projects / BearSSL / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added generic HKDF implementation.
[BearSSL] / test / test_crypto.c
1 /*
2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include "bearssl.h"
29 #include "inner.h"
30
31 /*
32 * Decode an hexadecimal string. Returned value is the number of decoded
33 * bytes.
34 */
35 static size_t
36 hextobin(unsigned char *dst, const char *src)
37 {
38 size_t num;
39 unsigned acc;
40 int z;
41
42 num = 0;
43 z = 0;
44 acc = 0;
45 while (*src != 0) {
46 int c = *src ++;
47 if (c >= '0' && c <= '9') {
48 c -= '0';
49 } else if (c >= 'A' && c <= 'F') {
50 c -= ('A' - 10);
51 } else if (c >= 'a' && c <= 'f') {
52 c -= ('a' - 10);
53 } else {
54 continue;
55 }
56 if (z) {
57 *dst ++ = (acc << 4) + c;
58 num ++;
59 } else {
60 acc = c;
61 }
62 z = !z;
63 }
64 return num;
65 }
66
67 static void
68 check_equals(const char *banner, const void *v1, const void *v2, size_t len)
69 {
70 size_t u;
71 const unsigned char *b;
72
73 if (memcmp(v1, v2, len) == 0) {
74 return;
75 }
76 fprintf(stderr, "\n%s failed\n", banner);
77 fprintf(stderr, "v1: ");
78 for (u = 0, b = v1; u < len; u ++) {
79 fprintf(stderr, "%02X", b[u]);
80 }
81 fprintf(stderr, "\nv2: ");
82 for (u = 0, b = v2; u < len; u ++) {
83 fprintf(stderr, "%02X", b[u]);
84 }
85 fprintf(stderr, "\n");
86 exit(EXIT_FAILURE);
87 }
88
89 #define HASH_SIZE(cname) br_ ## cname ## _SIZE
90
91 #define TEST_HASH(Name, cname) \
92 static void \
93 test_ ## cname ## _internal(char *data, char *refres) \
94 { \
95 br_ ## cname ## _context mc; \
96 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
97 size_t u, n; \
98 \
99 hextobin(ref, refres); \
100 n = strlen(data); \
101 br_ ## cname ## _init(&mc); \
102 br_ ## cname ## _update(&mc, data, n); \
103 br_ ## cname ## _out(&mc, res); \
104 check_equals("KAT " #Name " 1", res, ref, HASH_SIZE(cname)); \
105 br_ ## cname ## _init(&mc); \
106 for (u = 0; u < n; u ++) { \
107 br_ ## cname ## _update(&mc, data + u, 1); \
108 } \
109 br_ ## cname ## _out(&mc, res); \
110 check_equals("KAT " #Name " 2", res, ref, HASH_SIZE(cname)); \
111 for (u = 0; u < n; u ++) { \
112 br_ ## cname ## _context mc2; \
113 br_ ## cname ## _init(&mc); \
114 br_ ## cname ## _update(&mc, data, u); \
115 mc2 = mc; \
116 br_ ## cname ## _update(&mc, data + u, n - u); \
117 br_ ## cname ## _out(&mc, res); \
118 check_equals("KAT " #Name " 3", res, ref, HASH_SIZE(cname)); \
119 br_ ## cname ## _update(&mc2, data + u, n - u); \
120 br_ ## cname ## _out(&mc2, res); \
121 check_equals("KAT " #Name " 4", res, ref, HASH_SIZE(cname)); \
122 } \
123 memset(&mc, 0, sizeof mc); \
124 memset(res, 0, sizeof res); \
125 br_ ## cname ## _vtable.init(&mc.vtable); \
126 mc.vtable->update(&mc.vtable, data, n); \
127 mc.vtable->out(&mc.vtable, res); \
128 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
129 memset(res, 0, sizeof res); \
130 mc.vtable->init(&mc.vtable); \
131 mc.vtable->update(&mc.vtable, data, n); \
132 mc.vtable->out(&mc.vtable, res); \
133 check_equals("KAT " #Name " 6", res, ref, HASH_SIZE(cname)); \
134 }
135
136 #define KAT_MILLION_A(Name, cname, refres) do { \
137 br_ ## cname ## _context mc; \
138 unsigned char buf[1000]; \
139 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
140 int i; \
141 \
142 hextobin(ref, refres); \
143 memset(buf, 'a', sizeof buf); \
144 br_ ## cname ## _init(&mc); \
145 for (i = 0; i < 1000; i ++) { \
146 br_ ## cname ## _update(&mc, buf, sizeof buf); \
147 } \
148 br_ ## cname ## _out(&mc, res); \
149 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
150 } while (0)
151
152 TEST_HASH(MD5, md5)
153 TEST_HASH(SHA-1, sha1)
154 TEST_HASH(SHA-224, sha224)
155 TEST_HASH(SHA-256, sha256)
156 TEST_HASH(SHA-384, sha384)
157 TEST_HASH(SHA-512, sha512)
158
159 static void
160 test_MD5(void)
161 {
162 printf("Test MD5: ");
163 fflush(stdout);
164 test_md5_internal("", "d41d8cd98f00b204e9800998ecf8427e");
165 test_md5_internal("a", "0cc175b9c0f1b6a831c399e269772661");
166 test_md5_internal("abc", "900150983cd24fb0d6963f7d28e17f72");
167 test_md5_internal("message digest", "f96b697d7cb7938d525a2f31aaf161d0");
168 test_md5_internal("abcdefghijklmnopqrstuvwxyz",
169 "c3fcd3d76192e4007dfb496cca67e13b");
170 test_md5_internal("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstu"
171 "vwxyz0123456789", "d174ab98d277d9f5a5611c2c9f419d9f");
172 test_md5_internal("1234567890123456789012345678901234567890123456789"
173 "0123456789012345678901234567890",
174 "57edf4a22be3c955ac49da2e2107b67a");
175 KAT_MILLION_A(MD5, md5,
176 "7707d6ae4e027c70eea2a935c2296f21");
177 printf("done.\n");
178 fflush(stdout);
179 }
180
181 static void
182 test_SHA1(void)
183 {
184 printf("Test SHA-1: ");
185 fflush(stdout);
186 test_sha1_internal("abc", "a9993e364706816aba3e25717850c26c9cd0d89d");
187 test_sha1_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
188 "nomnopnopq", "84983e441c3bd26ebaae4aa1f95129e5e54670f1");
189
190 KAT_MILLION_A(SHA-1, sha1,
191 "34aa973cd4c4daa4f61eeb2bdbad27316534016f");
192 printf("done.\n");
193 fflush(stdout);
194 }
195
196 static void
197 test_SHA224(void)
198 {
199 printf("Test SHA-224: ");
200 fflush(stdout);
201 test_sha224_internal("abc",
202 "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7");
203 test_sha224_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
204 "nomnopnopq",
205 "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525");
206
207 KAT_MILLION_A(SHA-224, sha224,
208 "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67");
209 printf("done.\n");
210 fflush(stdout);
211 }
212
213 static void
214 test_SHA256(void)
215 {
216 printf("Test SHA-256: ");
217 fflush(stdout);
218 test_sha256_internal("abc",
219 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
220 test_sha256_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
221 "nomnopnopq",
222 "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1");
223
224 KAT_MILLION_A(SHA-256, sha256,
225 "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0");
226 printf("done.\n");
227 fflush(stdout);
228 }
229
230 static void
231 test_SHA384(void)
232 {
233 printf("Test SHA-384: ");
234 fflush(stdout);
235 test_sha384_internal("abc",
236 "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded163"
237 "1a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7");
238 test_sha384_internal(
239 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
240 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
241 "09330c33f71147e83d192fc782cd1b4753111b173b3b05d2"
242 "2fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039");
243
244 KAT_MILLION_A(SHA-384, sha384,
245 "9d0e1809716474cb086e834e310a4a1ced149e9c00f24852"
246 "7972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985");
247 printf("done.\n");
248 fflush(stdout);
249 }
250
251 static void
252 test_SHA512(void)
253 {
254 printf("Test SHA-512: ");
255 fflush(stdout);
256 test_sha512_internal("abc",
257 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
258 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
259 test_sha512_internal(
260 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
261 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
262 "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
263 "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909");
264
265 KAT_MILLION_A(SHA-512, sha512,
266 "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973eb"
267 "de0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b");
268 printf("done.\n");
269 fflush(stdout);
270 }
271
272 static void
273 test_MD5_SHA1(void)
274 {
275 unsigned char buf[500], out[36], outM[16], outS[20];
276 unsigned char seed[1];
277 br_hmac_drbg_context rc;
278 br_md5_context mc;
279 br_sha1_context sc;
280 br_md5sha1_context cc;
281 size_t u;
282
283 printf("Test MD5+SHA-1: ");
284 fflush(stdout);
285
286 seed[0] = 0;
287 br_hmac_drbg_init(&rc, &br_sha256_vtable, seed, sizeof seed);
288 for (u = 0; u < sizeof buf; u ++) {
289 size_t v;
290
291 br_hmac_drbg_generate(&rc, buf, u);
292 br_md5_init(&mc);
293 br_md5_update(&mc, buf, u);
294 br_md5_out(&mc, outM);
295 br_sha1_init(&sc);
296 br_sha1_update(&sc, buf, u);
297 br_sha1_out(&sc, outS);
298 br_md5sha1_init(&cc);
299 br_md5sha1_update(&cc, buf, u);
300 br_md5sha1_out(&cc, out);
301 check_equals("MD5+SHA-1 [1]", out, outM, 16);
302 check_equals("MD5+SHA-1 [2]", out + 16, outS, 20);
303 br_md5sha1_init(&cc);
304 for (v = 0; v < u; v ++) {
305 br_md5sha1_update(&cc, buf + v, 1);
306 }
307 br_md5sha1_out(&cc, out);
308 check_equals("MD5+SHA-1 [3]", out, outM, 16);
309 check_equals("MD5+SHA-1 [4]", out + 16, outS, 20);
310 }
311
312 printf("done.\n");
313 fflush(stdout);
314 }
315
316 /*
317 * Compute a hash function, on some data, by ID. Returned value is
318 * hash output length.
319 */
320 static size_t
321 do_hash(int id, const void *data, size_t len, void *out)
322 {
323 br_md5_context cmd5;
324 br_sha1_context csha1;
325 br_sha224_context csha224;
326 br_sha256_context csha256;
327 br_sha384_context csha384;
328 br_sha512_context csha512;
329
330 switch (id) {
331 case br_md5_ID:
332 br_md5_init(&cmd5);
333 br_md5_update(&cmd5, data, len);
334 br_md5_out(&cmd5, out);
335 return 16;
336 case br_sha1_ID:
337 br_sha1_init(&csha1);
338 br_sha1_update(&csha1, data, len);
339 br_sha1_out(&csha1, out);
340 return 20;
341 case br_sha224_ID:
342 br_sha224_init(&csha224);
343 br_sha224_update(&csha224, data, len);
344 br_sha224_out(&csha224, out);
345 return 28;
346 case br_sha256_ID:
347 br_sha256_init(&csha256);
348 br_sha256_update(&csha256, data, len);
349 br_sha256_out(&csha256, out);
350 return 32;
351 case br_sha384_ID:
352 br_sha384_init(&csha384);
353 br_sha384_update(&csha384, data, len);
354 br_sha384_out(&csha384, out);
355 return 48;
356 case br_sha512_ID:
357 br_sha512_init(&csha512);
358 br_sha512_update(&csha512, data, len);
359 br_sha512_out(&csha512, out);
360 return 64;
361 default:
362 fprintf(stderr, "Uknown hash function: %d\n", id);
363 exit(EXIT_FAILURE);
364 return 0;
365 }
366 }
367
368 /*
369 * Tests for a multihash. Returned value should be 258 multiplied by the
370 * number of hash functions implemented by the context.
371 */
372 static int
373 test_multihash_inner(br_multihash_context *mc)
374 {
375 /*
376 * Try hashing messages for all lengths from 0 to 257 bytes
377 * (inclusive). Each attempt is done twice, with data input
378 * either in one go, or byte by byte. In the byte by byte
379 * test, intermediate result are obtained and checked.
380 */
381 size_t len;
382 unsigned char buf[258];
383 int i;
384 int tcount;
385
386 tcount = 0;
387 for (len = 0; len < sizeof buf; len ++) {
388 br_sha1_context sc;
389 unsigned char tmp[20];
390
391 br_sha1_init(&sc);
392 br_sha1_update(&sc, buf, len);
393 br_sha1_out(&sc, tmp);
394 buf[len] = tmp[0];
395 }
396 for (len = 0; len <= 257; len ++) {
397 size_t u;
398
399 br_multihash_init(mc);
400 br_multihash_update(mc, buf, len);
401 for (i = 1; i <= 6; i ++) {
402 unsigned char tmp[64], tmp2[64];
403 size_t olen, olen2;
404
405 olen = br_multihash_out(mc, i, tmp);
406 if (olen == 0) {
407 continue;
408 }
409 olen2 = do_hash(i, buf, len, tmp2);
410 if (olen != olen2) {
411 fprintf(stderr,
412 "Bad hash output length: %u / %u\n",
413 (unsigned)olen, (unsigned)olen2);
414 exit(EXIT_FAILURE);
415 }
416 check_equals("Hash output", tmp, tmp2, olen);
417 tcount ++;
418 }
419
420 br_multihash_init(mc);
421 for (u = 0; u < len; u ++) {
422 br_multihash_update(mc, buf + u, 1);
423 for (i = 1; i <= 6; i ++) {
424 unsigned char tmp[64], tmp2[64];
425 size_t olen, olen2;
426
427 olen = br_multihash_out(mc, i, tmp);
428 if (olen == 0) {
429 continue;
430 }
431 olen2 = do_hash(i, buf, u + 1, tmp2);
432 if (olen != olen2) {
433 fprintf(stderr, "Bad hash output"
434 " length: %u / %u\n",
435 (unsigned)olen,
436 (unsigned)olen2);
437 exit(EXIT_FAILURE);
438 }
439 check_equals("Hash output", tmp, tmp2, olen);
440 }
441 }
442 }
443 return tcount;
444 }
445
446 static void
447 test_multihash(void)
448 {
449 br_multihash_context mc;
450
451 printf("Test MultiHash: ");
452 fflush(stdout);
453
454 br_multihash_zero(&mc);
455 br_multihash_setimpl(&mc, br_md5_ID, &br_md5_vtable);
456 if (test_multihash_inner(&mc) != 258) {
457 fprintf(stderr, "Failed test count\n");
458 }
459 printf(".");
460 fflush(stdout);
461
462 br_multihash_zero(&mc);
463 br_multihash_setimpl(&mc, br_sha1_ID, &br_sha1_vtable);
464 if (test_multihash_inner(&mc) != 258) {
465 fprintf(stderr, "Failed test count\n");
466 }
467 printf(".");
468 fflush(stdout);
469
470 br_multihash_zero(&mc);
471 br_multihash_setimpl(&mc, br_sha224_ID, &br_sha224_vtable);
472 if (test_multihash_inner(&mc) != 258) {
473 fprintf(stderr, "Failed test count\n");
474 }
475 printf(".");
476 fflush(stdout);
477
478 br_multihash_zero(&mc);
479 br_multihash_setimpl(&mc, br_sha256_ID, &br_sha256_vtable);
480 if (test_multihash_inner(&mc) != 258) {
481 fprintf(stderr, "Failed test count\n");
482 }
483 printf(".");
484 fflush(stdout);
485
486 br_multihash_zero(&mc);
487 br_multihash_setimpl(&mc, br_sha384_ID, &br_sha384_vtable);
488 if (test_multihash_inner(&mc) != 258) {
489 fprintf(stderr, "Failed test count\n");
490 }
491 printf(".");
492 fflush(stdout);
493
494 br_multihash_zero(&mc);
495 br_multihash_setimpl(&mc, br_sha512_ID, &br_sha512_vtable);
496 if (test_multihash_inner(&mc) != 258) {
497 fprintf(stderr, "Failed test count\n");
498 }
499 printf(".");
500 fflush(stdout);
501
502 br_multihash_zero(&mc);
503 br_multihash_setimpl(&mc, br_md5_ID, &br_md5_vtable);
504 br_multihash_setimpl(&mc, br_sha1_ID, &br_sha1_vtable);
505 br_multihash_setimpl(&mc, br_sha224_ID, &br_sha224_vtable);
506 br_multihash_setimpl(&mc, br_sha256_ID, &br_sha256_vtable);
507 br_multihash_setimpl(&mc, br_sha384_ID, &br_sha384_vtable);
508 br_multihash_setimpl(&mc, br_sha512_ID, &br_sha512_vtable);
509 if (test_multihash_inner(&mc) != 258 * 6) {
510 fprintf(stderr, "Failed test count\n");
511 }
512 printf(".");
513 fflush(stdout);
514
515 printf("done.\n");
516 fflush(stdout);
517 }
518
519 static void
520 do_KAT_HMAC_bin_bin(const br_hash_class *digest_class,
521 const void *key, size_t key_len,
522 const void *data, size_t data_len, const char *href)
523 {
524 br_hmac_key_context kc;
525 br_hmac_context ctx;
526 unsigned char tmp[64], ref[64];
527 size_t u, len;
528
529 len = hextobin(ref, href);
530 br_hmac_key_init(&kc, digest_class, key, key_len);
531 br_hmac_init(&ctx, &kc, 0);
532 br_hmac_update(&ctx, data, data_len);
533 br_hmac_out(&ctx, tmp);
534 check_equals("KAT HMAC 1", tmp, ref, len);
535
536 br_hmac_init(&ctx, &kc, 0);
537 for (u = 0; u < data_len; u ++) {
538 br_hmac_update(&ctx, (const unsigned char *)data + u, 1);
539 }
540 br_hmac_out(&ctx, tmp);
541 check_equals("KAT HMAC 2", tmp, ref, len);
542
543 for (u = 0; u < data_len; u ++) {
544 br_hmac_init(&ctx, &kc, 0);
545 br_hmac_update(&ctx, data, u);
546 br_hmac_out(&ctx, tmp);
547 br_hmac_update(&ctx,
548 (const unsigned char *)data + u, data_len - u);
549 br_hmac_out(&ctx, tmp);
550 check_equals("KAT HMAC 3", tmp, ref, len);
551 }
552 }
553
554 static void
555 do_KAT_HMAC_str_str(const br_hash_class *digest_class, const char *key,
556 const char *data, const char *href)
557 {
558 do_KAT_HMAC_bin_bin(digest_class, key, strlen(key),
559 data, strlen(data), href);
560 }
561
562 static void
563 do_KAT_HMAC_hex_hex(const br_hash_class *digest_class, const char *skey,
564 const char *sdata, const char *href)
565 {
566 unsigned char key[1024];
567 unsigned char data[1024];
568
569 do_KAT_HMAC_bin_bin(digest_class, key, hextobin(key, skey),
570 data, hextobin(data, sdata), href);
571 }
572
573 static void
574 do_KAT_HMAC_hex_str(const br_hash_class *digest_class,
575 const char *skey, const char *data, const char *href)
576 {
577 unsigned char key[1024];
578
579 do_KAT_HMAC_bin_bin(digest_class, key, hextobin(key, skey),
580 data, strlen(data), href);
581 }
582
583 static void
584 test_HMAC_CT(const br_hash_class *digest_class,
585 const void *key, size_t key_len, const void *data)
586 {
587 br_hmac_key_context kc;
588 br_hmac_context hc1, hc2;
589 unsigned char buf1[64], buf2[64];
590 size_t u, v;
591
592 br_hmac_key_init(&kc, digest_class, key, key_len);
593
594 for (u = 0; u < 2; u ++) {
595 for (v = 0; v < 130; v ++) {
596 size_t min_len, max_len;
597 size_t w;
598
599 min_len = v;
600 max_len = v + 256;
601 for (w = min_len; w <= max_len; w ++) {
602 char tmp[30];
603 size_t hlen1, hlen2;
604
605 br_hmac_init(&hc1, &kc, 0);
606 br_hmac_update(&hc1, data, u + w);
607 hlen1 = br_hmac_out(&hc1, buf1);
608 br_hmac_init(&hc2, &kc, 0);
609 br_hmac_update(&hc2, data, u);
610 hlen2 = br_hmac_outCT(&hc2,
611 (const unsigned char *)data + u, w,
612 min_len, max_len, buf2);
613 if (hlen1 != hlen2) {
614 fprintf(stderr, "HMAC length mismatch:"
615 " %u / %u\n", (unsigned)hlen1,
616 (unsigned)hlen2);
617 exit(EXIT_FAILURE);
618 }
619 sprintf(tmp, "HMAC CT %u,%u,%u",
620 (unsigned)u, (unsigned)v, (unsigned)w);
621 check_equals(tmp, buf1, buf2, hlen1);
622 }
623 }
624 printf(".");
625 fflush(stdout);
626 }
627 printf(" ");
628 fflush(stdout);
629 }
630
631 static void
632 test_HMAC(void)
633 {
634 unsigned char data[1000];
635 unsigned x;
636 size_t u;
637 const char key[] = "test HMAC key";
638
639 printf("Test HMAC: ");
640 fflush(stdout);
641 do_KAT_HMAC_hex_str(&br_md5_vtable,
642 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
643 "Hi There",
644 "9294727a3638bb1c13f48ef8158bfc9d");
645 do_KAT_HMAC_str_str(&br_md5_vtable,
646 "Jefe",
647 "what do ya want for nothing?",
648 "750c783e6ab0b503eaa86e310a5db738");
649 do_KAT_HMAC_hex_hex(&br_md5_vtable,
650 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
651 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
652 "56be34521d144c88dbb8c733f0e8b3f6");
653 do_KAT_HMAC_hex_hex(&br_md5_vtable,
654 "0102030405060708090a0b0c0d0e0f10111213141516171819",
655 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
656 "697eaf0aca3a3aea3a75164746ffaa79");
657 do_KAT_HMAC_hex_str(&br_md5_vtable,
658 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
659 "Test With Truncation",
660 "56461ef2342edc00f9bab995690efd4c");
661 do_KAT_HMAC_hex_str(&br_md5_vtable,
662 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
663 "Test Using Larger Than Block-Size Key - Hash Key First",
664 "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd");
665 do_KAT_HMAC_hex_str(&br_md5_vtable,
666 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
667 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
668 "6f630fad67cda0ee1fb1f562db3aa53e");
669
670 do_KAT_HMAC_hex_str(&br_sha1_vtable,
671 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
672 "Hi There",
673 "b617318655057264e28bc0b6fb378c8ef146be00");
674 do_KAT_HMAC_str_str(&br_sha1_vtable,
675 "Jefe",
676 "what do ya want for nothing?",
677 "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79");
678 do_KAT_HMAC_hex_hex(&br_sha1_vtable,
679 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
680 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
681 "125d7342b9ac11cd91a39af48aa17b4f63f175d3");
682 do_KAT_HMAC_hex_hex(&br_sha1_vtable,
683 "0102030405060708090a0b0c0d0e0f10111213141516171819",
684 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
685 "4c9007f4026250c6bc8414f9bf50c86c2d7235da");
686 do_KAT_HMAC_hex_str(&br_sha1_vtable,
687 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
688 "Test With Truncation",
689 "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04");
690 do_KAT_HMAC_hex_str(&br_sha1_vtable,
691 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
692 "Test Using Larger Than Block-Size Key - Hash Key First",
693 "aa4ae5e15272d00e95705637ce8a3b55ed402112");
694 do_KAT_HMAC_hex_str(&br_sha1_vtable,
695 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
696 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
697 "e8e99d0f45237d786d6bbaa7965c7808bbff1a91");
698
699 /* From RFC 4231 */
700
701 do_KAT_HMAC_hex_hex(&br_sha224_vtable,
702 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
703 "4869205468657265",
704 "896fb1128abbdf196832107cd49df33f"
705 "47b4b1169912ba4f53684b22");
706
707 do_KAT_HMAC_hex_hex(&br_sha256_vtable,
708 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
709 "4869205468657265",
710 "b0344c61d8db38535ca8afceaf0bf12b"
711 "881dc200c9833da726e9376c2e32cff7");
712
713 do_KAT_HMAC_hex_hex(&br_sha384_vtable,
714 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
715 "4869205468657265",
716 "afd03944d84895626b0825f4ab46907f"
717 "15f9dadbe4101ec682aa034c7cebc59c"
718 "faea9ea9076ede7f4af152e8b2fa9cb6");
719
