2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32 * Decode an hexadecimal string. Returned value is the number of decoded
36 hextobin(unsigned char *dst
, const char *src
)
47 if (c
>= '0' && c
<= '9') {
49 } else if (c
>= 'A' && c
<= 'F') {
51 } else if (c
>= 'a' && c
<= 'f') {
57 *dst
++ = (acc
<< 4) + c
;
68 check_equals(const char *banner
, const void *v1
, const void *v2
, size_t len
)
71 const unsigned char *b
;
73 if (memcmp(v1
, v2
, len
) == 0) {
76 fprintf(stderr
, "\n%s failed\n", banner
);
77 fprintf(stderr
, "v1: ");
78 for (u
= 0, b
= v1
; u
< len
; u
++) {
79 fprintf(stderr
, "%02X", b
[u
]);
81 fprintf(stderr
, "\nv2: ");
82 for (u
= 0, b
= v2
; u
< len
; u
++) {
83 fprintf(stderr
, "%02X", b
[u
]);
85 fprintf(stderr
, "\n");
89 #define HASH_SIZE(cname) br_ ## cname ## _SIZE
91 #define TEST_HASH(Name, cname) \
93 test_ ## cname ## _internal(char *data, char *refres) \
95 br_ ## cname ## _context mc; \
96 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
99 hextobin(ref, refres); \
101 br_ ## cname ## _init(&mc); \
102 br_ ## cname ## _update(&mc, data, n); \
103 br_ ## cname ## _out(&mc, res); \
104 check_equals("KAT " #Name " 1", res, ref, HASH_SIZE(cname)); \
105 br_ ## cname ## _init(&mc); \
106 for (u = 0; u < n; u ++) { \
107 br_ ## cname ## _update(&mc, data + u, 1); \
109 br_ ## cname ## _out(&mc, res); \
110 check_equals("KAT " #Name " 2", res, ref, HASH_SIZE(cname)); \
111 for (u = 0; u < n; u ++) { \
112 br_ ## cname ## _context mc2; \
113 br_ ## cname ## _init(&mc); \
114 br_ ## cname ## _update(&mc, data, u); \
116 br_ ## cname ## _update(&mc, data + u, n - u); \
117 br_ ## cname ## _out(&mc, res); \
118 check_equals("KAT " #Name " 3", res, ref, HASH_SIZE(cname)); \
119 br_ ## cname ## _update(&mc2, data + u, n - u); \
120 br_ ## cname ## _out(&mc2, res); \
121 check_equals("KAT " #Name " 4", res, ref, HASH_SIZE(cname)); \
123 memset(&mc, 0, sizeof mc); \
124 memset(res, 0, sizeof res); \
125 br_ ## cname ## _vtable.init(&mc.vtable); \
126 mc.vtable->update(&mc.vtable, data, n); \
127 mc.vtable->out(&mc.vtable, res); \
128 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
129 memset(res, 0, sizeof res); \
130 mc.vtable->init(&mc.vtable); \
131 mc.vtable->update(&mc.vtable, data, n); \
132 mc.vtable->out(&mc.vtable, res); \
133 check_equals("KAT " #Name " 6", res, ref, HASH_SIZE(cname)); \
136 #define KAT_MILLION_A(Name, cname, refres) do { \
137 br_ ## cname ## _context mc; \
138 unsigned char buf[1000]; \
139 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
142 hextobin(ref, refres); \
143 memset(buf, 'a', sizeof buf); \
144 br_ ## cname ## _init(&mc); \
145 for (i = 0; i < 1000; i ++) { \
146 br_ ## cname ## _update(&mc, buf, sizeof buf); \
148 br_ ## cname ## _out(&mc, res); \
149 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
153 TEST_HASH(SHA
-1, sha1
)
154 TEST_HASH(SHA
-224, sha224
)
155 TEST_HASH(SHA
-256, sha256
)
156 TEST_HASH(SHA
-384, sha384
)
157 TEST_HASH(SHA
-512, sha512
)
162 printf("Test MD5: ");
164 test_md5_internal("", "d41d8cd98f00b204e9800998ecf8427e");
165 test_md5_internal("a", "0cc175b9c0f1b6a831c399e269772661");
166 test_md5_internal("abc", "900150983cd24fb0d6963f7d28e17f72");
167 test_md5_internal("message digest", "f96b697d7cb7938d525a2f31aaf161d0");
168 test_md5_internal("abcdefghijklmnopqrstuvwxyz",
169 "c3fcd3d76192e4007dfb496cca67e13b");
170 test_md5_internal("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstu"
171 "vwxyz0123456789", "d174ab98d277d9f5a5611c2c9f419d9f");
172 test_md5_internal("1234567890123456789012345678901234567890123456789"
173 "0123456789012345678901234567890",
174 "57edf4a22be3c955ac49da2e2107b67a");
175 KAT_MILLION_A(MD5
, md5
,
176 "7707d6ae4e027c70eea2a935c2296f21");
184 printf("Test SHA-1: ");
186 test_sha1_internal("abc", "a9993e364706816aba3e25717850c26c9cd0d89d");
187 test_sha1_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
188 "nomnopnopq", "84983e441c3bd26ebaae4aa1f95129e5e54670f1");
190 KAT_MILLION_A(SHA
-1, sha1
,
191 "34aa973cd4c4daa4f61eeb2bdbad27316534016f");
199 printf("Test SHA-224: ");
201 test_sha224_internal("abc",
202 "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7");
203 test_sha224_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
205 "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525");
207 KAT_MILLION_A(SHA
-224, sha224
,
208 "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67");
216 printf("Test SHA-256: ");
218 test_sha256_internal("abc",
219 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
220 test_sha256_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
222 "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1");
224 KAT_MILLION_A(SHA
-256, sha256
,
225 "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0");
233 printf("Test SHA-384: ");
235 test_sha384_internal("abc",
236 "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded163"
237 "1a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7");
238 test_sha384_internal(
239 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
240 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
241 "09330c33f71147e83d192fc782cd1b4753111b173b3b05d2"
242 "2fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039");
244 KAT_MILLION_A(SHA
-384, sha384
,
245 "9d0e1809716474cb086e834e310a4a1ced149e9c00f24852"
246 "7972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985");
254 printf("Test SHA-512: ");
256 test_sha512_internal("abc",
257 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
258 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
259 test_sha512_internal(
260 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
261 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
262 "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
263 "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909");
265 KAT_MILLION_A(SHA
-512, sha512
,
266 "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973eb"
267 "de0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b");
275 unsigned char buf
[500], out
[36], outM
[16], outS
[20];
276 unsigned char seed
[1];
277 br_hmac_drbg_context rc
;
280 br_md5sha1_context cc
;
283 printf("Test MD5+SHA-1: ");
287 br_hmac_drbg_init(&rc
, &br_sha256_vtable
, seed
, sizeof seed
);
288 for (u
= 0; u
< sizeof buf
; u
++) {
291 br_hmac_drbg_generate(&rc
, buf
, u
);
293 br_md5_update(&mc
, buf
, u
);
294 br_md5_out(&mc
, outM
);
296 br_sha1_update(&sc
, buf
, u
);
297 br_sha1_out(&sc
, outS
);
298 br_md5sha1_init(&cc
);
299 br_md5sha1_update(&cc
, buf
, u
);
300 br_md5sha1_out(&cc
, out
);
301 check_equals("MD5+SHA-1 [1]", out
, outM
, 16);
302 check_equals("MD5+SHA-1 [2]", out
+ 16, outS
, 20);
303 br_md5sha1_init(&cc
);
304 for (v
= 0; v
< u
; v
++) {
305 br_md5sha1_update(&cc
, buf
+ v
, 1);
307 br_md5sha1_out(&cc
, out
);
308 check_equals("MD5+SHA-1 [3]", out
, outM
, 16);
309 check_equals("MD5+SHA-1 [4]", out
+ 16, outS
, 20);
317 * Compute a hash function, on some data, by ID. Returned value is
318 * hash output length.
321 do_hash(int id
, const void *data
, size_t len
, void *out
)
324 br_sha1_context csha1
;
325 br_sha224_context csha224
;
326 br_sha256_context csha256
;
327 br_sha384_context csha384
;
328 br_sha512_context csha512
;
333 br_md5_update(&cmd5
, data
, len
);
334 br_md5_out(&cmd5
, out
);
337 br_sha1_init(&csha1
);
338 br_sha1_update(&csha1
, data
, len
);
339 br_sha1_out(&csha1
, out
);
342 br_sha224_init(&csha224
);
343 br_sha224_update(&csha224
, data
, len
);
344 br_sha224_out(&csha224
, out
);
347 br_sha256_init(&csha256
);
348 br_sha256_update(&csha256
, data
, len
);
349 br_sha256_out(&csha256
, out
);
352 br_sha384_init(&csha384
);
353 br_sha384_update(&csha384
, data
, len
);
354 br_sha384_out(&csha384
, out
);
357 br_sha512_init(&csha512
);
358 br_sha512_update(&csha512
, data
, len
);
359 br_sha512_out(&csha512
, out
);
362 fprintf(stderr
, "Uknown hash function: %d\n", id
);
369 * Tests for a multihash. Returned value should be 258 multiplied by the
370 * number of hash functions implemented by the context.
373 test_multihash_inner(br_multihash_context
*mc
)
376 * Try hashing messages for all lengths from 0 to 257 bytes
377 * (inclusive). Each attempt is done twice, with data input
378 * either in one go, or byte by byte. In the byte by byte
379 * test, intermediate result are obtained and checked.
382 unsigned char buf
[258];
387 for (len
= 0; len
< sizeof buf
; len
++) {
389 unsigned char tmp
[20];
392 br_sha1_update(&sc
, buf
, len
);
393 br_sha1_out(&sc
, tmp
);
396 for (len
= 0; len
<= 257; len
++) {
399 br_multihash_init(mc
);
400 br_multihash_update(mc
, buf
, len
);
401 for (i
= 1; i
<= 6; i
++) {
402 unsigned char tmp
[64], tmp2
[64];
405 olen
= br_multihash_out(mc
, i
, tmp
);
409 olen2
= do_hash(i
, buf
, len
, tmp2
);
412 "Bad hash output length: %u / %u\n",
413 (unsigned)olen
, (unsigned)olen2
);
416 check_equals("Hash output", tmp
, tmp2
, olen
);
420 br_multihash_init(mc
);
421 for (u
= 0; u
< len
; u
++) {
422 br_multihash_update(mc
, buf
+ u
, 1);
423 for (i
= 1; i
<= 6; i
++) {
424 unsigned char tmp
[64], tmp2
[64];
427 olen
= br_multihash_out(mc
, i
, tmp
);
431 olen2
= do_hash(i
, buf
, u
+ 1, tmp2
);
433 fprintf(stderr
, "Bad hash output"
434 " length: %u / %u\n",
439 check_equals("Hash output", tmp
, tmp2
, olen
);
449 br_multihash_context mc
;
451 printf("Test MultiHash: ");
454 br_multihash_zero(&mc
);
455 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
456 if (test_multihash_inner(&mc
) != 258) {
457 fprintf(stderr
, "Failed test count\n");
462 br_multihash_zero(&mc
);
463 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
464 if (test_multihash_inner(&mc
) != 258) {
465 fprintf(stderr
, "Failed test count\n");
470 br_multihash_zero(&mc
);
471 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
472 if (test_multihash_inner(&mc
) != 258) {
473 fprintf(stderr
, "Failed test count\n");
478 br_multihash_zero(&mc
);
479 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
480 if (test_multihash_inner(&mc
) != 258) {
481 fprintf(stderr
, "Failed test count\n");
486 br_multihash_zero(&mc
);
487 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
488 if (test_multihash_inner(&mc
) != 258) {
489 fprintf(stderr
, "Failed test count\n");
494 br_multihash_zero(&mc
);
495 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
496 if (test_multihash_inner(&mc
) != 258) {
497 fprintf(stderr
, "Failed test count\n");
502 br_multihash_zero(&mc
);
503 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
504 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
505 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
506 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
507 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
508 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
509 if (test_multihash_inner(&mc
) != 258 * 6) {
510 fprintf(stderr
, "Failed test count\n");
520 do_KAT_HMAC_bin_bin(const br_hash_class
*digest_class
,
521 const void *key
, size_t key_len
,
522 const void *data
, size_t data_len
, const char *href
)
524 br_hmac_key_context kc
;
526 unsigned char tmp
[64], ref
[64];
529 len
= hextobin(ref
, href
);
530 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
531 br_hmac_init(&ctx
, &kc
, 0);
532 br_hmac_update(&ctx
, data
, data_len
);
533 br_hmac_out(&ctx
, tmp
);
534 check_equals("KAT HMAC 1", tmp
, ref
, len
);
536 br_hmac_init(&ctx
, &kc
, 0);
537 for (u
= 0; u
< data_len
; u
++) {
538 br_hmac_update(&ctx
, (const unsigned char *)data
+ u
, 1);
540 br_hmac_out(&ctx
, tmp
);
541 check_equals("KAT HMAC 2", tmp
, ref
, len
);
543 for (u
= 0; u
< data_len
; u
++) {
544 br_hmac_init(&ctx
, &kc
, 0);
545 br_hmac_update(&ctx
, data
, u
);
546 br_hmac_out(&ctx
, tmp
);
548 (const unsigned char *)data
+ u
, data_len
- u
);
549 br_hmac_out(&ctx
, tmp
);
550 check_equals("KAT HMAC 3", tmp
, ref
, len
);
555 do_KAT_HMAC_str_str(const br_hash_class
*digest_class
, const char *key
,
556 const char *data
, const char *href
)
558 do_KAT_HMAC_bin_bin(digest_class
, key
, strlen(key
),
559 data
, strlen(data
), href
);
563 do_KAT_HMAC_hex_hex(const br_hash_class
*digest_class
, const char *skey
,
564 const char *sdata
, const char *href
)
566 unsigned char key
[1024];
567 unsigned char data
[1024];
569 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
570 data
, hextobin(data
, sdata
), href
);
574 do_KAT_HMAC_hex_str(const br_hash_class
*digest_class
,
575 const char *skey
, const char *data
, const char *href
)
577 unsigned char key
[1024];
579 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
580 data
, strlen(data
), href
);
584 test_HMAC_CT(const br_hash_class
*digest_class
,
585 const void *key
, size_t key_len
, const void *data
)
587 br_hmac_key_context kc
;
588 br_hmac_context hc1
, hc2
;
589 unsigned char buf1
[64], buf2
[64];
592 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
594 for (u
= 0; u
< 2; u
++) {
595 for (v
= 0; v
< 130; v
++) {
596 size_t min_len
, max_len
;
601 for (w
= min_len
; w
<= max_len
; w
++) {
605 br_hmac_init(&hc1
, &kc
, 0);
606 br_hmac_update(&hc1
, data
, u
+ w
);
607 hlen1
= br_hmac_out(&hc1
, buf1
);
608 br_hmac_init(&hc2
, &kc
, 0);
609 br_hmac_update(&hc2
, data
, u
);
610 hlen2
= br_hmac_outCT(&hc2
,
611 (const unsigned char *)data
+ u
, w
,
612 min_len
, max_len
, buf2
);
613 if (hlen1
!= hlen2
) {
614 fprintf(stderr
, "HMAC length mismatch:"
615 " %u / %u\n", (unsigned)hlen1
,
619 sprintf(tmp
, "HMAC CT %u,%u,%u",
620 (unsigned)u
, (unsigned)v
, (unsigned)w
);
621 check_equals(tmp
, buf1
, buf2
, hlen1
);
634 unsigned char data
[1000];
637 const char key
[] = "test HMAC key";
639 printf("Test HMAC: ");
641 do_KAT_HMAC_hex_str(&br_md5_vtable
,
642 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
644 "9294727a3638bb1c13f48ef8158bfc9d");
645 do_KAT_HMAC_str_str(&br_md5_vtable
,
647 "what do ya want for nothing?",
648 "750c783e6ab0b503eaa86e310a5db738");
649 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
650 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
651 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
652 "56be34521d144c88dbb8c733f0e8b3f6");
653 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
654 "0102030405060708090a0b0c0d0e0f10111213141516171819",
655 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
656 "697eaf0aca3a3aea3a75164746ffaa79");
657 do_KAT_HMAC_hex_str(&br_md5_vtable
,
658 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
659 "Test With Truncation",
660 "56461ef2342edc00f9bab995690efd4c");
661 do_KAT_HMAC_hex_str(&br_md5_vtable
,
662 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
663 "Test Using Larger Than Block-Size Key - Hash Key First",
664 "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd");
665 do_KAT_HMAC_hex_str(&br_md5_vtable
,
666 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
667 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
668 "6f630fad67cda0ee1fb1f562db3aa53e");
670 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
671 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
673 "b617318655057264e28bc0b6fb378c8ef146be00");
674 do_KAT_HMAC_str_str(&br_sha1_vtable
,
676 "what do ya want for nothing?",
677 "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79");
678 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
679 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
680 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
681 "125d7342b9ac11cd91a39af48aa17b4f63f175d3");
682 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
683 "0102030405060708090a0b0c0d0e0f10111213141516171819",
684 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
685 "4c9007f4026250c6bc8414f9bf50c86c2d7235da");
686 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
687 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
688 "Test With Truncation",
689 "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04");
690 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
691 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
692 "Test Using Larger Than Block-Size Key - Hash Key First",
693 "aa4ae5e15272d00e95705637ce8a3b55ed402112");
694 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
695 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
696 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
697 "e8e99d0f45237d786d6bbaa7965c7808bbff1a91");
701 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
702 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
704 "896fb1128abbdf196832107cd49df33f"
705 "47b4b1169912ba4f53684b22");
707 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
708 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
710 "b0344c61d8db38535ca8afceaf0bf12b"
711 "881dc200c9833da726e9376c2e32cff7");
713 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
714 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
716 "afd03944d84895626b0825f4ab46907f"
717 "15f9dadbe4101ec682aa034c7cebc59c"
718 "faea9ea9076ede7f4af152e8b2fa9cb6");
720 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
721 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
723 "87aa7cdea5ef619d4ff0b4241a1d6cb0"
724 "2379f4e2ce4ec2787ad0b30545e17cde"
725 "daa833b7d6b8a702038b274eaea3f4e4"
726 "be9d914eeb61f1702e696c203a126854");
728 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
730 "7768617420646f2079612077616e7420"
731 "666f72206e6f7468696e673f",
732 "a30e01098bc6dbbf45690f3a7e9e6d0f"
733 "8bbea2a39e6148008fd05e44");
735 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
737 "7768617420646f2079612077616e7420"
738 "666f72206e6f7468696e673f",
739 "5bdcc146bf60754e6a042426089575c7"
740 "5a003f089d2739839dec58b964ec3843");
742 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
744 "7768617420646f2079612077616e7420"
745 "666f72206e6f7468696e673f",
746 "af45d2e376484031617f78d2b58a6b1b"
747 "9c7ef464f5a01b47e42ec3736322445e"
748 "8e2240ca5e69e2c78b3239ecfab21649");
750 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
752 "7768617420646f2079612077616e7420"
753 "666f72206e6f7468696e673f",
754 "164b7a7bfcf819e2e395fbe73b56e0a3"
755 "87bd64222e831fd610270cd7ea250554"
756 "9758bf75c05a994a6d034f65f8f0e6fd"
757 "caeab1a34d4a6b4b636e070a38bce737");
759 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
760 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
762 "dddddddddddddddddddddddddddddddd"
763 "dddddddddddddddddddddddddddddddd"
764 "dddddddddddddddddddddddddddddddd"
766 "7fb3cb3588c6c1f6ffa9694d7d6ad264"
767 "9365b0c1f65d69d1ec8333ea");
769 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
770 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
772 "dddddddddddddddddddddddddddddddd"
773 "dddddddddddddddddddddddddddddddd"
774 "dddddddddddddddddddddddddddddddd"
776 "773ea91e36800e46854db8ebd09181a7"
777 "2959098b3ef8c122d9635514ced565fe");
779 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
780 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
782 "dddddddddddddddddddddddddddddddd"
783 "dddddddddddddddddddddddddddddddd"
784 "dddddddddddddddddddddddddddddddd"
786 "88062608d3e6ad8a0aa2ace014c8a86f"
787 "0aa635d947ac9febe83ef4e55966144b"
788 "2a5ab39dc13814b94e3ab6e101a34f27");
790 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
791 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
793 "dddddddddddddddddddddddddddddddd"
794 "dddddddddddddddddddddddddddddddd"
795 "dddddddddddddddddddddddddddddddd"
797 "fa73b0089d56a284efb0f0756c890be9"
798 "b1b5dbdd8ee81a3655f83e33b2279d39"
799 "bf3e848279a722c806b485a47e67c807"
800 "b946a337bee8942674278859e13292fb");
802 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
803 "0102030405060708090a0b0c0d0e0f10"
804 "111213141516171819",
805 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
806 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
807 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
809 "6c11506874013cac6a2abc1bb382627c"
810 "ec6a90d86efc012de7afec5a");
812 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
813 "0102030405060708090a0b0c0d0e0f10"
814 "111213141516171819",
815 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
816 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
817 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
819 "82558a389a443c0ea4cc819899f2083a"
820 "85f0faa3e578f8077a2e3ff46729665b");
822 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
823 "0102030405060708090a0b0c0d0e0f10"
824 "111213141516171819",
825 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
826 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
827 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
829 "3e8a69b7783c25851933ab6290af6ca7"
830 "7a9981480850009cc5577c6e1f573b4e"
831 "6801dd23c4a7d679ccf8a386c674cffb");
833 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
834 "0102030405060708090a0b0c0d0e0f10"
835 "111213141516171819",
836 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
837 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
838 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
840 "b0ba465637458c6990e5a8c5f61d4af7"
841 "e576d97ff94b872de76f8050361ee3db"
842 "a91ca5c11aa25eb4d679275cc5788063"
843 "a5f19741120c4f2de2adebeb10a298dd");
845 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
846 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
847 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
848 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
849 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
850 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
851 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
852 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
853 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
855 "54657374205573696e67204c61726765"
856 "72205468616e20426c6f636b2d53697a"
857 "65204b6579202d2048617368204b6579"
859 "95e9a0db962095adaebe9b2d6f0dbce2"
860 "d499f112f2d2b7273fa6870e");
862 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
863 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
864 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
865 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
866 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
867 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
868 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
869 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
870 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
872 "54657374205573696e67204c61726765"
873 "72205468616e20426c6f636b2d53697a"
874 "65204b6579202d2048617368204b6579"
876 "60e431591ee0b67f0d8a26aacbf5b77f"
877 "8e0bc6213728c5140546040f0ee37f54");
879 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
880 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
881 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
882 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
883 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
884 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
885 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
886 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
887 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
889 "54657374205573696e67204c61726765"
890 "72205468616e20426c6f636b2d53697a"
891 "65204b6579202d2048617368204b6579"
893 "4ece084485813e9088d2c63a041bc5b4"
894 "4f9ef1012a2b588f3cd11f05033ac4c6"
895 "0c2ef6ab4030fe8296248df163f44952");
897 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
898 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
899 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
900 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
901 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
902 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
903 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
904 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
905 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
907 "54657374205573696e67204c61726765"
908 "72205468616e20426c6f636b2d53697a"
909 "65204b6579202d2048617368204b6579"
911 "80b24263c7c1a3ebb71493c1dd7be8b4"
912 "9b46d1f41b4aeec1121b013783f8f352"
913 "6b56d037e05f2598bd0fd2215d6a1e52"
914 "95e64f73f63f0aec8b915a985d786598");
916 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
917 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
918 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
919 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
920 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
921 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
922 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
923 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
924 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
926 "54686973206973206120746573742075"
927 "73696e672061206c6172676572207468"
928 "616e20626c6f636b2d73697a65206b65"
929 "7920616e642061206c61726765722074"
930 "68616e20626c6f636b2d73697a652064"
931 "6174612e20546865206b6579206e6565"
932 "647320746f2062652068617368656420"
933 "6265666f7265206265696e6720757365"
934 "642062792074686520484d414320616c"
936 "3a854166ac5d9f023f54d517d0b39dbd"
937 "946770db9c2b95c9f6f565d1");
939 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
940 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
941 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
942 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
943 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
944 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
945 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
946 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
947 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
949 "54686973206973206120746573742075"
950 "73696e672061206c6172676572207468"
951 "616e20626c6f636b2d73697a65206b65"
952 "7920616e642061206c61726765722074"
953 "68616e20626c6f636b2d73697a652064"
954 "6174612e20546865206b6579206e6565"
955 "647320746f2062652068617368656420"
956 "6265666f7265206265696e6720757365"
957 "642062792074686520484d414320616c"
959 "9b09ffa71b942fcb27635fbcd5b0e944"
960 "bfdc63644f0713938a7f51535c3a35e2");
962 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
963 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
964 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
965 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
966 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
967 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
968 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
969 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
970 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
972 "54686973206973206120746573742075"
973 "73696e672061206c6172676572207468"
974 "616e20626c6f636b2d73697a65206b65"
975 "7920616e642061206c61726765722074"
976 "68616e20626c6f636b2d73697a652064"
977 "6174612e20546865206b6579206e6565"
978 "647320746f2062652068617368656420"
979 "6265666f7265206265696e6720757365"
980 "642062792074686520484d414320616c"
982 "6617178e941f020d351e2f254e8fd32c"
983 "602420feb0b8fb9adccebb82461e99c5"
984 "a678cc31e799176d3860e6110c46523e");
986 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
987 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
988 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
989 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
990 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
991 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
992 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
993 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
994 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
996 "54686973206973206120746573742075"
997 "73696e672061206c6172676572207468"
998 "616e20626c6f636b2d73697a65206b65"
999 "7920616e642061206c61726765722074"
1000 "68616e20626c6f636b2d73697a652064"
1001 "6174612e20546865206b6579206e6565"
1002 "647320746f2062652068617368656420"
1003 "6265666f7265206265696e6720757365"
1004 "642062792074686520484d414320616c"
1006 "e37b6a775dc87dbaa4dfa9f96e5e3ffd"
1007 "debd71f8867289865df5a32d20cdc944"
1008 "b6022cac3c4982b10d5eeb55c3e4de15"
1009 "134676fb6de0446065c97440fa8c6a58");
1011 for (x
= 1, u
= 0; u
< sizeof data
; u
++) {
1016 test_HMAC_CT(&br_md5_vtable
, key
, sizeof key
, data
);
1018 test_HMAC_CT(&br_sha1_vtable
, key
, sizeof key
, data
);
1019 printf("(SHA-224) ");
1020 test_HMAC_CT(&br_sha224_vtable
, key
, sizeof key
, data
);
1021 printf("(SHA-256) ");
1022 test_HMAC_CT(&br_sha256_vtable
, key
, sizeof key
, data
);
1023 printf("(SHA-384) ");
1024 test_HMAC_CT(&br_sha384_vtable
, key
, sizeof key
, data
);
1025 printf("(SHA-512) ");
1026 test_HMAC_CT(&br_sha512_vtable
, key
, sizeof key
, data
);
1033 test_HMAC_DRBG(void)
1035 br_hmac_drbg_context ctx
;
1036 unsigned char seed
[42], tmp
[30];
1037 unsigned char ref1
[30], ref2
[30], ref3
[30];
1040 printf("Test HMAC_DRBG: ");
1043 seed_len
= hextobin(seed
,
1044 "009A4D6792295A7F730FC3F2B49CBC0F62E862272F"
1045 "01795EDF0D54DB760F156D0DAC04C0322B3A204224");
1047 "9305A46DE7FF8EB107194DEBD3FD48AA"
1048 "20D5E7656CBE0EA69D2A8D4E7C67");
1050 "C70C78608A3B5BE9289BE90EF6E81A9E"
1051 "2C1516D5751D2F75F50033E45F73");
1053 "475E80E992140567FCC3A50DAB90FE84"
1054 "BCD7BB03638E9C4656A06F37F650");
1055 br_hmac_drbg_init(&ctx
, &br_sha256_vtable
, seed
, seed_len
);
1056 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1057 check_equals("KAT HMAC_DRBG 1", tmp
, ref1
, sizeof tmp
);
1058 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1059 check_equals("KAT HMAC_DRBG 2", tmp
, ref2
, sizeof tmp
);
1060 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1061 check_equals("KAT HMAC_DRBG 3", tmp
, ref3
, sizeof tmp
);
1063 memset(&ctx
, 0, sizeof ctx
);
1064 br_hmac_drbg_vtable
.init(&ctx
.vtable
,
1065 &br_sha256_vtable
, seed
, seed_len
);
1066 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1067 check_equals("KAT HMAC_DRBG 4", tmp
, ref1
, sizeof tmp
);
1068 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1069 check_equals("KAT HMAC_DRBG 5", tmp
, ref2
, sizeof tmp
);
1070 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1071 check_equals("KAT HMAC_DRBG 6", tmp
, ref3
, sizeof tmp
);
1078 do_KAT_PRF(br_tls_prf_impl prf
,
1079 const char *ssecret
, const char *label
, const char *sseed
,
1082 unsigned char secret
[100], seed
[100], ref
[500], out
[500];
1083 size_t secret_len
, seed_len
, ref_len
;
1084 br_tls_prf_seed_chunk chunks
[2];
1086 secret_len
= hextobin(secret
, ssecret
);
1087 seed_len
= hextobin(seed
, sseed
);
1088 ref_len
= hextobin(ref
, sref
);
1090 chunks
[0].data
= seed
;
1091 chunks
[0].len
= seed_len
;
1092 prf(out
, ref_len
, secret
, secret_len
, label
, 1, chunks
);
1093 check_equals("TLS PRF KAT 1", out
, ref
, ref_len
);
1095 chunks
[0].data
= seed
;
1096 chunks
[0].len
= seed_len
;
1097 chunks
[1].data
= NULL
;
1099 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1100 check_equals("TLS PRF KAT 2", out
, ref
, ref_len
);
1102 chunks
[0].data
= NULL
;
1104 chunks
[1].data
= seed
;
1105 chunks
[1].len
= seed_len
;
1106 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1107 check_equals("TLS PRF KAT 3", out
, ref
, ref_len
);
1109 chunks
[0].data
= seed
;
1110 chunks
[0].len
= seed_len
>> 1;
1111 chunks
[1].data
= seed
+ chunks
[0].len
;
1112 chunks
[1].len
= seed_len
- chunks
[0].len
;
1113 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1114 check_equals("TLS PRF KAT 4", out
, ref
, ref_len
);
1120 printf("Test TLS PRF: ");
1124 * Test vector taken from an email that was on:
1125 * http://www.imc.org/ietf-tls/mail-archive/msg01589.html
1126 * but no longer exists there; a version archived in 2008
1127 * can be found on http://www.archive.org/
1129 do_KAT_PRF(&br_tls10_prf
,
1130 "abababababababababababababababababababababababababababababababababababababababababababababababab",
1132 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
1133 "d3d4d1e349b5d515044666d51de32bab258cb521b6b053463e354832fd976754443bcf9a296519bc289abcbc1187e4ebd31e602353776c408aafb74cbc85eff69255f9788faa184cbb957a9819d84a5d7eb006eb459d3ae8de9810454b8b2d8f1afbc655a8c9a013");
1136 * Test vectors are taken from:
1137 * https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
1139 do_KAT_PRF(&br_tls12_sha256_prf
,
1140 "9bbe436ba940f017b17652849a71db35",
1142 "a0ba9f936cda311827a6f796ffd5198c",
1143 "e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66");
1144 do_KAT_PRF(&br_tls12_sha384_prf
,
1145 "b80b733d6ceefcdc71566ea48e5567df",
1147 "cd665cf6a8447dd6ff8b27555edb7465",
1148 "7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f");
1155 * AES known-answer tests. Order: key, plaintext, ciphertext.
