2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32 * Decode an hexadecimal string. Returned value is the number of decoded
36 hextobin(unsigned char *dst
, const char *src
)
47 if (c
>= '0' && c
<= '9') {
49 } else if (c
>= 'A' && c
<= 'F') {
51 } else if (c
>= 'a' && c
<= 'f') {
57 *dst
++ = (acc
<< 4) + c
;
68 check_equals(const char *banner
, const void *v1
, const void *v2
, size_t len
)
71 const unsigned char *b
;
73 if (memcmp(v1
, v2
, len
) == 0) {
76 fprintf(stderr
, "\n%s failed\n", banner
);
77 fprintf(stderr
, "v1: ");
78 for (u
= 0, b
= v1
; u
< len
; u
++) {
79 fprintf(stderr
, "%02X", b
[u
]);
81 fprintf(stderr
, "\nv2: ");
82 for (u
= 0, b
= v2
; u
< len
; u
++) {
83 fprintf(stderr
, "%02X", b
[u
]);
85 fprintf(stderr
, "\n");
89 #define HASH_SIZE(cname) br_ ## cname ## _SIZE
91 #define TEST_HASH(Name, cname) \
93 test_ ## cname ## _internal(char *data, char *refres) \
95 br_ ## cname ## _context mc; \
96 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
99 hextobin(ref, refres); \
101 br_ ## cname ## _init(&mc); \
102 br_ ## cname ## _update(&mc, data, n); \
103 br_ ## cname ## _out(&mc, res); \
104 check_equals("KAT " #Name " 1", res, ref, HASH_SIZE(cname)); \
105 br_ ## cname ## _init(&mc); \
106 for (u = 0; u < n; u ++) { \
107 br_ ## cname ## _update(&mc, data + u, 1); \
109 br_ ## cname ## _out(&mc, res); \
110 check_equals("KAT " #Name " 2", res, ref, HASH_SIZE(cname)); \
111 for (u = 0; u < n; u ++) { \
112 br_ ## cname ## _context mc2; \
113 br_ ## cname ## _init(&mc); \
114 br_ ## cname ## _update(&mc, data, u); \
116 br_ ## cname ## _update(&mc, data + u, n - u); \
117 br_ ## cname ## _out(&mc, res); \
118 check_equals("KAT " #Name " 3", res, ref, HASH_SIZE(cname)); \
119 br_ ## cname ## _update(&mc2, data + u, n - u); \
120 br_ ## cname ## _out(&mc2, res); \
121 check_equals("KAT " #Name " 4", res, ref, HASH_SIZE(cname)); \
123 memset(&mc, 0, sizeof mc); \
124 memset(res, 0, sizeof res); \
125 br_ ## cname ## _vtable.init(&mc.vtable); \
126 mc.vtable->update(&mc.vtable, data, n); \
127 mc.vtable->out(&mc.vtable, res); \
128 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
129 memset(res, 0, sizeof res); \
130 mc.vtable->init(&mc.vtable); \
131 mc.vtable->update(&mc.vtable, data, n); \
132 mc.vtable->out(&mc.vtable, res); \
133 check_equals("KAT " #Name " 6", res, ref, HASH_SIZE(cname)); \
136 #define KAT_MILLION_A(Name, cname, refres) do { \
137 br_ ## cname ## _context mc; \
138 unsigned char buf[1000]; \
139 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
142 hextobin(ref, refres); \
143 memset(buf, 'a', sizeof buf); \
144 br_ ## cname ## _init(&mc); \
145 for (i = 0; i < 1000; i ++) { \
146 br_ ## cname ## _update(&mc, buf, sizeof buf); \
148 br_ ## cname ## _out(&mc, res); \
149 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
153 TEST_HASH(SHA
-1, sha1
)
154 TEST_HASH(SHA
-224, sha224
)
155 TEST_HASH(SHA
-256, sha256
)
156 TEST_HASH(SHA
-384, sha384
)
157 TEST_HASH(SHA
-512, sha512
)
162 printf("Test MD5: ");
164 test_md5_internal("", "d41d8cd98f00b204e9800998ecf8427e");
165 test_md5_internal("a", "0cc175b9c0f1b6a831c399e269772661");
166 test_md5_internal("abc", "900150983cd24fb0d6963f7d28e17f72");
167 test_md5_internal("message digest", "f96b697d7cb7938d525a2f31aaf161d0");
168 test_md5_internal("abcdefghijklmnopqrstuvwxyz",
169 "c3fcd3d76192e4007dfb496cca67e13b");
170 test_md5_internal("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstu"
171 "vwxyz0123456789", "d174ab98d277d9f5a5611c2c9f419d9f");
172 test_md5_internal("1234567890123456789012345678901234567890123456789"
173 "0123456789012345678901234567890",
174 "57edf4a22be3c955ac49da2e2107b67a");
175 KAT_MILLION_A(MD5
, md5
,
176 "7707d6ae4e027c70eea2a935c2296f21");
184 printf("Test SHA-1: ");
186 test_sha1_internal("abc", "a9993e364706816aba3e25717850c26c9cd0d89d");
187 test_sha1_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
188 "nomnopnopq", "84983e441c3bd26ebaae4aa1f95129e5e54670f1");
190 KAT_MILLION_A(SHA
-1, sha1
,
191 "34aa973cd4c4daa4f61eeb2bdbad27316534016f");
199 printf("Test SHA-224: ");
201 test_sha224_internal("abc",
202 "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7");
203 test_sha224_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
205 "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525");
207 KAT_MILLION_A(SHA
-224, sha224
,
208 "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67");
216 printf("Test SHA-256: ");
218 test_sha256_internal("abc",
219 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
220 test_sha256_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
222 "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1");
224 KAT_MILLION_A(SHA
-256, sha256
,
225 "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0");
233 printf("Test SHA-384: ");
235 test_sha384_internal("abc",
236 "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded163"
237 "1a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7");
238 test_sha384_internal(
239 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
240 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
241 "09330c33f71147e83d192fc782cd1b4753111b173b3b05d2"
242 "2fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039");
244 KAT_MILLION_A(SHA
-384, sha384
,
245 "9d0e1809716474cb086e834e310a4a1ced149e9c00f24852"
246 "7972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985");
254 printf("Test SHA-512: ");
256 test_sha512_internal("abc",
257 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
258 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
259 test_sha512_internal(
260 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
261 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
262 "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
263 "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909");
265 KAT_MILLION_A(SHA
-512, sha512
,
266 "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973eb"
267 "de0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b");
275 unsigned char buf
[500], out
[36], outM
[16], outS
[20];
276 unsigned char seed
[1];
277 br_hmac_drbg_context rc
;
280 br_md5sha1_context cc
;
283 printf("Test MD5+SHA-1: ");
287 br_hmac_drbg_init(&rc
, &br_sha256_vtable
, seed
, sizeof seed
);
288 for (u
= 0; u
< sizeof buf
; u
++) {
291 br_hmac_drbg_generate(&rc
, buf
, u
);
293 br_md5_update(&mc
, buf
, u
);
294 br_md5_out(&mc
, outM
);
296 br_sha1_update(&sc
, buf
, u
);
297 br_sha1_out(&sc
, outS
);
298 br_md5sha1_init(&cc
);
299 br_md5sha1_update(&cc
, buf
, u
);
300 br_md5sha1_out(&cc
, out
);
301 check_equals("MD5+SHA-1 [1]", out
, outM
, 16);
302 check_equals("MD5+SHA-1 [2]", out
+ 16, outS
, 20);
303 br_md5sha1_init(&cc
);
304 for (v
= 0; v
< u
; v
++) {
305 br_md5sha1_update(&cc
, buf
+ v
, 1);
307 br_md5sha1_out(&cc
, out
);
308 check_equals("MD5+SHA-1 [3]", out
, outM
, 16);
309 check_equals("MD5+SHA-1 [4]", out
+ 16, outS
, 20);
317 * Compute a hash function, on some data, by ID. Returned value is
318 * hash output length.
321 do_hash(int id
, const void *data
, size_t len
, void *out
)
324 br_sha1_context csha1
;
325 br_sha224_context csha224
;
326 br_sha256_context csha256
;
327 br_sha384_context csha384
;
328 br_sha512_context csha512
;
333 br_md5_update(&cmd5
, data
, len
);
334 br_md5_out(&cmd5
, out
);
337 br_sha1_init(&csha1
);
338 br_sha1_update(&csha1
, data
, len
);
339 br_sha1_out(&csha1
, out
);
342 br_sha224_init(&csha224
);
343 br_sha224_update(&csha224
, data
, len
);
344 br_sha224_out(&csha224
, out
);
347 br_sha256_init(&csha256
);
348 br_sha256_update(&csha256
, data
, len
);
349 br_sha256_out(&csha256
, out
);
352 br_sha384_init(&csha384
);
353 br_sha384_update(&csha384
, data
, len
);
354 br_sha384_out(&csha384
, out
);
357 br_sha512_init(&csha512
);
358 br_sha512_update(&csha512
, data
, len
);
359 br_sha512_out(&csha512
, out
);
362 fprintf(stderr
, "Uknown hash function: %d\n", id
);
369 * Tests for a multihash. Returned value should be 258 multiplied by the
370 * number of hash functions implemented by the context.
373 test_multihash_inner(br_multihash_context
*mc
)
376 * Try hashing messages for all lengths from 0 to 257 bytes
377 * (inclusive). Each attempt is done twice, with data input
378 * either in one go, or byte by byte. In the byte by byte
379 * test, intermediate result are obtained and checked.
382 unsigned char buf
[258];
387 for (len
= 0; len
< sizeof buf
; len
++) {
389 unsigned char tmp
[20];
392 br_sha1_update(&sc
, buf
, len
);
393 br_sha1_out(&sc
, tmp
);
396 for (len
= 0; len
<= 257; len
++) {
399 br_multihash_init(mc
);
400 br_multihash_update(mc
, buf
, len
);
401 for (i
= 1; i
<= 6; i
++) {
402 unsigned char tmp
[64], tmp2
[64];
405 olen
= br_multihash_out(mc
, i
, tmp
);
409 olen2
= do_hash(i
, buf
, len
, tmp2
);
412 "Bad hash output length: %u / %u\n",
413 (unsigned)olen
, (unsigned)olen2
);
416 check_equals("Hash output", tmp
, tmp2
, olen
);
420 br_multihash_init(mc
);
421 for (u
= 0; u
< len
; u
++) {
422 br_multihash_update(mc
, buf
+ u
, 1);
423 for (i
= 1; i
<= 6; i
++) {
424 unsigned char tmp
[64], tmp2
[64];
427 olen
= br_multihash_out(mc
, i
, tmp
);
431 olen2
= do_hash(i
, buf
, u
+ 1, tmp2
);
433 fprintf(stderr
, "Bad hash output"
434 " length: %u / %u\n",
439 check_equals("Hash output", tmp
, tmp2
, olen
);
449 br_multihash_context mc
;
451 printf("Test MultiHash: ");
454 br_multihash_zero(&mc
);
455 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
456 if (test_multihash_inner(&mc
) != 258) {
457 fprintf(stderr
, "Failed test count\n");
462 br_multihash_zero(&mc
);
463 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
464 if (test_multihash_inner(&mc
) != 258) {
465 fprintf(stderr
, "Failed test count\n");
470 br_multihash_zero(&mc
);
471 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
472 if (test_multihash_inner(&mc
) != 258) {
473 fprintf(stderr
, "Failed test count\n");
478 br_multihash_zero(&mc
);
479 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
480 if (test_multihash_inner(&mc
) != 258) {
481 fprintf(stderr
, "Failed test count\n");
486 br_multihash_zero(&mc
);
487 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
488 if (test_multihash_inner(&mc
) != 258) {
489 fprintf(stderr
, "Failed test count\n");
494 br_multihash_zero(&mc
);
495 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
496 if (test_multihash_inner(&mc
) != 258) {
497 fprintf(stderr
, "Failed test count\n");
502 br_multihash_zero(&mc
);
503 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
504 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
505 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
506 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
507 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
508 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
509 if (test_multihash_inner(&mc
) != 258 * 6) {
510 fprintf(stderr
, "Failed test count\n");
520 do_KAT_HMAC_bin_bin(const br_hash_class
*digest_class
,
521 const void *key
, size_t key_len
,
522 const void *data
, size_t data_len
, const char *href
)
524 br_hmac_key_context kc
;
526 unsigned char tmp
[64], ref
[64];
529 len
= hextobin(ref
, href
);
530 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
531 br_hmac_init(&ctx
, &kc
, 0);
532 br_hmac_update(&ctx
, data
, data_len
);
533 br_hmac_out(&ctx
, tmp
);
534 check_equals("KAT HMAC 1", tmp
, ref
, len
);
536 br_hmac_init(&ctx
, &kc
, 0);
537 for (u
= 0; u
< data_len
; u
++) {
538 br_hmac_update(&ctx
, (const unsigned char *)data
+ u
, 1);
540 br_hmac_out(&ctx
, tmp
);
541 check_equals("KAT HMAC 2", tmp
, ref
, len
);
543 for (u
= 0; u
< data_len
; u
++) {
544 br_hmac_init(&ctx
, &kc
, 0);
545 br_hmac_update(&ctx
, data
, u
);
546 br_hmac_out(&ctx
, tmp
);
548 (const unsigned char *)data
+ u
, data_len
- u
);
549 br_hmac_out(&ctx
, tmp
);
550 check_equals("KAT HMAC 3", tmp
, ref
, len
);
555 do_KAT_HMAC_str_str(const br_hash_class
*digest_class
, const char *key
,
556 const char *data
, const char *href
)
558 do_KAT_HMAC_bin_bin(digest_class
, key
, strlen(key
),
559 data
, strlen(data
), href
);
563 do_KAT_HMAC_hex_hex(const br_hash_class
*digest_class
, const char *skey
,
564 const char *sdata
, const char *href
)
566 unsigned char key
[1024];
567 unsigned char data
[1024];
569 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
570 data
, hextobin(data
, sdata
), href
);
574 do_KAT_HMAC_hex_str(const br_hash_class
*digest_class
,
575 const char *skey
, const char *data
, const char *href
)
577 unsigned char key
[1024];
579 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
580 data
, strlen(data
), href
);
584 test_HMAC_CT(const br_hash_class
*digest_class
,
585 const void *key
, size_t key_len
, const void *data
)
587 br_hmac_key_context kc
;
588 br_hmac_context hc1
, hc2
;
589 unsigned char buf1
[64], buf2
[64];
592 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
594 for (u
= 0; u
< 2; u
++) {
595 for (v
= 0; v
< 130; v
++) {
596 size_t min_len
, max_len
;
601 for (w
= min_len
; w
<= max_len
; w
++) {
605 br_hmac_init(&hc1
, &kc
, 0);
606 br_hmac_update(&hc1
, data
, u
+ w
);
607 hlen1
= br_hmac_out(&hc1
, buf1
);
608 br_hmac_init(&hc2
, &kc
, 0);
609 br_hmac_update(&hc2
, data
, u
);
610 hlen2
= br_hmac_outCT(&hc2
,
611 (const unsigned char *)data
+ u
, w
,
612 min_len
, max_len
, buf2
);
613 if (hlen1
!= hlen2
) {
614 fprintf(stderr
, "HMAC length mismatch:"
615 " %u / %u\n", (unsigned)hlen1
,
619 sprintf(tmp
, "HMAC CT %u,%u,%u",
620 (unsigned)u
, (unsigned)v
, (unsigned)w
);
621 check_equals(tmp
, buf1
, buf2
, hlen1
);
634 unsigned char data
[1000];
637 const char key
[] = "test HMAC key";
639 printf("Test HMAC: ");
641 do_KAT_HMAC_hex_str(&br_md5_vtable
,
642 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
644 "9294727a3638bb1c13f48ef8158bfc9d");
645 do_KAT_HMAC_str_str(&br_md5_vtable
,
647 "what do ya want for nothing?",
648 "750c783e6ab0b503eaa86e310a5db738");
649 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
650 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
651 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
652 "56be34521d144c88dbb8c733f0e8b3f6");
653 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
654 "0102030405060708090a0b0c0d0e0f10111213141516171819",
655 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
656 "697eaf0aca3a3aea3a75164746ffaa79");
657 do_KAT_HMAC_hex_str(&br_md5_vtable
,
658 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
659 "Test With Truncation",
660 "56461ef2342edc00f9bab995690efd4c");
661 do_KAT_HMAC_hex_str(&br_md5_vtable
,
662 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
663 "Test Using Larger Than Block-Size Key - Hash Key First",
664 "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd");
665 do_KAT_HMAC_hex_str(&br_md5_vtable
,
666 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
667 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
668 "6f630fad67cda0ee1fb1f562db3aa53e");
670 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
671 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
673 "b617318655057264e28bc0b6fb378c8ef146be00");
674 do_KAT_HMAC_str_str(&br_sha1_vtable
,
676 "what do ya want for nothing?",
677 "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79");
678 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
679 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
680 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
681 "125d7342b9ac11cd91a39af48aa17b4f63f175d3");
682 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
683 "0102030405060708090a0b0c0d0e0f10111213141516171819",
684 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
685 "4c9007f4026250c6bc8414f9bf50c86c2d7235da");
686 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
687 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
688 "Test With Truncation",
689 "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04");
690 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
691 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
692 "Test Using Larger Than Block-Size Key - Hash Key First",
693 "aa4ae5e15272d00e95705637ce8a3b55ed402112");
694 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
695 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
696 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
697 "e8e99d0f45237d786d6bbaa7965c7808bbff1a91");
701 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
702 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
704 "896fb1128abbdf196832107cd49df33f"
705 "47b4b1169912ba4f53684b22");
707 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
708 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
710 "b0344c61d8db38535ca8afceaf0bf12b"
711 "881dc200c9833da726e9376c2e32cff7");
713 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
714 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
716 "afd03944d84895626b0825f4ab46907f"
717 "15f9dadbe4101ec682aa034c7cebc59c"
718 "faea9ea9076ede7f4af152e8b2fa9cb6");
720 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
721 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
723 "87aa7cdea5ef619d4ff0b4241a1d6cb0"
724 "2379f4e2ce4ec2787ad0b30545e17cde"
725 "daa833b7d6b8a702038b274eaea3f4e4"
726 "be9d914eeb61f1702e696c203a126854");
728 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
730 "7768617420646f2079612077616e7420"
731 "666f72206e6f7468696e673f",
732 "a30e01098bc6dbbf45690f3a7e9e6d0f"
733 "8bbea2a39e6148008fd05e44");
735 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
737 "7768617420646f2079612077616e7420"
738 "666f72206e6f7468696e673f",
739 "5bdcc146bf60754e6a042426089575c7"
740 "5a003f089d2739839dec58b964ec3843");
742 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
744 "7768617420646f2079612077616e7420"
745 "666f72206e6f7468696e673f",
746 "af45d2e376484031617f78d2b58a6b1b"
747 "9c7ef464f5a01b47e42ec3736322445e"
748 "8e2240ca5e69e2c78b3239ecfab21649");
750 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
752 "7768617420646f2079612077616e7420"
753 "666f72206e6f7468696e673f",
754 "164b7a7bfcf819e2e395fbe73b56e0a3"
755 "87bd64222e831fd610270cd7ea250554"
756 "9758bf75c05a994a6d034f65f8f0e6fd"
757 "caeab1a34d4a6b4b636e070a38bce737");
759 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
760 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
762 "dddddddddddddddddddddddddddddddd"
763 "dddddddddddddddddddddddddddddddd"
764 "dddddddddddddddddddddddddddddddd"
766 "7fb3cb3588c6c1f6ffa9694d7d6ad264"
767 "9365b0c1f65d69d1ec8333ea");
769 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
770 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
772 "dddddddddddddddddddddddddddddddd"
773 "dddddddddddddddddddddddddddddddd"
774 "dddddddddddddddddddddddddddddddd"
776 "773ea91e36800e46854db8ebd09181a7"
777 "2959098b3ef8c122d9635514ced565fe");
779 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
780 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
782 "dddddddddddddddddddddddddddddddd"
783 "dddddddddddddddddddddddddddddddd"
784 "dddddddddddddddddddddddddddddddd"
786 "88062608d3e6ad8a0aa2ace014c8a86f"
787 "0aa635d947ac9febe83ef4e55966144b"
788 "2a5ab39dc13814b94e3ab6e101a34f27");
790 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
791 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
793 "dddddddddddddddddddddddddddddddd"
794 "dddddddddddddddddddddddddddddddd"
795 "dddddddddddddddddddddddddddddddd"
797 "fa73b0089d56a284efb0f0756c890be9"
798 "b1b5dbdd8ee81a3655f83e33b2279d39"
799 "bf3e848279a722c806b485a47e67c807"
800 "b946a337bee8942674278859e13292fb");
802 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
803 "0102030405060708090a0b0c0d0e0f10"
804 "111213141516171819",
805 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
806 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
807 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
809 "6c11506874013cac6a2abc1bb382627c"
810 "ec6a90d86efc012de7afec5a");
812 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
813 "0102030405060708090a0b0c0d0e0f10"
814 "111213141516171819",
815 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
816 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
817 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
819 "82558a389a443c0ea4cc819899f2083a"
820 "85f0faa3e578f8077a2e3ff46729665b");
822 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
823 "0102030405060708090a0b0c0d0e0f10"
824 "111213141516171819",
825 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
826 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
827 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
829 "3e8a69b7783c25851933ab6290af6ca7"
830 "7a9981480850009cc5577c6e1f573b4e"
831 "6801dd23c4a7d679ccf8a386c674cffb");
833 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
834 "0102030405060708090a0b0c0d0e0f10"
835 "111213141516171819",
836 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
837 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
838 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
840 "b0ba465637458c6990e5a8c5f61d4af7"
841 "e576d97ff94b872de76f8050361ee3db"
842 "a91ca5c11aa25eb4d679275cc5788063"
843 "a5f19741120c4f2de2adebeb10a298dd");
845 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
846 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
847 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
848 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
849 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
850 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
851 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
852 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
853 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
855 "54657374205573696e67204c61726765"
856 "72205468616e20426c6f636b2d53697a"
857 "65204b6579202d2048617368204b6579"
859 "95e9a0db962095adaebe9b2d6f0dbce2"
860 "d499f112f2d2b7273fa6870e");
862 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
863 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
864 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
865 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
866 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
867 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
868 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
869 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
870 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
872 "54657374205573696e67204c61726765"
873 "72205468616e20426c6f636b2d53697a"
874 "65204b6579202d2048617368204b6579"
876 "60e431591ee0b67f0d8a26aacbf5b77f"
877 "8e0bc6213728c5140546040f0ee37f54");
879 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
880 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
881 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
882 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
883 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
884 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
885 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
886 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
887 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
889 "54657374205573696e67204c61726765"
890 "72205468616e20426c6f636b2d53697a"
891 "65204b6579202d2048617368204b6579"
893 "4ece084485813e9088d2c63a041bc5b4"
894 "4f9ef1012a2b588f3cd11f05033ac4c6"
895 "0c2ef6ab4030fe8296248df163f44952");
897 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
898 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
899 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
900 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
901 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
902 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
903 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
904 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
905 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
907 "54657374205573696e67204c61726765"
908 "72205468616e20426c6f636b2d53697a"
909 "65204b6579202d2048617368204b6579"
911 "80b24263c7c1a3ebb71493c1dd7be8b4"
912 "9b46d1f41b4aeec1121b013783f8f352"
913 "6b56d037e05f2598bd0fd2215d6a1e52"
914 "95e64f73f63f0aec8b915a985d786598");
916 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
917 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
918 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
919 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
920 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
921 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
922 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
923 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
924 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
926 "54686973206973206120746573742075"
927 "73696e672061206c6172676572207468"
928 "616e20626c6f636b2d73697a65206b65"
929 "7920616e642061206c61726765722074"
930 "68616e20626c6f636b2d73697a652064"
931 "6174612e20546865206b6579206e6565"
932 "647320746f2062652068617368656420"
933 "6265666f7265206265696e6720757365"
934 "642062792074686520484d414320616c"
936 "3a854166ac5d9f023f54d517d0b39dbd"
937 "946770db9c2b95c9f6f565d1");
939 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
940 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
941 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
942 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
943 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
944 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
945 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
946 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
947 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
949 "54686973206973206120746573742075"
950 "73696e672061206c6172676572207468"
951 "616e20626c6f636b2d73697a65206b65"
952 "7920616e642061206c61726765722074"
953 "68616e20626c6f636b2d73697a652064"
954 "6174612e20546865206b6579206e6565"
955 "647320746f2062652068617368656420"
956 "6265666f7265206265696e6720757365"
957 "642062792074686520484d414320616c"
959 "9b09ffa71b942fcb27635fbcd5b0e944"
960 "bfdc63644f0713938a7f51535c3a35e2");
962 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
963 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
964 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
965 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
966 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
967 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
968 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
969 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
970 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
972 "54686973206973206120746573742075"
973 "73696e672061206c6172676572207468"
974 "616e20626c6f636b2d73697a65206b65"
975 "7920616e642061206c61726765722074"
976 "68616e20626c6f636b2d73697a652064"
977 "6174612e20546865206b6579206e6565"
978 "647320746f2062652068617368656420"
979 "6265666f7265206265696e6720757365"
980 "642062792074686520484d414320616c"
982 "6617178e941f020d351e2f254e8fd32c"
983 "602420feb0b8fb9adccebb82461e99c5"
984 "a678cc31e799176d3860e6110c46523e");
986 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
987 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
988 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
989 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
990 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
991 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
992 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
993 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
994 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
996 "54686973206973206120746573742075"
997 "73696e672061206c6172676572207468"
998 "616e20626c6f636b2d73697a65206b65"
999 "7920616e642061206c61726765722074"
1000 "68616e20626c6f636b2d73697a652064"
1001 "6174612e20546865206b6579206e6565"
1002 "647320746f2062652068617368656420"
1003 "6265666f7265206265696e6720757365"
1004 "642062792074686520484d414320616c"
1006 "e37b6a775dc87dbaa4dfa9f96e5e3ffd"
1007 "debd71f8867289865df5a32d20cdc944"
1008 "b6022cac3c4982b10d5eeb55c3e4de15"
1009 "134676fb6de0446065c97440fa8c6a58");
1011 for (x
= 1, u
= 0; u
< sizeof data
; u
++) {
1016 test_HMAC_CT(&br_md5_vtable
, key
, sizeof key
, data
);
1018 test_HMAC_CT(&br_sha1_vtable
, key
, sizeof key
, data
);
1019 printf("(SHA-224) ");
1020 test_HMAC_CT(&br_sha224_vtable
, key
, sizeof key
, data
);
1021 printf("(SHA-256) ");
1022 test_HMAC_CT(&br_sha256_vtable
, key
, sizeof key
, data
);
1023 printf("(SHA-384) ");
1024 test_HMAC_CT(&br_sha384_vtable
, key
, sizeof key
, data
);
1025 printf("(SHA-512) ");
1026 test_HMAC_CT(&br_sha512_vtable
, key
, sizeof key
, data
);
1033 test_HMAC_DRBG(void)
1035 br_hmac_drbg_context ctx
;
1036 unsigned char seed
[42], tmp
[30];
1037 unsigned char ref1
[30], ref2
[30], ref3
[30];
1040 printf("Test HMAC_DRBG: ");
1043 seed_len
= hextobin(seed
,
1044 "009A4D6792295A7F730FC3F2B49CBC0F62E862272F"
1045 "01795EDF0D54DB760F156D0DAC04C0322B3A204224");
1047 "9305A46DE7FF8EB107194DEBD3FD48AA"
1048 "20D5E7656CBE0EA69D2A8D4E7C67");
1050 "C70C78608A3B5BE9289BE90EF6E81A9E"
1051 "2C1516D5751D2F75F50033E45F73");
1053 "475E80E992140567FCC3A50DAB90FE84"
1054 "BCD7BB03638E9C4656A06F37F650");
1055 br_hmac_drbg_init(&ctx
, &br_sha256_vtable
, seed
, seed_len
);
1056 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1057 check_equals("KAT HMAC_DRBG 1", tmp
, ref1
, sizeof tmp
);
1058 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1059 check_equals("KAT HMAC_DRBG 2", tmp
, ref2
, sizeof tmp
);
1060 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1061 check_equals("KAT HMAC_DRBG 3", tmp
, ref3
, sizeof tmp
);
1063 memset(&ctx
, 0, sizeof ctx
);
1064 br_hmac_drbg_vtable
.init(&ctx
.vtable
,
1065 &br_sha256_vtable
, seed
, seed_len
);
1066 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1067 check_equals("KAT HMAC_DRBG 4", tmp
, ref1
, sizeof tmp
);
1068 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1069 check_equals("KAT HMAC_DRBG 5", tmp
, ref2
, sizeof tmp
);
1070 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1071 check_equals("KAT HMAC_DRBG 6", tmp
, ref3
, sizeof tmp
);
1078 do_KAT_PRF(br_tls_prf_impl prf
,
1079 const char *ssecret
, const char *label
, const char *sseed
,
1082 unsigned char secret
[100], seed
[100], ref
[500], out
[500];
1083 size_t secret_len
, seed_len
, ref_len
;
1084 br_tls_prf_seed_chunk chunks
[2];
1086 secret_len
= hextobin(secret
, ssecret
);
1087 seed_len
= hextobin(seed
, sseed
);
1088 ref_len
= hextobin(ref
, sref
);
1090 chunks
[0].data
= seed
;
1091 chunks
[0].len
= seed_len
;
1092 prf(out
, ref_len
, secret
, secret_len
, label
, 1, chunks
);
1093 check_equals("TLS PRF KAT 1", out
, ref
, ref_len
);
1095 chunks
[0].data
= seed
;
1096 chunks
[0].len
= seed_len
;
1097 chunks
[1].data
= NULL
;
1099 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1100 check_equals("TLS PRF KAT 2", out
, ref
, ref_len
);
1102 chunks
[0].data
= NULL
;
1104 chunks
[1].data
= seed
;
1105 chunks
[1].len
= seed_len
;
1106 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1107 check_equals("TLS PRF KAT 3", out
, ref
, ref_len
);
1109 chunks
[0].data
= seed
;
1110 chunks
[0].len
= seed_len
>> 1;
1111 chunks
[1].data
= seed
+ chunks
[0].len
;
1112 chunks
[1].len
= seed_len
- chunks
[0].len
;
1113 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1114 check_equals("TLS PRF KAT 4", out
, ref
, ref_len
);
1120 printf("Test TLS PRF: ");
1124 * Test vector taken from an email that was on:
1125 * http://www.imc.org/ietf-tls/mail-archive/msg01589.html
1126 * but no longer exists there; a version archived in 2008
1127 * can be found on http://www.archive.org/
1129 do_KAT_PRF(&br_tls10_prf
,
1130 "abababababababababababababababababababababababababababababababababababababababababababababababab",
1132 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
1133 "d3d4d1e349b5d515044666d51de32bab258cb521b6b053463e354832fd976754443bcf9a296519bc289abcbc1187e4ebd31e602353776c408aafb74cbc85eff69255f9788faa184cbb957a9819d84a5d7eb006eb459d3ae8de9810454b8b2d8f1afbc655a8c9a013");
1136 * Test vectors are taken from:
1137 * https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
1139 do_KAT_PRF(&br_tls12_sha256_prf
,
1140 "9bbe436ba940f017b17652849a71db35",
1142 "a0ba9f936cda311827a6f796ffd5198c",
1143 "e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66");
1144 do_KAT_PRF(&br_tls12_sha384_prf
,
1145 "b80b733d6ceefcdc71566ea48e5567df",
1147 "cd665cf6a8447dd6ff8b27555edb7465",
1148 "7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f");
1155 * AES known-answer tests. Order: key, plaintext, ciphertext.
1157 static const char *const KAT_AES
[] = {
1161 "000102030405060708090a0b0c0d0e0f",
1162 "00112233445566778899aabbccddeeff",
1163 "69c4e0d86a7b0430d8cdb78070b4c55a",
1165 "000102030405060708090a0b0c0d0e0f1011121314151617",
1166 "00112233445566778899aabbccddeeff",
1167 "dda97ca4864cdfe06eaf70a0ec0d7191",
1169 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
1170 "00112233445566778899aabbccddeeff",
1171 "8ea2b7ca516745bfeafc49904b496089",
1174 * From NIST validation suite (ECBVarTxt128.rsp).