720 do_KAT_HMAC_hex_hex(&br_sha512_vtable,
721 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
722 "4869205468657265",
723 "87aa7cdea5ef619d4ff0b4241a1d6cb0"
724 "2379f4e2ce4ec2787ad0b30545e17cde"
725 "daa833b7d6b8a702038b274eaea3f4e4"
726 "be9d914eeb61f1702e696c203a126854");
727
728 do_KAT_HMAC_hex_hex(&br_sha224_vtable,
729 "4a656665",
730 "7768617420646f2079612077616e7420"
731 "666f72206e6f7468696e673f",
732 "a30e01098bc6dbbf45690f3a7e9e6d0f"
733 "8bbea2a39e6148008fd05e44");
734
735 do_KAT_HMAC_hex_hex(&br_sha256_vtable,
736 "4a656665",
737 "7768617420646f2079612077616e7420"
738 "666f72206e6f7468696e673f",
739 "5bdcc146bf60754e6a042426089575c7"
740 "5a003f089d2739839dec58b964ec3843");
741
742 do_KAT_HMAC_hex_hex(&br_sha384_vtable,
743 "4a656665",
744 "7768617420646f2079612077616e7420"
745 "666f72206e6f7468696e673f",
746 "af45d2e376484031617f78d2b58a6b1b"
747 "9c7ef464f5a01b47e42ec3736322445e"
748 "8e2240ca5e69e2c78b3239ecfab21649");
749
750 do_KAT_HMAC_hex_hex(&br_sha512_vtable,
751 "4a656665",
752 "7768617420646f2079612077616e7420"
753 "666f72206e6f7468696e673f",
754 "164b7a7bfcf819e2e395fbe73b56e0a3"
755 "87bd64222e831fd610270cd7ea250554"
756 "9758bf75c05a994a6d034f65f8f0e6fd"
757 "caeab1a34d4a6b4b636e070a38bce737");
758
759 do_KAT_HMAC_hex_hex(&br_sha224_vtable,
760 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
761 "aaaaaaaa",
762 "dddddddddddddddddddddddddddddddd"
763 "dddddddddddddddddddddddddddddddd"
764 "dddddddddddddddddddddddddddddddd"
765 "dddd",
766 "7fb3cb3588c6c1f6ffa9694d7d6ad264"
767 "9365b0c1f65d69d1ec8333ea");
768
769 do_KAT_HMAC_hex_hex(&br_sha256_vtable,
770 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
771 "aaaaaaaa",
772 "dddddddddddddddddddddddddddddddd"
773 "dddddddddddddddddddddddddddddddd"
774 "dddddddddddddddddddddddddddddddd"
775 "dddd",
776 "773ea91e36800e46854db8ebd09181a7"
777 "2959098b3ef8c122d9635514ced565fe");
778
779 do_KAT_HMAC_hex_hex(&br_sha384_vtable,
780 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
781 "aaaaaaaa",
782 "dddddddddddddddddddddddddddddddd"
783 "dddddddddddddddddddddddddddddddd"
784 "dddddddddddddddddddddddddddddddd"
785 "dddd",
786 "88062608d3e6ad8a0aa2ace014c8a86f"
787 "0aa635d947ac9febe83ef4e55966144b"
788 "2a5ab39dc13814b94e3ab6e101a34f27");
789
790 do_KAT_HMAC_hex_hex(&br_sha512_vtable,
791 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
792 "aaaaaaaa",
793 "dddddddddddddddddddddddddddddddd"
794 "dddddddddddddddddddddddddddddddd"
795 "dddddddddddddddddddddddddddddddd"
796 "dddd",
797 "fa73b0089d56a284efb0f0756c890be9"
798 "b1b5dbdd8ee81a3655f83e33b2279d39"
799 "bf3e848279a722c806b485a47e67c807"
800 "b946a337bee8942674278859e13292fb");
801
802 do_KAT_HMAC_hex_hex(&br_sha224_vtable,
803 "0102030405060708090a0b0c0d0e0f10"
804 "111213141516171819",
805 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
806 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
807 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
808 "cdcd",
809 "6c11506874013cac6a2abc1bb382627c"
810 "ec6a90d86efc012de7afec5a");
811
812 do_KAT_HMAC_hex_hex(&br_sha256_vtable,
813 "0102030405060708090a0b0c0d0e0f10"
814 "111213141516171819",
815 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
816 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
817 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
818 "cdcd",
819 "82558a389a443c0ea4cc819899f2083a"
820 "85f0faa3e578f8077a2e3ff46729665b");
821
822 do_KAT_HMAC_hex_hex(&br_sha384_vtable,
823 "0102030405060708090a0b0c0d0e0f10"
824 "111213141516171819",
825 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
826 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
827 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
828 "cdcd",
829 "3e8a69b7783c25851933ab6290af6ca7"
830 "7a9981480850009cc5577c6e1f573b4e"
831 "6801dd23c4a7d679ccf8a386c674cffb");
832
833 do_KAT_HMAC_hex_hex(&br_sha512_vtable,
834 "0102030405060708090a0b0c0d0e0f10"
835 "111213141516171819",
836 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
837 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
838 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
839 "cdcd",
840 "b0ba465637458c6990e5a8c5f61d4af7"
841 "e576d97ff94b872de76f8050361ee3db"
842 "a91ca5c11aa25eb4d679275cc5788063"
843 "a5f19741120c4f2de2adebeb10a298dd");
844
845 do_KAT_HMAC_hex_hex(&br_sha224_vtable,
846 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
847 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
848 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
849 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
850 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
851 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
852 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
853 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
854 "aaaaaa",
855 "54657374205573696e67204c61726765"
856 "72205468616e20426c6f636b2d53697a"
857 "65204b6579202d2048617368204b6579"
858 "204669727374",
859 "95e9a0db962095adaebe9b2d6f0dbce2"
860 "d499f112f2d2b7273fa6870e");
861
862 do_KAT_HMAC_hex_hex(&br_sha256_vtable,
863 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
864 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
865 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
866 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
867 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
868 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
869 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
870 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
871 "aaaaaa",
872 "54657374205573696e67204c61726765"
873 "72205468616e20426c6f636b2d53697a"
874 "65204b6579202d2048617368204b6579"
875 "204669727374",
876 "60e431591ee0b67f0d8a26aacbf5b77f"
877 "8e0bc6213728c5140546040f0ee37f54");
878
879 do_KAT_HMAC_hex_hex(&br_sha384_vtable,
880 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
881 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
882 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
883 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
884 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
885 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
886 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
887 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
888 "aaaaaa",
889 "54657374205573696e67204c61726765"
890 "72205468616e20426c6f636b2d53697a"
891 "65204b6579202d2048617368204b6579"
892 "204669727374",
893 "4ece084485813e9088d2c63a041bc5b4"
894 "4f9ef1012a2b588f3cd11f05033ac4c6"
895 "0c2ef6ab4030fe8296248df163f44952");
896
897 do_KAT_HMAC_hex_hex(&br_sha512_vtable,
898 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
899 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
900 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
901 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
902 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
903 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
904 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
905 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
906 "aaaaaa",
907 "54657374205573696e67204c61726765"
908 "72205468616e20426c6f636b2d53697a"
909 "65204b6579202d2048617368204b6579"
910 "204669727374",
911 "80b24263c7c1a3ebb71493c1dd7be8b4"
912 "9b46d1f41b4aeec1121b013783f8f352"
913 "6b56d037e05f2598bd0fd2215d6a1e52"
914 "95e64f73f63f0aec8b915a985d786598");
915
916 do_KAT_HMAC_hex_hex(&br_sha224_vtable,
917 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
918 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
919 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
920 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
921 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
922 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
923 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
924 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
925 "aaaaaa",
926 "54686973206973206120746573742075"
927 "73696e672061206c6172676572207468"
928 "616e20626c6f636b2d73697a65206b65"
929 "7920616e642061206c61726765722074"
930 "68616e20626c6f636b2d73697a652064"
931 "6174612e20546865206b6579206e6565"
932 "647320746f2062652068617368656420"
933 "6265666f7265206265696e6720757365"
934 "642062792074686520484d414320616c"
935 "676f726974686d2e",
936 "3a854166ac5d9f023f54d517d0b39dbd"
937 "946770db9c2b95c9f6f565d1");
938
939 do_KAT_HMAC_hex_hex(&br_sha256_vtable,
940 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
941 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
942 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
943 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
944 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
945 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
946 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
947 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
948 "aaaaaa",
949 "54686973206973206120746573742075"
950 "73696e672061206c6172676572207468"
951 "616e20626c6f636b2d73697a65206b65"
952 "7920616e642061206c61726765722074"
953 "68616e20626c6f636b2d73697a652064"
954 "6174612e20546865206b6579206e6565"
955 "647320746f2062652068617368656420"
956 "6265666f7265206265696e6720757365"
957 "642062792074686520484d414320616c"
958 "676f726974686d2e",
959 "9b09ffa71b942fcb27635fbcd5b0e944"
960 "bfdc63644f0713938a7f51535c3a35e2");
961
962 do_KAT_HMAC_hex_hex(&br_sha384_vtable,
963 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
964 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
965 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
966 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
967 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
968 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
969 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
970 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
971 "aaaaaa",
972 "54686973206973206120746573742075"
973 "73696e672061206c6172676572207468"
974 "616e20626c6f636b2d73697a65206b65"
975 "7920616e642061206c61726765722074"
976 "68616e20626c6f636b2d73697a652064"
977 "6174612e20546865206b6579206e6565"
978 "647320746f2062652068617368656420"
979 "6265666f7265206265696e6720757365"
980 "642062792074686520484d414320616c"
981 "676f726974686d2e",
982 "6617178e941f020d351e2f254e8fd32c"
983 "602420feb0b8fb9adccebb82461e99c5"
984 "a678cc31e799176d3860e6110c46523e");
985
986 do_KAT_HMAC_hex_hex(&br_sha512_vtable,
987 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
988 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
989 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
990 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
991 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
992 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
993 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
994 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
995 "aaaaaa",
996 "54686973206973206120746573742075"
997 "73696e672061206c6172676572207468"
998 "616e20626c6f636b2d73697a65206b65"
999 "7920616e642061206c61726765722074"
1000 "68616e20626c6f636b2d73697a652064"
1001 "6174612e20546865206b6579206e6565"
1002 "647320746f2062652068617368656420"
1003 "6265666f7265206265696e6720757365"
1004 "642062792074686520484d414320616c"
1005 "676f726974686d2e",
1006 "e37b6a775dc87dbaa4dfa9f96e5e3ffd"
1007 "debd71f8867289865df5a32d20cdc944"
1008 "b6022cac3c4982b10d5eeb55c3e4de15"
1009 "134676fb6de0446065c97440fa8c6a58");
1010
1011 for (x = 1, u = 0; u < sizeof data; u ++) {
1012 data[u] = x;
1013 x = (x * 45) % 257;
1014 }
1015 printf("(MD5) ");
1016 test_HMAC_CT(&br_md5_vtable, key, sizeof key, data);
1017 printf("(SHA-1) ");
1018 test_HMAC_CT(&br_sha1_vtable, key, sizeof key, data);
1019 printf("(SHA-224) ");
1020 test_HMAC_CT(&br_sha224_vtable, key, sizeof key, data);
1021 printf("(SHA-256) ");
1022 test_HMAC_CT(&br_sha256_vtable, key, sizeof key, data);
1023 printf("(SHA-384) ");
1024 test_HMAC_CT(&br_sha384_vtable, key, sizeof key, data);
1025 printf("(SHA-512) ");
1026 test_HMAC_CT(&br_sha512_vtable, key, sizeof key, data);
1027
1028 printf("done.\n");
1029 fflush(stdout);
1030 }
1031
1032 static void
1033 test_HKDF_inner(const br_hash_class *dig, const char *ikmhex,
1034 const char *salthex, const char *infohex, const char *okmhex)
1035 {
1036 unsigned char ikm[100], saltbuf[100], info[100], okm[100], tmp[107];
1037 const unsigned char *salt;
1038 size_t ikm_len, salt_len, info_len, okm_len;
1039 br_hkdf_context hc;
1040 size_t u;
1041
1042 ikm_len = hextobin(ikm, ikmhex);
1043 if (salthex == NULL) {
1044 salt = BR_HKDF_NO_SALT;
1045 salt_len = 0;
1046 } else {
1047 salt = saltbuf;
1048 salt_len = hextobin(saltbuf, salthex);
1049 }
1050 info_len = hextobin(info, infohex);
1051 okm_len = hextobin(okm, okmhex);
1052
1053 br_hkdf_init(&hc, dig, salt, salt_len);
1054 br_hkdf_inject(&hc, ikm, ikm_len);
1055 br_hkdf_flip(&hc);
1056 br_hkdf_produce(&hc, info, info_len, tmp, okm_len);
1057 check_equals("KAT HKDF 1", tmp, okm, okm_len);
1058
1059 br_hkdf_init(&hc, dig, salt, salt_len);
1060 for (u = 0; u < ikm_len; u ++) {
1061 br_hkdf_inject(&hc, &ikm[u], 1);
1062 }
1063 br_hkdf_flip(&hc);
1064 for (u = 0; u < okm_len; u ++) {
1065 br_hkdf_produce(&hc, info, info_len, &tmp[u], 1);
1066 }
1067 check_equals("KAT HKDF 2", tmp, okm, okm_len);
1068
1069 br_hkdf_init(&hc, dig, salt, salt_len);
1070 br_hkdf_inject(&hc, ikm, ikm_len);
1071 br_hkdf_flip(&hc);
1072 for (u = 0; u < okm_len; u += 7) {
1073 br_hkdf_produce(&hc, info, info_len, &tmp[u], 7);
1074 }
1075 check_equals("KAT HKDF 3", tmp, okm, okm_len);
1076
1077 printf(".");
1078 fflush(stdout);
1079 }
1080
1081 static void
1082 test_HKDF(void)
1083 {
1084 printf("Test HKDF: ");
1085 fflush(stdout);
1086
1087 test_HKDF_inner(&br_sha256_vtable,
1088 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
1089 "000102030405060708090a0b0c",
1090 "f0f1f2f3f4f5f6f7f8f9",
1091 "3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865");
1092
1093 test_HKDF_inner(&br_sha256_vtable,
1094 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f",
1095 "606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
1096 "b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
1097 "b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87");
1098
1099 test_HKDF_inner(&br_sha256_vtable,
1100 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
1101 "",
1102 "",
1103 "8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8");
1104
1105 test_HKDF_inner(&br_sha1_vtable,
1106 "0b0b0b0b0b0b0b0b0b0b0b",
1107 "000102030405060708090a0b0c",
1108 "f0f1f2f3f4f5f6f7f8f9",
1109 "085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896");
1110
1111 test_HKDF_inner(&br_sha1_vtable,
1112 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f",
1113 "606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
1114 "b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
1115 "0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4");
1116
1117 test_HKDF_inner(&br_sha1_vtable,
1118 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
1119 "",
1120 "",
1121 "0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918");
1122
1123 test_HKDF_inner(&br_sha1_vtable,
1124 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
1125 NULL,
1126 "",
1127 "2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48");
1128
1129 printf(" done.\n");
1130 fflush(stdout);
1131 }
1132
1133 static void
1134 test_HMAC_DRBG(void)
1135 {
1136 br_hmac_drbg_context ctx;
1137 unsigned char seed[42], tmp[30];
1138 unsigned char ref1[30], ref2[30], ref3[30];
1139 size_t seed_len;
1140
1141 printf("Test HMAC_DRBG: ");
1142 fflush(stdout);
1143
1144 seed_len = hextobin(seed,
1145 "009A4D6792295A7F730FC3F2B49CBC0F62E862272F"
1146 "01795EDF0D54DB760F156D0DAC04C0322B3A204224");
1147 hextobin(ref1,
1148 "9305A46DE7FF8EB107194DEBD3FD48AA"
1149 "20D5E7656CBE0EA69D2A8D4E7C67");
1150 hextobin(ref2,
1151 "C70C78608A3B5BE9289BE90EF6E81A9E"
1152 "2C1516D5751D2F75F50033E45F73");
1153 hextobin(ref3,
1154 "475E80E992140567FCC3A50DAB90FE84"
1155 "BCD7BB03638E9C4656A06F37F650");
1156 br_hmac_drbg_init(&ctx, &br_sha256_vtable, seed, seed_len);
1157 br_hmac_drbg_generate(&ctx, tmp, sizeof tmp);
1158 check_equals("KAT HMAC_DRBG 1", tmp, ref1, sizeof tmp);
1159 br_hmac_drbg_generate(&ctx, tmp, sizeof tmp);
1160 check_equals("KAT HMAC_DRBG 2", tmp, ref2, sizeof tmp);
1161 br_hmac_drbg_generate(&ctx, tmp, sizeof tmp);
1162 check_equals("KAT HMAC_DRBG 3", tmp, ref3, sizeof tmp);
1163
1164 memset(&ctx, 0, sizeof ctx);
1165 br_hmac_drbg_vtable.init(&ctx.vtable,
1166 &br_sha256_vtable, seed, seed_len);
1167 ctx.vtable->generate(&ctx.vtable, tmp, sizeof tmp);
1168 check_equals("KAT HMAC_DRBG 4", tmp, ref1, sizeof tmp);
1169 ctx.vtable->generate(&ctx.vtable, tmp, sizeof tmp);
1170 check_equals("KAT HMAC_DRBG 5", tmp, ref2, sizeof tmp);
1171 ctx.vtable->generate(&ctx.vtable, tmp, sizeof tmp);
1172 check_equals("KAT HMAC_DRBG 6", tmp, ref3, sizeof tmp);
1173
1174 printf("done.\n");
1175 fflush(stdout);
1176 }
1177
1178 static void
1179 test_AESCTR_DRBG(void)
1180 {
1181 br_aesctr_drbg_context ctx;
1182 const br_block_ctr_class *ictr;
1183 unsigned char tmp1[64], tmp2[64];
1184
1185 printf("Test AESCTR_DRBG: ");
1186 fflush(stdout);
1187
1188 ictr = br_aes_x86ni_ctr_get_vtable();
1189 if (ictr == NULL) {
1190 ictr = br_aes_pwr8_ctr_get_vtable();
1191 if (ictr == NULL) {
1192 #if BR_64
1193 ictr = &br_aes_ct64_ctr_vtable;
1194 #else
1195 ictr = &br_aes_ct_ctr_vtable;
1196 #endif
1197 }
1198 }
1199 br_aesctr_drbg_init(&ctx, ictr, NULL, 0);
1200 ctx.vtable->generate(&ctx.vtable, tmp1, sizeof tmp1);
1201 ctx.vtable->update(&ctx.vtable, "new seed", 8);
1202 ctx.vtable->generate(&ctx.vtable, tmp2, sizeof tmp2);
1203
1204 if (memcmp(tmp1, tmp2, sizeof tmp1) == 0) {
1205 fprintf(stderr, "AESCTR_DRBG failure\n");
1206 exit(EXIT_FAILURE);
1207 }
1208
1209 printf("done.\n");
1210 fflush(stdout);
1211 }
1212
1213 static void
1214 do_KAT_PRF(br_tls_prf_impl prf,
1215 const char *ssecret, const char *label, const char *sseed,
1216 const char *sref)
1217 {
1218 unsigned char secret[100], seed[100], ref[500], out[500];
1219 size_t secret_len, seed_len, ref_len;
1220 br_tls_prf_seed_chunk chunks[2];
1221
1222 secret_len = hextobin(secret, ssecret);
1223 seed_len = hextobin(seed, sseed);
1224 ref_len = hextobin(ref, sref);
1225
1226 chunks[0].data = seed;
1227 chunks[0].len = seed_len;
1228 prf(out, ref_len, secret, secret_len, label, 1, chunks);
1229 check_equals("TLS PRF KAT 1", out, ref, ref_len);
1230
1231 chunks[0].data = seed;
1232 chunks[0].len = seed_len;
1233 chunks[1].data = NULL;
1234 chunks[1].len = 0;
1235 prf(out, ref_len, secret, secret_len, label, 2, chunks);
1236 check_equals("TLS PRF KAT 2", out, ref, ref_len);
1237
1238 chunks[0].data = NULL;
1239 chunks[0].len = 0;
1240 chunks[1].data = seed;
1241 chunks[1].len = seed_len;
1242 prf(out, ref_len, secret, secret_len, label, 2, chunks);
1243 check_equals("TLS PRF KAT 3", out, ref, ref_len);
1244
1245 chunks[0].data = seed;
1246 chunks[0].len = seed_len >> 1;
1247 chunks[1].data = seed + chunks[0].len;
1248 chunks[1].len = seed_len - chunks[0].len;
1249 prf(out, ref_len, secret, secret_len, label, 2, chunks);
1250 check_equals("TLS PRF KAT 4", out, ref, ref_len);
1251 }
1252
1253 static void
1254 test_PRF(void)
1255 {
1256 printf("Test TLS PRF: ");
1257 fflush(stdout);
1258
1259 /*
1260 * Test vector taken from an email that was on:
1261 * http://www.imc.org/ietf-tls/mail-archive/msg01589.html
1262 * but no longer exists there; a version archived in 2008
1263 * can be found on http://www.archive.org/
1264 */
1265 do_KAT_PRF(&br_tls10_prf,
1266 "abababababababababababababababababababababababababababababababababababababababababababababababab",
1267 "PRF Testvector",
1268 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
1269 "d3d4d1e349b5d515044666d51de32bab258cb521b6b053463e354832fd976754443bcf9a296519bc289abcbc1187e4ebd31e602353776c408aafb74cbc85eff69255f9788faa184cbb957a9819d84a5d7eb006eb459d3ae8de9810454b8b2d8f1afbc655a8c9a013");
1270
1271 /*
1272 * Test vectors are taken from:
1273 * https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
1274 */
1275 do_KAT_PRF(&br_tls12_sha256_prf,
1276 "9bbe436ba940f017b17652849a71db35",
1277 "test label",
1278 "a0ba9f936cda311827a6f796ffd5198c",
1279 "e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66");
1280 do_KAT_PRF(&br_tls12_sha384_prf,
1281 "b80b733d6ceefcdc71566ea48e5567df",
1282 "test label",
1283 "cd665cf6a8447dd6ff8b27555edb7465",
1284 "7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f");
1285
1286 printf("done.\n");
1287 fflush(stdout);
1288 }
1289
1290 /*
1291 * AES known-answer tests. Order: key, plaintext, ciphertext.