1157 static const char *const KAT_AES
[] = {
1161 "000102030405060708090a0b0c0d0e0f",
1162 "00112233445566778899aabbccddeeff",
1163 "69c4e0d86a7b0430d8cdb78070b4c55a",
1165 "000102030405060708090a0b0c0d0e0f1011121314151617",
1166 "00112233445566778899aabbccddeeff",
1167 "dda97ca4864cdfe06eaf70a0ec0d7191",
1169 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
1170 "00112233445566778899aabbccddeeff",
1171 "8ea2b7ca516745bfeafc49904b496089",
1174 * From NIST validation suite (ECBVarTxt128.rsp).
1176 "00000000000000000000000000000000",
1177 "80000000000000000000000000000000",
1178 "3ad78e726c1ec02b7ebfe92b23d9ec34",
1180 "00000000000000000000000000000000",
1181 "c0000000000000000000000000000000",
1182 "aae5939c8efdf2f04e60b9fe7117b2c2",
1184 "00000000000000000000000000000000",
1185 "e0000000000000000000000000000000",
1186 "f031d4d74f5dcbf39daaf8ca3af6e527",
1188 "00000000000000000000000000000000",
1189 "f0000000000000000000000000000000",
1190 "96d9fd5cc4f07441727df0f33e401a36",
1192 "00000000000000000000000000000000",
1193 "f8000000000000000000000000000000",
1194 "30ccdb044646d7e1f3ccea3dca08b8c0",
1196 "00000000000000000000000000000000",
1197 "fc000000000000000000000000000000",
1198 "16ae4ce5042a67ee8e177b7c587ecc82",
1200 "00000000000000000000000000000000",
1201 "fe000000000000000000000000000000",
1202 "b6da0bb11a23855d9c5cb1b4c6412e0a",
1204 "00000000000000000000000000000000",
1205 "ff000000000000000000000000000000",
1206 "db4f1aa530967d6732ce4715eb0ee24b",
1208 "00000000000000000000000000000000",
1209 "ff800000000000000000000000000000",
1210 "a81738252621dd180a34f3455b4baa2f",
1212 "00000000000000000000000000000000",
1213 "ffc00000000000000000000000000000",
1214 "77e2b508db7fd89234caf7939ee5621a",
1216 "00000000000000000000000000000000",
1217 "ffe00000000000000000000000000000",
1218 "b8499c251f8442ee13f0933b688fcd19",
1220 "00000000000000000000000000000000",
1221 "fff00000000000000000000000000000",
1222 "965135f8a81f25c9d630b17502f68e53",
1224 "00000000000000000000000000000000",
1225 "fff80000000000000000000000000000",
1226 "8b87145a01ad1c6cede995ea3670454f",
1228 "00000000000000000000000000000000",
1229 "fffc0000000000000000000000000000",
1230 "8eae3b10a0c8ca6d1d3b0fa61e56b0b2",
1232 "00000000000000000000000000000000",
1233 "fffe0000000000000000000000000000",
1234 "64b4d629810fda6bafdf08f3b0d8d2c5",
1236 "00000000000000000000000000000000",
1237 "ffff0000000000000000000000000000",
1238 "d7e5dbd3324595f8fdc7d7c571da6c2a",
1240 "00000000000000000000000000000000",
1241 "ffff8000000000000000000000000000",
1242 "f3f72375264e167fca9de2c1527d9606",
1244 "00000000000000000000000000000000",
1245 "ffffc000000000000000000000000000",
1246 "8ee79dd4f401ff9b7ea945d86666c13b",
1248 "00000000000000000000000000000000",
1249 "ffffe000000000000000000000000000",
1250 "dd35cea2799940b40db3f819cb94c08b",
1252 "00000000000000000000000000000000",
1253 "fffff000000000000000000000000000",
1254 "6941cb6b3e08c2b7afa581ebdd607b87",
1256 "00000000000000000000000000000000",
1257 "fffff800000000000000000000000000",
1258 "2c20f439f6bb097b29b8bd6d99aad799",
1260 "00000000000000000000000000000000",
1261 "fffffc00000000000000000000000000",
1262 "625d01f058e565f77ae86378bd2c49b3",
1264 "00000000000000000000000000000000",
1265 "fffffe00000000000000000000000000",
1266 "c0b5fd98190ef45fbb4301438d095950",
1268 "00000000000000000000000000000000",
1269 "ffffff00000000000000000000000000",
1270 "13001ff5d99806efd25da34f56be854b",
1272 "00000000000000000000000000000000",
1273 "ffffff80000000000000000000000000",
1274 "3b594c60f5c8277a5113677f94208d82",
1276 "00000000000000000000000000000000",
1277 "ffffffc0000000000000000000000000",
1278 "e9c0fc1818e4aa46bd2e39d638f89e05",
1280 "00000000000000000000000000000000",
1281 "ffffffe0000000000000000000000000",
1282 "f8023ee9c3fdc45a019b4e985c7e1a54",
1284 "00000000000000000000000000000000",
1285 "fffffff0000000000000000000000000",
1286 "35f40182ab4662f3023baec1ee796b57",
1288 "00000000000000000000000000000000",
1289 "fffffff8000000000000000000000000",
1290 "3aebbad7303649b4194a6945c6cc3694",
1292 "00000000000000000000000000000000",
1293 "fffffffc000000000000000000000000",
1294 "a2124bea53ec2834279bed7f7eb0f938",
1296 "00000000000000000000000000000000",
1297 "fffffffe000000000000000000000000",
1298 "b9fb4399fa4facc7309e14ec98360b0a",
1300 "00000000000000000000000000000000",
1301 "ffffffff000000000000000000000000",
1302 "c26277437420c5d634f715aea81a9132",
1304 "00000000000000000000000000000000",
1305 "ffffffff800000000000000000000000",
1306 "171a0e1b2dd424f0e089af2c4c10f32f",
1308 "00000000000000000000000000000000",
1309 "ffffffffc00000000000000000000000",
1310 "7cadbe402d1b208fe735edce00aee7ce",
1312 "00000000000000000000000000000000",
1313 "ffffffffe00000000000000000000000",
1314 "43b02ff929a1485af6f5c6d6558baa0f",
1316 "00000000000000000000000000000000",
1317 "fffffffff00000000000000000000000",
1318 "092faacc9bf43508bf8fa8613ca75dea",
1320 "00000000000000000000000000000000",
1321 "fffffffff80000000000000000000000",
1322 "cb2bf8280f3f9742c7ed513fe802629c",
1324 "00000000000000000000000000000000",
1325 "fffffffffc0000000000000000000000",
1326 "215a41ee442fa992a6e323986ded3f68",
1328 "00000000000000000000000000000000",
1329 "fffffffffe0000000000000000000000",
1330 "f21e99cf4f0f77cea836e11a2fe75fb1",
1332 "00000000000000000000000000000000",
1333 "ffffffffff0000000000000000000000",
1334 "95e3a0ca9079e646331df8b4e70d2cd6",
1336 "00000000000000000000000000000000",
1337 "ffffffffff8000000000000000000000",
1338 "4afe7f120ce7613f74fc12a01a828073",
1340 "00000000000000000000000000000000",
1341 "ffffffffffc000000000000000000000",
1342 "827f000e75e2c8b9d479beed913fe678",
1344 "00000000000000000000000000000000",
1345 "ffffffffffe000000000000000000000",
1346 "35830c8e7aaefe2d30310ef381cbf691",
1348 "00000000000000000000000000000000",
1349 "fffffffffff000000000000000000000",
1350 "191aa0f2c8570144f38657ea4085ebe5",
1352 "00000000000000000000000000000000",
1353 "fffffffffff800000000000000000000",
1354 "85062c2c909f15d9269b6c18ce99c4f0",
1356 "00000000000000000000000000000000",
1357 "fffffffffffc00000000000000000000",
1358 "678034dc9e41b5a560ed239eeab1bc78",
1360 "00000000000000000000000000000000",
1361 "fffffffffffe00000000000000000000",
1362 "c2f93a4ce5ab6d5d56f1b93cf19911c1",
1364 "00000000000000000000000000000000",
1365 "ffffffffffff00000000000000000000",
1366 "1c3112bcb0c1dcc749d799743691bf82",
1368 "00000000000000000000000000000000",
1369 "ffffffffffff80000000000000000000",
1370 "00c55bd75c7f9c881989d3ec1911c0d4",
1372 "00000000000000000000000000000000",
1373 "ffffffffffffc0000000000000000000",
1374 "ea2e6b5ef182b7dff3629abd6a12045f",
1376 "00000000000000000000000000000000",
1377 "ffffffffffffe0000000000000000000",
1378 "22322327e01780b17397f24087f8cc6f",
1380 "00000000000000000000000000000000",
1381 "fffffffffffff0000000000000000000",
1382 "c9cacb5cd11692c373b2411768149ee7",
1384 "00000000000000000000000000000000",
1385 "fffffffffffff8000000000000000000",
1386 "a18e3dbbca577860dab6b80da3139256",
1388 "00000000000000000000000000000000",
1389 "fffffffffffffc000000000000000000",
1390 "79b61c37bf328ecca8d743265a3d425c",
1392 "00000000000000000000000000000000",
1393 "fffffffffffffe000000000000000000",
1394 "d2d99c6bcc1f06fda8e27e8ae3f1ccc7",
1396 "00000000000000000000000000000000",
1397 "ffffffffffffff000000000000000000",
1398 "1bfd4b91c701fd6b61b7f997829d663b",
1400 "00000000000000000000000000000000",
1401 "ffffffffffffff800000000000000000",
1402 "11005d52f25f16bdc9545a876a63490a",
1404 "00000000000000000000000000000000",
1405 "ffffffffffffffc00000000000000000",
1406 "3a4d354f02bb5a5e47d39666867f246a",
1408 "00000000000000000000000000000000",
1409 "ffffffffffffffe00000000000000000",
1410 "d451b8d6e1e1a0ebb155fbbf6e7b7dc3",
1412 "00000000000000000000000000000000",
1413 "fffffffffffffff00000000000000000",
1414 "6898d4f42fa7ba6a10ac05e87b9f2080",
1416 "00000000000000000000000000000000",
1417 "fffffffffffffff80000000000000000",
1418 "b611295e739ca7d9b50f8e4c0e754a3f",
1420 "00000000000000000000000000000000",
1421 "fffffffffffffffc0000000000000000",
1422 "7d33fc7d8abe3ca1936759f8f5deaf20",
1424 "00000000000000000000000000000000",
1425 "fffffffffffffffe0000000000000000",
1426 "3b5e0f566dc96c298f0c12637539b25c",
1428 "00000000000000000000000000000000",
1429 "ffffffffffffffff0000000000000000",
1430 "f807c3e7985fe0f5a50e2cdb25c5109e",
1432 "00000000000000000000000000000000",
1433 "ffffffffffffffff8000000000000000",
1434 "41f992a856fb278b389a62f5d274d7e9",
1436 "00000000000000000000000000000000",
1437 "ffffffffffffffffc000000000000000",
1438 "10d3ed7a6fe15ab4d91acbc7d0767ab1",
1440 "00000000000000000000000000000000",
1441 "ffffffffffffffffe000000000000000",
1442 "21feecd45b2e675973ac33bf0c5424fc",
1444 "00000000000000000000000000000000",
1445 "fffffffffffffffff000000000000000",
1446 "1480cb3955ba62d09eea668f7c708817",
1448 "00000000000000000000000000000000",
1449 "fffffffffffffffff800000000000000",
1450 "66404033d6b72b609354d5496e7eb511",
1452 "00000000000000000000000000000000",
1453 "fffffffffffffffffc00000000000000",
1454 "1c317a220a7d700da2b1e075b00266e1",
1456 "00000000000000000000000000000000",
1457 "fffffffffffffffffe00000000000000",
1458 "ab3b89542233f1271bf8fd0c0f403545",
1460 "00000000000000000000000000000000",
1461 "ffffffffffffffffff00000000000000",
1462 "d93eae966fac46dca927d6b114fa3f9e",
1464 "00000000000000000000000000000000",
1465 "ffffffffffffffffff80000000000000",
1466 "1bdec521316503d9d5ee65df3ea94ddf",
1468 "00000000000000000000000000000000",
1469 "ffffffffffffffffffc0000000000000",
1470 "eef456431dea8b4acf83bdae3717f75f",
1472 "00000000000000000000000000000000",
1473 "ffffffffffffffffffe0000000000000",
1474 "06f2519a2fafaa596bfef5cfa15c21b9",
1476 "00000000000000000000000000000000",
1477 "fffffffffffffffffff0000000000000",
1478 "251a7eac7e2fe809e4aa8d0d7012531a",
1480 "00000000000000000000000000000000",
1481 "fffffffffffffffffff8000000000000",
1482 "3bffc16e4c49b268a20f8d96a60b4058",
1484 "00000000000000000000000000000000",
1485 "fffffffffffffffffffc000000000000",
1486 "e886f9281999c5bb3b3e8862e2f7c988",
1488 "00000000000000000000000000000000",
1489 "fffffffffffffffffffe000000000000",
1490 "563bf90d61beef39f48dd625fcef1361",
1492 "00000000000000000000000000000000",
1493 "ffffffffffffffffffff000000000000",
1494 "4d37c850644563c69fd0acd9a049325b",
1496 "00000000000000000000000000000000",
1497 "ffffffffffffffffffff800000000000",
1498 "b87c921b91829ef3b13ca541ee1130a6",
1500 "00000000000000000000000000000000",
1501 "ffffffffffffffffffffc00000000000",
1502 "2e65eb6b6ea383e109accce8326b0393",
1504 "00000000000000000000000000000000",
1505 "ffffffffffffffffffffe00000000000",
1506 "9ca547f7439edc3e255c0f4d49aa8990",
1508 "00000000000000000000000000000000",
1509 "fffffffffffffffffffff00000000000",
1510 "a5e652614c9300f37816b1f9fd0c87f9",
1512 "00000000000000000000000000000000",
1513 "fffffffffffffffffffff80000000000",
1514 "14954f0b4697776f44494fe458d814ed",
1516 "00000000000000000000000000000000",
1517 "fffffffffffffffffffffc0000000000",
1518 "7c8d9ab6c2761723fe42f8bb506cbcf7",
1520 "00000000000000000000000000000000",
1521 "fffffffffffffffffffffe0000000000",
1522 "db7e1932679fdd99742aab04aa0d5a80",
1524 "00000000000000000000000000000000",
1525 "ffffffffffffffffffffff0000000000",
1526 "4c6a1c83e568cd10f27c2d73ded19c28",
1528 "00000000000000000000000000000000",
1529 "ffffffffffffffffffffff8000000000",
1530 "90ecbe6177e674c98de412413f7ac915",
1532 "00000000000000000000000000000000",
1533 "ffffffffffffffffffffffc000000000",
1534 "90684a2ac55fe1ec2b8ebd5622520b73",
1536 "00000000000000000000000000000000",
1537 "ffffffffffffffffffffffe000000000",
1538 "7472f9a7988607ca79707795991035e6",
1540 "00000000000000000000000000000000",
1541 "fffffffffffffffffffffff000000000",
1542 "56aff089878bf3352f8df172a3ae47d8",
1544 "00000000000000000000000000000000",
1545 "fffffffffffffffffffffff800000000",
1546 "65c0526cbe40161b8019a2a3171abd23",
1548 "00000000000000000000000000000000",
1549 "fffffffffffffffffffffffc00000000",
1550 "377be0be33b4e3e310b4aabda173f84f",
1552 "00000000000000000000000000000000",
1553 "fffffffffffffffffffffffe00000000",
1554 "9402e9aa6f69de6504da8d20c4fcaa2f",
1556 "00000000000000000000000000000000",
1557 "ffffffffffffffffffffffff00000000",
1558 "123c1f4af313ad8c2ce648b2e71fb6e1",
1560 "00000000000000000000000000000000",
1561 "ffffffffffffffffffffffff80000000",
1562 "1ffc626d30203dcdb0019fb80f726cf4",
1564 "00000000000000000000000000000000",
1565 "ffffffffffffffffffffffffc0000000",
1566 "76da1fbe3a50728c50fd2e621b5ad885",
1568 "00000000000000000000000000000000",
1569 "ffffffffffffffffffffffffe0000000",
1570 "082eb8be35f442fb52668e16a591d1d6",
1572 "00000000000000000000000000000000",
1573 "fffffffffffffffffffffffff0000000",
1574 "e656f9ecf5fe27ec3e4a73d00c282fb3",
1576 "00000000000000000000000000000000",
1577 "fffffffffffffffffffffffff8000000",
1578 "2ca8209d63274cd9a29bb74bcd77683a",
1580 "00000000000000000000000000000000",
1581 "fffffffffffffffffffffffffc000000",
1582 "79bf5dce14bb7dd73a8e3611de7ce026",
1584 "00000000000000000000000000000000",
1585 "fffffffffffffffffffffffffe000000",
1586 "3c849939a5d29399f344c4a0eca8a576",
1588 "00000000000000000000000000000000",
1589 "ffffffffffffffffffffffffff000000",
1590 "ed3c0a94d59bece98835da7aa4f07ca2",
1592 "00000000000000000000000000000000",
1593 "ffffffffffffffffffffffffff800000",
1594 "63919ed4ce10196438b6ad09d99cd795",
1596 "00000000000000000000000000000000",
1597 "ffffffffffffffffffffffffffc00000",
1598 "7678f3a833f19fea95f3c6029e2bc610",
1600 "00000000000000000000000000000000",
1601 "ffffffffffffffffffffffffffe00000",
1602 "3aa426831067d36b92be7c5f81c13c56",
1604 "00000000000000000000000000000000",
1605 "fffffffffffffffffffffffffff00000",
1606 "9272e2d2cdd11050998c845077a30ea0",
1608 "00000000000000000000000000000000",
1609 "fffffffffffffffffffffffffff80000",
1610 "088c4b53f5ec0ff814c19adae7f6246c",
1612 "00000000000000000000000000000000",
1613 "fffffffffffffffffffffffffffc0000",
1614 "4010a5e401fdf0a0354ddbcc0d012b17",
1616 "00000000000000000000000000000000",
1617 "fffffffffffffffffffffffffffe0000",
1618 "a87a385736c0a6189bd6589bd8445a93",
1620 "00000000000000000000000000000000",
1621 "ffffffffffffffffffffffffffff0000",
1622 "545f2b83d9616dccf60fa9830e9cd287",
1624 "00000000000000000000000000000000",
1625 "ffffffffffffffffffffffffffff8000",
1626 "4b706f7f92406352394037a6d4f4688d",
1628 "00000000000000000000000000000000",
1629 "ffffffffffffffffffffffffffffc000",
1630 "b7972b3941c44b90afa7b264bfba7387",
1632 "00000000000000000000000000000000",
1633 "ffffffffffffffffffffffffffffe000",
1634 "6f45732cf10881546f0fd23896d2bb60",
1636 "00000000000000000000000000000000",
1637 "fffffffffffffffffffffffffffff000",
1638 "2e3579ca15af27f64b3c955a5bfc30ba",
1640 "00000000000000000000000000000000",
1641 "fffffffffffffffffffffffffffff800",
1642 "34a2c5a91ae2aec99b7d1b5fa6780447",
1644 "00000000000000000000000000000000",
1645 "fffffffffffffffffffffffffffffc00",
1646 "a4d6616bd04f87335b0e53351227a9ee",
1648 "00000000000000000000000000000000",
1649 "fffffffffffffffffffffffffffffe00",
1650 "7f692b03945867d16179a8cefc83ea3f",
1652 "00000000000000000000000000000000",
1653 "ffffffffffffffffffffffffffffff00",
1654 "3bd141ee84a0e6414a26e7a4f281f8a2",
1656 "00000000000000000000000000000000",
1657 "ffffffffffffffffffffffffffffff80",
1658 "d1788f572d98b2b16ec5d5f3922b99bc",
1660 "00000000000000000000000000000000",
1661 "ffffffffffffffffffffffffffffffc0",
1662 "0833ff6f61d98a57b288e8c3586b85a6",
1664 "00000000000000000000000000000000",
1665 "ffffffffffffffffffffffffffffffe0",
1666 "8568261797de176bf0b43becc6285afb",
1668 "00000000000000000000000000000000",
1669 "fffffffffffffffffffffffffffffff0",
1670 "f9b0fda0c4a898f5b9e6f661c4ce4d07",
1672 "00000000000000000000000000000000",
1673 "fffffffffffffffffffffffffffffff8",
1674 "8ade895913685c67c5269f8aae42983e",
1676 "00000000000000000000000000000000",
1677 "fffffffffffffffffffffffffffffffc",
1678 "39bde67d5c8ed8a8b1c37eb8fa9f5ac0",
1680 "00000000000000000000000000000000",
1681 "fffffffffffffffffffffffffffffffe",
1682 "5c005e72c1418c44f569f2ea33ba54f3",
1684 "00000000000000000000000000000000",
1685 "ffffffffffffffffffffffffffffffff",
1686 "3f5b8cc9ea855a0afa7347d23e8d664e",
1689 * From NIST validation suite (ECBVarTxt192.rsp).