1176 "00000000000000000000000000000000",
1177 "80000000000000000000000000000000",
1178 "3ad78e726c1ec02b7ebfe92b23d9ec34",
1180 "00000000000000000000000000000000",
1181 "c0000000000000000000000000000000",
1182 "aae5939c8efdf2f04e60b9fe7117b2c2",
1184 "00000000000000000000000000000000",
1185 "e0000000000000000000000000000000",
1186 "f031d4d74f5dcbf39daaf8ca3af6e527",
1188 "00000000000000000000000000000000",
1189 "f0000000000000000000000000000000",
1190 "96d9fd5cc4f07441727df0f33e401a36",
1192 "00000000000000000000000000000000",
1193 "f8000000000000000000000000000000",
1194 "30ccdb044646d7e1f3ccea3dca08b8c0",
1196 "00000000000000000000000000000000",
1197 "fc000000000000000000000000000000",
1198 "16ae4ce5042a67ee8e177b7c587ecc82",
1200 "00000000000000000000000000000000",
1201 "fe000000000000000000000000000000",
1202 "b6da0bb11a23855d9c5cb1b4c6412e0a",
1204 "00000000000000000000000000000000",
1205 "ff000000000000000000000000000000",
1206 "db4f1aa530967d6732ce4715eb0ee24b",
1208 "00000000000000000000000000000000",
1209 "ff800000000000000000000000000000",
1210 "a81738252621dd180a34f3455b4baa2f",
1212 "00000000000000000000000000000000",
1213 "ffc00000000000000000000000000000",
1214 "77e2b508db7fd89234caf7939ee5621a",
1216 "00000000000000000000000000000000",
1217 "ffe00000000000000000000000000000",
1218 "b8499c251f8442ee13f0933b688fcd19",
1220 "00000000000000000000000000000000",
1221 "fff00000000000000000000000000000",
1222 "965135f8a81f25c9d630b17502f68e53",
1224 "00000000000000000000000000000000",
1225 "fff80000000000000000000000000000",
1226 "8b87145a01ad1c6cede995ea3670454f",
1228 "00000000000000000000000000000000",
1229 "fffc0000000000000000000000000000",
1230 "8eae3b10a0c8ca6d1d3b0fa61e56b0b2",
1232 "00000000000000000000000000000000",
1233 "fffe0000000000000000000000000000",
1234 "64b4d629810fda6bafdf08f3b0d8d2c5",
1236 "00000000000000000000000000000000",
1237 "ffff0000000000000000000000000000",
1238 "d7e5dbd3324595f8fdc7d7c571da6c2a",
1240 "00000000000000000000000000000000",
1241 "ffff8000000000000000000000000000",
1242 "f3f72375264e167fca9de2c1527d9606",
1244 "00000000000000000000000000000000",
1245 "ffffc000000000000000000000000000",
1246 "8ee79dd4f401ff9b7ea945d86666c13b",
1248 "00000000000000000000000000000000",
1249 "ffffe000000000000000000000000000",
1250 "dd35cea2799940b40db3f819cb94c08b",
1252 "00000000000000000000000000000000",
1253 "fffff000000000000000000000000000",
1254 "6941cb6b3e08c2b7afa581ebdd607b87",
1256 "00000000000000000000000000000000",
1257 "fffff800000000000000000000000000",
1258 "2c20f439f6bb097b29b8bd6d99aad799",
1260 "00000000000000000000000000000000",
1261 "fffffc00000000000000000000000000",
1262 "625d01f058e565f77ae86378bd2c49b3",
1264 "00000000000000000000000000000000",
1265 "fffffe00000000000000000000000000",
1266 "c0b5fd98190ef45fbb4301438d095950",
1268 "00000000000000000000000000000000",
1269 "ffffff00000000000000000000000000",
1270 "13001ff5d99806efd25da34f56be854b",
1272 "00000000000000000000000000000000",
1273 "ffffff80000000000000000000000000",
1274 "3b594c60f5c8277a5113677f94208d82",
1276 "00000000000000000000000000000000",
1277 "ffffffc0000000000000000000000000",
1278 "e9c0fc1818e4aa46bd2e39d638f89e05",
1280 "00000000000000000000000000000000",
1281 "ffffffe0000000000000000000000000",
1282 "f8023ee9c3fdc45a019b4e985c7e1a54",
1284 "00000000000000000000000000000000",
1285 "fffffff0000000000000000000000000",
1286 "35f40182ab4662f3023baec1ee796b57",
1288 "00000000000000000000000000000000",
1289 "fffffff8000000000000000000000000",
1290 "3aebbad7303649b4194a6945c6cc3694",
1292 "00000000000000000000000000000000",
1293 "fffffffc000000000000000000000000",
1294 "a2124bea53ec2834279bed7f7eb0f938",
1296 "00000000000000000000000000000000",
1297 "fffffffe000000000000000000000000",
1298 "b9fb4399fa4facc7309e14ec98360b0a",
1300 "00000000000000000000000000000000",
1301 "ffffffff000000000000000000000000",
1302 "c26277437420c5d634f715aea81a9132",
1304 "00000000000000000000000000000000",
1305 "ffffffff800000000000000000000000",
1306 "171a0e1b2dd424f0e089af2c4c10f32f",
1308 "00000000000000000000000000000000",
1309 "ffffffffc00000000000000000000000",
1310 "7cadbe402d1b208fe735edce00aee7ce",
1312 "00000000000000000000000000000000",
1313 "ffffffffe00000000000000000000000",
1314 "43b02ff929a1485af6f5c6d6558baa0f",
1316 "00000000000000000000000000000000",
1317 "fffffffff00000000000000000000000",
1318 "092faacc9bf43508bf8fa8613ca75dea",
1320 "00000000000000000000000000000000",
1321 "fffffffff80000000000000000000000",
1322 "cb2bf8280f3f9742c7ed513fe802629c",
1324 "00000000000000000000000000000000",
1325 "fffffffffc0000000000000000000000",
1326 "215a41ee442fa992a6e323986ded3f68",
1328 "00000000000000000000000000000000",
1329 "fffffffffe0000000000000000000000",
1330 "f21e99cf4f0f77cea836e11a2fe75fb1",
1332 "00000000000000000000000000000000",
1333 "ffffffffff0000000000000000000000",
1334 "95e3a0ca9079e646331df8b4e70d2cd6",
1336 "00000000000000000000000000000000",
1337 "ffffffffff8000000000000000000000",
1338 "4afe7f120ce7613f74fc12a01a828073",
1340 "00000000000000000000000000000000",
1341 "ffffffffffc000000000000000000000",
1342 "827f000e75e2c8b9d479beed913fe678",
1344 "00000000000000000000000000000000",
1345 "ffffffffffe000000000000000000000",
1346 "35830c8e7aaefe2d30310ef381cbf691",
1348 "00000000000000000000000000000000",
1349 "fffffffffff000000000000000000000",
1350 "191aa0f2c8570144f38657ea4085ebe5",
1352 "00000000000000000000000000000000",
1353 "fffffffffff800000000000000000000",
1354 "85062c2c909f15d9269b6c18ce99c4f0",
1356 "00000000000000000000000000000000",
1357 "fffffffffffc00000000000000000000",
1358 "678034dc9e41b5a560ed239eeab1bc78",
1360 "00000000000000000000000000000000",
1361 "fffffffffffe00000000000000000000",
1362 "c2f93a4ce5ab6d5d56f1b93cf19911c1",
1364 "00000000000000000000000000000000",
1365 "ffffffffffff00000000000000000000",
1366 "1c3112bcb0c1dcc749d799743691bf82",
1368 "00000000000000000000000000000000",
1369 "ffffffffffff80000000000000000000",
1370 "00c55bd75c7f9c881989d3ec1911c0d4",
1372 "00000000000000000000000000000000",
1373 "ffffffffffffc0000000000000000000",
1374 "ea2e6b5ef182b7dff3629abd6a12045f",
1376 "00000000000000000000000000000000",
1377 "ffffffffffffe0000000000000000000",
1378 "22322327e01780b17397f24087f8cc6f",
1380 "00000000000000000000000000000000",
1381 "fffffffffffff0000000000000000000",
1382 "c9cacb5cd11692c373b2411768149ee7",
1384 "00000000000000000000000000000000",
1385 "fffffffffffff8000000000000000000",
1386 "a18e3dbbca577860dab6b80da3139256",
1388 "00000000000000000000000000000000",
1389 "fffffffffffffc000000000000000000",
1390 "79b61c37bf328ecca8d743265a3d425c",
1392 "00000000000000000000000000000000",
1393 "fffffffffffffe000000000000000000",
1394 "d2d99c6bcc1f06fda8e27e8ae3f1ccc7",
1396 "00000000000000000000000000000000",
1397 "ffffffffffffff000000000000000000",
1398 "1bfd4b91c701fd6b61b7f997829d663b",
1400 "00000000000000000000000000000000",
1401 "ffffffffffffff800000000000000000",
1402 "11005d52f25f16bdc9545a876a63490a",
1404 "00000000000000000000000000000000",
1405 "ffffffffffffffc00000000000000000",
1406 "3a4d354f02bb5a5e47d39666867f246a",
1408 "00000000000000000000000000000000",
1409 "ffffffffffffffe00000000000000000",
1410 "d451b8d6e1e1a0ebb155fbbf6e7b7dc3",
1412 "00000000000000000000000000000000",
1413 "fffffffffffffff00000000000000000",
1414 "6898d4f42fa7ba6a10ac05e87b9f2080",
1416 "00000000000000000000000000000000",
1417 "fffffffffffffff80000000000000000",
1418 "b611295e739ca7d9b50f8e4c0e754a3f",
1420 "00000000000000000000000000000000",
1421 "fffffffffffffffc0000000000000000",
1422 "7d33fc7d8abe3ca1936759f8f5deaf20",
1424 "00000000000000000000000000000000",
1425 "fffffffffffffffe0000000000000000",
1426 "3b5e0f566dc96c298f0c12637539b25c",
1428 "00000000000000000000000000000000",
1429 "ffffffffffffffff0000000000000000",
1430 "f807c3e7985fe0f5a50e2cdb25c5109e",
1432 "00000000000000000000000000000000",
1433 "ffffffffffffffff8000000000000000",
1434 "41f992a856fb278b389a62f5d274d7e9",
1436 "00000000000000000000000000000000",
1437 "ffffffffffffffffc000000000000000",
1438 "10d3ed7a6fe15ab4d91acbc7d0767ab1",
1440 "00000000000000000000000000000000",
1441 "ffffffffffffffffe000000000000000",
1442 "21feecd45b2e675973ac33bf0c5424fc",
1444 "00000000000000000000000000000000",
1445 "fffffffffffffffff000000000000000",
1446 "1480cb3955ba62d09eea668f7c708817",
1448 "00000000000000000000000000000000",
1449 "fffffffffffffffff800000000000000",
1450 "66404033d6b72b609354d5496e7eb511",
1452 "00000000000000000000000000000000",
1453 "fffffffffffffffffc00000000000000",
1454 "1c317a220a7d700da2b1e075b00266e1",
1456 "00000000000000000000000000000000",
1457 "fffffffffffffffffe00000000000000",
1458 "ab3b89542233f1271bf8fd0c0f403545",
1460 "00000000000000000000000000000000",
1461 "ffffffffffffffffff00000000000000",
1462 "d93eae966fac46dca927d6b114fa3f9e",
1464 "00000000000000000000000000000000",
1465 "ffffffffffffffffff80000000000000",
1466 "1bdec521316503d9d5ee65df3ea94ddf",
1468 "00000000000000000000000000000000",
1469 "ffffffffffffffffffc0000000000000",
1470 "eef456431dea8b4acf83bdae3717f75f",
1472 "00000000000000000000000000000000",
1473 "ffffffffffffffffffe0000000000000",
1474 "06f2519a2fafaa596bfef5cfa15c21b9",
1476 "00000000000000000000000000000000",
1477 "fffffffffffffffffff0000000000000",
1478 "251a7eac7e2fe809e4aa8d0d7012531a",
1480 "00000000000000000000000000000000",
1481 "fffffffffffffffffff8000000000000",
1482 "3bffc16e4c49b268a20f8d96a60b4058",
1484 "00000000000000000000000000000000",
1485 "fffffffffffffffffffc000000000000",
1486 "e886f9281999c5bb3b3e8862e2f7c988",
1488 "00000000000000000000000000000000",
1489 "fffffffffffffffffffe000000000000",
1490 "563bf90d61beef39f48dd625fcef1361",
1492 "00000000000000000000000000000000",
1493 "ffffffffffffffffffff000000000000",
1494 "4d37c850644563c69fd0acd9a049325b",
1496 "00000000000000000000000000000000",
1497 "ffffffffffffffffffff800000000000",
1498 "b87c921b91829ef3b13ca541ee1130a6",
1500 "00000000000000000000000000000000",
1501 "ffffffffffffffffffffc00000000000",
1502 "2e65eb6b6ea383e109accce8326b0393",
1504 "00000000000000000000000000000000",
1505 "ffffffffffffffffffffe00000000000",
1506 "9ca547f7439edc3e255c0f4d49aa8990",
1508 "00000000000000000000000000000000",
1509 "fffffffffffffffffffff00000000000",
1510 "a5e652614c9300f37816b1f9fd0c87f9",
1512 "00000000000000000000000000000000",
1513 "fffffffffffffffffffff80000000000",
1514 "14954f0b4697776f44494fe458d814ed",
1516 "00000000000000000000000000000000",
1517 "fffffffffffffffffffffc0000000000",
1518 "7c8d9ab6c2761723fe42f8bb506cbcf7",
1520 "00000000000000000000000000000000",
1521 "fffffffffffffffffffffe0000000000",
1522 "db7e1932679fdd99742aab04aa0d5a80",
1524 "00000000000000000000000000000000",
1525 "ffffffffffffffffffffff0000000000",
1526 "4c6a1c83e568cd10f27c2d73ded19c28",
1528 "00000000000000000000000000000000",
1529 "ffffffffffffffffffffff8000000000",
1530 "90ecbe6177e674c98de412413f7ac915",
1532 "00000000000000000000000000000000",
1533 "ffffffffffffffffffffffc000000000",
1534 "90684a2ac55fe1ec2b8ebd5622520b73",
1536 "00000000000000000000000000000000",
1537 "ffffffffffffffffffffffe000000000",
1538 "7472f9a7988607ca79707795991035e6",
1540 "00000000000000000000000000000000",
1541 "fffffffffffffffffffffff000000000",
1542 "56aff089878bf3352f8df172a3ae47d8",
1544 "00000000000000000000000000000000",
1545 "fffffffffffffffffffffff800000000",
1546 "65c0526cbe40161b8019a2a3171abd23",
1548 "00000000000000000000000000000000",
1549 "fffffffffffffffffffffffc00000000",
1550 "377be0be33b4e3e310b4aabda173f84f",
1552 "00000000000000000000000000000000",
1553 "fffffffffffffffffffffffe00000000",
1554 "9402e9aa6f69de6504da8d20c4fcaa2f",
1556 "00000000000000000000000000000000",
1557 "ffffffffffffffffffffffff00000000",
1558 "123c1f4af313ad8c2ce648b2e71fb6e1",
1560 "00000000000000000000000000000000",
1561 "ffffffffffffffffffffffff80000000",
1562 "1ffc626d30203dcdb0019fb80f726cf4",
1564 "00000000000000000000000000000000",
1565 "ffffffffffffffffffffffffc0000000",
1566 "76da1fbe3a50728c50fd2e621b5ad885",
1568 "00000000000000000000000000000000",
1569 "ffffffffffffffffffffffffe0000000",
1570 "082eb8be35f442fb52668e16a591d1d6",
1572 "00000000000000000000000000000000",
1573 "fffffffffffffffffffffffff0000000",
1574 "e656f9ecf5fe27ec3e4a73d00c282fb3",
1576 "00000000000000000000000000000000",
1577 "fffffffffffffffffffffffff8000000",
1578 "2ca8209d63274cd9a29bb74bcd77683a",
1580 "00000000000000000000000000000000",
1581 "fffffffffffffffffffffffffc000000",
1582 "79bf5dce14bb7dd73a8e3611de7ce026",
1584 "00000000000000000000000000000000",
1585 "fffffffffffffffffffffffffe000000",
1586 "3c849939a5d29399f344c4a0eca8a576",
1588 "00000000000000000000000000000000",
1589 "ffffffffffffffffffffffffff000000",
1590 "ed3c0a94d59bece98835da7aa4f07ca2",
1592 "00000000000000000000000000000000",
1593 "ffffffffffffffffffffffffff800000",
1594 "63919ed4ce10196438b6ad09d99cd795",
1596 "00000000000000000000000000000000",
1597 "ffffffffffffffffffffffffffc00000",
1598 "7678f3a833f19fea95f3c6029e2bc610",
1600 "00000000000000000000000000000000",
1601 "ffffffffffffffffffffffffffe00000",
1602 "3aa426831067d36b92be7c5f81c13c56",
1604 "00000000000000000000000000000000",
1605 "fffffffffffffffffffffffffff00000",
1606 "9272e2d2cdd11050998c845077a30ea0",
1608 "00000000000000000000000000000000",
1609 "fffffffffffffffffffffffffff80000",
1610 "088c4b53f5ec0ff814c19adae7f6246c",
1612 "00000000000000000000000000000000",
1613 "fffffffffffffffffffffffffffc0000",
1614 "4010a5e401fdf0a0354ddbcc0d012b17",
1616 "00000000000000000000000000000000",
1617 "fffffffffffffffffffffffffffe0000",
1618 "a87a385736c0a6189bd6589bd8445a93",
1620 "00000000000000000000000000000000",
1621 "ffffffffffffffffffffffffffff0000",
1622 "545f2b83d9616dccf60fa9830e9cd287",
1624 "00000000000000000000000000000000",
1625 "ffffffffffffffffffffffffffff8000",
1626 "4b706f7f92406352394037a6d4f4688d",
1628 "00000000000000000000000000000000",
1629 "ffffffffffffffffffffffffffffc000",
1630 "b7972b3941c44b90afa7b264bfba7387",
1632 "00000000000000000000000000000000",
1633 "ffffffffffffffffffffffffffffe000",
1634 "6f45732cf10881546f0fd23896d2bb60",
1636 "00000000000000000000000000000000",
1637 "fffffffffffffffffffffffffffff000",
1638 "2e3579ca15af27f64b3c955a5bfc30ba",
1640 "00000000000000000000000000000000",
1641 "fffffffffffffffffffffffffffff800",
1642 "34a2c5a91ae2aec99b7d1b5fa6780447",
1644 "00000000000000000000000000000000",
1645 "fffffffffffffffffffffffffffffc00",
1646 "a4d6616bd04f87335b0e53351227a9ee",
1648 "00000000000000000000000000000000",
1649 "fffffffffffffffffffffffffffffe00",
1650 "7f692b03945867d16179a8cefc83ea3f",
1652 "00000000000000000000000000000000",
1653 "ffffffffffffffffffffffffffffff00",
1654 "3bd141ee84a0e6414a26e7a4f281f8a2",
1656 "00000000000000000000000000000000",
1657 "ffffffffffffffffffffffffffffff80",
1658 "d1788f572d98b2b16ec5d5f3922b99bc",
1660 "00000000000000000000000000000000",
1661 "ffffffffffffffffffffffffffffffc0",
1662 "0833ff6f61d98a57b288e8c3586b85a6",
1664 "00000000000000000000000000000000",
1665 "ffffffffffffffffffffffffffffffe0",
1666 "8568261797de176bf0b43becc6285afb",
1668 "00000000000000000000000000000000",
1669 "fffffffffffffffffffffffffffffff0",
1670 "f9b0fda0c4a898f5b9e6f661c4ce4d07",
1672 "00000000000000000000000000000000",
1673 "fffffffffffffffffffffffffffffff8",
1674 "8ade895913685c67c5269f8aae42983e",
1676 "00000000000000000000000000000000",
1677 "fffffffffffffffffffffffffffffffc",
1678 "39bde67d5c8ed8a8b1c37eb8fa9f5ac0",
1680 "00000000000000000000000000000000",
1681 "fffffffffffffffffffffffffffffffe",
1682 "5c005e72c1418c44f569f2ea33ba54f3",
1684 "00000000000000000000000000000000",
1685 "ffffffffffffffffffffffffffffffff",
1686 "3f5b8cc9ea855a0afa7347d23e8d664e",
1689 * From NIST validation suite (ECBVarTxt192.rsp).
1691 "000000000000000000000000000000000000000000000000",
1692 "80000000000000000000000000000000",
1693 "6cd02513e8d4dc986b4afe087a60bd0c",
1695 "000000000000000000000000000000000000000000000000",
1696 "c0000000000000000000000000000000",
1697 "2ce1f8b7e30627c1c4519eada44bc436",
1699 "000000000000000000000000000000000000000000000000",
1700 "e0000000000000000000000000000000",
1701 "9946b5f87af446f5796c1fee63a2da24",
1703 "000000000000000000000000000000000000000000000000",
1704 "f0000000000000000000000000000000",
1705 "2a560364ce529efc21788779568d5555",
1707 "000000000000000000000000000000000000000000000000",
1708 "f8000000000000000000000000000000",
1709 "35c1471837af446153bce55d5ba72a0a",
1711 "000000000000000000000000000000000000000000000000",
1712 "fc000000000000000000000000000000",
1713 "ce60bc52386234f158f84341e534cd9e",
1715 "000000000000000000000000000000000000000000000000",
1716 "fe000000000000000000000000000000",
1717 "8c7c27ff32bcf8dc2dc57c90c2903961",
1719 "000000000000000000000000000000000000000000000000",
1720 "ff000000000000000000000000000000",
1721 "32bb6a7ec84499e166f936003d55a5bb",
1723 "000000000000000000000000000000000000000000000000",
1724 "ff800000000000000000000000000000",
1725 "a5c772e5c62631ef660ee1d5877f6d1b",
1727 "000000000000000000000000000000000000000000000000",
1728 "ffc00000000000000000000000000000",
1729 "030d7e5b64f380a7e4ea5387b5cd7f49",
1731 "000000000000000000000000000000000000000000000000",
1732 "ffe00000000000000000000000000000",
1733 "0dc9a2610037009b698f11bb7e86c83e",
1735 "000000000000000000000000000000000000000000000000",
1736 "fff00000000000000000000000000000",
1737 "0046612c766d1840c226364f1fa7ed72",
1739 "000000000000000000000000000000000000000000000000",
1740 "fff80000000000000000000000000000",
1741 "4880c7e08f27befe78590743c05e698b",
1743 "000000000000000000000000000000000000000000000000",
1744 "fffc0000000000000000000000000000",
1745 "2520ce829a26577f0f4822c4ecc87401",
1747 "000000000000000000000000000000000000000000000000",
1748 "fffe0000000000000000000000000000",
1749 "8765e8acc169758319cb46dc7bcf3dca",
1751 "000000000000000000000000000000000000000000000000",
1752 "ffff0000000000000000000000000000",
1753 "e98f4ba4f073df4baa116d011dc24a28",
1755 "000000000000000000000000000000000000000000000000",
1756 "ffff8000000000000000000000000000",
1757 "f378f68c5dbf59e211b3a659a7317d94",
1759 "000000000000000000000000000000000000000000000000",
1760 "ffffc000000000000000000000000000",
1761 "283d3b069d8eb9fb432d74b96ca762b4",
1763 "000000000000000000000000000000000000000000000000",
1764 "ffffe000000000000000000000000000",
1765 "a7e1842e8a87861c221a500883245c51",
1767 "000000000000000000000000000000000000000000000000",
1768 "fffff000000000000000000000000000",
1769 "77aa270471881be070fb52c7067ce732",
1771 "000000000000000000000000000000000000000000000000",
1772 "fffff800000000000000000000000000",
1773 "01b0f476d484f43f1aeb6efa9361a8ac",
1775 "000000000000000000000000000000000000000000000000",
1776 "fffffc00000000000000000000000000",
1777 "1c3a94f1c052c55c2d8359aff2163b4f",
1779 "000000000000000000000000000000000000000000000000",
1780 "fffffe00000000000000000000000000",
1781 "e8a067b604d5373d8b0f2e05a03b341b",
1783 "000000000000000000000000000000000000000000000000",
1784 "ffffff00000000000000000000000000",
1785 "a7876ec87f5a09bfea42c77da30fd50e",
1787 "000000000000000000000000000000000000000000000000",
1788 "ffffff80000000000000000000000000",
1789 "0cf3e9d3a42be5b854ca65b13f35f48d",
1791 "000000000000000000000000000000000000000000000000",
1792 "ffffffc0000000000000000000000000",
1793 "6c62f6bbcab7c3e821c9290f08892dda",
1795 "000000000000000000000000000000000000000000000000",
1796 "ffffffe0000000000000000000000000",
1797 "7f5e05bd2068738196fee79ace7e3aec",
1799 "000000000000000000000000000000000000000000000000",
1800 "fffffff0000000000000000000000000",
1801 "440e0d733255cda92fb46e842fe58054",
1803 "000000000000000000000000000000000000000000000000",
1804 "fffffff8000000000000000000000000",
1805 "aa5d5b1c4ea1b7a22e5583ac2e9ed8a7",
1807 "000000000000000000000000000000000000000000000000",
1808 "fffffffc000000000000000000000000",
1809 "77e537e89e8491e8662aae3bc809421d",
1811 "000000000000000000000000000000000000000000000000",
1812 "fffffffe000000000000000000000000",
1813 "997dd3e9f1598bfa73f75973f7e93b76",
1815 "000000000000000000000000000000000000000000000000",
1816 "ffffffff000000000000000000000000",
1817 "1b38d4f7452afefcb7fc721244e4b72e",
1819 "000000000000000000000000000000000000000000000000",
1820 "ffffffff800000000000000000000000",
1821 "0be2b18252e774dda30cdda02c6906e3",
1823 "000000000000000000000000000000000000000000000000",
1824 "ffffffffc00000000000000000000000",
1825 "d2695e59c20361d82652d7d58b6f11b2",
1827 "000000000000000000000000000000000000000000000000",
1828 "ffffffffe00000000000000000000000",
1829 "902d88d13eae52089abd6143cfe394e9",
1831 "000000000000000000000000000000000000000000000000",
1832 "fffffffff00000000000000000000000",
1833 "d49bceb3b823fedd602c305345734bd2",
1835 "000000000000000000000000000000000000000000000000",
1836 "fffffffff80000000000000000000000",
1837 "707b1dbb0ffa40ef7d95def421233fae",
1839 "000000000000000000000000000000000000000000000000",
1840 "fffffffffc0000000000000000000000",
1841 "7ca0c1d93356d9eb8aa952084d75f913",
1843 "000000000000000000000000000000000000000000000000",
1844 "fffffffffe0000000000000000000000",
1845 "f2cbf9cb186e270dd7bdb0c28febc57d",
1847 "000000000000000000000000000000000000000000000000",
1848 "ffffffffff0000000000000000000000",
1849 "c94337c37c4e790ab45780bd9c3674a0",
1851 "000000000000000000000000000000000000000000000000",
1852 "ffffffffff8000000000000000000000",
1853 "8e3558c135252fb9c9f367ed609467a1",
1855 "000000000000000000000000000000000000000000000000",
1856 "ffffffffffc000000000000000000000",
1857 "1b72eeaee4899b443914e5b3a57fba92",
1859 "000000000000000000000000000000000000000000000000",
1860 "ffffffffffe000000000000000000000",
1861 "011865f91bc56868d051e52c9efd59b7",
1863 "000000000000000000000000000000000000000000000000",
1864 "fffffffffff000000000000000000000",
1865 "e4771318ad7a63dd680f6e583b7747ea",
1867 "000000000000000000000000000000000000000000000000",
1868 "fffffffffff800000000000000000000",
1869 "61e3d194088dc8d97e9e6db37457eac5",
1871 "000000000000000000000000000000000000000000000000",
1872 "fffffffffffc00000000000000000000",
1873 "36ff1ec9ccfbc349e5d356d063693ad6",
1875 "000000000000000000000000000000000000000000000000",
1876 "fffffffffffe00000000000000000000",
1877 "3cc9e9a9be8cc3f6fb2ea24088e9bb19",
1879 "000000000000000000000000000000000000000000000000",
1880 "ffffffffffff00000000000000000000",
1881 "1ee5ab003dc8722e74905d9a8fe3d350",
1883 "000000000000000000000000000000000000000000000000",
1884 "ffffffffffff80000000000000000000",
1885 "245339319584b0a412412869d6c2eada",
1887 "000000000000000000000000000000000000000000000000",
1888 "ffffffffffffc0000000000000000000",
1889 "7bd496918115d14ed5380852716c8814",
1891 "000000000000000000000000000000000000000000000000",
1892 "ffffffffffffe0000000000000000000",
1893 "273ab2f2b4a366a57d582a339313c8b1",
1895 "000000000000000000000000000000000000000000000000",
1896 "fffffffffffff0000000000000000000",
1897 "113365a9ffbe3b0ca61e98507554168b",
1899 "000000000000000000000000000000000000000000000000",
1900 "fffffffffffff8000000000000000000",
1901 "afa99c997ac478a0dea4119c9e45f8b1",
1903 "000000000000000000000000000000000000000000000000",
1904 "fffffffffffffc000000000000000000",
1905 "9216309a7842430b83ffb98638011512",
1907 "000000000000000000000000000000000000000000000000",
1908 "fffffffffffffe000000000000000000",
1909 "62abc792288258492a7cb45145f4b759",
1911 "000000000000000000000000000000000000000000000000",
1912 "ffffffffffffff000000000000000000",
1913 "534923c169d504d7519c15d30e756c50",
1915 "000000000000000000000000000000000000000000000000",
1916 "ffffffffffffff800000000000000000",
1917 "fa75e05bcdc7e00c273fa33f6ee441d2",
1919 "000000000000000000000000000000000000000000000000",
1920 "ffffffffffffffc00000000000000000",
1921 "7d350fa6057080f1086a56b17ec240db",
1923 "000000000000000000000000000000000000000000000000",
1924 "ffffffffffffffe00000000000000000",
1925 "f34e4a6324ea4a5c39a661c8fe5ada8f",
1927 "000000000000000000000000000000000000000000000000",
1928 "fffffffffffffff00000000000000000",
1929 "0882a16f44088d42447a29ac090ec17e",
1931 "000000000000000000000000000000000000000000000000",
1932 "fffffffffffffff80000000000000000",
1933 "3a3c15bfc11a9537c130687004e136ee",
1935 "000000000000000000000000000000000000000000000000",
1936 "fffffffffffffffc0000000000000000",
1937 "22c0a7678dc6d8cf5c8a6d5a9960767c",
1939 "000000000000000000000000000000000000000000000000",
1940 "fffffffffffffffe0000000000000000",
1941 "b46b09809d68b9a456432a79bdc2e38c",
1943 "000000000000000000000000000000000000000000000000",
1944 "ffffffffffffffff0000000000000000",
1945 "93baaffb35fbe739c17c6ac22eecf18f",
1947 "000000000000000000000000000000000000000000000000",
1948 "ffffffffffffffff8000000000000000",
1949 "c8aa80a7850675bc007c46df06b49868",
1951 "000000000000000000000000000000000000000000000000",
1952 "ffffffffffffffffc000000000000000",
1953 "12c6f3877af421a918a84b775858021d",
1955 "000000000000000000000000000000000000000000000000",
1956 "ffffffffffffffffe000000000000000",
1957 "33f123282c5d633924f7d5ba3f3cab11",
1959 "000000000000000000000000000000000000000000000000",
1960 "fffffffffffffffff000000000000000",
1961 "a8f161002733e93ca4527d22c1a0c5bb",
1963 "000000000000000000000000000000000000000000000000",
1964 "fffffffffffffffff800000000000000",
1965 "b72f70ebf3e3fda23f508eec76b42c02",
1967 "000000000000000000000000000000000000000000000000",
1968 "fffffffffffffffffc00000000000000",
1969 "6a9d965e6274143f25afdcfc88ffd77c",
1971 "000000000000000000000000000000000000000000000000",
1972 "fffffffffffffffffe00000000000000",
1973 "a0c74fd0b9361764ce91c5200b095357",
1975 "000000000000000000000000000000000000000000000000",
1976 "ffffffffffffffffff00000000000000",
1977 "091d1fdc2bd2c346cd5046a8c6209146",
1979 "000000000000000000000000000000000000000000000000",
1980 "ffffffffffffffffff80000000000000",
1981 "e2a37580116cfb71856254496ab0aca8",
1983 "000000000000000000000000000000000000000000000000",
1984 "ffffffffffffffffffc0000000000000",
1985 "e0b3a00785917c7efc9adba322813571",
1987 "000000000000000000000000000000000000000000000000",
1988 "ffffffffffffffffffe0000000000000",
1989 "733d41f4727b5ef0df4af4cf3cffa0cb",
1991 "000000000000000000000000000000000000000000000000",
1992 "fffffffffffffffffff0000000000000",
1993 "a99ebb030260826f981ad3e64490aa4f",
1995 "000000000000000000000000000000000000000000000000",
1996 "fffffffffffffffffff8000000000000",
1997 "73f34c7d3eae5e80082c1647524308ee",
1999 "000000000000000000000000000000000000000000000000",
2000 "fffffffffffffffffffc000000000000",
2001 "40ebd5ad082345b7a2097ccd3464da02",
2003 "000000000000000000000000000000000000000000000000",
2004 "fffffffffffffffffffe000000000000",
2005 "7cc4ae9a424b2cec90c97153c2457ec5",
2007 "000000000000000000000000000000000000000000000000",
2008 "ffffffffffffffffffff000000000000",
2009 "54d632d03aba0bd0f91877ebdd4d09cb",
2011 "000000000000000000000000000000000000000000000000",
2012 "ffffffffffffffffffff800000000000",
2013 "d3427be7e4d27cd54f5fe37b03cf0897",
2015 "000000000000000000000000000000000000000000000000",
2016 "ffffffffffffffffffffc00000000000",
2017 "b2099795e88cc158fd75ea133d7e7fbe",
2019 "000000000000000000000000000000000000000000000000",
2020 "ffffffffffffffffffffe00000000000",
2021 "a6cae46fb6fadfe7a2c302a34242817b",
2023 "000000000000000000000000000000000000000000000000",
2024 "fffffffffffffffffffff00000000000",
2025 "026a7024d6a902e0b3ffccbaa910cc3f",
2027 "000000000000000000000000000000000000000000000000",
2028 "fffffffffffffffffffff80000000000",
2029 "156f07767a85a4312321f63968338a01",
2031 "000000000000000000000000000000000000000000000000",
2032 "fffffffffffffffffffffc0000000000",
2033 "15eec9ebf42b9ca76897d2cd6c5a12e2",
2035 "000000000000000000000000000000000000000000000000",
2036 "fffffffffffffffffffffe0000000000",
2037 "db0d3a6fdcc13f915e2b302ceeb70fd8",
2039 "000000000000000000000000000000000000000000000000",
2040 "ffffffffffffffffffffff0000000000",
2041 "71dbf37e87a2e34d15b20e8f10e48924",
2043 "000000000000000000000000000000000000000000000000",
2044 "ffffffffffffffffffffff8000000000",
2045 "c745c451e96ff3c045e4367c833e3b54",
2047 "000000000000000000000000000000000000000000000000",
2048 "ffffffffffffffffffffffc000000000",
2049 "340da09c2dd11c3b679d08ccd27dd595",
2051 "000000000000000000000000000000000000000000000000",
2052 "ffffffffffffffffffffffe000000000",
2053 "8279f7c0c2a03ee660c6d392db025d18",
2055 "000000000000000000000000000000000000000000000000",
2056 "fffffffffffffffffffffff000000000",
2057 "a4b2c7d8eba531ff47c5041a55fbd1ec",
2059 "000000000000000000000000000000000000000000000000",
2060 "fffffffffffffffffffffff800000000",
2061 "74569a2ca5a7bd5131ce8dc7cbfbf72f",
2063 "000000000000000000000000000000000000000000000000",
2064 "fffffffffffffffffffffffc00000000",
2065 "3713da0c0219b63454035613b5a403dd",
2067 "000000000000000000000000000000000000000000000000",
2068 "fffffffffffffffffffffffe00000000",
2069 "8827551ddcc9df23fa72a3de4e9f0b07",
2071 "000000000000000000000000000000000000000000000000",
2072 "ffffffffffffffffffffffff00000000",
2073 "2e3febfd625bfcd0a2c06eb460da1732",
2075 "000000000000000000000000000000000000000000000000",
2076 "ffffffffffffffffffffffff80000000",
2077 "ee82e6ba488156f76496311da6941deb",
2079 "000000000000000000000000000000000000000000000000",
2080 "ffffffffffffffffffffffffc0000000",
2081 "4770446f01d1f391256e85a1b30d89d3",
2083 "000000000000000000000000000000000000000000000000",
2084 "ffffffffffffffffffffffffe0000000",
2085 "af04b68f104f21ef2afb4767cf74143c",
2087 "000000000000000000000000000000000000000000000000",
2088 "fffffffffffffffffffffffff0000000",
2089 "cf3579a9ba38c8e43653173e14f3a4c6",
2091 "000000000000000000000000000000000000000000000000",
2092 "fffffffffffffffffffffffff8000000",
2093 "b3bba904f4953e09b54800af2f62e7d4",
2095 "000000000000000000000000000000000000000000000000",
2096 "fffffffffffffffffffffffffc000000",
2097 "fc4249656e14b29eb9c44829b4c59a46",
2099 "000000000000000000000000000000000000000000000000",
2100 "fffffffffffffffffffffffffe000000",
2101 "9b31568febe81cfc2e65af1c86d1a308",
2103 "000000000000000000000000000000000000000000000000",
2104 "ffffffffffffffffffffffffff000000",
2105 "9ca09c25f273a766db98a480ce8dfedc",
2107 "000000000000000000000000000000000000000000000000",
2108 "ffffffffffffffffffffffffff800000",
2109 "b909925786f34c3c92d971883c9fbedf",
2111 "000000000000000000000000000000000000000000000000",
2112 "ffffffffffffffffffffffffffc00000",
2113 "82647f1332fe570a9d4d92b2ee771d3b",
2115 "000000000000000000000000000000000000000000000000",
2116 "ffffffffffffffffffffffffffe00000",
2117 "3604a7e80832b3a99954bca6f5b9f501",
2119 "000000000000000000000000000000000000000000000000",
2120 "fffffffffffffffffffffffffff00000",
2121 "884607b128c5de3ab39a529a1ef51bef",
2123 "000000000000000000000000000000000000000000000000",
2124 "fffffffffffffffffffffffffff80000",
2125 "670cfa093d1dbdb2317041404102435e",
2127 "000000000000000000000000000000000000000000000000",
2128 "fffffffffffffffffffffffffffc0000",
2129 "7a867195f3ce8769cbd336502fbb5130",
2131 "000000000000000000000000000000000000000000000000",
2132 "fffffffffffffffffffffffffffe0000",
2133 "52efcf64c72b2f7ca5b3c836b1078c15",
2135 "000000000000000000000000000000000000000000000000",
2136 "ffffffffffffffffffffffffffff0000",
2137 "4019250f6eefb2ac5ccbcae044e75c7e",
2139 "000000000000000000000000000000000000000000000000",
2140 "ffffffffffffffffffffffffffff8000",
2141 "022c4f6f5a017d292785627667ddef24",
2143 "000000000000000000000000000000000000000000000000",
2144 "ffffffffffffffffffffffffffffc000",
2145 "e9c21078a2eb7e03250f71000fa9e3ed",
2147 "000000000000000000000000000000000000000000000000",
2148 "ffffffffffffffffffffffffffffe000",
2149 "a13eaeeb9cd391da4e2b09490b3e7fad",
2151 "000000000000000000000000000000000000000000000000",
2152 "fffffffffffffffffffffffffffff000",
2153 "c958a171dca1d4ed53e1af1d380803a9",
2155 "000000000000000000000000000000000000000000000000",
2156 "fffffffffffffffffffffffffffff800",
2157 "21442e07a110667f2583eaeeee44dc8c",
2159 "000000000000000000000000000000000000000000000000",
2160 "fffffffffffffffffffffffffffffc00",
2161 "59bbb353cf1dd867a6e33737af655e99",
2163 "000000000000000000000000000000000000000000000000",
2164 "fffffffffffffffffffffffffffffe00",
2165 "43cd3b25375d0ce41087ff9fe2829639",
2167 "000000000000000000000000000000000000000000000000",
2168 "ffffffffffffffffffffffffffffff00",
2169 "6b98b17e80d1118e3516bd768b285a84",
2171 "000000000000000000000000000000000000000000000000",
2172 "ffffffffffffffffffffffffffffff80",
2173 "ae47ed3676ca0c08deea02d95b81db58",
2175 "000000000000000000000000000000000000000000000000",
2176 "ffffffffffffffffffffffffffffffc0",
2177 "34ec40dc20413795ed53628ea748720b",
2179 "000000000000000000000000000000000000000000000000",
2180 "ffffffffffffffffffffffffffffffe0",
2181 "4dc68163f8e9835473253542c8a65d46",
2183 "000000000000000000000000000000000000000000000000",
2184 "fffffffffffffffffffffffffffffff0",
2185 "2aabb999f43693175af65c6c612c46fb",
2187 "000000000000000000000000000000000000000000000000",
2188 "fffffffffffffffffffffffffffffff8",
2189 "e01f94499dac3547515c5b1d756f0f58",
2191 "000000000000000000000000000000000000000000000000",
2192 "fffffffffffffffffffffffffffffffc",
2193 "9d12435a46480ce00ea349f71799df9a",
2195 "000000000000000000000000000000000000000000000000",
2196 "fffffffffffffffffffffffffffffffe",
2197 "cef41d16d266bdfe46938ad7884cc0cf",
2199 "000000000000000000000000000000000000000000000000",
2200 "ffffffffffffffffffffffffffffffff",
2201 "b13db4da1f718bc6904797c82bcf2d32",
2204 * From NIST validation suite (ECBVarTxt256.rsp).