1292 */
1293 static const char *const KAT_AES[] = {
1294 /*
1295 * From FIPS-197.
1296 */
1297 "000102030405060708090a0b0c0d0e0f",
1298 "00112233445566778899aabbccddeeff",
1299 "69c4e0d86a7b0430d8cdb78070b4c55a",
1300
1301 "000102030405060708090a0b0c0d0e0f1011121314151617",
1302 "00112233445566778899aabbccddeeff",
1303 "dda97ca4864cdfe06eaf70a0ec0d7191",
1304
1305 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
1306 "00112233445566778899aabbccddeeff",
1307 "8ea2b7ca516745bfeafc49904b496089",
1308
1309 /*
1310 * From NIST validation suite (ECBVarTxt128.rsp).
1311 */
1312 "00000000000000000000000000000000",
1313 "80000000000000000000000000000000",
1314 "3ad78e726c1ec02b7ebfe92b23d9ec34",
1315
1316 "00000000000000000000000000000000",
1317 "c0000000000000000000000000000000",
1318 "aae5939c8efdf2f04e60b9fe7117b2c2",
1319
1320 "00000000000000000000000000000000",
1321 "e0000000000000000000000000000000",
1322 "f031d4d74f5dcbf39daaf8ca3af6e527",
1323
1324 "00000000000000000000000000000000",
1325 "f0000000000000000000000000000000",
1326 "96d9fd5cc4f07441727df0f33e401a36",
1327
1328 "00000000000000000000000000000000",
1329 "f8000000000000000000000000000000",
1330 "30ccdb044646d7e1f3ccea3dca08b8c0",
1331
1332 "00000000000000000000000000000000",
1333 "fc000000000000000000000000000000",
1334 "16ae4ce5042a67ee8e177b7c587ecc82",
1335
1336 "00000000000000000000000000000000",
1337 "fe000000000000000000000000000000",
1338 "b6da0bb11a23855d9c5cb1b4c6412e0a",
1339
1340 "00000000000000000000000000000000",
1341 "ff000000000000000000000000000000",
1342 "db4f1aa530967d6732ce4715eb0ee24b",
1343
1344 "00000000000000000000000000000000",
1345 "ff800000000000000000000000000000",
1346 "a81738252621dd180a34f3455b4baa2f",
1347
1348 "00000000000000000000000000000000",
1349 "ffc00000000000000000000000000000",
1350 "77e2b508db7fd89234caf7939ee5621a",
1351
1352 "00000000000000000000000000000000",
1353 "ffe00000000000000000000000000000",
1354 "b8499c251f8442ee13f0933b688fcd19",
1355
1356 "00000000000000000000000000000000",
1357 "fff00000000000000000000000000000",
1358 "965135f8a81f25c9d630b17502f68e53",
1359
1360 "00000000000000000000000000000000",
1361 "fff80000000000000000000000000000",
1362 "8b87145a01ad1c6cede995ea3670454f",
1363
1364 "00000000000000000000000000000000",
1365 "fffc0000000000000000000000000000",
1366 "8eae3b10a0c8ca6d1d3b0fa61e56b0b2",
1367
1368 "00000000000000000000000000000000",
1369 "fffe0000000000000000000000000000",
1370 "64b4d629810fda6bafdf08f3b0d8d2c5",
1371
1372 "00000000000000000000000000000000",
1373 "ffff0000000000000000000000000000",
1374 "d7e5dbd3324595f8fdc7d7c571da6c2a",
1375
1376 "00000000000000000000000000000000",
1377 "ffff8000000000000000000000000000",
1378 "f3f72375264e167fca9de2c1527d9606",
1379
1380 "00000000000000000000000000000000",
1381 "ffffc000000000000000000000000000",
1382 "8ee79dd4f401ff9b7ea945d86666c13b",
1383
1384 "00000000000000000000000000000000",
1385 "ffffe000000000000000000000000000",
1386 "dd35cea2799940b40db3f819cb94c08b",
1387
1388 "00000000000000000000000000000000",
1389 "fffff000000000000000000000000000",
1390 "6941cb6b3e08c2b7afa581ebdd607b87",
1391
1392 "00000000000000000000000000000000",
1393 "fffff800000000000000000000000000",
1394 "2c20f439f6bb097b29b8bd6d99aad799",
1395
1396 "00000000000000000000000000000000",
1397 "fffffc00000000000000000000000000",
1398 "625d01f058e565f77ae86378bd2c49b3",
1399
1400 "00000000000000000000000000000000",
1401 "fffffe00000000000000000000000000",
1402 "c0b5fd98190ef45fbb4301438d095950",
1403
1404 "00000000000000000000000000000000",
1405 "ffffff00000000000000000000000000",
1406 "13001ff5d99806efd25da34f56be854b",
1407
1408 "00000000000000000000000000000000",
1409 "ffffff80000000000000000000000000",
1410 "3b594c60f5c8277a5113677f94208d82",
1411
1412 "00000000000000000000000000000000",
1413 "ffffffc0000000000000000000000000",
1414 "e9c0fc1818e4aa46bd2e39d638f89e05",
1415
1416 "00000000000000000000000000000000",
1417 "ffffffe0000000000000000000000000",
1418 "f8023ee9c3fdc45a019b4e985c7e1a54",
1419
1420 "00000000000000000000000000000000",
1421 "fffffff0000000000000000000000000",
1422 "35f40182ab4662f3023baec1ee796b57",
1423
1424 "00000000000000000000000000000000",
1425 "fffffff8000000000000000000000000",
1426 "3aebbad7303649b4194a6945c6cc3694",
1427
1428 "00000000000000000000000000000000",
1429 "fffffffc000000000000000000000000",
1430 "a2124bea53ec2834279bed7f7eb0f938",
1431
1432 "00000000000000000000000000000000",
1433 "fffffffe000000000000000000000000",
1434 "b9fb4399fa4facc7309e14ec98360b0a",
1435
1436 "00000000000000000000000000000000",
1437 "ffffffff000000000000000000000000",
1438 "c26277437420c5d634f715aea81a9132",
1439
1440 "00000000000000000000000000000000",
1441 "ffffffff800000000000000000000000",
1442 "171a0e1b2dd424f0e089af2c4c10f32f",
1443
1444 "00000000000000000000000000000000",
1445 "ffffffffc00000000000000000000000",
1446 "7cadbe402d1b208fe735edce00aee7ce",
1447
1448 "00000000000000000000000000000000",
1449 "ffffffffe00000000000000000000000",
1450 "43b02ff929a1485af6f5c6d6558baa0f",
1451
1452 "00000000000000000000000000000000",
1453 "fffffffff00000000000000000000000",
1454 "092faacc9bf43508bf8fa8613ca75dea",
1455
1456 "00000000000000000000000000000000",
1457 "fffffffff80000000000000000000000",
1458 "cb2bf8280f3f9742c7ed513fe802629c",
1459
1460 "00000000000000000000000000000000",
1461 "fffffffffc0000000000000000000000",
1462 "215a41ee442fa992a6e323986ded3f68",
1463
1464 "00000000000000000000000000000000",
1465 "fffffffffe0000000000000000000000",
1466 "f21e99cf4f0f77cea836e11a2fe75fb1",
1467
1468 "00000000000000000000000000000000",
1469 "ffffffffff0000000000000000000000",
1470 "95e3a0ca9079e646331df8b4e70d2cd6",
1471
1472 "00000000000000000000000000000000",
1473 "ffffffffff8000000000000000000000",
1474 "4afe7f120ce7613f74fc12a01a828073",
1475
1476 "00000000000000000000000000000000",
1477 "ffffffffffc000000000000000000000",
1478 "827f000e75e2c8b9d479beed913fe678",
1479
1480 "00000000000000000000000000000000",
1481 "ffffffffffe000000000000000000000",
1482 "35830c8e7aaefe2d30310ef381cbf691",
1483
1484 "00000000000000000000000000000000",
1485 "fffffffffff000000000000000000000",
1486 "191aa0f2c8570144f38657ea4085ebe5",
1487
1488 "00000000000000000000000000000000",
1489 "fffffffffff800000000000000000000",
1490 "85062c2c909f15d9269b6c18ce99c4f0",
1491
1492 "00000000000000000000000000000000",
1493 "fffffffffffc00000000000000000000",
1494 "678034dc9e41b5a560ed239eeab1bc78",
1495
1496 "00000000000000000000000000000000",
1497 "fffffffffffe00000000000000000000",
1498 "c2f93a4ce5ab6d5d56f1b93cf19911c1",
1499
1500 "00000000000000000000000000000000",
1501 "ffffffffffff00000000000000000000",
1502 "1c3112bcb0c1dcc749d799743691bf82",
1503
1504 "00000000000000000000000000000000",
1505 "ffffffffffff80000000000000000000",
1506 "00c55bd75c7f9c881989d3ec1911c0d4",
1507
1508 "00000000000000000000000000000000",
1509 "ffffffffffffc0000000000000000000",
1510 "ea2e6b5ef182b7dff3629abd6a12045f",
1511
1512 "00000000000000000000000000000000",
1513 "ffffffffffffe0000000000000000000",
1514 "22322327e01780b17397f24087f8cc6f",
1515
1516 "00000000000000000000000000000000",
1517 "fffffffffffff0000000000000000000",
1518 "c9cacb5cd11692c373b2411768149ee7",
1519
1520 "00000000000000000000000000000000",
1521 "fffffffffffff8000000000000000000",
1522 "a18e3dbbca577860dab6b80da3139256",
1523
1524 "00000000000000000000000000000000",
1525 "fffffffffffffc000000000000000000",
1526 "79b61c37bf328ecca8d743265a3d425c",
1527
1528 "00000000000000000000000000000000",
1529 "fffffffffffffe000000000000000000",
1530 "d2d99c6bcc1f06fda8e27e8ae3f1ccc7",
1531
1532 "00000000000000000000000000000000",
1533 "ffffffffffffff000000000000000000",
1534 "1bfd4b91c701fd6b61b7f997829d663b",
1535
1536 "00000000000000000000000000000000",
1537 "ffffffffffffff800000000000000000",
1538 "11005d52f25f16bdc9545a876a63490a",
1539
1540 "00000000000000000000000000000000",
1541 "ffffffffffffffc00000000000000000",
1542 "3a4d354f02bb5a5e47d39666867f246a",
1543
1544 "00000000000000000000000000000000",
1545 "ffffffffffffffe00000000000000000",
1546 "d451b8d6e1e1a0ebb155fbbf6e7b7dc3",
1547
1548 "00000000000000000000000000000000",
1549 "fffffffffffffff00000000000000000",
1550 "6898d4f42fa7ba6a10ac05e87b9f2080",
1551
1552 "00000000000000000000000000000000",
1553 "fffffffffffffff80000000000000000",
1554 "b611295e739ca7d9b50f8e4c0e754a3f",
1555
1556 "00000000000000000000000000000000",
1557 "fffffffffffffffc0000000000000000",
1558 "7d33fc7d8abe3ca1936759f8f5deaf20",
1559
1560 "00000000000000000000000000000000",
1561 "fffffffffffffffe0000000000000000",
1562 "3b5e0f566dc96c298f0c12637539b25c",
1563
1564 "00000000000000000000000000000000",
1565 "ffffffffffffffff0000000000000000",
1566 "f807c3e7985fe0f5a50e2cdb25c5109e",
1567
1568 "00000000000000000000000000000000",
1569 "ffffffffffffffff8000000000000000",
1570 "41f992a856fb278b389a62f5d274d7e9",
1571
1572 "00000000000000000000000000000000",
1573 "ffffffffffffffffc000000000000000",
1574 "10d3ed7a6fe15ab4d91acbc7d0767ab1",
1575
1576 "00000000000000000000000000000000",
1577 "ffffffffffffffffe000000000000000",
1578 "21feecd45b2e675973ac33bf0c5424fc",
1579
1580 "00000000000000000000000000000000",
1581 "fffffffffffffffff000000000000000",
1582 "1480cb3955ba62d09eea668f7c708817",
1583
1584 "00000000000000000000000000000000",
1585 "fffffffffffffffff800000000000000",
1586 "66404033d6b72b609354d5496e7eb511",
1587
1588 "00000000000000000000000000000000",
1589 "fffffffffffffffffc00000000000000",
1590 "1c317a220a7d700da2b1e075b00266e1",
1591
1592 "00000000000000000000000000000000",
1593 "fffffffffffffffffe00000000000000",
1594 "ab3b89542233f1271bf8fd0c0f403545",
1595
1596 "00000000000000000000000000000000",
1597 "ffffffffffffffffff00000000000000",
1598 "d93eae966fac46dca927d6b114fa3f9e",
1599
1600 "00000000000000000000000000000000",
1601 "ffffffffffffffffff80000000000000",
1602 "1bdec521316503d9d5ee65df3ea94ddf",
1603
1604 "00000000000000000000000000000000",
1605 "ffffffffffffffffffc0000000000000",
1606 "eef456431dea8b4acf83bdae3717f75f",
1607
1608 "00000000000000000000000000000000",
1609 "ffffffffffffffffffe0000000000000",
1610 "06f2519a2fafaa596bfef5cfa15c21b9",
1611
1612 "00000000000000000000000000000000",
1613 "fffffffffffffffffff0000000000000",
1614 "251a7eac7e2fe809e4aa8d0d7012531a",
1615
1616 "00000000000000000000000000000000",
1617 "fffffffffffffffffff8000000000000",
1618 "3bffc16e4c49b268a20f8d96a60b4058",
1619
1620 "00000000000000000000000000000000",
1621 "fffffffffffffffffffc000000000000",
1622 "e886f9281999c5bb3b3e8862e2f7c988",
1623
1624 "00000000000000000000000000000000",
1625 "fffffffffffffffffffe000000000000",
1626 "563bf90d61beef39f48dd625fcef1361",
1627
1628 "00000000000000000000000000000000",
1629 "ffffffffffffffffffff000000000000",
1630 "4d37c850644563c69fd0acd9a049325b",
1631
1632 "00000000000000000000000000000000",
1633 "ffffffffffffffffffff800000000000",
1634 "b87c921b91829ef3b13ca541ee1130a6",
1635
1636 "00000000000000000000000000000000",
1637 "ffffffffffffffffffffc00000000000",
1638 "2e65eb6b6ea383e109accce8326b0393",
1639
1640 "00000000000000000000000000000000",
1641 "ffffffffffffffffffffe00000000000",
1642 "9ca547f7439edc3e255c0f4d49aa8990",
1643
1644 "00000000000000000000000000000000",
1645 "fffffffffffffffffffff00000000000",
1646 "a5e652614c9300f37816b1f9fd0c87f9",
1647
1648 "00000000000000000000000000000000",
1649 "fffffffffffffffffffff80000000000",
1650 "14954f0b4697776f44494fe458d814ed",
1651
1652 "00000000000000000000000000000000",
1653 "fffffffffffffffffffffc0000000000",
1654 "7c8d9ab6c2761723fe42f8bb506cbcf7",
1655
1656 "00000000000000000000000000000000",
1657 "fffffffffffffffffffffe0000000000",
1658 "db7e1932679fdd99742aab04aa0d5a80",
1659
1660 "00000000000000000000000000000000",
1661 "ffffffffffffffffffffff0000000000",
1662 "4c6a1c83e568cd10f27c2d73ded19c28",
1663
1664 "00000000000000000000000000000000",
1665 "ffffffffffffffffffffff8000000000",
1666 "90ecbe6177e674c98de412413f7ac915",
1667
1668 "00000000000000000000000000000000",
1669 "ffffffffffffffffffffffc000000000",
1670 "90684a2ac55fe1ec2b8ebd5622520b73",
1671
1672 "00000000000000000000000000000000",
1673 "ffffffffffffffffffffffe000000000",
1674 "7472f9a7988607ca79707795991035e6",
1675
1676 "00000000000000000000000000000000",
1677 "fffffffffffffffffffffff000000000",
1678 "56aff089878bf3352f8df172a3ae47d8",
1679
1680 "00000000000000000000000000000000",
1681 "fffffffffffffffffffffff800000000",
1682 "65c0526cbe40161b8019a2a3171abd23",
1683
1684 "00000000000000000000000000000000",
1685 "fffffffffffffffffffffffc00000000",
1686 "377be0be33b4e3e310b4aabda173f84f",
1687
1688 "00000000000000000000000000000000",
1689 "fffffffffffffffffffffffe00000000",
1690 "9402e9aa6f69de6504da8d20c4fcaa2f",
1691
1692 "00000000000000000000000000000000",
1693 "ffffffffffffffffffffffff00000000",
1694 "123c1f4af313ad8c2ce648b2e71fb6e1",
1695
1696 "00000000000000000000000000000000",
1697 "ffffffffffffffffffffffff80000000",
1698 "1ffc626d30203dcdb0019fb80f726cf4",
1699
1700 "00000000000000000000000000000000",
1701 "ffffffffffffffffffffffffc0000000",
1702 "76da1fbe3a50728c50fd2e621b5ad885",
1703
1704 "00000000000000000000000000000000",
1705 "ffffffffffffffffffffffffe0000000",
1706 "082eb8be35f442fb52668e16a591d1d6",
1707
1708 "00000000000000000000000000000000",
1709 "fffffffffffffffffffffffff0000000",
1710 "e656f9ecf5fe27ec3e4a73d00c282fb3",
1711
1712 "00000000000000000000000000000000",
1713 "fffffffffffffffffffffffff8000000",
1714 "2ca8209d63274cd9a29bb74bcd77683a",
1715
1716 "00000000000000000000000000000000",
1717 "fffffffffffffffffffffffffc000000",
1718 "79bf5dce14bb7dd73a8e3611de7ce026",
1719
1720 "00000000000000000000000000000000",
1721 "fffffffffffffffffffffffffe000000",
1722 "3c849939a5d29399f344c4a0eca8a576",
1723
1724 "00000000000000000000000000000000",
1725 "ffffffffffffffffffffffffff000000",
1726 "ed3c0a94d59bece98835da7aa4f07ca2",
1727
1728 "00000000000000000000000000000000",
1729 "ffffffffffffffffffffffffff800000",
1730 "63919ed4ce10196438b6ad09d99cd795",
1731
1732 "00000000000000000000000000000000",
1733 "ffffffffffffffffffffffffffc00000",
1734 "7678f3a833f19fea95f3c6029e2bc610",
1735
1736 "00000000000000000000000000000000",
1737 "ffffffffffffffffffffffffffe00000",
1738 "3aa426831067d36b92be7c5f81c13c56",
1739
1740 "00000000000000000000000000000000",
1741 "fffffffffffffffffffffffffff00000",
1742 "9272e2d2cdd11050998c845077a30ea0",
1743
1744 "00000000000000000000000000000000",
1745 "fffffffffffffffffffffffffff80000",
1746 "088c4b53f5ec0ff814c19adae7f6246c",
1747
1748 "00000000000000000000000000000000",
1749 "fffffffffffffffffffffffffffc0000",
1750 "4010a5e401fdf0a0354ddbcc0d012b17",
1751
1752 "00000000000000000000000000000000",
1753 "fffffffffffffffffffffffffffe0000",
1754 "a87a385736c0a6189bd6589bd8445a93",
1755
1756 "00000000000000000000000000000000",
1757 "ffffffffffffffffffffffffffff0000",
1758 "545f2b83d9616dccf60fa9830e9cd287",
1759
1760 "00000000000000000000000000000000",
1761 "ffffffffffffffffffffffffffff8000",
1762 "4b706f7f92406352394037a6d4f4688d",
1763
1764 "00000000000000000000000000000000",
1765 "ffffffffffffffffffffffffffffc000",
1766 "b7972b3941c44b90afa7b264bfba7387",
1767
1768 "00000000000000000000000000000000",
1769 "ffffffffffffffffffffffffffffe000",
1770 "6f45732cf10881546f0fd23896d2bb60",
1771
1772 "00000000000000000000000000000000",
1773 "fffffffffffffffffffffffffffff000",
1774 "2e3579ca15af27f64b3c955a5bfc30ba",
1775
1776 "00000000000000000000000000000000",
1777 "fffffffffffffffffffffffffffff800",
1778 "34a2c5a91ae2aec99b7d1b5fa6780447",
1779
1780 "00000000000000000000000000000000",
1781 "fffffffffffffffffffffffffffffc00",
1782 "a4d6616bd04f87335b0e53351227a9ee",
1783
1784 "00000000000000000000000000000000",
1785 "fffffffffffffffffffffffffffffe00",
1786 "7f692b03945867d16179a8cefc83ea3f",
1787
1788 "00000000000000000000000000000000",
1789 "ffffffffffffffffffffffffffffff00",
1790 "3bd141ee84a0e6414a26e7a4f281f8a2",
1791
1792 "00000000000000000000000000000000",
1793 "ffffffffffffffffffffffffffffff80",
1794 "d1788f572d98b2b16ec5d5f3922b99bc",
1795
1796 "00000000000000000000000000000000",
1797 "ffffffffffffffffffffffffffffffc0",
1798 "0833ff6f61d98a57b288e8c3586b85a6",
1799
1800 "00000000000000000000000000000000",
1801 "ffffffffffffffffffffffffffffffe0",
1802 "8568261797de176bf0b43becc6285afb",
1803
1804 "00000000000000000000000000000000",
1805 "fffffffffffffffffffffffffffffff0",
1806 "f9b0fda0c4a898f5b9e6f661c4ce4d07",
1807
1808 "00000000000000000000000000000000",
1809 "fffffffffffffffffffffffffffffff8",
1810 "8ade895913685c67c5269f8aae42983e",
1811
1812 "00000000000000000000000000000000",
1813 "fffffffffffffffffffffffffffffffc",
1814 "39bde67d5c8ed8a8b1c37eb8fa9f5ac0",
1815
1816 "00000000000000000000000000000000",
1817 "fffffffffffffffffffffffffffffffe",
1818 "5c005e72c1418c44f569f2ea33ba54f3",
1819
1820 "00000000000000000000000000000000",
1821 "ffffffffffffffffffffffffffffffff",
1822 "3f5b8cc9ea855a0afa7347d23e8d664e",
1823
1824 /*
1825 * From NIST validation suite (ECBVarTxt192.rsp).
