((v
+ 63) >> 6))
4068 fprintf(stderr
, "ChaCha20: wrong counter\n");
4071 if (memcmp(tmp
, cipher
, v
) != 0) {
4072 fprintf(stderr
, "ChaCha20 KAT fail (1)\n");
4075 for (w
= v
; w
< sizeof tmp
; w
++) {
4077 fprintf(stderr
, "ChaCha20: overrun\n");
4081 br_chacha20_ct_run(key
, nonce
, cc
, tmp
, v
);
4082 if (memcmp(tmp
, plain
, v
) != 0) {
4083 fprintf(stderr
, "ChaCha20 KAT fail (2)\n");
4096 static const struct {
4101 const char *scipher
;
4103 } KAT_POLY1305
[] = {
4105 "4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e",
4106 "50515253c0c1c2c3c4c5c6c7",
4107 "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f",
4108 "070000004041424344454647",
4109 "d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116",
4110 "1ae10b594f09e26a7e902ecbd0600691"
4112 { 0, 0, 0, 0, 0, 0 }
4116 test_Poly1305_inner(const char *name
, br_poly1305_run ipoly
,
4117 br_poly1305_run iref
)
4120 br_hmac_drbg_context rng
;
4122 printf("Test %s: ", name
);
4125 for (u
= 0; KAT_POLY1305
[u
].skey
; u
++) {
4126 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4127 unsigned char aad
[400], tag
[16], data
[400], tmp
[16];
4128 size_t len
, aad_len
;
4130 len
= hextobin(plain
, KAT_POLY1305
[u
].splain
);
4131 aad_len
= hextobin(aad
, KAT_POLY1305
[u
].saad
);
4132 hextobin(key
, KAT_POLY1305
[u
].skey
);
4133 hextobin(nonce
, KAT_POLY1305
[u
].snonce
);
4134 hextobin(cipher
, KAT_POLY1305
[u
].scipher
);
4135 hextobin(tag
, KAT_POLY1305
[u
].stag
);
4137 memcpy(data
, plain
, len
);
4138 ipoly(key
, nonce
, data
, len
,
4139 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 1);
4140 if (memcmp(data
, cipher
, len
) != 0) {
4141 fprintf(stderr
, "ChaCha20+Poly1305 KAT failed (1)\n");
4144 if (memcmp(tmp
, tag
, 16) != 0) {
4145 fprintf(stderr
, "ChaCha20+Poly1305 KAT failed (2)\n");
4148 ipoly(key
, nonce
, data
, len
,
4149 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 0);
4150 if (memcmp(data
, plain
, len
) != 0) {
4151 fprintf(stderr
, "ChaCha20+Poly1305 KAT failed (3)\n");
4154 if (memcmp(tmp
, tag
, 16) != 0) {
4155 fprintf(stderr
, "ChaCha20+Poly1305 KAT failed (4)\n");
4167 * We compare the "ipoly" and "iref" implementations together on
4168 * a bunch of pseudo-random messages.
4170 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for Poly1305", 17);
4171 for (u
= 0; u
< 100; u
++) {
4172 unsigned char plain
[100], aad
[100], tmp
[100];
4173 unsigned char key
[32], iv
[12], tag1
[16], tag2
[16];
4175 br_hmac_drbg_generate(&rng
, key
, sizeof key
);
4176 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
4177 br_hmac_drbg_generate(&rng
, plain
, u
);
4178 br_hmac_drbg_generate(&rng
, aad
, u
);
4179 memcpy(tmp
, plain
, u
);
4180 memset(tmp
+ u
, 0xFF, (sizeof tmp
) - u
);
4181 ipoly(key
, iv
, tmp
, u
, aad
, u
, tag1
,
4182 &br_chacha20_ct_run
, 1);
4183 memset(tmp
+ u
, 0x00, (sizeof tmp
) - u
);
4184 iref(key
, iv
, tmp
, u
, aad
, u
, tag2
,
4185 &br_chacha20_ct_run
, 0);
4186 if (memcmp(tmp
, plain
, u
) != 0) {
4187 fprintf(stderr
, "cross enc/dec failed\n");
4190 if (memcmp(tag1
, tag2
, sizeof tag1
) != 0) {
4191 fprintf(stderr
, "cross MAC failed\n");
4203 test_Poly1305_ctmul(void)
4205 test_Poly1305_inner("Poly1305_ctmul", &br_poly1305_ctmul_run
,
4206 &br_poly1305_i15_run
);
4210 test_Poly1305_ctmul32(void)
4212 test_Poly1305_inner("Poly1305_ctmul32", &br_poly1305_ctmul32_run
,
4213 &br_poly1305_i15_run
);
4217 test_Poly1305_i15(void)
4219 test_Poly1305_inner("Poly1305_i15", &br_poly1305_i15_run
,
4220 &br_poly1305_ctmul_run
);
4224 * A 1024-bit RSA key, generated with OpenSSL.