2206 "0000000000000000000000000000000000000000000000000000000000000000",
2207 "80000000000000000000000000000000",
2208 "ddc6bf790c15760d8d9aeb6f9a75fd4e",
2210 "0000000000000000000000000000000000000000000000000000000000000000",
2211 "c0000000000000000000000000000000",
2212 "0a6bdc6d4c1e6280301fd8e97ddbe601",
2214 "0000000000000000000000000000000000000000000000000000000000000000",
2215 "e0000000000000000000000000000000",
2216 "9b80eefb7ebe2d2b16247aa0efc72f5d",
2218 "0000000000000000000000000000000000000000000000000000000000000000",
2219 "f0000000000000000000000000000000",
2220 "7f2c5ece07a98d8bee13c51177395ff7",
2222 "0000000000000000000000000000000000000000000000000000000000000000",
2223 "f8000000000000000000000000000000",
2224 "7818d800dcf6f4be1e0e94f403d1e4c2",
2226 "0000000000000000000000000000000000000000000000000000000000000000",
2227 "fc000000000000000000000000000000",
2228 "e74cd1c92f0919c35a0324123d6177d3",
2230 "0000000000000000000000000000000000000000000000000000000000000000",
2231 "fe000000000000000000000000000000",
2232 "8092a4dcf2da7e77e93bdd371dfed82e",
2234 "0000000000000000000000000000000000000000000000000000000000000000",
2235 "ff000000000000000000000000000000",
2236 "49af6b372135acef10132e548f217b17",
2238 "0000000000000000000000000000000000000000000000000000000000000000",
2239 "ff800000000000000000000000000000",
2240 "8bcd40f94ebb63b9f7909676e667f1e7",
2242 "0000000000000000000000000000000000000000000000000000000000000000",
2243 "ffc00000000000000000000000000000",
2244 "fe1cffb83f45dcfb38b29be438dbd3ab",
2246 "0000000000000000000000000000000000000000000000000000000000000000",
2247 "ffe00000000000000000000000000000",
2248 "0dc58a8d886623705aec15cb1e70dc0e",
2250 "0000000000000000000000000000000000000000000000000000000000000000",
2251 "fff00000000000000000000000000000",
2252 "c218faa16056bd0774c3e8d79c35a5e4",
2254 "0000000000000000000000000000000000000000000000000000000000000000",
2255 "fff80000000000000000000000000000",
2256 "047bba83f7aa841731504e012208fc9e",
2258 "0000000000000000000000000000000000000000000000000000000000000000",
2259 "fffc0000000000000000000000000000",
2260 "dc8f0e4915fd81ba70a331310882f6da",
2262 "0000000000000000000000000000000000000000000000000000000000000000",
2263 "fffe0000000000000000000000000000",
2264 "1569859ea6b7206c30bf4fd0cbfac33c",
2266 "0000000000000000000000000000000000000000000000000000000000000000",
2267 "ffff0000000000000000000000000000",
2268 "300ade92f88f48fa2df730ec16ef44cd",
2270 "0000000000000000000000000000000000000000000000000000000000000000",
2271 "ffff8000000000000000000000000000",
2272 "1fe6cc3c05965dc08eb0590c95ac71d0",
2274 "0000000000000000000000000000000000000000000000000000000000000000",
2275 "ffffc000000000000000000000000000",
2276 "59e858eaaa97fec38111275b6cf5abc0",
2278 "0000000000000000000000000000000000000000000000000000000000000000",
2279 "ffffe000000000000000000000000000",
2280 "2239455e7afe3b0616100288cc5a723b",
2282 "0000000000000000000000000000000000000000000000000000000000000000",
2283 "fffff000000000000000000000000000",
2284 "3ee500c5c8d63479717163e55c5c4522",
2286 "0000000000000000000000000000000000000000000000000000000000000000",
2287 "fffff800000000000000000000000000",
2288 "d5e38bf15f16d90e3e214041d774daa8",
2290 "0000000000000000000000000000000000000000000000000000000000000000",
2291 "fffffc00000000000000000000000000",
2292 "b1f4066e6f4f187dfe5f2ad1b17819d0",
2294 "0000000000000000000000000000000000000000000000000000000000000000",
2295 "fffffe00000000000000000000000000",
2296 "6ef4cc4de49b11065d7af2909854794a",
2298 "0000000000000000000000000000000000000000000000000000000000000000",
2299 "ffffff00000000000000000000000000",
2300 "ac86bc606b6640c309e782f232bf367f",
2302 "0000000000000000000000000000000000000000000000000000000000000000",
2303 "ffffff80000000000000000000000000",
2304 "36aff0ef7bf3280772cf4cac80a0d2b2",
2306 "0000000000000000000000000000000000000000000000000000000000000000",
2307 "ffffffc0000000000000000000000000",
2308 "1f8eedea0f62a1406d58cfc3ecea72cf",
2310 "0000000000000000000000000000000000000000000000000000000000000000",
2311 "ffffffe0000000000000000000000000",
2312 "abf4154a3375a1d3e6b1d454438f95a6",
2314 "0000000000000000000000000000000000000000000000000000000000000000",
2315 "fffffff0000000000000000000000000",
2316 "96f96e9d607f6615fc192061ee648b07",
2318 "0000000000000000000000000000000000000000000000000000000000000000",
2319 "fffffff8000000000000000000000000",
2320 "cf37cdaaa0d2d536c71857634c792064",
2322 "0000000000000000000000000000000000000000000000000000000000000000",
2323 "fffffffc000000000000000000000000",
2324 "fbd6640c80245c2b805373f130703127",
2326 "0000000000000000000000000000000000000000000000000000000000000000",
2327 "fffffffe000000000000000000000000",
2328 "8d6a8afe55a6e481badae0d146f436db",
2330 "0000000000000000000000000000000000000000000000000000000000000000",
2331 "ffffffff000000000000000000000000",
2332 "6a4981f2915e3e68af6c22385dd06756",
2334 "0000000000000000000000000000000000000000000000000000000000000000",
2335 "ffffffff800000000000000000000000",
2336 "42a1136e5f8d8d21d3101998642d573b",
2338 "0000000000000000000000000000000000000000000000000000000000000000",
2339 "ffffffffc00000000000000000000000",
2340 "9b471596dc69ae1586cee6158b0b0181",
2342 "0000000000000000000000000000000000000000000000000000000000000000",
2343 "ffffffffe00000000000000000000000",
2344 "753665c4af1eff33aa8b628bf8741cfd",
2346 "0000000000000000000000000000000000000000000000000000000000000000",
2347 "fffffffff00000000000000000000000",
2348 "9a682acf40be01f5b2a4193c9a82404d",
2350 "0000000000000000000000000000000000000000000000000000000000000000",
2351 "fffffffff80000000000000000000000",
2352 "54fafe26e4287f17d1935f87eb9ade01",
2354 "0000000000000000000000000000000000000000000000000000000000000000",
2355 "fffffffffc0000000000000000000000",
2356 "49d541b2e74cfe73e6a8e8225f7bd449",
2358 "0000000000000000000000000000000000000000000000000000000000000000",
2359 "fffffffffe0000000000000000000000",
2360 "11a45530f624ff6f76a1b3826626ff7b",
2362 "0000000000000000000000000000000000000000000000000000000000000000",
2363 "ffffffffff0000000000000000000000",
2364 "f96b0c4a8bc6c86130289f60b43b8fba",
2366 "0000000000000000000000000000000000000000000000000000000000000000",
2367 "ffffffffff8000000000000000000000",
2368 "48c7d0e80834ebdc35b6735f76b46c8b",
2370 "0000000000000000000000000000000000000000000000000000000000000000",
2371 "ffffffffffc000000000000000000000",
2372 "2463531ab54d66955e73edc4cb8eaa45",
2374 "0000000000000000000000000000000000000000000000000000000000000000",
2375 "ffffffffffe000000000000000000000",
2376 "ac9bd8e2530469134b9d5b065d4f565b",
2378 "0000000000000000000000000000000000000000000000000000000000000000",
2379 "fffffffffff000000000000000000000",
2380 "3f5f9106d0e52f973d4890e6f37e8a00",
2382 "0000000000000000000000000000000000000000000000000000000000000000",
2383 "fffffffffff800000000000000000000",
2384 "20ebc86f1304d272e2e207e59db639f0",
2386 "0000000000000000000000000000000000000000000000000000000000000000",
2387 "fffffffffffc00000000000000000000",
2388 "e67ae6426bf9526c972cff072b52252c",
2390 "0000000000000000000000000000000000000000000000000000000000000000",
2391 "fffffffffffe00000000000000000000",
2392 "1a518dddaf9efa0d002cc58d107edfc8",
2394 "0000000000000000000000000000000000000000000000000000000000000000",
2395 "ffffffffffff00000000000000000000",
2396 "ead731af4d3a2fe3b34bed047942a49f",
2398 "0000000000000000000000000000000000000000000000000000000000000000",
2399 "ffffffffffff80000000000000000000",
2400 "b1d4efe40242f83e93b6c8d7efb5eae9",
2402 "0000000000000000000000000000000000000000000000000000000000000000",
2403 "ffffffffffffc0000000000000000000",
2404 "cd2b1fec11fd906c5c7630099443610a",
2406 "0000000000000000000000000000000000000000000000000000000000000000",
2407 "ffffffffffffe0000000000000000000",
2408 "a1853fe47fe29289d153161d06387d21",
2410 "0000000000000000000000000000000000000000000000000000000000000000",
2411 "fffffffffffff0000000000000000000",
2412 "4632154179a555c17ea604d0889fab14",
2414 "0000000000000000000000000000000000000000000000000000000000000000",
2415 "fffffffffffff8000000000000000000",
2416 "dd27cac6401a022e8f38f9f93e774417",
2418 "0000000000000000000000000000000000000000000000000000000000000000",
2419 "fffffffffffffc000000000000000000",
2420 "c090313eb98674f35f3123385fb95d4d",
2422 "0000000000000000000000000000000000000000000000000000000000000000",
2423 "fffffffffffffe000000000000000000",
2424 "cc3526262b92f02edce548f716b9f45c",
2426 "0000000000000000000000000000000000000000000000000000000000000000",
2427 "ffffffffffffff000000000000000000",
2428 "c0838d1a2b16a7c7f0dfcc433c399c33",
2430 "0000000000000000000000000000000000000000000000000000000000000000",
2431 "ffffffffffffff800000000000000000",
2432 "0d9ac756eb297695eed4d382eb126d26",
2434 "0000000000000000000000000000000000000000000000000000000000000000",
2435 "ffffffffffffffc00000000000000000",
2436 "56ede9dda3f6f141bff1757fa689c3e1",
2438 "0000000000000000000000000000000000000000000000000000000000000000",
2439 "ffffffffffffffe00000000000000000",
2440 "768f520efe0f23e61d3ec8ad9ce91774",
2442 "0000000000000000000000000000000000000000000000000000000000000000",
2443 "fffffffffffffff00000000000000000",
2444 "b1144ddfa75755213390e7c596660490",
2446 "0000000000000000000000000000000000000000000000000000000000000000",
2447 "fffffffffffffff80000000000000000",
2448 "1d7c0c4040b355b9d107a99325e3b050",
2450 "0000000000000000000000000000000000000000000000000000000000000000",
2451 "fffffffffffffffc0000000000000000",
2452 "d8e2bb1ae8ee3dcf5bf7d6c38da82a1a",
2454 "0000000000000000000000000000000000000000000000000000000000000000",
2455 "fffffffffffffffe0000000000000000",
2456 "faf82d178af25a9886a47e7f789b98d7",
2458 "0000000000000000000000000000000000000000000000000000000000000000",
2459 "ffffffffffffffff0000000000000000",
2460 "9b58dbfd77fe5aca9cfc190cd1b82d19",
2462 "0000000000000000000000000000000000000000000000000000000000000000",
2463 "ffffffffffffffff8000000000000000",
2464 "77f392089042e478ac16c0c86a0b5db5",
2466 "0000000000000000000000000000000000000000000000000000000000000000",
2467 "ffffffffffffffffc000000000000000",
2468 "19f08e3420ee69b477ca1420281c4782",
2470 "0000000000000000000000000000000000000000000000000000000000000000",
2471 "ffffffffffffffffe000000000000000",
2472 "a1b19beee4e117139f74b3c53fdcb875",
2474 "0000000000000000000000000000000000000000000000000000000000000000",
2475 "fffffffffffffffff000000000000000",
2476 "a37a5869b218a9f3a0868d19aea0ad6a",
2478 "0000000000000000000000000000000000000000000000000000000000000000",
2479 "fffffffffffffffff800000000000000",
2480 "bc3594e865bcd0261b13202731f33580",
2482 "0000000000000000000000000000000000000000000000000000000000000000",
2483 "fffffffffffffffffc00000000000000",
2484 "811441ce1d309eee7185e8c752c07557",
2486 "0000000000000000000000000000000000000000000000000000000000000000",
2487 "fffffffffffffffffe00000000000000",
2488 "959971ce4134190563518e700b9874d1",
2490 "0000000000000000000000000000000000000000000000000000000000000000",
2491 "ffffffffffffffffff00000000000000",
2492 "76b5614a042707c98e2132e2e805fe63",
2494 "0000000000000000000000000000000000000000000000000000000000000000",
2495 "ffffffffffffffffff80000000000000",
2496 "7d9fa6a57530d0f036fec31c230b0cc6",
2498 "0000000000000000000000000000000000000000000000000000000000000000",
2499 "ffffffffffffffffffc0000000000000",
2500 "964153a83bf6989a4ba80daa91c3e081",
2502 "0000000000000000000000000000000000000000000000000000000000000000",
2503 "ffffffffffffffffffe0000000000000",
2504 "a013014d4ce8054cf2591d06f6f2f176",
2506 "0000000000000000000000000000000000000000000000000000000000000000",
2507 "fffffffffffffffffff0000000000000",
2508 "d1c5f6399bf382502e385eee1474a869",
2510 "0000000000000000000000000000000000000000000000000000000000000000",
2511 "fffffffffffffffffff8000000000000",
2512 "0007e20b8298ec354f0f5fe7470f36bd",
2514 "0000000000000000000000000000000000000000000000000000000000000000",
2515 "fffffffffffffffffffc000000000000",
2516 "b95ba05b332da61ef63a2b31fcad9879",
2518 "0000000000000000000000000000000000000000000000000000000000000000",
2519 "fffffffffffffffffffe000000000000",
2520 "4620a49bd967491561669ab25dce45f4",
2522 "0000000000000000000000000000000000000000000000000000000000000000",
2523 "ffffffffffffffffffff000000000000",
2524 "12e71214ae8e04f0bb63d7425c6f14d5",
2526 "0000000000000000000000000000000000000000000000000000000000000000",
2527 "ffffffffffffffffffff800000000000",
2528 "4cc42fc1407b008fe350907c092e80ac",
2530 "0000000000000000000000000000000000000000000000000000000000000000",
2531 "ffffffffffffffffffffc00000000000",
2532 "08b244ce7cbc8ee97fbba808cb146fda",
2534 "0000000000000000000000000000000000000000000000000000000000000000",
2535 "ffffffffffffffffffffe00000000000",
2536 "39b333e8694f21546ad1edd9d87ed95b",
2538 "0000000000000000000000000000000000000000000000000000000000000000",
2539 "fffffffffffffffffffff00000000000",
2540 "3b271f8ab2e6e4a20ba8090f43ba78f3",
2542 "0000000000000000000000000000000000000000000000000000000000000000",
2543 "fffffffffffffffffffff80000000000",
2544 "9ad983f3bf651cd0393f0a73cccdea50",
2546 "0000000000000000000000000000000000000000000000000000000000000000",
2547 "fffffffffffffffffffffc0000000000",
2548 "8f476cbff75c1f725ce18e4bbcd19b32",
2550 "0000000000000000000000000000000000000000000000000000000000000000",
2551 "fffffffffffffffffffffe0000000000",
2552 "905b6267f1d6ab5320835a133f096f2a",
2554 "0000000000000000000000000000000000000000000000000000000000000000",
2555 "ffffffffffffffffffffff0000000000",
2556 "145b60d6d0193c23f4221848a892d61a",
2558 "0000000000000000000000000000000000000000000000000000000000000000",
2559 "ffffffffffffffffffffff8000000000",
2560 "55cfb3fb6d75cad0445bbc8dafa25b0f",
2562 "0000000000000000000000000000000000000000000000000000000000000000",
2563 "ffffffffffffffffffffffc000000000",
2564 "7b8e7098e357ef71237d46d8b075b0f5",
2566 "0000000000000000000000000000000000000000000000000000000000000000",
2567 "ffffffffffffffffffffffe000000000",
2568 "2bf27229901eb40f2df9d8398d1505ae",
2570 "0000000000000000000000000000000000000000000000000000000000000000",
2571 "fffffffffffffffffffffff000000000",
2572 "83a63402a77f9ad5c1e931a931ecd706",
2574 "0000000000000000000000000000000000000000000000000000000000000000",
2575 "fffffffffffffffffffffff800000000",
2576 "6f8ba6521152d31f2bada1843e26b973",
2578 "0000000000000000000000000000000000000000000000000000000000000000",
2579 "fffffffffffffffffffffffc00000000",
2580 "e5c3b8e30fd2d8e6239b17b44bd23bbd",
2582 "0000000000000000000000000000000000000000000000000000000000000000",
2583 "fffffffffffffffffffffffe00000000",
2584 "1ac1f7102c59933e8b2ddc3f14e94baa",
2586 "0000000000000000000000000000000000000000000000000000000000000000",
2587 "ffffffffffffffffffffffff00000000",
2588 "21d9ba49f276b45f11af8fc71a088e3d",
2590 "0000000000000000000000000000000000000000000000000000000000000000",
2591 "ffffffffffffffffffffffff80000000",
2592 "649f1cddc3792b4638635a392bc9bade",
2594 "0000000000000000000000000000000000000000000000000000000000000000",
2595 "ffffffffffffffffffffffffc0000000",
2596 "e2775e4b59c1bc2e31a2078c11b5a08c",
2598 "0000000000000000000000000000000000000000000000000000000000000000",
2599 "ffffffffffffffffffffffffe0000000",
2600 "2be1fae5048a25582a679ca10905eb80",
2602 "0000000000000000000000000000000000000000000000000000000000000000",
2603 "fffffffffffffffffffffffff0000000",
2604 "da86f292c6f41ea34fb2068df75ecc29",
2606 "0000000000000000000000000000000000000000000000000000000000000000",
2607 "fffffffffffffffffffffffff8000000",
2608 "220df19f85d69b1b562fa69a3c5beca5",
2610 "0000000000000000000000000000000000000000000000000000000000000000",
2611 "fffffffffffffffffffffffffc000000",
2612 "1f11d5d0355e0b556ccdb6c7f5083b4d",
2614 "0000000000000000000000000000000000000000000000000000000000000000",
2615 "fffffffffffffffffffffffffe000000",
2616 "62526b78be79cb384633c91f83b4151b",
2618 "0000000000000000000000000000000000000000000000000000000000000000",
2619 "ffffffffffffffffffffffffff000000",
2620 "90ddbcb950843592dd47bbef00fdc876",
2622 "0000000000000000000000000000000000000000000000000000000000000000",
2623 "ffffffffffffffffffffffffff800000",
2624 "2fd0e41c5b8402277354a7391d2618e2",
2626 "0000000000000000000000000000000000000000000000000000000000000000",
2627 "ffffffffffffffffffffffffffc00000",
2628 "3cdf13e72dee4c581bafec70b85f9660",
2630 "0000000000000000000000000000000000000000000000000000000000000000",
2631 "ffffffffffffffffffffffffffe00000",
2632 "afa2ffc137577092e2b654fa199d2c43",
2634 "0000000000000000000000000000000000000000000000000000000000000000",
2635 "fffffffffffffffffffffffffff00000",
2636 "8d683ee63e60d208e343ce48dbc44cac",
2638 "0000000000000000000000000000000000000000000000000000000000000000",
2639 "fffffffffffffffffffffffffff80000",
2640 "705a4ef8ba2133729c20185c3d3a4763",
2642 "0000000000000000000000000000000000000000000000000000000000000000",
2643 "fffffffffffffffffffffffffffc0000",
2644 "0861a861c3db4e94194211b77ed761b9",
2646 "0000000000000000000000000000000000000000000000000000000000000000",
2647 "fffffffffffffffffffffffffffe0000",
2648 "4b00c27e8b26da7eab9d3a88dec8b031",
2650 "0000000000000000000000000000000000000000000000000000000000000000",
2651 "ffffffffffffffffffffffffffff0000",
2652 "5f397bf03084820cc8810d52e5b666e9",
2654 "0000000000000000000000000000000000000000000000000000000000000000",
2655 "ffffffffffffffffffffffffffff8000",
2656 "63fafabb72c07bfbd3ddc9b1203104b8",
2658 "0000000000000000000000000000000000000000000000000000000000000000",
2659 "ffffffffffffffffffffffffffffc000",
2660 "683e2140585b18452dd4ffbb93c95df9",
2662 "0000000000000000000000000000000000000000000000000000000000000000",
2663 "ffffffffffffffffffffffffffffe000",
2664 "286894e48e537f8763b56707d7d155c8",
2666 "0000000000000000000000000000000000000000000000000000000000000000",
2667 "fffffffffffffffffffffffffffff000",
2668 "a423deabc173dcf7e2c4c53e77d37cd1",
2670 "0000000000000000000000000000000000000000000000000000000000000000",
2671 "fffffffffffffffffffffffffffff800",
2672 "eb8168313e1cfdfdb5e986d5429cf172",
2674 "0000000000000000000000000000000000000000000000000000000000000000",
2675 "fffffffffffffffffffffffffffffc00",
2676 "27127daafc9accd2fb334ec3eba52323",
2678 "0000000000000000000000000000000000000000000000000000000000000000",
2679 "fffffffffffffffffffffffffffffe00",
2680 "ee0715b96f72e3f7a22a5064fc592f4c",
2682 "0000000000000000000000000000000000000000000000000000000000000000",
2683 "ffffffffffffffffffffffffffffff00",
2684 "29ee526770f2a11dcfa989d1ce88830f",
2686 "0000000000000000000000000000000000000000000000000000000000000000",
2687 "ffffffffffffffffffffffffffffff80",
2688 "0493370e054b09871130fe49af730a5a",
2690 "0000000000000000000000000000000000000000000000000000000000000000",
2691 "ffffffffffffffffffffffffffffffc0",
2692 "9b7b940f6c509f9e44a4ee140448ee46",
2694 "0000000000000000000000000000000000000000000000000000000000000000",
2695 "ffffffffffffffffffffffffffffffe0",
2696 "2915be4a1ecfdcbe3e023811a12bb6c7",
2698 "0000000000000000000000000000000000000000000000000000000000000000",
2699 "fffffffffffffffffffffffffffffff0",
2700 "7240e524bc51d8c4d440b1be55d1062c",
2702 "0000000000000000000000000000000000000000000000000000000000000000",
2703 "fffffffffffffffffffffffffffffff8",
2704 "da63039d38cb4612b2dc36ba26684b93",
2706 "0000000000000000000000000000000000000000000000000000000000000000",
2707 "fffffffffffffffffffffffffffffffc",
2708 "0f59cb5a4b522e2ac56c1a64f558ad9a",
2710 "0000000000000000000000000000000000000000000000000000000000000000",
2711 "fffffffffffffffffffffffffffffffe",
2712 "7bfe9d876c6d63c1d035da8fe21c409d",
2714 "0000000000000000000000000000000000000000000000000000000000000000",
2715 "ffffffffffffffffffffffffffffffff",
2716 "acdace8078a32b1a182bfa4987ca1347",
2725 * AES known-answer tests for CBC. Order: key, IV, plaintext, ciphertext.