1691 "000000000000000000000000000000000000000000000000",
1692 "80000000000000000000000000000000",
1693 "6cd02513e8d4dc986b4afe087a60bd0c",
1695 "000000000000000000000000000000000000000000000000",
1696 "c0000000000000000000000000000000",
1697 "2ce1f8b7e30627c1c4519eada44bc436",
1699 "000000000000000000000000000000000000000000000000",
1700 "e0000000000000000000000000000000",
1701 "9946b5f87af446f5796c1fee63a2da24",
1703 "000000000000000000000000000000000000000000000000",
1704 "f0000000000000000000000000000000",
1705 "2a560364ce529efc21788779568d5555",
1707 "000000000000000000000000000000000000000000000000",
1708 "f8000000000000000000000000000000",
1709 "35c1471837af446153bce55d5ba72a0a",
1711 "000000000000000000000000000000000000000000000000",
1712 "fc000000000000000000000000000000",
1713 "ce60bc52386234f158f84341e534cd9e",
1715 "000000000000000000000000000000000000000000000000",
1716 "fe000000000000000000000000000000",
1717 "8c7c27ff32bcf8dc2dc57c90c2903961",
1719 "000000000000000000000000000000000000000000000000",
1720 "ff000000000000000000000000000000",
1721 "32bb6a7ec84499e166f936003d55a5bb",
1723 "000000000000000000000000000000000000000000000000",
1724 "ff800000000000000000000000000000",
1725 "a5c772e5c62631ef660ee1d5877f6d1b",
1727 "000000000000000000000000000000000000000000000000",
1728 "ffc00000000000000000000000000000",
1729 "030d7e5b64f380a7e4ea5387b5cd7f49",
1731 "000000000000000000000000000000000000000000000000",
1732 "ffe00000000000000000000000000000",
1733 "0dc9a2610037009b698f11bb7e86c83e",
1735 "000000000000000000000000000000000000000000000000",
1736 "fff00000000000000000000000000000",
1737 "0046612c766d1840c226364f1fa7ed72",
1739 "000000000000000000000000000000000000000000000000",
1740 "fff80000000000000000000000000000",
1741 "4880c7e08f27befe78590743c05e698b",
1743 "000000000000000000000000000000000000000000000000",
1744 "fffc0000000000000000000000000000",
1745 "2520ce829a26577f0f4822c4ecc87401",
1747 "000000000000000000000000000000000000000000000000",
1748 "fffe0000000000000000000000000000",
1749 "8765e8acc169758319cb46dc7bcf3dca",
1751 "000000000000000000000000000000000000000000000000",
1752 "ffff0000000000000000000000000000",
1753 "e98f4ba4f073df4baa116d011dc24a28",
1755 "000000000000000000000000000000000000000000000000",
1756 "ffff8000000000000000000000000000",
1757 "f378f68c5dbf59e211b3a659a7317d94",
1759 "000000000000000000000000000000000000000000000000",
1760 "ffffc000000000000000000000000000",
1761 "283d3b069d8eb9fb432d74b96ca762b4",
1763 "000000000000000000000000000000000000000000000000",
1764 "ffffe000000000000000000000000000",
1765 "a7e1842e8a87861c221a500883245c51",
1767 "000000000000000000000000000000000000000000000000",
1768 "fffff000000000000000000000000000",
1769 "77aa270471881be070fb52c7067ce732",
1771 "000000000000000000000000000000000000000000000000",
1772 "fffff800000000000000000000000000",
1773 "01b0f476d484f43f1aeb6efa9361a8ac",
1775 "000000000000000000000000000000000000000000000000",
1776 "fffffc00000000000000000000000000",
1777 "1c3a94f1c052c55c2d8359aff2163b4f",
1779 "000000000000000000000000000000000000000000000000",
1780 "fffffe00000000000000000000000000",
1781 "e8a067b604d5373d8b0f2e05a03b341b",
1783 "000000000000000000000000000000000000000000000000",
1784 "ffffff00000000000000000000000000",
1785 "a7876ec87f5a09bfea42c77da30fd50e",
1787 "000000000000000000000000000000000000000000000000",
1788 "ffffff80000000000000000000000000",
1789 "0cf3e9d3a42be5b854ca65b13f35f48d",
1791 "000000000000000000000000000000000000000000000000",
1792 "ffffffc0000000000000000000000000",
1793 "6c62f6bbcab7c3e821c9290f08892dda",
1795 "000000000000000000000000000000000000000000000000",
1796 "ffffffe0000000000000000000000000",
1797 "7f5e05bd2068738196fee79ace7e3aec",
1799 "000000000000000000000000000000000000000000000000",
1800 "fffffff0000000000000000000000000",
1801 "440e0d733255cda92fb46e842fe58054",
1803 "000000000000000000000000000000000000000000000000",
1804 "fffffff8000000000000000000000000",
1805 "aa5d5b1c4ea1b7a22e5583ac2e9ed8a7",
1807 "000000000000000000000000000000000000000000000000",
1808 "fffffffc000000000000000000000000",
1809 "77e537e89e8491e8662aae3bc809421d",
1811 "000000000000000000000000000000000000000000000000",
1812 "fffffffe000000000000000000000000",
1813 "997dd3e9f1598bfa73f75973f7e93b76",
1815 "000000000000000000000000000000000000000000000000",
1816 "ffffffff000000000000000000000000",
1817 "1b38d4f7452afefcb7fc721244e4b72e",
1819 "000000000000000000000000000000000000000000000000",
1820 "ffffffff800000000000000000000000",
1821 "0be2b18252e774dda30cdda02c6906e3",
1823 "000000000000000000000000000000000000000000000000",
1824 "ffffffffc00000000000000000000000",
1825 "d2695e59c20361d82652d7d58b6f11b2",
1827 "000000000000000000000000000000000000000000000000",
1828 "ffffffffe00000000000000000000000",
1829 "902d88d13eae52089abd6143cfe394e9",
1831 "000000000000000000000000000000000000000000000000",
1832 "fffffffff00000000000000000000000",
1833 "d49bceb3b823fedd602c305345734bd2",
1835 "000000000000000000000000000000000000000000000000",
1836 "fffffffff80000000000000000000000",
1837 "707b1dbb0ffa40ef7d95def421233fae",
1839 "000000000000000000000000000000000000000000000000",
1840 "fffffffffc0000000000000000000000",
1841 "7ca0c1d93356d9eb8aa952084d75f913",
1843 "000000000000000000000000000000000000000000000000",
1844 "fffffffffe0000000000000000000000",
1845 "f2cbf9cb186e270dd7bdb0c28febc57d",
1847 "000000000000000000000000000000000000000000000000",
1848 "ffffffffff0000000000000000000000",
1849 "c94337c37c4e790ab45780bd9c3674a0",
1851 "000000000000000000000000000000000000000000000000",
1852 "ffffffffff8000000000000000000000",
1853 "8e3558c135252fb9c9f367ed609467a1",
1855 "000000000000000000000000000000000000000000000000",
1856 "ffffffffffc000000000000000000000",
1857 "1b72eeaee4899b443914e5b3a57fba92",
1859 "000000000000000000000000000000000000000000000000",
1860 "ffffffffffe000000000000000000000",
1861 "011865f91bc56868d051e52c9efd59b7",
1863 "000000000000000000000000000000000000000000000000",
1864 "fffffffffff000000000000000000000",
1865 "e4771318ad7a63dd680f6e583b7747ea",
1867 "000000000000000000000000000000000000000000000000",
1868 "fffffffffff800000000000000000000",
1869 "61e3d194088dc8d97e9e6db37457eac5",
1871 "000000000000000000000000000000000000000000000000",
1872 "fffffffffffc00000000000000000000",
1873 "36ff1ec9ccfbc349e5d356d063693ad6",
1875 "000000000000000000000000000000000000000000000000",
1876 "fffffffffffe00000000000000000000",
1877 "3cc9e9a9be8cc3f6fb2ea24088e9bb19",
1879 "000000000000000000000000000000000000000000000000",
1880 "ffffffffffff00000000000000000000",
1881 "1ee5ab003dc8722e74905d9a8fe3d350",
1883 "000000000000000000000000000000000000000000000000",
1884 "ffffffffffff80000000000000000000",
1885 "245339319584b0a412412869d6c2eada",
1887 "000000000000000000000000000000000000000000000000",
1888 "ffffffffffffc0000000000000000000",
1889 "7bd496918115d14ed5380852716c8814",
1891 "000000000000000000000000000000000000000000000000",
1892 "ffffffffffffe0000000000000000000",
1893 "273ab2f2b4a366a57d582a339313c8b1",
1895 "000000000000000000000000000000000000000000000000",
1896 "fffffffffffff0000000000000000000",
1897 "113365a9ffbe3b0ca61e98507554168b",
1899 "000000000000000000000000000000000000000000000000",
1900 "fffffffffffff8000000000000000000",
1901 "afa99c997ac478a0dea4119c9e45f8b1",
1903 "000000000000000000000000000000000000000000000000",
1904 "fffffffffffffc000000000000000000",
1905 "9216309a7842430b83ffb98638011512",
1907 "000000000000000000000000000000000000000000000000",
1908 "fffffffffffffe000000000000000000",
1909 "62abc792288258492a7cb45145f4b759",
1911 "000000000000000000000000000000000000000000000000",
1912 "ffffffffffffff000000000000000000",
1913 "534923c169d504d7519c15d30e756c50",
1915 "000000000000000000000000000000000000000000000000",
1916 "ffffffffffffff800000000000000000",
1917 "fa75e05bcdc7e00c273fa33f6ee441d2",
1919 "000000000000000000000000000000000000000000000000",
1920 "ffffffffffffffc00000000000000000",
1921 "7d350fa6057080f1086a56b17ec240db",
1923 "000000000000000000000000000000000000000000000000",
1924 "ffffffffffffffe00000000000000000",
1925 "f34e4a6324ea4a5c39a661c8fe5ada8f",
1927 "000000000000000000000000000000000000000000000000",
1928 "fffffffffffffff00000000000000000",
1929 "0882a16f44088d42447a29ac090ec17e",
1931 "000000000000000000000000000000000000000000000000",
1932 "fffffffffffffff80000000000000000",
1933 "3a3c15bfc11a9537c130687004e136ee",
1935 "000000000000000000000000000000000000000000000000",
1936 "fffffffffffffffc0000000000000000",
1937 "22c0a7678dc6d8cf5c8a6d5a9960767c",
1939 "000000000000000000000000000000000000000000000000",
1940 "fffffffffffffffe0000000000000000",
1941 "b46b09809d68b9a456432a79bdc2e38c",
1943 "000000000000000000000000000000000000000000000000",
1944 "ffffffffffffffff0000000000000000",
1945 "93baaffb35fbe739c17c6ac22eecf18f",
1947 "000000000000000000000000000000000000000000000000",
1948 "ffffffffffffffff8000000000000000",
1949 "c8aa80a7850675bc007c46df06b49868",
1951 "000000000000000000000000000000000000000000000000",
1952 "ffffffffffffffffc000000000000000",
1953 "12c6f3877af421a918a84b775858021d",
1955 "000000000000000000000000000000000000000000000000",
1956 "ffffffffffffffffe000000000000000",
1957 "33f123282c5d633924f7d5ba3f3cab11",
1959 "000000000000000000000000000000000000000000000000",
1960 "fffffffffffffffff000000000000000",
1961 "a8f161002733e93ca4527d22c1a0c5bb",
1963 "000000000000000000000000000000000000000000000000",
1964 "fffffffffffffffff800000000000000",
1965 "b72f70ebf3e3fda23f508eec76b42c02",
1967 "000000000000000000000000000000000000000000000000",
1968 "fffffffffffffffffc00000000000000",
1969 "6a9d965e6274143f25afdcfc88ffd77c",
1971 "000000000000000000000000000000000000000000000000",
1972 "fffffffffffffffffe00000000000000",
1973 "a0c74fd0b9361764ce91c5200b095357",
1975 "000000000000000000000000000000000000000000000000",
1976 "ffffffffffffffffff00000000000000",
1977 "091d1fdc2bd2c346cd5046a8c6209146",
1979 "000000000000000000000000000000000000000000000000",
1980 "ffffffffffffffffff80000000000000",
1981 "e2a37580116cfb71856254496ab0aca8",
1983 "000000000000000000000000000000000000000000000000",
1984 "ffffffffffffffffffc0000000000000",
1985 "e0b3a00785917c7efc9adba322813571",
1987 "000000000000000000000000000000000000000000000000",
1988 "ffffffffffffffffffe0000000000000",
1989 "733d41f4727b5ef0df4af4cf3cffa0cb",
1991 "000000000000000000000000000000000000000000000000",
1992 "fffffffffffffffffff0000000000000",
1993 "a99ebb030260826f981ad3e64490aa4f",
1995 "000000000000000000000000000000000000000000000000",
1996 "fffffffffffffffffff8000000000000",
1997 "73f34c7d3eae5e80082c1647524308ee",
1999 "000000000000000000000000000000000000000000000000",
2000 "fffffffffffffffffffc000000000000",
2001 "40ebd5ad082345b7a2097ccd3464da02",
2003 "000000000000000000000000000000000000000000000000",
2004 "fffffffffffffffffffe000000000000",
2005 "7cc4ae9a424b2cec90c97153c2457ec5",
2007 "000000000000000000000000000000000000000000000000",
2008 "ffffffffffffffffffff000000000000",
2009 "54d632d03aba0bd0f91877ebdd4d09cb",
2011 "000000000000000000000000000000000000000000000000",
2012 "ffffffffffffffffffff800000000000",
2013 "d3427be7e4d27cd54f5fe37b03cf0897",
2015 "000000000000000000000000000000000000000000000000",
2016 "ffffffffffffffffffffc00000000000",
2017 "b2099795e88cc158fd75ea133d7e7fbe",
2019 "000000000000000000000000000000000000000000000000",
2020 "ffffffffffffffffffffe00000000000",
2021 "a6cae46fb6fadfe7a2c302a34242817b",
2023 "000000000000000000000000000000000000000000000000",
2024 "fffffffffffffffffffff00000000000",
2025 "026a7024d6a902e0b3ffccbaa910cc3f",
2027 "000000000000000000000000000000000000000000000000",
2028 "fffffffffffffffffffff80000000000",
2029 "156f07767a85a4312321f63968338a01",
2031 "000000000000000000000000000000000000000000000000",
2032 "fffffffffffffffffffffc0000000000",
2033 "15eec9ebf42b9ca76897d2cd6c5a12e2",
2035 "000000000000000000000000000000000000000000000000",
2036 "fffffffffffffffffffffe0000000000",
2037 "db0d3a6fdcc13f915e2b302ceeb70fd8",
2039 "000000000000000000000000000000000000000000000000",
2040 "ffffffffffffffffffffff0000000000",
2041 "71dbf37e87a2e34d15b20e8f10e48924",
2043 "000000000000000000000000000000000000000000000000",
2044 "ffffffffffffffffffffff8000000000",
2045 "c745c451e96ff3c045e4367c833e3b54",
2047 "000000000000000000000000000000000000000000000000",
2048 "ffffffffffffffffffffffc000000000",
2049 "340da09c2dd11c3b679d08ccd27dd595",
2051 "000000000000000000000000000000000000000000000000",
2052 "ffffffffffffffffffffffe000000000",
2053 "8279f7c0c2a03ee660c6d392db025d18",
2055 "000000000000000000000000000000000000000000000000",
2056 "fffffffffffffffffffffff000000000",
2057 "a4b2c7d8eba531ff47c5041a55fbd1ec",
2059 "000000000000000000000000000000000000000000000000",
2060 "fffffffffffffffffffffff800000000",
2061 "74569a2ca5a7bd5131ce8dc7cbfbf72f",
2063 "000000000000000000000000000000000000000000000000",
2064 "fffffffffffffffffffffffc00000000",
2065 "3713da0c0219b63454035613b5a403dd",
2067 "000000000000000000000000000000000000000000000000",
2068 "fffffffffffffffffffffffe00000000",
2069 "8827551ddcc9df23fa72a3de4e9f0b07",
2071 "000000000000000000000000000000000000000000000000",
2072 "ffffffffffffffffffffffff00000000",
2073 "2e3febfd625bfcd0a2c06eb460da1732",
2075 "000000000000000000000000000000000000000000000000",
2076 "ffffffffffffffffffffffff80000000",
2077 "ee82e6ba488156f76496311da6941deb",
2079 "000000000000000000000000000000000000000000000000",
2080 "ffffffffffffffffffffffffc0000000",
2081 "4770446f01d1f391256e85a1b30d89d3",
2083 "000000000000000000000000000000000000000000000000",
2084 "ffffffffffffffffffffffffe0000000",
2085 "af04b68f104f21ef2afb4767cf74143c",
2087 "000000000000000000000000000000000000000000000000",
2088 "fffffffffffffffffffffffff0000000",
2089 "cf3579a9ba38c8e43653173e14f3a4c6",
2091 "000000000000000000000000000000000000000000000000",
2092 "fffffffffffffffffffffffff8000000",
2093 "b3bba904f4953e09b54800af2f62e7d4",
2095 "000000000000000000000000000000000000000000000000",
2096 "fffffffffffffffffffffffffc000000",
2097 "fc4249656e14b29eb9c44829b4c59a46",
2099 "000000000000000000000000000000000000000000000000",
2100 "fffffffffffffffffffffffffe000000",
2101 "9b31568febe81cfc2e65af1c86d1a308",
2103 "000000000000000000000000000000000000000000000000",
2104 "ffffffffffffffffffffffffff000000",
2105 "9ca09c25f273a766db98a480ce8dfedc",
2107 "000000000000000000000000000000000000000000000000",
2108 "ffffffffffffffffffffffffff800000",
2109 "b909925786f34c3c92d971883c9fbedf",
2111 "000000000000000000000000000000000000000000000000",
2112 "ffffffffffffffffffffffffffc00000",
2113 "82647f1332fe570a9d4d92b2ee771d3b",
2115 "000000000000000000000000000000000000000000000000",
2116 "ffffffffffffffffffffffffffe00000",
2117 "3604a7e80832b3a99954bca6f5b9f501",
2119 "000000000000000000000000000000000000000000000000",
2120 "fffffffffffffffffffffffffff00000",
2121 "884607b128c5de3ab39a529a1ef51bef",
2123 "000000000000000000000000000000000000000000000000",
2124 "fffffffffffffffffffffffffff80000",
2125 "670cfa093d1dbdb2317041404102435e",
2127 "000000000000000000000000000000000000000000000000",
2128 "fffffffffffffffffffffffffffc0000",
2129 "7a867195f3ce8769cbd336502fbb5130",
2131 "000000000000000000000000000000000000000000000000",
2132 "fffffffffffffffffffffffffffe0000",
2133 "52efcf64c72b2f7ca5b3c836b1078c15",
2135 "000000000000000000000000000000000000000000000000",
2136 "ffffffffffffffffffffffffffff0000",
2137 "4019250f6eefb2ac5ccbcae044e75c7e",
2139 "000000000000000000000000000000000000000000000000",
2140 "ffffffffffffffffffffffffffff8000",
2141 "022c4f6f5a017d292785627667ddef24",
2143 "000000000000000000000000000000000000000000000000",
2144 "ffffffffffffffffffffffffffffc000",
2145 "e9c21078a2eb7e03250f71000fa9e3ed",
2147 "000000000000000000000000000000000000000000000000",
2148 "ffffffffffffffffffffffffffffe000",
2149 "a13eaeeb9cd391da4e2b09490b3e7fad",
2151 "000000000000000000000000000000000000000000000000",
2152 "fffffffffffffffffffffffffffff000",
2153 "c958a171dca1d4ed53e1af1d380803a9",
2155 "000000000000000000000000000000000000000000000000",
2156 "fffffffffffffffffffffffffffff800",
2157 "21442e07a110667f2583eaeeee44dc8c",
2159 "000000000000000000000000000000000000000000000000",
2160 "fffffffffffffffffffffffffffffc00",
2161 "59bbb353cf1dd867a6e33737af655e99",
2163 "000000000000000000000000000000000000000000000000",
2164 "fffffffffffffffffffffffffffffe00",
2165 "43cd3b25375d0ce41087ff9fe2829639",
2167 "000000000000000000000000000000000000000000000000",
2168 "ffffffffffffffffffffffffffffff00",
2169 "6b98b17e80d1118e3516bd768b285a84",
2171 "000000000000000000000000000000000000000000000000",
2172 "ffffffffffffffffffffffffffffff80",
2173 "ae47ed3676ca0c08deea02d95b81db58",
2175 "000000000000000000000000000000000000000000000000",
2176 "ffffffffffffffffffffffffffffffc0",
2177 "34ec40dc20413795ed53628ea748720b",
2179 "000000000000000000000000000000000000000000000000",
2180 "ffffffffffffffffffffffffffffffe0",
2181 "4dc68163f8e9835473253542c8a65d46",
2183 "000000000000000000000000000000000000000000000000",
2184 "fffffffffffffffffffffffffffffff0",
2185 "2aabb999f43693175af65c6c612c46fb",
2187 "000000000000000000000000000000000000000000000000",
2188 "fffffffffffffffffffffffffffffff8",
2189 "e01f94499dac3547515c5b1d756f0f58",
2191 "000000000000000000000000000000000000000000000000",
2192 "fffffffffffffffffffffffffffffffc",
2193 "9d12435a46480ce00ea349f71799df9a",
2195 "000000000000000000000000000000000000000000000000",
2196 "fffffffffffffffffffffffffffffffe",
2197 "cef41d16d266bdfe46938ad7884cc0cf",
2199 "000000000000000000000000000000000000000000000000",
2200 "ffffffffffffffffffffffffffffffff",
2201 "b13db4da1f718bc6904797c82bcf2d32",
2204 * From NIST validation suite (ECBVarTxt256.rsp).