4226 static const unsigned char RSA_N
[] = {
4227 0xBF, 0xB4, 0xA6, 0x2E, 0x87, 0x3F, 0x9C, 0x8D,
4228 0xA0, 0xC4, 0x2E, 0x7B, 0x59, 0x36, 0x0F, 0xB0,
4229 0xFF, 0xE1, 0x25, 0x49, 0xE5, 0xE6, 0x36, 0xB0,
4230 0x48, 0xC2, 0x08, 0x6B, 0x77, 0xA7, 0xC0, 0x51,
4231 0x66, 0x35, 0x06, 0xA9, 0x59, 0xDF, 0x17, 0x7F,
4232 0x15, 0xF6, 0xB4, 0xE5, 0x44, 0xEE, 0x72, 0x3C,
4233 0x53, 0x11, 0x52, 0xC9, 0xC9, 0x61, 0x4F, 0x92,
4234 0x33, 0x64, 0x70, 0x43, 0x07, 0xF1, 0x3F, 0x7F,
4235 0x15, 0xAC, 0xF0, 0xC1, 0x54, 0x7D, 0x55, 0xC0,
4236 0x29, 0xDC, 0x9E, 0xCC, 0xE4, 0x1D, 0x11, 0x72,
4237 0x45, 0xF4, 0xD2, 0x70, 0xFC, 0x34, 0xB2, 0x1F,
4238 0xF3, 0xAD, 0x6A, 0xF0, 0xE5, 0x56, 0x11, 0xF8,
4239 0x0C, 0x3A, 0x8B, 0x04, 0x46, 0x7C, 0x77, 0xD9,
4240 0x41, 0x1F, 0x40, 0xBE, 0x93, 0x80, 0x9D, 0x23,
4241 0x75, 0x80, 0x12, 0x26, 0x5A, 0x72, 0x1C, 0xDD,
4242 0x47, 0xB3, 0x2A, 0x33, 0xD8, 0x19, 0x61, 0xE3
4244 static const unsigned char RSA_E
[] = {
4248 static const unsigned char RSA_D[] = {
4249 0xAE, 0x56, 0x0B, 0x56, 0x7E, 0xDA, 0x83, 0x75,
4250 0x6C, 0xC1, 0x5C, 0x00, 0x02, 0x96, 0x1E, 0x58,
4251 0xF9, 0xA9, 0xF7, 0x2E, 0x27, 0xEB, 0x5E, 0xCA,
4252 0x9B, 0xB0, 0x10, 0xD6, 0x22, 0x7F, 0xA4, 0x6E,
4253 0xA2, 0x03, 0x10, 0xE6, 0xCB, 0x7B, 0x0D, 0x34,
4254 0x1E, 0x76, 0x37, 0xF5, 0xD3, 0xE5, 0x00, 0x70,
4255 0x09, 0x9E, 0xD4, 0x69, 0xFB, 0x40, 0x0A, 0x8B,
4256 0xCB, 0x3E, 0xC8, 0xB4, 0xBC, 0xB1, 0x50, 0xEA,
4257 0x9D, 0xD9, 0x89, 0x8A, 0x98, 0x40, 0x79, 0xD1,
4258 0x07, 0x66, 0xA7, 0x90, 0x63, 0x82, 0xB1, 0xE0,
4259 0x24, 0xD0, 0x89, 0x6A, 0xEC, 0xC5, 0xF3, 0x21,
4260 0x7D, 0xB8, 0xA5, 0x45, 0x3A, 0x3B, 0x34, 0x42,
4261 0xC2, 0x82, 0x3C, 0x8D, 0xFA, 0x5D, 0xA0, 0xA8,
4262 0x24, 0xC8, 0x40, 0x22, 0x19, 0xCB, 0xB5, 0x85,
4263 0x67, 0x69, 0x60, 0xE4, 0xD0, 0x7E, 0xA3, 0x3B,
4264 0xF7, 0x70, 0x50, 0xC9, 0x5C, 0x97, 0x29, 0x49
4267 static const unsigned char RSA_P
[] = {
4268 0xF2, 0xE7, 0x6F, 0x66, 0x2E, 0xC4, 0x03, 0xD4,
4269 0x89, 0x24, 0xCC, 0xE1, 0xCD, 0x3F, 0x01, 0x82,
4270 0xC1, 0xFB, 0xAF, 0x44, 0xFA, 0xCC, 0x0E, 0xAA,
4271 0x9D, 0x74, 0xA9, 0x65, 0xEF, 0xED, 0x4C, 0x87,
4272 0xF0, 0xB3, 0xC6, 0xEA, 0x61, 0x85, 0xDE, 0x4E,
4273 0x66, 0xB2, 0x5A, 0x9F, 0x7A, 0x41, 0xC5, 0x66,
4274 0x57, 0xDF, 0x88, 0xF0, 0xB5, 0xF2, 0xC7, 0x7E,
4275 0xE6, 0x55, 0x21, 0x96, 0x83, 0xD8, 0xAB, 0x57
4277 static const unsigned char RSA_Q
[] = {
4278 0xCA, 0x0A, 0x92, 0xBF, 0x58, 0xB0, 0x2E, 0xF6,
4279 0x66, 0x50, 0xB1, 0x48, 0x29, 0x42, 0x86, 0x6C,
4280 0x98, 0x06, 0x7E, 0xB8, 0xB5, 0x4F, 0xFB, 0xC4,
4281 0xF3, 0xC3, 0x36, 0x91, 0x07, 0xB6, 0xDB, 0xE9,
4282 0x56, 0x3C, 0x51, 0x7D, 0xB5, 0xEC, 0x0A, 0xA9,
4283 0x7C, 0x66, 0xF9, 0xD8, 0x25, 0xDE, 0xD2, 0x94,
4284 0x5A, 0x58, 0xF1, 0x93, 0xE4, 0xF0, 0x5F, 0x27,
4285 0xBD, 0x83, 0xC7, 0xCA, 0x48, 0x6A, 0xB2, 0x55
4287 static const unsigned char RSA_DP
[] = {
4288 0xAF, 0x97, 0xBE, 0x60, 0x0F, 0xCE, 0x83, 0x36,
4289 0x51, 0x2D, 0xD9, 0x2E, 0x22, 0x41, 0x39, 0xC6,
4290 0x5C, 0x94, 0xA4, 0xCF, 0x28, 0xBD, 0xFA, 0x9C,
4291 0x3B, 0xD6, 0xE9, 0xDE, 0x56, 0xE3, 0x24, 0x3F,
4292 0xE1, 0x31, 0x14, 0xCA, 0xBA, 0x55, 0x1B, 0xAF,
4293 0x71, 0x6D, 0xDD, 0x35, 0x0C, 0x1C, 0x1F, 0xA7,
4294 0x2C, 0x3E, 0xDB, 0xAF, 0xA6, 0xD8, 0x2A, 0x7F,
4295 0x01, 0xE2, 0xE8, 0xB4, 0xF5, 0xFA, 0xDB, 0x61
4297 static const unsigned char RSA_DQ
[] = {
4298 0x29, 0xC0, 0x4B, 0x98, 0xFD, 0x13, 0xD3, 0x70,
4299 0x99, 0xAE, 0x1D, 0x24, 0x83, 0x5A, 0x3A, 0xFB,
4300 0x1F, 0xE3, 0x5F, 0xB6, 0x7D, 0xC9, 0x5C, 0x86,
4301 0xD3, 0xB4, 0xC8, 0x86, 0xE9, 0xE8, 0x30, 0xC3,
4302 0xA4, 0x4D, 0x6C, 0xAD, 0xA4, 0xB5, 0x75, 0x72,
4303 0x96, 0xC1, 0x94, 0xE9, 0xC4, 0xD1, 0xAA, 0x04,
4304 0x7C, 0x33, 0x1B, 0x20, 0xEB, 0xD3, 0x7C, 0x66,
4305 0x72, 0xF4, 0x53, 0x8A, 0x0A, 0xB2, 0xF9, 0xCD
4307 static const unsigned char RSA_IQ
[] = {
4308 0xE8, 0xEB, 0x04, 0x79, 0xA5, 0xC1, 0x79, 0xDE,
4309 0xD5, 0x49, 0xA1, 0x0B, 0x48, 0xB9, 0x0E, 0x55,
4310 0x74, 0x2C, 0x54, 0xEE, 0xA8, 0xB0, 0x01, 0xC2,
4311 0xD2, 0x3C, 0x3E, 0x47, 0x3A, 0x7C, 0xC8, 0x3D,
4312 0x2E, 0x33, 0x54, 0x4D, 0x40, 0x29, 0x41, 0x74,
4313 0xBA, 0xE1, 0x93, 0x09, 0xEC, 0xE0, 0x1B, 0x4D,
4314 0x1F, 0x2A, 0xCA, 0x4A, 0x0B, 0x5F, 0xE6, 0xBE,
4315 0x59, 0x0A, 0xC4, 0xC9, 0xD9, 0x82, 0xAC, 0xE1
4318 static const br_rsa_public_key RSA_PK
= {
4319 (void *)RSA_N
, sizeof RSA_N
,
4320 (void *)RSA_E
, sizeof RSA_E
4323 static const br_rsa_private_key RSA_SK
= {
4325 (void *)RSA_P
, sizeof RSA_P
,
4326 (void *)RSA_Q
, sizeof RSA_Q
,
4327 (void *)RSA_DP
, sizeof RSA_DP
,
4328 (void *)RSA_DQ
, sizeof RSA_DQ
,
4329 (void *)RSA_IQ
, sizeof RSA_IQ
4333 test_RSA_core(const char *name
, br_rsa_public fpub
, br_rsa_private fpriv
)
4335 unsigned char t1
[128], t2
[128], t3
[128];
4337 printf("Test %s: ", name
);
4341 * A KAT test (computed with OpenSSL).