2727 static const char *const KAT_AES_CBC
[] = {
2729 * From NIST validation suite "Multiblock Message Test"
2732 "1f8e4973953f3fb0bd6b16662e9a3c17",
2733 "2fe2b333ceda8f98f4a99b40d2cd34a8",
2734 "45cf12964fc824ab76616ae2f4bf0822",
2735 "0f61c4d44c5147c03c195ad7e2cc12b2",
2737 "0700d603a1c514e46b6191ba430a3a0c",
2738 "aad1583cd91365e3bb2f0c3430d065bb",
2739 "068b25c7bfb1f8bdd4cfc908f69dffc5ddc726a197f0e5f720f730393279be91",
2740 "c4dc61d9725967a3020104a9738f23868527ce839aab1752fd8bdb95a82c4d00",
2742 "3348aa51e9a45c2dbe33ccc47f96e8de",
2743 "19153c673160df2b1d38c28060e59b96",
2744 "9b7cee827a26575afdbb7c7a329f887238052e3601a7917456ba61251c214763d5e1847a6ad5d54127a399ab07ee3599",
2745 "d5aed6c9622ec451a15db12819952b6752501cf05cdbf8cda34a457726ded97818e1f127a28d72db5652749f0c6afee5",
2747 "b7f3c9576e12dd0db63e8f8fac2b9a39",
2748 "c80f095d8bb1a060699f7c19974a1aa0",
2749 "9ac19954ce1319b354d3220460f71c1e373f1cd336240881160cfde46ebfed2e791e8d5a1a136ebd1dc469dec00c4187722b841cdabcb22c1be8a14657da200e",
2750 "19b9609772c63f338608bf6eb52ca10be65097f89c1e0905c42401fd47791ae2c5440b2d473116ca78bd9ff2fb6015cfd316524eae7dcb95ae738ebeae84a467",
2752 "b6f9afbfe5a1562bba1368fc72ac9d9c",
2753 "3f9d5ebe250ee7ce384b0d00ee849322",
2754 "db397ec22718dbffb9c9d13de0efcd4611bf792be4fce0dc5f25d4f577ed8cdbd4eb9208d593dda3d4653954ab64f05676caa3ce9bfa795b08b67ceebc923fdc89a8c431188e9e482d8553982cf304d1",
2755 "10ea27b19e16b93af169c4a88e06e35c99d8b420980b058e34b4b8f132b13766f72728202b089f428fecdb41c79f8aa0d0ef68f5786481cca29e2126f69bc14160f1ae2187878ba5c49cf3961e1b7ee9",
2757 "bbe7b7ba07124ff1ae7c3416fe8b465e",
2758 "7f65b5ee3630bed6b84202d97fb97a1e",
2759 "2aad0c2c4306568bad7447460fd3dac054346d26feddbc9abd9110914011b4794be2a9a00a519a51a5b5124014f4ed2735480db21b434e99a911bb0b60fe0253763725b628d5739a5117b7ee3aefafc5b4c1bf446467e7bf5f78f31ff7caf187",
2760 "3b8611bfc4973c5cd8e982b073b33184cd26110159172e44988eb5ff5661a1e16fad67258fcbfee55469267a12dc374893b4e3533d36f5634c3095583596f135aa8cd1138dc898bc5651ee35a92ebf89ab6aeb5366653bc60a70e0074fc11efe",
2762 "89a553730433f7e6d67d16d373bd5360",
2763 "f724558db3433a523f4e51a5bea70497",
2764 "807bc4ea684eedcfdcca30180680b0f1ae2814f35f36d053c5aea6595a386c1442770f4d7297d8b91825ee7237241da8925dd594ccf676aecd46ca2068e8d37a3a0ec8a7d5185a201e663b5ff36ae197110188a23503763b8218826d23ced74b31e9f6e2d7fbfa6cb43420c7807a8625",
2765 "406af1429a478c3d07e555c5287a60500d37fc39b68e5bbb9bafd6ddb223828561d6171a308d5b1a4551e8a5e7d572918d25c968d3871848d2f16635caa9847f38590b1df58ab5efb985f2c66cfaf86f61b3f9c0afad6c963c49cee9b8bc81a2ddb06c967f325515a4849eec37ce721a",
2767 "c491ca31f91708458e29a925ec558d78",
2768 "9ef934946e5cd0ae97bd58532cb49381",
2769 "cb6a787e0dec56f9a165957f81af336ca6b40785d9e94093c6190e5152649f882e874d79ac5e167bd2a74ce5ae088d2ee854f6539e0a94796b1e1bd4c9fcdbc79acbef4d01eeb89776d18af71ae2a4fc47dd66df6c4dbe1d1850e466549a47b636bcc7c2b3a62495b56bb67b6d455f1eebd9bfefecbca6c7f335cfce9b45cb9d",
2770 "7b2931f5855f717145e00f152a9f4794359b1ffcb3e55f594e33098b51c23a6c74a06c1d94fded7fd2ae42c7db7acaef5844cb33aeddc6852585ed0020a6699d2cb53809cefd169148ce42292afab063443978306c582c18b9ce0da3d084ce4d3c482cfd8fcf1a85084e89fb88b40a084d5e972466d07666126fb761f84078f2",
2772 "f6e87d71b0104d6eb06a68dc6a71f498",
2773 "1c245f26195b76ebebc2edcac412a2f8",
2774 "f82bef3c73a6f7f80db285726d691db6bf55eec25a859d3ba0e0445f26b9bb3b16a3161ed1866e4dd8f2e5f8ecb4e46d74a7a78c20cdfc7bcc9e479ba7a0caba9438238ad0c01651d5d98de37f03ddce6e6b4bd4ab03cf9e8ed818aedfa1cf963b932067b97d776dce1087196e7e913f7448e38244509f0caf36bd8217e15336d35c149fd4e41707893fdb84014f8729",
2775 "b09512f3eff9ed0d85890983a73dadbb7c3678d52581be64a8a8fc586f490f2521297a478a0598040ebd0f5509fafb0969f9d9e600eaef33b1b93eed99687b167f89a5065aac439ce46f3b8d22d30865e64e45ef8cd30b6984353a844a11c8cd60dba0e8866b3ee30d24b3fa8a643b328353e06010fa8273c8fd54ef0a2b6930e5520aae5cd5902f9b86a33592ca4365",
2777 "2c14413751c31e2730570ba3361c786b",
2778 "1dbbeb2f19abb448af849796244a19d7",
2779 "40d930f9a05334d9816fe204999c3f82a03f6a0457a8c475c94553d1d116693adc618049f0a769a2eed6a6cb14c0143ec5cccdbc8dec4ce560cfd206225709326d4de7948e54d603d01b12d7fed752fb23f1aa4494fbb00130e9ded4e77e37c079042d828040c325b1a5efd15fc842e44014ca4374bf38f3c3fc3ee327733b0c8aee1abcd055772f18dc04603f7b2c1ea69ff662361f2be0a171bbdcea1e5d3f",
2780 "6be8a12800455a320538853e0cba31bd2d80ea0c85164a4c5c261ae485417d93effe2ebc0d0a0b51d6ea18633d210cf63c0c4ddbc27607f2e81ed9113191ef86d56f3b99be6c415a4150299fb846ce7160b40b63baf1179d19275a2e83698376d28b92548c68e06e6d994e2c1501ed297014e702cdefee2f656447706009614d801de1caaf73f8b7fa56cf1ba94b631933bbe577624380850f117435a0355b2b",
2783 * From NIST validation suite "Multiblock Message Test"
2786 "ba75f4d1d9d7cf7f551445d56cc1a8ab2a078e15e049dc2c",
2787 "531ce78176401666aa30db94ec4a30eb",
2788 "c51fc276774dad94bcdc1d2891ec8668",
2789 "70dd95a14ee975e239df36ff4aee1d5d",
2791 "eab3b19c581aa873e1981c83ab8d83bbf8025111fb2e6b21",
2792 "f3d6667e8d4d791e60f7505ba383eb05",
2793 "9d4e4cccd1682321856df069e3f1c6fa391a083a9fb02d59db74c14081b3acc4",
2794 "51d44779f90d40a80048276c035cb49ca2a47bcb9b9cf7270b9144793787d53f",
2796 "16c93bb398f1fc0cf6d68fc7a5673cdf431fa147852b4a2d",
2797 "eaaeca2e07ddedf562f94df63f0a650f",
2798 "c5ce958613bf741718c17444484ebaf1050ddcacb59b9590178cbe69d7ad7919608cb03af13bbe04f3506b718a301ea0",
2799 "ed6a50e0c6921d52d6647f75d67b4fd56ace1fedb8b5a6a997b4d131640547d22c5d884a75e6752b5846b5b33a5181f4",
2801 "067bb17b4df785697eaccf961f98e212cb75e6797ce935cb",
2802 "8b59c9209c529ca8391c9fc0ce033c38",
2803 "db3785a889b4bd387754da222f0e4c2d2bfe0d79e05bc910fba941beea30f1239eacf0068f4619ec01c368e986fca6b7c58e490579d29611bd10087986eff54f",
2804 "d5f5589760bf9c762228fde236de1fa2dd2dad448db3fa9be0c4196efd46a35c84dd1ac77d9db58c95918cb317a6430a08d2fb6a8e8b0f1c9b72c7a344dc349f",
2806 "0fd39de83e0be77a79c8a4a612e3dd9c8aae2ce35e7a2bf8",
2807 "7e1d629b84f93b079be51f9a5f5cb23c",
2808 "38fbda37e28fa86d9d83a4345e419dea95d28c7818ff25925db6ac3aedaf0a86154e20a4dfcc5b1b4192895393e5eb5846c88bdbd41ecf7af3104f410eaee470f5d9017ed460475f626953035a13db1f",
2809 "edadae2f9a45ff3473e02d904c94d94a30a4d92da4deb6bcb4b0774472694571842039f21c496ef93fd658842c735f8a81fcd0aa578442ab893b18f606aed1bab11f81452dd45e9b56adf2eccf4ea095",
2811 "e3fecc75f0075a09b383dfd389a3d33cc9b854b3b254c0f4",
2812 "36eab883afef936cc38f63284619cd19",
2813 "931b2f5f3a5820d53a6beaaa6431083a3488f4eb03b0f5b57ef838e1579623103bd6e6800377538b2e51ef708f3c4956432e8a8ee6a34e190642b26ad8bdae6c2af9a6c7996f3b6004d2671e41f1c9f40ee03d1c4a52b0a0654a331f15f34dce",
2814 "75395974bd32b3665654a6c8e396b88ae34b123575872a7ab687d8e76b46df911a8a590cd01d2f5c330be3a6626e9dd3aa5e10ed14e8ff829811b6fed50f3f533ca4385a1cbca78f5c4744e50f2f8359165c2485d1324e76c3eae76a0ccac629",
2816 "f9c27565eb07947c8cb51b79248430f7b1066c3d2fdc3d13",
2817 "2bd67cc89ab7948d644a49672843cbd9",
2818 "6abcc270173cf114d44847e911a050db57ba7a2e2c161c6f37ccb6aaa4677bddcaf50cad0b5f8758fcf7c0ebc650ceb5cd52cafb8f8dd3edcece55d9f1f08b9fa8f54365cf56e28b9596a7e1dd1d3418e4444a7724add4cf79d527b183ec88de4be4eeff29c80a97e54f85351cb189ee",
2819 "ca282924a61187feb40520979106e5cc861957f23828dcb7285e0eaac8a0ca2a6b60503d63d6039f4693dba32fa1f73ae2e709ca94911f28a5edd1f30eaddd54680c43acc9c74cd90d8bb648b4e544275f47e514daa20697f66c738eb30337f017fca1a26da4d1a0cc0a0e98e2463070",
2821 "fb09cf9e00dbf883689d079c920077c0073c31890b55bab5",
2822 "e3c89bd097c3abddf64f4881db6dbfe2",
2823 "c1a37683fb289467dd1b2c89efba16bbd2ee24cf18d19d44596ded2682c79a2f711c7a32bf6a24badd32a4ee637c73b7a41da6258635650f91fb9ffa45bdfc3cb122136241b3deced8996aa51ea8d3e81c9d70e006a44bc0571ed48623a0d622a93fa9da290baaedf5d9e876c94620945ff8ecc83f27379ed55cf490c5790f27",
2824 "8158e21420f25b59d6ae943fa1cbf21f02e979f419dab0126a721b7eef55bee9ad97f5ccff7d239057bbc19a8c378142f7672f1d5e7e17d7bebcb0070e8355cace6660171a53b61816ae824a6ef69ce470b6ffd3b5bb4b438874d91d27854d3b6f25860d3868958de3307d62b1339bdddb8a318c0ce0f33c17caf0e9f6040820",
2826 "bca6fa3c67fd294e958f66fe8bd64f45f428f5bc8e9733a7",
2827 "92a47f2833f1450d1da41717bdc6e83c",
2828 "5becbc31d8bead6d36ae014a5863d14a431e6b55d29ea6baaa417271716db3a33b2e506b452086dfe690834ac2de30bc41254ec5401ec47d064237c7792fdcd7914d8af20eb114756642d519021a8c75a92f6bc53d326ae9a5b7e1b10a9756574692934d9939fc399e0c203f7edf8e7e6482eadd31a0400770e897b48c6bca2b404593045080e93377358c42a0f4dede",
2829 "926db248cc1ba20f0c57631a7c8aef094f791937b905949e3460240e8bfa6fa483115a1b310b6e4369caebc5262888377b1ddaa5800ea496a2bdff0f9a1031e7129c9a20e35621e7f0b8baca0d87030f2ae7ca8593c8599677a06fd4b26009ead08fecac24caa9cf2cad3b470c8227415a7b1e0f2eab3fad96d70a209c8bb26c627677e2531b9435ca6e3c444d195b5f",
2831 "162ad50ee64a0702aa551f571dedc16b2c1b6a1e4d4b5eee",
2832 "24408038161a2ccae07b029bb66355c1",
2833 "be8abf00901363987a82cc77d0ec91697ba3857f9e4f84bd79406c138d02698f003276d0449120bef4578d78fecabe8e070e11710b3f0a2744bd52434ec70015884c181ebdfd51c604a71c52e4c0e110bc408cd462b248a80b8a8ac06bb952ac1d7faed144807f1a731b7febcaf7835762defe92eccfc7a9944e1c702cffe6bc86733ed321423121085ac02df8962bcbc1937092eebf0e90a8b20e3dd8c244ae",
2834 "c82cf2c476dea8cb6a6e607a40d2f0391be82ea9ec84a537a6820f9afb997b76397d005424faa6a74dc4e8c7aa4a8900690f894b6d1dca80675393d2243adac762f159301e357e98b724762310cd5a7bafe1c2a030dba46fd93a9fdb89cc132ca9c17dc72031ec6822ee5a9d99dbca66c784c01b0885cbb62e29d97801927ec415a5d215158d325f9ee689437ad1b7684ad33c0d92739451ac87f39ff8c31b84",
2837 * From NIST validation suite "Multiblock Message Test"
2840 "6ed76d2d97c69fd1339589523931f2a6cff554b15f738f21ec72dd97a7330907",
2841 "851e8764776e6796aab722dbb644ace8",
2842 "6282b8c05c5c1530b97d4816ca434762",
2843 "6acc04142e100a65f51b97adf5172c41",
2845 "dce26c6b4cfb286510da4eecd2cffe6cdf430f33db9b5f77b460679bd49d13ae",
2846 "fdeaa134c8d7379d457175fd1a57d3fc",
2847 "50e9eee1ac528009e8cbcd356975881f957254b13f91d7c6662d10312052eb00",
2848 "2fa0df722a9fd3b64cb18fb2b3db55ff2267422757289413f8f657507412a64c",
2850 "fe8901fecd3ccd2ec5fdc7c7a0b50519c245b42d611a5ef9e90268d59f3edf33",
2851 "bd416cb3b9892228d8f1df575692e4d0",
2852 "8d3aa196ec3d7c9b5bb122e7fe77fb1295a6da75abe5d3a510194d3a8a4157d5c89d40619716619859da3ec9b247ced9",
2853 "608e82c7ab04007adb22e389a44797fed7de090c8c03ca8a2c5acd9e84df37fbc58ce8edb293e98f02b640d6d1d72464",
2855 "0493ff637108af6a5b8e90ac1fdf035a3d4bafd1afb573be7ade9e8682e663e5",
2856 "c0cd2bebccbb6c49920bd5482ac756e8",
2857 "8b37f9148df4bb25956be6310c73c8dc58ea9714ff49b643107b34c9bff096a94fedd6823526abc27a8e0b16616eee254ab4567dd68e8ccd4c38ac563b13639c",
2858 "05d5c77729421b08b737e41119fa4438d1f570cc772a4d6c3df7ffeda0384ef84288ce37fc4c4c7d1125a499b051364c389fd639bdda647daa3bdadab2eb5594",
2860 "9adc8fbd506e032af7fa20cf5343719de6d1288c158c63d6878aaf64ce26ca85",
2861 "11958dc6ab81e1c7f01631e9944e620f",
2862 "c7917f84f747cd8c4b4fedc2219bdbc5f4d07588389d8248854cf2c2f89667a2d7bcf53e73d32684535f42318e24cd45793950b3825e5d5c5c8fcd3e5dda4ce9246d18337ef3052d8b21c5561c8b660e",
2863 "9c99e68236bb2e929db1089c7750f1b356d39ab9d0c40c3e2f05108ae9d0c30b04832ccdbdc08ebfa426b7f5efde986ed05784ce368193bb3699bc691065ac62e258b9aa4cc557e2b45b49ce05511e65",
2865 "73b8faf00b3302ac99855cf6f9e9e48518690a5906a4869d4dcf48d282faae2a",
2866 "b3cb97a80a539912b8c21f450d3b9395",
2867 "3adea6e06e42c4f041021491f2775ef6378cb08824165edc4f6448e232175b60d0345b9f9c78df6596ec9d22b7b9e76e8f3c76b32d5d67273f1d83fe7a6fc3dd3c49139170fa5701b3beac61b490f0a9e13f844640c4500f9ad3087adfb0ae10",
2868 "ac3d6dbafe2e0f740632fd9e820bf6044cd5b1551cbb9cc03c0b25c39ccb7f33b83aacfca40a3265f2bbff879153448acacb88fcfb3bb7b10fe463a68c0109f028382e3e557b1adf02ed648ab6bb895df0205d26ebbfa9a5fd8cebd8e4bee3dc",
2870 "9ddf3745896504ff360a51a3eb49c01b79fccebc71c3abcb94a949408b05b2c9",
2871 "e79026639d4aa230b5ccffb0b29d79bc",
2872 "cf52e5c3954c51b94c9e38acb8c9a7c76aebdaa9943eae0a1ce155a2efdb4d46985d935511471452d9ee64d2461cb2991d59fc0060697f9a671672163230f367fed1422316e52d29eceacb8768f56d9b80f6d278093c9a8acd3cfd7edd8ebd5c293859f64d2f8486ae1bd593c65bc014",
2873 "34df561bd2cfebbcb7af3b4b8d21ca5258312e7e2e4e538e35ad2490b6112f0d7f148f6aa8d522a7f3c61d785bd667db0e1dc4606c318ea4f26af4fe7d11d4dcff0456511b4aed1a0d91ba4a1fd6cd9029187bc5881a5a07fe02049d39368e83139b12825bae2c7be81e6f12c61bb5c5",
2875 "458b67bf212d20f3a57fce392065582dcefbf381aa22949f8338ab9052260e1d",
2876 "4c12effc5963d40459602675153e9649",
2877 "256fd73ce35ae3ea9c25dd2a9454493e96d8633fe633b56176dce8785ce5dbbb84dbf2c8a2eeb1e96b51899605e4f13bbc11b93bf6f39b3469be14858b5b720d4a522d36feed7a329c9b1e852c9280c47db8039c17c4921571a07d1864128330e09c308ddea1694e95c84500f1a61e614197e86a30ecc28df64ccb3ccf5437aa",
2878 "90b7b9630a2378f53f501ab7beff039155008071bc8438e789932cfd3eb1299195465e6633849463fdb44375278e2fdb1310821e6492cf80ff15cb772509fb426f3aeee27bd4938882fd2ae6b5bd9d91fa4a43b17bb439ebbe59c042310163a82a5fe5388796eee35a181a1271f00be29b852d8fa759bad01ff4678f010594cd",
2880 "d2412db0845d84e5732b8bbd642957473b81fb99ca8bff70e7920d16c1dbec89",
2881 "51c619fcf0b23f0c7925f400a6cacb6d",
2882 "026006c4a71a180c9929824d9d095b8faaa86fc4fa25ecac61d85ff6de92dfa8702688c02a282c1b8af4449707f22d75e91991015db22374c95f8f195d5bb0afeb03040ff8965e0e1339dba5653e174f8aa5a1b39fe3ac839ce307a4e44b4f8f1b0063f738ec18acdbff2ebfe07383e734558723e741f0a1836dafdf9de82210a9248bc113b3c1bc8b4e252ca01bd803",
2883 "0254b23463bcabec5a395eb74c8fb0eb137a07bc6f5e9f61ec0b057de305714f8fa294221c91a159c315939b81e300ee902192ec5f15254428d8772f79324ec43298ca21c00b370273ee5e5ed90e43efa1e05a5d171209fe34f9f29237dba2a6726650fd3b1321747d1208863c6c3c6b3e2d879ab5f25782f08ba8f2abbe63e0bedb4a227e81afb36bb6645508356d34",
2885 "48be597e632c16772324c8d3fa1d9c5a9ecd010f14ec5d110d3bfec376c5532b",
2886 "d6d581b8cf04ebd3b6eaa1b53f047ee1",
2887 "0c63d413d3864570e70bb6618bf8a4b9585586688c32bba0a5ecc1362fada74ada32c52acfd1aa7444ba567b4e7daaecf7cc1cb29182af164ae5232b002868695635599807a9a7f07a1f137e97b1e1c9dabc89b6a5e4afa9db5855edaa575056a8f4f8242216242bb0c256310d9d329826ac353d715fa39f80cec144d6424558f9f70b98c920096e0f2c855d594885a00625880e9dfb734163cecef72cf030b8",
2888 "fc5873e50de8faf4c6b84ba707b0854e9db9ab2e9f7d707fbba338c6843a18fc6facebaf663d26296fb329b4d26f18494c79e09e779647f9bafa87489630d79f4301610c2300c19dbf3148b7cac8c4f4944102754f332e92b6f7c5e75bc6179eb877a078d4719009021744c14f13fd2a55a2b9c44d18000685a845a4f632c7c56a77306efa66a24d05d088dcd7c13fe24fc447275965db9e4d37fbc9304448cd",
2891 * End-of-table marker.
2897 * AES known-answer tests for CTR. Order: key, IV, plaintext, ciphertext.
2899 static const char *const KAT_AES_CTR
[] = {
2903 "ae6852f8121067cc4bf7a5765577f39e",
2904 "000000300000000000000000",
2905 "53696e676c6520626c6f636b206d7367",
2906 "e4095d4fb7a7b3792d6175a3261311b8",
2908 "7e24067817fae0d743d6ce1f32539163",
2909 "006cb6dbc0543b59da48d90b",
2910 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2911 "5104a106168a72d9790d41ee8edad388eb2e1efc46da57c8fce630df9141be28",
2913 "7691be035e5020a8ac6e618529f9a0dc",
2914 "00e0017b27777f3f4a1786f0",
2915 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2916 "c1cf48a89f2ffdd9cf4652e9efdb72d74540a42bde6d7836d59a5ceaaef3105325b2072f",
2918 "16af5b145fc9f579c175f93e3bfb0eed863d06ccfdb78515",
2919 "0000004836733c147d6d93cb",
2920 "53696e676c6520626c6f636b206d7367",
2921 "4b55384fe259c9c84e7935a003cbe928",
2923 "7c5cb2401b3dc33c19e7340819e0f69c678c3db8e6f6a91a",
2924 "0096b03b020c6eadc2cb500d",
2925 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2926 "453243fc609b23327edfaafa7131cd9f8490701c5ad4a79cfc1fe0ff42f4fb00",
2928 "02bf391ee8ecb159b959617b0965279bf59b60a786d3e0fe",
2929 "0007bdfd5cbd60278dcc0912",
2930 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2931 "96893fc55e5c722f540b7dd1ddf7e758d288bc95c69165884536c811662f2188abee0935",
2933 "776beff2851db06f4c8a0542c8696f6c6a81af1eec96b4d37fc1d689e6c1c104",
2934 "00000060db5672c97aa8f0b2",
2935 "53696e676c6520626c6f636b206d7367",
2936 "145ad01dbf824ec7560863dc71e3e0c0",
2938 "f6d66d6bd52d59bb0796365879eff886c66dd51a5b6a99744b50590c87a23884",
2939 "00faac24c1585ef15a43d875",
2940 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2941 "f05e231b3894612c49ee000b804eb2a9b8306b508f839d6a5530831d9344af1c",
2943 "ff7a617ce69148e4f1726e2f43581de2aa62d9f805532edff1eed687fb54153d",
2944 "001cc5b751a51d70a1c11148",
2945 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2946 "eb6c52821d0bbbf7ce7594462aca4faab407df866569fd07f48cc0b583d6071f1ec0e6b8",
2949 * End-of-table marker.
2955 monte_carlo_AES_encrypt(const br_block_cbcenc_class
*ve
,
2956 char *skey
, char *splain
, char *scipher
)
2958 unsigned char key
[32];
2959 unsigned char buf
[16];
2960 unsigned char pbuf
[16];
2961 unsigned char cipher
[16];
2964 br_aes_gen_cbcenc_keys v_ec
;
2965 const br_block_cbcenc_class
**ec
;
2968 key_len
= hextobin(key
, skey
);
2969 hextobin(buf
, splain
);
2970 hextobin(cipher
, scipher
);
2971 for (i
= 0; i
< 100; i
++) {
2972 ve
->init(ec
, key
, key_len
);
2973 for (j
= 0; j
< 1000; j
++) {
2974 unsigned char iv
[16];
2976 memcpy(pbuf
, buf
, sizeof buf
);
2977 memset(iv
, 0, sizeof iv
);
2978 ve
->run(ec
, iv
, buf
, sizeof buf
);
2982 for (k
= 0; k
< 16; k
++) {
2987 for (k
= 0; k
< 8; k
++) {
2988 key
[k
] ^= pbuf
[8 + k
];
2990 for (k
= 0; k
< 16; k
++) {
2991 key
[8 + k
] ^= buf
[k
];
2995 for (k
= 0; k
< 16; k
++) {
2997 key
[16 + k
] ^= buf
[k
];
3006 check_equals("MC AES encrypt", buf
, cipher
, sizeof buf
);
3010 monte_carlo_AES_decrypt(const br_block_cbcdec_class
*vd
,
3011 char *skey
, char *scipher
, char *splain
)
3013 unsigned char key
[32];
3014 unsigned char buf
[16];
3015 unsigned char pbuf
[16];
3016 unsigned char plain
[16];
3019 br_aes_gen_cbcdec_keys v_dc
;
3020 const br_block_cbcdec_class
**dc
;
3023 key_len
= hextobin(key
, skey
);
3024 hextobin(buf
, scipher
);
3025 hextobin(plain
, splain
);
3026 for (i
= 0; i
< 100; i
++) {
3027 vd
->init(dc
, key
, key_len
);
3028 for (j
= 0; j
< 1000; j
++) {
3029 unsigned char iv
[16];
3031 memcpy(pbuf
, buf
, sizeof buf
);
3032 memset(iv
, 0, sizeof iv
);
3033 vd
->run(dc
, iv
, buf
, sizeof buf
);
3037 for (k
= 0; k
< 16; k
++) {
3042 for (k
= 0; k
< 8; k
++) {
3043 key
[k
] ^= pbuf
[8 + k
];
3045 for (k
= 0; k
< 16; k
++) {
3046 key
[8 + k
] ^= buf
[k
];
3050 for (k
= 0; k
< 16; k
++) {
3052 key
[16 + k
] ^= buf
[k
];
3061 check_equals("MC AES decrypt", buf
, plain
, sizeof buf
);
3065 test_AES_generic(char *name
,
3066 const br_block_cbcenc_class
*ve
,
3067 const br_block_cbcdec_class
*vd
,
3068 const br_block_ctr_class
*vc
,
3069 int with_MC
, int with_CBC
)
3073 printf("Test %s: ", name
);
3076 if (ve
->block_size
!= 16 || vd
->block_size
!= 16
3077 || ve
->log_block_size
!= 4 || vd
->log_block_size
!= 4)
3079 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3083 for (u
= 0; KAT_AES
[u
]; u
+= 3) {
3084 unsigned char key
[32];
3085 unsigned char plain
[16];
3086 unsigned char cipher
[16];
3087 unsigned char buf
[16];
3088 unsigned char iv
[16];
3090 br_aes_gen_cbcenc_keys v_ec
;
3091 br_aes_gen_cbcdec_keys v_dc
;
3092 const br_block_cbcenc_class
**ec
;
3093 const br_block_cbcdec_class
**dc
;
3097 key_len
= hextobin(key
, KAT_AES
[u
]);
3098 hextobin(plain
, KAT_AES
[u
+ 1]);
3099 hextobin(cipher
, KAT_AES
[u
+ 2]);
3100 ve
->init(ec
, key
, key_len
);
3101 memcpy(buf
, plain
, sizeof plain
);
3102 memset(iv
, 0, sizeof iv
);
3103 ve
->run(ec
, iv
, buf
, sizeof buf
);
3104 check_equals("KAT AES encrypt", buf
, cipher
, sizeof cipher
);
3105 vd
->init(dc
, key
, key_len
);
3106 memset(iv
, 0, sizeof iv
);
3107 vd
->run(dc
, iv
, buf
, sizeof buf
);
3108 check_equals("KAT AES decrypt", buf
, plain
, sizeof plain
);
3112 for (u
= 0; KAT_AES_CBC
[u
]; u
+= 4) {
3113 unsigned char key
[32];
3114 unsigned char ivref
[16];
3115 unsigned char plain
[200];
3116 unsigned char cipher
[200];
3117 unsigned char buf
[200];
3118 unsigned char iv
[16];
3119 size_t key_len
, data_len
, v
;
3120 br_aes_gen_cbcenc_keys v_ec
;
3121 br_aes_gen_cbcdec_keys v_dc
;
3122 const br_block_cbcenc_class
**ec
;
3123 const br_block_cbcdec_class
**dc
;
3127 key_len
= hextobin(key
, KAT_AES_CBC
[u
]);
3128 hextobin(ivref
, KAT_AES_CBC
[u
+ 1]);
3129 data_len
= hextobin(plain
, KAT_AES_CBC
[u
+ 2]);
3130 hextobin(cipher
, KAT_AES_CBC
[u
+ 3]);
3131 ve
->init(ec
, key
, key_len
);
3133 memcpy(buf
, plain
, data_len
);
3134 memcpy(iv
, ivref
, 16);
3135 ve
->run(ec
, iv
, buf
, data_len
);
3136 check_equals("KAT CBC AES encrypt",
3137 buf
, cipher
, data_len
);
3138 vd
->init(dc
, key
, key_len
);
3139 memcpy(iv
, ivref
, 16);
3140 vd
->run(dc
, iv
, buf
, data_len
);
3141 check_equals("KAT CBC AES decrypt",
3142 buf
, plain
, data_len
);
3144 memcpy(buf
, plain
, data_len
);
3145 memcpy(iv
, ivref
, 16);
3146 for (v
= 0; v
< data_len
; v
+= 16) {
3147 ve
->run(ec
, iv
, buf
+ v
, 16);
3149 check_equals("KAT CBC AES encrypt (2)",
3150 buf
, cipher
, data_len
);
3151 memcpy(iv
, ivref
, 16);
3152 for (v
= 0; v
< data_len
; v
+= 16) {
3153 vd
->run(dc
, iv
, buf
+ v
, 16);
3155 check_equals("KAT CBC AES decrypt (2)",
3156 buf
, plain
, data_len
);
3160 * We want to check proper IV management for CBC:
3161 * encryption and decryption must properly copy the _last_
3162 * encrypted block as new IV, for all sizes.