2206 "0000000000000000000000000000000000000000000000000000000000000000",
2207 "80000000000000000000000000000000",
2208 "ddc6bf790c15760d8d9aeb6f9a75fd4e",
2210 "0000000000000000000000000000000000000000000000000000000000000000",
2211 "c0000000000000000000000000000000",
2212 "0a6bdc6d4c1e6280301fd8e97ddbe601",
2214 "0000000000000000000000000000000000000000000000000000000000000000",
2215 "e0000000000000000000000000000000",
2216 "9b80eefb7ebe2d2b16247aa0efc72f5d",
2218 "0000000000000000000000000000000000000000000000000000000000000000",
2219 "f0000000000000000000000000000000",
2220 "7f2c5ece07a98d8bee13c51177395ff7",
2222 "0000000000000000000000000000000000000000000000000000000000000000",
2223 "f8000000000000000000000000000000",
2224 "7818d800dcf6f4be1e0e94f403d1e4c2",
2226 "0000000000000000000000000000000000000000000000000000000000000000",
2227 "fc000000000000000000000000000000",
2228 "e74cd1c92f0919c35a0324123d6177d3",
2230 "0000000000000000000000000000000000000000000000000000000000000000",
2231 "fe000000000000000000000000000000",
2232 "8092a4dcf2da7e77e93bdd371dfed82e",
2234 "0000000000000000000000000000000000000000000000000000000000000000",
2235 "ff000000000000000000000000000000",
2236 "49af6b372135acef10132e548f217b17",
2238 "0000000000000000000000000000000000000000000000000000000000000000",
2239 "ff800000000000000000000000000000",
2240 "8bcd40f94ebb63b9f7909676e667f1e7",
2242 "0000000000000000000000000000000000000000000000000000000000000000",
2243 "ffc00000000000000000000000000000",
2244 "fe1cffb83f45dcfb38b29be438dbd3ab",
2246 "0000000000000000000000000000000000000000000000000000000000000000",
2247 "ffe00000000000000000000000000000",
2248 "0dc58a8d886623705aec15cb1e70dc0e",
2250 "0000000000000000000000000000000000000000000000000000000000000000",
2251 "fff00000000000000000000000000000",
2252 "c218faa16056bd0774c3e8d79c35a5e4",
2254 "0000000000000000000000000000000000000000000000000000000000000000",
2255 "fff80000000000000000000000000000",
2256 "047bba83f7aa841731504e012208fc9e",
2258 "0000000000000000000000000000000000000000000000000000000000000000",
2259 "fffc0000000000000000000000000000",
2260 "dc8f0e4915fd81ba70a331310882f6da",
2262 "0000000000000000000000000000000000000000000000000000000000000000",
2263 "fffe0000000000000000000000000000",
2264 "1569859ea6b7206c30bf4fd0cbfac33c",
2266 "0000000000000000000000000000000000000000000000000000000000000000",
2267 "ffff0000000000000000000000000000",
2268 "300ade92f88f48fa2df730ec16ef44cd",
2270 "0000000000000000000000000000000000000000000000000000000000000000",
2271 "ffff8000000000000000000000000000",
2272 "1fe6cc3c05965dc08eb0590c95ac71d0",
2274 "0000000000000000000000000000000000000000000000000000000000000000",
2275 "ffffc000000000000000000000000000",
2276 "59e858eaaa97fec38111275b6cf5abc0",
2278 "0000000000000000000000000000000000000000000000000000000000000000",
2279 "ffffe000000000000000000000000000",
2280 "2239455e7afe3b0616100288cc5a723b",
2282 "0000000000000000000000000000000000000000000000000000000000000000",
2283 "fffff000000000000000000000000000",
2284 "3ee500c5c8d63479717163e55c5c4522",
2286 "0000000000000000000000000000000000000000000000000000000000000000",
2287 "fffff800000000000000000000000000",
2288 "d5e38bf15f16d90e3e214041d774daa8",
2290 "0000000000000000000000000000000000000000000000000000000000000000",
2291 "fffffc00000000000000000000000000",
2292 "b1f4066e6f4f187dfe5f2ad1b17819d0",
2294 "0000000000000000000000000000000000000000000000000000000000000000",
2295 "fffffe00000000000000000000000000",
2296 "6ef4cc4de49b11065d7af2909854794a",
2298 "0000000000000000000000000000000000000000000000000000000000000000",
2299 "ffffff00000000000000000000000000",
2300 "ac86bc606b6640c309e782f232bf367f",
2302 "0000000000000000000000000000000000000000000000000000000000000000",
2303 "ffffff80000000000000000000000000",
2304 "36aff0ef7bf3280772cf4cac80a0d2b2",
2306 "0000000000000000000000000000000000000000000000000000000000000000",
2307 "ffffffc0000000000000000000000000",
2308 "1f8eedea0f62a1406d58cfc3ecea72cf",
2310 "0000000000000000000000000000000000000000000000000000000000000000",
2311 "ffffffe0000000000000000000000000",
2312 "abf4154a3375a1d3e6b1d454438f95a6",
2314 "0000000000000000000000000000000000000000000000000000000000000000",
2315 "fffffff0000000000000000000000000",
2316 "96f96e9d607f6615fc192061ee648b07",
2318 "0000000000000000000000000000000000000000000000000000000000000000",
2319 "fffffff8000000000000000000000000",
2320 "cf37cdaaa0d2d536c71857634c792064",
2322 "0000000000000000000000000000000000000000000000000000000000000000",
2323 "fffffffc000000000000000000000000",
2324 "fbd6640c80245c2b805373f130703127",
2326 "0000000000000000000000000000000000000000000000000000000000000000",
2327 "fffffffe000000000000000000000000",
2328 "8d6a8afe55a6e481badae0d146f436db",
2330 "0000000000000000000000000000000000000000000000000000000000000000",
2331 "ffffffff000000000000000000000000",
2332 "6a4981f2915e3e68af6c22385dd06756",
2334 "0000000000000000000000000000000000000000000000000000000000000000",
2335 "ffffffff800000000000000000000000",
2336 "42a1136e5f8d8d21d3101998642d573b",
2338 "0000000000000000000000000000000000000000000000000000000000000000",
2339 "ffffffffc00000000000000000000000",
2340 "9b471596dc69ae1586cee6158b0b0181",
2342 "0000000000000000000000000000000000000000000000000000000000000000",
2343 "ffffffffe00000000000000000000000",
2344 "753665c4af1eff33aa8b628bf8741cfd",
2346 "0000000000000000000000000000000000000000000000000000000000000000",
2347 "fffffffff00000000000000000000000",
2348 "9a682acf40be01f5b2a4193c9a82404d",
2350 "0000000000000000000000000000000000000000000000000000000000000000",
2351 "fffffffff80000000000000000000000",
2352 "54fafe26e4287f17d1935f87eb9ade01",
2354 "0000000000000000000000000000000000000000000000000000000000000000",
2355 "fffffffffc0000000000000000000000",
2356 "49d541b2e74cfe73e6a8e8225f7bd449",
2358 "0000000000000000000000000000000000000000000000000000000000000000",
2359 "fffffffffe0000000000000000000000",
2360 "11a45530f624ff6f76a1b3826626ff7b",
2362 "0000000000000000000000000000000000000000000000000000000000000000",
2363 "ffffffffff0000000000000000000000",
2364 "f96b0c4a8bc6c86130289f60b43b8fba",
2366 "0000000000000000000000000000000000000000000000000000000000000000",
2367 "ffffffffff8000000000000000000000",
2368 "48c7d0e80834ebdc35b6735f76b46c8b",
2370 "0000000000000000000000000000000000000000000000000000000000000000",
2371 "ffffffffffc000000000000000000000",
2372 "2463531ab54d66955e73edc4cb8eaa45",
2374 "0000000000000000000000000000000000000000000000000000000000000000",
2375 "ffffffffffe000000000000000000000",
2376 "ac9bd8e2530469134b9d5b065d4f565b",
2378 "0000000000000000000000000000000000000000000000000000000000000000",
2379 "fffffffffff000000000000000000000",
2380 "3f5f9106d0e52f973d4890e6f37e8a00",
2382 "0000000000000000000000000000000000000000000000000000000000000000",
2383 "fffffffffff800000000000000000000",
2384 "20ebc86f1304d272e2e207e59db639f0",
2386 "0000000000000000000000000000000000000000000000000000000000000000",
2387 "fffffffffffc00000000000000000000",
2388 "e67ae6426bf9526c972cff072b52252c",
2390 "0000000000000000000000000000000000000000000000000000000000000000",
2391 "fffffffffffe00000000000000000000",
2392 "1a518dddaf9efa0d002cc58d107edfc8",
2394 "0000000000000000000000000000000000000000000000000000000000000000",
2395 "ffffffffffff00000000000000000000",
2396 "ead731af4d3a2fe3b34bed047942a49f",
2398 "0000000000000000000000000000000000000000000000000000000000000000",
2399 "ffffffffffff80000000000000000000",
2400 "b1d4efe40242f83e93b6c8d7efb5eae9",
2402 "0000000000000000000000000000000000000000000000000000000000000000",
2403 "ffffffffffffc0000000000000000000",
2404 "cd2b1fec11fd906c5c7630099443610a",
2406 "0000000000000000000000000000000000000000000000000000000000000000",
2407 "ffffffffffffe0000000000000000000",
2408 "a1853fe47fe29289d153161d06387d21",
2410 "0000000000000000000000000000000000000000000000000000000000000000",
2411 "fffffffffffff0000000000000000000",
2412 "4632154179a555c17ea604d0889fab14",
2414 "0000000000000000000000000000000000000000000000000000000000000000",
2415 "fffffffffffff8000000000000000000",
2416 "dd27cac6401a022e8f38f9f93e774417",
2418 "0000000000000000000000000000000000000000000000000000000000000000",
2419 "fffffffffffffc000000000000000000",
2420 "c090313eb98674f35f3123385fb95d4d",
2422 "0000000000000000000000000000000000000000000000000000000000000000",
2423 "fffffffffffffe000000000000000000",
2424 "cc3526262b92f02edce548f716b9f45c",
2426 "0000000000000000000000000000000000000000000000000000000000000000",
2427 "ffffffffffffff000000000000000000",
2428 "c0838d1a2b16a7c7f0dfcc433c399c33",
2430 "0000000000000000000000000000000000000000000000000000000000000000",
2431 "ffffffffffffff800000000000000000",
2432 "0d9ac756eb297695eed4d382eb126d26",
2434 "0000000000000000000000000000000000000000000000000000000000000000",
2435 "ffffffffffffffc00000000000000000",
2436 "56ede9dda3f6f141bff1757fa689c3e1",
2438 "0000000000000000000000000000000000000000000000000000000000000000",
2439 "ffffffffffffffe00000000000000000",
2440 "768f520efe0f23e61d3ec8ad9ce91774",
2442 "0000000000000000000000000000000000000000000000000000000000000000",
2443 "fffffffffffffff00000000000000000",
2444 "b1144ddfa75755213390e7c596660490",
2446 "0000000000000000000000000000000000000000000000000000000000000000",
2447 "fffffffffffffff80000000000000000",
2448 "1d7c0c4040b355b9d107a99325e3b050",
2450 "0000000000000000000000000000000000000000000000000000000000000000",
2451 "fffffffffffffffc0000000000000000",
2452 "d8e2bb1ae8ee3dcf5bf7d6c38da82a1a",
2454 "0000000000000000000000000000000000000000000000000000000000000000",
2455 "fffffffffffffffe0000000000000000",
2456 "faf82d178af25a9886a47e7f789b98d7",
2458 "0000000000000000000000000000000000000000000000000000000000000000",
2459 "ffffffffffffffff0000000000000000",
2460 "9b58dbfd77fe5aca9cfc190cd1b82d19",
2462 "0000000000000000000000000000000000000000000000000000000000000000",
2463 "ffffffffffffffff8000000000000000",
2464 "77f392089042e478ac16c0c86a0b5db5",
2466 "0000000000000000000000000000000000000000000000000000000000000000",
2467 "ffffffffffffffffc000000000000000",
2468 "19f08e3420ee69b477ca1420281c4782",
2470 "0000000000000000000000000000000000000000000000000000000000000000",
2471 "ffffffffffffffffe000000000000000",
2472 "a1b19beee4e117139f74b3c53fdcb875",
2474 "0000000000000000000000000000000000000000000000000000000000000000",
2475 "fffffffffffffffff000000000000000",
2476 "a37a5869b218a9f3a0868d19aea0ad6a",
2478 "0000000000000000000000000000000000000000000000000000000000000000",
2479 "fffffffffffffffff800000000000000",
2480 "bc3594e865bcd0261b13202731f33580",
2482 "0000000000000000000000000000000000000000000000000000000000000000",
2483 "fffffffffffffffffc00000000000000",
2484 "811441ce1d309eee7185e8c752c07557",
2486 "0000000000000000000000000000000000000000000000000000000000000000",
2487 "fffffffffffffffffe00000000000000",
2488 "959971ce4134190563518e700b9874d1",
2490 "0000000000000000000000000000000000000000000000000000000000000000",
2491 "ffffffffffffffffff00000000000000",
2492 "76b5614a042707c98e2132e2e805fe63",
2494 "0000000000000000000000000000000000000000000000000000000000000000",
2495 "ffffffffffffffffff80000000000000",
2496 "7d9fa6a57530d0f036fec31c230b0cc6",
2498 "0000000000000000000000000000000000000000000000000000000000000000",
2499 "ffffffffffffffffffc0000000000000",
2500 "964153a83bf6989a4ba80daa91c3e081",
2502 "0000000000000000000000000000000000000000000000000000000000000000",
2503 "ffffffffffffffffffe0000000000000",
2504 "a013014d4ce8054cf2591d06f6f2f176",
2506 "0000000000000000000000000000000000000000000000000000000000000000",
2507 "fffffffffffffffffff0000000000000",
2508 "d1c5f6399bf382502e385eee1474a869",
2510 "0000000000000000000000000000000000000000000000000000000000000000",
2511 "fffffffffffffffffff8000000000000",
2512 "0007e20b8298ec354f0f5fe7470f36bd",
2514 "0000000000000000000000000000000000000000000000000000000000000000",
2515 "fffffffffffffffffffc000000000000",
2516 "b95ba05b332da61ef63a2b31fcad9879",
2518 "0000000000000000000000000000000000000000000000000000000000000000",
2519 "fffffffffffffffffffe000000000000",
2520 "4620a49bd967491561669ab25dce45f4",
2522 "0000000000000000000000000000000000000000000000000000000000000000",
2523 "ffffffffffffffffffff000000000000",
2524 "12e71214ae8e04f0bb63d7425c6f14d5",
2526 "0000000000000000000000000000000000000000000000000000000000000000",
2527 "ffffffffffffffffffff800000000000",
2528 "4cc42fc1407b008fe350907c092e80ac",
2530 "0000000000000000000000000000000000000000000000000000000000000000",
2531 "ffffffffffffffffffffc00000000000",
2532 "08b244ce7cbc8ee97fbba808cb146fda",
2534 "0000000000000000000000000000000000000000000000000000000000000000",
2535 "ffffffffffffffffffffe00000000000",
2536 "39b333e8694f21546ad1edd9d87ed95b",
2538 "0000000000000000000000000000000000000000000000000000000000000000",
2539 "fffffffffffffffffffff00000000000",
2540 "3b271f8ab2e6e4a20ba8090f43ba78f3",
2542 "0000000000000000000000000000000000000000000000000000000000000000",
2543 "fffffffffffffffffffff80000000000",
2544 "9ad983f3bf651cd0393f0a73cccdea50",
2546 "0000000000000000000000000000000000000000000000000000000000000000",
2547 "fffffffffffffffffffffc0000000000",
2548 "8f476cbff75c1f725ce18e4bbcd19b32",
2550 "0000000000000000000000000000000000000000000000000000000000000000",
2551 "fffffffffffffffffffffe0000000000",
2552 "905b6267f1d6ab5320835a133f096f2a",
2554 "0000000000000000000000000000000000000000000000000000000000000000",
2555 "ffffffffffffffffffffff0000000000",
2556 "145b60d6d0193c23f4221848a892d61a",
2558 "0000000000000000000000000000000000000000000000000000000000000000",
2559 "ffffffffffffffffffffff8000000000",
2560 "55cfb3fb6d75cad0445bbc8dafa25b0f",
2562 "0000000000000000000000000000000000000000000000000000000000000000",
2563 "ffffffffffffffffffffffc000000000",
2564 "7b8e7098e357ef71237d46d8b075b0f5",
2566 "0000000000000000000000000000000000000000000000000000000000000000",
2567 "ffffffffffffffffffffffe000000000",
2568 "2bf27229901eb40f2df9d8398d1505ae",
2570 "0000000000000000000000000000000000000000000000000000000000000000",
2571 "fffffffffffffffffffffff000000000",
2572 "83a63402a77f9ad5c1e931a931ecd706",
2574 "0000000000000000000000000000000000000000000000000000000000000000",
2575 "fffffffffffffffffffffff800000000",
2576 "6f8ba6521152d31f2bada1843e26b973",
2578 "0000000000000000000000000000000000000000000000000000000000000000",
2579 "fffffffffffffffffffffffc00000000",
2580 "e5c3b8e30fd2d8e6239b17b44bd23bbd",
2582 "0000000000000000000000000000000000000000000000000000000000000000",
2583 "fffffffffffffffffffffffe00000000",
2584 "1ac1f7102c59933e8b2ddc3f14e94baa",
2586 "0000000000000000000000000000000000000000000000000000000000000000",
2587 "ffffffffffffffffffffffff00000000",
2588 "21d9ba49f276b45f11af8fc71a088e3d",
2590 "0000000000000000000000000000000000000000000000000000000000000000",
2591 "ffffffffffffffffffffffff80000000",
2592 "649f1cddc3792b4638635a392bc9bade",
2594 "0000000000000000000000000000000000000000000000000000000000000000",
2595 "ffffffffffffffffffffffffc0000000",
2596 "e2775e4b59c1bc2e31a2078c11b5a08c",
2598 "0000000000000000000000000000000000000000000000000000000000000000",
2599 "ffffffffffffffffffffffffe0000000",
2600 "2be1fae5048a25582a679ca10905eb80",
2602 "0000000000000000000000000000000000000000000000000000000000000000",
2603 "fffffffffffffffffffffffff0000000",
2604 "da86f292c6f41ea34fb2068df75ecc29",
2606 "0000000000000000000000000000000000000000000000000000000000000000",
2607 "fffffffffffffffffffffffff8000000",
2608 "220df19f85d69b1b562fa69a3c5beca5",
2610 "0000000000000000000000000000000000000000000000000000000000000000",
2611 "fffffffffffffffffffffffffc000000",
2612 "1f11d5d0355e0b556ccdb6c7f5083b4d",
2614 "0000000000000000000000000000000000000000000000000000000000000000",
2615 "fffffffffffffffffffffffffe000000",
2616 "62526b78be79cb384633c91f83b4151b",
2618 "0000000000000000000000000000000000000000000000000000000000000000",
2619 "ffffffffffffffffffffffffff000000",
2620 "90ddbcb950843592dd47bbef00fdc876",
2622 "0000000000000000000000000000000000000000000000000000000000000000",
2623 "ffffffffffffffffffffffffff800000",
2624 "2fd0e41c5b8402277354a7391d2618e2",
2626 "0000000000000000000000000000000000000000000000000000000000000000",
2627 "ffffffffffffffffffffffffffc00000",
2628 "3cdf13e72dee4c581bafec70b85f9660",
2630 "0000000000000000000000000000000000000000000000000000000000000000",
2631 "ffffffffffffffffffffffffffe00000",
2632 "afa2ffc137577092e2b654fa199d2c43",
2634 "0000000000000000000000000000000000000000000000000000000000000000",
2635 "fffffffffffffffffffffffffff00000",
2636 "8d683ee63e60d208e343ce48dbc44cac",
2638 "0000000000000000000000000000000000000000000000000000000000000000",
2639 "fffffffffffffffffffffffffff80000",
2640 "705a4ef8ba2133729c20185c3d3a4763",
2642 "0000000000000000000000000000000000000000000000000000000000000000",
2643 "fffffffffffffffffffffffffffc0000",
2644 "0861a861c3db4e94194211b77ed761b9",
2646 "0000000000000000000000000000000000000000000000000000000000000000",
2647 "fffffffffffffffffffffffffffe0000",
2648 "4b00c27e8b26da7eab9d3a88dec8b031",
2650 "0000000000000000000000000000000000000000000000000000000000000000",
2651 "ffffffffffffffffffffffffffff0000",
2652 "5f397bf03084820cc8810d52e5b666e9",
2654 "0000000000000000000000000000000000000000000000000000000000000000",
2655 "ffffffffffffffffffffffffffff8000",
2656 "63fafabb72c07bfbd3ddc9b1203104b8",
2658 "0000000000000000000000000000000000000000000000000000000000000000",
2659 "ffffffffffffffffffffffffffffc000",
2660 "683e2140585b18452dd4ffbb93c95df9",
2662 "0000000000000000000000000000000000000000000000000000000000000000",
2663 "ffffffffffffffffffffffffffffe000",
2664 "286894e48e537f8763b56707d7d155c8",
2666 "0000000000000000000000000000000000000000000000000000000000000000",
2667 "fffffffffffffffffffffffffffff000",
2668 "a423deabc173dcf7e2c4c53e77d37cd1",
2670 "0000000000000000000000000000000000000000000000000000000000000000",
2671 "fffffffffffffffffffffffffffff800",
2672 "eb8168313e1cfdfdb5e986d5429cf172",
2674 "0000000000000000000000000000000000000000000000000000000000000000",
2675 "fffffffffffffffffffffffffffffc00",
2676 "27127daafc9accd2fb334ec3eba52323",
2678 "0000000000000000000000000000000000000000000000000000000000000000",
2679 "fffffffffffffffffffffffffffffe00",
2680 "ee0715b96f72e3f7a22a5064fc592f4c",
2682 "0000000000000000000000000000000000000000000000000000000000000000",
2683 "ffffffffffffffffffffffffffffff00",
2684 "29ee526770f2a11dcfa989d1ce88830f",
2686 "0000000000000000000000000000000000000000000000000000000000000000",
2687 "ffffffffffffffffffffffffffffff80",
2688 "0493370e054b09871130fe49af730a5a",
2690 "0000000000000000000000000000000000000000000000000000000000000000",
2691 "ffffffffffffffffffffffffffffffc0",
2692 "9b7b940f6c509f9e44a4ee140448ee46",
2694 "0000000000000000000000000000000000000000000000000000000000000000",
2695 "ffffffffffffffffffffffffffffffe0",
2696 "2915be4a1ecfdcbe3e023811a12bb6c7",
2698 "0000000000000000000000000000000000000000000000000000000000000000",
2699 "fffffffffffffffffffffffffffffff0",
2700 "7240e524bc51d8c4d440b1be55d1062c",
2702 "0000000000000000000000000000000000000000000000000000000000000000",
2703 "fffffffffffffffffffffffffffffff8",
2704 "da63039d38cb4612b2dc36ba26684b93",
2706 "0000000000000000000000000000000000000000000000000000000000000000",
2707 "fffffffffffffffffffffffffffffffc",
2708 "0f59cb5a4b522e2ac56c1a64f558ad9a",
2710 "0000000000000000000000000000000000000000000000000000000000000000",
2711 "fffffffffffffffffffffffffffffffe",
2712 "7bfe9d876c6d63c1d035da8fe21c409d",
2714 "0000000000000000000000000000000000000000000000000000000000000000",
2715 "ffffffffffffffffffffffffffffffff",
2716 "acdace8078a32b1a182bfa4987ca1347",
2725 * AES known-answer tests for CBC. Order: key, IV, plaintext, ciphertext.
2727 static const char *const KAT_AES_CBC
[] = {
2729 * From NIST validation suite "Multiblock Message Test"
2732 "1f8e4973953f3fb0bd6b16662e9a3c17",
2733 "2fe2b333ceda8f98f4a99b40d2cd34a8",
2734 "45cf12964fc824ab76616ae2f4bf0822",
2735 "0f61c4d44c5147c03c195ad7e2cc12b2",
2737 "0700d603a1c514e46b6191ba430a3a0c",
2738 "aad1583cd91365e3bb2f0c3430d065bb",
2739 "068b25c7bfb1f8bdd4cfc908f69dffc5ddc726a197f0e5f720f730393279be91",
2740 "c4dc61d9725967a3020104a9738f23868527ce839aab1752fd8bdb95a82c4d00",
2742 "3348aa51e9a45c2dbe33ccc47f96e8de",
2743 "19153c673160df2b1d38c28060e59b96",