4343 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4344 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4345 memcpy(t3
, t1
, sizeof t1
);
4346 if (!fpub(t3
, sizeof t3
, &RSA_PK
)) {
4347 fprintf(stderr
, "RSA public operation failed\n");
4350 check_equals("KAT RSA pub", t2
, t3
, sizeof t2
);
4351 if (!fpriv(t3
, &RSA_SK
)) {
4352 fprintf(stderr
, "RSA private operation failed\n");
4355 check_equals("KAT RSA priv", t1
, t3
, sizeof t1
);
4361 static const unsigned char SHA1_OID
[] = {
4362 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
4366 test_RSA_sign(const char *name
, br_rsa_private fpriv
,
4367 br_rsa_pkcs1_sign fsign
, br_rsa_pkcs1_vrfy fvrfy
)
4369 unsigned char t1
[128], t2
[128];
4370 unsigned char hv
[20], tmp
[20];
4374 printf("Test %s: ", name
);
4378 * Verify the KAT test (computed with OpenSSL).
4380 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4382 br_sha1_update(&hc
, "test", 4);
4383 br_sha1_out(&hc
, hv
);
4384 if (!fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
4385 fprintf(stderr
, "Signature verification failed\n");
4388 check_equals("Extracted hash value", hv
, tmp
, sizeof tmp
);
4391 * Regenerate the signature. This should yield the same value as
4392 * the KAT test, since PKCS#1 v1.5 signatures are deterministic
4393 * (except the usual detail about hash function parameter
4394 * encoding, but OpenSSL uses the same convention as BearSSL).
4396 if (!fsign(SHA1_OID
, hv
, 20, &RSA_SK
, t2
)) {
4397 fprintf(stderr
, "Signature generation failed\n");
4400 check_equals("Regenerated signature", t1
, t2
, sizeof t1
);
4403 * Use the raw private core to generate fake signatures, where
4404 * one byte of the padded hash value is altered. They should all be
4407 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4408 for (u
= 0; u
< (sizeof t2
) - 20; u
++) {
4409 memcpy(t1
, t2
, sizeof t2
);
4411 if (!fpriv(t1
, &RSA_SK
)) {
4412 fprintf(stderr
, "RSA private key operation failed\n");
4415 if (fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
4417 "Signature verification should have failed\n");
4431 test_RSA_core("RSA i15 core", &br_rsa_i15_public
, &br_rsa_i15_private
);
4432 test_RSA_sign("RSA i15 sign", &br_rsa_i15_private
,
4433 &br_rsa_i15_pkcs1_sign
, &br_rsa_i15_pkcs1_vrfy
);
4439 test_RSA_core("RSA i31 core", &br_rsa_i31_public
, &br_rsa_i31_private
);
4440 test_RSA_sign("RSA i31 sign", &br_rsa_i31_private
,
4441 &br_rsa_i31_pkcs1_sign
, &br_rsa_i31_pkcs1_vrfy
);
4447 test_RSA_core("RSA i32 core", &br_rsa_i32_public
, &br_rsa_i32_private
);
4448 test_RSA_sign("RSA i32 sign", &br_rsa_i32_private
,
4449 &br_rsa_i32_pkcs1_sign
, &br_rsa_i32_pkcs1_vrfy
);
4454 test_RSA_signatures(void)
4456 uint32_t n
[40], e
[2], p
[20], q
[20], dp
[20], dq
[20], iq
[20], x
[40];
4457 unsigned char hv
[20], sig
[128];
4458 unsigned char ref
[128], tmp
[128];
4461 printf("Test RSA signatures: ");
4465 * Decode RSA key elements.
4467 br_int_decode(n
, sizeof n
/ sizeof n
[0], RSA_N
, sizeof RSA_N
);
4468 br_int_decode(e
, sizeof e
/ sizeof e
[0], RSA_E
, sizeof RSA_E
);
4469 br_int_decode(p
, sizeof p
/ sizeof p
[0], RSA_P
, sizeof RSA_P
);
4470 br_int_decode(q
, sizeof q
/ sizeof q
[0], RSA_Q
, sizeof RSA_Q
);
4471 br_int_decode(dp
, sizeof dp
/ sizeof dp
[0], RSA_DP
, sizeof RSA_DP
);
4472 br_int_decode(dq
, sizeof dq
/ sizeof dq
[0], RSA_DQ
, sizeof RSA_DQ
);
4473 br_int_decode(iq
, sizeof iq
/ sizeof iq
[0], RSA_IQ
, sizeof RSA_IQ
);
4476 * Decode reference signature (computed with OpenSSL).
4478 hextobin(ref
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4481 * Recompute signature. Since PKCS#1 v1.5 signatures are
4482 * deterministic, we should get the same as the reference signature.