1826 */
1827 "000000000000000000000000000000000000000000000000",
1828 "80000000000000000000000000000000",
1829 "6cd02513e8d4dc986b4afe087a60bd0c",
1830
1831 "000000000000000000000000000000000000000000000000",
1832 "c0000000000000000000000000000000",
1833 "2ce1f8b7e30627c1c4519eada44bc436",
1834
1835 "000000000000000000000000000000000000000000000000",
1836 "e0000000000000000000000000000000",
1837 "9946b5f87af446f5796c1fee63a2da24",
1838
1839 "000000000000000000000000000000000000000000000000",
1840 "f0000000000000000000000000000000",
1841 "2a560364ce529efc21788779568d5555",
1842
1843 "000000000000000000000000000000000000000000000000",
1844 "f8000000000000000000000000000000",
1845 "35c1471837af446153bce55d5ba72a0a",
1846
1847 "000000000000000000000000000000000000000000000000",
1848 "fc000000000000000000000000000000",
1849 "ce60bc52386234f158f84341e534cd9e",
1850
1851 "000000000000000000000000000000000000000000000000",
1852 "fe000000000000000000000000000000",
1853 "8c7c27ff32bcf8dc2dc57c90c2903961",
1854
1855 "000000000000000000000000000000000000000000000000",
1856 "ff000000000000000000000000000000",
1857 "32bb6a7ec84499e166f936003d55a5bb",
1858
1859 "000000000000000000000000000000000000000000000000",
1860 "ff800000000000000000000000000000",
1861 "a5c772e5c62631ef660ee1d5877f6d1b",
1862
1863 "000000000000000000000000000000000000000000000000",
1864 "ffc00000000000000000000000000000",
1865 "030d7e5b64f380a7e4ea5387b5cd7f49",
1866
1867 "000000000000000000000000000000000000000000000000",
1868 "ffe00000000000000000000000000000",
1869 "0dc9a2610037009b698f11bb7e86c83e",
1870
1871 "000000000000000000000000000000000000000000000000",
1872 "fff00000000000000000000000000000",
1873 "0046612c766d1840c226364f1fa7ed72",
1874
1875 "000000000000000000000000000000000000000000000000",
1876 "fff80000000000000000000000000000",
1877 "4880c7e08f27befe78590743c05e698b",
1878
1879 "000000000000000000000000000000000000000000000000",
1880 "fffc0000000000000000000000000000",
1881 "2520ce829a26577f0f4822c4ecc87401",
1882
1883 "000000000000000000000000000000000000000000000000",
1884 "fffe0000000000000000000000000000",
1885 "8765e8acc169758319cb46dc7bcf3dca",
1886
1887 "000000000000000000000000000000000000000000000000",
1888 "ffff0000000000000000000000000000",
1889 "e98f4ba4f073df4baa116d011dc24a28",
1890
1891 "000000000000000000000000000000000000000000000000",
1892 "ffff8000000000000000000000000000",
1893 "f378f68c5dbf59e211b3a659a7317d94",
1894
1895 "000000000000000000000000000000000000000000000000",
1896 "ffffc000000000000000000000000000",
1897 "283d3b069d8eb9fb432d74b96ca762b4",
1898
1899 "000000000000000000000000000000000000000000000000",
1900 "ffffe000000000000000000000000000",
1901 "a7e1842e8a87861c221a500883245c51",
1902
1903 "000000000000000000000000000000000000000000000000",
1904 "fffff000000000000000000000000000",
1905 "77aa270471881be070fb52c7067ce732",
1906
1907 "000000000000000000000000000000000000000000000000",
1908 "fffff800000000000000000000000000",
1909 "01b0f476d484f43f1aeb6efa9361a8ac",
1910
1911 "000000000000000000000000000000000000000000000000",
1912 "fffffc00000000000000000000000000",
1913 "1c3a94f1c052c55c2d8359aff2163b4f",
1914
1915 "000000000000000000000000000000000000000000000000",
1916 "fffffe00000000000000000000000000",
1917 "e8a067b604d5373d8b0f2e05a03b341b",
1918
1919 "000000000000000000000000000000000000000000000000",
1920 "ffffff00000000000000000000000000",
1921 "a7876ec87f5a09bfea42c77da30fd50e",
1922
1923 "000000000000000000000000000000000000000000000000",
1924 "ffffff80000000000000000000000000",
1925 "0cf3e9d3a42be5b854ca65b13f35f48d",
1926
1927 "000000000000000000000000000000000000000000000000",
1928 "ffffffc0000000000000000000000000",
1929 "6c62f6bbcab7c3e821c9290f08892dda",
1930
1931 "000000000000000000000000000000000000000000000000",
1932 "ffffffe0000000000000000000000000",
1933 "7f5e05bd2068738196fee79ace7e3aec",
1934
1935 "000000000000000000000000000000000000000000000000",
1936 "fffffff0000000000000000000000000",
1937 "440e0d733255cda92fb46e842fe58054",
1938
1939 "000000000000000000000000000000000000000000000000",
1940 "fffffff8000000000000000000000000",
1941 "aa5d5b1c4ea1b7a22e5583ac2e9ed8a7",
1942
1943 "000000000000000000000000000000000000000000000000",
1944 "fffffffc000000000000000000000000",
1945 "77e537e89e8491e8662aae3bc809421d",
1946
1947 "000000000000000000000000000000000000000000000000",
1948 "fffffffe000000000000000000000000",
1949 "997dd3e9f1598bfa73f75973f7e93b76",
1950
1951 "000000000000000000000000000000000000000000000000",
1952 "ffffffff000000000000000000000000",
1953 "1b38d4f7452afefcb7fc721244e4b72e",
1954
1955 "000000000000000000000000000000000000000000000000",
1956 "ffffffff800000000000000000000000",
1957 "0be2b18252e774dda30cdda02c6906e3",
1958
1959 "000000000000000000000000000000000000000000000000",
1960 "ffffffffc00000000000000000000000",
1961 "d2695e59c20361d82652d7d58b6f11b2",
1962
1963 "000000000000000000000000000000000000000000000000",
1964 "ffffffffe00000000000000000000000",
1965 "902d88d13eae52089abd6143cfe394e9",
1966
1967 "000000000000000000000000000000000000000000000000",
1968 "fffffffff00000000000000000000000",
1969 "d49bceb3b823fedd602c305345734bd2",
1970
1971 "000000000000000000000000000000000000000000000000",
1972 "fffffffff80000000000000000000000",
1973 "707b1dbb0ffa40ef7d95def421233fae",
1974
1975 "000000000000000000000000000000000000000000000000",
1976 "fffffffffc0000000000000000000000",
1977 "7ca0c1d93356d9eb8aa952084d75f913",
1978
1979 "000000000000000000000000000000000000000000000000",
1980 "fffffffffe0000000000000000000000",
1981 "f2cbf9cb186e270dd7bdb0c28febc57d",
1982
1983 "000000000000000000000000000000000000000000000000",
1984 "ffffffffff0000000000000000000000",
1985 "c94337c37c4e790ab45780bd9c3674a0",
1986
1987 "000000000000000000000000000000000000000000000000",
1988 "ffffffffff8000000000000000000000",
1989 "8e3558c135252fb9c9f367ed609467a1",
1990
1991 "000000000000000000000000000000000000000000000000",
1992 "ffffffffffc000000000000000000000",
1993 "1b72eeaee4899b443914e5b3a57fba92",
1994
1995 "000000000000000000000000000000000000000000000000",
1996 "ffffffffffe000000000000000000000",
1997 "011865f91bc56868d051e52c9efd59b7",
1998
1999 "000000000000000000000000000000000000000000000000",
2000 "fffffffffff000000000000000000000",
2001 "e4771318ad7a63dd680f6e583b7747ea",
2002
2003 "000000000000000000000000000000000000000000000000",
2004 "fffffffffff800000000000000000000",
2005 "61e3d194088dc8d97e9e6db37457eac5",
2006
2007 "000000000000000000000000000000000000000000000000",
2008 "fffffffffffc00000000000000000000",
2009 "36ff1ec9ccfbc349e5d356d063693ad6",
2010
2011 "000000000000000000000000000000000000000000000000",
2012 "fffffffffffe00000000000000000000",
2013 "3cc9e9a9be8cc3f6fb2ea24088e9bb19",
2014
2015 "000000000000000000000000000000000000000000000000",
2016 "ffffffffffff00000000000000000000",
2017 "1ee5ab003dc8722e74905d9a8fe3d350",
2018
2019 "000000000000000000000000000000000000000000000000",
2020 "ffffffffffff80000000000000000000",
2021 "245339319584b0a412412869d6c2eada",
2022
2023 "000000000000000000000000000000000000000000000000",
2024 "ffffffffffffc0000000000000000000",
2025 "7bd496918115d14ed5380852716c8814",
2026
2027 "000000000000000000000000000000000000000000000000",
2028 "ffffffffffffe0000000000000000000",
2029 "273ab2f2b4a366a57d582a339313c8b1",
2030
2031 "000000000000000000000000000000000000000000000000",
2032 "fffffffffffff0000000000000000000",
2033 "113365a9ffbe3b0ca61e98507554168b",
2034
2035 "000000000000000000000000000000000000000000000000",
2036 "fffffffffffff8000000000000000000",
2037 "afa99c997ac478a0dea4119c9e45f8b1",
2038
2039 "000000000000000000000000000000000000000000000000",
2040 "fffffffffffffc000000000000000000",
2041 "9216309a7842430b83ffb98638011512",
2042
2043 "000000000000000000000000000000000000000000000000",
2044 "fffffffffffffe000000000000000000",
2045 "62abc792288258492a7cb45145f4b759",
2046
2047 "000000000000000000000000000000000000000000000000",
2048 "ffffffffffffff000000000000000000",
2049 "534923c169d504d7519c15d30e756c50",
2050
2051 "000000000000000000000000000000000000000000000000",
2052 "ffffffffffffff800000000000000000",
2053 "fa75e05bcdc7e00c273fa33f6ee441d2",
2054
2055 "000000000000000000000000000000000000000000000000",
2056 "ffffffffffffffc00000000000000000",
2057 "7d350fa6057080f1086a56b17ec240db",
2058
2059 "000000000000000000000000000000000000000000000000",
2060 "ffffffffffffffe00000000000000000",
2061 "f34e4a6324ea4a5c39a661c8fe5ada8f",
2062
2063 "000000000000000000000000000000000000000000000000",
2064 "fffffffffffffff00000000000000000",
2065 "0882a16f44088d42447a29ac090ec17e",
2066
2067 "000000000000000000000000000000000000000000000000",
2068 "fffffffffffffff80000000000000000",
2069 "3a3c15bfc11a9537c130687004e136ee",
2070
2071 "000000000000000000000000000000000000000000000000",
2072 "fffffffffffffffc0000000000000000",
2073 "22c0a7678dc6d8cf5c8a6d5a9960767c",
2074
2075 "000000000000000000000000000000000000000000000000",
2076 "fffffffffffffffe0000000000000000",
2077 "b46b09809d68b9a456432a79bdc2e38c",
2078
2079 "000000000000000000000000000000000000000000000000",
2080 "ffffffffffffffff0000000000000000",
2081 "93baaffb35fbe739c17c6ac22eecf18f",
2082
2083 "000000000000000000000000000000000000000000000000",
2084 "ffffffffffffffff8000000000000000",
2085 "c8aa80a7850675bc007c46df06b49868",
2086
2087 "000000000000000000000000000000000000000000000000",
2088 "ffffffffffffffffc000000000000000",
2089 "12c6f3877af421a918a84b775858021d",
2090
2091 "000000000000000000000000000000000000000000000000",
2092 "ffffffffffffffffe000000000000000",
2093 "33f123282c5d633924f7d5ba3f3cab11",
2094
2095 "000000000000000000000000000000000000000000000000",
2096 "fffffffffffffffff000000000000000",
2097 "a8f161002733e93ca4527d22c1a0c5bb",
2098
2099 "000000000000000000000000000000000000000000000000",
2100 "fffffffffffffffff800000000000000",
2101 "b72f70ebf3e3fda23f508eec76b42c02",
2102
2103 "000000000000000000000000000000000000000000000000",
2104 "fffffffffffffffffc00000000000000",
2105 "6a9d965e6274143f25afdcfc88ffd77c",
2106
2107 "000000000000000000000000000000000000000000000000",
2108 "fffffffffffffffffe00000000000000",
2109 "a0c74fd0b9361764ce91c5200b095357",
2110
2111 "000000000000000000000000000000000000000000000000",
2112 "ffffffffffffffffff00000000000000",
2113 "091d1fdc2bd2c346cd5046a8c6209146",
2114
2115 "000000000000000000000000000000000000000000000000",
2116 "ffffffffffffffffff80000000000000",
2117 "e2a37580116cfb71856254496ab0aca8",
2118
2119 "000000000000000000000000000000000000000000000000",
2120 "ffffffffffffffffffc0000000000000",
2121 "e0b3a00785917c7efc9adba322813571",
2122
2123 "000000000000000000000000000000000000000000000000",
2124 "ffffffffffffffffffe0000000000000",
2125 "733d41f4727b5ef0df4af4cf3cffa0cb",
2126
2127 "000000000000000000000000000000000000000000000000",
2128 "fffffffffffffffffff0000000000000",
2129 "a99ebb030260826f981ad3e64490aa4f",
2130
2131 "000000000000000000000000000000000000000000000000",
2132 "fffffffffffffffffff8000000000000",
2133 "73f34c7d3eae5e80082c1647524308ee",
2134
2135 "000000000000000000000000000000000000000000000000",
2136 "fffffffffffffffffffc000000000000",
2137 "40ebd5ad082345b7a2097ccd3464da02",
2138
2139 "000000000000000000000000000000000000000000000000",
2140 "fffffffffffffffffffe000000000000",
2141 "7cc4ae9a424b2cec90c97153c2457ec5",
2142
2143 "000000000000000000000000000000000000000000000000",
2144 "ffffffffffffffffffff000000000000",
2145 "54d632d03aba0bd0f91877ebdd4d09cb",
2146
2147 "000000000000000000000000000000000000000000000000",
2148 "ffffffffffffffffffff800000000000",
2149 "d3427be7e4d27cd54f5fe37b03cf0897",
2150
2151 "000000000000000000000000000000000000000000000000",
2152 "ffffffffffffffffffffc00000000000",
2153 "b2099795e88cc158fd75ea133d7e7fbe",
2154
2155 "000000000000000000000000000000000000000000000000",
2156 "ffffffffffffffffffffe00000000000",
2157 "a6cae46fb6fadfe7a2c302a34242817b",
2158
2159 "000000000000000000000000000000000000000000000000",
2160 "fffffffffffffffffffff00000000000",
2161 "026a7024d6a902e0b3ffccbaa910cc3f",
2162
2163 "000000000000000000000000000000000000000000000000",
2164 "fffffffffffffffffffff80000000000",
2165 "156f07767a85a4312321f63968338a01",
2166
2167 "000000000000000000000000000000000000000000000000",
2168 "fffffffffffffffffffffc0000000000",
2169 "15eec9ebf42b9ca76897d2cd6c5a12e2",
2170
2171 "000000000000000000000000000000000000000000000000",
2172 "fffffffffffffffffffffe0000000000",
2173 "db0d3a6fdcc13f915e2b302ceeb70fd8",
2174
2175 "000000000000000000000000000000000000000000000000",
2176 "ffffffffffffffffffffff0000000000",
2177 "71dbf37e87a2e34d15b20e8f10e48924",
2178
2179 "000000000000000000000000000000000000000000000000",
2180 "ffffffffffffffffffffff8000000000",
2181 "c745c451e96ff3c045e4367c833e3b54",
2182
2183 "000000000000000000000000000000000000000000000000",
2184 "ffffffffffffffffffffffc000000000",
2185 "340da09c2dd11c3b679d08ccd27dd595",
2186
2187 "000000000000000000000000000000000000000000000000",
2188 "ffffffffffffffffffffffe000000000",
2189 "8279f7c0c2a03ee660c6d392db025d18",
2190
2191 "000000000000000000000000000000000000000000000000",
2192 "fffffffffffffffffffffff000000000",
2193 "a4b2c7d8eba531ff47c5041a55fbd1ec",
2194
2195 "000000000000000000000000000000000000000000000000",
2196 "fffffffffffffffffffffff800000000",
2197 "74569a2ca5a7bd5131ce8dc7cbfbf72f",
2198
2199 "000000000000000000000000000000000000000000000000",
2200 "fffffffffffffffffffffffc00000000",
2201 "3713da0c0219b63454035613b5a403dd",
2202
2203 "000000000000000000000000000000000000000000000000",
2204 "fffffffffffffffffffffffe00000000",
2205 "8827551ddcc9df23fa72a3de4e9f0b07",
2206
2207 "000000000000000000000000000000000000000000000000",
2208 "ffffffffffffffffffffffff00000000",
2209 "2e3febfd625bfcd0a2c06eb460da1732",
2210
2211 "000000000000000000000000000000000000000000000000",
2212 "ffffffffffffffffffffffff80000000",
2213 "ee82e6ba488156f76496311da6941deb",
2214
2215 "000000000000000000000000000000000000000000000000",
2216 "ffffffffffffffffffffffffc0000000",
2217 "4770446f01d1f391256e85a1b30d89d3",
2218
2219 "000000000000000000000000000000000000000000000000",
2220 "ffffffffffffffffffffffffe0000000",
2221 "af04b68f104f21ef2afb4767cf74143c",
2222
2223 "000000000000000000000000000000000000000000000000",
2224 "fffffffffffffffffffffffff0000000",
2225 "cf3579a9ba38c8e43653173e14f3a4c6",
2226
2227 "000000000000000000000000000000000000000000000000",
2228 "fffffffffffffffffffffffff8000000",
2229 "b3bba904f4953e09b54800af2f62e7d4",
2230
2231 "000000000000000000000000000000000000000000000000",
2232 "fffffffffffffffffffffffffc000000",
2233 "fc4249656e14b29eb9c44829b4c59a46",
2234
2235 "000000000000000000000000000000000000000000000000",
2236 "fffffffffffffffffffffffffe000000",
2237 "9b31568febe81cfc2e65af1c86d1a308",
2238
2239 "000000000000000000000000000000000000000000000000",
2240 "ffffffffffffffffffffffffff000000",
2241 "9ca09c25f273a766db98a480ce8dfedc",
2242
2243 "000000000000000000000000000000000000000000000000",
2244 "ffffffffffffffffffffffffff800000",
2245 "b909925786f34c3c92d971883c9fbedf",
2246
2247 "000000000000000000000000000000000000000000000000",
2248 "ffffffffffffffffffffffffffc00000",
2249 "82647f1332fe570a9d4d92b2ee771d3b",
2250
2251 "000000000000000000000000000000000000000000000000",
2252 "ffffffffffffffffffffffffffe00000",
2253 "3604a7e80832b3a99954bca6f5b9f501",
2254
2255 "000000000000000000000000000000000000000000000000",
2256 "fffffffffffffffffffffffffff00000",
2257 "884607b128c5de3ab39a529a1ef51bef",
2258
2259 "000000000000000000000000000000000000000000000000",
2260 "fffffffffffffffffffffffffff80000",
2261 "670cfa093d1dbdb2317041404102435e",
2262
2263 "000000000000000000000000000000000000000000000000",
2264 "fffffffffffffffffffffffffffc0000",
2265 "7a867195f3ce8769cbd336502fbb5130",
2266
2267 "000000000000000000000000000000000000000000000000",
2268 "fffffffffffffffffffffffffffe0000",
2269 "52efcf64c72b2f7ca5b3c836b1078c15",
2270
2271 "000000000000000000000000000000000000000000000000",
2272 "ffffffffffffffffffffffffffff0000",
2273 "4019250f6eefb2ac5ccbcae044e75c7e",
2274
2275 "000000000000000000000000000000000000000000000000",
2276 "ffffffffffffffffffffffffffff8000",
2277 "022c4f6f5a017d292785627667ddef24",
2278
2279 "000000000000000000000000000000000000000000000000",
2280 "ffffffffffffffffffffffffffffc000",
2281 "e9c21078a2eb7e03250f71000fa9e3ed",
2282
2283 "000000000000000000000000000000000000000000000000",
2284 "ffffffffffffffffffffffffffffe000",
2285 "a13eaeeb9cd391da4e2b09490b3e7fad",
2286
2287 "000000000000000000000000000000000000000000000000",
2288 "fffffffffffffffffffffffffffff000",
2289 "c958a171dca1d4ed53e1af1d380803a9",
2290
2291 "000000000000000000000000000000000000000000000000",
2292 "fffffffffffffffffffffffffffff800",
2293 "21442e07a110667f2583eaeeee44dc8c",
2294
2295 "000000000000000000000000000000000000000000000000",
2296 "fffffffffffffffffffffffffffffc00",
2297 "59bbb353cf1dd867a6e33737af655e99",
2298
2299 "000000000000000000000000000000000000000000000000",
2300 "fffffffffffffffffffffffffffffe00",
2301 "43cd3b25375d0ce41087ff9fe2829639",
2302
2303 "000000000000000000000000000000000000000000000000",
2304 "ffffffffffffffffffffffffffffff00",
2305 "6b98b17e80d1118e3516bd768b285a84",
2306
2307 "000000000000000000000000000000000000000000000000",
2308 "ffffffffffffffffffffffffffffff80",
2309 "ae47ed3676ca0c08deea02d95b81db58",
2310
2311 "000000000000000000000000000000000000000000000000",
2312 "ffffffffffffffffffffffffffffffc0",
2313 "34ec40dc20413795ed53628ea748720b",
2314
2315 "000000000000000000000000000000000000000000000000",
2316 "ffffffffffffffffffffffffffffffe0",
2317 "4dc68163f8e9835473253542c8a65d46",
2318
2319 "000000000000000000000000000000000000000000000000",
2320 "fffffffffffffffffffffffffffffff0",
2321 "2aabb999f43693175af65c6c612c46fb",
2322
2323 "000000000000000000000000000000000000000000000000",
2324 "fffffffffffffffffffffffffffffff8",
2325 "e01f94499dac3547515c5b1d756f0f58",
2326
2327 "000000000000000000000000000000000000000000000000",
2328 "fffffffffffffffffffffffffffffffc",
2329 "9d12435a46480ce00ea349f71799df9a",
2330
2331 "000000000000000000000000000000000000000000000000",
2332 "fffffffffffffffffffffffffffffffe",
2333 "cef41d16d266bdfe46938ad7884cc0cf",
2334
2335 "000000000000000000000000000000000000000000000000",
2336 "ffffffffffffffffffffffffffffffff",
2337 "b13db4da1f718bc6904797c82bcf2d32",
2338
2339 /*
2340 * From NIST validation suite (ECBVarTxt256.rsp).