3164 for (u
= 1; u
<= 35; u
++) {
3165 br_hmac_drbg_context rng
;
3167 size_t key_len
, data_len
;
3170 br_hmac_drbg_init(&rng
, &br_sha256_vtable
,
3171 "seed for AES/CBC", 16);
3173 br_hmac_drbg_update(&rng
, &x
, 1);
3175 for (key_len
= 16; key_len
<= 32; key_len
+= 16) {
3176 unsigned char key
[32];
3177 unsigned char iv
[16], iv1
[16], iv2
[16];
3178 unsigned char plain
[35 * 16];
3179 unsigned char tmp1
[sizeof plain
];
3180 unsigned char tmp2
[sizeof plain
];
3181 br_aes_gen_cbcenc_keys v_ec
;
3182 br_aes_gen_cbcdec_keys v_dc
;
3183 const br_block_cbcenc_class
**ec
;
3184 const br_block_cbcdec_class
**dc
;
3186 br_hmac_drbg_generate(&rng
, key
, key_len
);
3187 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
3188 br_hmac_drbg_generate(&rng
, plain
, data_len
);
3191 ve
->init(ec
, key
, key_len
);
3192 memcpy(iv1
, iv
, sizeof iv
);
3193 memcpy(tmp1
, plain
, data_len
);
3194 ve
->run(ec
, iv1
, tmp1
, data_len
);
3195 check_equals("IV CBC AES (1)",
3196 tmp1
+ data_len
- 16, iv1
, 16);
3197 memcpy(iv2
, iv
, sizeof iv
);
3198 memcpy(tmp2
, plain
, data_len
);
3199 for (v
= 0; v
< data_len
; v
+= 16) {
3200 ve
->run(ec
, iv2
, tmp2
+ v
, 16);
3202 check_equals("IV CBC AES (2)",
3203 tmp2
+ data_len
- 16, iv2
, 16);
3204 check_equals("IV CBC AES (3)",
3205 tmp1
, tmp2
, data_len
);
3208 vd
->init(dc
, key
, key_len
);
3209 memcpy(iv1
, iv
, sizeof iv
);
3210 vd
->run(dc
, iv1
, tmp1
, data_len
);
3211 check_equals("IV CBC AES (4)", iv1
, iv2
, 16);
3212 check_equals("IV CBC AES (5)",
3213 tmp1
, plain
, data_len
);
3214 memcpy(iv2
, iv
, sizeof iv
);
3215 for (v
= 0; v
< data_len
; v
+= 16) {
3216 vd
->run(dc
, iv2
, tmp2
+ v
, 16);
3218 check_equals("IV CBC AES (6)", iv1
, iv2
, 16);
3219 check_equals("IV CBC AES (7)",
3220 tmp2
, plain
, data_len
);
3226 if (vc
->block_size
!= 16 || vc
->log_block_size
!= 4) {
3227 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3230 for (u
= 0; KAT_AES_CTR
[u
]; u
+= 4) {
3231 unsigned char key
[32];
3232 unsigned char iv
[12];
3233 unsigned char plain
[200];
3234 unsigned char cipher
[200];
3235 unsigned char buf
[200];
3236 size_t key_len
, data_len
, v
;
3238 br_aes_gen_ctr_keys v_xc
;
3239 const br_block_ctr_class
**xc
;
3242 key_len
= hextobin(key
, KAT_AES_CTR
[u
]);
3243 hextobin(iv
, KAT_AES_CTR
[u
+ 1]);
3244 data_len
= hextobin(plain
, KAT_AES_CTR
[u
+ 2]);
3245 hextobin(cipher
, KAT_AES_CTR
[u
+ 3]);
3246 vc
->init(xc
, key
, key_len
);
3247 memcpy(buf
, plain
, data_len
);
3248 vc
->run(xc
, iv
, 1, buf
, data_len
);
3249 check_equals("KAT CTR AES (1)", buf
, cipher
, data_len
);
3250 vc
->run(xc
, iv
, 1, buf
, data_len
);
3251 check_equals("KAT CTR AES (2)", buf
, plain
, data_len
);
3253 memcpy(buf
, plain
, data_len
);
3255 for (v
= 0; v
< data_len
; v
+= 32) {
3258 clen
= data_len
- v
;
3262 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3264 check_equals("KAT CTR AES (3)", buf
, cipher
, data_len
);
3266 memcpy(buf
, plain
, data_len
);
3268 for (v
= 0; v
< data_len
; v
+= 16) {
3271 clen
= data_len
- v
;
3275 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3277 check_equals("KAT CTR AES (4)", buf
, cipher
, data_len
);
3282 monte_carlo_AES_encrypt(
3284 "139a35422f1d61de3c91787fe0507afd",
3285 "b9145a768b7dc489a096b546f43b231f",
3286 "fb2649694783b551eacd9d5db6126d47");
3287 monte_carlo_AES_decrypt(
3289 "0c60e7bf20ada9baa9e1ddf0d1540726",
3290 "b08a29b11a500ea3aca42c36675b9785",
3291 "d1d2bfdc58ffcad2341b095bce55221e");
3293 monte_carlo_AES_encrypt(
3295 "b9a63e09e1dfc42e93a90d9bad739e5967aef672eedd5da9",
3296 "85a1f7a58167b389cddc8a9ff175ee26",
3297 "5d1196da8f184975e240949a25104554");
3298 monte_carlo_AES_decrypt(
3300 "4b97585701c03fbebdfa8555024f589f1482c58a00fdd9fd",
3301 "d0bd0e02ded155e4516be83f42d347a4",
3302 "b63ef1b79507a62eba3dafcec54a6328");
3304 monte_carlo_AES_encrypt(
3306 "f9e8389f5b80712e3886cc1fa2d28a3b8c9cd88a2d4a54c6aa86ce0fef944be0",
3307 "b379777f9050e2a818f2940cbbd9aba4",
3308 "c5d2cb3d5b7ff0e23e308967ee074825");
3309 monte_carlo_AES_decrypt(
3311 "2b09ba39b834062b9e93f48373b8dd018dedf1e5ba1b8af831ebbacbc92a2643",
3312 "89649bd0115f30bd878567610223a59d",
3313 "e3d3868f578caf34e36445bf14cefc68");
3323 test_AES_generic("AES_big",
3324 &br_aes_big_cbcenc_vtable
,
3325 &br_aes_big_cbcdec_vtable
,
3326 &br_aes_big_ctr_vtable
,
3331 test_AES_small(void)
3333 test_AES_generic("AES_small",
3334 &br_aes_small_cbcenc_vtable
,
3335 &br_aes_small_cbcdec_vtable
,
3336 &br_aes_small_ctr_vtable
,
3343 test_AES_generic("AES_ct",
3344 &br_aes_ct_cbcenc_vtable
,
3345 &br_aes_ct_cbcdec_vtable
,
3346 &br_aes_ct_ctr_vtable
,
3353 test_AES_generic("AES_ct64",
3354 &br_aes_ct64_cbcenc_vtable
,
3355 &br_aes_ct64_cbcdec_vtable
,
3356 &br_aes_ct64_ctr_vtable
,
3361 test_AES_x86ni(void)
3363 const br_block_cbcenc_class
*x_cbcenc
;
3364 const br_block_cbcdec_class
*x_cbcdec
;
3365 const br_block_ctr_class
*x_ctr
;
3366 int hcbcenc
, hcbcdec
, hctr
;
3368 x_cbcenc
= br_aes_x86ni_cbcenc_get_vtable();
3369 x_cbcdec
= br_aes_x86ni_cbcdec_get_vtable();
3370 x_ctr
= br_aes_x86ni_ctr_get_vtable();
3371 hcbcenc
= (x_cbcenc
!= NULL
);
3372 hcbcdec
= (x_cbcdec
!= NULL
);
3373 hctr
= (x_ctr
!= NULL
);
3374 if (hcbcenc
!= hctr
|| hcbcdec
!= hctr
) {
3375 fprintf(stderr
, "AES_x86ni availability mismatch (%d/%d/%d)\n",
3376 hcbcenc
, hcbcdec
, hctr
);
3380 test_AES_generic("AES_x86ni",
3381 x_cbcenc
, x_cbcdec
, x_ctr
, 1, 1);
3383 printf("Test AES_x86ni: UNAVAILABLE\n");
3390 const br_block_cbcenc_class
*x_cbcenc
;
3391 const br_block_cbcdec_class
*x_cbcdec
;
3392 const br_block_ctr_class
*x_ctr
;
3393 int hcbcenc
, hcbcdec
, hctr
;
3395 x_cbcenc
= br_aes_pwr8_cbcenc_get_vtable();
3396 x_cbcdec
= br_aes_pwr8_cbcdec_get_vtable();
3397 x_ctr
= br_aes_pwr8_ctr_get_vtable();
3398 hcbcenc
= (x_cbcenc
!= NULL
);
3399 hcbcdec
= (x_cbcdec
!= NULL
);
3400 hctr
= (x_ctr
!= NULL
);
3401 if (hcbcenc
!= hctr
|| hcbcdec
!= hctr
) {
3402 fprintf(stderr
, "AES_pwr8 availability mismatch (%d/%d/%d)\n",
3403 hcbcenc
, hcbcdec
, hctr
);
3407 test_AES_generic("AES_pwr8",
3408 x_cbcenc
, x_cbcdec
, x_ctr
, 1, 1);
3410 printf("Test AES_pwr8: UNAVAILABLE\n");
3415 * DES known-answer tests. Order: plaintext, key, ciphertext.
3416 * (mostly from NIST SP 800-20).
3418 static const char *const KAT_DES
[] = {
3419 "10316E028C8F3B4A", "0000000000000000", "82DCBAFBDEAB6602",
3420 "8000000000000000", "0000000000000000", "95A8D72813DAA94D",
3421 "4000000000000000", "0000000000000000", "0EEC1487DD8C26D5",
3422 "2000000000000000", "0000000000000000", "7AD16FFB79C45926",
3423 "1000000000000000", "0000000000000000", "D3746294CA6A6CF3",
3424 "0800000000000000", "0000000000000000", "809F5F873C1FD761",
3425 "0400000000000000", "0000000000000000", "C02FAFFEC989D1FC",
3426 "0200000000000000", "0000000000000000", "4615AA1D33E72F10",
3427 "0100000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3428 "0080000000000000", "0000000000000000", "2055123350C00858",
3429 "0040000000000000", "0000000000000000", "DF3B99D6577397C8",
3430 "0020000000000000", "0000000000000000", "31FE17369B5288C9",
3431 "0010000000000000", "0000000000000000", "DFDD3CC64DAE1642",
3432 "0008000000000000", "0000000000000000", "178C83CE2B399D94",
3433 "0004000000000000", "0000000000000000", "50F636324A9B7F80",
3434 "0002000000000000", "0000000000000000", "A8468EE3BC18F06D",
3435 "0001000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3436 "0000800000000000", "0000000000000000", "A2DC9E92FD3CDE92",
3437 "0000400000000000", "0000000000000000", "CAC09F797D031287",
3438 "0000200000000000", "0000000000000000", "90BA680B22AEB525",
3439 "0000100000000000", "0000000000000000", "CE7A24F350E280B6",
3440 "0000080000000000", "0000000000000000", "882BFF0AA01A0B87",
3441 "0000040000000000", "0000000000000000", "25610288924511C2",
3442 "0000020000000000", "0000000000000000", "C71516C29C75D170",
3443 "0000010000000000", "0000000000000000", "8CA64DE9C1B123A7",
3444 "0000008000000000", "0000000000000000", "5199C29A52C9F059",
3445 "0000004000000000", "0000000000000000", "C22F0A294A71F29F",
3446 "0000002000000000", "0000000000000000", "EE371483714C02EA",
3447 "0000001000000000", "0000000000000000", "A81FBD448F9E522F",
3448 "0000000800000000", "0000000000000000", "4F644C92E192DFED",
3449 "0000000400000000", "0000000000000000", "1AFA9A66A6DF92AE",
3450 "0000000200000000", "0000000000000000", "B3C1CC715CB879D8",
3451 "0000000100000000", "0000000000000000", "8CA64DE9C1B123A7",
3452 "0000000080000000", "0000000000000000", "19D032E64AB0BD8B",
3453 "0000000040000000", "0000000000000000", "3CFAA7A7DC8720DC",
3454 "0000000020000000", "0000000000000000", "B7265F7F447AC6F3",
3455 "0000000010000000", "0000000000000000", "9DB73B3C0D163F54",
3456 "0000000008000000", "0000000000000000", "8181B65BABF4A975",
3457 "0000000004000000", "0000000000000000", "93C9B64042EAA240",
3458 "0000000002000000", "0000000000000000", "5570530829705592",
3459 "0000000001000000", "0000000000000000", "8CA64DE9C1B123A7",
3460 "0000000000800000", "0000000000000000", "8638809E878787A0",
3461 "0000000000400000", "0000000000000000", "41B9A79AF79AC208",
3462 "0000000000200000", "0000000000000000", "7A9BE42F2009A892",
3463 "0000000000100000", "0000000000000000", "29038D56BA6D2745",
3464 "0000000000080000", "0000000000000000", "5495C6ABF1E5DF51",
3465 "0000000000040000", "0000000000000000", "AE13DBD561488933",
3466 "0000000000020000", "0000000000000000", "024D1FFA8904E389",
3467 "0000000000010000", "0000000000000000", "8CA64DE9C1B123A7",
3468 "0000000000008000", "0000000000000000", "D1399712F99BF02E",
3469 "0000000000004000", "0000000000000000", "14C1D7C1CFFEC79E",
3470 "0000000000002000", "0000000000000000", "1DE5279DAE3BED6F",
3471 "0000000000001000", "0000000000000000", "E941A33F85501303",
3472 "0000000000000800", "0000000000000000", "DA99DBBC9A03F379",
3473 "0000000000000400", "0000000000000000", "B7FC92F91D8E92E9",
3474 "0000000000000200", "0000000000000000", "AE8E5CAA3CA04E85",
3475 "0000000000000100", "0000000000000000", "8CA64DE9C1B123A7",
3476 "0000000000000080", "0000000000000000", "9CC62DF43B6EED74",
3477 "0000000000000040", "0000000000000000", "D863DBB5C59A91A0",
3478 "0000000000000020", "0000000000000000", "A1AB2190545B91D7",
3479 "0000000000000010", "0000000000000000", "0875041E64C570F7",
3480 "0000000000000008", "0000000000000000", "5A594528BEBEF1CC",
3481 "0000000000000004", "0000000000000000", "FCDB3291DE21F0C0",
3482 "0000000000000002", "0000000000000000", "869EFD7F9F265A09",
3483 "0000000000000001", "0000000000000000", "8CA64DE9C1B123A7",
3484 "0000000000000000", "8000000000000000", "95F8A5E5DD31D900",
3485 "0000000000000000", "4000000000000000", "DD7F121CA5015619",
3486 "0000000000000000", "2000000000000000", "2E8653104F3834EA",
3487 "0000000000000000", "1000000000000000", "4BD388FF6CD81D4F",
3488 "0000000000000000", "0800000000000000", "20B9E767B2FB1456",
3489 "0000000000000000", "0400000000000000", "55579380D77138EF",
3490 "0000000000000000", "0200000000000000", "6CC5DEFAAF04512F",
3491 "0000000000000000", "0100000000000000", "0D9F279BA5D87260",
3492 "0000000000000000", "0080000000000000", "D9031B0271BD5A0A",
3493 "0000000000000000", "0040000000000000", "424250B37C3DD951",
3494 "0000000000000000", "0020000000000000", "B8061B7ECD9A21E5",
3495 "0000000000000000", "0010000000000000", "F15D0F286B65BD28",
3496 "0000000000000000", "0008000000000000", "ADD0CC8D6E5DEBA1",
3497 "0000000000000000", "0004000000000000", "E6D5F82752AD63D1",
3498 "0000000000000000", "0002000000000000", "ECBFE3BD3F591A5E",
3499 "0000000000000000", "0001000000000000", "F356834379D165CD",
3500 "0000000000000000", "0000800000000000", "2B9F982F20037FA9",
3501 "0000000000000000", "0000400000000000", "889DE068A16F0BE6",
3502 "0000000000000000", "0000200000000000", "E19E275D846A1298",
3503 "0000000000000000", "0000100000000000", "329A8ED523D71AEC",
3504 "0000000000000000", "0000080000000000", "E7FCE22557D23C97",
3505 "0000000000000000", "0000040000000000", "12A9F5817FF2D65D",
3506 "0000000000000000", "0000020000000000", "A484C3AD38DC9C19",
3507 "0000000000000000", "0000010000000000", "FBE00A8A1EF8AD72",
3508 "0000000000000000", "0000008000000000", "750D079407521363",
3509 "0000000000000000", "0000004000000000", "64FEED9C724C2FAF",
3510 "0000000000000000", "0000002000000000", "F02B263B328E2B60",
3511 "0000000000000000", "0000001000000000", "9D64555A9A10B852",
3512 "0000000000000000", "0000000800000000", "D106FF0BED5255D7",
3513 "0000000000000000", "0000000400000000", "E1652C6B138C64A5",
3514 "0000000000000000", "0000000200000000", "E428581186EC8F46",
3515 "0000000000000000", "0000000100000000", "AEB5F5EDE22D1A36",
3516 "0000000000000000", "0000000080000000", "E943D7568AEC0C5C",
3517 "0000000000000000", "0000000040000000", "DF98C8276F54B04B",
3518 "0000000000000000", "0000000020000000", "B160E4680F6C696F",
3519 "0000000000000000", "0000000010000000", "FA0752B07D9C4AB8",
3520 "0000000000000000", "0000000008000000", "CA3A2B036DBC8502",
3521 "0000000000000000", "0000000004000000", "5E0905517BB59BCF",
3522 "0000000000000000", "0000000002000000", "814EEB3B91D90726",
3523 "0000000000000000", "0000000001000000", "4D49DB1532919C9F",
3524 "0000000000000000", "0000000000800000", "25EB5FC3F8CF0621",
3525 "0000000000000000", "0000000000400000", "AB6A20C0620D1C6F",
3526 "0000000000000000", "0000000000200000", "79E90DBC98F92CCA",
3527 "0000000000000000", "0000000000100000", "866ECEDD8072BB0E",
3528 "0000000000000000", "0000000000080000", "8B54536F2F3E64A8",
3529 "0000000000000000", "0000000000040000", "EA51D3975595B86B",
3530 "0000000000000000", "0000000000020000", "CAFFC6AC4542DE31",
3531 "0000000000000000", "0000000000010000", "8DD45A2DDF90796C",
3532 "0000000000000000", "0000000000008000", "1029D55E880EC2D0",
3533 "0000000000000000", "0000000000004000", "5D86CB23639DBEA9",
3534 "0000000000000000", "0000000000002000", "1D1CA853AE7C0C5F",
3535 "0000000000000000", "0000000000001000", "CE332329248F3228",
3536 "0000000000000000", "0000000000000800", "8405D1ABE24FB942",
3537 "0000000000000000", "0000000000000400", "E643D78090CA4207",
3538 "0000000000000000", "0000000000000200", "48221B9937748A23",
3539 "0000000000000000", "0000000000000100", "DD7C0BBD61FAFD54",
3540 "0000000000000000", "0000000000000080", "2FBC291A570DB5C4",
3541 "0000000000000000", "0000000000000040", "E07C30D7E4E26E12",
3542 "0000000000000000", "0000000000000020", "0953E2258E8E90A1",
3543 "0000000000000000", "0000000000000010", "5B711BC4CEEBF2EE",
3544 "0000000000000000", "0000000000000008", "CC083F1E6D9E85F6",
3545 "0000000000000000", "0000000000000004", "D2FD8867D50D2DFE",
3546 "0000000000000000", "0000000000000002", "06E7EA22CE92708F",
3547 "0000000000000000", "0000000000000001", "166B40B44ABA4BD6",
3548 "0000000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3549 "0101010101010101", "0101010101010101", "994D4DC157B96C52",
3550 "0202020202020202", "0202020202020202", "E127C2B61D98E6E2",
3551 "0303030303030303", "0303030303030303", "984C91D78A269CE3",
3552 "0404040404040404", "0404040404040404", "1F4570BB77550683",
3553 "0505050505050505", "0505050505050505", "3990ABF98D672B16",
3554 "0606060606060606", "0606060606060606", "3F5150BBA081D585",
3555 "0707070707070707", "0707070707070707", "C65242248C9CF6F2",
3556 "0808080808080808", "0808080808080808", "10772D40FAD24257",
3557 "0909090909090909", "0909090909090909", "F0139440647A6E7B",
3558 "0A0A0A0A0A0A0A0A", "0A0A0A0A0A0A0A0A", "0A288603044D740C",
3559 "0B0B0B0B0B0B0B0B", "0B0B0B0B0B0B0B0B", "6359916942F7438F",
3560 "0C0C0C0C0C0C0C0C", "0C0C0C0C0C0C0C0C", "934316AE443CF08B",
3561 "0D0D0D0D0D0D0D0D", "0D0D0D0D0D0D0D0D", "E3F56D7F1130A2B7",
3562 "0E0E0E0E0E0E0E0E", "0E0E0E0E0E0E0E0E", "A2E4705087C6B6B4",
3563 "0F0F0F0F0F0F0F0F", "0F0F0F0F0F0F0F0F", "D5D76E09A447E8C3",
3564 "1010101010101010", "1010101010101010", "DD7515F2BFC17F85",
3565 "1111111111111111", "1111111111111111", "F40379AB9E0EC533",
3566 "1212121212121212", "1212121212121212", "96CD27784D1563E5",
3567 "1313131313131313", "1313131313131313", "2911CF5E94D33FE1",
3568 "1414141414141414", "1414141414141414", "377B7F7CA3E5BBB3",
3569 "1515151515151515", "1515151515151515", "701AA63832905A92",
3570 "1616161616161616", "1616161616161616", "2006E716C4252D6D",
3571 "1717171717171717", "1717171717171717", "452C1197422469F8",
3572 "1818181818181818", "1818181818181818", "C33FD1EB49CB64DA",
3573 "1919191919191919", "1919191919191919", "7572278F364EB50D",
3574 "1A1A1A1A1A1A1A1A", "1A1A1A1A1A1A1A1A", "69E51488403EF4C3",
3575 "1B1B1B1B1B1B1B1B", "1B1B1B1B1B1B1B1B", "FF847E0ADF192825",
3576 "1C1C1C1C1C1C1C1C", "1C1C1C1C1C1C1C1C", "521B7FB3B41BB791",
3577 "1D1D1D1D1D1D1D1D", "1D1D1D1D1D1D1D1D", "26059A6A0F3F6B35",
3578 "1E1E1E1E1E1E1E1E", "1E1E1E1E1E1E1E1E", "F24A8D2231C77538",
3579 "1F1F1F1F1F1F1F1F", "1F1F1F1F1F1F1F1F", "4FD96EC0D3304EF6",
3580 "2020202020202020", "2020202020202020", "18A9D580A900B699",
3581 "2121212121212121", "2121212121212121", "88586E1D755B9B5A",
3582 "2222222222222222", "2222222222222222", "0F8ADFFB11DC2784",
3583 "2323232323232323", "2323232323232323", "2F30446C8312404A",
3584 "2424242424242424", "2424242424242424", "0BA03D9E6C196511",
3585 "2525252525252525", "2525252525252525", "3E55E997611E4B7D",
3586 "2626262626262626", "2626262626262626", "B2522FB5F158F0DF",
3587 "2727272727272727", "2727272727272727", "2109425935406AB8",
3588 "2828282828282828", "2828282828282828", "11A16028F310FF16",
3589 "2929292929292929", "2929292929292929", "73F0C45F379FE67F",
3590 "2A2A2A2A2A2A2A2A", "2A2A2A2A2A2A2A2A", "DCAD4338F7523816",
3591 "2B2B2B2B2B2B2B2B", "2B2B2B2B2B2B2B2B", "B81634C1CEAB298C",
3592 "2C2C2C2C2C2C2C2C", "2C2C2C2C2C2C2C2C", "DD2CCB29B6C4C349",
3593 "2D2D2D2D2D2D2D2D", "2D2D2D2D2D2D2D2D", "7D07A77A2ABD50A7",
3594 "2E2E2E2E2E2E2E2E", "2E2E2E2E2E2E2E2E", "30C1B0C1FD91D371",
3595 "2F2F2F2F2F2F2F2F", "2F2F2F2F2F2F2F2F", "C4427B31AC61973B",
3596 "3030303030303030", "3030303030303030", "F47BB46273B15EB5",
3597 "3131313131313131", "3131313131313131", "655EA628CF62585F",
3598 "3232323232323232", "3232323232323232", "AC978C247863388F",
3599 "3333333333333333", "3333333333333333", "0432ED386F2DE328",
3600 "3434343434343434", "3434343434343434", "D254014CB986B3C2",
3601 "3535353535353535", "3535353535353535", "B256E34BEDB49801",
3602 "3636363636363636", "3636363636363636", "37F8759EB77E7BFC",
3603 "3737373737373737", "3737373737373737", "5013CA4F62C9CEA0",
3604 "3838383838383838", "3838383838383838", "8940F7B3EACA5939",
3605 "3939393939393939", "3939393939393939", "E22B19A55086774B",
3606 "3A3A3A3A3A3A3A3A", "3A3A3A3A3A3A3A3A", "B04A2AAC925ABB0B",
3607 "3B3B3B3B3B3B3B3B", "3B3B3B3B3B3B3B3B", "8D250D58361597FC",
3608 "3C3C3C3C3C3C3C3C", "3C3C3C3C3C3C3C3C", "51F0114FB6A6CD37",
3609 "3D3D3D3D3D3D3D3D", "3D3D3D3D3D3D3D3D", "9D0BB4DB830ECB73",
3610 "3E3E3E3E3E3E3E3E", "3E3E3E3E3E3E3E3E", "E96089D6368F3E1A",
3611 "3F3F3F3F3F3F3F3F", "3F3F3F3F3F3F3F3F", "5C4CA877A4E1E92D",
3612 "4040404040404040", "4040404040404040", "6D55DDBC8DEA95FF",
3613 "4141414141414141", "4141414141414141", "19DF84AC95551003",
3614 "4242424242424242", "4242424242424242", "724E7332696D08A7",
3615 "4343434343434343", "4343434343434343", "B91810B8CDC58FE2",
3616 "4444444444444444", "4444444444444444", "06E23526EDCCD0C4",
3617 "4545454545454545", "4545454545454545", "EF52491D5468D441",
3618 "4646464646464646", "4646464646464646", "48019C59E39B90C5",
3619 "4747474747474747", "4747474747474747", "0544083FB902D8C0",
3620 "4848484848484848", "4848484848484848", "63B15CADA668CE12",
3621 "4949494949494949", "4949494949494949", "EACC0C1264171071",
3622 "4A4A4A4A4A4A4A4A", "4A4A4A4A4A4A4A4A", "9D2B8C0AC605F274",
3623 "4B4B4B4B4B4B4B4B", "4B4B4B4B4B4B4B4B", "C90F2F4C98A8FB2A",
3624 "4C4C4C4C4C4C4C4C", "4C4C4C4C4C4C4C4C", "03481B4828FD1D04",
3625 "4D4D4D4D4D4D4D4D", "4D4D4D4D4D4D4D4D", "C78FC45A1DCEA2E2",
3626 "4E4E4E4E4E4E4E4E", "4E4E4E4E4E4E4E4E", "DB96D88C3460D801",
3627 "4F4F4F4F4F4F4F4F", "4F4F4F4F4F4F4F4F", "6C69E720F5105518",
3628 "5050505050505050", "5050505050505050", "0D262E418BC893F3",
3629 "5151515151515151", "5151515151515151", "6AD84FD7848A0A5C",
3630 "5252525252525252", "5252525252525252", "C365CB35B34B6114",
3631 "5353535353535353", "5353535353535353", "1155392E877F42A9",
3632 "5454545454545454", "5454545454545454", "531BE5F9405DA715",
3633 "5555555555555555", "5555555555555555", "3BCDD41E6165A5E8",
3634 "5656565656565656", "5656565656565656", "2B1FF5610A19270C",
3635 "5757575757575757", "5757575757575757", "D90772CF3F047CFD",
3636 "5858585858585858", "5858585858585858", "1BEA27FFB72457B7",
3637 "5959595959595959", "5959595959595959", "85C3E0C429F34C27",
3638 "5A5A5A5A5A5A5A5A", "5A5A5A5A5A5A5A5A", "F9038021E37C7618",
3639 "5B5B5B5B5B5B5B5B", "5B5B5B5B5B5B5B5B", "35BC6FF838DBA32F",
3640 "5C5C5C5C5C5C5C5C", "5C5C5C5C5C5C5C5C", "4927ACC8CE45ECE7",
3641 "5D5D5D5D5D5D5D5D", "5D5D5D5D5D5D5D5D", "E812EE6E3572985C",
3642 "5E5E5E5E5E5E5E5E", "5E5E5E5E5E5E5E5E", "9BB93A89627BF65F",
3643 "5F5F5F5F5F5F5F5F", "5F5F5F5F5F5F5F5F", "EF12476884CB74CA",
3644 "6060606060606060", "6060606060606060", "1BF17E00C09E7CBF",
3645 "6161616161616161", "6161616161616161", "29932350C098DB5D",
3646 "6262626262626262", "6262626262626262", "B476E6499842AC54",
3647 "6363636363636363", "6363636363636363", "5C662C29C1E96056",
3648 "6464646464646464", "6464646464646464", "3AF1703D76442789",
3649 "6565656565656565", "6565656565656565", "86405D9B425A8C8C",
3650 "6666666666666666", "6666666666666666", "EBBF4810619C2C55",
3651 "6767676767676767", "6767676767676767", "F8D1CD7367B21B5D",
3652 "6868686868686868", "6868686868686868", "9EE703142BF8D7E2",
3653 "6969696969696969", "6969696969696969", "5FDFFFC3AAAB0CB3",
3654 "6A6A6A6A6A6A6A6A", "6A6A6A6A6A6A6A6A", "26C940AB13574231",
3655 "6B6B6B6B6B6B6B6B", "6B6B6B6B6B6B6B6B", "1E2DC77E36A84693",
3656 "6C6C6C6C6C6C6C6C", "6C6C6C6C6C6C6C6C", "0F4FF4D9BC7E2244",
3657 "6D6D6D6D6D6D6D6D", "6D6D6D6D6D6D6D6D", "A4C9A0D04D3280CD",
3658 "6E6E6E6E6E6E6E6E", "6E6E6E6E6E6E6E6E", "9FAF2C96FE84919D",
3659 "6F6F6F6F6F6F6F6F", "6F6F6F6F6F6F6F6F", "115DBC965E6096C8",
3660 "7070707070707070", "7070707070707070", "AF531E9520994017",
3661 "7171717171717171", "7171717171717171", "B971ADE70E5C89EE",
3662 "7272727272727272", "7272727272727272", "415D81C86AF9C376",
3663 "7373737373737373", "7373737373737373", "8DFB864FDB3C6811",
3664 "7474747474747474", "7474747474747474", "10B1C170E3398F91",
3665 "7575757575757575", "7575757575757575", "CFEF7A1C0218DB1E",
3666 "7676767676767676", "7676767676767676", "DBAC30A2A40B1B9C",
3667 "7777777777777777", "7777777777777777", "89D3BF37052162E9",
3668 "7878787878787878", "7878787878787878", "80D9230BDAEB67DC",
3669 "7979797979797979", "7979797979797979", "3440911019AD68D7",
3670 "7A7A7A7A7A7A7A7A", "7A7A7A7A7A7A7A7A", "9626FE57596E199E",
3671 "7B7B7B7B7B7B7B7B", "7B7B7B7B7B7B7B7B", "DEA0B796624BB5BA",
3672 "7C7C7C7C7C7C7C7C", "7C7C7C7C7C7C7C7C", "E9E40542BDDB3E9D",
3673 "7D7D7D7D7D7D7D7D", "7D7D7D7D7D7D7D7D", "8AD99914B354B911",
3674 "7E7E7E7E7E7E7E7E", "7E7E7E7E7E7E7E7E", "6F85B98DD12CB13B",
3675 "7F7F7F7F7F7F7F7F", "7F7F7F7F7F7F7F7F", "10130DA3C3A23924",