4485 br_sha1_update(&hc
, "test", 4);
4486 br_sha1_out(&hc
, hv
);
4487 if (!br_rsa_sign(sig
, sizeof sig
, p
, q
, dp
, dq
, iq
, br_sha1_ID
, hv
)) {
4488 fprintf(stderr
, "RSA-1024/SHA-1 sig generate failed\n");
4491 check_equals("KAT RSA-sign 1", sig
, ref
, sizeof sig
);
4496 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4497 fprintf(stderr
, "RSA-1024/SHA-1 sig verify failed\n");
4501 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4502 fprintf(stderr
, "RSA-1024/SHA-1 sig verify should have failed\n");
4508 * Generate a signature with the alternate encoding (no NULL) and
4511 hextobin(tmp
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00301F300706052B0E03021A0414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4512 br_int_decode(x
, sizeof x
/ sizeof x
[0], tmp
, sizeof tmp
);
4514 br_rsa_private_core(x
, p
, q
, dp
, dq
, iq
);
4515 br_int_encode(sig
, sizeof sig
, x
);
4516 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4517 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) failed\n");
4521 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4522 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) should have failed\n");
4533 * From: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
4535 static const char *const KAT_GHASH
[] = {
4537 "66e94bd4ef8a2c3b884cfa59ca342b2e",
4540 "00000000000000000000000000000000",
4542 "66e94bd4ef8a2c3b884cfa59ca342b2e",
4544 "0388dace60b6a392f328c2b971b2fe78",
4545 "f38cbb1ad69223dcc3457ae5b6b0f885",
4547 "b83b533708bf535d0aa6e52980d53b78",
4549 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
4550 "7f1b32b81b820d02614f8895ac1d4eac",
4552 "b83b533708bf535d0aa6e52980d53b78",
4553 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4554 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
4555 "698e57f70e6ecc7fd9463b7260a9ae5f",
4557 "b83b533708bf535d0aa6e52980d53b78",
4558 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4559 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
4560 "df586bb4c249b92cb6922877e444d37b",
4562 "b83b533708bf535d0aa6e52980d53b78",
4563 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4564 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
4565 "1c5afe9760d3932f3c9a878aac3dc3de",
4567 "aae06992acbf52a3e8f4a96ec9300bd7",
4569 "98e7247c07f0fe411c267e4384b0f600",
4570 "e2c63f0ac44ad0e02efa05ab6743d4ce",
4572 "466923ec9ae682214f2c082badb39249",
4574 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
4575 "51110d40f6c8fff0eb1ae33445a889f0",
4577 "466923ec9ae682214f2c082badb39249",
4578 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4579 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
4580 "ed2ce3062e4a8ec06db8b4c490e8a268",
4582 "466923ec9ae682214f2c082badb39249",
4583 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4584 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
4585 "1e6a133806607858ee80eaf237064089",
4587 "466923ec9ae682214f2c082badb39249",
4588 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4589 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
4590 "82567fb0b4cc371801eadec005968e94",
4592 "dc95c078a2408989ad48a21492842087",
4594 "cea7403d4d606b6e074ec5d3baf39d18",
4595 "83de425c5edc5d498f382c441041ca92",
4597 "acbef20579b4b8ebce889bac8732dad7",
4599 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
4600 "4db870d37cb75fcb46097c36230d1612",
4602 "acbef20579b4b8ebce889bac8732dad7",
4603 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4604 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
4605 "8bd0c4d8aacd391e67cca447e8c38f65",
4607 "acbef20579b4b8ebce889bac8732dad7",
4608 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4609 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
4610 "75a34288b8c68f811c52b2e9a2f97f63",
4612 "acbef20579b4b8ebce889bac8732dad7",
4613 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4614 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
4615 "d5ffcf6fc5ac4d69722187421a7f170b",
4621 test_GHASH(const char *name
, br_ghash gh
)
4625 printf("Test %s: ", name
);
4628 for (u
= 0; KAT_GHASH
[u
]; u
+= 4) {
4629 unsigned char h
[16];
4630 unsigned char a
[100];
4632 unsigned char c
[100];
4634 unsigned char p
[16];
4635 unsigned char y
[16];
4636 unsigned char ref
[16];
4638 hextobin(h
, KAT_GHASH
[u
]);
4639 a_len
= hextobin(a
, KAT_GHASH
[u
+ 1]);
4640 c_len
= hextobin(c
, KAT_GHASH
[u
+ 2]);
4641 hextobin(ref
, KAT_GHASH
[u
+ 3]);
4642 memset(y
, 0, sizeof y
);
4645 memset(p
, 0, sizeof p
);
4646 br_enc32be(p
+ 4, (uint32_t)a_len
<< 3);
4647 br_enc32be(p
+ 12, (uint32_t)c_len
<< 3);
4648 gh(y
, h
, p
, sizeof p
);
4649 check_equals("KAT GHASH", y
, ref
, sizeof ref
);
4657 test_GHASH_ctmul(void)
4659 test_GHASH("GHASH_ctmul", br_ghash_ctmul
);
4663 test_GHASH_ctmul32(void)
4665 test_GHASH("GHASH_ctmul32", br_ghash_ctmul32
);
4669 test_GHASH_ctmul64(void)
4671 test_GHASH("GHASH_ctmul64", br_ghash_ctmul64
);
4675 test_EC_inner(const char *sk
, const char *sU
,
4676 const br_ec_impl
*impl
, int curve
)
4678 unsigned char bk
[70];
4679 unsigned char eG
[150], eU
[150];
4680 uint32_t n
[22], n0i
;
4681 size_t klen
, ulen
, nlen
;
4682 const br_ec_curve_def
*cd
;
4683 br_hmac_drbg_context rng
;
4686 klen
= hextobin(bk
, sk
);
4687 ulen
= hextobin(eU
, sU
);
4689 case BR_EC_secp256r1
:
4692 case BR_EC_secp384r1
:
4695 case BR_EC_secp521r1
:
4699 fprintf(stderr
, "Unknown curve: %d\n", curve
);
4703 if (ulen
!= cd
->generator_len
) {
4704 fprintf(stderr
, "KAT vector wrong (%lu / %lu)\n",
4705 (unsigned long)ulen
,
4706 (unsigned long)cd
->generator_len
);
4708 memcpy(eG
, cd
->generator
, ulen
);
4709 if (impl
->mul(eG
, ulen
, bk
, klen
, curve
) != 1) {
4710 fprintf(stderr
, "KAT multiplication failed\n");
4713 if (memcmp(eG
, eU
, ulen
) != 0) {
4714 fprintf(stderr
, "KAT mul: mismatch\n");
4719 * Test the two-point-mul function. We want to test the basic
4720 * functionality, and the following special cases:
4722 * x + y = curve order
4724 nlen
= cd
->order_len
;
4725 br_i31_decode(n
, cd
->order
, nlen
);
4726 n0i
= br_i31_ninv31(n
[1]);
4727 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for EC", 11);
4728 for (i
= 0; i
< 10; i
++) {
4729 unsigned char ba
[80], bb
[80], bx
[80], by
[80], bz
[80];
4730 uint32_t a
[22], b
[22], x
[22], y
[22], z
[22], t1
[22], t2
[22];
4732 unsigned char eA
[160], eB
[160], eC
[160], eD
[160];
4735 * Generate random a and b, and compute A = a*G and B = b*G.