2341 */
2342 "0000000000000000000000000000000000000000000000000000000000000000",
2343 "80000000000000000000000000000000",
2344 "ddc6bf790c15760d8d9aeb6f9a75fd4e",
2345
2346 "0000000000000000000000000000000000000000000000000000000000000000",
2347 "c0000000000000000000000000000000",
2348 "0a6bdc6d4c1e6280301fd8e97ddbe601",
2349
2350 "0000000000000000000000000000000000000000000000000000000000000000",
2351 "e0000000000000000000000000000000",
2352 "9b80eefb7ebe2d2b16247aa0efc72f5d",
2353
2354 "0000000000000000000000000000000000000000000000000000000000000000",
2355 "f0000000000000000000000000000000",
2356 "7f2c5ece07a98d8bee13c51177395ff7",
2357
2358 "0000000000000000000000000000000000000000000000000000000000000000",
2359 "f8000000000000000000000000000000",
2360 "7818d800dcf6f4be1e0e94f403d1e4c2",
2361
2362 "0000000000000000000000000000000000000000000000000000000000000000",
2363 "fc000000000000000000000000000000",
2364 "e74cd1c92f0919c35a0324123d6177d3",
2365
2366 "0000000000000000000000000000000000000000000000000000000000000000",
2367 "fe000000000000000000000000000000",
2368 "8092a4dcf2da7e77e93bdd371dfed82e",
2369
2370 "0000000000000000000000000000000000000000000000000000000000000000",
2371 "ff000000000000000000000000000000",
2372 "49af6b372135acef10132e548f217b17",
2373
2374 "0000000000000000000000000000000000000000000000000000000000000000",
2375 "ff800000000000000000000000000000",
2376 "8bcd40f94ebb63b9f7909676e667f1e7",
2377
2378 "0000000000000000000000000000000000000000000000000000000000000000",
2379 "ffc00000000000000000000000000000",
2380 "fe1cffb83f45dcfb38b29be438dbd3ab",
2381
2382 "0000000000000000000000000000000000000000000000000000000000000000",
2383 "ffe00000000000000000000000000000",
2384 "0dc58a8d886623705aec15cb1e70dc0e",
2385
2386 "0000000000000000000000000000000000000000000000000000000000000000",
2387 "fff00000000000000000000000000000",
2388 "c218faa16056bd0774c3e8d79c35a5e4",
2389
2390 "0000000000000000000000000000000000000000000000000000000000000000",
2391 "fff80000000000000000000000000000",
2392 "047bba83f7aa841731504e012208fc9e",
2393
2394 "0000000000000000000000000000000000000000000000000000000000000000",
2395 "fffc0000000000000000000000000000",
2396 "dc8f0e4915fd81ba70a331310882f6da",
2397
2398 "0000000000000000000000000000000000000000000000000000000000000000",
2399 "fffe0000000000000000000000000000",
2400 "1569859ea6b7206c30bf4fd0cbfac33c",
2401
2402 "0000000000000000000000000000000000000000000000000000000000000000",
2403 "ffff0000000000000000000000000000",
2404 "300ade92f88f48fa2df730ec16ef44cd",
2405
2406 "0000000000000000000000000000000000000000000000000000000000000000",
2407 "ffff8000000000000000000000000000",
2408 "1fe6cc3c05965dc08eb0590c95ac71d0",
2409
2410 "0000000000000000000000000000000000000000000000000000000000000000",
2411 "ffffc000000000000000000000000000",
2412 "59e858eaaa97fec38111275b6cf5abc0",
2413
2414 "0000000000000000000000000000000000000000000000000000000000000000",
2415 "ffffe000000000000000000000000000",
2416 "2239455e7afe3b0616100288cc5a723b",
2417
2418 "0000000000000000000000000000000000000000000000000000000000000000",
2419 "fffff000000000000000000000000000",
2420 "3ee500c5c8d63479717163e55c5c4522",
2421
2422 "0000000000000000000000000000000000000000000000000000000000000000",
2423 "fffff800000000000000000000000000",
2424 "d5e38bf15f16d90e3e214041d774daa8",
2425
2426 "0000000000000000000000000000000000000000000000000000000000000000",
2427 "fffffc00000000000000000000000000",
2428 "b1f4066e6f4f187dfe5f2ad1b17819d0",
2429
2430 "0000000000000000000000000000000000000000000000000000000000000000",
2431 "fffffe00000000000000000000000000",
2432 "6ef4cc4de49b11065d7af2909854794a",
2433
2434 "0000000000000000000000000000000000000000000000000000000000000000",
2435 "ffffff00000000000000000000000000",
2436 "ac86bc606b6640c309e782f232bf367f",
2437
2438 "0000000000000000000000000000000000000000000000000000000000000000",
2439 "ffffff80000000000000000000000000",
2440 "36aff0ef7bf3280772cf4cac80a0d2b2",
2441
2442 "0000000000000000000000000000000000000000000000000000000000000000",
2443 "ffffffc0000000000000000000000000",
2444 "1f8eedea0f62a1406d58cfc3ecea72cf",
2445
2446 "0000000000000000000000000000000000000000000000000000000000000000",
2447 "ffffffe0000000000000000000000000",
2448 "abf4154a3375a1d3e6b1d454438f95a6",
2449
2450 "0000000000000000000000000000000000000000000000000000000000000000",
2451 "fffffff0000000000000000000000000",
2452 "96f96e9d607f6615fc192061ee648b07",
2453
2454 "0000000000000000000000000000000000000000000000000000000000000000",
2455 "fffffff8000000000000000000000000",
2456 "cf37cdaaa0d2d536c71857634c792064",
2457
2458 "0000000000000000000000000000000000000000000000000000000000000000",
2459 "fffffffc000000000000000000000000",
2460 "fbd6640c80245c2b805373f130703127",
2461
2462 "0000000000000000000000000000000000000000000000000000000000000000",
2463 "fffffffe000000000000000000000000",
2464 "8d6a8afe55a6e481badae0d146f436db",
2465
2466 "0000000000000000000000000000000000000000000000000000000000000000",
2467 "ffffffff000000000000000000000000",
2468 "6a4981f2915e3e68af6c22385dd06756",
2469
2470 "0000000000000000000000000000000000000000000000000000000000000000",
2471 "ffffffff800000000000000000000000",
2472 "42a1136e5f8d8d21d3101998642d573b",
2473
2474 "0000000000000000000000000000000000000000000000000000000000000000",
2475 "ffffffffc00000000000000000000000",
2476 "9b471596dc69ae1586cee6158b0b0181",
2477
2478 "0000000000000000000000000000000000000000000000000000000000000000",
2479 "ffffffffe00000000000000000000000",
2480 "753665c4af1eff33aa8b628bf8741cfd",
2481
2482 "0000000000000000000000000000000000000000000000000000000000000000",
2483 "fffffffff00000000000000000000000",
2484 "9a682acf40be01f5b2a4193c9a82404d",
2485
2486 "0000000000000000000000000000000000000000000000000000000000000000",
2487 "fffffffff80000000000000000000000",
2488 "54fafe26e4287f17d1935f87eb9ade01",
2489
2490 "0000000000000000000000000000000000000000000000000000000000000000",
2491 "fffffffffc0000000000000000000000",
2492 "49d541b2e74cfe73e6a8e8225f7bd449",
2493
2494 "0000000000000000000000000000000000000000000000000000000000000000",
2495 "fffffffffe0000000000000000000000",
2496 "11a45530f624ff6f76a1b3826626ff7b",
2497
2498 "0000000000000000000000000000000000000000000000000000000000000000",
2499 "ffffffffff0000000000000000000000",
2500 "f96b0c4a8bc6c86130289f60b43b8fba",
2501
2502 "0000000000000000000000000000000000000000000000000000000000000000",
2503 "ffffffffff8000000000000000000000",
2504 "48c7d0e80834ebdc35b6735f76b46c8b",
2505
2506 "0000000000000000000000000000000000000000000000000000000000000000",
2507 "ffffffffffc000000000000000000000",
2508 "2463531ab54d66955e73edc4cb8eaa45",
2509
2510 "0000000000000000000000000000000000000000000000000000000000000000",
2511 "ffffffffffe000000000000000000000",
2512 "ac9bd8e2530469134b9d5b065d4f565b",
2513
2514 "0000000000000000000000000000000000000000000000000000000000000000",
2515 "fffffffffff000000000000000000000",
2516 "3f5f9106d0e52f973d4890e6f37e8a00",
2517
2518 "0000000000000000000000000000000000000000000000000000000000000000",
2519 "fffffffffff800000000000000000000",
2520 "20ebc86f1304d272e2e207e59db639f0",
2521
2522 "0000000000000000000000000000000000000000000000000000000000000000",
2523 "fffffffffffc00000000000000000000",
2524 "e67ae6426bf9526c972cff072b52252c",
2525
2526 "0000000000000000000000000000000000000000000000000000000000000000",
2527 "fffffffffffe00000000000000000000",
2528 "1a518dddaf9efa0d002cc58d107edfc8",
2529
2530 "0000000000000000000000000000000000000000000000000000000000000000",
2531 "ffffffffffff00000000000000000000",
2532 "ead731af4d3a2fe3b34bed047942a49f",
2533
2534 "0000000000000000000000000000000000000000000000000000000000000000",
2535 "ffffffffffff80000000000000000000",
2536 "b1d4efe40242f83e93b6c8d7efb5eae9",
2537
2538 "0000000000000000000000000000000000000000000000000000000000000000",
2539 "ffffffffffffc0000000000000000000",
2540 "cd2b1fec11fd906c5c7630099443610a",
2541
2542 "0000000000000000000000000000000000000000000000000000000000000000",
2543 "ffffffffffffe0000000000000000000",
2544 "a1853fe47fe29289d153161d06387d21",
2545
2546 "0000000000000000000000000000000000000000000000000000000000000000",
2547 "fffffffffffff0000000000000000000",
2548 "4632154179a555c17ea604d0889fab14",
2549
2550 "0000000000000000000000000000000000000000000000000000000000000000",
2551 "fffffffffffff8000000000000000000",
2552 "dd27cac6401a022e8f38f9f93e774417",
2553
2554 "0000000000000000000000000000000000000000000000000000000000000000",
2555 "fffffffffffffc000000000000000000",
2556 "c090313eb98674f35f3123385fb95d4d",
2557
2558 "0000000000000000000000000000000000000000000000000000000000000000",
2559 "fffffffffffffe000000000000000000",
2560 "cc3526262b92f02edce548f716b9f45c",
2561
2562 "0000000000000000000000000000000000000000000000000000000000000000",
2563 "ffffffffffffff000000000000000000",
2564 "c0838d1a2b16a7c7f0dfcc433c399c33",
2565
2566 "0000000000000000000000000000000000000000000000000000000000000000",
2567 "ffffffffffffff800000000000000000",
2568 "0d9ac756eb297695eed4d382eb126d26",
2569
2570 "0000000000000000000000000000000000000000000000000000000000000000",
2571 "ffffffffffffffc00000000000000000",
2572 "56ede9dda3f6f141bff1757fa689c3e1",
2573
2574 "0000000000000000000000000000000000000000000000000000000000000000",
2575 "ffffffffffffffe00000000000000000",
2576 "768f520efe0f23e61d3ec8ad9ce91774",
2577
2578 "0000000000000000000000000000000000000000000000000000000000000000",
2579 "fffffffffffffff00000000000000000",
2580 "b1144ddfa75755213390e7c596660490",
2581
2582 "0000000000000000000000000000000000000000000000000000000000000000",
2583 "fffffffffffffff80000000000000000",
2584 "1d7c0c4040b355b9d107a99325e3b050",
2585
2586 "0000000000000000000000000000000000000000000000000000000000000000",
2587 "fffffffffffffffc0000000000000000",
2588 "d8e2bb1ae8ee3dcf5bf7d6c38da82a1a",
2589
2590 "0000000000000000000000000000000000000000000000000000000000000000",
2591 "fffffffffffffffe0000000000000000",
2592 "faf82d178af25a9886a47e7f789b98d7",
2593
2594 "0000000000000000000000000000000000000000000000000000000000000000",
2595 "ffffffffffffffff0000000000000000",
2596 "9b58dbfd77fe5aca9cfc190cd1b82d19",
2597
2598 "0000000000000000000000000000000000000000000000000000000000000000",
2599 "ffffffffffffffff8000000000000000",
2600 "77f392089042e478ac16c0c86a0b5db5",
2601
2602 "0000000000000000000000000000000000000000000000000000000000000000",
2603 "ffffffffffffffffc000000000000000",
2604 "19f08e3420ee69b477ca1420281c4782",
2605
2606 "0000000000000000000000000000000000000000000000000000000000000000",
2607 "ffffffffffffffffe000000000000000",
2608 "a1b19beee4e117139f74b3c53fdcb875",
2609
2610 "0000000000000000000000000000000000000000000000000000000000000000",
2611 "fffffffffffffffff000000000000000",
2612 "a37a5869b218a9f3a0868d19aea0ad6a",
2613
2614 "0000000000000000000000000000000000000000000000000000000000000000",
2615 "fffffffffffffffff800000000000000",
2616 "bc3594e865bcd0261b13202731f33580",
2617
2618 "0000000000000000000000000000000000000000000000000000000000000000",
2619 "fffffffffffffffffc00000000000000",
2620 "811441ce1d309eee7185e8c752c07557",
2621
2622 "0000000000000000000000000000000000000000000000000000000000000000",
2623 "fffffffffffffffffe00000000000000",
2624 "959971ce4134190563518e700b9874d1",
2625
2626 "0000000000000000000000000000000000000000000000000000000000000000",
2627 "ffffffffffffffffff00000000000000",
2628 "76b5614a042707c98e2132e2e805fe63",
2629
2630 "0000000000000000000000000000000000000000000000000000000000000000",
2631 "ffffffffffffffffff80000000000000",
2632 "7d9fa6a57530d0f036fec31c230b0cc6",
2633
2634 "0000000000000000000000000000000000000000000000000000000000000000",
2635 "ffffffffffffffffffc0000000000000",
2636 "964153a83bf6989a4ba80daa91c3e081",
2637
2638 "0000000000000000000000000000000000000000000000000000000000000000",
2639 "ffffffffffffffffffe0000000000000",
2640 "a013014d4ce8054cf2591d06f6f2f176",
2641
2642 "0000000000000000000000000000000000000000000000000000000000000000",
2643 "fffffffffffffffffff0000000000000",
2644 "d1c5f6399bf382502e385eee1474a869",
2645
2646 "0000000000000000000000000000000000000000000000000000000000000000",
2647 "fffffffffffffffffff8000000000000",
2648 "0007e20b8298ec354f0f5fe7470f36bd",
2649
2650 "0000000000000000000000000000000000000000000000000000000000000000",
2651 "fffffffffffffffffffc000000000000",
2652 "b95ba05b332da61ef63a2b31fcad9879",
2653
2654 "0000000000000000000000000000000000000000000000000000000000000000",
2655 "fffffffffffffffffffe000000000000",
2656 "4620a49bd967491561669ab25dce45f4",
2657
2658 "0000000000000000000000000000000000000000000000000000000000000000",
2659 "ffffffffffffffffffff000000000000",
2660 "12e71214ae8e04f0bb63d7425c6f14d5",
2661
2662 "0000000000000000000000000000000000000000000000000000000000000000",
2663 "ffffffffffffffffffff800000000000",
2664 "4cc42fc1407b008fe350907c092e80ac",
2665
2666 "0000000000000000000000000000000000000000000000000000000000000000",
2667 "ffffffffffffffffffffc00000000000",
2668 "08b244ce7cbc8ee97fbba808cb146fda",
2669
2670 "0000000000000000000000000000000000000000000000000000000000000000",
2671 "ffffffffffffffffffffe00000000000",
2672 "39b333e8694f21546ad1edd9d87ed95b",
2673
2674 "0000000000000000000000000000000000000000000000000000000000000000",
2675 "fffffffffffffffffffff00000000000",
2676 "3b271f8ab2e6e4a20ba8090f43ba78f3",
2677
2678 "0000000000000000000000000000000000000000000000000000000000000000",
2679 "fffffffffffffffffffff80000000000",
2680 "9ad983f3bf651cd0393f0a73cccdea50",
2681
2682 "0000000000000000000000000000000000000000000000000000000000000000",
2683 "fffffffffffffffffffffc0000000000",
2684 "8f476cbff75c1f725ce18e4bbcd19b32",
2685
2686 "0000000000000000000000000000000000000000000000000000000000000000",
2687 "fffffffffffffffffffffe0000000000",
2688 "905b6267f1d6ab5320835a133f096f2a",
2689
2690 "0000000000000000000000000000000000000000000000000000000000000000",
2691 "ffffffffffffffffffffff0000000000",
2692 "145b60d6d0193c23f4221848a892d61a",
2693
2694 "0000000000000000000000000000000000000000000000000000000000000000",
2695 "ffffffffffffffffffffff8000000000",
2696 "55cfb3fb6d75cad0445bbc8dafa25b0f",
2697
2698 "0000000000000000000000000000000000000000000000000000000000000000",
2699 "ffffffffffffffffffffffc000000000",
2700 "7b8e7098e357ef71237d46d8b075b0f5",
2701
2702 "0000000000000000000000000000000000000000000000000000000000000000",
2703 "ffffffffffffffffffffffe000000000",
2704 "2bf27229901eb40f2df9d8398d1505ae",
2705
2706 "0000000000000000000000000000000000000000000000000000000000000000",
2707 "fffffffffffffffffffffff000000000",
2708 "83a63402a77f9ad5c1e931a931ecd706",
2709
2710 "0000000000000000000000000000000000000000000000000000000000000000",
2711 "fffffffffffffffffffffff800000000",
2712 "6f8ba6521152d31f2bada1843e26b973",
2713
2714 "0000000000000000000000000000000000000000000000000000000000000000",
2715 "fffffffffffffffffffffffc00000000",
2716 "e5c3b8e30fd2d8e6239b17b44bd23bbd",
2717
2718 "0000000000000000000000000000000000000000000000000000000000000000",
2719 "fffffffffffffffffffffffe00000000",