2744 "9b7cee827a26575afdbb7c7a329f887238052e3601a7917456ba61251c214763d5e1847a6ad5d54127a399ab07ee3599",
2745 "d5aed6c9622ec451a15db12819952b6752501cf05cdbf8cda34a457726ded97818e1f127a28d72db5652749f0c6afee5",
2747 "b7f3c9576e12dd0db63e8f8fac2b9a39",
2748 "c80f095d8bb1a060699f7c19974a1aa0",
2749 "9ac19954ce1319b354d3220460f71c1e373f1cd336240881160cfde46ebfed2e791e8d5a1a136ebd1dc469dec00c4187722b841cdabcb22c1be8a14657da200e",
2750 "19b9609772c63f338608bf6eb52ca10be65097f89c1e0905c42401fd47791ae2c5440b2d473116ca78bd9ff2fb6015cfd316524eae7dcb95ae738ebeae84a467",
2752 "b6f9afbfe5a1562bba1368fc72ac9d9c",
2753 "3f9d5ebe250ee7ce384b0d00ee849322",
2754 "db397ec22718dbffb9c9d13de0efcd4611bf792be4fce0dc5f25d4f577ed8cdbd4eb9208d593dda3d4653954ab64f05676caa3ce9bfa795b08b67ceebc923fdc89a8c431188e9e482d8553982cf304d1",
2755 "10ea27b19e16b93af169c4a88e06e35c99d8b420980b058e34b4b8f132b13766f72728202b089f428fecdb41c79f8aa0d0ef68f5786481cca29e2126f69bc14160f1ae2187878ba5c49cf3961e1b7ee9",
2757 "bbe7b7ba07124ff1ae7c3416fe8b465e",
2758 "7f65b5ee3630bed6b84202d97fb97a1e",
2759 "2aad0c2c4306568bad7447460fd3dac054346d26feddbc9abd9110914011b4794be2a9a00a519a51a5b5124014f4ed2735480db21b434e99a911bb0b60fe0253763725b628d5739a5117b7ee3aefafc5b4c1bf446467e7bf5f78f31ff7caf187",
2760 "3b8611bfc4973c5cd8e982b073b33184cd26110159172e44988eb5ff5661a1e16fad67258fcbfee55469267a12dc374893b4e3533d36f5634c3095583596f135aa8cd1138dc898bc5651ee35a92ebf89ab6aeb5366653bc60a70e0074fc11efe",
2762 "89a553730433f7e6d67d16d373bd5360",
2763 "f724558db3433a523f4e51a5bea70497",
2764 "807bc4ea684eedcfdcca30180680b0f1ae2814f35f36d053c5aea6595a386c1442770f4d7297d8b91825ee7237241da8925dd594ccf676aecd46ca2068e8d37a3a0ec8a7d5185a201e663b5ff36ae197110188a23503763b8218826d23ced74b31e9f6e2d7fbfa6cb43420c7807a8625",
2765 "406af1429a478c3d07e555c5287a60500d37fc39b68e5bbb9bafd6ddb223828561d6171a308d5b1a4551e8a5e7d572918d25c968d3871848d2f16635caa9847f38590b1df58ab5efb985f2c66cfaf86f61b3f9c0afad6c963c49cee9b8bc81a2ddb06c967f325515a4849eec37ce721a",
2767 "c491ca31f91708458e29a925ec558d78",
2768 "9ef934946e5cd0ae97bd58532cb49381",
2769 "cb6a787e0dec56f9a165957f81af336ca6b40785d9e94093c6190e5152649f882e874d79ac5e167bd2a74ce5ae088d2ee854f6539e0a94796b1e1bd4c9fcdbc79acbef4d01eeb89776d18af71ae2a4fc47dd66df6c4dbe1d1850e466549a47b636bcc7c2b3a62495b56bb67b6d455f1eebd9bfefecbca6c7f335cfce9b45cb9d",
2770 "7b2931f5855f717145e00f152a9f4794359b1ffcb3e55f594e33098b51c23a6c74a06c1d94fded7fd2ae42c7db7acaef5844cb33aeddc6852585ed0020a6699d2cb53809cefd169148ce42292afab063443978306c582c18b9ce0da3d084ce4d3c482cfd8fcf1a85084e89fb88b40a084d5e972466d07666126fb761f84078f2",
2772 "f6e87d71b0104d6eb06a68dc6a71f498",
2773 "1c245f26195b76ebebc2edcac412a2f8",
2774 "f82bef3c73a6f7f80db285726d691db6bf55eec25a859d3ba0e0445f26b9bb3b16a3161ed1866e4dd8f2e5f8ecb4e46d74a7a78c20cdfc7bcc9e479ba7a0caba9438238ad0c01651d5d98de37f03ddce6e6b4bd4ab03cf9e8ed818aedfa1cf963b932067b97d776dce1087196e7e913f7448e38244509f0caf36bd8217e15336d35c149fd4e41707893fdb84014f8729",
2775 "b09512f3eff9ed0d85890983a73dadbb7c3678d52581be64a8a8fc586f490f2521297a478a0598040ebd0f5509fafb0969f9d9e600eaef33b1b93eed99687b167f89a5065aac439ce46f3b8d22d30865e64e45ef8cd30b6984353a844a11c8cd60dba0e8866b3ee30d24b3fa8a643b328353e06010fa8273c8fd54ef0a2b6930e5520aae5cd5902f9b86a33592ca4365",
2777 "2c14413751c31e2730570ba3361c786b",
2778 "1dbbeb2f19abb448af849796244a19d7",
2779 "40d930f9a05334d9816fe204999c3f82a03f6a0457a8c475c94553d1d116693adc618049f0a769a2eed6a6cb14c0143ec5cccdbc8dec4ce560cfd206225709326d4de7948e54d603d01b12d7fed752fb23f1aa4494fbb00130e9ded4e77e37c079042d828040c325b1a5efd15fc842e44014ca4374bf38f3c3fc3ee327733b0c8aee1abcd055772f18dc04603f7b2c1ea69ff662361f2be0a171bbdcea1e5d3f",
2780 "6be8a12800455a320538853e0cba31bd2d80ea0c85164a4c5c261ae485417d93effe2ebc0d0a0b51d6ea18633d210cf63c0c4ddbc27607f2e81ed9113191ef86d56f3b99be6c415a4150299fb846ce7160b40b63baf1179d19275a2e83698376d28b92548c68e06e6d994e2c1501ed297014e702cdefee2f656447706009614d801de1caaf73f8b7fa56cf1ba94b631933bbe577624380850f117435a0355b2b",
2783 * From NIST validation suite "Multiblock Message Test"
2786 "ba75f4d1d9d7cf7f551445d56cc1a8ab2a078e15e049dc2c",
2787 "531ce78176401666aa30db94ec4a30eb",
2788 "c51fc276774dad94bcdc1d2891ec8668",
2789 "70dd95a14ee975e239df36ff4aee1d5d",
2791 "eab3b19c581aa873e1981c83ab8d83bbf8025111fb2e6b21",
2792 "f3d6667e8d4d791e60f7505ba383eb05",
2793 "9d4e4cccd1682321856df069e3f1c6fa391a083a9fb02d59db74c14081b3acc4",
2794 "51d44779f90d40a80048276c035cb49ca2a47bcb9b9cf7270b9144793787d53f",
2796 "16c93bb398f1fc0cf6d68fc7a5673cdf431fa147852b4a2d",
2797 "eaaeca2e07ddedf562f94df63f0a650f",
2798 "c5ce958613bf741718c17444484ebaf1050ddcacb59b9590178cbe69d7ad7919608cb03af13bbe04f3506b718a301ea0",
2799 "ed6a50e0c6921d52d6647f75d67b4fd56ace1fedb8b5a6a997b4d131640547d22c5d884a75e6752b5846b5b33a5181f4",
2801 "067bb17b4df785697eaccf961f98e212cb75e6797ce935cb",
2802 "8b59c9209c529ca8391c9fc0ce033c38",
2803 "db3785a889b4bd387754da222f0e4c2d2bfe0d79e05bc910fba941beea30f1239eacf0068f4619ec01c368e986fca6b7c58e490579d29611bd10087986eff54f",
2804 "d5f5589760bf9c762228fde236de1fa2dd2dad448db3fa9be0c4196efd46a35c84dd1ac77d9db58c95918cb317a6430a08d2fb6a8e8b0f1c9b72c7a344dc349f",
2806 "0fd39de83e0be77a79c8a4a612e3dd9c8aae2ce35e7a2bf8",
2807 "7e1d629b84f93b079be51f9a5f5cb23c",
2808 "38fbda37e28fa86d9d83a4345e419dea95d28c7818ff25925db6ac3aedaf0a86154e20a4dfcc5b1b4192895393e5eb5846c88bdbd41ecf7af3104f410eaee470f5d9017ed460475f626953035a13db1f",
2809 "edadae2f9a45ff3473e02d904c94d94a30a4d92da4deb6bcb4b0774472694571842039f21c496ef93fd658842c735f8a81fcd0aa578442ab893b18f606aed1bab11f81452dd45e9b56adf2eccf4ea095",
2811 "e3fecc75f0075a09b383dfd389a3d33cc9b854b3b254c0f4",
2812 "36eab883afef936cc38f63284619cd19",
2813 "931b2f5f3a5820d53a6beaaa6431083a3488f4eb03b0f5b57ef838e1579623103bd6e6800377538b2e51ef708f3c4956432e8a8ee6a34e190642b26ad8bdae6c2af9a6c7996f3b6004d2671e41f1c9f40ee03d1c4a52b0a0654a331f15f34dce",
2814 "75395974bd32b3665654a6c8e396b88ae34b123575872a7ab687d8e76b46df911a8a590cd01d2f5c330be3a6626e9dd3aa5e10ed14e8ff829811b6fed50f3f533ca4385a1cbca78f5c4744e50f2f8359165c2485d1324e76c3eae76a0ccac629",
2816 "f9c27565eb07947c8cb51b79248430f7b1066c3d2fdc3d13",
2817 "2bd67cc89ab7948d644a49672843cbd9",
2818 "6abcc270173cf114d44847e911a050db57ba7a2e2c161c6f37ccb6aaa4677bddcaf50cad0b5f8758fcf7c0ebc650ceb5cd52cafb8f8dd3edcece55d9f1f08b9fa8f54365cf56e28b9596a7e1dd1d3418e4444a7724add4cf79d527b183ec88de4be4eeff29c80a97e54f85351cb189ee",
2819 "ca282924a61187feb40520979106e5cc861957f23828dcb7285e0eaac8a0ca2a6b60503d63d6039f4693dba32fa1f73ae2e709ca94911f28a5edd1f30eaddd54680c43acc9c74cd90d8bb648b4e544275f47e514daa20697f66c738eb30337f017fca1a26da4d1a0cc0a0e98e2463070",
2821 "fb09cf9e00dbf883689d079c920077c0073c31890b55bab5",
2822 "e3c89bd097c3abddf64f4881db6dbfe2",
2823 "c1a37683fb289467dd1b2c89efba16bbd2ee24cf18d19d44596ded2682c79a2f711c7a32bf6a24badd32a4ee637c73b7a41da6258635650f91fb9ffa45bdfc3cb122136241b3deced8996aa51ea8d3e81c9d70e006a44bc0571ed48623a0d622a93fa9da290baaedf5d9e876c94620945ff8ecc83f27379ed55cf490c5790f27",
2824 "8158e21420f25b59d6ae943fa1cbf21f02e979f419dab0126a721b7eef55bee9ad97f5ccff7d239057bbc19a8c378142f7672f1d5e7e17d7bebcb0070e8355cace6660171a53b61816ae824a6ef69ce470b6ffd3b5bb4b438874d91d27854d3b6f25860d3868958de3307d62b1339bdddb8a318c0ce0f33c17caf0e9f6040820",
2826 "bca6fa3c67fd294e958f66fe8bd64f45f428f5bc8e9733a7",
2827 "92a47f2833f1450d1da41717bdc6e83c",
2828 "5becbc31d8bead6d36ae014a5863d14a431e6b55d29ea6baaa417271716db3a33b2e506b452086dfe690834ac2de30bc41254ec5401ec47d064237c7792fdcd7914d8af20eb114756642d519021a8c75a92f6bc53d326ae9a5b7e1b10a9756574692934d9939fc399e0c203f7edf8e7e6482eadd31a0400770e897b48c6bca2b404593045080e93377358c42a0f4dede",
2829 "926db248cc1ba20f0c57631a7c8aef094f791937b905949e3460240e8bfa6fa483115a1b310b6e4369caebc5262888377b1ddaa5800ea496a2bdff0f9a1031e7129c9a20e35621e7f0b8baca0d87030f2ae7ca8593c8599677a06fd4b26009ead08fecac24caa9cf2cad3b470c8227415a7b1e0f2eab3fad96d70a209c8bb26c627677e2531b9435ca6e3c444d195b5f",
2831 "162ad50ee64a0702aa551f571dedc16b2c1b6a1e4d4b5eee",
2832 "24408038161a2ccae07b029bb66355c1",
2833 "be8abf00901363987a82cc77d0ec91697ba3857f9e4f84bd79406c138d02698f003276d0449120bef4578d78fecabe8e070e11710b3f0a2744bd52434ec70015884c181ebdfd51c604a71c52e4c0e110bc408cd462b248a80b8a8ac06bb952ac1d7faed144807f1a731b7febcaf7835762defe92eccfc7a9944e1c702cffe6bc86733ed321423121085ac02df8962bcbc1937092eebf0e90a8b20e3dd8c244ae",
2834 "c82cf2c476dea8cb6a6e607a40d2f0391be82ea9ec84a537a6820f9afb997b76397d005424faa6a74dc4e8c7aa4a8900690f894b6d1dca80675393d2243adac762f159301e357e98b724762310cd5a7bafe1c2a030dba46fd93a9fdb89cc132ca9c17dc72031ec6822ee5a9d99dbca66c784c01b0885cbb62e29d97801927ec415a5d215158d325f9ee689437ad1b7684ad33c0d92739451ac87f39ff8c31b84",
2837 * From NIST validation suite "Multiblock Message Test"
2840 "6ed76d2d97c69fd1339589523931f2a6cff554b15f738f21ec72dd97a7330907",
2841 "851e8764776e6796aab722dbb644ace8",
2842 "6282b8c05c5c1530b97d4816ca434762",
2843 "6acc04142e100a65f51b97adf5172c41",
2845 "dce26c6b4cfb286510da4eecd2cffe6cdf430f33db9b5f77b460679bd49d13ae",
2846 "fdeaa134c8d7379d457175fd1a57d3fc",
2847 "50e9eee1ac528009e8cbcd356975881f957254b13f91d7c6662d10312052eb00",
2848 "2fa0df722a9fd3b64cb18fb2b3db55ff2267422757289413f8f657507412a64c",
2850 "fe8901fecd3ccd2ec5fdc7c7a0b50519c245b42d611a5ef9e90268d59f3edf33",
2851 "bd416cb3b9892228d8f1df575692e4d0",
2852 "8d3aa196ec3d7c9b5bb122e7fe77fb1295a6da75abe5d3a510194d3a8a4157d5c89d40619716619859da3ec9b247ced9",
2853 "608e82c7ab04007adb22e389a44797fed7de090c8c03ca8a2c5acd9e84df37fbc58ce8edb293e98f02b640d6d1d72464",
2855 "0493ff637108af6a5b8e90ac1fdf035a3d4bafd1afb573be7ade9e8682e663e5",
2856 "c0cd2bebccbb6c49920bd5482ac756e8",
2857 "8b37f9148df4bb25956be6310c73c8dc58ea9714ff49b643107b34c9bff096a94fedd6823526abc27a8e0b16616eee254ab4567dd68e8ccd4c38ac563b13639c",
2858 "05d5c77729421b08b737e41119fa4438d1f570cc772a4d6c3df7ffeda0384ef84288ce37fc4c4c7d1125a499b051364c389fd639bdda647daa3bdadab2eb5594",
2860 "9adc8fbd506e032af7fa20cf5343719de6d1288c158c63d6878aaf64ce26ca85",
2861 "11958dc6ab81e1c7f01631e9944e620f",
2862 "c7917f84f747cd8c4b4fedc2219bdbc5f4d07588389d8248854cf2c2f89667a2d7bcf53e73d32684535f42318e24cd45793950b3825e5d5c5c8fcd3e5dda4ce9246d18337ef3052d8b21c5561c8b660e",
2863 "9c99e68236bb2e929db1089c7750f1b356d39ab9d0c40c3e2f05108ae9d0c30b04832ccdbdc08ebfa426b7f5efde986ed05784ce368193bb3699bc691065ac62e258b9aa4cc557e2b45b49ce05511e65",
2865 "73b8faf00b3302ac99855cf6f9e9e48518690a5906a4869d4dcf48d282faae2a",
2866 "b3cb97a80a539912b8c21f450d3b9395",
2867 "3adea6e06e42c4f041021491f2775ef6378cb08824165edc4f6448e232175b60d0345b9f9c78df6596ec9d22b7b9e76e8f3c76b32d5d67273f1d83fe7a6fc3dd3c49139170fa5701b3beac61b490f0a9e13f844640c4500f9ad3087adfb0ae10",
2868 "ac3d6dbafe2e0f740632fd9e820bf6044cd5b1551cbb9cc03c0b25c39ccb7f33b83aacfca40a3265f2bbff879153448acacb88fcfb3bb7b10fe463a68c0109f028382e3e557b1adf02ed648ab6bb895df0205d26ebbfa9a5fd8cebd8e4bee3dc",
2870 "9ddf3745896504ff360a51a3eb49c01b79fccebc71c3abcb94a949408b05b2c9",
2871 "e79026639d4aa230b5ccffb0b29d79bc",
2872 "cf52e5c3954c51b94c9e38acb8c9a7c76aebdaa9943eae0a1ce155a2efdb4d46985d935511471452d9ee64d2461cb2991d59fc0060697f9a671672163230f367fed1422316e52d29eceacb8768f56d9b80f6d278093c9a8acd3cfd7edd8ebd5c293859f64d2f8486ae1bd593c65bc014",
2873 "34df561bd2cfebbcb7af3b4b8d21ca5258312e7e2e4e538e35ad2490b6112f0d7f148f6aa8d522a7f3c61d785bd667db0e1dc4606c318ea4f26af4fe7d11d4dcff0456511b4aed1a0d91ba4a1fd6cd9029187bc5881a5a07fe02049d39368e83139b12825bae2c7be81e6f12c61bb5c5",
2875 "458b67bf212d20f3a57fce392065582dcefbf381aa22949f8338ab9052260e1d",
2876 "4c12effc5963d40459602675153e9649",
2877 "256fd73ce35ae3ea9c25dd2a9454493e96d8633fe633b56176dce8785ce5dbbb84dbf2c8a2eeb1e96b51899605e4f13bbc11b93bf6f39b3469be14858b5b720d4a522d36feed7a329c9b1e852c9280c47db8039c17c4921571a07d1864128330e09c308ddea1694e95c84500f1a61e614197e86a30ecc28df64ccb3ccf5437aa",
2878 "90b7b9630a2378f53f501ab7beff039155008071bc8438e789932cfd3eb1299195465e6633849463fdb44375278e2fdb1310821e6492cf80ff15cb772509fb426f3aeee27bd4938882fd2ae6b5bd9d91fa4a43b17bb439ebbe59c042310163a82a5fe5388796eee35a181a1271f00be29b852d8fa759bad01ff4678f010594cd",
2880 "d2412db0845d84e5732b8bbd642957473b81fb99ca8bff70e7920d16c1dbec89",
2881 "51c619fcf0b23f0c7925f400a6cacb6d",
2882 "026006c4a71a180c9929824d9d095b8faaa86fc4fa25ecac61d85ff6de92dfa8702688c02a282c1b8af4449707f22d75e91991015db22374c95f8f195d5bb0afeb03040ff8965e0e1339dba5653e174f8aa5a1b39fe3ac839ce307a4e44b4f8f1b0063f738ec18acdbff2ebfe07383e734558723e741f0a1836dafdf9de82210a9248bc113b3c1bc8b4e252ca01bd803",
2883 "0254b23463bcabec5a395eb74c8fb0eb137a07bc6f5e9f61ec0b057de305714f8fa294221c91a159c315939b81e300ee902192ec5f15254428d8772f79324ec43298ca21c00b370273ee5e5ed90e43efa1e05a5d171209fe34f9f29237dba2a6726650fd3b1321747d1208863c6c3c6b3e2d879ab5f25782f08ba8f2abbe63e0bedb4a227e81afb36bb6645508356d34",
2885 "48be597e632c16772324c8d3fa1d9c5a9ecd010f14ec5d110d3bfec376c5532b",
2886 "d6d581b8cf04ebd3b6eaa1b53f047ee1",
2887 "0c63d413d3864570e70bb6618bf8a4b9585586688c32bba0a5ecc1362fada74ada32c52acfd1aa7444ba567b4e7daaecf7cc1cb29182af164ae5232b002868695635599807a9a7f07a1f137e97b1e1c9dabc89b6a5e4afa9db5855edaa575056a8f4f8242216242bb0c256310d9d329826ac353d715fa39f80cec144d6424558f9f70b98c920096e0f2c855d594885a00625880e9dfb734163cecef72cf030b8",
2888 "fc5873e50de8faf4c6b84ba707b0854e9db9ab2e9f7d707fbba338c6843a18fc6facebaf663d26296fb329b4d26f18494c79e09e779647f9bafa87489630d79f4301610c2300c19dbf3148b7cac8c4f4944102754f332e92b6f7c5e75bc6179eb877a078d4719009021744c14f13fd2a55a2b9c44d18000685a845a4f632c7c56a77306efa66a24d05d088dcd7c13fe24fc447275965db9e4d37fbc9304448cd",
2891 * End-of-table marker.
2897 * AES known-answer tests for CTR. Order: key, IV, plaintext, ciphertext.
2899 static const char *const KAT_AES_CTR
[] = {
2903 "ae6852f8121067cc4bf7a5765577f39e",
2904 "000000300000000000000000",
2905 "53696e676c6520626c6f636b206d7367",
2906 "e4095d4fb7a7b3792d6175a3261311b8",
2908 "7e24067817fae0d743d6ce1f32539163",
2909 "006cb6dbc0543b59da48d90b",
2910 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2911 "5104a106168a72d9790d41ee8edad388eb2e1efc46da57c8fce630df9141be28",
2913 "7691be035e5020a8ac6e618529f9a0dc",
2914 "00e0017b27777f3f4a1786f0",
2915 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2916 "c1cf48a89f2ffdd9cf4652e9efdb72d74540a42bde6d7836d59a5ceaaef3105325b2072f",
2918 "16af5b145fc9f579c175f93e3bfb0eed863d06ccfdb78515",
2919 "0000004836733c147d6d93cb",
2920 "53696e676c6520626c6f636b206d7367",
2921 "4b55384fe259c9c84e7935a003cbe928",
2923 "7c5cb2401b3dc33c19e7340819e0f69c678c3db8e6f6a91a",
2924 "0096b03b020c6eadc2cb500d",
2925 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2926 "453243fc609b23327edfaafa7131cd9f8490701c5ad4a79cfc1fe0ff42f4fb00",
2928 "02bf391ee8ecb159b959617b0965279bf59b60a786d3e0fe",
2929 "0007bdfd5cbd60278dcc0912",
2930 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2931 "96893fc55e5c722f540b7dd1ddf7e758d288bc95c69165884536c811662f2188abee0935",
2933 "776beff2851db06f4c8a0542c8696f6c6a81af1eec96b4d37fc1d689e6c1c104",
2934 "00000060db5672c97aa8f0b2",
2935 "53696e676c6520626c6f636b206d7367",
2936 "145ad01dbf824ec7560863dc71e3e0c0",
2938 "f6d66d6bd52d59bb0796365879eff886c66dd51a5b6a99744b50590c87a23884",
2939 "00faac24c1585ef15a43d875",
2940 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2941 "f05e231b3894612c49ee000b804eb2a9b8306b508f839d6a5530831d9344af1c",
2943 "ff7a617ce69148e4f1726e2f43581de2aa62d9f805532edff1eed687fb54153d",
2944 "001cc5b751a51d70a1c11148",
2945 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2946 "eb6c52821d0bbbf7ce7594462aca4faab407df866569fd07f48cc0b583d6071f1ec0e6b8",
2949 * End-of-table marker.
2955 monte_carlo_AES_encrypt(const br_block_cbcenc_class
*ve
,
2956 char *skey
, char *splain
, char *scipher
)
2958 unsigned char key
[32];
2959 unsigned char buf
[16];
2960 unsigned char pbuf
[16];
2961 unsigned char cipher
[16];
2964 br_aes_gen_cbcenc_keys v_ec
;
2965 const br_block_cbcenc_class
**ec
;
2968 key_len
= hextobin(key
, skey
);
2969 hextobin(buf
, splain
);
2970 hextobin(cipher
, scipher
);
2971 for (i
= 0; i
< 100; i
++) {
2972 ve
->init(ec
, key
, key_len
);
2973 for (j
= 0; j
< 1000; j
++) {
2974 unsigned char iv
[16];
2976 memcpy(pbuf
, buf
, sizeof buf
);
2977 memset(iv
, 0, sizeof iv
);
2978 ve
->run(ec
, iv
, buf
, sizeof buf
);
2982 for (k
= 0; k
< 16; k
++) {
2987 for (k
= 0; k
< 8; k
++) {
2988 key
[k
] ^= pbuf
[8 + k
];
2990 for (k
= 0; k
< 16; k
++) {
2991 key
[8 + k
] ^= buf
[k
];
2995 for (k
= 0; k
< 16; k
++) {
2997 key
[16 + k
] ^= buf
[k
];
3006 check_equals("MC AES encrypt", buf
, cipher
, sizeof buf
);
3010 monte_carlo_AES_decrypt(const br_block_cbcdec_class
*vd
,
3011 char *skey
, char *scipher
, char *splain
)
3013 unsigned char key
[32];
3014 unsigned char buf
[16];
3015 unsigned char pbuf
[16];
3016 unsigned char plain
[16];
3019 br_aes_gen_cbcdec_keys v_dc
;
3020 const br_block_cbcdec_class
**dc
;
3023 key_len
= hextobin(key
, skey
);
3024 hextobin(buf
, scipher
);
3025 hextobin(plain
, splain
);
3026 for (i
= 0; i
< 100; i
++) {
3027 vd
->init(dc
, key
, key_len
);
3028 for (j
= 0; j
< 1000; j
++) {
3029 unsigned char iv
[16];
3031 memcpy(pbuf
, buf
, sizeof buf
);
3032 memset(iv
, 0, sizeof iv
);
3033 vd
->run(dc
, iv
, buf
, sizeof buf
);
3037 for (k
= 0; k
< 16; k
++) {
3042 for (k
= 0; k
< 8; k
++) {
3043 key
[k
] ^= pbuf
[8 + k
];
3045 for (k
= 0; k
< 16; k
++) {
3046 key
[8 + k
] ^= buf
[k
];
3050 for (k
= 0; k
< 16; k
++) {
3052 key
[16 + k
] ^= buf
[k
];
3061 check_equals("MC AES decrypt", buf
, plain
, sizeof buf
);
3065 test_AES_generic(char *name
,
3066 const br_block_cbcenc_class
*ve
,
3067 const br_block_cbcdec_class
*vd
,
3068 const br_block_ctr_class
*vc
,
3069 int with_MC
, int with_CBC
)
3073 printf("Test %s: ", name
);
3076 if (ve
->block_size
!= 16 || vd
->block_size
!= 16
3077 || ve
->log_block_size
!= 4 || vd
->log_block_size
!= 4)
3079 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3083 for (u
= 0; KAT_AES
[u
]; u
+= 3) {
3084 unsigned char key
[32];
3085 unsigned char plain
[16];
3086 unsigned char cipher
[16];
3087 unsigned char buf
[16];
3088 unsigned char iv
[16];
3090 br_aes_gen_cbcenc_keys v_ec
;
3091 br_aes_gen_cbcdec_keys v_dc
;
3092 const br_block_cbcenc_class
**ec
;
3093 const br_block_cbcdec_class
**dc
;
3097 key_len
= hextobin(key
, KAT_AES
[u
]);
3098 hextobin(plain
, KAT_AES
[u
+ 1]);
3099 hextobin(cipher
, KAT_AES
[u
+ 2]);
3100 ve
->init(ec
, key
, key_len
);
3101 memcpy(buf
, plain
, sizeof plain
);
3102 memset(iv
, 0, sizeof iv
);
3103 ve
->run(ec
, iv
, buf
, sizeof buf
);
3104 check_equals("KAT AES encrypt", buf
, cipher
, sizeof cipher
);
3105 vd
->init(dc
, key
, key_len
);
3106 memset(iv
, 0, sizeof iv
);
3107 vd
->run(dc
, iv
, buf
, sizeof buf
);
3108 check_equals("KAT AES decrypt", buf
, plain
, sizeof plain
);
3112 for (u
= 0; KAT_AES_CBC
[u
]; u
+= 4) {
3113 unsigned char key
[32];
3114 unsigned char ivref
[16];
3115 unsigned char plain
[200];
3116 unsigned char cipher
[200];
3117 unsigned char buf
[200];
3118 unsigned char iv
[16];
3119 size_t key_len
, data_len
, v
;
3120 br_aes_gen_cbcenc_keys v_ec
;
3121 br_aes_gen_cbcdec_keys v_dc
;
3122 const br_block_cbcenc_class
**ec
;
3123 const br_block_cbcdec_class
**dc
;
3127 key_len
= hextobin(key
, KAT_AES_CBC
[u
]);
3128 hextobin(ivref
, KAT_AES_CBC
[u
+ 1]);
3129 data_len
= hextobin(plain
, KAT_AES_CBC
[u
+ 2]);
3130 hextobin(cipher
, KAT_AES_CBC
[u
+ 3]);
3131 ve
->init(ec
, key
, key_len
);
3133 memcpy(buf
, plain
, data_len
);
3134 memcpy(iv
, ivref
, 16);
3135 ve
->run(ec
, iv
, buf
, data_len
);
3136 check_equals("KAT CBC AES encrypt",
3137 buf
, cipher
, data_len
);
3138 vd
->init(dc
, key
, key_len
);
3139 memcpy(iv
, ivref
, 16);
3140 vd
->run(dc
, iv
, buf
, data_len
);
3141 check_equals("KAT CBC AES decrypt",
3142 buf
, plain
, data_len
);
3144 memcpy(buf
, plain
, data_len
);
3145 memcpy(iv
, ivref
, 16);
3146 for (v
= 0; v
< data_len
; v
+= 16) {
3147 ve
->run(ec
, iv
, buf
+ v
, 16);
3149 check_equals("KAT CBC AES encrypt (2)",
3150 buf
, cipher
, data_len
);
3151 memcpy(iv
, ivref
, 16);
3152 for (v
= 0; v
< data_len
; v
+= 16) {
3153 vd
->run(dc
, iv
, buf
+ v
, 16);
3155 check_equals("KAT CBC AES decrypt (2)",
3156 buf
, plain
, data_len
);
3160 * We want to check proper IV management for CBC:
3161 * encryption and decryption must properly copy the _last_
3162 * encrypted block as new IV, for all sizes.