4737 br_hmac_drbg_generate(&rng
, ba
, sizeof ba
);
4738 br_i31_decode_reduce(a
, ba
, sizeof ba
, n
);
4739 br_i31_encode(ba
, nlen
, a
);
4740 br_hmac_drbg_generate(&rng
, bb
, sizeof bb
);
4741 br_i31_decode_reduce(b
, bb
, sizeof bb
, n
);
4742 br_i31_encode(bb
, nlen
, b
);
4743 memcpy(eA
, cd
->generator
, ulen
);
4744 impl
->mul(eA
, ulen
, ba
, nlen
, cd
->curve
);
4745 memcpy(eB
, cd
->generator
, ulen
);
4746 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
4749 * Generate random x and y (modulo n).
4751 br_hmac_drbg_generate(&rng
, bx
, sizeof bx
);
4752 br_i31_decode_reduce(x
, bx
, sizeof bx
, n
);
4753 br_i31_encode(bx
, nlen
, x
);
4754 br_hmac_drbg_generate(&rng
, by
, sizeof by
);
4755 br_i31_decode_reduce(y
, by
, sizeof by
, n
);
4756 br_i31_encode(by
, nlen
, y
);
4759 * Compute z = a*x + b*y (mod n).
4761 memcpy(t1
, x
, sizeof x
);
4762 br_i31_to_monty(t1
, n
);
4763 br_i31_montymul(z
, a
, t1
, n
, n0i
);
4764 memcpy(t1
, y
, sizeof y
);
4765 br_i31_to_monty(t1
, n
);
4766 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
4767 r
= br_i31_add(z
, t2
, 1);
4768 r
|= br_i31_sub(z
, n
, 0) ^ 1;
4769 br_i31_sub(z
, n
, r
);
4770 br_i31_encode(bz
, nlen
, z
);
4773 * Compute C = x*A + y*B with muladd(), and also
4774 * D = z*G with mul(). The two points must match.
4776 memcpy(eC
, eA
, ulen
);
4777 if (impl
->muladd(eC
, eB
, ulen
,
4778 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
4780 fprintf(stderr
, "muladd() failed (1)\n");
4783 memcpy(eD
, cd
->generator
, ulen
);
4784 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
4785 fprintf(stderr
, "mul() failed (1)\n");
4788 if (memcmp(eC
, eD
, nlen
) != 0) {
4789 fprintf(stderr
, "mul() / muladd() mismatch\n");
4794 * Also recomputed D = z*G with mulgen(). This must
4797 memset(eD
, 0, ulen
);
4798 if (impl
->mulgen(eD
, bz
, nlen
, cd
->curve
) != ulen
) {
4799 fprintf(stderr
, "mulgen() failed: wrong length\n");
4802 if (memcmp(eC
, eD
, nlen
) != 0) {
4803 fprintf(stderr
, "mulgen() / muladd() mismatch\n");
4808 * Check with x*A = y*B. We do so by setting b = x and y = a.
4810 memcpy(b
, x
, sizeof x
);
4811 br_i31_encode(bb
, nlen
, b
);
4812 memcpy(eB
, cd
->generator
, ulen
);
4813 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
4814 memcpy(y
, a
, sizeof a
);
4815 br_i31_encode(by
, nlen
, y
);
4817 memcpy(t1
, x
, sizeof x
);
4818 br_i31_to_monty(t1
, n
);
4819 br_i31_montymul(z
, a
, t1
, n
, n0i
);
4820 memcpy(t1
, y
, sizeof y
);
4821 br_i31_to_monty(t1
, n
);
4822 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
4823 r
= br_i31_add(z
, t2
, 1);
4824 r
|= br_i31_sub(z
, n
, 0) ^ 1;
4825 br_i31_sub(z
, n
, r
);
4826 br_i31_encode(bz
, nlen
, z
);
4828 memcpy(eC
, eA
, ulen
);
4829 if (impl
->muladd(eC
, eB
, ulen
,
4830 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
4832 fprintf(stderr
, "muladd() failed (2)\n");
4835 memcpy(eD
, cd
->generator
, ulen
);
4836 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
4837 fprintf(stderr
, "mul() failed (2)\n");
4840 if (memcmp(eC
, eD
, nlen
) != 0) {
4842 "mul() / muladd() mismatch (x*A=y*B)\n");
4847 * Check with x*A + y*B = 0. At that point, b = x, so we
4848 * just need to set y = -a (mod n).