2720 "1ac1f7102c59933e8b2ddc3f14e94baa",
2721
2722 "0000000000000000000000000000000000000000000000000000000000000000",
2723 "ffffffffffffffffffffffff00000000",
2724 "21d9ba49f276b45f11af8fc71a088e3d",
2725
2726 "0000000000000000000000000000000000000000000000000000000000000000",
2727 "ffffffffffffffffffffffff80000000",
2728 "649f1cddc3792b4638635a392bc9bade",
2729
2730 "0000000000000000000000000000000000000000000000000000000000000000",
2731 "ffffffffffffffffffffffffc0000000",
2732 "e2775e4b59c1bc2e31a2078c11b5a08c",
2733
2734 "0000000000000000000000000000000000000000000000000000000000000000",
2735 "ffffffffffffffffffffffffe0000000",
2736 "2be1fae5048a25582a679ca10905eb80",
2737
2738 "0000000000000000000000000000000000000000000000000000000000000000",
2739 "fffffffffffffffffffffffff0000000",
2740 "da86f292c6f41ea34fb2068df75ecc29",
2741
2742 "0000000000000000000000000000000000000000000000000000000000000000",
2743 "fffffffffffffffffffffffff8000000",
2744 "220df19f85d69b1b562fa69a3c5beca5",
2745
2746 "0000000000000000000000000000000000000000000000000000000000000000",
2747 "fffffffffffffffffffffffffc000000",
2748 "1f11d5d0355e0b556ccdb6c7f5083b4d",
2749
2750 "0000000000000000000000000000000000000000000000000000000000000000",
2751 "fffffffffffffffffffffffffe000000",
2752 "62526b78be79cb384633c91f83b4151b",
2753
2754 "0000000000000000000000000000000000000000000000000000000000000000",
2755 "ffffffffffffffffffffffffff000000",
2756 "90ddbcb950843592dd47bbef00fdc876",
2757
2758 "0000000000000000000000000000000000000000000000000000000000000000",
2759 "ffffffffffffffffffffffffff800000",
2760 "2fd0e41c5b8402277354a7391d2618e2",
2761
2762 "0000000000000000000000000000000000000000000000000000000000000000",
2763 "ffffffffffffffffffffffffffc00000",
2764 "3cdf13e72dee4c581bafec70b85f9660",
2765
2766 "0000000000000000000000000000000000000000000000000000000000000000",
2767 "ffffffffffffffffffffffffffe00000",
2768 "afa2ffc137577092e2b654fa199d2c43",
2769
2770 "0000000000000000000000000000000000000000000000000000000000000000",
2771 "fffffffffffffffffffffffffff00000",
2772 "8d683ee63e60d208e343ce48dbc44cac",
2773
2774 "0000000000000000000000000000000000000000000000000000000000000000",
2775 "fffffffffffffffffffffffffff80000",
2776 "705a4ef8ba2133729c20185c3d3a4763",
2777
2778 "0000000000000000000000000000000000000000000000000000000000000000",
2779 "fffffffffffffffffffffffffffc0000",
2780 "0861a861c3db4e94194211b77ed761b9",
2781
2782 "0000000000000000000000000000000000000000000000000000000000000000",
2783 "fffffffffffffffffffffffffffe0000",
2784 "4b00c27e8b26da7eab9d3a88dec8b031",
2785
2786 "0000000000000000000000000000000000000000000000000000000000000000",
2787 "ffffffffffffffffffffffffffff0000",
2788 "5f397bf03084820cc8810d52e5b666e9",
2789
2790 "0000000000000000000000000000000000000000000000000000000000000000",
2791 "ffffffffffffffffffffffffffff8000",
2792 "63fafabb72c07bfbd3ddc9b1203104b8",
2793
2794 "0000000000000000000000000000000000000000000000000000000000000000",
2795 "ffffffffffffffffffffffffffffc000",
2796 "683e2140585b18452dd4ffbb93c95df9",
2797
2798 "0000000000000000000000000000000000000000000000000000000000000000",
2799 "ffffffffffffffffffffffffffffe000",
2800 "286894e48e537f8763b56707d7d155c8",
2801
2802 "0000000000000000000000000000000000000000000000000000000000000000",
2803 "fffffffffffffffffffffffffffff000",
2804 "a423deabc173dcf7e2c4c53e77d37cd1",
2805
2806 "0000000000000000000000000000000000000000000000000000000000000000",
2807 "fffffffffffffffffffffffffffff800",
2808 "eb8168313e1cfdfdb5e986d5429cf172",
2809
2810 "0000000000000000000000000000000000000000000000000000000000000000",
2811 "fffffffffffffffffffffffffffffc00",
2812 "27127daafc9accd2fb334ec3eba52323",
2813
2814 "0000000000000000000000000000000000000000000000000000000000000000",
2815 "fffffffffffffffffffffffffffffe00",
2816 "ee0715b96f72e3f7a22a5064fc592f4c",
2817
2818 "0000000000000000000000000000000000000000000000000000000000000000",
2819 "ffffffffffffffffffffffffffffff00",
2820 "29ee526770f2a11dcfa989d1ce88830f",
2821
2822 "0000000000000000000000000000000000000000000000000000000000000000",
2823 "ffffffffffffffffffffffffffffff80",
2824 "0493370e054b09871130fe49af730a5a",
2825
2826 "0000000000000000000000000000000000000000000000000000000000000000",
2827 "ffffffffffffffffffffffffffffffc0",
2828 "9b7b940f6c509f9e44a4ee140448ee46",
2829
2830 "0000000000000000000000000000000000000000000000000000000000000000",
2831 "ffffffffffffffffffffffffffffffe0",
2832 "2915be4a1ecfdcbe3e023811a12bb6c7",
2833
2834 "0000000000000000000000000000000000000000000000000000000000000000",
2835 "fffffffffffffffffffffffffffffff0",
2836 "7240e524bc51d8c4d440b1be55d1062c",
2837
2838 "0000000000000000000000000000000000000000000000000000000000000000",
2839 "fffffffffffffffffffffffffffffff8",
2840 "da63039d38cb4612b2dc36ba26684b93",
2841
2842 "0000000000000000000000000000000000000000000000000000000000000000",
2843 "fffffffffffffffffffffffffffffffc",
2844 "0f59cb5a4b522e2ac56c1a64f558ad9a",
2845
2846 "0000000000000000000000000000000000000000000000000000000000000000",
2847 "fffffffffffffffffffffffffffffffe",
2848 "7bfe9d876c6d63c1d035da8fe21c409d",
2849
2850 "0000000000000000000000000000000000000000000000000000000000000000",
2851 "ffffffffffffffffffffffffffffffff",
2852 "acdace8078a32b1a182bfa4987ca1347",
2853
2854 /*
2855 * Table end marker.
2856 */
2857 NULL
2858 };
2859
2860 /*
2861 * AES known-answer tests for CBC. Order: key, IV, plaintext, ciphertext.
2862 */
2863 static const char *const KAT_AES_CBC[] = {
2864 /*
2865 * From NIST validation suite "Multiblock Message Test"
2866 * (cbcmmt128.rsp).
2867 */
2868 "1f8e4973953f3fb0bd6b16662e9a3c17",
2869 "2fe2b333ceda8f98f4a99b40d2cd34a8",
2870 "45cf12964fc824ab76616ae2f4bf0822",
2871 "0f61c4d44c5147c03c195ad7e2cc12b2",
2872
2873 "0700d603a1c514e46b6191ba430a3a0c",
2874 "aad1583cd91365e3bb2f0c3430d065bb",
2875 "068b25c7bfb1f8bdd4cfc908f69dffc5ddc726a197f0e5f720f730393279be91",
2876 "c4dc61d9725967a3020104a9738f23868527ce839aab1752fd8bdb95a82c4d00",
2877
2878 "3348aa51e9a45c2dbe33ccc47f96e8de",
2879 "19153c673160df2b1d38c28060e59b96",
2880 "9b7cee827a26575afdbb7c7a329f887238052e3601a7917456ba61251c214763d5e1847a6ad5d54127a399ab07ee3599",
2881 "d5aed6c9622ec451a15db12819952b6752501cf05cdbf8cda34a457726ded97818e1f127a28d72db5652749f0c6afee5",
2882
2883 "b7f3c9576e12dd0db63e8f8fac2b9a39",
2884 "c80f095d8bb1a060699f7c19974a1aa0",
2885 "9ac19954ce1319b354d3220460f71c1e373f1cd336240881160cfde46ebfed2e791e8d5a1a136ebd1dc469dec00c4187722b841cdabcb22c1be8a14657da200e",
2886 "19b9609772c63f338608bf6eb52ca10be65097f89c1e0905c42401fd47791ae2c5440b2d473116ca78bd9ff2fb6015cfd316524eae7dcb95ae738ebeae84a467",
2887
2888 "b6f9afbfe5a1562bba1368fc72ac9d9c",
2889 "3f9d5ebe250ee7ce384b0d00ee849322",
2890 "db397ec22718dbffb9c9d13de0efcd4611bf792be4fce0dc5f25d4f577ed8cdbd4eb9208d593dda3d4653954ab64f05676caa3ce9bfa795b08b67ceebc923fdc89a8c431188e9e482d8553982cf304d1",
2891 "10ea27b19e16b93af169c4a88e06e35c99d8b420980b058e34b4b8f132b13766f72728202b089f428fecdb41c79f8aa0d0ef68f5786481cca29e2126f69bc14160f1ae2187878ba5c49cf3961e1b7ee9",
2892
2893 "bbe7b7ba07124ff1ae7c3416fe8b465e",
2894 "7f65b5ee3630bed6b84202d97fb97a1e",
2895 "2aad0c2c4306568bad7447460fd3dac054346d26feddbc9abd9110914011b4794be2a9a00a519a51a5b5124014f4ed2735480db21b434e99a911bb0b60fe0253763725b628d5739a5117b7ee3aefafc5b4c1bf446467e7bf5f78f31ff7caf187",
2896 "3b8611bfc4973c5cd8e982b073b33184cd26110159172e44988eb5ff5661a1e16fad67258fcbfee55469267a12dc374893b4e3533d36f5634c3095583596f135aa8cd1138dc898bc5651ee35a92ebf89ab6aeb5366653bc60a70e0074fc11efe",
2897
2898 "89a553730433f7e6d67d16d373bd5360",
2899 "f724558db3433a523f4e51a5bea70497",
2900 "807bc4ea684eedcfdcca30180680b0f1ae2814f35f36d053c5aea6595a386c1442770f4d7297d8b91825ee7237241da8925dd594ccf676aecd46ca2068e8d37a3a0ec8a7d5185a201e663b5ff36ae197110188a23503763b8218826d23ced74b31e9f6e2d7fbfa6cb43420c7807a8625",
2901 "406af1429a478c3d07e555c5287a60500d37fc39b68e5bbb9bafd6ddb223828561d6171a308d5b1a4551e8a5e7d572918d25c968d3871848d2f16635caa9847f38590b1df58ab5efb985f2c66cfaf86f61b3f9c0afad6c963c49cee9b8bc81a2ddb06c967f325515a4849eec37ce721a",
2902
2903 "c491ca31f91708458e29a925ec558d78",
2904 "9ef934946e5cd0ae97bd58532cb49381",
2905 "cb6a787e0dec56f9a165957f81af336ca6b40785d9e94093c6190e5152649f882e874d79ac5e167bd2a74ce5ae088d2ee854f6539e0a94796b1e1bd4c9fcdbc79acbef4d01eeb89776d18af71ae2a4fc47dd66df6c4dbe1d1850e466549a47b636bcc7c2b3a62495b56bb67b6d455f1eebd9bfefecbca6c7f335cfce9b45cb9d",
2906 "7b2931f5855f717145e00f152a9f4794359b1ffcb3e55f594e33098b51c23a6c74a06c1d94fded7fd2ae42c7db7acaef5844cb33aeddc6852585ed0020a6699d2cb53809cefd169148ce42292afab063443978306c582c18b9ce0da3d084ce4d3c482cfd8fcf1a85084e89fb88b40a084d5e972466d07666126fb761f84078f2",
2907
2908 "f6e87d71b0104d6eb06a68dc6a71f498",
2909 "1c245f26195b76ebebc2edcac412a2f8",
2910 "f82bef3c73a6f7f80db285726d691db6bf55eec25a859d3ba0e0445f26b9bb3b16a3161ed1866e4dd8f2e5f8ecb4e46d74a7a78c20cdfc7bcc9e479ba7a0caba9438238ad0c01651d5d98de37f03ddce6e6b4bd4ab03cf9e8ed818aedfa1cf963b932067b97d776dce1087196e7e913f7448e38244509f0caf36bd8217e15336d35c149fd4e41707893fdb84014f8729",
2911 "b09512f3eff9ed0d85890983a73dadbb7c3678d52581be64a8a8fc586f490f2521297a478a0598040ebd0f5509fafb0969f9d9e600eaef33b1b93eed99687b167f89a5065aac439ce46f3b8d22d30865e64e45ef8cd30b6984353a844a11c8cd60dba0e8866b3ee30d24b3fa8a643b328353e06010fa8273c8fd54ef0a2b6930e5520aae5cd5902f9b86a33592ca4365",
2912
2913 "2c14413751c31e2730570ba3361c786b",
2914 "1dbbeb2f19abb448af849796244a19d7",
2915 "40d930f9a05334d9816fe204999c3f82a03f6a0457a8c475c94553d1d116693adc618049f0a769a2eed6a6cb14c0143ec5cccdbc8dec4ce560cfd206225709326d4de7948e54d603d01b12d7fed752fb23f1aa4494fbb00130e9ded4e77e37c079042d828040c325b1a5efd15fc842e44014ca4374bf38f3c3fc3ee327733b0c8aee1abcd055772f18dc04603f7b2c1ea69ff662361f2be0a171bbdcea1e5d3f",
2916 "6be8a12800455a320538853e0cba31bd2d80ea0c85164a4c5c261ae485417d93effe2ebc0d0a0b51d6ea18633d210cf63c0c4ddbc27607f2e81ed9113191ef86d56f3b99be6c415a4150299fb846ce7160b40b63baf1179d19275a2e83698376d28b92548c68e06e6d994e2c1501ed297014e702cdefee2f656447706009614d801de1caaf73f8b7fa56cf1ba94b631933bbe577624380850f117435a0355b2b",
2917
2918 /*
2919 * From NIST validation suite "Multiblock Message Test"
2920 * (cbcmmt192.rsp).
2921 */
2922 "ba75f4d1d9d7cf7f551445d56cc1a8ab2a078e15e049dc2c",
2923 "531ce78176401666aa30db94ec4a30eb",
2924 "c51fc276774dad94bcdc1d2891ec8668",
2925 "70dd95a14ee975e239df36ff4aee1d5d",
2926
2927 "eab3b19c581aa873e1981c83ab8d83bbf8025111fb2e6b21",
2928 "f3d6667e8d4d791e60f7505ba383eb05",
2929 "9d4e4cccd1682321856df069e3f1c6fa391a083a9fb02d59db74c14081b3acc4",
2930 "51d44779f90d40a80048276c035cb49ca2a47bcb9b9cf7270b9144793787d53f",
2931
2932 "16c93bb398f1fc0cf6d68fc7a5673cdf431fa147852b4a2d",
2933 "eaaeca2e07ddedf562f94df63f0a650f",
2934 "c5ce958613bf741718c17444484ebaf1050ddcacb59b9590178cbe69d7ad7919608cb03af13bbe04f3506b718a301ea0",
2935 "ed6a50e0c6921d52d6647f75d67b4fd56ace1fedb8b5a6a997b4d131640547d22c5d884a75e6752b5846b5b33a5181f4",
2936
2937 "067bb17b4df785697eaccf961f98e212cb75e6797ce935cb",
2938 "8b59c9209c529ca8391c9fc0ce033c38",
2939 "db3785a889b4bd387754da222f0e4c2d2bfe0d79e05bc910fba941beea30f1239eacf0068f4619ec01c368e986fca6b7c58e490579d29611bd10087986eff54f",
2940 "d5f5589760bf9c762228fde236de1fa2dd2dad448db3fa9be0c4196efd46a35c84dd1ac77d9db58c95918cb317a6430a08d2fb6a8e8b0f1c9b72c7a344dc349f",
2941
2942 "0fd39de83e0be77a79c8a4a612e3dd9c8aae2ce35e7a2bf8",
2943 "7e1d629b84f93b079be51f9a5f5cb23c",
2944 "38fbda37e28fa86d9d83a4345e419dea95d28c7818ff25925db6ac3aedaf0a86154e20a4dfcc5b1b4192895393e5eb5846c88bdbd41ecf7af3104f410eaee470f5d9017ed460475f626953035a13db1f",
2945 "edadae2f9a45ff3473e02d904c94d94a30a4d92da4deb6bcb4b0774472694571842039f21c496ef93fd658842c735f8a81fcd0aa578442ab893b18f606aed1bab11f81452dd45e9b56adf2eccf4ea095",
2946
2947 "e3fecc75f0075a09b383dfd389a3d33cc9b854b3b254c0f4",
2948 "36eab883afef936cc38f63284619cd19",
2949 "931b2f5f3a5820d53a6beaaa6431083a3488f4eb03b0f5b57ef838e1579623103bd6e6800377538b2e51ef708f3c4956432e8a8ee6a34e190642b26ad8bdae6c2af9a6c7996f3b6004d2671e41f1c9f40ee03d1c4a52b0a0654a331f15f34dce",
2950 "75395974bd32b3665654a6c8e396b88ae34b123575872a7ab687d8e76b46df911a8a590cd01d2f5c330be3a6626e9dd3aa5e10ed14e8ff829811b6fed50f3f533ca4385a1cbca78f5c4744e50f2f8359165c2485d1324e76c3eae76a0ccac629",
2951
2952 "f9c27565eb07947c8cb51b79248430f7b1066c3d2fdc3d13",
2953 "2bd67cc89ab7948d644a49672843cbd9",
2954 "6abcc270173cf114d44847e911a050db57ba7a2e2c161c6f37ccb6aaa4677bddcaf50cad0b5f8758fcf7c0ebc650ceb5cd52cafb8f8dd3edcece55d9f1f08b9fa8f54365cf56e28b9596a7e1dd1d3418e4444a7724add4cf79d527b183ec88de4be4eeff29c80a97e54f85351cb189ee",
2955 "ca282924a61187feb40520979106e5cc861957f23828dcb7285e0eaac8a0ca2a6b60503d63d6039f4693dba32fa1f73ae2e709ca94911f28a5edd1f30eaddd54680c43acc9c74cd90d8bb648b4e544275f47e514daa20697f66c738eb30337f017fca1a26da4d1a0cc0a0e98e2463070",
2956
2957 "fb09cf9e00dbf883689d079c920077c0073c31890b55bab5",
2958 "e3c89bd097c3abddf64f4881db6dbfe2",
2959 "c1a37683fb289467dd1b2c89efba16bbd2ee24cf18d19d44596ded2682c79a2f711c7a32bf6a24badd32a4ee637c73b7a41da6258635650f91fb9ffa45bdfc3cb122136241b3deced8996aa51ea8d3e81c9d70e006a44bc0571ed48623a0d622a93fa9da290baaedf5d9e876c94620945ff8ecc83f27379ed55cf490c5790f27",
2960 "8158e21420f25b59d6ae943fa1cbf21f02e979f419dab0126a721b7eef55bee9ad97f5ccff7d239057bbc19a8c378142f7672f1d5e7e17d7bebcb0070e8355cace6660171a53b61816ae824a6ef69ce470b6ffd3b5bb4b438874d91d27854d3b6f25860d3868958de3307d62b1339bdddb8a318c0ce0f33c17caf0e9f6040820",
2961
2962 "bca6fa3c67fd294e958f66fe8bd64f45f428f5bc8e9733a7",
2963 "92a47f2833f1450d1da41717bdc6e83c",
2964 "5becbc31d8bead6d36ae014a5863d14a431e6b55d29ea6baaa417271716db3a33b2e506b452086dfe690834ac2de30bc41254ec5401ec47d064237c7792fdcd7914d8af20eb114756642d519021a8c75a92f6bc53d326ae9a5b7e1b10a9756574692934d9939fc399e0c203f7edf8e7e6482eadd31a0400770e897b48c6bca2b404593045080e93377358c42a0f4dede",
2965 "926db248cc1ba20f0c57631a7c8aef094f791937b905949e3460240e8bfa6fa483115a1b310b6e4369caebc5262888377b1ddaa5800ea496a2bdff0f9a1031e7129c9a20e35621e7f0b8baca0d87030f2ae7ca8593c8599677a06fd4b26009ead08fecac24caa9cf2cad3b470c8227415a7b1e0f2eab3fad96d70a209c8bb26c627677e2531b9435ca6e3c444d195b5f",
2966
2967 "162ad50ee64a0702aa551f571dedc16b2c1b6a1e4d4b5eee",
2968 "24408038161a2ccae07b029bb66355c1",
2969 "be8abf00901363987a82cc77d0ec91697ba3857f9e4f84bd79406c138d02698f003276d0449120bef4578d78fecabe8e070e11710b3f0a2744bd52434ec70015884c181ebdfd51c604a71c52e4c0e110bc408cd462b248a80b8a8ac06bb952ac1d7faed144807f1a731b7febcaf7835762defe92eccfc7a9944e1c702cffe6bc86733ed321423121085ac02df8962bcbc1937092eebf0e90a8b20e3dd8c244ae",
2970 "c82cf2c476dea8cb6a6e607a40d2f0391be82ea9ec84a537a6820f9afb997b76397d005424faa6a74dc4e8c7aa4a8900690f894b6d1dca80675393d2243adac762f159301e357e98b724762310cd5a7bafe1c2a030dba46fd93a9fdb89cc132ca9c17dc72031ec6822ee5a9d99dbca66c784c01b0885cbb62e29d97801927ec415a5d215158d325f9ee689437ad1b7684ad33c0d92739451ac87f39ff8c31b84",
2971
2972 /*
2973 * From NIST validation suite "Multiblock Message Test"
2974 * (cbcmmt256.rsp).