3164 for (u
= 1; u
<= 35; u
++) {
3165 br_hmac_drbg_context rng
;
3167 size_t key_len
, data_len
;
3170 br_hmac_drbg_init(&rng
, &br_sha256_vtable
,
3171 "seed for AES/CBC", 16);
3173 br_hmac_drbg_update(&rng
, &x
, 1);
3175 for (key_len
= 16; key_len
<= 32; key_len
+= 16) {
3176 unsigned char key
[32];
3177 unsigned char iv
[16], iv1
[16], iv2
[16];
3178 unsigned char plain
[35 * 16];
3179 unsigned char tmp1
[sizeof plain
];
3180 unsigned char tmp2
[sizeof plain
];
3181 br_aes_gen_cbcenc_keys v_ec
;
3182 br_aes_gen_cbcdec_keys v_dc
;
3183 const br_block_cbcenc_class
**ec
;
3184 const br_block_cbcdec_class
**dc
;
3186 br_hmac_drbg_generate(&rng
, key
, key_len
);
3187 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
3188 br_hmac_drbg_generate(&rng
, plain
, data_len
);
3191 ve
->init(ec
, key
, key_len
);
3192 memcpy(iv1
, iv
, sizeof iv
);
3193 memcpy(tmp1
, plain
, data_len
);
3194 ve
->run(ec
, iv1
, tmp1
, data_len
);
3195 check_equals("IV CBC AES (1)",
3196 tmp1
+ data_len
- 16, iv1
, 16);
3197 memcpy(iv2
, iv
, sizeof iv
);
3198 memcpy(tmp2
, plain
, data_len
);
3199 for (v
= 0; v
< data_len
; v
+= 16) {
3200 ve
->run(ec
, iv2
, tmp2
+ v
, 16);
3202 check_equals("IV CBC AES (2)",
3203 tmp2
+ data_len
- 16, iv2
, 16);
3204 check_equals("IV CBC AES (3)",
3205 tmp1
, tmp2
, data_len
);
3208 vd
->init(dc
, key
, key_len
);
3209 memcpy(iv1
, iv
, sizeof iv
);
3210 vd
->run(dc
, iv1
, tmp1
, data_len
);
3211 check_equals("IV CBC AES (4)", iv1
, iv2
, 16);
3212 check_equals("IV CBC AES (5)",
3213 tmp1
, plain
, data_len
);
3214 memcpy(iv2
, iv
, sizeof iv
);
3215 for (v
= 0; v
< data_len
; v
+= 16) {
3216 vd
->run(dc
, iv2
, tmp2
+ v
, 16);
3218 check_equals("IV CBC AES (6)", iv1
, iv2
, 16);
3219 check_equals("IV CBC AES (7)",
3220 tmp2
, plain
, data_len
);
3226 if (vc
->block_size
!= 16 || vc
->log_block_size
!= 4) {
3227 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3230 for (u
= 0; KAT_AES_CTR
[u
]; u
+= 4) {
3231 unsigned char key
[32];
3232 unsigned char iv
[12];
3233 unsigned char plain
[200];
3234 unsigned char cipher
[200];
3235 unsigned char buf
[200];
3236 size_t key_len
, data_len
, v
;
3238 br_aes_gen_ctr_keys v_xc
;
3239 const br_block_ctr_class
**xc
;
3242 key_len
= hextobin(key
, KAT_AES_CTR
[u
]);
3243 hextobin(iv
, KAT_AES_CTR
[u
+ 1]);
3244 data_len
= hextobin(plain
, KAT_AES_CTR
[u
+ 2]);
3245 hextobin(cipher
, KAT_AES_CTR
[u
+ 3]);
3246 vc
->init(xc
, key
, key_len
);
3247 memcpy(buf
, plain
, data_len
);
3248 vc
->run(xc
, iv
, 1, buf
, data_len
);
3249 check_equals("KAT CTR AES (1)", buf
, cipher
, data_len
);
3250 vc
->run(xc
, iv
, 1, buf
, data_len
);
3251 check_equals("KAT CTR AES (2)", buf
, plain
, data_len
);
3253 memcpy(buf
, plain
, data_len
);
3255 for (v
= 0; v
< data_len
; v
+= 32) {
3258 clen
= data_len
- v
;
3262 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3264 check_equals("KAT CTR AES (3)", buf
, cipher
, data_len
);
3266 memcpy(buf
, plain
, data_len
);
3268 for (v
= 0; v
< data_len
; v
+= 16) {
3271 clen
= data_len
- v
;
3275 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3277 check_equals("KAT CTR AES (4)", buf
, cipher
, data_len
);
3282 monte_carlo_AES_encrypt(
3284 "139a35422f1d61de3c91787fe0507afd",
3285 "b9145a768b7dc489a096b546f43b231f",
3286 "fb2649694783b551eacd9d5db6126d47");
3287 monte_carlo_AES_decrypt(
3289 "0c60e7bf20ada9baa9e1ddf0d1540726",
3290 "b08a29b11a500ea3aca42c36675b9785",
3291 "d1d2bfdc58ffcad2341b095bce55221e");
3293 monte_carlo_AES_encrypt(
3295 "b9a63e09e1dfc42e93a90d9bad739e5967aef672eedd5da9",
3296 "85a1f7a58167b389cddc8a9ff175ee26",
3297 "5d1196da8f184975e240949a25104554");
3298 monte_carlo_AES_decrypt(
3300 "4b97585701c03fbebdfa8555024f589f1482c58a00fdd9fd",
3301 "d0bd0e02ded155e4516be83f42d347a4",
3302 "b63ef1b79507a62eba3dafcec54a6328");
3304 monte_carlo_AES_encrypt(
3306 "f9e8389f5b80712e3886cc1fa2d28a3b8c9cd88a2d4a54c6aa86ce0fef944be0",
3307 "b379777f9050e2a818f2940cbbd9aba4",
3308 "c5d2cb3d5b7ff0e23e308967ee074825");
3309 monte_carlo_AES_decrypt(
3311 "2b09ba39b834062b9e93f48373b8dd018dedf1e5ba1b8af831ebbacbc92a2643",
3312 "89649bd0115f30bd878567610223a59d",
3313 "e3d3868f578caf34e36445bf14cefc68");
3323 test_AES_generic("AES_big",
3324 &br_aes_big_cbcenc_vtable
,
3325 &br_aes_big_cbcdec_vtable
,
3326 &br_aes_big_ctr_vtable
,
3331 test_AES_small(void)
3333 test_AES_generic("AES_small",
3334 &br_aes_small_cbcenc_vtable
,
3335 &br_aes_small_cbcdec_vtable
,
3336 &br_aes_small_ctr_vtable
,
3343 test_AES_generic("AES_ct",
3344 &br_aes_ct_cbcenc_vtable
,
3345 &br_aes_ct_cbcdec_vtable
,
3346 &br_aes_ct_ctr_vtable
,
3353 test_AES_generic("AES_ct64",
3354 &br_aes_ct64_cbcenc_vtable
,
3355 &br_aes_ct64_cbcdec_vtable
,
3356 &br_aes_ct64_ctr_vtable
,
3361 test_AES_x86ni(void)
3363 const br_block_cbcenc_class
*x_cbcenc
;
3364 const br_block_cbcdec_class
*x_cbcdec
;
3365 const br_block_ctr_class
*x_ctr
;
3366 int hcbcenc
, hcbcdec
, hctr
;
3368 x_cbcenc
= br_aes_x86ni_cbcenc_get_vtable();
3369 x_cbcdec
= br_aes_x86ni_cbcdec_get_vtable();
3370 x_ctr
= br_aes_x86ni_ctr_get_vtable();
3371 hcbcenc
= (x_cbcenc
!= NULL
);
3372 hcbcdec
= (x_cbcdec
!= NULL
);
3373 hctr
= (x_ctr
!= NULL
);
3374 if (hcbcenc
!= hctr
|| hcbcdec
!= hctr
) {
3375 fprintf(stderr
, "AES_x86ni availability mismatch (%d/%d/%d)\n",
3376 hcbcenc
, hcbcdec
, hctr
);
3380 test_AES_generic("AES_x86ni",
3381 x_cbcenc
, x_cbcdec
, x_ctr
, 1, 1);
3383 printf("Test AES_x86ni: UNAVAILABLE\n");
3390 const br_block_cbcenc_class
*x_cbcenc
;
3391 const br_block_cbcdec_class
*x_cbcdec
;
3392 const br_block_ctr_class
*x_ctr
;
3393 int hcbcenc
, hcbcdec
, hctr
;
3395 x_cbcenc
= br_aes_pwr8_cbcenc_get_vtable();
3396 x_cbcdec
= br_aes_pwr8_cbcdec_get_vtable();
3397 x_ctr
= br_aes_pwr8_ctr_get_vtable();
3398 hcbcenc
= (x_cbcenc
!= NULL
);
3399 hcbcdec
= (x_cbcdec
!= NULL
);
3400 hctr
= (x_ctr
!= NULL
);
3401 if (hcbcenc
!= hctr
|| hcbcdec
!= hctr
) {
3402 fprintf(stderr
, "AES_pwr8 availability mismatch (%d/%d/%d)\n",
3403 hcbcenc
, hcbcdec
, hctr
);
3407 test_AES_generic("AES_pwr8",
3408 x_cbcenc
, x_cbcdec
, x_ctr
, 1, 1);
3410 printf("Test AES_pwr8: UNAVAILABLE\n");
3415 * DES known-answer tests. Order: plaintext, key, ciphertext.
3416 * (mostly from NIST SP 800-20).
3418 static const char *const KAT_DES
[] = {
3419 "10316E028C8F3B4A", "0000000000000000", "82DCBAFBDEAB6602",
3420 "8000000000000000", "0000000000000000", "95A8D72813DAA94D",
3421 "4000000000000000", "0000000000000000", "0EEC1487DD8C26D5",
3422 "2000000000000000", "0000000000000000", "7AD16FFB79C45926",
3423 "1000000000000000", "0000000000000000", "D3746294CA6A6CF3",
3424 "0800000000000000", "0000000000000000", "809F5F873C1FD761",
3425 "0400000000000000", "0000000000000000", "C02FAFFEC989D1FC",
3426 "0200000000000000", "0000000000000000", "4615AA1D33E72F10",
3427 "0100000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3428 "0080000000000000", "0000000000000000", "2055123350C00858",
3429 "0040000000000000", "0000000000000000", "DF3B99D6577397C8",
3430 "0020000000000000", "0000000000000000", "31FE17369B5288C9",
3431 "0010000000000000", "0000000000000000", "DFDD3CC64DAE1642",
3432 "0008000000000000", "0000000000000000", "178C83CE2B399D94",
3433 "0004000000000000", "0000000000000000", "50F636324A9B7F80",
3434 "0002000000000000", "0000000000000000", "A8468EE3BC18F06D",
3435 "0001000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3436 "0000800000000000", "0000000000000000", "A2DC9E92FD3CDE92",
3437 "0000400000000000", "0000000000000000", "CAC09F797D031287",
3438 "0000200000000000", "0000000000000000", "90BA680B22AEB525",
3439 "0000100000000000", "0000000000000000", "CE7A24F350E280B6",
3440 "0000080000000000", "0000000000000000", "882BFF0AA01A0B87",
3441 "0000040000000000", "0000000000000000", "25610288924511C2",
3442 "0000020000000000", "0000000000000000", "C71516C29C75D170",
3443 "0000010000000000", "0000000000000000", "8CA64DE9C1B123A7",
3444 "0000008000000000", "0000000000000000", "5199C29A52C9F059",
3445 "0000004000000000", "0000000000000000", "C22F0A294A71F29F",
3446 "0000002000000000", "0000000000000000", "EE371483714C02EA",
3447 "0000001000000000", "0000000000000000", "A81FBD448F9E522F",
3448 "0000000800000000", "0000000000000000", "4F644C92E192DFED",
3449 "0000000400000000", "0000000000000000", "1AFA9A66A6DF92AE",
3450 "0000000200000000", "0000000000000000", "B3C1CC715CB879D8",
3451 "0000000100000000", "0000000000000000", "8CA64DE9C1B123A7",
3452 "0000000080000000", "0000000000000000", "19D032E64AB0BD8B",
3453 "0000000040000000", "0000000000000000", "3CFAA7A7DC8720DC",
3454 "0000000020000000", "0000000000000000", "B7265F7F447AC6F3",
3455 "0000000010000000", "0000000000000000", "9DB73B3C0D163F54",
3456 "0000000008000000", "0000000000000000", "8181B65BABF4A975",
3457 "0000000004000000", "0000000000000000", "93C9B64042EAA240",
3458 "0000000002000000", "0000000000000000", "5570530829705592",
3459 "0000000001000000", "0000000000000000", "8CA64DE9C1B123A7",
3460 "0000000000800000", "0000000000000000", "8638809E878787A0",
3461 "0000000000400000", "0000000000000000", "41B9A79AF79AC208",
3462 "0000000000200000", "0000000000000000", "7A9BE42F2009A892",
3463 "0000000000100000", "0000000000000000", "29038D56BA6D2745",
3464 "0000000000080000", "0000000000000000", "5495C6ABF1E5DF51",
3465 "0000000000040000", "0000000000000000", "AE13DBD561488933",
3466 "0000000000020000", "0000000000000000", "024D1FFA8904E389",
3467 "0000000000010000", "0000000000000000", "8CA64DE9C1B123A7",
3468 "0000000000008000", "0000000000000000", "D1399712F99BF02E",
3469 "0000000000004000", "0000000000000000", "14C1D7C1CFFEC79E",
3470 "0000000000002000", "0000000000000000", "1DE5279DAE3BED6F",
3471 "0000000000001000", "0000000000000000", "E941A33F85501303",
3472 "0000000000000800", "0000000000000000", "DA99DBBC9A03F379",
3473 "0000000000000400", "0000000000000000", "B7FC92F91D8E92E9",
3474 "0000000000000200", "0000000000000000", "AE8E5CAA3CA04E85",
3475 "0000000000000100", "0000000000000000", "8CA64DE9C1B123A7",
3476 "0000000000000080", "0000000000000000", "9CC62DF43B6EED74",
3477 "0000000000000040", "0000000000000000", "D863DBB5C59A91A0",
3478 "0000000000000020", "0000000000000000", "A1AB2190545B91D7",
3479 "0000000000000010", "0000000000000000", "0875041E64C570F7",
3480 "0000000000000008", "0000000000000000", "5A594528BEBEF1CC",
3481 "0000000000000004", "0000000000000000", "FCDB3291DE21F0C0",
3482 "0000000000000002", "0000000000000000", "869EFD7F9F265A09",
3483 "0000000000000001", "0000000000000000", "8CA64DE9C1B123A7",
3484 "0000000000000000", "8000000000000000", "95F8A5E5DD31D900",
3485 "0000000000000000", "4000000000000000", "DD7F121CA5015619",
3486 "0000000000000000", "2000000000000000", "2E8653104F3834EA",
3487 "0000000000000000", "1000000000000000", "4BD388FF6CD81D4F",
3488 "0000000000000000", "0800000000000000", "20B9E767B2FB1456",
3489 "0000000000000000", "0400000000000000", "55579380D77138EF",
3490 "0000000000000000", "0200000000000000", "6CC5DEFAAF04512F",
3491 "0000000000000000", "0100000000000000", "0D9F279BA5D87260",
3492 "0000000000000000", "0080000000000000", "D9031B0271BD5A0A",
3493 "0000000000000000", "0040000000000000", "424250B37C3DD951",
3494 "0000000000000000", "0020000000000000", "B8061B7ECD9A21E5",
3495 "0000000000000000", "0010000000000000", "F15D0F286B65BD28",
3496 "0000000000000000", "0008000000000000", "ADD0CC8D6E5DEBA1",
3497 "0000000000000000", "0004000000000000", "E6D5F82752AD63D1",
3498 "0000000000000000", "0002000000000000", "ECBFE3BD3F591A5E",
3499 "0000000000000000", "0001000000000000", "F356834379D165CD",
3500 "0000000000000000", "0000800000000000", "2B9F982F20037FA9",
3501 "0000000000000000", "0000400000000000", "889DE068A16F0BE6",
3502 "0000000000000000", "0000200000000000", "E19E275D846A1298",
3503 "0000000000000000", "0000100000000000", "329A8ED523D71AEC",
3504 "0000000000000000", "0000080000000000", "E7FCE22557D23C97",
3505 "0000000000000000", "0000040000000000", "12A9F5817FF2D65D",
3506 "0000000000000000", "0000020000000000", "A484C3AD38DC9C19",
3507 "0000000000000000", "0000010000000000", "FBE00A8A1EF8AD72",
3508 "0000000000000000", "0000008000000000", "750D079407521363",
3509 "0000000000000000", "0000004000000000", "64FEED9C724C2FAF",
3510 "0000000000000000", "0000002000000000", "F02B263B328E2B60",
3511 "0000000000000000", "0000001000000000", "9D64555A9A10B852",
3512 "0000000000000000", "0000000800000000", "D106FF0BED5255D7",
3513 "0000000000000000", "0000000400000000", "E1652C6B138C64A5",
3514 "0000000000000000", "0000000200000000", "E428581186EC8F46",
3515 "0000000000000000", "0000000100000000", "AEB5F5EDE22D1A36",
3516 "0000000000000000", "0000000080000000", "E943D7568AEC0C5C",
3517 "0000000000000000", "0000000040000000", "DF98C8276F54B04B",
3518 "0000000000000000", "0000000020000000", "B160E4680F6C696F",
3519 "0000000000000000", "0000000010000000", "FA0752B07D9C4AB8",
3520 "0000000000000000", "0000000008000000", "CA3A2B036DBC8502",
3521 "0000000000000000", "0000000004000000", "5E0905517BB59BCF",
3522 "0000000000000000", "0000000002000000", "814EEB3B91D90726",
3523 "0000000000000000", "0000000001000000", "4D49DB1532919C9F",
3524 "0000000000000000", "0000000000800000", "25EB5FC3F8CF0621",
3525 "0000000000000000", "0000000000400000", "AB6A20C0620D1C6F",
3526 "0000000000000000", "0000000000200000", "79E90DBC98F92CCA",
3527 "0000000000000000", "0000000000100000", "866ECEDD8072BB0E",
3528 "0000000000000000", "0000000000080000", "8B54536F2F3E64A8",
3529 "0000000000000000", "0000000000040000", "EA51D3975595B86B",
3530 "0000000000000000", "0000000000020000", "CAFFC6AC4542DE31",
3531 "0000000000000000", "0000000000010000", "8DD45A2DDF90796C",
3532 "0000000000000000", "0000000000008000", "1029D55E880EC2D0",
3533 "0000000000000000", "0000000000004000", "5D86CB23639DBEA9",
3534 "0000000000000000", "0000000000002000", "1D1CA853AE7C0C5F",
3535 "0000000000000000", "0000000000001000", "CE332329248F3228",
3536 "0000000000000000", "0000000000000800", "8405D1ABE24FB942",
3537 "0000000000000000", "0000000000000400", "E643D78090CA4207",
3538 "0000000000000000", "0000000000000200", "48221B9937748A23",
3539 "0000000000000000", "0000000000000100", "DD7C0BBD61FAFD54",
3540 "0000000000000000", "0000000000000080", "2FBC291A570DB5C4",
3541 "0000000000000000", "0000000000000040", "E07C30D7E4E26E12",
3542 "0000000000000000", "0000000000000020", "0953E2258E8E90A1",
3543 "0000000000000000", "0000000000000010", "5B711BC4CEEBF2EE",
3544 "0000000000000000", "0000000000000008", "CC083F1E6D9E85F6",
3545 "0000000000000000", "0000000000000004", "D2FD8867D50D2DFE",
3546 "0000000000000000", "0000000000000002", "06E7EA22CE92708F",
3547 "0000000000000000", "0000000000000001", "166B40B44ABA4BD6",
3548 "0000000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3549 "0101010101010101", "0101010101010101", "994D4DC157B96C52",
3550 "0202020202020202", "0202020202020202", "E127C2B61D98E6E2",
3551 "0303030303030303", "0303030303030303", "984C91D78A269CE3",
3552 "0404040404040404", "0404040404040404", "1F4570BB77550683",
3553 "0505050505050505", "0505050505050505", "3990ABF98D672B16",
3554 "0606060606060606", "0606060606060606", "3F5150BBA081D585",
3555 "0707070707070707", "0707070707070707", "C65242248C9CF6F2",
3556 "0808080808080808", "0808080808080808", "10772D40FAD24257",
3557 "0909090909090909", "0909090909090909", "F0139440647A6E7B",
3558 "0A0A0A0A0A0A0A0A", "0A0A0A0A0A0A0A0A", "0A288603044D740C",
3559 "0B0B0B0B0B0B0B0B", "0B0B0B0B0B0B0B0B", "6359916942F7438F",
3560 "0C0C0C0C0C0C0C0C", "0C0C0C0C0C0C0C0C", "934316AE443CF08B",
3561 "0D0D0D0D0D0D0D0D", "0D0D0D0D0D0D0D0D", "E3F56D7F1130A2B7",
3562 "0E0E0E0E0E0E0E0E", "0E0E0E0E0E0E0E0E", "A2E4705087C6B6B4",
3563 "0F0F0F0F0F0F0F0F", "0F0F0F0F0F0F0F0F", "D5D76E09A447E8C3",
3564 "1010101010101010", "1010101010101010", "DD7515F2BFC17F85",
3565 "1111111111111111", "1111111111111111", "F40379AB9E0EC533",