4850 memcpy(y
, n
, sizeof n
);
4851 br_i31_sub(y
, a
, 1);
4852 br_i31_encode(by
, nlen
, y
);
4853 memcpy(eC
, eA
, ulen
);
4854 if (impl
->muladd(eC
, eB
, ulen
,
4855 bx
, nlen
, by
, nlen
, cd
->curve
) != 0)
4857 fprintf(stderr
, "muladd() should have failed\n");
4867 test_EC_KAT(const char *name
, const br_ec_impl
*impl
, uint32_t curve_mask
)
4870 printf("Test %s: ", name
);
4873 if (curve_mask
& ((uint32_t)1 << BR_EC_secp256r1
)) {
4875 "C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721",
4876 "0460FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB67903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299",
4877 impl
, BR_EC_secp256r1
);
4879 if (curve_mask
& ((uint32_t)1 << BR_EC_secp384r1
)) {
4881 "6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5",
4882 "04EC3A4E415B4E19A4568618029F427FA5DA9A8BC4AE92E02E06AAE5286B300C64DEF8F0EA9055866064A254515480BC138015D9B72D7D57244EA8EF9AC0C621896708A59367F9DFB9F54CA84B3F1C9DB1288B231C3AE0D4FE7344FD2533264720",
4883 impl
, BR_EC_secp384r1
);
4885 if (curve_mask
& ((uint32_t)1 << BR_EC_secp521r1
)) {
4887 "00FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538",
4888 "0401894550D0785932E00EAA23B694F213F8C3121F86DC97A04E5A7167DB4E5BCD371123D46E45DB6B5D5370A7F20FB633155D38FFA16D2BD761DCAC474B9A2F5023A400493101C962CD4D2FDDF782285E64584139C2F91B47F87FF82354D6630F746A28A0DB25741B5B34A828008B22ACC23F924FAAFBD4D33F81EA66956DFEAA2BFDFCF5",
4889 impl
, BR_EC_secp521r1
);
4897 test_EC_prime_i15(void)
4899 test_EC_KAT("EC_prime_i15", &br_ec_prime_i15
,
4900 (uint32_t)1 << BR_EC_secp256r1
4901 | (uint32_t)1 << BR_EC_secp384r1
4902 | (uint32_t)1 << BR_EC_secp521r1
);
4906 test_EC_prime_i31(void)
4908 test_EC_KAT("EC_prime_i31", &br_ec_prime_i31
,
4909 (uint32_t)1 << BR_EC_secp256r1
4910 | (uint32_t)1 << BR_EC_secp384r1
4911 | (uint32_t)1 << BR_EC_secp521r1
);
4915 test_EC_p256_m15(void)
4917 test_EC_KAT("EC_p256_m15", &br_ec_p256_m15
,
4918 (uint32_t)1 << BR_EC_secp256r1
);
4922 test_EC_p256_m31(void)
4924 test_EC_KAT("EC_p256_m31", &br_ec_p256_m31
,
4925 (uint32_t)1 << BR_EC_secp256r1
);
4933 { "A546E36BF0527C9D3B16154B82465EDD62144C0AC1FC5A18506A2244BA449AC4",
4934 "E6DB6867583030DB3594C1A424B15F7C726624EC26B3353B10A903A6D0AB1C4C",
4935 "C3DA55379DE9C6908E94EA4DF28D084F32ECCF03491C71F754B4075577A28552" },
4936 { "4B66E9D4D1B4673C5AD22691957D6AF5C11B6421E0EA01D42CA4169E7918BA0D",
4937 "E5210F12786811D3F4B7959D0538AE2C31DBE7106FC03C3EFC4CD549C715A493",
4938 "95CBDE9476E8907D7AADE45CB4B873F88B595A68799FA152E6F8F7647AAC7957" },
4943 test_EC_c25519(const char *name
, const br_ec_impl
*iec
)
4945 unsigned char bu
[32], bk
[32], br
[32];
4949 printf("Test %s: ", name
);
4951 for (v
= 0; C25519_KAT
[v
].scalar
; v
++) {
4952 hextobin(bk
, C25519_KAT
[v
].scalar
);
4953 hextobin(bu
, C25519_KAT
[v
].u_in
);
4954 hextobin(br
, C25519_KAT
[v
].u_out
);
4955 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
4956 fprintf(stderr
, "Curve25519 multiplication failed\n");
4959 if (memcmp(bu
, br
, sizeof bu
) != 0) {
4960 fprintf(stderr
, "Curve25519 failed KAT\n");
4969 memset(bu
, 0, sizeof bu
);
4971 memcpy(bk
, bu
, sizeof bu
);
4972 for (i
= 1; i
<= 1000; i
++) {
4973 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
4974 fprintf(stderr
, "Curve25519 multiplication failed"
4978 for (v
= 0; v
< sizeof bu
; v
++) {
4985 if (i
== 1 || i
== 1000) {
4989 ? "422C8E7A6227D7BCA1350B3E2BB7279F7897B87BB6854B783C60E80311AE3079"
4990 : "684CF59BA83309552800EF566F2F4D3C1C3887C49360E3875F2EB94D99532C51";
4992 if (memcmp(bk
, br
, sizeof bk
) != 0) {
4994 "Curve25519 failed KAT (iter=%d)\n", i
);
5009 test_EC_c25519_i15(void)
5011 test_EC_c25519("EC_c25519_i15", &br_ec_c25519_i15
);
5015 test_EC_c25519_i31(void)
5017 test_EC_c25519("EC_c25519_i31", &br_ec_c25519_i31
);
5021 test_EC_c25519_m15(void)
5023 test_EC_c25519("EC_c25519_m15", &br_ec_c25519_m15
);
5027 test_EC_c25519_m31(void)
5029 test_EC_c25519("EC_c25519_m31", &br_ec_c25519_m31
);
5032 static const unsigned char EC_P256_PUB_POINT
[] = {
5033 0x04, 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D,
5034 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D,
5035 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA,
5036 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F,
5037 0xB6, 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC,
5038 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC,
5039 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F,
5040 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22,
5044 static const unsigned char EC_P256_PRIV_X
[] = {
5045 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16,
5046 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93,
5047 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12,
5048 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21
5051 static const br_ec_public_key EC_P256_PUB
= {
5053 (unsigned char *)EC_P256_PUB_POINT
, sizeof EC_P256_PUB_POINT
5056 static const br_ec_private_key EC_P256_PRIV
= {
5058 (unsigned char *)EC_P256_PRIV_X
, sizeof EC_P256_PRIV_X
5061 static const unsigned char EC_P384_PUB_POINT
[] = {
5062 0x04, 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19,
5063 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F,
5064 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0,
5065 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C,
5066 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86,
5067 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC,
5068 0x13, 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57,
5069 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21,
5070 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF,
5071 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D,
5072 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4,
5073 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47,
5077 static const unsigned char EC_P384_PRIV_X
[] = {
5078 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C,
5079 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D,
5080 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA,
5081 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8,
5082 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25,
5083 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5
5086 static const br_ec_public_key EC_P384_PUB
= {
5088 (unsigned char *)EC_P384_PUB_POINT
, sizeof EC_P384_PUB_POINT
5091 static const br_ec_private_key EC_P384_PRIV
= {
5093 (unsigned char *)EC_P384_PRIV_X
, sizeof EC_P384_PRIV_X
5096 static const unsigned char EC_P521_PUB_POINT
[] = {
5097 0x04, 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59,
5098 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2,
5099 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97,
5100 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B,
5101 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB,
5102 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6,
5103 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B,
5104 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F,
5105 0x50, 0x23, 0xA4, 0x00, 0x49, 0x31, 0x01, 0xC9,
5106 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28,
5107 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B,
5108 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63,
5109 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74,
5110 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22,
5111 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4,
5112 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE,