2975 */
2976 "6ed76d2d97c69fd1339589523931f2a6cff554b15f738f21ec72dd97a7330907",
2977 "851e8764776e6796aab722dbb644ace8",
2978 "6282b8c05c5c1530b97d4816ca434762",
2979 "6acc04142e100a65f51b97adf5172c41",
2980
2981 "dce26c6b4cfb286510da4eecd2cffe6cdf430f33db9b5f77b460679bd49d13ae",
2982 "fdeaa134c8d7379d457175fd1a57d3fc",
2983 "50e9eee1ac528009e8cbcd356975881f957254b13f91d7c6662d10312052eb00",
2984 "2fa0df722a9fd3b64cb18fb2b3db55ff2267422757289413f8f657507412a64c",
2985
2986 "fe8901fecd3ccd2ec5fdc7c7a0b50519c245b42d611a5ef9e90268d59f3edf33",
2987 "bd416cb3b9892228d8f1df575692e4d0",
2988 "8d3aa196ec3d7c9b5bb122e7fe77fb1295a6da75abe5d3a510194d3a8a4157d5c89d40619716619859da3ec9b247ced9",
2989 "608e82c7ab04007adb22e389a44797fed7de090c8c03ca8a2c5acd9e84df37fbc58ce8edb293e98f02b640d6d1d72464",
2990
2991 "0493ff637108af6a5b8e90ac1fdf035a3d4bafd1afb573be7ade9e8682e663e5",
2992 "c0cd2bebccbb6c49920bd5482ac756e8",
2993 "8b37f9148df4bb25956be6310c73c8dc58ea9714ff49b643107b34c9bff096a94fedd6823526abc27a8e0b16616eee254ab4567dd68e8ccd4c38ac563b13639c",
2994 "05d5c77729421b08b737e41119fa4438d1f570cc772a4d6c3df7ffeda0384ef84288ce37fc4c4c7d1125a499b051364c389fd639bdda647daa3bdadab2eb5594",
2995
2996 "9adc8fbd506e032af7fa20cf5343719de6d1288c158c63d6878aaf64ce26ca85",
2997 "11958dc6ab81e1c7f01631e9944e620f",
2998 "c7917f84f747cd8c4b4fedc2219bdbc5f4d07588389d8248854cf2c2f89667a2d7bcf53e73d32684535f42318e24cd45793950b3825e5d5c5c8fcd3e5dda4ce9246d18337ef3052d8b21c5561c8b660e",
2999 "9c99e68236bb2e929db1089c7750f1b356d39ab9d0c40c3e2f05108ae9d0c30b04832ccdbdc08ebfa426b7f5efde986ed05784ce368193bb3699bc691065ac62e258b9aa4cc557e2b45b49ce05511e65",
3000
3001 "73b8faf00b3302ac99855cf6f9e9e48518690a5906a4869d4dcf48d282faae2a",
3002 "b3cb97a80a539912b8c21f450d3b9395",
3003 "3adea6e06e42c4f041021491f2775ef6378cb08824165edc4f6448e232175b60d0345b9f9c78df6596ec9d22b7b9e76e8f3c76b32d5d67273f1d83fe7a6fc3dd3c49139170fa5701b3beac61b490f0a9e13f844640c4500f9ad3087adfb0ae10",
3004 "ac3d6dbafe2e0f740632fd9e820bf6044cd5b1551cbb9cc03c0b25c39ccb7f33b83aacfca40a3265f2bbff879153448acacb88fcfb3bb7b10fe463a68c0109f028382e3e557b1adf02ed648ab6bb895df0205d26ebbfa9a5fd8cebd8e4bee3dc",
3005
3006 "9ddf3745896504ff360a51a3eb49c01b79fccebc71c3abcb94a949408b05b2c9",
3007 "e79026639d4aa230b5ccffb0b29d79bc",
3008 "cf52e5c3954c51b94c9e38acb8c9a7c76aebdaa9943eae0a1ce155a2efdb4d46985d935511471452d9ee64d2461cb2991d59fc0060697f9a671672163230f367fed1422316e52d29eceacb8768f56d9b80f6d278093c9a8acd3cfd7edd8ebd5c293859f64d2f8486ae1bd593c65bc014",
3009 "34df561bd2cfebbcb7af3b4b8d21ca5258312e7e2e4e538e35ad2490b6112f0d7f148f6aa8d522a7f3c61d785bd667db0e1dc4606c318ea4f26af4fe7d11d4dcff0456511b4aed1a0d91ba4a1fd6cd9029187bc5881a5a07fe02049d39368e83139b12825bae2c7be81e6f12c61bb5c5",
3010
3011 "458b67bf212d20f3a57fce392065582dcefbf381aa22949f8338ab9052260e1d",
3012 "4c12effc5963d40459602675153e9649",
3013 "256fd73ce35ae3ea9c25dd2a9454493e96d8633fe633b56176dce8785ce5dbbb84dbf2c8a2eeb1e96b51899605e4f13bbc11b93bf6f39b3469be14858b5b720d4a522d36feed7a329c9b1e852c9280c47db8039c17c4921571a07d1864128330e09c308ddea1694e95c84500f1a61e614197e86a30ecc28df64ccb3ccf5437aa",
3014 "90b7b9630a2378f53f501ab7beff039155008071bc8438e789932cfd3eb1299195465e6633849463fdb44375278e2fdb1310821e6492cf80ff15cb772509fb426f3aeee27bd4938882fd2ae6b5bd9d91fa4a43b17bb439ebbe59c042310163a82a5fe5388796eee35a181a1271f00be29b852d8fa759bad01ff4678f010594cd",
3015
3016 "d2412db0845d84e5732b8bbd642957473b81fb99ca8bff70e7920d16c1dbec89",
3017 "51c619fcf0b23f0c7925f400a6cacb6d",
3018 "026006c4a71a180c9929824d9d095b8faaa86fc4fa25ecac61d85ff6de92dfa8702688c02a282c1b8af4449707f22d75e91991015db22374c95f8f195d5bb0afeb03040ff8965e0e1339dba5653e174f8aa5a1b39fe3ac839ce307a4e44b4f8f1b0063f738ec18acdbff2ebfe07383e734558723e741f0a1836dafdf9de82210a9248bc113b3c1bc8b4e252ca01bd803",
3019 "0254b23463bcabec5a395eb74c8fb0eb137a07bc6f5e9f61ec0b057de305714f8fa294221c91a159c315939b81e300ee902192ec5f15254428d8772f79324ec43298ca21c00b370273ee5e5ed90e43efa1e05a5d171209fe34f9f29237dba2a6726650fd3b1321747d1208863c6c3c6b3e2d879ab5f25782f08ba8f2abbe63e0bedb4a227e81afb36bb6645508356d34",
3020
3021 "48be597e632c16772324c8d3fa1d9c5a9ecd010f14ec5d110d3bfec376c5532b",
3022 "d6d581b8cf04ebd3b6eaa1b53f047ee1",
3023 "0c63d413d3864570e70bb6618bf8a4b9585586688c32bba0a5ecc1362fada74ada32c52acfd1aa7444ba567b4e7daaecf7cc1cb29182af164ae5232b002868695635599807a9a7f07a1f137e97b1e1c9dabc89b6a5e4afa9db5855edaa575056a8f4f8242216242bb0c256310d9d329826ac353d715fa39f80cec144d6424558f9f70b98c920096e0f2c855d594885a00625880e9dfb734163cecef72cf030b8",
3024 "fc5873e50de8faf4c6b84ba707b0854e9db9ab2e9f7d707fbba338c6843a18fc6facebaf663d26296fb329b4d26f18494c79e09e779647f9bafa87489630d79f4301610c2300c19dbf3148b7cac8c4f4944102754f332e92b6f7c5e75bc6179eb877a078d4719009021744c14f13fd2a55a2b9c44d18000685a845a4f632c7c56a77306efa66a24d05d088dcd7c13fe24fc447275965db9e4d37fbc9304448cd",
3025
3026 /*
3027 * End-of-table marker.
3028 */
3029 NULL
3030 };
3031
3032 /*
3033 * AES known-answer tests for CTR. Order: key, IV, plaintext, ciphertext.
3034 */
3035 static const char *const KAT_AES_CTR[] = {
3036 /*
3037 * From RFC 3686.
3038 */
3039 "ae6852f8121067cc4bf7a5765577f39e",
3040 "000000300000000000000000",
3041 "53696e676c6520626c6f636b206d7367",
3042 "e4095d4fb7a7b3792d6175a3261311b8",
3043
3044 "7e24067817fae0d743d6ce1f32539163",
3045 "006cb6dbc0543b59da48d90b",
3046 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
3047 "5104a106168a72d9790d41ee8edad388eb2e1efc46da57c8fce630df9141be28",
3048
3049 "7691be035e5020a8ac6e618529f9a0dc",
3050 "00e0017b27777f3f4a1786f0",
3051 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
3052 "c1cf48a89f2ffdd9cf4652e9efdb72d74540a42bde6d7836d59a5ceaaef3105325b2072f",
3053
3054 "16af5b145fc9f579c175f93e3bfb0eed863d06ccfdb78515",
3055 "0000004836733c147d6d93cb",
3056 "53696e676c6520626c6f636b206d7367",
3057 "4b55384fe259c9c84e7935a003cbe928",
3058
3059 "7c5cb2401b3dc33c19e7340819e0f69c678c3db8e6f6a91a",
3060 "0096b03b020c6eadc2cb500d",
3061 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
3062 "453243fc609b23327edfaafa7131cd9f8490701c5ad4a79cfc1fe0ff42f4fb00",
3063
3064 "02bf391ee8ecb159b959617b0965279bf59b60a786d3e0fe",
3065 "0007bdfd5cbd60278dcc0912",
3066 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
3067 "96893fc55e5c722f540b7dd1ddf7e758d288bc95c69165884536c811662f2188abee0935",
3068
3069 "776beff2851db06f4c8a0542c8696f6c6a81af1eec96b4d37fc1d689e6c1c104",
3070 "00000060db5672c97aa8f0b2",
3071 "53696e676c6520626c6f636b206d7367",
3072 "145ad01dbf824ec7560863dc71e3e0c0",
3073
3074 "f6d66d6bd52d59bb0796365879eff886c66dd51a5b6a99744b50590c87a23884",
3075 "00faac24c1585ef15a43d875",
3076 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
3077 "f05e231b3894612c49ee000b804eb2a9b8306b508f839d6a5530831d9344af1c",
3078
3079 "ff7a617ce69148e4f1726e2f43581de2aa62d9f805532edff1eed687fb54153d",
3080 "001cc5b751a51d70a1c11148",
3081 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
3082 "eb6c52821d0bbbf7ce7594462aca4faab407df866569fd07f48cc0b583d6071f1ec0e6b8",
3083
3084 /*
3085 * End-of-table marker.
3086 */
3087 NULL
3088 };
3089
3090 static void
3091 monte_carlo_AES_encrypt(const br_block_cbcenc_class *ve,
3092 char *skey, char *splain, char *scipher)
3093 {
3094 unsigned char key[32];
3095 unsigned char buf[16];
3096 unsigned char pbuf[16];
3097 unsigned char cipher[16];
3098 size_t key_len;
3099 int i, j, k;
3100 br_aes_gen_cbcenc_keys v_ec;
3101 const br_block_cbcenc_class **ec;
3102
3103 ec = &v_ec.vtable;
3104 key_len = hextobin(key, skey);
3105 hextobin(buf, splain);
3106 hextobin(cipher, scipher);
3107 for (i = 0; i < 100; i ++) {
3108 ve->init(ec, key, key_len);
3109 for (j = 0; j < 1000; j ++) {
3110 unsigned char iv[16];
3111
3112 memcpy(pbuf, buf, sizeof buf);
3113 memset(iv, 0, sizeof iv);
3114 ve->run(ec, iv, buf, sizeof buf);
3115 }
3116 switch (key_len) {
3117 case 16:
3118 for (k = 0; k < 16; k ++) {
3119 key[k] ^= buf[k];
3120 }
3121 break;
3122 case 24:
3123 for (k = 0; k < 8; k ++) {
3124 key[k] ^= pbuf[8 + k];
3125 }
3126 for (k = 0; k < 16; k ++) {
3127 key[8 + k] ^= buf[k];
3128 }
3129 break;
3130 default:
3131 for (k = 0; k < 16; k ++) {
3132 key[k] ^= pbuf[k];
3133 key[16 + k] ^= buf[k];
3134 }
3135 break;
3136 }
3137 printf(".");
3138 fflush(stdout);
3139 }
3140 printf(" ");
3141 fflush(stdout);
3142 check_equals("MC AES encrypt", buf, cipher, sizeof buf);
3143 }
3144
3145 static void
3146 monte_carlo_AES_decrypt(const br_block_cbcdec_class *vd,
3147 char *skey, char *scipher, char *splain)
3148 {
3149 unsigned char key[32];
3150 unsigned char buf[16];
3151 unsigned char pbuf[16];
3152 unsigned char plain[16];
3153 size_t key_len;
3154 int i, j, k;
3155 br_aes_gen_cbcdec_keys v_dc;
3156 const br_block_cbcdec_class **dc;
3157
3158 dc = &v_dc.vtable;
3159 key_len = hextobin(key, skey);
3160 hextobin(buf, scipher);
3161 hextobin(plain, splain);
3162 for (i = 0; i < 100; i ++) {
3163 vd->init(dc, key, key_len);
3164 for (j = 0; j < 1000; j ++) {
3165 unsigned char iv[16];
3166
3167 memcpy(pbuf, buf, sizeof buf);
3168 memset(iv, 0, sizeof iv);
3169 vd->run(dc, iv, buf, sizeof buf);
3170 }
3171 switch (key_len) {
3172 case 16:
3173 for (k = 0; k < 16; k ++) {
3174 key[k] ^= buf[k];
3175 }
3176 break;
3177 case 24:
3178 for (k = 0; k < 8; k ++) {
3179 key[k] ^= pbuf[8 + k];
3180 }
3181 for (k = 0; k < 16; k ++) {
3182 key[8 + k] ^= buf[k];
3183 }
3184 break;
3185 default:
3186 for (k = 0; k < 16; k ++) {
3187 key[k] ^= pbuf[k];
3188 key[16 + k] ^= buf[k];
3189 }
3190 break;
3191 }
3192 printf(".");
3193 fflush(stdout);
3194 }
3195 printf(" ");
3196 fflush(stdout);
3197 check_equals("MC AES decrypt", buf, plain, sizeof buf);
3198 }
3199
3200 static void
3201 test_AES_generic(char *name,
3202 const br_block_cbcenc_class *ve,
3203 const br_block_cbcdec_class *vd,
3204 const br_block_ctr_class *vc,
3205 int with_MC, int with_CBC)
3206 {
3207 size_t u;
3208
3209 printf("Test %s: ", name);
3210 fflush(stdout);
3211
3212 if (ve->block_size != 16 || vd->block_size != 16
3213 || ve->log_block_size != 4 || vd->log_block_size != 4)
3214 {
3215 fprintf(stderr, "%s failed: wrong block size\n", name);
3216 exit(EXIT_FAILURE);
3217 }
3218
3219 for (u = 0; KAT_AES[u]; u += 3) {
3220 unsigned char key[32];
3221 unsigned char plain[16];
3222 unsigned char cipher[16];
3223 unsigned char buf[16];
3224 unsigned char iv[16];
3225 size_t key_len;
3226 br_aes_gen_cbcenc_keys v_ec;
3227 br_aes_gen_cbcdec_keys v_dc;
3228 const br_block_cbcenc_class **ec;
3229 const br_block_cbcdec_class **dc;
3230
3231 ec = &v_ec.vtable;
3232 dc = &v_dc.vtable;
3233 key_len = hextobin(key, KAT_AES[u]);
3234 hextobin(plain, KAT_AES[u + 1]);
3235 hextobin(cipher, KAT_AES[u + 2]);
3236 ve->init(ec, key, key_len);
3237 memcpy(buf, plain, sizeof plain);
3238 memset(iv, 0, sizeof iv);
3239 ve->run(ec, iv, buf, sizeof buf);
3240 check_equals("KAT AES encrypt", buf, cipher, sizeof cipher);
3241 vd->init(dc, key, key_len);
3242 memset(iv, 0, sizeof iv);
3243 vd->run(dc, iv, buf, sizeof buf);
3244 check_equals("KAT AES decrypt", buf, plain, sizeof plain);
3245 }
3246
3247 if (with_CBC) {
3248 for (u = 0; KAT_AES_CBC[u]; u += 4) {
3249 unsigned char key[32];
3250 unsigned char ivref[16];
3251 unsigned char plain[200];
3252 unsigned char cipher[200];
3253 unsigned char buf[200];
3254 unsigned char iv[16];
3255 size_t key_len, data_len, v;
3256 br_aes_gen_cbcenc_keys v_ec;
3257 br_aes_gen_cbcdec_keys v_dc;
3258 const br_block_cbcenc_class **ec;
3259 const br_block_cbcdec_class **dc;
3260
3261 ec = &v_ec.vtable;
3262 dc = &v_dc.vtable;
3263 key_len = hextobin(key, KAT_AES_CBC[u]);
3264 hextobin(ivref, KAT_AES_CBC[u + 1]);
3265 data_len = hextobin(plain, KAT_AES_CBC[u + 2]);
3266 hextobin(cipher, KAT_AES_CBC[u + 3]);
3267 ve->init(ec, key, key_len);
3268
3269 memcpy(buf, plain, data_len);
3270 memcpy(iv, ivref, 16);
3271 ve->run(ec, iv, buf, data_len);
3272 check_equals("KAT CBC AES encrypt",
3273 buf, cipher, data_len);
3274 vd->init(dc, key, key_len);
3275 memcpy(iv, ivref, 16);
3276 vd->run(dc, iv, buf, data_len);
3277 check_equals("KAT CBC AES decrypt",
3278 buf, plain, data_len);
3279
3280 memcpy(buf, plain, data_len);
3281 memcpy(iv, ivref, 16);
3282 for (v = 0; v < data_len; v += 16) {
3283 ve->run(ec, iv, buf + v, 16);
3284 }
3285 check_equals("KAT CBC AES encrypt (2)",
3286 buf, cipher, data_len);
3287 memcpy(iv, ivref, 16);
3288 for (v = 0; v < data_len; v += 16) {
3289 vd->run(dc, iv, buf + v, 16);
3290 }
3291 check_equals("KAT CBC AES decrypt (2)",
3292 buf, plain, data_len);
3293 }
3294
3295 /*
3296 * We want to check proper IV management for CBC:
3297 * encryption and decryption must properly copy the _last_
3298 * encrypted block as new IV, for all sizes.