3566 "1212121212121212", "1212121212121212", "96CD27784D1563E5",
3567 "1313131313131313", "1313131313131313", "2911CF5E94D33FE1",
3568 "1414141414141414", "1414141414141414", "377B7F7CA3E5BBB3",
3569 "1515151515151515", "1515151515151515", "701AA63832905A92",
3570 "1616161616161616", "1616161616161616", "2006E716C4252D6D",
3571 "1717171717171717", "1717171717171717", "452C1197422469F8",
3572 "1818181818181818", "1818181818181818", "C33FD1EB49CB64DA",
3573 "1919191919191919", "1919191919191919", "7572278F364EB50D",
3574 "1A1A1A1A1A1A1A1A", "1A1A1A1A1A1A1A1A", "69E51488403EF4C3",
3575 "1B1B1B1B1B1B1B1B", "1B1B1B1B1B1B1B1B", "FF847E0ADF192825",
3576 "1C1C1C1C1C1C1C1C", "1C1C1C1C1C1C1C1C", "521B7FB3B41BB791",
3577 "1D1D1D1D1D1D1D1D", "1D1D1D1D1D1D1D1D", "26059A6A0F3F6B35",
3578 "1E1E1E1E1E1E1E1E", "1E1E1E1E1E1E1E1E", "F24A8D2231C77538",
3579 "1F1F1F1F1F1F1F1F", "1F1F1F1F1F1F1F1F", "4FD96EC0D3304EF6",
3580 "2020202020202020", "2020202020202020", "18A9D580A900B699",
3581 "2121212121212121", "2121212121212121", "88586E1D755B9B5A",
3582 "2222222222222222", "2222222222222222", "0F8ADFFB11DC2784",
3583 "2323232323232323", "2323232323232323", "2F30446C8312404A",
3584 "2424242424242424", "2424242424242424", "0BA03D9E6C196511",
3585 "2525252525252525", "2525252525252525", "3E55E997611E4B7D",
3586 "2626262626262626", "2626262626262626", "B2522FB5F158F0DF",
3587 "2727272727272727", "2727272727272727", "2109425935406AB8",
3588 "2828282828282828", "2828282828282828", "11A16028F310FF16",
3589 "2929292929292929", "2929292929292929", "73F0C45F379FE67F",
3590 "2A2A2A2A2A2A2A2A", "2A2A2A2A2A2A2A2A", "DCAD4338F7523816",
3591 "2B2B2B2B2B2B2B2B", "2B2B2B2B2B2B2B2B", "B81634C1CEAB298C",
3592 "2C2C2C2C2C2C2C2C", "2C2C2C2C2C2C2C2C", "DD2CCB29B6C4C349",
3593 "2D2D2D2D2D2D2D2D", "2D2D2D2D2D2D2D2D", "7D07A77A2ABD50A7",
3594 "2E2E2E2E2E2E2E2E", "2E2E2E2E2E2E2E2E", "30C1B0C1FD91D371",
3595 "2F2F2F2F2F2F2F2F", "2F2F2F2F2F2F2F2F", "C4427B31AC61973B",
3596 "3030303030303030", "3030303030303030", "F47BB46273B15EB5",
3597 "3131313131313131", "3131313131313131", "655EA628CF62585F",
3598 "3232323232323232", "3232323232323232", "AC978C247863388F",
3599 "3333333333333333", "3333333333333333", "0432ED386F2DE328",
3600 "3434343434343434", "3434343434343434", "D254014CB986B3C2",
3601 "3535353535353535", "3535353535353535", "B256E34BEDB49801",
3602 "3636363636363636", "3636363636363636", "37F8759EB77E7BFC",
3603 "3737373737373737", "3737373737373737", "5013CA4F62C9CEA0",
3604 "3838383838383838", "3838383838383838", "8940F7B3EACA5939",
3605 "3939393939393939", "3939393939393939", "E22B19A55086774B",
3606 "3A3A3A3A3A3A3A3A", "3A3A3A3A3A3A3A3A", "B04A2AAC925ABB0B",
3607 "3B3B3B3B3B3B3B3B", "3B3B3B3B3B3B3B3B", "8D250D58361597FC",
3608 "3C3C3C3C3C3C3C3C", "3C3C3C3C3C3C3C3C", "51F0114FB6A6CD37",
3609 "3D3D3D3D3D3D3D3D", "3D3D3D3D3D3D3D3D", "9D0BB4DB830ECB73",
3610 "3E3E3E3E3E3E3E3E", "3E3E3E3E3E3E3E3E", "E96089D6368F3E1A",
3611 "3F3F3F3F3F3F3F3F", "3F3F3F3F3F3F3F3F", "5C4CA877A4E1E92D",
3612 "4040404040404040", "4040404040404040", "6D55DDBC8DEA95FF",
3613 "4141414141414141", "4141414141414141", "19DF84AC95551003",
3614 "4242424242424242", "4242424242424242", "724E7332696D08A7",
3615 "4343434343434343", "4343434343434343", "B91810B8CDC58FE2",
3616 "4444444444444444", "4444444444444444", "06E23526EDCCD0C4",
3617 "4545454545454545", "4545454545454545", "EF52491D5468D441",
3618 "4646464646464646", "4646464646464646", "48019C59E39B90C5",
3619 "4747474747474747", "4747474747474747", "0544083FB902D8C0",
3620 "4848484848484848", "4848484848484848", "63B15CADA668CE12",
3621 "4949494949494949", "4949494949494949", "EACC0C1264171071",
3622 "4A4A4A4A4A4A4A4A", "4A4A4A4A4A4A4A4A", "9D2B8C0AC605F274",
3623 "4B4B4B4B4B4B4B4B", "4B4B4B4B4B4B4B4B", "C90F2F4C98A8FB2A",
3624 "4C4C4C4C4C4C4C4C", "4C4C4C4C4C4C4C4C", "03481B4828FD1D04",
3625 "4D4D4D4D4D4D4D4D", "4D4D4D4D4D4D4D4D", "C78FC45A1DCEA2E2",
3626 "4E4E4E4E4E4E4E4E", "4E4E4E4E4E4E4E4E", "DB96D88C3460D801",
3627 "4F4F4F4F4F4F4F4F", "4F4F4F4F4F4F4F4F", "6C69E720F5105518",
3628 "5050505050505050", "5050505050505050", "0D262E418BC893F3",
3629 "5151515151515151", "5151515151515151", "6AD84FD7848A0A5C",
3630 "5252525252525252", "5252525252525252", "C365CB35B34B6114",
3631 "5353535353535353", "5353535353535353", "1155392E877F42A9",
3632 "5454545454545454", "5454545454545454", "531BE5F9405DA715",
3633 "5555555555555555", "5555555555555555", "3BCDD41E6165A5E8",
3634 "5656565656565656", "5656565656565656", "2B1FF5610A19270C",
3635 "5757575757575757", "5757575757575757", "D90772CF3F047CFD",
3636 "5858585858585858", "5858585858585858", "1BEA27FFB72457B7",
3637 "5959595959595959", "5959595959595959", "85C3E0C429F34C27",
3638 "5A5A5A5A5A5A5A5A", "5A5A5A5A5A5A5A5A", "F9038021E37C7618",
3639 "5B5B5B5B5B5B5B5B", "5B5B5B5B5B5B5B5B", "35BC6FF838DBA32F",
3640 "5C5C5C5C5C5C5C5C", "5C5C5C5C5C5C5C5C", "4927ACC8CE45ECE7",
3641 "5D5D5D5D5D5D5D5D", "5D5D5D5D5D5D5D5D", "E812EE6E3572985C",
3642 "5E5E5E5E5E5E5E5E", "5E5E5E5E5E5E5E5E", "9BB93A89627BF65F",
3643 "5F5F5F5F5F5F5F5F", "5F5F5F5F5F5F5F5F", "EF12476884CB74CA",
3644 "6060606060606060", "6060606060606060", "1BF17E00C09E7CBF",
3645 "6161616161616161", "6161616161616161", "29932350C098DB5D",
3646 "6262626262626262", "6262626262626262", "B476E6499842AC54",
3647 "6363636363636363", "6363636363636363", "5C662C29C1E96056",
3648 "6464646464646464", "6464646464646464", "3AF1703D76442789",
3649 "6565656565656565", "6565656565656565", "86405D9B425A8C8C",
3650 "6666666666666666", "6666666666666666", "EBBF4810619C2C55",
3651 "6767676767676767", "6767676767676767", "F8D1CD7367B21B5D",
3652 "6868686868686868", "6868686868686868", "9EE703142BF8D7E2",
3653 "6969696969696969", "6969696969696969", "5FDFFFC3AAAB0CB3",
3654 "6A6A6A6A6A6A6A6A", "6A6A6A6A6A6A6A6A", "26C940AB13574231",
3655 "6B6B6B6B6B6B6B6B", "6B6B6B6B6B6B6B6B", "1E2DC77E36A84693",
3656 "6C6C6C6C6C6C6C6C", "6C6C6C6C6C6C6C6C", "0F4FF4D9BC7E2244",
3657 "6D6D6D6D6D6D6D6D", "6D6D6D6D6D6D6D6D", "A4C9A0D04D3280CD",
3658 "6E6E6E6E6E6E6E6E", "6E6E6E6E6E6E6E6E", "9FAF2C96FE84919D",
3659 "6F6F6F6F6F6F6F6F", "6F6F6F6F6F6F6F6F", "115DBC965E6096C8",
3660 "7070707070707070", "7070707070707070", "AF531E9520994017",
3661 "7171717171717171", "7171717171717171", "B971ADE70E5C89EE",
3662 "7272727272727272", "7272727272727272", "415D81C86AF9C376",
3663 "7373737373737373", "7373737373737373", "8DFB864FDB3C6811",
3664 "7474747474747474", "7474747474747474", "10B1C170E3398F91",
3665 "7575757575757575", "7575757575757575", "CFEF7A1C0218DB1E",
3666 "7676767676767676", "7676767676767676", "DBAC30A2A40B1B9C",
3667 "7777777777777777", "7777777777777777", "89D3BF37052162E9",
3668 "7878787878787878", "7878787878787878", "80D9230BDAEB67DC",
3669 "7979797979797979", "7979797979797979", "3440911019AD68D7",
3670 "7A7A7A7A7A7A7A7A", "7A7A7A7A7A7A7A7A", "9626FE57596E199E",
3671 "7B7B7B7B7B7B7B7B", "7B7B7B7B7B7B7B7B", "DEA0B796624BB5BA",
3672 "7C7C7C7C7C7C7C7C", "7C7C7C7C7C7C7C7C", "E9E40542BDDB3E9D",
3673 "7D7D7D7D7D7D7D7D", "7D7D7D7D7D7D7D7D", "8AD99914B354B911",
3674 "7E7E7E7E7E7E7E7E", "7E7E7E7E7E7E7E7E", "6F85B98DD12CB13B",
3675 "7F7F7F7F7F7F7F7F", "7F7F7F7F7F7F7F7F", "10130DA3C3A23924",
3676 "8080808080808080", "8080808080808080", "EFECF25C3C5DC6DB",
3677 "8181818181818181", "8181818181818181", "907A46722ED34EC4",
3678 "8282828282828282", "8282828282828282", "752666EB4CAB46EE",
3679 "8383838383838383", "8383838383838383", "161BFABD4224C162",
3680 "8484848484848484", "8484848484848484", "215F48699DB44A45",
3681 "8585858585858585", "8585858585858585", "69D901A8A691E661",
3682 "8686868686868686", "8686868686868686", "CBBF6EEFE6529728",
3683 "8787878787878787", "8787878787878787", "7F26DCF425149823",
3684 "8888888888888888", "8888888888888888", "762C40C8FADE9D16",
3685 "8989898989898989", "8989898989898989", "2453CF5D5BF4E463",
3686 "8A8A8A8A8A8A8A8A", "8A8A8A8A8A8A8A8A", "301085E3FDE724E1",
3687 "8B8B8B8B8B8B8B8B", "8B8B8B8B8B8B8B8B", "EF4E3E8F1CC6706E",
3688 "8C8C8C8C8C8C8C8C", "8C8C8C8C8C8C8C8C", "720479B024C397EE",
3689 "8D8D8D8D8D8D8D8D", "8D8D8D8D8D8D8D8D", "BEA27E3795063C89",
3690 "8E8E8E8E8E8E8E8E", "8E8E8E8E8E8E8E8E", "468E5218F1A37611",
3691 "8F8F8F8F8F8F8F8F", "8F8F8F8F8F8F8F8F", "50ACE16ADF66BFE8",
3692 "9090909090909090", "9090909090909090", "EEA24369A19F6937",
3693 "9191919191919191", "9191919191919191", "6050D369017B6E62",
3694 "9292929292929292", "9292929292929292", "5B365F2FB2CD7F32",
3695 "9393939393939393", "9393939393939393", "F0B00B264381DDBB",
3696 "9494949494949494", "9494949494949494", "E1D23881C957B96C",
3697 "9595959595959595", "9595959595959595", "D936BF54ECA8BDCE",
3698 "9696969696969696", "9696969696969696", "A020003C5554F34C",
3699 "9797979797979797", "9797979797979797", "6118FCEBD407281D",
3700 "9898989898989898", "9898989898989898", "072E328C984DE4A2",
3701 "9999999999999999", "9999999999999999", "1440B7EF9E63D3AA",
3702 "9A9A9A9A9A9A9A9A", "9A9A9A9A9A9A9A9A", "79BFA264BDA57373",
3703 "9B9B9B9B9B9B9B9B", "9B9B9B9B9B9B9B9B", "C50E8FC289BBD876",
3704 "9C9C9C9C9C9C9C9C", "9C9C9C9C9C9C9C9C", "A399D3D63E169FA9",
3705 "9D9D9D9D9D9D9D9D", "9D9D9D9D9D9D9D9D", "4B8919B667BD53AB",
3706 "9E9E9E9E9E9E9E9E", "9E9E9E9E9E9E9E9E", "D66CDCAF3F6724A2",
3707 "9F9F9F9F9F9F9F9F", "9F9F9F9F9F9F9F9F", "E40E81FF3F618340",
3708 "A0A0A0A0A0A0A0A0", "A0A0A0A0A0A0A0A0", "10EDB8977B348B35",
3709 "A1A1A1A1A1A1A1A1", "A1A1A1A1A1A1A1A1", "6446C5769D8409A0",
3710 "A2A2A2A2A2A2A2A2", "A2A2A2A2A2A2A2A2", "17ED1191CA8D67A3",
3711 "A3A3A3A3A3A3A3A3", "A3A3A3A3A3A3A3A3", "B6D8533731BA1318",
3712 "A4A4A4A4A4A4A4A4", "A4A4A4A4A4A4A4A4", "CA439007C7245CD0",
3713 "A5A5A5A5A5A5A5A5", "A5A5A5A5A5A5A5A5", "06FC7FDE1C8389E7",
3714 "A6A6A6A6A6A6A6A6", "A6A6A6A6A6A6A6A6", "7A3C1F3BD60CB3D8",
3715 "A7A7A7A7A7A7A7A7", "A7A7A7A7A7A7A7A7", "E415D80048DBA848",
3716 "A8A8A8A8A8A8A8A8", "A8A8A8A8A8A8A8A8", "26F88D30C0FB8302",
3717 "A9A9A9A9A9A9A9A9", "A9A9A9A9A9A9A9A9", "D4E00A9EF5E6D8F3",
3718 "AAAAAAAAAAAAAAAA", "AAAAAAAAAAAAAAAA", "C4322BE19E9A5A17",
3719 "ABABABABABABABAB", "ABABABABABABABAB", "ACE41A06BFA258EA",
3720 "ACACACACACACACAC", "ACACACACACACACAC", "EEAAC6D17880BD56",
3721 "ADADADADADADADAD", "ADADADADADADADAD", "3C9A34CA4CB49EEB",
3722 "AEAEAEAEAEAEAEAE", "AEAEAEAEAEAEAEAE", "9527B0287B75F5A3",
3723 "AFAFAFAFAFAFAFAF", "AFAFAFAFAFAFAFAF", "F2D9D1BE74376C0C",
3724 "B0B0B0B0B0B0B0B0", "B0B0B0B0B0B0B0B0", "939618DF0AEFAAE7",
3725 "B1B1B1B1B1B1B1B1", "B1B1B1B1B1B1B1B1", "24692773CB9F27FE",
3726 "B2B2B2B2B2B2B2B2", "B2B2B2B2B2B2B2B2", "38703BA5E2315D1D",
3727 "B3B3B3B3B3B3B3B3", "B3B3B3B3B3B3B3B3", "FCB7E4B7D702E2FB",
3728 "B4B4B4B4B4B4B4B4", "B4B4B4B4B4B4B4B4", "36F0D0B3675704D5",
3729 "B5B5B5B5B5B5B5B5", "B5B5B5B5B5B5B5B5", "62D473F539FA0D8B",
3730 "B6B6B6B6B6B6B6B6", "B6B6B6B6B6B6B6B6", "1533F3ED9BE8EF8E",
3731 "B7B7B7B7B7B7B7B7", "B7B7B7B7B7B7B7B7", "9C4EA352599731ED",
3732 "B8B8B8B8B8B8B8B8", "B8B8B8B8B8B8B8B8", "FABBF7C046FD273F",
3733 "B9B9B9B9B9B9B9B9", "B9B9B9B9B9B9B9B9", "B7FE63A61C646F3A",
3734 "BABABABABABABABA", "BABABABABABABABA", "10ADB6E2AB972BBE",
3735 "BBBBBBBBBBBBBBBB", "BBBBBBBBBBBBBBBB", "F91DCAD912332F3B",
3736 "BCBCBCBCBCBCBCBC", "BCBCBCBCBCBCBCBC", "46E7EF47323A701D",
3737 "BDBDBDBDBDBDBDBD", "BDBDBDBDBDBDBDBD", "8DB18CCD9692F758",
3738 "BEBEBEBEBEBEBEBE", "BEBEBEBEBEBEBEBE", "E6207B536AAAEFFC",
3739 "BFBFBFBFBFBFBFBF", "BFBFBFBFBFBFBFBF", "92AA224372156A00",
3740 "C0C0C0C0C0C0C0C0", "C0C0C0C0C0C0C0C0", "A3B357885B1E16D2",
3741 "C1C1C1C1C1C1C1C1", "C1C1C1C1C1C1C1C1", "169F7629C970C1E5",
3742 "C2C2C2C2C2C2C2C2", "C2C2C2C2C2C2C2C2", "62F44B247CF1348C",
3743 "C3C3C3C3C3C3C3C3", "C3C3C3C3C3C3C3C3", "AE0FEEB0495932C8",
3744 "C4C4C4C4C4C4C4C4", "C4C4C4C4C4C4C4C4", "72DAF2A7C9EA6803",
3745 "C5C5C5C5C5C5C5C5", "C5C5C5C5C5C5C5C5", "4FB5D5536DA544F4",
3746 "C6C6C6C6C6C6C6C6", "C6C6C6C6C6C6C6C6", "1DD4E65AAF7988B4",
3747 "C7C7C7C7C7C7C7C7", "C7C7C7C7C7C7C7C7", "76BF084C1535A6C6",
3748 "C8C8C8C8C8C8C8C8", "C8C8C8C8C8C8C8C8", "AFEC35B09D36315F",
3749 "C9C9C9C9C9C9C9C9", "C9C9C9C9C9C9C9C9", "C8078A6148818403",
3750 "CACACACACACACACA", "CACACACACACACACA", "4DA91CB4124B67FE",
3751 "CBCBCBCBCBCBCBCB", "CBCBCBCBCBCBCBCB", "2DABFEB346794C3D",
3752 "CCCCCCCCCCCCCCCC", "CCCCCCCCCCCCCCCC", "FBCD12C790D21CD7",
3753 "CDCDCDCDCDCDCDCD", "CDCDCDCDCDCDCDCD", "536873DB879CC770",
3754 "CECECECECECECECE", "CECECECECECECECE", "9AA159D7309DA7A0",
3755 "CFCFCFCFCFCFCFCF", "CFCFCFCFCFCFCFCF", "0B844B9D8C4EA14A",
3756 "D0D0D0D0D0D0D0D0", "D0D0D0D0D0D0D0D0", "3BBD84CE539E68C4",
3757 "D1D1D1D1D1D1D1D1", "D1D1D1D1D1D1D1D1", "CF3E4F3E026E2C8E",
3758 "D2D2D2D2D2D2D2D2", "D2D2D2D2D2D2D2D2", "82F85885D542AF58",
3759 "D3D3D3D3D3D3D3D3", "D3D3D3D3D3D3D3D3", "22D334D6493B3CB6",
3760 "D4D4D4D4D4D4D4D4", "D4D4D4D4D4D4D4D4", "47E9CB3E3154D673",
3761 "D5D5D5D5D5D5D5D5", "D5D5D5D5D5D5D5D5", "2352BCC708ADC7E9",
3762 "D6D6D6D6D6D6D6D6", "D6D6D6D6D6D6D6D6", "8C0F3BA0C8601980",
3763 "D7D7D7D7D7D7D7D7", "D7D7D7D7D7D7D7D7", "EE5E9FD70CEF00E9",
3764 "D8D8D8D8D8D8D8D8", "D8D8D8D8D8D8D8D8", "DEF6BDA6CABF9547",
3765 "D9D9D9D9D9D9D9D9", "D9D9D9D9D9D9D9D9", "4DADD04A0EA70F20",
3766 "DADADADADADADADA", "DADADADADADADADA", "C1AA16689EE1B482",
3767 "DBDBDBDBDBDBDBDB", "DBDBDBDBDBDBDBDB", "F45FC26193E69AEE",
3768 "DCDCDCDCDCDCDCDC", "DCDCDCDCDCDCDCDC", "D0CFBB937CEDBFB5",
3769 "DDDDDDDDDDDDDDDD", "DDDDDDDDDDDDDDDD", "F0752004EE23D87B",
3770 "DEDEDEDEDEDEDEDE", "DEDEDEDEDEDEDEDE", "77A791E28AA464A5",
3771 "DFDFDFDFDFDFDFDF", "DFDFDFDFDFDFDFDF", "E7562A7F56FF4966",
3772 "E0E0E0E0E0E0E0E0", "E0E0E0E0E0E0E0E0", "B026913F2CCFB109",
3773 "E1E1E1E1E1E1E1E1", "E1E1E1E1E1E1E1E1", "0DB572DDCE388AC7",
3774 "E2E2E2E2E2E2E2E2", "E2E2E2E2E2E2E2E2", "D9FA6595F0C094CA",
3775 "E3E3E3E3E3E3E3E3", "E3E3E3E3E3E3E3E3", "ADE4804C4BE4486E",
3776 "E4E4E4E4E4E4E4E4", "E4E4E4E4E4E4E4E4", "007B81F520E6D7DA",
3777 "E5E5E5E5E5E5E5E5", "E5E5E5E5E5E5E5E5", "961AEB77BFC10B3C",
3778 "E6E6E6E6E6E6E6E6", "E6E6E6E6E6E6E6E6", "8A8DD870C9B14AF2",
3779 "E7E7E7E7E7E7E7E7", "E7E7E7E7E7E7E7E7", "3CC02E14B6349B25",
3780 "E8E8E8E8E8E8E8E8", "E8E8E8E8E8E8E8E8", "BAD3EE68BDDB9607",
3781 "E9E9E9E9E9E9E9E9", "E9E9E9E9E9E9E9E9", "DFF918E93BDAD292",
3782 "EAEAEAEAEAEAEAEA", "EAEAEAEAEAEAEAEA", "8FE559C7CD6FA56D",
3783 "EBEBEBEBEBEBEBEB", "EBEBEBEBEBEBEBEB", "C88480835C1A444C",
3784 "ECECECECECECECEC", "ECECECECECECECEC", "D6EE30A16B2CC01E",
3785 "EDEDEDEDEDEDEDED", "EDEDEDEDEDEDEDED", "6932D887B2EA9C1A",
3786 "EEEEEEEEEEEEEEEE", "EEEEEEEEEEEEEEEE", "0BFC865461F13ACC",
3787 "EFEFEFEFEFEFEFEF", "EFEFEFEFEFEFEFEF", "228AEA0D403E807A",
3788 "F0F0F0F0F0F0F0F0", "F0F0F0F0F0F0F0F0", "2A2891F65BB8173C",
3789 "F1F1F1F1F1F1F1F1", "F1F1F1F1F1F1F1F1", "5D1B8FAF7839494B",
3790 "F2F2F2F2F2F2F2F2", "F2F2F2F2F2F2F2F2", "1C0A9280EECF5D48",
3791 "F3F3F3F3F3F3F3F3", "F3F3F3F3F3F3F3F3", "6CBCE951BBC30F74",
3792 "F4F4F4F4F4F4F4F4", "F4F4F4F4F4F4F4F4", "9CA66E96BD08BC70",
3793 "F5F5F5F5F5F5F5F5", "F5F5F5F5F5F5F5F5", "F5D779FCFBB28BF3",
3794 "F6F6F6F6F6F6F6F6", "F6F6F6F6F6F6F6F6", "0FEC6BBF9B859184",
3795 "F7F7F7F7F7F7F7F7", "F7F7F7F7F7F7F7F7", "EF88D2BF052DBDA8",
3796 "F8F8F8F8F8F8F8F8", "F8F8F8F8F8F8F8F8", "39ADBDDB7363090D",
3797 "F9F9F9F9F9F9F9F9", "F9F9F9F9F9F9F9F9", "C0AEAF445F7E2A7A",
3798 "FAFAFAFAFAFAFAFA", "FAFAFAFAFAFAFAFA", "C66F54067298D4E9",
3799 "FBFBFBFBFBFBFBFB", "FBFBFBFBFBFBFBFB", "E0BA8F4488AAF97C",
3800 "FCFCFCFCFCFCFCFC", "FCFCFCFCFCFCFCFC", "67B36E2875D9631C",
3801 "FDFDFDFDFDFDFDFD", "FDFDFDFDFDFDFDFD", "1ED83D49E267191D",
3802 "FEFEFEFEFEFEFEFE", "FEFEFEFEFEFEFEFE", "66B2B23EA84693AD",
3803 "FFFFFFFFFFFFFFFF", "FFFFFFFFFFFFFFFF", "7359B2163E4EDC58",
3804 "0001020304050607", "0011223344556677", "3EF0A891CF8ED990",
3805 "2BD6459F82C5B300", "EA024714AD5C4D84", "126EFE8ED312190A",
3811 * Known-answer tests for DES/3DES in CBC mode. Order: key, IV,
3812 * plaintext, ciphertext.
3814 static const char *const KAT_DES_CBC
[] = {
3816 * From NIST validation suite (tdesmmt.zip).