5113 0xAA, 0x2B, 0xFD, 0xFC, 0xF5
5116 static const unsigned char EC_P521_PRIV_X
[] = {
5117 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B,
5118 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57,
5119 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F,
5120 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75,
5121 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C,
5122 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC,
5123 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB,
5124 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8,
5128 static const br_ec_public_key EC_P521_PUB
= {
5130 (unsigned char *)EC_P521_PUB_POINT
, sizeof EC_P521_PUB_POINT
5133 static const br_ec_private_key EC_P521_PRIV
= {
5135 (unsigned char *)EC_P521_PRIV_X
, sizeof EC_P521_PRIV_X
5139 const br_ec_public_key
*pub
;
5140 const br_ec_private_key
*priv
;
5141 const br_hash_class
*hf
;
5148 const ecdsa_kat_vector ECDSA_KAT
[] = {
5150 /* Test vectors for P-256, from RFC 6979. */
5154 &br_sha1_vtable
, "sample",
5155 "882905F1227FD620FBF2ABF21244F0BA83D0DC3A9103DBBEE43A1FB858109DB4",
5156 "61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D326D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB",
5157 "3044022061340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D3202206D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
5162 &br_sha224_vtable
, "sample",
5163 "103F90EE9DC52E5E7FB5132B7033C63066D194321491862059967C715985D473",
5164 "53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3FB9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C",
5165 "3045022053B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F022100B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
5170 &br_sha256_vtable
, "sample",
5171 "A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60",
5172 "EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8",
5173 "3046022100EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716022100F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8"
5178 &br_sha384_vtable
, "sample",
5179 "09F634B188CEFD98E7EC88B1AA9852D734D0BC272F7D2A47DECC6EBEB375AAD4",
5180 "0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF77194861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954",
5181 "304402200EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF771902204861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954"
5186 &br_sha512_vtable
, "sample",
5187 "5FA81C63109BADB88C1F367B47DA606DA28CAD69AA22C4FE6AD7DF73A7173AA5",
5188 "8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F002362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE",
5189 "30450221008496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F0002202362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE"
5194 &br_sha1_vtable
, "test",
5195 "8C9520267C55D6B980DF741E56B4ADEE114D84FBFA2E62137954164028632A2E",
5196 "0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A8901B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1",
5197 "304402200CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89022001B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
5202 &br_sha224_vtable
, "test",
5203 "669F4426F2688B8BE0DB3A6BD1989BDAEFFF84B649EEB84F3DD26080F667FAA7",
5204 "C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D",
5205 "3046022100C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692022100C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
5210 &br_sha256_vtable
, "test",
5211 "D16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0",
5212 "F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083",
5213 "3045022100F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D383670220019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083"
5218 &br_sha384_vtable
, "test",
5219 "16AEFFA357260B04B1DD199693960740066C1A8F3E8EDD79070AA914D361B3B8",
5220 "83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB68DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C",
5221 "304602210083910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB60221008DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C"
5226 &br_sha512_vtable
, "test",
5227 "6915D11632ACA3C40D5D51C08DAF9C555933819548784480E93499000D9F0B7F",
5228 "461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A0439AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55",
5229 "30440220461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04022039AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55"
5232 /* Test vectors for P-384, from RFC 6979. */
5236 &br_sha1_vtable
, "sample",
5237 "4471EF7518BB2C7C20F62EAE1C387AD0C5E8E470995DB4ACF694466E6AB096630F29E5938D25106C3C340045A2DB01A7",
5238 "EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443",
5239 "3066023100EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2023100A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
5245 &br_sha224_vtable
, "sample",
5246 "A4E4D2F0E729EB786B31FC20AD5D849E304450E0AE8E3E341134A5C1AFA03CAB8083EE4E3C45B06A5899EA56C51B5879",
5247 "42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601229DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D",
5248 "3065023042356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601220231009DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
5253 &br_sha256_vtable
, "sample",
5254 "180AE9F9AEC5438A44BC159A1FCB277C7BE54FA20E7CF404B490650A8ACC414E375572342863C899F9F2EDF9747A9B60",
5255 "21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CDF3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0",
5256 "3065023021B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD023100F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0"
5261 &br_sha384_vtable
, "sample",
5262 "94ED910D1A099DAD3254E9242AE85ABDE4BA15168EAF0CA87A555FD56D10FBCA2907E3E83BA95368623B8C4686915CF9",
5263 "94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4699EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8",
5264 "306602310094EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4602310099EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8"
5269 &br_sha512_vtable
, "sample",
5270 "92FC3C7183A883E24216D1141F1A8976C5B0DD797DFA597E3D7B32198BD35331A4E966532593A52980D0E3AAA5E10EC3",
5271 "ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5",
5272 "3065023100ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD78824337090230512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5"
5277 &br_sha1_vtable
, "test",
5278 "66CC2C8F4D303FC962E5FF6A27BD79F84EC812DDAE58CF5243B64A4AD8094D47EC3727F3A3C186C15054492E30698497",
5279 "4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282",
5280 "306502304BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7023100D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
5285 &br_sha224_vtable
, "test",
5286 "18FA39DB95AA5F561F30FA3591DC59C0FA3653A80DAFFA0B48D1A4C6DFCBFF6E3D33BE4DC5EB8886A8ECD093F2935726",
5287 "E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E7207041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66",
5288 "3065023100E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72023007041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
5293 &br_sha256_vtable
, "test",
5294 "0CFAC37587532347DC3389FDC98286BBA8C73807285B184C83E62E26C401C0FAA48DD070BA79921A3457ABFF2D630AD7",
5295 "6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265",
5296 "306402306D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B02302D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265"
5301 &br_sha384_vtable
, "test",