3676 "8080808080808080", "8080808080808080", "EFECF25C3C5DC6DB",
3677 "8181818181818181", "8181818181818181", "907A46722ED34EC4",
3678 "8282828282828282", "8282828282828282", "752666EB4CAB46EE",
3679 "8383838383838383", "8383838383838383", "161BFABD4224C162",
3680 "8484848484848484", "8484848484848484", "215F48699DB44A45",
3681 "8585858585858585", "8585858585858585", "69D901A8A691E661",
3682 "8686868686868686", "8686868686868686", "CBBF6EEFE6529728",
3683 "8787878787878787", "8787878787878787", "7F26DCF425149823",
3684 "8888888888888888", "8888888888888888", "762C40C8FADE9D16",
3685 "8989898989898989", "8989898989898989", "2453CF5D5BF4E463",
3686 "8A8A8A8A8A8A8A8A", "8A8A8A8A8A8A8A8A", "301085E3FDE724E1",
3687 "8B8B8B8B8B8B8B8B", "8B8B8B8B8B8B8B8B", "EF4E3E8F1CC6706E",
3688 "8C8C8C8C8C8C8C8C", "8C8C8C8C8C8C8C8C", "720479B024C397EE",
3689 "8D8D8D8D8D8D8D8D", "8D8D8D8D8D8D8D8D", "BEA27E3795063C89",
3690 "8E8E8E8E8E8E8E8E", "8E8E8E8E8E8E8E8E", "468E5218F1A37611",
3691 "8F8F8F8F8F8F8F8F", "8F8F8F8F8F8F8F8F", "50ACE16ADF66BFE8",
3692 "9090909090909090", "9090909090909090", "EEA24369A19F6937",
3693 "9191919191919191", "9191919191919191", "6050D369017B6E62",
3694 "9292929292929292", "9292929292929292", "5B365F2FB2CD7F32",
3695 "9393939393939393", "9393939393939393", "F0B00B264381DDBB",
3696 "9494949494949494", "9494949494949494", "E1D23881C957B96C",
3697 "9595959595959595", "9595959595959595", "D936BF54ECA8BDCE",
3698 "9696969696969696", "9696969696969696", "A020003C5554F34C",
3699 "9797979797979797", "9797979797979797", "6118FCEBD407281D",
3700 "9898989898989898", "9898989898989898", "072E328C984DE4A2",
3701 "9999999999999999", "9999999999999999", "1440B7EF9E63D3AA",
3702 "9A9A9A9A9A9A9A9A", "9A9A9A9A9A9A9A9A", "79BFA264BDA57373",
3703 "9B9B9B9B9B9B9B9B", "9B9B9B9B9B9B9B9B", "C50E8FC289BBD876",
3704 "9C9C9C9C9C9C9C9C", "9C9C9C9C9C9C9C9C", "A399D3D63E169FA9",
3705 "9D9D9D9D9D9D9D9D", "9D9D9D9D9D9D9D9D", "4B8919B667BD53AB",
3706 "9E9E9E9E9E9E9E9E", "9E9E9E9E9E9E9E9E", "D66CDCAF3F6724A2",
3707 "9F9F9F9F9F9F9F9F", "9F9F9F9F9F9F9F9F", "E40E81FF3F618340",
3708 "A0A0A0A0A0A0A0A0", "A0A0A0A0A0A0A0A0", "10EDB8977B348B35",
3709 "A1A1A1A1A1A1A1A1", "A1A1A1A1A1A1A1A1", "6446C5769D8409A0",
3710 "A2A2A2A2A2A2A2A2", "A2A2A2A2A2A2A2A2", "17ED1191CA8D67A3",
3711 "A3A3A3A3A3A3A3A3", "A3A3A3A3A3A3A3A3", "B6D8533731BA1318",
3712 "A4A4A4A4A4A4A4A4", "A4A4A4A4A4A4A4A4", "CA439007C7245CD0",
3713 "A5A5A5A5A5A5A5A5", "A5A5A5A5A5A5A5A5", "06FC7FDE1C8389E7",
3714 "A6A6A6A6A6A6A6A6", "A6A6A6A6A6A6A6A6", "7A3C1F3BD60CB3D8",
3715 "A7A7A7A7A7A7A7A7", "A7A7A7A7A7A7A7A7", "E415D80048DBA848",
3716 "A8A8A8A8A8A8A8A8", "A8A8A8A8A8A8A8A8", "26F88D30C0FB8302",
3717 "A9A9A9A9A9A9A9A9", "A9A9A9A9A9A9A9A9", "D4E00A9EF5E6D8F3",
3718 "AAAAAAAAAAAAAAAA", "AAAAAAAAAAAAAAAA", "C4322BE19E9A5A17",
3719 "ABABABABABABABAB", "ABABABABABABABAB", "ACE41A06BFA258EA",
3720 "ACACACACACACACAC", "ACACACACACACACAC", "EEAAC6D17880BD56",
3721 "ADADADADADADADAD", "ADADADADADADADAD", "3C9A34CA4CB49EEB",
3722 "AEAEAEAEAEAEAEAE", "AEAEAEAEAEAEAEAE", "9527B0287B75F5A3",
3723 "AFAFAFAFAFAFAFAF", "AFAFAFAFAFAFAFAF", "F2D9D1BE74376C0C",
3724 "B0B0B0B0B0B0B0B0", "B0B0B0B0B0B0B0B0", "939618DF0AEFAAE7",
3725 "B1B1B1B1B1B1B1B1", "B1B1B1B1B1B1B1B1", "24692773CB9F27FE",
3726 "B2B2B2B2B2B2B2B2", "B2B2B2B2B2B2B2B2", "38703BA5E2315D1D",
3727 "B3B3B3B3B3B3B3B3", "B3B3B3B3B3B3B3B3", "FCB7E4B7D702E2FB",
3728 "B4B4B4B4B4B4B4B4", "B4B4B4B4B4B4B4B4", "36F0D0B3675704D5",
3729 "B5B5B5B5B5B5B5B5", "B5B5B5B5B5B5B5B5", "62D473F539FA0D8B",
3730 "B6B6B6B6B6B6B6B6", "B6B6B6B6B6B6B6B6", "1533F3ED9BE8EF8E",
3731 "B7B7B7B7B7B7B7B7", "B7B7B7B7B7B7B7B7", "9C4EA352599731ED",
3732 "B8B8B8B8B8B8B8B8", "B8B8B8B8B8B8B8B8", "FABBF7C046FD273F",
3733 "B9B9B9B9B9B9B9B9", "B9B9B9B9B9B9B9B9", "B7FE63A61C646F3A",
3734 "BABABABABABABABA", "BABABABABABABABA", "10ADB6E2AB972BBE",
3735 "BBBBBBBBBBBBBBBB", "BBBBBBBBBBBBBBBB", "F91DCAD912332F3B",
3736 "BCBCBCBCBCBCBCBC", "BCBCBCBCBCBCBCBC", "46E7EF47323A701D",
3737 "BDBDBDBDBDBDBDBD", "BDBDBDBDBDBDBDBD", "8DB18CCD9692F758",
3738 "BEBEBEBEBEBEBEBE", "BEBEBEBEBEBEBEBE", "E6207B536AAAEFFC",
3739 "BFBFBFBFBFBFBFBF", "BFBFBFBFBFBFBFBF", "92AA224372156A00",
3740 "C0C0C0C0C0C0C0C0", "C0C0C0C0C0C0C0C0", "A3B357885B1E16D2",
3741 "C1C1C1C1C1C1C1C1", "C1C1C1C1C1C1C1C1", "169F7629C970C1E5",
3742 "C2C2C2C2C2C2C2C2", "C2C2C2C2C2C2C2C2", "62F44B247CF1348C",
3743 "C3C3C3C3C3C3C3C3", "C3C3C3C3C3C3C3C3", "AE0FEEB0495932C8",
3744 "C4C4C4C4C4C4C4C4", "C4C4C4C4C4C4C4C4", "72DAF2A7C9EA6803",
3745 "C5C5C5C5C5C5C5C5", "C5C5C5C5C5C5C5C5", "4FB5D5536DA544F4",
3746 "C6C6C6C6C6C6C6C6", "C6C6C6C6C6C6C6C6", "1DD4E65AAF7988B4",
3747 "C7C7C7C7C7C7C7C7", "C7C7C7C7C7C7C7C7", "76BF084C1535A6C6",
3748 "C8C8C8C8C8C8C8C8", "C8C8C8C8C8C8C8C8", "AFEC35B09D36315F",
3749 "C9C9C9C9C9C9C9C9", "C9C9C9C9C9C9C9C9", "C8078A6148818403",
3750 "CACACACACACACACA", "CACACACACACACACA", "4DA91CB4124B67FE",
3751 "CBCBCBCBCBCBCBCB", "CBCBCBCBCBCBCBCB", "2DABFEB346794C3D",
3752 "CCCCCCCCCCCCCCCC", "CCCCCCCCCCCCCCCC", "FBCD12C790D21CD7",
3753 "CDCDCDCDCDCDCDCD", "CDCDCDCDCDCDCDCD", "536873DB879CC770",
3754 "CECECECECECECECE", "CECECECECECECECE", "9AA159D7309DA7A0",
3755 "CFCFCFCFCFCFCFCF", "CFCFCFCFCFCFCFCF", "0B844B9D8C4EA14A",
3756 "D0D0D0D0D0D0D0D0", "D0D0D0D0D0D0D0D0", "3BBD84CE539E68C4",
3757 "D1D1D1D1D1D1D1D1", "D1D1D1D1D1D1D1D1", "CF3E4F3E026E2C8E",
3758 "D2D2D2D2D2D2D2D2", "D2D2D2D2D2D2D2D2", "82F85885D542AF58",
3759 "D3D3D3D3D3D3D3D3", "D3D3D3D3D3D3D3D3", "22D334D6493B3CB6",
3760 "D4D4D4D4D4D4D4D4", "D4D4D4D4D4D4D4D4", "47E9CB3E3154D673",
3761 "D5D5D5D5D5D5D5D5", "D5D5D5D5D5D5D5D5", "2352BCC708ADC7E9",
3762 "D6D6D6D6D6D6D6D6", "D6D6D6D6D6D6D6D6", "8C0F3BA0C8601980",
3763 "D7D7D7D7D7D7D7D7", "D7D7D7D7D7D7D7D7", "EE5E9FD70CEF00E9",
3764 "D8D8D8D8D8D8D8D8", "D8D8D8D8D8D8D8D8", "DEF6BDA6CABF9547",
3765 "D9D9D9D9D9D9D9D9", "D9D9D9D9D9D9D9D9", "4DADD04A0EA70F20",
3766 "DADADADADADADADA", "DADADADADADADADA", "C1AA16689EE1B482",
3767 "DBDBDBDBDBDBDBDB", "DBDBDBDBDBDBDBDB", "F45FC26193E69AEE",
3768 "DCDCDCDCDCDCDCDC", "DCDCDCDCDCDCDCDC", "D0CFBB937CEDBFB5",
3769 "DDDDDDDDDDDDDDDD", "DDDDDDDDDDDDDDDD", "F0752004EE23D87B",
3770 "DEDEDEDEDEDEDEDE", "DEDEDEDEDEDEDEDE", "77A791E28AA464A5",
3771 "DFDFDFDFDFDFDFDF", "DFDFDFDFDFDFDFDF", "E7562A7F56FF4966",
3772 "E0E0E0E0E0E0E0E0", "E0E0E0E0E0E0E0E0", "B026913F2CCFB109",
3773 "E1E1E1E1E1E1E1E1", "E1E1E1E1E1E1E1E1", "0DB572DDCE388AC7",
3774 "E2E2E2E2E2E2E2E2", "E2E2E2E2E2E2E2E2", "D9FA6595F0C094CA",
3775 "E3E3E3E3E3E3E3E3", "E3E3E3E3E3E3E3E3", "ADE4804C4BE4486E",
3776 "E4E4E4E4E4E4E4E4", "E4E4E4E4E4E4E4E4", "007B81F520E6D7DA",
3777 "E5E5E5E5E5E5E5E5", "E5E5E5E5E5E5E5E5", "961AEB77BFC10B3C",
3778 "E6E6E6E6E6E6E6E6", "E6E6E6E6E6E6E6E6", "8A8DD870C9B14AF2",
3779 "E7E7E7E7E7E7E7E7", "E7E7E7E7E7E7E7E7", "3CC02E14B6349B25",
3780 "E8E8E8E8E8E8E8E8", "E8E8E8E8E8E8E8E8", "BAD3EE68BDDB9607",
3781 "E9E9E9E9E9E9E9E9", "E9E9E9E9E9E9E9E9", "DFF918E93BDAD292",
3782 "EAEAEAEAEAEAEAEA", "EAEAEAEAEAEAEAEA", "8FE559C7CD6FA56D",
3783 "EBEBEBEBEBEBEBEB", "EBEBEBEBEBEBEBEB", "C88480835C1A444C",
3784 "ECECECECECECECEC", "ECECECECECECECEC", "D6EE30A16B2CC01E",
3785 "EDEDEDEDEDEDEDED", "EDEDEDEDEDEDEDED", "6932D887B2EA9C1A",
3786 "EEEEEEEEEEEEEEEE", "EEEEEEEEEEEEEEEE", "0BFC865461F13ACC",
3787 "EFEFEFEFEFEFEFEF", "EFEFEFEFEFEFEFEF", "228AEA0D403E807A",
3788 "F0F0F0F0F0F0F0F0", "F0F0F0F0F0F0F0F0", "2A2891F65BB8173C",
3789 "F1F1F1F1F1F1F1F1", "F1F1F1F1F1F1F1F1", "5D1B8FAF7839494B",
3790 "F2F2F2F2F2F2F2F2", "F2F2F2F2F2F2F2F2", "1C0A9280EECF5D48",
3791 "F3F3F3F3F3F3F3F3", "F3F3F3F3F3F3F3F3", "6CBCE951BBC30F74",
3792 "F4F4F4F4F4F4F4F4", "F4F4F4F4F4F4F4F4", "9CA66E96BD08BC70",
3793 "F5F5F5F5F5F5F5F5", "F5F5F5F5F5F5F5F5", "F5D779FCFBB28BF3",
3794 "F6F6F6F6F6F6F6F6", "F6F6F6F6F6F6F6F6", "0FEC6BBF9B859184",
3795 "F7F7F7F7F7F7F7F7", "F7F7F7F7F7F7F7F7", "EF88D2BF052DBDA8",
3796 "F8F8F8F8F8F8F8F8", "F8F8F8F8F8F8F8F8", "39ADBDDB7363090D",
3797 "F9F9F9F9F9F9F9F9", "F9F9F9F9F9F9F9F9", "C0AEAF445F7E2A7A",
3798 "FAFAFAFAFAFAFAFA", "FAFAFAFAFAFAFAFA", "C66F54067298D4E9",
3799 "FBFBFBFBFBFBFBFB", "FBFBFBFBFBFBFBFB", "E0BA8F4488AAF97C",
3800 "FCFCFCFCFCFCFCFC", "FCFCFCFCFCFCFCFC", "67B36E2875D9631C",
3801 "FDFDFDFDFDFDFDFD", "FDFDFDFDFDFDFDFD", "1ED83D49E267191D",
3802 "FEFEFEFEFEFEFEFE", "FEFEFEFEFEFEFEFE", "66B2B23EA84693AD",
3803 "FFFFFFFFFFFFFFFF", "FFFFFFFFFFFFFFFF", "7359B2163E4EDC58",
3804 "0001020304050607", "0011223344556677", "3EF0A891CF8ED990",
3805 "2BD6459F82C5B300", "EA024714AD5C4D84", "126EFE8ED312190A",
3811 * Known-answer tests for DES/3DES in CBC mode. Order: key, IV,
3812 * plaintext, ciphertext.
3814 static const char *const KAT_DES_CBC
[] = {
3816 * From NIST validation suite (tdesmmt.zip).
3818 "34a41a8c293176c1b30732ecfe38ae8a34a41a8c293176c1",
3823 "70a88fa1dfb9942fa77f40157ffef2ad70a88fa1dfb9942f",
3825 "bc225304d5a3a5c9918fc5006cbc40cc",
3826 "27f67dc87af7ddb4b68f63fa7c2d454a",
3828 "e091790be55be0bc0780153861a84adce091790be55be0bc",
3830 "03c7fffd7f36499c703dedc9df4de4a92dd4382e576d6ae9",
3831 "053aeba85dd3a23bfbe8440a432f9578f312be60fb9f0035",
3833 "857feacd16157c58e5347a70e56e578a857feacd16157c58",
3835 "1f13701c7f0d7385307507a18e89843ebd295bd5e239ef109347a6898c6d3fd5",
3836 "a0e4edde34f05bd8397ce279e49853e9387ba04be562f5fa19c3289c3f5a3391",
3838 "a173545b265875ba852331fbb95b49a8a173545b265875ba",
3840 "d08894c565608d9ae51dda63b85b3b33b1703bb5e4f1abcbb8794e743da5d6f3bf630f2e9b6d5b54",
3841 "370b47acf89ac6bdbb13c9a7336787dc41e1ad8beead32281d0609fb54968404bdf2894892590658",
3843 "26376bcb2f23df1083cd684fe00ed3c726376bcb2f23df10",
3845 "903a1911da1e6877f23c1985a9b61786ef438e0ce1240885035ad60fc916b18e5d71a1fb9c5d1eff61db75c0076f6efb",
3846 "7a4f7510f6ec0b93e2495d21a8355684d303a770ebda2e0e51ff33d72b20cb73e58e2e3de2ef6b2e12c504c0f181ba63",
3848 "3e1f98135d027cec752f67765408a7913e1f98135d027cec",
3850 "7c022f5af24f7925d323d4d0e20a2ce49272c5e764b22c806f4b6ddc406d864fe5bd1c3f45556d3eb30c8676c2f8b54a5a32423a0bd95a07",
3851 "2bb4b131fa4ae0b4f0378a2cdb68556af6eee837613016d7ea936f3931f25f8b3ae351d5e9d00be665676e2400408b5db9892d95421e7f1a",
3853 "13b9d549cd136ec7bf9e9810ef2cdcbf13b9d549cd136ec7",
3855 "1fff1563bc1645b55cb23ea34a0049dfc06607150614b621dedcb07f20433402a2d869c95ac4a070c7a3da838c928a385f899c5d21ecb58f4e5cbdad98d39b8c",
3856 "75f804d4a2c542a31703e23df26cc38861a0729090e6eae5672c1db8c0b09fba9b125bbca7d6c7d330b3859e6725c6d26de21c4e3af7f5ea94df3cde2349ce37",
3858 "20320dfdad579bb57c6e4acd769dbadf20320dfdad579bb5",
3860 "0431283cc8bb4dc7750a9d5c68578486932091632a12d0a79f2c54e3d122130881fff727050f317a40fcd1a8d13793458b99fc98254ba6a233e3d95b55cf5a3faff78809999ea4bf",
3861 "85d17840eb2af5fc727027336bfd71a2b31bd14a1d9eb64f8a08bfc4f56eaa9ca7654a5ae698287869cc27324813730de4f1384e0b8cfbc472ff5470e3c5e4bd8ceb23dc2d91988c",
3863 "23abb073a2df34cb3d1fdce6b092582c23abb073a2df34cb",
3865 "31e718fd95e6d7ca4f94763191add2674ab07c909d88c486916c16d60a048a0cf8cdb631cebec791362cd0c202eb61e166b65c1f65d0047c8aec57d3d84b9e17032442dce148e1191b06a12c284cc41e",
3866 "c9a3f75ab6a7cd08a7fd53ca540aafe731d257ee1c379fadcc4cc1a06e7c12bddbeb7562c436d1da849ed072629e82a97b56d9becc25ff4f16f21c5f2a01911604f0b5c49df96cb641faee662ca8aa68",
3868 "b5cb1504802326c73df186e3e352a20de643b0d63ee30e37",
3873 "a49d7564199e97cb529d2c9d97bf2f98d35edf57ba1f7358",
3875 "c689aee38a301bb316da75db36f110b5",
3876 "e9afaba5ec75ea1bbe65506655bb4ecb",
3878 "1a5d4c0825072a15a8ad9dfdaeda8c048adffb85bc4fced0",
3880 "983c3edacd939406010e1bc6ff9e12320ac5008117fa8f84",
3881 "d84fa24f38cf451ca2c9adc960120bd8ff9871584fe31cee",
3883 "d98aadc76d4a3716158c32866efbb9ce834af2297379a49d",
3885 "6174079dda53ca723ebf00a66837f8d5ce648c08acaa5ee45ffe62210ef79d3e",
3886 "f5bd4d600bed77bec78409e3530ebda1d815506ed53103015b87e371ae000958",
3888 "ef6d3e54266d978ffb0b8ce6689d803e2cd34cc802fd0252",
3890 "c4f228b537223cd01c0debb5d9d4e12ba71656618d119b2f8f0af29d23efa3a9e43c4c458a1b79a0",
3891 "9e3289fb18379f55aa4e45a7e0e6df160b33b75f8627ad0954f8fdcb78cee55a4664caeda1000fe5",
3893 "625bc19b19df83abfb2f5bec9d4f2062017525a75bc26e70",
3895 "8152d2ab876c3c8201403a5a406d3feaf27319dbea6ad01e24f4d18203704b86de70da6bbb6d638e5aba3ff576b79b28",
3896 "706fe7a973fac40e25b2b4499ce527078944c70e976d017b6af86a3a7a6b52943a72ba18a58000d2b61fdc3bfef2bc4a",
3898 "b6383176046e6880a1023bf45768b5bf5119022fe054bfe5",
3900 "cd5a886e9af011346c4dba36a424f96a78a1ddf28aaa4188bf65451f4efaffc7179a6dd237c0ae35d9b672314e5cb032612597f7e462c6f3",
3901 "b030f976f46277ee211c4a324d5c87555d1084513a1223d3b84416b52bbc28f4b77f3a9d8d0d91dc37d3dbe8af8be98f74674b02f9a38527",
3903 "3d8cf273d343b9aedccddacb91ad86206737adc86b4a49a7",
3905 "1fde3991c32ce220b5b6666a9234f2fd7bd24b921829fd9cdc6eb4218be9eac9faa9c2351777349128086b6d58776bc86ff2f76ee1b3b2850a318462b8983fa1",
3906 "422ce705a46bb52ad928dab6c863166d617c6fc24003633120d91918314bbf464cea7345c3c35f2042f2d6929735d74d7728f22fea618a0b9cf5b1281acb13fb",
3908 "fbceb5cb646b925be0b92f7f6b493d5e5b16e9159732732a",
3910 "4c309bc8e1e464fdd2a2b8978645d668d455f7526bd8d7b6716a722f6a900b815c4a73cc30e788065c1dfca7bf5958a6cc5440a5ebe7f8691c20278cde95db764ff8ce8994ece89c",
3911 "c02129bdf4bbbd75e71605a00b12c80db6b4e05308e916615011f09147ed915dd1bc67f27f9e027e4e13df36b55464a31c11b4d1fe3d855d89df492e1a7201b995c1ba16a8dbabee",
3913 "9b162a0df8ad9b61c88676e3d586434570b902f12a2046e0",
3915 "f4c1c918e77355c8156f0fd778da52bff121ae5f2f44eaf4d2754946d0e10d1f18ce3a0176e69c18b7d20b6e0d0bee5eb5edfe4bd60e4d92adcd86bce72e76f94ee5cbcaa8b01cfddcea2ade575e66ac",
3916 "1ff3c8709f403a8eff291aedf50c010df5c5ff64a8b205f1fce68564798897a390db16ee0d053856b75898009731da290fcc119dad987277aacef694872e880c4bb41471063fae05c89f25e4bd0cad6a",
3922 xor_buf(unsigned char *dst
, const unsigned char *src
, size_t len
)
3924 while (len
-- > 0) {
3930 monte_carlo_DES_encrypt(const br_block_cbcenc_class
*ve
)
3932 unsigned char k1
[8], k2
[8], k3
[8];
3933 unsigned char buf
[8];
3934 unsigned char cipher
[8];
3936 br_des_gen_cbcenc_keys v_ec
;
3940 hextobin(k1
, "9ec2372c86379df4");
3941 hextobin(k2
, "ad7ac4464f73805d");
3942 hextobin(k3
, "20c4f87564527c91");
3943 hextobin(buf
, "b624d6bd41783ab1");
3944 hextobin(cipher
, "eafd97b190b167fe");
3945 for (i
= 0; i
< 400; i
++) {
3946 unsigned char key
[24];
3949 memcpy(key
+ 8, k2
, 8);
3950 memcpy(key
+ 16, k3
, 8);
3951 ve
->init(ec
, key
, sizeof key
);
3952 for (j
= 0; j
< 10000; j
++) {
3953 unsigned char iv
[8];
3955 memset(iv
, 0, sizeof iv
);
3956 ve
->run(ec
, iv
, buf
, sizeof buf
);
3958 case 9997: xor_buf(k3
, buf
, 8); break;
3959 case 9998: xor_buf(k2
, buf
, 8); break;
3960 case 9999: xor_buf(k1
, buf
, 8); break;
3968 check_equals("MC DES encrypt", buf
, cipher
, sizeof buf
);
3972 monte_carlo_DES_decrypt(const br_block_cbcdec_class
*vd
)
3974 unsigned char k1
[8], k2
[8], k3
[8];
3975 unsigned char buf
[8];
3976 unsigned char plain
[8];
3978 br_des_gen_cbcdec_keys v_dc
;
3982 hextobin(k1
, "79b63486e0ce37e0");
3983 hextobin(k2
, "08e65231abae3710");
3984 hextobin(k3
, "1f5eb69e925ef185");
3985 hextobin(buf
, "2783aa729432fe96");
3986 hextobin(plain
, "44937ca532cdbf98");
3987 for (i
= 0; i
< 400; i
++) {
3988 unsigned char key
[24];
3991 memcpy(key
+ 8, k2
, 8);
3992 memcpy(key
+ 16, k3
, 8);
3993 vd
->init(dc
, key
, sizeof key
);
3994 for (j
= 0; j
< 10000; j
++) {
3995 unsigned char iv
[8];
3997 memset(iv
, 0, sizeof iv
);
3998 vd
->run(dc
, iv
, buf
, sizeof buf
);
4000 case 9997: xor_buf(k3
, buf
, 8); break;
4001 case 9998: xor_buf(k2
, buf
, 8); break;
4002 case 9999: xor_buf(k1
, buf
, 8); break;
4010 check_equals("MC DES decrypt", buf
, plain
, sizeof buf
);
4014 test_DES_generic(char *name
,
4015 const br_block_cbcenc_class
*ve
,
4016 const br_block_cbcdec_class
*vd
,
4017 int with_MC
, int with_CBC
)
4021 printf("Test %s: ", name
);
4024 if (ve
->block_size
!= 8 || vd
->block_size
!= 8) {
4025 fprintf(stderr
, "%s failed: wrong block size\n", name
);
4029 for (u
= 0; KAT_DES
[u
]; u
+= 3) {
4030 unsigned char key
[24];
4031 unsigned char plain
[8];
4032 unsigned char cipher
[8];
4033 unsigned char buf
[8];
4034 unsigned char iv
[8];
4036 br_des_gen_cbcenc_keys v_ec
;
4037 br_des_gen_cbcdec_keys v_dc
;
4038 const br_block_cbcenc_class
**ec
;
4039 const br_block_cbcdec_class
**dc
;
4043 key_len
= hextobin(key
, KAT_DES
[u
]);
4044 hextobin(plain
, KAT_DES
[u
+ 1]);
4045 hextobin(cipher
, KAT_DES
[u
+ 2]);
4046 ve
->init(ec
, key
, key_len
);
4047 memcpy(buf
, plain
, sizeof plain
);
4048 memset(iv
, 0, sizeof iv
);
4049 ve
->run(ec
, iv
, buf
, sizeof buf
);
4050 check_equals("KAT DES encrypt", buf
, cipher
, sizeof cipher
);
4051 vd
->init(dc
, key
, key_len
);
4052 memset(iv
, 0, sizeof iv
);
4053 vd
->run(dc
, iv
, buf
, sizeof buf
);
4054 check_equals("KAT DES decrypt", buf
, plain
, sizeof plain
);
4057 memcpy(key
+ 8, key
, 8);
4058 memcpy(key
+ 16, key
, 8);
4059 ve
->init(ec
, key
, 24);
4060 memcpy(buf
, plain
, sizeof plain
);
4061 memset(iv
, 0, sizeof iv
);
4062 ve
->run(ec
, iv
, buf
, sizeof buf
);
4063 check_equals("KAT DES->3 encrypt",
4064 buf
, cipher
, sizeof cipher
);
4065 vd
->init(dc
, key
, 24);
4066 memset(iv
, 0, sizeof iv
);
4067 vd
->run(dc
, iv
, buf
, sizeof buf
);
4068 check_equals("KAT DES->3 decrypt",
4069 buf
, plain
, sizeof plain
);
4074 for (u
= 0; KAT_DES_CBC
[u
]; u
+= 4) {
4075 unsigned char key
[24];
4076 unsigned char ivref
[8];
4077 unsigned char plain
[200];
4078 unsigned char cipher
[200];
4079 unsigned char buf
[200];
4080 unsigned char iv
[8];
4081 size_t key_len
, data_len
, v
;
4082 br_des_gen_cbcenc_keys v_ec
;
4083 br_des_gen_cbcdec_keys v_dc
;
4084 const br_block_cbcenc_class
**ec
;
4085 const br_block_cbcdec_class
**dc
;
4089 key_len
= hextobin(key
, KAT_DES_CBC
[u
]);
4090 hextobin(ivref
, KAT_DES_CBC
[u
+ 1]);
4091 data_len
= hextobin(plain
, KAT_DES_CBC
[u
+ 2]);
4092 hextobin(cipher
, KAT_DES_CBC
[u
+ 3]);
4093 ve
->init(ec
, key
, key_len
);
4095 memcpy(buf
, plain
, data_len
);
4096 memcpy(iv
, ivref
, 8);
4097 ve
->run(ec
, iv
, buf
, data_len
);
4098 check_equals("KAT CBC DES encrypt",
4099 buf
, cipher
, data_len
);
4100 vd
->init(dc
, key
, key_len
);
4101 memcpy(iv
, ivref
, 8);
4102 vd
->run(dc
, iv
, buf
, data_len
);
4103 check_equals("KAT CBC DES decrypt",
4104 buf
, plain
, data_len
);
4106 memcpy(buf
, plain
, data_len
);
4107 memcpy(iv
, ivref
, 8);
4108 for (v
= 0; v
< data_len
; v
+= 8) {
4109 ve
->run(ec
, iv
, buf
+ v
, 8);
4111 check_equals("KAT CBC DES encrypt (2)",
4112 buf
, cipher
, data_len
);
4113 memcpy(iv
, ivref
, 8);
4114 for (v
= 0; v
< data_len
; v
+= 8) {
4115 vd
->run(dc
, iv
, buf
+ v
, 8);
4117 check_equals("KAT CBC DES decrypt (2)",
4118 buf
, plain
, data_len
);
4123 monte_carlo_DES_encrypt(ve
);
4124 monte_carlo_DES_decrypt(vd
);
4134 test_DES_generic("DES_tab",
4135 &br_des_tab_cbcenc_vtable
,
4136 &br_des_tab_cbcdec_vtable
,
4143 test_DES_generic("DES_ct",
4144 &br_des_ct_cbcenc_vtable
,
4145 &br_des_ct_cbcdec_vtable
,
4149 static const struct {
4154 const char *scipher
;
4155 } KAT_CHACHA20
[] = {
4157 "0000000000000000000000000000000000000000000000000000000000000000",
4158 "000000000000000000000000",
4160 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
4161 "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586"
4164 "0000000000000000000000000000000000000000000000000000000000000001",
4165 "000000000000000000000002",
4167 "416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f",
4168 "a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec2a97948bd3722915c8f3d337f7d370050e9e96d647b7c39f56e031ca5eb6250d4042e02785ececfa4b4bb5e8ead0440e20b6e8db09d881a7c6132f420e52795042bdfa7773d8a9051447b3291ce1411c680465552aa6c405b7764d5e87bea85ad00f8449ed8f72d0d662ab052691ca66424bc86d2df80ea41f43abf937d3259dc4b2d0dfb48a6c9139ddd7f76966e928e635553ba76c5c879d7b35d49eb2e62b0871cdac638939e25e8a1e0ef9d5280fa8ca328b351c3c765989cbcf3daa8b6ccc3aaf9f3979c92b3720fc88dc95ed84a1be059c6499b9fda236e7e818b04b0bc39c1e876b193bfe5569753f88128cc08aaa9b63d1a16f80ef2554d7189c411f5869ca52c5b83fa36ff216b9c1d30062bebcfd2dc5bce0911934fda79a86f6e698ced759c3ff9b6477338f3da4f9cd8514ea9982ccafb341b2384dd902f3d1ab7ac61dd29c6f21ba5b862f3730e37cfdc4fd806c22f221"
4171 "1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0",
4172 "000000000000000000000002",
4174 "2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e",
4175 "62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1"
4181 test_ChaCha20_ct(void)
4185 printf("Test ChaCha20_ct: ");
4188 for (u
= 0; KAT_CHACHA20
[u
].skey
; u
++) {
4189 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4193 hextobin(key
, KAT_CHACHA20
[u
].skey
);
4194 hextobin(nonce
, KAT_CHACHA20
[u
].snonce
);
4195 cc
= KAT_CHACHA20
[u
].counter
;
4196 len
= hextobin(plain
, KAT_CHACHA20
[u
].splain
);
4197 hextobin(cipher
, KAT_CHACHA20
[u
].scipher
);
4199 for (v
= 0; v
< len
; v
++) {
4200 unsigned char tmp
[400];
4203 memset(tmp
, 0, sizeof tmp
);
4204 memcpy(tmp
, plain
, v
);
4205 if (br_chacha20_ct_run(key
, nonce
, cc
, tmp
, v
)
4206 != cc
+ (uint32_t)((v
+ 63) >> 6))
4208 fprintf(stderr
, "ChaCha20: wrong counter\n");
4211 if (memcmp(tmp
, cipher
, v
) != 0) {
4212 fprintf(stderr
, "ChaCha20 KAT fail (1)\n");
4215 for (w
= v
; w
< sizeof tmp
; w
++) {
4217 fprintf(stderr
, "ChaCha20: overrun\n");
4221 br_chacha20_ct_run(key
, nonce
, cc
, tmp
, v
);
4222 if (memcmp(tmp
, plain
, v
) != 0) {
4223 fprintf(stderr
, "ChaCha20 KAT fail (2)\n");
4236 static const struct {
4241 const char *scipher
;
4243 } KAT_POLY1305
[] = {
4245 "4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e",
4246 "50515253c0c1c2c3c4c5c6c7",
4247 "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f",
4248 "070000004041424344454647",
4249 "d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116",
4250 "1ae10b594f09e26a7e902ecbd0600691"
4252 { 0, 0, 0, 0, 0, 0 }
4256 test_Poly1305_inner(const char *name
, br_poly1305_run ipoly
,
4257 br_poly1305_run iref
)
4260 br_hmac_drbg_context rng
;
4262 printf("Test %s: ", name
);
4265 for (u
= 0; KAT_POLY1305
[u
].skey
; u
++) {
4266 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4267 unsigned char aad
[400], tag
[16], data
[400], tmp
[16];
4268 size_t len
, aad_len
;
4270 len
= hextobin(plain
, KAT_POLY1305
[u
].splain
);
4271 aad_len
= hextobin(aad
, KAT_POLY1305
[u
].saad
);
4272 hextobin(key
, KAT_POLY1305
[u
].skey
);
4273 hextobin(nonce
, KAT_POLY1305
[u
].snonce
);
4274 hextobin(cipher
, KAT_POLY1305
[u
].scipher
);
4275 hextobin(tag
, KAT_POLY1305
[u
].stag
);
4277 memcpy(data
, plain
, len
);
4278 ipoly(key
, nonce
, data
, len
,
4279 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 1);
4280 check_equals("ChaCha20+Poly1305 KAT (1)", data
, cipher
, len
);
4281 check_equals("ChaCha20+Poly1305 KAT (2)", tmp
, tag
, 16);
4282 ipoly(key
, nonce
, data
, len
,
4283 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 0);
4284 check_equals("ChaCha20+Poly1305 KAT (3)", data
, plain
, len
);
4285 check_equals("ChaCha20+Poly1305 KAT (4)", tmp
, tag
, 16);
4295 * We compare the "ipoly" and "iref" implementations together on
4296 * a bunch of pseudo-random messages.