3299 */
3300 for (u = 1; u <= 35; u ++) {
3301 br_hmac_drbg_context rng;
3302 unsigned char x;
3303 size_t key_len, data_len;
3304 size_t v;
3305
3306 br_hmac_drbg_init(&rng, &br_sha256_vtable,
3307 "seed for AES/CBC", 16);
3308 x = u;
3309 br_hmac_drbg_update(&rng, &x, 1);
3310 data_len = u << 4;
3311 for (key_len = 16; key_len <= 32; key_len += 16) {
3312 unsigned char key[32];
3313 unsigned char iv[16], iv1[16], iv2[16];
3314 unsigned char plain[35 * 16];
3315 unsigned char tmp1[sizeof plain];
3316 unsigned char tmp2[sizeof plain];
3317 br_aes_gen_cbcenc_keys v_ec;
3318 br_aes_gen_cbcdec_keys v_dc;
3319 const br_block_cbcenc_class **ec;
3320 const br_block_cbcdec_class **dc;
3321
3322 br_hmac_drbg_generate(&rng, key, key_len);
3323 br_hmac_drbg_generate(&rng, iv, sizeof iv);
3324 br_hmac_drbg_generate(&rng, plain, data_len);
3325
3326 ec = &v_ec.vtable;
3327 ve->init(ec, key, key_len);
3328 memcpy(iv1, iv, sizeof iv);
3329 memcpy(tmp1, plain, data_len);
3330 ve->run(ec, iv1, tmp1, data_len);
3331 check_equals("IV CBC AES (1)",
3332 tmp1 + data_len - 16, iv1, 16);
3333 memcpy(iv2, iv, sizeof iv);
3334 memcpy(tmp2, plain, data_len);
3335 for (v = 0; v < data_len; v += 16) {
3336 ve->run(ec, iv2, tmp2 + v, 16);
3337 }
3338 check_equals("IV CBC AES (2)",
3339 tmp2 + data_len - 16, iv2, 16);
3340 check_equals("IV CBC AES (3)",
3341 tmp1, tmp2, data_len);
3342
3343 dc = &v_dc.vtable;
3344 vd->init(dc, key, key_len);
3345 memcpy(iv1, iv, sizeof iv);
3346 vd->run(dc, iv1, tmp1, data_len);
3347 check_equals("IV CBC AES (4)", iv1, iv2, 16);
3348 check_equals("IV CBC AES (5)",
3349 tmp1, plain, data_len);
3350 memcpy(iv2, iv, sizeof iv);
3351 for (v = 0; v < data_len; v += 16) {
3352 vd->run(dc, iv2, tmp2 + v, 16);
3353 }
3354 check_equals("IV CBC AES (6)", iv1, iv2, 16);
3355 check_equals("IV CBC AES (7)",
3356 tmp2, plain, data_len);
3357 }
3358 }
3359 }
3360
3361 if (vc != NULL) {
3362 if (vc->block_size != 16 || vc->log_block_size != 4) {
3363 fprintf(stderr, "%s failed: wrong block size\n", name);
3364 exit(EXIT_FAILURE);
3365 }
3366 for (u = 0; KAT_AES_CTR[u]; u += 4) {
3367 unsigned char key[32];
3368 unsigned char iv[12];
3369 unsigned char plain[200];
3370 unsigned char cipher[200];
3371 unsigned char buf[200];
3372 size_t key_len, data_len, v;
3373 uint32_t c;
3374 br_aes_gen_ctr_keys v_xc;
3375 const br_block_ctr_class **xc;
3376
3377 xc = &v_xc.vtable;
3378 key_len = hextobin(key, KAT_AES_CTR[u]);
3379 hextobin(iv, KAT_AES_CTR[u + 1]);
3380 data_len = hextobin(plain, KAT_AES_CTR[u + 2]);
3381 hextobin(cipher, KAT_AES_CTR[u + 3]);
3382 vc->init(xc, key, key_len);
3383 memcpy(buf, plain, data_len);
3384 vc->run(xc, iv, 1, buf, data_len);
3385 check_equals("KAT CTR AES (1)", buf, cipher, data_len);
3386 vc->run(xc, iv, 1, buf, data_len);
3387 check_equals("KAT CTR AES (2)", buf, plain, data_len);
3388
3389 memcpy(buf, plain, data_len);
3390 c = 1;
3391 for (v = 0; v < data_len; v += 32) {
3392 size_t clen;
3393
3394 clen = data_len - v;
3395 if (clen > 32) {
3396 clen = 32;
3397 }
3398 c = vc->run(xc, iv, c, buf + v, clen);
3399 }
3400 check_equals("KAT CTR AES (3)", buf, cipher, data_len);
3401
3402 memcpy(buf, plain, data_len);
3403 c = 1;
3404 for (v = 0; v < data_len; v += 16) {
3405 size_t clen;
3406
3407 clen = data_len - v;
3408 if (clen > 16) {
3409 clen = 16;
3410 }
3411 c = vc->run(xc, iv, c, buf + v, clen);
3412 }
3413 check_equals("KAT CTR AES (4)", buf, cipher, data_len);
3414 }
3415 }
3416
3417 if (with_MC) {
3418 monte_carlo_AES_encrypt(
3419 ve,
3420 "139a35422f1d61de3c91787fe0507afd",
3421 "b9145a768b7dc489a096b546f43b231f",
3422 "fb2649694783b551eacd9d5db6126d47");
3423 monte_carlo_AES_decrypt(
3424 vd,
3425 "0c60e7bf20ada9baa9e1ddf0d1540726",
3426 "b08a29b11a500ea3aca42c36675b9785",
3427 "d1d2bfdc58ffcad2341b095bce55221e");
3428
3429 monte_carlo_AES_encrypt(
3430 ve,
3431 "b9a63e09e1dfc42e93a90d9bad739e5967aef672eedd5da9",
3432 "85a1f7a58167b389cddc8a9ff175ee26",
3433 "5d1196da8f184975e240949a25104554");
3434 monte_carlo_AES_decrypt(
3435 vd,
3436 "4b97585701c03fbebdfa8555024f589f1482c58a00fdd9fd",
3437 "d0bd0e02ded155e4516be83f42d347a4",
3438 "b63ef1b79507a62eba3dafcec54a6328");
3439
3440 monte_carlo_AES_encrypt(
3441 ve,
3442 "f9e8389f5b80712e3886cc1fa2d28a3b8c9cd88a2d4a54c6aa86ce0fef944be0",
3443 "b379777f9050e2a818f2940cbbd9aba4",
3444 "c5d2cb3d5b7ff0e23e308967ee074825");
3445 monte_carlo_AES_decrypt(
3446 vd,
3447 "2b09ba39b834062b9e93f48373b8dd018dedf1e5ba1b8af831ebbacbc92a2643",
3448 "89649bd0115f30bd878567610223a59d",
3449 "e3d3868f578caf34e36445bf14cefc68");
3450 }
3451
3452 printf("done.\n");
3453 fflush(stdout);
3454 }
3455
3456 static void
3457 test_AES_big(void)
3458 {
3459 test_AES_generic("AES_big",
3460 &br_aes_big_cbcenc_vtable,
3461 &br_aes_big_cbcdec_vtable,
3462 &br_aes_big_ctr_vtable,
3463 1, 1);
3464 }
3465
3466 static void
3467 test_AES_small(void)
3468 {
3469 test_AES_generic("AES_small",
3470 &br_aes_small_cbcenc_vtable,
3471 &br_aes_small_cbcdec_vtable,
3472 &br_aes_small_ctr_vtable,
3473 1, 1);
3474 }
3475
3476 static void
3477 test_AES_ct(void)
3478 {
3479 test_AES_generic("AES_ct",
3480 &br_aes_ct_cbcenc_vtable,
3481 &br_aes_ct_cbcdec_vtable,
3482 &br_aes_ct_ctr_vtable,
3483 1, 1);
3484 }
3485
3486 static void
3487 test_AES_ct64(void)
3488 {
3489 test_AES_generic("AES_ct64",
3490 &br_aes_ct64_cbcenc_vtable,
3491 &br_aes_ct64_cbcdec_vtable,
3492 &br_aes_ct64_ctr_vtable,
3493 1, 1);
3494 }
3495
3496 static void
3497 test_AES_x86ni(void)
3498 {
3499 const br_block_cbcenc_class *x_cbcenc;
3500 const br_block_cbcdec_class *x_cbcdec;
3501 const br_block_ctr_class *x_ctr;
3502 int hcbcenc, hcbcdec, hctr;
3503
3504 x_cbcenc = br_aes_x86ni_cbcenc_get_vtable();
3505 x_cbcdec = br_aes_x86ni_cbcdec_get_vtable();
3506 x_ctr = br_aes_x86ni_ctr_get_vtable();
3507 hcbcenc = (x_cbcenc != NULL);
3508 hcbcdec = (x_cbcdec != NULL);
3509 hctr = (x_ctr != NULL);
3510 if (hcbcenc != hctr || hcbcdec != hctr) {
3511 fprintf(stderr, "AES_x86ni availability mismatch (%d/%d/%d)\n",
3512 hcbcenc, hcbcdec, hctr);
3513 exit(EXIT_FAILURE);
3514 }
3515 if (hctr) {
3516 test_AES_generic("AES_x86ni",
3517 x_cbcenc, x_cbcdec, x_ctr, 1, 1);
3518 } else {
3519 printf("Test AES_x86ni: UNAVAILABLE\n");
3520 }
3521 }
3522
3523 static void
3524 test_AES_pwr8(void)
3525 {
3526 const br_block_cbcenc_class *x_cbcenc;
3527 const br_block_cbcdec_class *x_cbcdec;
3528 const br_block_ctr_class *x_ctr;
3529 int hcbcenc, hcbcdec, hctr;
3530
3531 x_cbcenc = br_aes_pwr8_cbcenc_get_vtable();
3532 x_cbcdec = br_aes_pwr8_cbcdec_get_vtable();
3533 x_ctr = br_aes_pwr8_ctr_get_vtable();
3534 hcbcenc = (x_cbcenc != NULL);
3535 hcbcdec = (x_cbcdec != NULL);
3536 hctr = (x_ctr != NULL);
3537 if (hcbcenc != hctr || hcbcdec != hctr) {
3538 fprintf(stderr, "AES_pwr8 availability mismatch (%d/%d/%d)\n",
3539 hcbcenc, hcbcdec, hctr);
3540 exit(EXIT_FAILURE);
3541 }
3542 if (hctr) {
3543 test_AES_generic("AES_pwr8",
3544 x_cbcenc, x_cbcdec, x_ctr, 1, 1);
3545 } else {
3546 printf("Test AES_pwr8: UNAVAILABLE\n");
3547 }
3548 }
3549
3550 /*
3551 * Custom CTR + CBC-MAC AES implementation. Can also do CTR-only, and
3552 * CBC-MAC-only. The 'aes_big' implementation (CTR) is used. This is
3553 * meant for comparisons.
3554 *
3555 * If 'ctr' is NULL then no encryption/decryption is done; otherwise,
3556 * CTR encryption/decryption is performed (full-block counter) and the
3557 * 'ctr' array is updated with the new counter value.
3558 *
3559 * If 'cbcmac' is NULL then no CBC-MAC is done; otherwise, CBC-MAC is
3560 * applied on the encrypted data, with 'cbcmac' as IV and destination
3561 * buffer for the output. If 'ctr' is not NULL and 'encrypt' is non-zero,
3562 * then CBC-MAC is computed over the result of CTR processing; otherwise,
3563 * CBC-MAC is computed over the input data itself.
3564 */
3565 static void
3566 do_aes_ctrcbc(const void *key, size_t key_len, int encrypt,
3567 void *ctr, void *cbcmac, unsigned char *data, size_t len)
3568 {
3569 br_aes_big_ctr_keys bc;
3570 int i;
3571
3572 br_aes_big_ctr_init(&bc, key, key_len);
3573 for (i = 0; i < 2; i ++) {
3574 /*
3575 * CBC-MAC is computed on the encrypted data, so in
3576 * first pass if decrypting, second pass if encrypting.
3577 */
3578 if (cbcmac != NULL
3579 && ((encrypt && i == 1) || (!encrypt && i == 0)))
3580 {
3581 unsigned char zz[16];
3582 size_t u;
3583
3584 memcpy(zz, cbcmac, sizeof zz);
3585 for (u = 0; u < len; u += 16) {
3586 unsigned char tmp[16];
3587 size_t v;
3588
3589 for (v = 0; v < 16; v ++) {
3590 tmp[v] = zz[v] ^ data[u + v];
3591 }
3592 memset(zz, 0, sizeof zz);
3593 br_aes_big_ctr_run(&bc,
3594 tmp, br_dec32be(tmp + 12), zz, 16);
3595 }
3596 memcpy(cbcmac, zz, sizeof zz);
3597 }
3598
3599 /*
3600 * CTR encryption/decryption is done only in the first pass.
3601 * We process data block per block, because the CTR-only
3602 * class uses a 32-bit counter, while the CTR+CBC-MAC
3603 * class uses a 128-bit counter.
3604 */
3605 if (ctr != NULL && i == 0) {
3606 unsigned char zz[16];
3607 size_t u;
3608
3609 memcpy(zz, ctr, sizeof zz);
3610 for (u = 0; u < len; u += 16) {
3611 int i;
3612
3613 br_aes_big_ctr_run(&bc,
3614 zz, br_dec32be(zz + 12), data + u, 16);
3615 for (i = 15; i >= 0; i --) {
3616 zz[i] = (zz[i] + 1) & 0xFF;
3617 if (zz[i] != 0) {
3618 break;
3619 }
3620 }
3621 }
3622 memcpy(ctr, zz, sizeof zz);
3623 }
3624 }
3625 }
3626
3627 static void
3628 test_AES_CTRCBC_inner(const char *name, const br_block_ctrcbc_class *vt)
3629 {
3630 br_hmac_drbg_context rng;
3631 size_t key_len;
3632
3633 printf("Test AES CTR/CBC-MAC %s: ", name);
3634 fflush(stdout);
3635
3636 br_hmac_drbg_init(&rng, &br_sha256_vtable, name, strlen(name));
3637 for (key_len = 16; key_len <= 32; key_len += 8) {
3638 br_aes_gen_ctrcbc_keys bc;
3639 unsigned char key[32];
3640 size_t data_len;
3641
3642 br_hmac_drbg_generate(&rng, key, key_len);
3643 vt->init(&bc.vtable, key, key_len);
3644 for (data_len = 0; data_len <= 512; data_len += 16) {
3645 unsigned char plain[512];
3646 unsigned char data1[sizeof plain];
3647 unsigned char data2[sizeof plain];
3648 unsigned char ctr[16], cbcmac[16];
3649 unsigned char ctr1[16], cbcmac1[16];
3650 unsigned char ctr2[16], cbcmac2[16];
3651 int i;
3652
3653 br_hmac_drbg_generate(&rng, plain, data_len);
3654
3655 for (i = 0; i <= 16; i ++) {
3656 if (i == 0) {
3657 br_hmac_drbg_generate(&rng, ctr, 16);
3658 } else {
3659 memset(ctr, 0, i - 1);
3660 memset(ctr + i - 1, 0xFF, 17 - i);
3661 }
3662 br_hmac_drbg_generate(&rng, cbcmac, 16);
3663
3664 memcpy(data1, plain, data_len);
3665 memcpy(ctr1, ctr, 16);
3666 vt->ctr(&bc.vtable, ctr1, data1, data_len);
3667 memcpy(data2, plain, data_len);
3668 memcpy(ctr2, ctr, 16);
3669 do_aes_ctrcbc(key, key_len, 1,
3670 ctr2, NULL, data2, data_len);
3671 check_equals("CTR-only data",
3672 data1, data2, data_len);
3673 check_equals("CTR-only counter",
3674 ctr1, ctr2, 16);
3675
3676 memcpy(data1, plain, data_len);
3677 memcpy(cbcmac1, cbcmac, 16);
3678 vt->mac(&bc.vtable, cbcmac1, data1, data_len);
3679 memcpy(data2, plain, data_len);
3680 memcpy(cbcmac2, cbcmac, 16);
3681 do_aes_ctrcbc(key, key_len, 1,
3682 NULL, cbcmac2, data2, data_len);
3683 check_equals("CBC-MAC-only",
3684 cbcmac1, cbcmac2, 16);
3685
3686 memcpy(data1, plain, data_len);
3687 memcpy(ctr1, ctr, 16);
3688 memcpy(cbcmac1, cbcmac, 16);
3689 vt->encrypt(&bc.vtable,
3690 ctr1, cbcmac1, data1, data_len);
3691 memcpy(data2, plain, data_len);
3692 memcpy(ctr2, ctr, 16);
3693 memcpy(cbcmac2, cbcmac, 16);
3694 do_aes_ctrcbc(key, key_len, 1,
3695 ctr2, cbcmac2, data2, data_len);
3696 check_equals("encrypt: combined data",
3697 data1, data2, data_len);
3698 check_equals("encrypt: combined counter",
3699 ctr1, ctr2, 16);
3700 check_equals("encrypt: combined CBC-MAC",
3701 cbcmac1, cbcmac2, 16);
3702
3703 memcpy(ctr1, ctr, 16);
3704 memcpy(cbcmac1, cbcmac, 16);
3705 vt->decrypt(&bc.vtable,
3706 ctr1, cbcmac1, data1, data_len);
3707 memcpy(ctr2, ctr, 16);
3708 memcpy(cbcmac2, cbcmac, 16);
3709 do_aes_ctrcbc(key, key_len, 0,
3710 ctr2, cbcmac2, data2, data_len);
3711 check_equals("decrypt: combined data",
3712 data1, data2, data_len);
3713 check_equals("decrypt: combined counter",
3714 ctr1, ctr2, 16);
3715 check_equals("decrypt: combined CBC-MAC",
3716 cbcmac1, cbcmac2, 16);
3717 }
3718
3719 printf(".");
3720 fflush(stdout);
3721 }
3722
3723 printf(" ");
3724 fflush(stdout);
3725 }
3726
3727 printf("done.\n");
3728 fflush(stdout);
3729 }
3730
3731 static void
3732 test_AES_CTRCBC_big(void)
3733 {
3734 test_AES_CTRCBC_inner("big", &br_aes_big_ctrcbc_vtable);
3735 }
3736
3737 static void
3738 test_AES_CTRCBC_small(void)
3739 {
3740 test_AES_CTRCBC_inner("small", &br_aes_small_ctrcbc_vtable);
3741 }
3742
3743 static void
3744 test_AES_CTRCBC_ct(void)
3745 {
3746 test_AES_CTRCBC_inner("ct", &br_aes_ct_ctrcbc_vtable);
3747 }
3748
3749 static void
3750 test_AES_CTRCBC_ct64(void)
3751 {
3752 test_AES_CTRCBC_inner("ct64", &br_aes_ct64_ctrcbc_vtable);
3753 }
3754
3755 static void
3756 test_AES_CTRCBC_x86ni(void)
3757 {
3758 const br_block_ctrcbc_class *vt;
3759
3760 vt = br_aes_x86ni_ctrcbc_get_vtable();
3761 if (vt != NULL) {
3762 test_AES_CTRCBC_inner("x86ni", vt);
3763 } else {
3764 printf("Test AES CTR/CBC-MAC x86ni: UNAVAILABLE\n");
3765 }
3766 }
3767
3768 static void
3769 test_AES_CTRCBC_pwr8(void)
3770 {
3771 const br_block_ctrcbc_class *vt;
3772
3773 vt = br_aes_pwr8_ctrcbc_get_vtable();
3774 if (vt != NULL) {
3775 test_AES_CTRCBC_inner("pwr8", vt);
3776 } else {
3777 printf("Test AES CTR/CBC-MAC pwr8: UNAVAILABLE\n");
3778 }
3779 }
3780
3781 /*
3782 * DES known-answer tests. Order: plaintext, key, ciphertext.
3783 * (mostly from NIST SP 800-20).
3784 */
3785 static const char *const KAT_DES[] = {
3786 "10316E028C8F3B4A", "0000000000000000", "82DCBAFBDEAB6602",
3787 "8000000000000000", "0000000000000000", "95A8D72813DAA94D",
3788 "4000000000000000", "0000000000000000", "0EEC1487DD8C26D5",
3789 "2000000000000000", "0000000000000000", "7AD16FFB79C45926",
3790 "1000000000000000", "0000000000000000", "D3746294CA6A6CF3",
3791 "0800000000000000", "0000000000000000", "809F5F873C1FD761",
3792 "0400000000000000", "0000000000000000", "C02FAFFEC989D1FC",
3793 "0200000000000000", "0000000000000000", "4615AA1D33E72F10",
3794 "0100000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3795 "0080000000000000", "0000000000000000", "2055123350C00858",
3796 "0040000000000000", "0000000000000000", "DF3B99D6577397C8",
3797 "0020000000000000", "0000000000000000", "31FE17369B5288C9",
3798 "0010000000000000", "0000000000000000", "DFDD3CC64DAE1642",
3799 "0008000000000000", "0000000000000000", "178C83CE2B399D94",
3800 "0004000000000000", "0000000000000000", "50F636324A9B7F80",
3801 "0002000000000000", "0000000000000000", "A8468EE3BC18F06D",