5302 "015EE46A5BF88773ED9123A5AB0807962D193719503C527B031B4C2D225092ADA71F4A459BC0DA98ADB95837DB8312EA",
5303 "8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DBDDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5",
5304 "30660231008203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB023100DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5"
5309 &br_sha512_vtable
, "test",
5310 "3780C4F67CB15518B6ACAE34C9F83568D2E12E47DEAB6C50A4E4EE5319D1E8CE0E2CC8A136036DC4B9C00E6888F66B6C",
5311 "A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736",
5312 "3066023100A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277023100976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736"
5315 /* Test vectors for P-521, from RFC 6979. */
5319 &br_sha1_vtable
, "sample",
5320 "0089C071B419E1C2820962321787258469511958E80582E95D8378E0C2CCDB3CB42BEDE42F50E3FA3C71F5A76724281D31D9C89F0F91FC1BE4918DB1C03A5838D0F9",
5321 "00343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D00E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16",
5322 "3081870241343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D024200E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
5327 &br_sha224_vtable
, "sample",
5328 "0121415EC2CD7726330A61F7F3FA5DE14BE9436019C4DB8CB4041F3B54CF31BE0493EE3F427FB906393D895A19C9523F3A1D54BB8702BD4AA9C99DAB2597B92113F3",
5329 "01776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E0050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F",
5330 "308187024201776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E024150CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
5335 &br_sha256_vtable
, "sample",
5336 "00EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0",
5337 "01511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7004A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC",
5338 "308187024201511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A702414A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC"
5343 &br_sha384_vtable
, "sample",
5344 "01546A108BC23A15D6F21872F7DED661FA8431DDBD922D0DCDB77CC878C8553FFAD064C95A920A750AC9137E527390D2D92F153E66196966EA554D9ADFCB109C4211",
5345 "01EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C6745101F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61",
5346 "308188024201EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451024201F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61"
5351 &br_sha512_vtable
, "sample",
5352 "01DAE2EA071F8110DC26882D4D5EAE0621A3256FC8847FB9022E2B7D28E6F10198B1574FDD03A9053C08A1854A168AA5A57470EC97DD5CE090124EF52A2F7ECBFFD3",
5353 "00C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA00617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A",
5354 "308187024200C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA0241617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A"
5359 &br_sha1_vtable
, "test",
5360 "00BB9F2BF4FE1038CCF4DABD7139A56F6FD8BB1386561BD3C6A4FC818B20DF5DDBA80795A947107A1AB9D12DAA615B1ADE4F7A9DC05E8E6311150F47F5C57CE8B222",
5361 "013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D036701E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF",
5362 "3081880242013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367024201E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
5367 &br_sha224_vtable
, "test",
5368 "0040D09FCF3C8A5F62CF4FB223CBBB2B9937F6B0577C27020A99602C25A01136987E452988781484EDBBCF1C47E554E7FC901BC3085E5206D9F619CFF07E73D6F706",
5369 "01C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB0177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4",
5370 "308188024201C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB02420177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
5375 &br_sha256_vtable
, "test",
5376 "001DE74955EFAABC4C4F17F8E84D881D1310B5392D7700275F82F145C61E843841AF09035BF7A6210F5A431A6A9E81C9323354A9E69135D44EBD2FCAA7731B909258",
5377 "000E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA800CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86",
5378 "30818702410E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8024200CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86"
5383 &br_sha384_vtable
, "test",
5384 "01F1FC4A349A7DA9A9E116BFDD055DC08E78252FF8E23AC276AC88B1770AE0B5DCEB1ED14A4916B769A523CE1E90BA22846AF11DF8B300C38818F713DADD85DE0C88",
5385 "014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C0133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979",
5386 "3081880242014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C02420133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979"
5391 &br_sha512_vtable
, "test",
5392 "016200813020EC986863BEDFC1B121F605C1215645018AEA1A7B215A564DE9EB1B38A67AA1128B80CE391C4FB71187654AAA3431027BFC7F395766CA988C964DC56D",
5393 "013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D01FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3",
5394 "3081880242013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D024201FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
5397 /* Terminator for list of test vectors. */
5404 test_ECDSA_KAT(const br_ec_impl
*iec
,
5405 br_ecdsa_sign sign
, br_ecdsa_vrfy vrfy
, int asn1
)
5409 for (u
= 0;; u
++) {
5410 const ecdsa_kat_vector
*kv
;
5411 unsigned char hash
[64];
5413 unsigned char sig
[150], sig2
[150];
5414 size_t sig_len
, sig2_len
;
5415 br_hash_compat_context hc
;
5421 kv
->hf
->init(&hc
.vtable
);
5422 kv
->hf
->update(&hc
.vtable
, kv
->msg
, strlen(kv
->msg
));
5423 kv
->hf
->out(&hc
.vtable
, hash
);
5424 hash_len
= (kv
->hf
->desc
>> BR_HASHDESC_OUT_OFF
)
5425 & BR_HASHDESC_OUT_MASK
;
5427 sig_len
= hextobin(sig
, kv
->sasn1
);
5429 sig_len
= hextobin(sig
, kv
->sraw
);
5432 if (vrfy(iec
, hash
, hash_len
,
5433 kv
->pub
, sig
, sig_len
) != 1)
5435 fprintf(stderr
, "ECDSA KAT verify failed (1)\n");
5439 if (vrfy(iec
, hash
, hash_len
,
5440 kv
->pub
, sig
, sig_len
) != 0)
5442 fprintf(stderr
, "ECDSA KAT verify shoud have failed\n");
5446 if (vrfy(iec
, hash
, hash_len
,
5447 kv
->pub
, sig
, sig_len
) != 1)
5449 fprintf(stderr
, "ECDSA KAT verify failed (2)\n");
5453 sig2_len
= sign(iec
, kv
->hf
, hash
, kv
->priv
, sig2
);
5454 if (sig2_len
== 0) {
5455 fprintf(stderr
, "ECDSA KAT sign failed\n");
5458 if (sig2_len
!= sig_len
|| memcmp(sig
, sig2
, sig_len
) != 0) {
5459 fprintf(stderr
, "ECDSA KAT wrong signature value\n");
5469 test_ECDSA_i31(void)
5471 printf("Test ECDSA/i31: ");
5475 test_ECDSA_KAT(&br_ec_prime_i31
,
5476 &br_ecdsa_i31_sign_raw
, &br_ecdsa_i31_vrfy_raw
, 0);
5479 test_ECDSA_KAT(&br_ec_prime_i31
,
5480 &br_ecdsa_i31_sign_asn1
, &br_ecdsa_i31_vrfy_asn1
, 1);
5486 test_ECDSA_i15(void)
5488 printf("Test ECDSA/i15: ");
5492 test_ECDSA_KAT(&br_ec_prime_i15
,
5493 &br_ecdsa_i15_sign_raw
, &br_ecdsa_i15_vrfy_raw
, 0);
5496 test_ECDSA_KAT(&br_ec_prime_i31
,
5497 &br_ecdsa_i15_sign_asn1
, &br_ecdsa_i15_vrfy_asn1
, 1);
5503 eq_name(const char *s1
, const char *s2
)
5510 if (c1
>= 'A' && c1
<= 'Z') {
5514 case '-': case '_': case '.': case ' ':
5522 if (c2
>= 'A' && c2
<= 'Z') {
5526 case '-': case '_': case '.': case ' ':
5541 #define STU(x) { &test_ ## x, #x }
5543 static const struct {
5565 STU(Poly1305_ctmul
),
5566 STU(Poly1305_ctmul32
),
5588 main(int argc
, char *argv
[])
5593 printf("usage: testcrypto all | name...\n");
5594 printf("individual test names:\n");
5595 for (u
= 0; tfns
[u
].name
; u
++) {
5596 printf(" %s\n", tfns
[u
].name
);
5599 for (u
= 0; tfns
[u
].name
; u
++) {
5602 for (i
= 1; i
< argc
; i
++) {
5603 if (eq_name(argv
[i
], tfns
[u
].name
)
5604 || eq_name(argv
[i
], "all"))