4298 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for Poly1305", 17);
4299 for (u
= 0; u
< 100; u
++) {
4300 unsigned char plain
[100], aad
[100], tmp
[100];
4301 unsigned char key
[32], iv
[12], tag1
[16], tag2
[16];
4303 br_hmac_drbg_generate(&rng
, key
, sizeof key
);
4304 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
4305 br_hmac_drbg_generate(&rng
, plain
, u
);
4306 br_hmac_drbg_generate(&rng
, aad
, u
);
4307 memcpy(tmp
, plain
, u
);
4308 memset(tmp
+ u
, 0xFF, (sizeof tmp
) - u
);
4309 ipoly(key
, iv
, tmp
, u
, aad
, u
, tag1
,
4310 &br_chacha20_ct_run
, 1);
4311 memset(tmp
+ u
, 0x00, (sizeof tmp
) - u
);
4312 iref(key
, iv
, tmp
, u
, aad
, u
, tag2
,
4313 &br_chacha20_ct_run
, 0);
4314 if (memcmp(tmp
, plain
, u
) != 0) {
4315 fprintf(stderr
, "cross enc/dec failed\n");
4318 if (memcmp(tag1
, tag2
, sizeof tag1
) != 0) {
4319 fprintf(stderr
, "cross MAC failed\n");
4331 test_Poly1305_ctmul(void)
4333 test_Poly1305_inner("Poly1305_ctmul", &br_poly1305_ctmul_run
,
4334 &br_poly1305_i15_run
);
4338 test_Poly1305_ctmul32(void)
4340 test_Poly1305_inner("Poly1305_ctmul32", &br_poly1305_ctmul32_run
,
4341 &br_poly1305_i15_run
);
4345 test_Poly1305_i15(void)
4347 test_Poly1305_inner("Poly1305_i15", &br_poly1305_i15_run
,
4348 &br_poly1305_ctmul_run
);
4352 test_Poly1305_ctmulq(void)
4356 bp
= br_poly1305_ctmulq_get();
4358 printf("Test Poly1305_ctmulq: UNAVAILABLE\n");
4360 test_Poly1305_inner("Poly1305_ctmulq", bp
,
4361 &br_poly1305_ctmul_run
);
4366 * A 1024-bit RSA key, generated with OpenSSL.
4368 static const unsigned char RSA_N
[] = {
4369 0xBF, 0xB4, 0xA6, 0x2E, 0x87, 0x3F, 0x9C, 0x8D,
4370 0xA0, 0xC4, 0x2E, 0x7B, 0x59, 0x36, 0x0F, 0xB0,
4371 0xFF, 0xE1, 0x25, 0x49, 0xE5, 0xE6, 0x36, 0xB0,
4372 0x48, 0xC2, 0x08, 0x6B, 0x77, 0xA7, 0xC0, 0x51,
4373 0x66, 0x35, 0x06, 0xA9, 0x59, 0xDF, 0x17, 0x7F,
4374 0x15, 0xF6, 0xB4, 0xE5, 0x44, 0xEE, 0x72, 0x3C,
4375 0x53, 0x11, 0x52, 0xC9, 0xC9, 0x61, 0x4F, 0x92,
4376 0x33, 0x64, 0x70, 0x43, 0x07, 0xF1, 0x3F, 0x7F,
4377 0x15, 0xAC, 0xF0, 0xC1, 0x54, 0x7D, 0x55, 0xC0,
4378 0x29, 0xDC, 0x9E, 0xCC, 0xE4, 0x1D, 0x11, 0x72,
4379 0x45, 0xF4, 0xD2, 0x70, 0xFC, 0x34, 0xB2, 0x1F,
4380 0xF3, 0xAD, 0x6A, 0xF0, 0xE5, 0x56, 0x11, 0xF8,
4381 0x0C, 0x3A, 0x8B, 0x04, 0x46, 0x7C, 0x77, 0xD9,
4382 0x41, 0x1F, 0x40, 0xBE, 0x93, 0x80, 0x9D, 0x23,
4383 0x75, 0x80, 0x12, 0x26, 0x5A, 0x72, 0x1C, 0xDD,
4384 0x47, 0xB3, 0x2A, 0x33, 0xD8, 0x19, 0x61, 0xE3
4386 static const unsigned char RSA_E
[] = {
4390 static const unsigned char RSA_D[] = {
4391 0xAE, 0x56, 0x0B, 0x56, 0x7E, 0xDA, 0x83, 0x75,
4392 0x6C, 0xC1, 0x5C, 0x00, 0x02, 0x96, 0x1E, 0x58,
4393 0xF9, 0xA9, 0xF7, 0x2E, 0x27, 0xEB, 0x5E, 0xCA,
4394 0x9B, 0xB0, 0x10, 0xD6, 0x22, 0x7F, 0xA4, 0x6E,
4395 0xA2, 0x03, 0x10, 0xE6, 0xCB, 0x7B, 0x0D, 0x34,
4396 0x1E, 0x76, 0x37, 0xF5, 0xD3, 0xE5, 0x00, 0x70,
4397 0x09, 0x9E, 0xD4, 0x69, 0xFB, 0x40, 0x0A, 0x8B,
4398 0xCB, 0x3E, 0xC8, 0xB4, 0xBC, 0xB1, 0x50, 0xEA,
4399 0x9D, 0xD9, 0x89, 0x8A, 0x98, 0x40, 0x79, 0xD1,
4400 0x07, 0x66, 0xA7, 0x90, 0x63, 0x82, 0xB1, 0xE0,
4401 0x24, 0xD0, 0x89, 0x6A, 0xEC, 0xC5, 0xF3, 0x21,
4402 0x7D, 0xB8, 0xA5, 0x45, 0x3A, 0x3B, 0x34, 0x42,
4403 0xC2, 0x82, 0x3C, 0x8D, 0xFA, 0x5D, 0xA0, 0xA8,
4404 0x24, 0xC8, 0x40, 0x22, 0x19, 0xCB, 0xB5, 0x85,
4405 0x67, 0x69, 0x60, 0xE4, 0xD0, 0x7E, 0xA3, 0x3B,
4406 0xF7, 0x70, 0x50, 0xC9, 0x5C, 0x97, 0x29, 0x49
4409 static const unsigned char RSA_P
[] = {
4410 0xF2, 0xE7, 0x6F, 0x66, 0x2E, 0xC4, 0x03, 0xD4,
4411 0x89, 0x24, 0xCC, 0xE1, 0xCD, 0x3F, 0x01, 0x82,
4412 0xC1, 0xFB, 0xAF, 0x44, 0xFA, 0xCC, 0x0E, 0xAA,
4413 0x9D, 0x74, 0xA9, 0x65, 0xEF, 0xED, 0x4C, 0x87,
4414 0xF0, 0xB3, 0xC6, 0xEA, 0x61, 0x85, 0xDE, 0x4E,
4415 0x66, 0xB2, 0x5A, 0x9F, 0x7A, 0x41, 0xC5, 0x66,
4416 0x57, 0xDF, 0x88, 0xF0, 0xB5, 0xF2, 0xC7, 0x7E,
4417 0xE6, 0x55, 0x21, 0x96, 0x83, 0xD8, 0xAB, 0x57
4419 static const unsigned char RSA_Q
[] = {
4420 0xCA, 0x0A, 0x92, 0xBF, 0x58, 0xB0, 0x2E, 0xF6,
4421 0x66, 0x50, 0xB1, 0x48, 0x29, 0x42, 0x86, 0x6C,
4422 0x98, 0x06, 0x7E, 0xB8, 0xB5, 0x4F, 0xFB, 0xC4,
4423 0xF3, 0xC3, 0x36, 0x91, 0x07, 0xB6, 0xDB, 0xE9,
4424 0x56, 0x3C, 0x51, 0x7D, 0xB5, 0xEC, 0x0A, 0xA9,
4425 0x7C, 0x66, 0xF9, 0xD8, 0x25, 0xDE, 0xD2, 0x94,
4426 0x5A, 0x58, 0xF1, 0x93, 0xE4, 0xF0, 0x5F, 0x27,
4427 0xBD, 0x83, 0xC7, 0xCA, 0x48, 0x6A, 0xB2, 0x55
4429 static const unsigned char RSA_DP
[] = {
4430 0xAF, 0x97, 0xBE, 0x60, 0x0F, 0xCE, 0x83, 0x36,
4431 0x51, 0x2D, 0xD9, 0x2E, 0x22, 0x41, 0x39, 0xC6,
4432 0x5C, 0x94, 0xA4, 0xCF, 0x28, 0xBD, 0xFA, 0x9C,
4433 0x3B, 0xD6, 0xE9, 0xDE, 0x56, 0xE3, 0x24, 0x3F,
4434 0xE1, 0x31, 0x14, 0xCA, 0xBA, 0x55, 0x1B, 0xAF,
4435 0x71, 0x6D, 0xDD, 0x35, 0x0C, 0x1C, 0x1F, 0xA7,
4436 0x2C, 0x3E, 0xDB, 0xAF, 0xA6, 0xD8, 0x2A, 0x7F,
4437 0x01, 0xE2, 0xE8, 0xB4, 0xF5, 0xFA, 0xDB, 0x61
4439 static const unsigned char RSA_DQ
[] = {
4440 0x29, 0xC0, 0x4B, 0x98, 0xFD, 0x13, 0xD3, 0x70,
4441 0x99, 0xAE, 0x1D, 0x24, 0x83, 0x5A, 0x3A, 0xFB,
4442 0x1F, 0xE3, 0x5F, 0xB6, 0x7D, 0xC9, 0x5C, 0x86,
4443 0xD3, 0xB4, 0xC8, 0x86, 0xE9, 0xE8, 0x30, 0xC3,
4444 0xA4, 0x4D, 0x6C, 0xAD, 0xA4, 0xB5, 0x75, 0x72,
4445 0x96, 0xC1, 0x94, 0xE9, 0xC4, 0xD1, 0xAA, 0x04,
4446 0x7C, 0x33, 0x1B, 0x20, 0xEB, 0xD3, 0x7C, 0x66,
4447 0x72, 0xF4, 0x53, 0x8A, 0x0A, 0xB2, 0xF9, 0xCD
4449 static const unsigned char RSA_IQ
[] = {
4450 0xE8, 0xEB, 0x04, 0x79, 0xA5, 0xC1, 0x79, 0xDE,
4451 0xD5, 0x49, 0xA1, 0x0B, 0x48, 0xB9, 0x0E, 0x55,
4452 0x74, 0x2C, 0x54, 0xEE, 0xA8, 0xB0, 0x01, 0xC2,
4453 0xD2, 0x3C, 0x3E, 0x47, 0x3A, 0x7C, 0xC8, 0x3D,
4454 0x2E, 0x33, 0x54, 0x4D, 0x40, 0x29, 0x41, 0x74,
4455 0xBA, 0xE1, 0x93, 0x09, 0xEC, 0xE0, 0x1B, 0x4D,
4456 0x1F, 0x2A, 0xCA, 0x4A, 0x0B, 0x5F, 0xE6, 0xBE,
4457 0x59, 0x0A, 0xC4, 0xC9, 0xD9, 0x82, 0xAC, 0xE1
4460 static const br_rsa_public_key RSA_PK
= {
4461 (void *)RSA_N
, sizeof RSA_N
,
4462 (void *)RSA_E
, sizeof RSA_E
4465 static const br_rsa_private_key RSA_SK
= {
4467 (void *)RSA_P
, sizeof RSA_P
,
4468 (void *)RSA_Q
, sizeof RSA_Q
,
4469 (void *)RSA_DP
, sizeof RSA_DP
,
4470 (void *)RSA_DQ
, sizeof RSA_DQ
,
4471 (void *)RSA_IQ
, sizeof RSA_IQ
4475 test_RSA_core(const char *name
, br_rsa_public fpub
, br_rsa_private fpriv
)
4477 unsigned char t1
[128], t2
[128], t3
[128];
4479 printf("Test %s: ", name
);
4483 * A KAT test (computed with OpenSSL).
4485 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4486 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4487 memcpy(t3
, t1
, sizeof t1
);
4488 if (!fpub(t3
, sizeof t3
, &RSA_PK
)) {
4489 fprintf(stderr
, "RSA public operation failed\n");
4492 check_equals("KAT RSA pub", t2
, t3
, sizeof t2
);
4493 if (!fpriv(t3
, &RSA_SK
)) {
4494 fprintf(stderr
, "RSA private operation failed\n");
4497 check_equals("KAT RSA priv", t1
, t3
, sizeof t1
);
4503 static const unsigned char SHA1_OID
[] = {
4504 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
4508 test_RSA_sign(const char *name
, br_rsa_private fpriv
,
4509 br_rsa_pkcs1_sign fsign
, br_rsa_pkcs1_vrfy fvrfy
)
4511 unsigned char t1
[128], t2
[128];
4512 unsigned char hv
[20], tmp
[20];
4516 printf("Test %s: ", name
);
4520 * Verify the KAT test (computed with OpenSSL).
4522 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4524 br_sha1_update(&hc
, "test", 4);
4525 br_sha1_out(&hc
, hv
);
4526 if (!fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
4527 fprintf(stderr
, "Signature verification failed\n");
4530 check_equals("Extracted hash value", hv
, tmp
, sizeof tmp
);
4533 * Regenerate the signature. This should yield the same value as
4534 * the KAT test, since PKCS#1 v1.5 signatures are deterministic
4535 * (except the usual detail about hash function parameter
4536 * encoding, but OpenSSL uses the same convention as BearSSL).
4538 if (!fsign(SHA1_OID
, hv
, 20, &RSA_SK
, t2
)) {
4539 fprintf(stderr
, "Signature generation failed\n");
4542 check_equals("Regenerated signature", t1
, t2
, sizeof t1
);
4545 * Use the raw private core to generate fake signatures, where
4546 * one byte of the padded hash value is altered. They should all be
4549 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4550 for (u
= 0; u
< (sizeof t2
) - 20; u
++) {
4551 memcpy(t1
, t2
, sizeof t2
);
4553 if (!fpriv(t1
, &RSA_SK
)) {
4554 fprintf(stderr
, "RSA private key operation failed\n");
4557 if (fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
4559 "Signature verification should have failed\n");
4573 test_RSA_core("RSA i15 core", &br_rsa_i15_public
, &br_rsa_i15_private
);
4574 test_RSA_sign("RSA i15 sign", &br_rsa_i15_private
,
4575 &br_rsa_i15_pkcs1_sign
, &br_rsa_i15_pkcs1_vrfy
);
4581 test_RSA_core("RSA i31 core", &br_rsa_i31_public
, &br_rsa_i31_private
);
4582 test_RSA_sign("RSA i31 sign", &br_rsa_i31_private
,
4583 &br_rsa_i31_pkcs1_sign
, &br_rsa_i31_pkcs1_vrfy
);
4589 test_RSA_core("RSA i32 core", &br_rsa_i32_public
, &br_rsa_i32_private
);
4590 test_RSA_sign("RSA i32 sign", &br_rsa_i32_private
,
4591 &br_rsa_i32_pkcs1_sign
, &br_rsa_i32_pkcs1_vrfy
);
4598 br_rsa_private priv
;
4599 br_rsa_pkcs1_sign sign
;
4600 br_rsa_pkcs1_vrfy vrfy
;
4602 pub
= br_rsa_i62_public_get();
4603 priv
= br_rsa_i62_private_get();
4604 sign
= br_rsa_i62_pkcs1_sign_get();
4605 vrfy
= br_rsa_i62_pkcs1_vrfy_get();
4607 if (!priv
|| !sign
|| !vrfy
) {
4608 fprintf(stderr
, "Inconsistent i62 availability\n");
4611 test_RSA_core("RSA i62 core", pub
, priv
);
4612 test_RSA_sign("RSA i62 sign", priv
, sign
, vrfy
);
4614 if (priv
|| sign
|| vrfy
) {
4615 fprintf(stderr
, "Inconsistent i62 availability\n");
4618 printf("Test RSA i62: UNAVAILABLE\n");
4624 test_RSA_signatures(void)
4626 uint32_t n
[40], e
[2], p
[20], q
[20], dp
[20], dq
[20], iq
[20], x
[40];
4627 unsigned char hv
[20], sig
[128];
4628 unsigned char ref
[128], tmp
[128];
4631 printf("Test RSA signatures: ");
4635 * Decode RSA key elements.
4637 br_int_decode(n
, sizeof n
/ sizeof n
[0], RSA_N
, sizeof RSA_N
);
4638 br_int_decode(e
, sizeof e
/ sizeof e
[0], RSA_E
, sizeof RSA_E
);
4639 br_int_decode(p
, sizeof p
/ sizeof p
[0], RSA_P
, sizeof RSA_P
);
4640 br_int_decode(q
, sizeof q
/ sizeof q
[0], RSA_Q
, sizeof RSA_Q
);
4641 br_int_decode(dp
, sizeof dp
/ sizeof dp
[0], RSA_DP
, sizeof RSA_DP
);
4642 br_int_decode(dq
, sizeof dq
/ sizeof dq
[0], RSA_DQ
, sizeof RSA_DQ
);
4643 br_int_decode(iq
, sizeof iq
/ sizeof iq
[0], RSA_IQ
, sizeof RSA_IQ
);
4646 * Decode reference signature (computed with OpenSSL).
4648 hextobin(ref
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4651 * Recompute signature. Since PKCS#1 v1.5 signatures are
4652 * deterministic, we should get the same as the reference signature.
4655 br_sha1_update(&hc
, "test", 4);
4656 br_sha1_out(&hc
, hv
);
4657 if (!br_rsa_sign(sig
, sizeof sig
, p
, q
, dp
, dq
, iq
, br_sha1_ID
, hv
)) {
4658 fprintf(stderr
, "RSA-1024/SHA-1 sig generate failed\n");
4661 check_equals("KAT RSA-sign 1", sig
, ref
, sizeof sig
);
4666 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4667 fprintf(stderr
, "RSA-1024/SHA-1 sig verify failed\n");
4671 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4672 fprintf(stderr
, "RSA-1024/SHA-1 sig verify should have failed\n");
4678 * Generate a signature with the alternate encoding (no NULL) and
4681 hextobin(tmp
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00301F300706052B0E03021A0414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4682 br_int_decode(x
, sizeof x
/ sizeof x
[0], tmp
, sizeof tmp
);
4684 br_rsa_private_core(x
, p
, q
, dp
, dq
, iq
);
4685 br_int_encode(sig
, sizeof sig
, x
);
4686 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4687 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) failed\n");
4691 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4692 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) should have failed\n");
4703 * From: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
4705 static const char *const KAT_GHASH
[] = {
4707 "66e94bd4ef8a2c3b884cfa59ca342b2e",
4710 "00000000000000000000000000000000",
4712 "66e94bd4ef8a2c3b884cfa59ca342b2e",
4714 "0388dace60b6a392f328c2b971b2fe78",
4715 "f38cbb1ad69223dcc3457ae5b6b0f885",
4717 "b83b533708bf535d0aa6e52980d53b78",
4719 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
4720 "7f1b32b81b820d02614f8895ac1d4eac",
4722 "b83b533708bf535d0aa6e52980d53b78",
4723 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4724 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
4725 "698e57f70e6ecc7fd9463b7260a9ae5f",
4727 "b83b533708bf535d0aa6e52980d53b78",
4728 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4729 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
4730 "df586bb4c249b92cb6922877e444d37b",
4732 "b83b533708bf535d0aa6e52980d53b78",
4733 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4734 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
4735 "1c5afe9760d3932f3c9a878aac3dc3de",
4737 "aae06992acbf52a3e8f4a96ec9300bd7",
4739 "98e7247c07f0fe411c267e4384b0f600",
4740 "e2c63f0ac44ad0e02efa05ab6743d4ce",
4742 "466923ec9ae682214f2c082badb39249",
4744 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
4745 "51110d40f6c8fff0eb1ae33445a889f0",
4747 "466923ec9ae682214f2c082badb39249",
4748 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4749 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
4750 "ed2ce3062e4a8ec06db8b4c490e8a268",
4752 "466923ec9ae682214f2c082badb39249",
4753 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4754 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
4755 "1e6a133806607858ee80eaf237064089",
4757 "466923ec9ae682214f2c082badb39249",
4758 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4759 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
4760 "82567fb0b4cc371801eadec005968e94",
4762 "dc95c078a2408989ad48a21492842087",
4764 "cea7403d4d606b6e074ec5d3baf39d18",
4765 "83de425c5edc5d498f382c441041ca92",
4767 "acbef20579b4b8ebce889bac8732dad7",
4769 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
4770 "4db870d37cb75fcb46097c36230d1612",
4772 "acbef20579b4b8ebce889bac8732dad7",
4773 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4774 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
4775 "8bd0c4d8aacd391e67cca447e8c38f65",
4777 "acbef20579b4b8ebce889bac8732dad7",
4778 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4779 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
4780 "75a34288b8c68f811c52b2e9a2f97f63",
4782 "acbef20579b4b8ebce889bac8732dad7",
4783 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4784 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
4785 "d5ffcf6fc5ac4d69722187421a7f170b",
4791 test_GHASH(const char *name
, br_ghash gh
)
4795 printf("Test %s: ", name
);
4798 for (u
= 0; KAT_GHASH
[u
]; u
+= 4) {
4799 unsigned char h
[16];
4800 unsigned char a
[100];
4802 unsigned char c
[100];
4804 unsigned char p
[16];
4805 unsigned char y
[16];
4806 unsigned char ref
[16];
4808 hextobin(h
, KAT_GHASH
[u
]);
4809 a_len
= hextobin(a
, KAT_GHASH
[u
+ 1]);
4810 c_len
= hextobin(c
, KAT_GHASH
[u
+ 2]);
4811 hextobin(ref
, KAT_GHASH
[u
+ 3]);
4812 memset(y
, 0, sizeof y
);
4815 memset(p
, 0, sizeof p
);
4816 br_enc32be(p
+ 4, (uint32_t)a_len
<< 3);
4817 br_enc32be(p
+ 12, (uint32_t)c_len
<< 3);
4818 gh(y
, h
, p
, sizeof p
);
4819 check_equals("KAT GHASH", y
, ref
, sizeof ref
);
4822 for (u
= 0; u
<= 1024; u
++) {
4823 unsigned char key
[32], iv
[12];
4824 unsigned char buf
[1024 + 32];
4825 unsigned char y0
[16], y1
[16];
4828 memset(key
, 0, sizeof key
);
4829 memset(iv
, 0, sizeof iv
);
4831 memset(buf
, 0, sizeof buf
);
4832 br_chacha20_ct_run(key
, iv
, 1, buf
, sizeof buf
);
4834 memcpy(y0
, buf
, 16);
4835 br_ghash_ctmul32(y0
, buf
+ 16, buf
+ 32, u
);
4836 memcpy(y1
, buf
, 16);
4837 gh(y1
, buf
+ 16, buf
+ 32, u
);
4838 sprintf(tmp
, "XREF %s (len = %u)", name
, (unsigned)u
);
4839 check_equals(tmp
, y0
, y1
, 16);
4841 if ((u
& 31) == 0) {
4852 test_GHASH_ctmul(void)
4854 test_GHASH("GHASH_ctmul", br_ghash_ctmul
);
4858 test_GHASH_ctmul32(void)
4860 test_GHASH("GHASH_ctmul32", br_ghash_ctmul32
);
4864 test_GHASH_ctmul64(void)
4866 test_GHASH("GHASH_ctmul64", br_ghash_ctmul64
);
4870 test_GHASH_pclmul(void)
4874 gh
= br_ghash_pclmul_get();
4876 printf("Test GHASH_pclmul: UNAVAILABLE\n");
4878 test_GHASH("GHASH_pclmul", gh
);
4883 test_GHASH_pwr8(void)
4887 gh
= br_ghash_pwr8_get();
4889 printf("Test GHASH_pwr8: UNAVAILABLE\n");
4891 test_GHASH("GHASH_pwr8", gh
);
4896 * From: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
4898 * Order: key, plaintext, AAD, IV, ciphertext, tag
4900 static const char *const KAT_GCM
[] = {
4901 "00000000000000000000000000000000",
4904 "000000000000000000000000",
4906 "58e2fccefa7e3061367f1d57a4e7455a",
4908 "00000000000000000000000000000000",
4909 "00000000000000000000000000000000",
4911 "000000000000000000000000",
4912 "0388dace60b6a392f328c2b971b2fe78",
4913 "ab6e47d42cec13bdf53a67b21257bddf",
4915 "feffe9928665731c6d6a8f9467308308",
4916 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
4918 "cafebabefacedbaddecaf888",
4919 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
4920 "4d5c2af327cd64a62cf35abd2ba6fab4",
4922 "feffe9928665731c6d6a8f9467308308",
4923 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4924 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4925 "cafebabefacedbaddecaf888",
4926 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
4927 "5bc94fbc3221a5db94fae95ae7121a47",
4929 "feffe9928665731c6d6a8f9467308308",
4930 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4931 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4933 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
4934 "3612d2e79e3b0785561be14aaca2fccb",
4936 "feffe9928665731c6d6a8f9467308308",
4937 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4938 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4939 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
4940 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
4941 "619cc5aefffe0bfa462af43c1699d050",
4943 "000000000000000000000000000000000000000000000000",
4946 "000000000000000000000000",
4948 "cd33b28ac773f74ba00ed1f312572435",
4950 "000000000000000000000000000000000000000000000000",
4951 "00000000000000000000000000000000",
4953 "000000000000000000000000",
4954 "98e7247c07f0fe411c267e4384b0f600",
4955 "2ff58d80033927ab8ef4d4587514f0fb",
4957 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
4958 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
4960 "cafebabefacedbaddecaf888",
4961 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
4962 "9924a7c8587336bfb118024db8674a14",
4964 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
4965 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4966 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4967 "cafebabefacedbaddecaf888",
4968 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
4969 "2519498e80f1478f37ba55bd6d27618c",
4971 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
4972 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4973 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4975 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
4976 "65dcc57fcf623a24094fcca40d3533f8",
4978 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
4979 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4980 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4981 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
4982 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
4983 "dcf566ff291c25bbb8568fc3d376a6d9",
4985 "0000000000000000000000000000000000000000000000000000000000000000",
4988 "000000000000000000000000",
4990 "530f8afbc74536b9a963b4f1c4cb738b",
4992 "0000000000000000000000000000000000000000000000000000000000000000",
4993 "00000000000000000000000000000000",
4995 "000000000000000000000000",
4996 "cea7403d4d606b6e074ec5d3baf39d18",
4997 "d0d1c8a799996bf0265b98b5d48ab919",
4999 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
5000 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
5002 "cafebabefacedbaddecaf888",
5003 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
5004 "b094dac5d93471bdec1a502270e3cc6c",
5006 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
5007 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
5008 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
5009 "cafebabefacedbaddecaf888",
5010 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
5011 "76fc6ece0f4e1768cddf8853bb2d551b",
5013 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
5014 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
5015 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
5017 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
5018 "3a337dbf46a792c45e454913fe2ea8f2",
5020 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
5021 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
5022 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
5023 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
5024 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
5025 "a44a8266ee1c8eb0c8b5d4cf5ae9f19a",
5035 printf("Test GCM: ");
5038 for (u
= 0; KAT_GCM
[u
]; u
+= 6) {
5039 unsigned char key
[32];
5040 unsigned char plain
[100];
5041 unsigned char aad
[100];
5042 unsigned char iv
[100];
5043 unsigned char cipher
[100];
5044 unsigned char tag
[100];
5045 size_t key_len
, plain_len
, aad_len
, iv_len
;
5046 br_aes_ct_ctr_keys bc
;
5048 unsigned char tmp
[100], out
[16];
5051 key_len
= hextobin(key
, KAT_GCM
[u
]);
5052 plain_len
= hextobin(plain
, KAT_GCM
[u
+ 1]);
5053 aad_len
= hextobin(aad
, KAT_GCM
[u
+ 2]);
5054 iv_len
= hextobin(iv
, KAT_GCM
[u
+ 3]);
5055 hextobin(cipher
, KAT_GCM
[u
+ 4]);
5056 hextobin(tag
, KAT_GCM
[u
+ 5]);
5058 br_aes_ct_ctr_init(&bc
, key
, key_len
);
5059 br_gcm_init(&gc
, &bc
.vtable
, br_ghash_ctmul32
);
5061 memset(tmp
, 0x54, sizeof tmp
);
5066 memcpy(tmp
, plain
, plain_len
);
5067 br_gcm_reset(&gc
, iv
, iv_len
);
5068 br_gcm_aad_inject(&gc
, aad
, aad_len
);
5070 br_gcm_run(&gc
, 1, tmp
, plain_len
);
5071 br_gcm_get_tag(&gc
, out
);
5072 check_equals("KAT GCM 1", tmp
, cipher
, plain_len
);
5073 check_equals("KAT GCM 2", out
, tag
, 16);
5075 br_gcm_reset(&gc
, iv
, iv_len
);
5076 br_gcm_aad_inject(&gc
, aad
, aad_len
);
5078 br_gcm_run(&gc
, 0, tmp
, plain_len
);
5079 check_equals("KAT GCM 3", tmp
, plain
, plain_len
);
5080 if (!br_gcm_check_tag(&gc
, tag
)) {
5081 fprintf(stderr
, "Tag not verified (1)\n");
5085 for (v
= plain_len
; v
< sizeof tmp
; v
++) {
5086 if (tmp
[v
] != 0x54) {
5087 fprintf(stderr
, "overflow on data\n");
5093 * Byte-by-byte injection.
5095 br_gcm_reset(&gc
, iv
, iv_len
);
5096 for (v
= 0; v
< aad_len
; v
++) {
5097 br_gcm_aad_inject(&gc
, aad
+ v
, 1);
5100 for (v
= 0; v
< plain_len
; v
++) {
5101 br_gcm_run(&gc
, 1, tmp
+ v
, 1);
5103 check_equals("KAT GCM 4", tmp
, cipher
, plain_len
);
5104 if (!br_gcm_check_tag(&gc
, tag
)) {
5105 fprintf(stderr
, "Tag not verified (2)\n");
5109 br_gcm_reset(&gc
, iv
, iv_len
);
5110 for (v
= 0; v
< aad_len
; v
++) {
5111 br_gcm_aad_inject(&gc
, aad
+ v
, 1);
5114 for (v
= 0; v
< plain_len
; v
++) {
5115 br_gcm_run(&gc
, 0, tmp
+ v
, 1);
5117 br_gcm_get_tag(&gc
, out
);
5118 check_equals("KAT GCM 5", tmp
, plain
, plain_len
);
5119 check_equals("KAT GCM 6", out
, tag
, 16);
5122 * Check that alterations are detected.
5124 for (v
= 0; v
< aad_len
; v
++) {
5125 memcpy(tmp
, cipher
, plain_len
);
5126 br_gcm_reset(&gc
, iv
, iv_len
);
5128 br_gcm_aad_inject(&gc
, aad
, aad_len
);
5131 br_gcm_run(&gc
, 0, tmp
, plain_len
);
5132 check_equals("KAT GCM 7", tmp
, plain
, plain_len
);
5133 if (br_gcm_check_tag(&gc
, tag
)) {
5134 fprintf(stderr
, "Tag should have changed\n");
5148 test_EC_inner(const char *sk
, const char *sU
,
5149 const br_ec_impl
*impl
, int curve
)
5151 unsigned char bk
[70];
5152 unsigned char eG
[150], eU
[150];
5153 uint32_t n
[22], n0i
;
5154 size_t klen
, ulen
, nlen
;
5155 const br_ec_curve_def
*cd
;
5156 br_hmac_drbg_context rng
;
5159 klen
= hextobin(bk
, sk
);
5160 ulen
= hextobin(eU
, sU
);
5162 case BR_EC_secp256r1
:
5165 case BR_EC_secp384r1
:
5168 case BR_EC_secp521r1
:
5172 fprintf(stderr
, "Unknown curve: %d\n", curve
);
5176 if (ulen
!= cd
->generator_len
) {
5177 fprintf(stderr
, "KAT vector wrong (%lu / %lu)\n",
5178 (unsigned long)ulen
,
5179 (unsigned long)cd
->generator_len
);
5181 memcpy(eG
, cd
->generator
, ulen
);
5182 if (impl
->mul(eG
, ulen
, bk
, klen
, curve
) != 1) {
5183 fprintf(stderr
, "KAT multiplication failed\n");
5186 if (memcmp(eG
, eU
, ulen
) != 0) {
5187 fprintf(stderr
, "KAT mul: mismatch\n");
5192 * Test the two-point-mul function. We want to test the basic
5193 * functionality, and the following special cases:
5195 * x + y = curve order
5197 nlen
= cd
->order_len
;
5198 br_i31_decode(n
, cd
->order
, nlen
);
5199 n0i
= br_i31_ninv31(n
[1]);
5200 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for EC", 11);
5201 for (i
= 0; i
< 10; i
++) {
5202 unsigned char ba
[80], bb
[80], bx
[80], by
[80], bz
[80];
5203 uint32_t a
[22], b
[22], x
[22], y
[22], z
[22], t1
[22], t2
[22];
5205 unsigned char eA
[160], eB
[160], eC
[160], eD
[160];
5208 * Generate random a and b, and compute A = a*G and B = b*G.
5210 br_hmac_drbg_generate(&rng
, ba
, sizeof ba
);
5211 br_i31_decode_reduce(a
, ba
, sizeof ba
, n
);
5212 br_i31_encode(ba
, nlen
, a
);
5213 br_hmac_drbg_generate(&rng
, bb
, sizeof bb
);
5214 br_i31_decode_reduce(b
, bb
, sizeof bb
, n
);
5215 br_i31_encode(bb
, nlen
, b
);
5216 memcpy(eA
, cd
->generator
, ulen
);
5217 impl
->mul(eA
, ulen
, ba
, nlen
, cd
->curve
);
5218 memcpy(eB
, cd
->generator
, ulen
);
5219 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
5222 * Generate random x and y (modulo n).
5224 br_hmac_drbg_generate(&rng
, bx
, sizeof bx
);
5225 br_i31_decode_reduce(x
, bx
, sizeof bx
, n
);
5226 br_i31_encode(bx
, nlen
, x
);
5227 br_hmac_drbg_generate(&rng
, by
, sizeof by
);
5228 br_i31_decode_reduce(y
, by
, sizeof by
, n
);
5229 br_i31_encode(by
, nlen
, y
);
5232 * Compute z = a*x + b*y (mod n).
5234 memcpy(t1
, x
, sizeof x
);
5235 br_i31_to_monty(t1
, n
);
5236 br_i31_montymul(z
, a
, t1
, n
, n0i
);
5237 memcpy(t1
, y
, sizeof y
);
5238 br_i31_to_monty(t1
, n
);
5239 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
5240 r
= br_i31_add(z
, t2
, 1);
5241 r
|= br_i31_sub(z
, n
, 0) ^ 1;
5242 br_i31_sub(z
, n
, r
);
5243 br_i31_encode(bz
, nlen
, z
);
5246 * Compute C = x*A + y*B with muladd(), and also
5247 * D = z*G with mul(). The two points must match.
5249 memcpy(eC
, eA
, ulen
);
5250 if (impl
->muladd(eC
, eB
, ulen
,
5251 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
5253 fprintf(stderr
, "muladd() failed (1)\n");
5256 memcpy(eD
, cd
->generator
, ulen
);
5257 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
5258 fprintf(stderr
, "mul() failed (1)\n");
5261 if (memcmp(eC
, eD
, nlen
) != 0) {
5262 fprintf(stderr
, "mul() / muladd() mismatch\n");
5267 * Also recomputed D = z*G with mulgen(). This must
5270 memset(eD
, 0, ulen
);
5271 if (impl
->mulgen(eD
, bz
, nlen
, cd
->curve
) != ulen
) {
5272 fprintf(stderr
, "mulgen() failed: wrong length\n");
5275 if (memcmp(eC
, eD
, nlen
) != 0) {
5276 fprintf(stderr
, "mulgen() / muladd() mismatch\n");
5281 * Check with x*A = y*B. We do so by setting b = x and y = a.
5283 memcpy(b
, x
, sizeof x
);
5284 br_i31_encode(bb
, nlen
, b
);
5285 memcpy(eB
, cd
->generator
, ulen
);
5286 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
5287 memcpy(y
, a
, sizeof a
);
5288 br_i31_encode(by
, nlen
, y
);
5290 memcpy(t1
, x
, sizeof x
);
5291 br_i31_to_monty(t1
, n
);
5292 br_i31_montymul(z
, a
, t1
, n
, n0i
);
5293 memcpy(t1
, y
, sizeof y
);
5294 br_i31_to_monty(t1
, n
);
5295 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
5296 r
= br_i31_add(z
, t2
, 1);
5297 r
|= br_i31_sub(z
, n
, 0) ^ 1;
5298 br_i31_sub(z
, n
, r
);
5299 br_i31_encode(bz
, nlen
, z
);
5301 memcpy(eC
, eA
, ulen
);
5302 if (impl
->muladd(eC
, eB
, ulen
,
5303 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
5305 fprintf(stderr
, "muladd() failed (2)\n");
5308 memcpy(eD
, cd
->generator
, ulen
);
5309 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
5310 fprintf(stderr
, "mul() failed (2)\n");
5313 if (memcmp(eC
, eD
, nlen
) != 0) {
5315 "mul() / muladd() mismatch (x*A=y*B)\n");
5320 * Check with x*A + y*B = 0. At that point, b = x, so we
5321 * just need to set y = -a (mod n).
5323 memcpy(y
, n
, sizeof n
);
5324 br_i31_sub(y
, a
, 1);
5325 br_i31_encode(by
, nlen
, y
);
5326 memcpy(eC
, eA
, ulen
);
5327 if (impl
->muladd(eC
, eB
, ulen
,
5328 bx
, nlen
, by
, nlen
, cd
->curve
) != 0)
5330 fprintf(stderr
, "muladd() should have failed\n");
5340 test_EC_P256_carry_inner(const br_ec_impl
*impl
, const char *sP
, const char *sQ
)
5342 unsigned char P
[65], Q
[sizeof P
], k
[1];
5345 plen
= hextobin(P
, sP
);
5346 qlen
= hextobin(Q
, sQ
);
5347 if (plen
!= sizeof P
|| qlen
!= sizeof P
) {
5348 fprintf(stderr
, "KAT is incorrect\n");
5352 if (impl
->mul(P
, plen
, k
, 1, BR_EC_secp256r1
) != 1) {
5353 fprintf(stderr
, "P-256 multiplication failed\n");
5356 check_equals("P256_carry", P
, Q
, plen
);
5362 test_EC_P256_carry(const br_ec_impl
*impl
)
5364 test_EC_P256_carry_inner(impl
,
5365 "0435BAA24B2B6E1B3C88E22A383BD88CC4B9A3166E7BCF94FF6591663AE066B33B821EBA1B4FC8EA609A87EB9A9C9A1CCD5C9F42FA1365306F64D7CAA718B8C978",
5366 "0447752A76CA890328D34E675C4971EC629132D1FC4863EDB61219B72C4E58DC5E9D51E7B293488CFD913C3CF20E438BB65C2BA66A7D09EABB45B55E804260C5EB");
5367 test_EC_P256_carry_inner(impl
,
5368 "04DCAE9D9CE211223602024A6933BD42F77B6BF4EAB9C8915F058C149419FADD2CC9FC0707B270A1B5362BA4D249AFC8AC3DA1EFCA8270176EEACA525B49EE19E6",
5369 "048DAC7B0BE9B3206FCE8B24B6B4AEB122F2A67D13E536B390B6585CA193427E63F222388B5F51D744D6F5D47536D89EEEC89552BCB269E7828019C4410DFE980A");
5373 test_EC_KAT(const char *name
, const br_ec_impl
*impl
, uint32_t curve_mask
)
5376 printf("Test %s: ", name
);
5379 if (curve_mask
& ((uint32_t)1 << BR_EC_secp256r1
)) {
5381 "C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721",
5382 "0460FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB67903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299",
5383 impl
, BR_EC_secp256r1
);
5384 test_EC_P256_carry(impl
);
5386 if (curve_mask
& ((uint32_t)1 << BR_EC_secp384r1
)) {
5388 "6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5",
5389 "04EC3A4E415B4E19A4568618029F427FA5DA9A8BC4AE92E02E06AAE5286B300C64DEF8F0EA9055866064A254515480BC138015D9B72D7D57244EA8EF9AC0C621896708A59367F9DFB9F54CA84B3F1C9DB1288B231C3AE0D4FE7344FD2533264720",
5390 impl
, BR_EC_secp384r1
);
5392 if (curve_mask
& ((uint32_t)1 << BR_EC_secp521r1
)) {
5394 "00FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538",
5395 "0401894550D0785932E00EAA23B694F213F8C3121F86DC97A04E5A7167DB4E5BCD371123D46E45DB6B5D5370A7F20FB633155D38FFA16D2BD761DCAC474B9A2F5023A400493101C962CD4D2FDDF782285E64584139C2F91B47F87FF82354D6630F746A28A0DB25741B5B34A828008B22ACC23F924FAAFBD4D33F81EA66956DFEAA2BFDFCF5",
5396 impl
, BR_EC_secp521r1
);
5404 test_EC_prime_i15(void)
5406 test_EC_KAT("EC_prime_i15", &br_ec_prime_i15
,
5407 (uint32_t)1 << BR_EC_secp256r1
5408 | (uint32_t)1 << BR_EC_secp384r1
5409 | (uint32_t)1 << BR_EC_secp521r1
);
5413 test_EC_prime_i31(void)
5415 test_EC_KAT("EC_prime_i31", &br_ec_prime_i31
,
5416 (uint32_t)1 << BR_EC_secp256r1
5417 | (uint32_t)1 << BR_EC_secp384r1
5418 | (uint32_t)1 << BR_EC_secp521r1
);
5422 test_EC_p256_m15(void)
5424 test_EC_KAT("EC_p256_m15", &br_ec_p256_m15
,
5425 (uint32_t)1 << BR_EC_secp256r1
);
5429 test_EC_p256_m31(void)
5431 test_EC_KAT("EC_p256_m31", &br_ec_p256_m31
,
5432 (uint32_t)1 << BR_EC_secp256r1
);
5440 { "A546E36BF0527C9D3B16154B82465EDD62144C0AC1FC5A18506A2244BA449AC4",
5441 "E6DB6867583030DB3594C1A424B15F7C726624EC26B3353B10A903A6D0AB1C4C",
5442 "C3DA55379DE9C6908E94EA4DF28D084F32ECCF03491C71F754B4075577A28552" },
5443 { "4B66E9D4D1B4673C5AD22691957D6AF5C11B6421E0EA01D42CA4169E7918BA0D",
5444 "E5210F12786811D3F4B7959D0538AE2C31DBE7106FC03C3EFC4CD549C715A493",
5445 "95CBDE9476E8907D7AADE45CB4B873F88B595A68799FA152E6F8F7647AAC7957" },
5450 test_EC_c25519(const char *name
, const br_ec_impl
*iec
)
5452 unsigned char bu
[32], bk
[32], br
[32];
5456 printf("Test %s: ", name
);
5458 for (v
= 0; C25519_KAT
[v
].scalar
; v
++) {
5459 hextobin(bk
, C25519_KAT
[v
].scalar
);
5460 hextobin(bu
, C25519_KAT
[v
].u_in
);
5461 hextobin(br
, C25519_KAT
[v
].u_out
);
5462 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
5463 fprintf(stderr
, "Curve25519 multiplication failed\n");
5466 if (memcmp(bu
, br
, sizeof bu
) != 0) {
5467 fprintf(stderr
, "Curve25519 failed KAT\n");
5476 memset(bu
, 0, sizeof bu
);
5478 memcpy(bk
, bu
, sizeof bu
);
5479 for (i
= 1; i
<= 1000; i
++) {
5480 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
5481 fprintf(stderr
, "Curve25519 multiplication failed"
5485 for (v
= 0; v
< sizeof bu
; v
++) {
5492 if (i
== 1 || i
== 1000) {
5496 ? "422C8E7A6227D7BCA1350B3E2BB7279F7897B87BB6854B783C60E80311AE3079"
5497 : "684CF59BA83309552800EF566F2F4D3C1C3887C49360E3875F2EB94D99532C51";
5499 if (memcmp(bk
, br
, sizeof bk
) != 0) {
5501 "Curve25519 failed KAT (iter=%d)\n", i
);
5516 test_EC_c25519_i15(void)
5518 test_EC_c25519("EC_c25519_i15", &br_ec_c25519_i15
);
5522 test_EC_c25519_i31(void)
5524 test_EC_c25519("EC_c25519_i31", &br_ec_c25519_i31
);
5528 test_EC_c25519_m15(void)
5530 test_EC_c25519("EC_c25519_m15", &br_ec_c25519_m15
);
5534 test_EC_c25519_m31(void)
5536 test_EC_c25519("EC_c25519_m31", &br_ec_c25519_m31
);
5539 static const unsigned char EC_P256_PUB_POINT
[] = {
5540 0x04, 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D,
5541 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D,
5542 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA,
5543 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F,
5544 0xB6, 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC,
5545 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC,
5546 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F,
5547 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22,
5551 static const unsigned char EC_P256_PRIV_X
[] = {
5552 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16,
5553 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93,
5554 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12,
5555 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21
5558 static const br_ec_public_key EC_P256_PUB
= {
5560 (unsigned char *)EC_P256_PUB_POINT
, sizeof EC_P256_PUB_POINT
5563 static const br_ec_private_key EC_P256_PRIV
= {
5565 (unsigned char *)EC_P256_PRIV_X
, sizeof EC_P256_PRIV_X
5568 static const unsigned char EC_P384_PUB_POINT
[] = {
5569 0x04, 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19,
5570 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F,
5571 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0,
5572 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C,
5573 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86,
5574 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC,
5575 0x13, 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57,
5576 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21,
5577 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF,
5578 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D,
5579 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4,
5580 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47,
5584 static const unsigned char EC_P384_PRIV_X
[] = {
5585 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C,
5586 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D,
5587 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA,
5588 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8,
5589 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25,
5590 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5
5593 static const br_ec_public_key EC_P384_PUB
= {
5595 (unsigned char *)EC_P384_PUB_POINT
, sizeof EC_P384_PUB_POINT
5598 static const br_ec_private_key EC_P384_PRIV
= {
5600 (unsigned char *)EC_P384_PRIV_X
, sizeof EC_P384_PRIV_X
5603 static const unsigned char EC_P521_PUB_POINT
[] = {
5604 0x04, 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59,
5605 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2,
5606 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97,
5607 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B,
5608 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB,
5609 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6,
5610 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B,
5611 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F,
5612 0x50, 0x23, 0xA4, 0x00, 0x49, 0x31, 0x01, 0xC9,
5613 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28,
5614 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B,
5615 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63,
5616 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74,
5617 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22,
5618 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4,
5619 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE,
5620 0xAA, 0x2B, 0xFD, 0xFC, 0xF5
5623 static const unsigned char EC_P521_PRIV_X
[] = {
5624 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B,
5625 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57,
5626 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F,
5627 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75,
5628 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C,
5629 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC,
5630 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB,
5631 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8,
5635 static const br_ec_public_key EC_P521_PUB
= {
5637 (unsigned char *)EC_P521_PUB_POINT
, sizeof EC_P521_PUB_POINT
5640 static const br_ec_private_key EC_P521_PRIV
= {
5642 (unsigned char *)EC_P521_PRIV_X
, sizeof EC_P521_PRIV_X
5646 const br_ec_public_key
*pub
;
5647 const br_ec_private_key
*priv
;
5648 const br_hash_class
*hf
;
5655 const ecdsa_kat_vector ECDSA_KAT
[] = {
5657 /* Test vectors for P-256, from RFC 6979. */
5661 &br_sha1_vtable
, "sample",
5662 "882905F1227FD620FBF2ABF21244F0BA83D0DC3A9103DBBEE43A1FB858109DB4",
5663 "61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D326D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB",
5664 "3044022061340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D3202206D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
5669 &br_sha224_vtable
, "sample",
5670 "103F90EE9DC52E5E7FB5132B7033C63066D194321491862059967C715985D473",
5671 "53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3FB9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C",
5672 "3045022053B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F022100B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
5677 &br_sha256_vtable
, "sample",
5678 "A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60",
5679 "EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8",
5680 "3046022100EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716022100F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8"
5685 &br_sha384_vtable
, "sample",
5686 "09F634B188CEFD98E7EC88B1AA9852D734D0BC272F7D2A47DECC6EBEB375AAD4",
5687 "0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF77194861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954",
5688 "304402200EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF771902204861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954"
5693 &br_sha512_vtable
, "sample",
5694 "5FA81C63109BADB88C1F367B47DA606DA28CAD69AA22C4FE6AD7DF73A7173AA5",
5695 "8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F002362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE",
5696 "30450221008496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F0002202362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE"
5701 &br_sha1_vtable
, "test",
5702 "8C9520267C55D6B980DF741E56B4ADEE114D84FBFA2E62137954164028632A2E",
5703 "0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A8901B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1",
5704 "304402200CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89022001B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
5709 &br_sha224_vtable
, "test",
5710 "669F4426F2688B8BE0DB3A6BD1989BDAEFFF84B649EEB84F3DD26080F667FAA7",
5711 "C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D",
5712 "3046022100C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692022100C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
5717 &br_sha256_vtable
, "test",
5718 "D16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0",
5719 "F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083",
5720 "3045022100F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D383670220019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083"
5725 &br_sha384_vtable
, "test",
5726 "16AEFFA357260B04B1DD199693960740066C1A8F3E8EDD79070AA914D361B3B8",
5727 "83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB68DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C",
5728 "304602210083910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB60221008DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C"
5733 &br_sha512_vtable
, "test",
5734 "6915D11632ACA3C40D5D51C08DAF9C555933819548784480E93499000D9F0B7F",
5735 "461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A0439AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55",
5736 "30440220461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04022039AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55"
5739 /* Test vectors for P-384, from RFC 6979. */
5743 &br_sha1_vtable
, "sample",
5744 "4471EF7518BB2C7C20F62EAE1C387AD0C5E8E470995DB4ACF694466E6AB096630F29E5938D25106C3C340045A2DB01A7",
5745 "EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443",
5746 "3066023100EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2023100A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
5752 &br_sha224_vtable
, "sample",
5753 "A4E4D2F0E729EB786B31FC20AD5D849E304450E0AE8E3E341134A5C1AFA03CAB8083EE4E3C45B06A5899EA56C51B5879",
5754 "42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601229DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D",
5755 "3065023042356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601220231009DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
5760 &br_sha256_vtable
, "sample",
5761 "180AE9F9AEC5438A44BC159A1FCB277C7BE54FA20E7CF404B490650A8ACC414E375572342863C899F9F2EDF9747A9B60",
5762 "21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CDF3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0",
5763 "3065023021B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD023100F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0"
5768 &br_sha384_vtable
, "sample",
5769 "94ED910D1A099DAD3254E9242AE85ABDE4BA15168EAF0CA87A555FD56D10FBCA2907E3E83BA95368623B8C4686915CF9",
5770 "94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4699EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8",
5771 "306602310094EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4602310099EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8"
5776 &br_sha512_vtable
, "sample",
5777 "92FC3C7183A883E24216D1141F1A8976C5B0DD797DFA597E3D7B32198BD35331A4E966532593A52980D0E3AAA5E10EC3",
5778 "ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5",
5779 "3065023100ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD78824337090230512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5"
5784 &br_sha1_vtable
, "test",
5785 "66CC2C8F4D303FC962E5FF6A27BD79F84EC812DDAE58CF5243B64A4AD8094D47EC3727F3A3C186C15054492E30698497",
5786 "4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282",
5787 "306502304BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7023100D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
5792 &br_sha224_vtable
, "test",
5793 "18FA39DB95AA5F561F30FA3591DC59C0FA3653A80DAFFA0B48D1A4C6DFCBFF6E3D33BE4DC5EB8886A8ECD093F2935726",
5794 "E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E7207041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66",
5795 "3065023100E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72023007041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
5800 &br_sha256_vtable
, "test",
5801 "0CFAC37587532347DC3389FDC98286BBA8C73807285B184C83E62E26C401C0FAA48DD070BA79921A3457ABFF2D630AD7",
5802 "6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265",
5803 "306402306D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B02302D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265"
5808 &br_sha384_vtable
, "test",
5809 "015EE46A5BF88773ED9123A5AB0807962D193719503C527B031B4C2D225092ADA71F4A459BC0DA98ADB95837DB8312EA",
5810 "8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DBDDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5",
5811 "30660231008203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB023100DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5"
5816 &br_sha512_vtable
, "test",
5817 "3780C4F67CB15518B6ACAE34C9F83568D2E12E47DEAB6C50A4E4EE5319D1E8CE0E2CC8A136036DC4B9C00E6888F66B6C",
5818 "A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736",
5819 "3066023100A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277023100976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736"
5822 /* Test vectors for P-521, from RFC 6979. */
5826 &br_sha1_vtable
, "sample",
5827 "0089C071B419E1C2820962321787258469511958E80582E95D8378E0C2CCDB3CB42BEDE42F50E3FA3C71F5A76724281D31D9C89F0F91FC1BE4918DB1C03A5838D0F9",
5828 "00343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D00E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16",
5829 "3081870241343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D024200E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
5834 &br_sha224_vtable
, "sample",
5835 "0121415EC2CD7726330A61F7F3FA5DE14BE9436019C4DB8CB4041F3B54CF31BE0493EE3F427FB906393D895A19C9523F3A1D54BB8702BD4AA9C99DAB2597B92113F3",
5836 "01776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E0050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F",
5837 "308187024201776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E024150CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
5842 &br_sha256_vtable
, "sample",
5843 "00EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0",
5844 "01511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7004A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC",
5845 "308187024201511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A702414A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC"
5850 &br_sha384_vtable
, "sample",
5851 "01546A108BC23A15D6F21872F7DED661FA8431DDBD922D0DCDB77CC878C8553FFAD064C95A920A750AC9137E527390D2D92F153E66196966EA554D9ADFCB109C4211",
5852 "01EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C6745101F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61",
5853 "308188024201EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451024201F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61"
5858 &br_sha512_vtable
, "sample",
5859 "01DAE2EA071F8110DC26882D4D5EAE0621A3256FC8847FB9022E2B7D28E6F10198B1574FDD03A9053C08A1854A168AA5A57470EC97DD5CE090124EF52A2F7ECBFFD3",
5860 "00C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA00617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A",
5861 "308187024200C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA0241617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A"
5866 &br_sha1_vtable
, "test",
5867 "00BB9F2BF4FE1038CCF4DABD7139A56F6FD8BB1386561BD3C6A4FC818B20DF5DDBA80795A947107A1AB9D12DAA615B1ADE4F7A9DC05E8E6311150F47F5C57CE8B222",
5868 "013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D036701E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF",
5869 "3081880242013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367024201E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
5874 &br_sha224_vtable
, "test",
5875 "0040D09FCF3C8A5F62CF4FB223CBBB2B9937F6B0577C27020A99602C25A01136987E452988781484EDBBCF1C47E554E7FC901BC3085E5206D9F619CFF07E73D6F706",
5876 "01C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB0177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4",
5877 "308188024201C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB02420177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
5882 &br_sha256_vtable
, "test",
5883 "001DE74955EFAABC4C4F17F8E84D881D1310B5392D7700275F82F145C61E843841AF09035BF7A6210F5A431A6A9E81C9323354A9E69135D44EBD2FCAA7731B909258",
5884 "000E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA800CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86",
5885 "30818702410E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8024200CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86"
5890 &br_sha384_vtable
, "test",
5891 "01F1FC4A349A7DA9A9E116BFDD055DC08E78252FF8E23AC276AC88B1770AE0B5DCEB1ED14A4916B769A523CE1E90BA22846AF11DF8B300C38818F713DADD85DE0C88",
5892 "014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C0133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979",
5893 "3081880242014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C02420133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979"
5898 &br_sha512_vtable
, "test",
5899 "016200813020EC986863BEDFC1B121F605C1215645018AEA1A7B215A564DE9EB1B38A67AA1128B80CE391C4FB71187654AAA3431027BFC7F395766CA988C964DC56D",
5900 "013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D01FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3",
5901 "3081880242013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D024201FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
5904 /* Terminator for list of test vectors. */
5911 test_ECDSA_KAT(const br_ec_impl
*iec
,
5912 br_ecdsa_sign sign
, br_ecdsa_vrfy vrfy
, int asn1
)
5916 for (u
= 0;; u
++) {
5917 const ecdsa_kat_vector
*kv
;
5918 unsigned char hash
[64];
5920 unsigned char sig
[150], sig2
[150];
5921 size_t sig_len
, sig2_len
;
5922 br_hash_compat_context hc
;
5928 kv
->hf
->init(&hc
.vtable
);
5929 kv
->hf
->update(&hc
.vtable
, kv
->msg
, strlen(kv
->msg
));
5930 kv
->hf
->out(&hc
.vtable
, hash
);
5931 hash_len
= (kv
->hf
->desc
>> BR_HASHDESC_OUT_OFF
)
5932 & BR_HASHDESC_OUT_MASK
;
5934 sig_len
= hextobin(sig
, kv
->sasn1
);
5936 sig_len
= hextobin(sig
, kv
->sraw
);
5939 if (vrfy(iec
, hash
, hash_len
,
5940 kv
->pub
, sig
, sig_len
) != 1)
5942 fprintf(stderr
, "ECDSA KAT verify failed (1)\n");
5946 if (vrfy(iec
, hash
, hash_len
,
5947 kv
->pub
, sig
, sig_len
) != 0)
5949 fprintf(stderr
, "ECDSA KAT verify shoud have failed\n");
5953 if (vrfy(iec
, hash
, hash_len
,
5954 kv
->pub
, sig
, sig_len
) != 1)
5956 fprintf(stderr
, "ECDSA KAT verify failed (2)\n");
5960 sig2_len
= sign(iec
, kv
->hf
, hash
, kv
->priv
, sig2
);
5961 if (sig2_len
== 0) {
5962 fprintf(stderr
, "ECDSA KAT sign failed\n");
5965 if (sig2_len
!= sig_len
|| memcmp(sig
, sig2
, sig_len
) != 0) {
5966 fprintf(stderr
, "ECDSA KAT wrong signature value\n");
5976 test_ECDSA_i31(void)
5978 printf("Test ECDSA/i31: ");
5982 test_ECDSA_KAT(&br_ec_prime_i31
,
5983 &br_ecdsa_i31_sign_raw
, &br_ecdsa_i31_vrfy_raw
, 0);
5986 test_ECDSA_KAT(&br_ec_prime_i31
,
5987 &br_ecdsa_i31_sign_asn1
, &br_ecdsa_i31_vrfy_asn1
, 1);
5993 test_ECDSA_i15(void)
5995 printf("Test ECDSA/i15: ");
5999 test_ECDSA_KAT(&br_ec_prime_i15
,
6000 &br_ecdsa_i15_sign_raw
, &br_ecdsa_i15_vrfy_raw
, 0);
6003 test_ECDSA_KAT(&br_ec_prime_i31
,
6004 &br_ecdsa_i15_sign_asn1
, &br_ecdsa_i15_vrfy_asn1
, 1);
6010 test_modpow_i31(void)
6012 br_hmac_drbg_context hc
;
6015 printf("Test ModPow/i31: ");
6017 br_hmac_drbg_init(&hc
, &br_sha256_vtable
, "seed modpow", 11);
6018 for (k
= 10; k
<= 500; k
++) {
6020 unsigned char bm
[128], bx
[128], bx1
[128], bx2
[128];
6021 unsigned char be
[128];
6023 uint32_t x1
[35], m1
[35];
6024 uint16_t x2
[70], m2
[70];
6025 uint32_t tmp1
[1000];
6026 uint16_t tmp2
[2000];
6028 blen
= (k
+ 7) >> 3;
6029 br_hmac_drbg_generate(&hc
, bm
, blen
);
6030 br_hmac_drbg_generate(&hc
, bx
, blen
);
6031 br_hmac_drbg_generate(&hc
, be
, blen
);
6032 bm
[blen
- 1] |= 0x01;
6033 mask
= 0xFF >> ((int)(blen
<< 3) - k
);
6035 bm
[0] |= (mask
- (mask
>> 1));
6036 bx
[0] &= (mask
>> 1);
6038 br_i31_decode(m1
, bm
, blen
);
6039 br_i31_decode_mod(x1
, bx
, blen
, m1
);
6040 br_i31_modpow_opt(x1
, be
, blen
, m1
, br_i31_ninv31(m1
[1]),
6041 tmp1
, (sizeof tmp1
) / (sizeof tmp1
[0]));
6042 br_i31_encode(bx1
, blen
, x1
);
6044 br_i15_decode(m2
, bm
, blen
);
6045 br_i15_decode_mod(x2
, bx
, blen
, m2
);
6046 br_i15_modpow_opt(x2
, be
, blen
, m2
, br_i15_ninv15(m2
[1]),
6047 tmp2
, (sizeof tmp2
) / (sizeof tmp2
[0]));
6048 br_i15_encode(bx2
, blen
, x2
);
6050 check_equals("ModPow i31/i15", bx1
, bx2
, blen
);
6061 test_modpow_i62(void)
6063 br_hmac_drbg_context hc
;
6066 printf("Test ModPow/i62: ");
6068 br_hmac_drbg_init(&hc
, &br_sha256_vtable
, "seed modpow", 11);
6069 for (k
= 10; k
<= 500; k
++) {
6071 unsigned char bm
[128], bx
[128], bx1
[128], bx2
[128];
6072 unsigned char be
[128];
6074 uint32_t x1
[35], m1
[35];
6075 uint16_t x2
[70], m2
[70];
6077 uint16_t tmp2
[2000];
6079 blen
= (k
+ 7) >> 3;
6080 br_hmac_drbg_generate(&hc
, bm
, blen
);
6081 br_hmac_drbg_generate(&hc
, bx
, blen
);
6082 br_hmac_drbg_generate(&hc
, be
, blen
);
6083 bm
[blen
- 1] |= 0x01;
6084 mask
= 0xFF >> ((int)(blen
<< 3) - k
);
6086 bm
[0] |= (mask
- (mask
>> 1));
6087 bx
[0] &= (mask
>> 1);
6089 br_i31_decode(m1
, bm
, blen
);
6090 br_i31_decode_mod(x1
, bx
, blen
, m1
);
6091 br_i62_modpow_opt(x1
, be
, blen
, m1
, br_i31_ninv31(m1
[1]),
6092 tmp1
, (sizeof tmp1
) / (sizeof tmp1
[0]));
6093 br_i31_encode(bx1
, blen
, x1
);
6095 br_i15_decode(m2
, bm
, blen
);
6096 br_i15_decode_mod(x2
, bx
, blen
, m2
);
6097 br_i15_modpow_opt(x2
, be
, blen
, m2
, br_i15_ninv15(m2
[1]),
6098 tmp2
, (sizeof tmp2
) / (sizeof tmp2
[0]));
6099 br_i15_encode(bx2
, blen
, x2
);
6101 check_equals("ModPow i62/i15", bx1
, bx2
, blen
);
6112 eq_name(const char *s1
, const char *s2
)
6119 if (c1
>= 'A' && c1
<= 'Z') {
6123 case '-': case '_': case '.': case ' ':
6131 if (c2
>= 'A' && c2
<= 'Z') {
6135 case '-': case '_': case '.': case ' ':
6150 #define STU(x) { &test_ ## x, #x }
6152 static const struct {
6176 STU(Poly1305_ctmul
),
6177 STU(Poly1305_ctmul32
),
6178 STU(Poly1305_ctmulq
),
6206 main(int argc
, char *argv
[])
6211 printf("usage: testcrypto all | name...\n");
6212 printf("individual test names:\n");
6213 for (u
= 0; tfns
[u
].name
; u
++) {
6214 printf(" %s\n", tfns
[u
].name
);
6217 for (u
= 0; tfns
[u
].name
; u
++) {
6220 for (i
= 1; i
< argc
; i
++) {
6221 if (eq_name(argv
[i
], tfns
[u
].name
)
6222 || eq_name(argv
[i
], "all"))