3818 "34a41a8c293176c1b30732ecfe38ae8a34a41a8c293176c1",
3823 "70a88fa1dfb9942fa77f40157ffef2ad70a88fa1dfb9942f",
3825 "bc225304d5a3a5c9918fc5006cbc40cc",
3826 "27f67dc87af7ddb4b68f63fa7c2d454a",
3828 "e091790be55be0bc0780153861a84adce091790be55be0bc",
3830 "03c7fffd7f36499c703dedc9df4de4a92dd4382e576d6ae9",
3831 "053aeba85dd3a23bfbe8440a432f9578f312be60fb9f0035",
3833 "857feacd16157c58e5347a70e56e578a857feacd16157c58",
3835 "1f13701c7f0d7385307507a18e89843ebd295bd5e239ef109347a6898c6d3fd5",
3836 "a0e4edde34f05bd8397ce279e49853e9387ba04be562f5fa19c3289c3f5a3391",
3838 "a173545b265875ba852331fbb95b49a8a173545b265875ba",
3840 "d08894c565608d9ae51dda63b85b3b33b1703bb5e4f1abcbb8794e743da5d6f3bf630f2e9b6d5b54",
3841 "370b47acf89ac6bdbb13c9a7336787dc41e1ad8beead32281d0609fb54968404bdf2894892590658",
3843 "26376bcb2f23df1083cd684fe00ed3c726376bcb2f23df10",
3845 "903a1911da1e6877f23c1985a9b61786ef438e0ce1240885035ad60fc916b18e5d71a1fb9c5d1eff61db75c0076f6efb",
3846 "7a4f7510f6ec0b93e2495d21a8355684d303a770ebda2e0e51ff33d72b20cb73e58e2e3de2ef6b2e12c504c0f181ba63",
3848 "3e1f98135d027cec752f67765408a7913e1f98135d027cec",
3850 "7c022f5af24f7925d323d4d0e20a2ce49272c5e764b22c806f4b6ddc406d864fe5bd1c3f45556d3eb30c8676c2f8b54a5a32423a0bd95a07",
3851 "2bb4b131fa4ae0b4f0378a2cdb68556af6eee837613016d7ea936f3931f25f8b3ae351d5e9d00be665676e2400408b5db9892d95421e7f1a",
3853 "13b9d549cd136ec7bf9e9810ef2cdcbf13b9d549cd136ec7",
3855 "1fff1563bc1645b55cb23ea34a0049dfc06607150614b621dedcb07f20433402a2d869c95ac4a070c7a3da838c928a385f899c5d21ecb58f4e5cbdad98d39b8c",
3856 "75f804d4a2c542a31703e23df26cc38861a0729090e6eae5672c1db8c0b09fba9b125bbca7d6c7d330b3859e6725c6d26de21c4e3af7f5ea94df3cde2349ce37",
3858 "20320dfdad579bb57c6e4acd769dbadf20320dfdad579bb5",
3860 "0431283cc8bb4dc7750a9d5c68578486932091632a12d0a79f2c54e3d122130881fff727050f317a40fcd1a8d13793458b99fc98254ba6a233e3d95b55cf5a3faff78809999ea4bf",
3861 "85d17840eb2af5fc727027336bfd71a2b31bd14a1d9eb64f8a08bfc4f56eaa9ca7654a5ae698287869cc27324813730de4f1384e0b8cfbc472ff5470e3c5e4bd8ceb23dc2d91988c",
3863 "23abb073a2df34cb3d1fdce6b092582c23abb073a2df34cb",
3865 "31e718fd95e6d7ca4f94763191add2674ab07c909d88c486916c16d60a048a0cf8cdb631cebec791362cd0c202eb61e166b65c1f65d0047c8aec57d3d84b9e17032442dce148e1191b06a12c284cc41e",
3866 "c9a3f75ab6a7cd08a7fd53ca540aafe731d257ee1c379fadcc4cc1a06e7c12bddbeb7562c436d1da849ed072629e82a97b56d9becc25ff4f16f21c5f2a01911604f0b5c49df96cb641faee662ca8aa68",
3868 "b5cb1504802326c73df186e3e352a20de643b0d63ee30e37",
3873 "a49d7564199e97cb529d2c9d97bf2f98d35edf57ba1f7358",
3875 "c689aee38a301bb316da75db36f110b5",
3876 "e9afaba5ec75ea1bbe65506655bb4ecb",
3878 "1a5d4c0825072a15a8ad9dfdaeda8c048adffb85bc4fced0",
3880 "983c3edacd939406010e1bc6ff9e12320ac5008117fa8f84",
3881 "d84fa24f38cf451ca2c9adc960120bd8ff9871584fe31cee",
3883 "d98aadc76d4a3716158c32866efbb9ce834af2297379a49d",
3885 "6174079dda53ca723ebf00a66837f8d5ce648c08acaa5ee45ffe62210ef79d3e",
3886 "f5bd4d600bed77bec78409e3530ebda1d815506ed53103015b87e371ae000958",
3888 "ef6d3e54266d978ffb0b8ce6689d803e2cd34cc802fd0252",
3890 "c4f228b537223cd01c0debb5d9d4e12ba71656618d119b2f8f0af29d23efa3a9e43c4c458a1b79a0",
3891 "9e3289fb18379f55aa4e45a7e0e6df160b33b75f8627ad0954f8fdcb78cee55a4664caeda1000fe5",
3893 "625bc19b19df83abfb2f5bec9d4f2062017525a75bc26e70",
3895 "8152d2ab876c3c8201403a5a406d3feaf27319dbea6ad01e24f4d18203704b86de70da6bbb6d638e5aba3ff576b79b28",
3896 "706fe7a973fac40e25b2b4499ce527078944c70e976d017b6af86a3a7a6b52943a72ba18a58000d2b61fdc3bfef2bc4a",
3898 "b6383176046e6880a1023bf45768b5bf5119022fe054bfe5",
3900 "cd5a886e9af011346c4dba36a424f96a78a1ddf28aaa4188bf65451f4efaffc7179a6dd237c0ae35d9b672314e5cb032612597f7e462c6f3",
3901 "b030f976f46277ee211c4a324d5c87555d1084513a1223d3b84416b52bbc28f4b77f3a9d8d0d91dc37d3dbe8af8be98f74674b02f9a38527",
3903 "3d8cf273d343b9aedccddacb91ad86206737adc86b4a49a7",
3905 "1fde3991c32ce220b5b6666a9234f2fd7bd24b921829fd9cdc6eb4218be9eac9faa9c2351777349128086b6d58776bc86ff2f76ee1b3b2850a318462b8983fa1",
3906 "422ce705a46bb52ad928dab6c863166d617c6fc24003633120d91918314bbf464cea7345c3c35f2042f2d6929735d74d7728f22fea618a0b9cf5b1281acb13fb",
3908 "fbceb5cb646b925be0b92f7f6b493d5e5b16e9159732732a",
3910 "4c309bc8e1e464fdd2a2b8978645d668d455f7526bd8d7b6716a722f6a900b815c4a73cc30e788065c1dfca7bf5958a6cc5440a5ebe7f8691c20278cde95db764ff8ce8994ece89c",
3911 "c02129bdf4bbbd75e71605a00b12c80db6b4e05308e916615011f09147ed915dd1bc67f27f9e027e4e13df36b55464a31c11b4d1fe3d855d89df492e1a7201b995c1ba16a8dbabee",
3913 "9b162a0df8ad9b61c88676e3d586434570b902f12a2046e0",
3915 "f4c1c918e77355c8156f0fd778da52bff121ae5f2f44eaf4d2754946d0e10d1f18ce3a0176e69c18b7d20b6e0d0bee5eb5edfe4bd60e4d92adcd86bce72e76f94ee5cbcaa8b01cfddcea2ade575e66ac",
3916 "1ff3c8709f403a8eff291aedf50c010df5c5ff64a8b205f1fce68564798897a390db16ee0d053856b75898009731da290fcc119dad987277aacef694872e880c4bb41471063fae05c89f25e4bd0cad6a",
3922 xor_buf(unsigned char *dst
, const unsigned char *src
, size_t len
)
3924 while (len
-- > 0) {
3930 monte_carlo_DES_encrypt(const br_block_cbcenc_class
*ve
)
3932 unsigned char k1
[8], k2
[8], k3
[8];
3933 unsigned char buf
[8];
3934 unsigned char cipher
[8];
3936 br_des_gen_cbcenc_keys v_ec
;
3940 hextobin(k1
, "9ec2372c86379df4");
3941 hextobin(k2
, "ad7ac4464f73805d");
3942 hextobin(k3
, "20c4f87564527c91");
3943 hextobin(buf
, "b624d6bd41783ab1");
3944 hextobin(cipher
, "eafd97b190b167fe");
3945 for (i
= 0; i
< 400; i
++) {
3946 unsigned char key
[24];
3949 memcpy(key
+ 8, k2
, 8);
3950 memcpy(key
+ 16, k3
, 8);
3951 ve
->init(ec
, key
, sizeof key
);
3952 for (j
= 0; j
< 10000; j
++) {
3953 unsigned char iv
[8];
3955 memset(iv
, 0, sizeof iv
);
3956 ve
->run(ec
, iv
, buf
, sizeof buf
);
3958 case 9997: xor_buf(k3
, buf
, 8); break;
3959 case 9998: xor_buf(k2
, buf
, 8); break;
3960 case 9999: xor_buf(k1
, buf
, 8); break;
3968 check_equals("MC DES encrypt", buf
, cipher
, sizeof buf
);
3972 monte_carlo_DES_decrypt(const br_block_cbcdec_class
*vd
)
3974 unsigned char k1
[8], k2
[8], k3
[8];
3975 unsigned char buf
[8];
3976 unsigned char plain
[8];
3978 br_des_gen_cbcdec_keys v_dc
;
3982 hextobin(k1
, "79b63486e0ce37e0");
3983 hextobin(k2
, "08e65231abae3710");
3984 hextobin(k3
, "1f5eb69e925ef185");
3985 hextobin(buf
, "2783aa729432fe96");
3986 hextobin(plain
, "44937ca532cdbf98");
3987 for (i
= 0; i
< 400; i
++) {
3988 unsigned char key
[24];
3991 memcpy(key
+ 8, k2
, 8);
3992 memcpy(key
+ 16, k3
, 8);
3993 vd
->init(dc
, key
, sizeof key
);
3994 for (j
= 0; j
< 10000; j
++) {
3995 unsigned char iv
[8];
3997 memset(iv
, 0, sizeof iv
);
3998 vd
->run(dc
, iv
, buf
, sizeof buf
);
4000 case 9997: xor_buf(k3
, buf
, 8); break;
4001 case 9998: xor_buf(k2
, buf
, 8); break;
4002 case 9999: xor_buf(k1
, buf
, 8); break;
4010 check_equals("MC DES decrypt", buf
, plain
, sizeof buf
);
4014 test_DES_generic(char *name
,
4015 const br_block_cbcenc_class
*ve
,
4016 const br_block_cbcdec_class
*vd
,
4017 int with_MC
, int with_CBC
)
4021 printf("Test %s: ", name
);
4024 if (ve
->block_size
!= 8 || vd
->block_size
!= 8) {
4025 fprintf(stderr
, "%s failed: wrong block size\n", name
);
4029 for (u
= 0; KAT_DES
[u
]; u
+= 3) {
4030 unsigned char key
[24];
4031 unsigned char plain
[8];
4032 unsigned char cipher
[8];
4033 unsigned char buf
[8];
4034 unsigned char iv
[8];
4036 br_des_gen_cbcenc_keys v_ec
;
4037 br_des_gen_cbcdec_keys v_dc
;
4038 const br_block_cbcenc_class
**ec
;
4039 const br_block_cbcdec_class
**dc
;
4043 key_len
= hextobin(key
, KAT_DES
[u
]);
4044 hextobin(plain
, KAT_DES
[u
+ 1]);
4045 hextobin(cipher
, KAT_DES
[u
+ 2]);
4046 ve
->init(ec
, key
, key_len
);
4047 memcpy(buf
, plain
, sizeof plain
);
4048 memset(iv
, 0, sizeof iv
);
4049 ve
->run(ec
, iv
, buf
, sizeof buf
);
4050 check_equals("KAT DES encrypt", buf
, cipher
, sizeof cipher
);
4051 vd
->init(dc
, key
, key_len
);
4052 memset(iv
, 0, sizeof iv
);
4053 vd
->run(dc
, iv
, buf
, sizeof buf
);
4054 check_equals("KAT DES decrypt", buf
, plain
, sizeof plain
);
4057 memcpy(key
+ 8, key
, 8);
4058 memcpy(key
+ 16, key
, 8);
4059 ve
->init(ec
, key
, 24);
4060 memcpy(buf
, plain
, sizeof plain
);
4061 memset(iv
, 0, sizeof iv
);
4062 ve
->run(ec
, iv
, buf
, sizeof buf
);
4063 check_equals("KAT DES->3 encrypt",
4064 buf
, cipher
, sizeof cipher
);
4065 vd
->init(dc
, key
, 24);
4066 memset(iv
, 0, sizeof iv
);
4067 vd
->run(dc
, iv
, buf
, sizeof buf
);
4068 check_equals("KAT DES->3 decrypt",
4069 buf
, plain
, sizeof plain
);
4074 for (u
= 0; KAT_DES_CBC
[u
]; u
+= 4) {
4075 unsigned char key
[24];
4076 unsigned char ivref
[8];
4077 unsigned char plain
[200];
4078 unsigned char cipher
[200];
4079 unsigned char buf
[200];
4080 unsigned char iv
[8];
4081 size_t key_len
, data_len
, v
;
4082 br_des_gen_cbcenc_keys v_ec
;
4083 br_des_gen_cbcdec_keys v_dc
;
4084 const br_block_cbcenc_class
**ec
;
4085 const br_block_cbcdec_class
**dc
;
4089 key_len
= hextobin(key
, KAT_DES_CBC
[u
]);
4090 hextobin(ivref
, KAT_DES_CBC
[u
+ 1]);
4091 data_len
= hextobin(plain
, KAT_DES_CBC
[u
+ 2]);
4092 hextobin(cipher
, KAT_DES_CBC
[u
+ 3]);
4093 ve
->init(ec
, key
, key_len
);
4095 memcpy(buf
, plain
, data_len
);
4096 memcpy(iv
, ivref
, 8);
4097 ve
->run(ec
, iv
, buf
, data_len
);
4098 check_equals("KAT CBC DES encrypt",
4099 buf
, cipher
, data_len
);
4100 vd
->init(dc
, key
, key_len
);
4101 memcpy(iv
, ivref
, 8);
4102 vd
->run(dc
, iv
, buf
, data_len
);
4103 check_equals("KAT CBC DES decrypt",
4104 buf
, plain
, data_len
);
4106 memcpy(buf
, plain
, data_len
);
4107 memcpy(iv
, ivref
, 8);
4108 for (v
= 0; v
< data_len
; v
+= 8) {
4109 ve
->run(ec
, iv
, buf
+ v
, 8);
4111 check_equals("KAT CBC DES encrypt (2)",
4112 buf
, cipher
, data_len
);
4113 memcpy(iv
, ivref
, 8);
4114 for (v
= 0; v
< data_len
; v
+= 8) {
4115 vd
->run(dc
, iv
, buf
+ v
, 8);
4117 check_equals("KAT CBC DES decrypt (2)",
4118 buf
, plain
, data_len
);
4123 monte_carlo_DES_encrypt(ve
);
4124 monte_carlo_DES_decrypt(vd
);
4134 test_DES_generic("DES_tab",
4135 &br_des_tab_cbcenc_vtable
,
4136 &br_des_tab_cbcdec_vtable
,
4143 test_DES_generic("DES_ct",
4144 &br_des_ct_cbcenc_vtable
,
4145 &br_des_ct_cbcdec_vtable
,
4149 static const struct {
4154 const char *scipher
;
4155 } KAT_CHACHA20
[] = {
4157 "0000000000000000000000000000000000000000000000000000000000000000",
4158 "000000000000000000000000",
4160 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
4161 "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586"
4164 "0000000000000000000000000000000000000000000000000000000000000001",
4165 "000000000000000000000002",
4167 "416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f",
4168 "a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec2a97948bd3722915c8f3d337f7d370050e9e96d647b7c39f56e031ca5eb6250d4042e02785ececfa4b4bb5e8ead0440e20b6e8db09d881a7c6132f420e52795042bdfa7773d8a9051447b3291ce1411c680465552aa6c405b7764d5e87bea85ad00f8449ed8f72d0d662ab052691ca66424bc86d2df80ea41f43abf937d3259dc4b2d0dfb48a6c9139ddd7f76966e928e635553ba76c5c879d7b35d49eb2e62b0871cdac638939e25e8a1e0ef9d5280fa8ca328b351c3c765989cbcf3daa8b6ccc3aaf9f3979c92b3720fc88dc95ed84a1be059c6499b9fda236e7e818b04b0bc39c1e876b193bfe5569753f88128cc08aaa9b63d1a16f80ef2554d7189c411f5869ca52c5b83fa36ff216b9c1d30062bebcfd2dc5bce0911934fda79a86f6e698ced759c3ff9b6477338f3da4f9cd8514ea9982ccafb341b2384dd902f3d1ab7ac61dd29c6f21ba5b862f3730e37cfdc4fd806c22f221"
4171 "1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0",
4172 "000000000000000000000002",
4174 "2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e",
4175 "62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1"
4181 test_ChaCha20_generic(const char *name
, br_chacha20_run cr
)
4185 printf("Test %s: ", name
);
4188 printf("UNAVAILABLE\n");
4192 for (u
= 0; KAT_CHACHA20
[u
].skey
; u
++) {
4193 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4197 hextobin(key
, KAT_CHACHA20
[u
].skey
);
4198 hextobin(nonce
, KAT_CHACHA20
[u
].snonce
);
4199 cc
= KAT_CHACHA20
[u
].counter
;
4200 len
= hextobin(plain
, KAT_CHACHA20
[u
].splain
);
4201 hextobin(cipher
, KAT_CHACHA20
[u
].scipher
);
4203 for (v
= 0; v
< len
; v
++) {
4204 unsigned char tmp
[400];
4208 memset(tmp
, 0, sizeof tmp
);
4209 memcpy(tmp
, plain
, v
);
4210 if (cr(key
, nonce
, cc
, tmp
, v
)
4211 != cc
+ (uint32_t)((v
+ 63) >> 6))
4213 fprintf(stderr
, "ChaCha20: wrong counter\n");
4216 if (memcmp(tmp
, cipher
, v
) != 0) {
4217 fprintf(stderr
, "ChaCha20 KAT fail (1)\n");
4220 for (w
= v
; w
< sizeof tmp
; w
++) {
4222 fprintf(stderr
, "ChaCha20: overrun\n");
4226 for (w
= 0, cc2
= cc
; w
< v
; w
+= 64, cc2
++) {
4233 if (cr(key
, nonce
, cc2
, tmp
+ w
, x
)
4236 fprintf(stderr
, "ChaCha20:"
4237 " wrong counter (2)\n");
4241 if (memcmp(tmp
, plain
, v
) != 0) {
4242 fprintf(stderr
, "ChaCha20 KAT fail (2)\n");
4256 test_ChaCha20_ct(void)
4258 test_ChaCha20_generic("ChaCha20_ct", &br_chacha20_ct_run
);
4262 test_ChaCha20_sse2(void)
4264 test_ChaCha20_generic("ChaCha20_sse2", br_chacha20_sse2_get());
4267 static const struct {
4272 const char *scipher
;
4274 } KAT_POLY1305
[] = {
4276 "4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e",
4277 "50515253c0c1c2c3c4c5c6c7",
4278 "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f",
4279 "070000004041424344454647",
4280 "d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116",
4281 "1ae10b594f09e26a7e902ecbd0600691"
4283 { 0, 0, 0, 0, 0, 0 }
4287 test_Poly1305_inner(const char *name
, br_poly1305_run ipoly
,
4288 br_poly1305_run iref
)
4291 br_hmac_drbg_context rng
;
4293 printf("Test %s: ", name
);
4296 for (u
= 0; KAT_POLY1305
[u
].skey
; u
++) {
4297 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4298 unsigned char aad
[400], tag
[16], data
[400], tmp
[16];
4299 size_t len
, aad_len
;
4301 len
= hextobin(plain
, KAT_POLY1305
[u
].splain
);
4302 aad_len
= hextobin(aad
, KAT_POLY1305
[u
].saad
);
4303 hextobin(key
, KAT_POLY1305
[u
].skey
);
4304 hextobin(nonce
, KAT_POLY1305
[u
].snonce
);
4305 hextobin(cipher
, KAT_POLY1305
[u
].scipher
);
4306 hextobin(tag
, KAT_POLY1305
[u
].stag
);
4308 memcpy(data
, plain
, len
);
4309 ipoly(key
, nonce
, data
, len
,
4310 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 1);
4311 check_equals("ChaCha20+Poly1305 KAT (1)", data
, cipher
, len
);
4312 check_equals("ChaCha20+Poly1305 KAT (2)", tmp
, tag
, 16);
4313 ipoly(key
, nonce
, data
, len
,
4314 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 0);
4315 check_equals("ChaCha20+Poly1305 KAT (3)", data
, plain
, len
);
4316 check_equals("ChaCha20+Poly1305 KAT (4)", tmp
, tag
, 16);
4326 * We compare the "ipoly" and "iref" implementations together on
4327 * a bunch of pseudo-random messages.
4329 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for Poly1305", 17);
4330 for (u
= 0; u
< 100; u
++) {
4331 unsigned char plain
[100], aad
[100], tmp
[100];
4332 unsigned char key
[32], iv
[12], tag1
[16], tag2
[16];
4334 br_hmac_drbg_generate(&rng
, key
, sizeof key
);
4335 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
4336 br_hmac_drbg_generate(&rng
, plain
, u
);
4337 br_hmac_drbg_generate(&rng
, aad
, u
);
4338 memcpy(tmp
, plain
, u
);
4339 memset(tmp
+ u
, 0xFF, (sizeof tmp
) - u
);
4340 ipoly(key
, iv
, tmp
, u
, aad
, u
, tag1
,
4341 &br_chacha20_ct_run
, 1);
4342 memset(tmp
+ u
, 0x00, (sizeof tmp
) - u
);
4343 iref(key
, iv
, tmp
, u
, aad
, u
, tag2
,
4344 &br_chacha20_ct_run
, 0);
4345 if (memcmp(tmp
, plain
, u
) != 0) {
4346 fprintf(stderr
, "cross enc/dec failed\n");
4349 if (memcmp(tag1
, tag2
, sizeof tag1
) != 0) {
4350 fprintf(stderr
, "cross MAC failed\n");
4362 test_Poly1305_ctmul(void)
4364 test_Poly1305_inner("Poly1305_ctmul", &br_poly1305_ctmul_run
,
4365 &br_poly1305_i15_run
);
4369 test_Poly1305_ctmul32(void)
4371 test_Poly1305_inner("Poly1305_ctmul32", &br_poly1305_ctmul32_run
,
4372 &br_poly1305_i15_run
);
4376 test_Poly1305_i15(void)
4378 test_Poly1305_inner("Poly1305_i15", &br_poly1305_i15_run
,
4379 &br_poly1305_ctmul_run
);
4383 test_Poly1305_ctmulq(void)
4387 bp
= br_poly1305_ctmulq_get();
4389 printf("Test Poly1305_ctmulq: UNAVAILABLE\n");
4391 test_Poly1305_inner("Poly1305_ctmulq", bp
,
4392 &br_poly1305_ctmul_run
);
4397 * A 1024-bit RSA key, generated with OpenSSL.
4399 static const unsigned char RSA_N
[] = {
4400 0xBF, 0xB4, 0xA6, 0x2E, 0x87, 0x3F, 0x9C, 0x8D,
4401 0xA0, 0xC4, 0x2E, 0x7B, 0x59, 0x36, 0x0F, 0xB0,
4402 0xFF, 0xE1, 0x25, 0x49, 0xE5, 0xE6, 0x36, 0xB0,
4403 0x48, 0xC2, 0x08, 0x6B, 0x77, 0xA7, 0xC0, 0x51,
4404 0x66, 0x35, 0x06, 0xA9, 0x59, 0xDF, 0x17, 0x7F,
4405 0x15, 0xF6, 0xB4, 0xE5, 0x44, 0xEE, 0x72, 0x3C,
4406 0x53, 0x11, 0x52, 0xC9, 0xC9, 0x61, 0x4F, 0x92,
4407 0x33, 0x64, 0x70, 0x43, 0x07, 0xF1, 0x3F, 0x7F,
4408 0x15, 0xAC, 0xF0, 0xC1, 0x54, 0x7D, 0x55, 0xC0,
4409 0x29, 0xDC, 0x9E, 0xCC, 0xE4, 0x1D, 0x11, 0x72,
4410 0x45, 0xF4, 0xD2, 0x70, 0xFC, 0x34, 0xB2, 0x1F,
4411 0xF3, 0xAD, 0x6A, 0xF0, 0xE5, 0x56, 0x11, 0xF8,
4412 0x0C, 0x3A, 0x8B, 0x04, 0x46, 0x7C, 0x77, 0xD9,
4413 0x41, 0x1F, 0x40, 0xBE, 0x93, 0x80, 0x9D, 0x23,
4414 0x75, 0x80, 0x12, 0x26, 0x5A, 0x72, 0x1C, 0xDD,
4415 0x47, 0xB3, 0x2A, 0x33, 0xD8, 0x19, 0x61, 0xE3
4417 static const unsigned char RSA_E
[] = {
4421 static const unsigned char RSA_D[] = {
4422 0xAE, 0x56, 0x0B, 0x56, 0x7E, 0xDA, 0x83, 0x75,
4423 0x6C, 0xC1, 0x5C, 0x00, 0x02, 0x96, 0x1E, 0x58,
4424 0xF9, 0xA9, 0xF7, 0x2E, 0x27, 0xEB, 0x5E, 0xCA,
4425 0x9B, 0xB0, 0x10, 0xD6, 0x22, 0x7F, 0xA4, 0x6E,
4426 0xA2, 0x03, 0x10, 0xE6, 0xCB, 0x7B, 0x0D, 0x34,
4427 0x1E, 0x76, 0x37, 0xF5, 0xD3, 0xE5, 0x00, 0x70,
4428 0x09, 0x9E, 0xD4, 0x69, 0xFB, 0x40, 0x0A, 0x8B,
4429 0xCB, 0x3E, 0xC8, 0xB4, 0xBC, 0xB1, 0x50, 0xEA,
4430 0x9D, 0xD9, 0x89, 0x8A, 0x98, 0x40, 0x79, 0xD1,
4431 0x07, 0x66, 0xA7, 0x90, 0x63, 0x82, 0xB1, 0xE0,
4432 0x24, 0xD0, 0x89, 0x6A, 0xEC, 0xC5, 0xF3, 0x21,
4433 0x7D, 0xB8, 0xA5, 0x45, 0x3A, 0x3B, 0x34, 0x42,
4434 0xC2, 0x82, 0x3C, 0x8D, 0xFA, 0x5D, 0xA0, 0xA8,
4435 0x24, 0xC8, 0x40, 0x22, 0x19, 0xCB, 0xB5, 0x85,
4436 0x67, 0x69, 0x60, 0xE4, 0xD0, 0x7E, 0xA3, 0x3B,
4437 0xF7, 0x70, 0x50, 0xC9, 0x5C, 0x97, 0x29, 0x49
4440 static const unsigned char RSA_P
[] = {
4441 0xF2, 0xE7, 0x6F, 0x66, 0x2E, 0xC4, 0x03, 0xD4,
4442 0x89, 0x24, 0xCC, 0xE1, 0xCD, 0x3F, 0x01, 0x82,
4443 0xC1, 0xFB, 0xAF, 0x44, 0xFA, 0xCC, 0x0E, 0xAA,
4444 0x9D, 0x74, 0xA9, 0x65, 0xEF, 0xED, 0x4C, 0x87,
4445 0xF0, 0xB3, 0xC6, 0xEA, 0x61, 0x85, 0xDE, 0x4E,
4446 0x66, 0xB2, 0x5A, 0x9F, 0x7A, 0x41, 0xC5, 0x66,
4447 0x57, 0xDF, 0x88, 0xF0, 0xB5, 0xF2, 0xC7, 0x7E,
4448 0xE6, 0x55, 0x21, 0x96, 0x83, 0xD8, 0xAB, 0x57
4450 static const unsigned char RSA_Q
[] = {
4451 0xCA, 0x0A, 0x92, 0xBF, 0x58, 0xB0, 0x2E, 0xF6,
4452 0x66, 0x50, 0xB1, 0x48, 0x29, 0x42, 0x86, 0x6C,
4453 0x98, 0x06, 0x7E, 0xB8, 0xB5, 0x4F, 0xFB, 0xC4,
4454 0xF3, 0xC3, 0x36, 0x91, 0x07, 0xB6, 0xDB, 0xE9,
4455 0x56, 0x3C, 0x51, 0x7D, 0xB5, 0xEC, 0x0A, 0xA9,
4456 0x7C, 0x66, 0xF9, 0xD8, 0x25, 0xDE, 0xD2, 0x94,
4457 0x5A, 0x58, 0xF1, 0x93, 0xE4, 0xF0, 0x5F, 0x27,
4458 0xBD, 0x83, 0xC7, 0xCA, 0x48, 0x6A, 0xB2, 0x55
4460 static const unsigned char RSA_DP
[] = {
4461 0xAF, 0x97, 0xBE, 0x60, 0x0F, 0xCE, 0x83, 0x36,
4462 0x51, 0x2D, 0xD9, 0x2E, 0x22, 0x41, 0x39, 0xC6,
4463 0x5C, 0x94, 0xA4, 0xCF, 0x28, 0xBD, 0xFA, 0x9C,
4464 0x3B, 0xD6, 0xE9, 0xDE, 0x56, 0xE3, 0x24, 0x3F,
4465 0xE1, 0x31, 0x14, 0xCA, 0xBA, 0x55, 0x1B, 0xAF,
4466 0x71, 0x6D, 0xDD, 0x35, 0x0C, 0x1C, 0x1F, 0xA7,
4467 0x2C, 0x3E, 0xDB, 0xAF, 0xA6, 0xD8, 0x2A, 0x7F,
4468 0x01, 0xE2, 0xE8, 0xB4, 0xF5, 0xFA, 0xDB, 0x61
4470 static const unsigned char RSA_DQ
[] = {
4471 0x29, 0xC0, 0x4B, 0x98, 0xFD, 0x13, 0xD3, 0x70,
4472 0x99, 0xAE, 0x1D, 0x24, 0x83, 0x5A, 0x3A, 0xFB,
4473 0x1F, 0xE3, 0x5F, 0xB6, 0x7D, 0xC9, 0x5C, 0x86,
4474 0xD3, 0xB4, 0xC8, 0x86, 0xE9, 0xE8, 0x30, 0xC3,
4475 0xA4, 0x4D, 0x6C, 0xAD, 0xA4, 0xB5, 0x75, 0x72,
4476 0x96, 0xC1, 0x94, 0xE9, 0xC4, 0xD1, 0xAA, 0x04,
4477 0x7C, 0x33, 0x1B, 0x20, 0xEB, 0xD3, 0x7C, 0x66,
4478 0x72, 0xF4, 0x53, 0x8A, 0x0A, 0xB2, 0xF9, 0xCD
4480 static const unsigned char RSA_IQ
[] = {
4481 0xE8, 0xEB, 0x04, 0x79, 0xA5, 0xC1, 0x79, 0xDE,
4482 0xD5, 0x49, 0xA1, 0x0B, 0x48, 0xB9, 0x0E, 0x55,
4483 0x74, 0x2C, 0x54, 0xEE, 0xA8, 0xB0, 0x01, 0xC2,
4484 0xD2, 0x3C, 0x3E, 0x47, 0x3A, 0x7C, 0xC8, 0x3D,
4485 0x2E, 0x33, 0x54, 0x4D, 0x40, 0x29, 0x41, 0x74,
4486 0xBA, 0xE1, 0x93, 0x09, 0xEC, 0xE0, 0x1B, 0x4D,
4487 0x1F, 0x2A, 0xCA, 0x4A, 0x0B, 0x5F, 0xE6, 0xBE,
4488 0x59, 0x0A, 0xC4, 0xC9, 0xD9, 0x82, 0xAC, 0xE1
4491 static const br_rsa_public_key RSA_PK
= {
4492 (void *)RSA_N
, sizeof RSA_N
,
4493 (void *)RSA_E
, sizeof RSA_E
4496 static const br_rsa_private_key RSA_SK
= {
4498 (void *)RSA_P
, sizeof RSA_P
,
4499 (void *)RSA_Q
, sizeof RSA_Q
,
4500 (void *)RSA_DP
, sizeof RSA_DP
,
4501 (void *)RSA_DQ
, sizeof RSA_DQ
,
4502 (void *)RSA_IQ
, sizeof RSA_IQ
4506 test_RSA_core(const char *name
, br_rsa_public fpub
, br_rsa_private fpriv
)
4508 unsigned char t1
[128], t2
[128], t3
[128];
4510 printf("Test %s: ", name
);
4514 * A KAT test (computed with OpenSSL).
4516 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4517 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4518 memcpy(t3
, t1
, sizeof t1
);
4519 if (!fpub(t3
, sizeof t3
, &RSA_PK
)) {
4520 fprintf(stderr
, "RSA public operation failed\n");
4523 check_equals("KAT RSA pub", t2
, t3
, sizeof t2
);
4524 if (!fpriv(t3
, &RSA_SK
)) {
4525 fprintf(stderr
, "RSA private operation failed\n");
4528 check_equals("KAT RSA priv", t1
, t3
, sizeof t1
);
4534 static const unsigned char SHA1_OID
[] = {
4535 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
4539 test_RSA_sign(const char *name
, br_rsa_private fpriv
,
4540 br_rsa_pkcs1_sign fsign
, br_rsa_pkcs1_vrfy fvrfy
)
4542 unsigned char t1
[128], t2
[128];
4543 unsigned char hv
[20], tmp
[20];
4547 printf("Test %s: ", name
);
4551 * Verify the KAT test (computed with OpenSSL).
4553 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4555 br_sha1_update(&hc
, "test", 4);
4556 br_sha1_out(&hc
, hv
);
4557 if (!fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
4558 fprintf(stderr
, "Signature verification failed\n");
4561 check_equals("Extracted hash value", hv
, tmp
, sizeof tmp
);
4564 * Regenerate the signature. This should yield the same value as
4565 * the KAT test, since PKCS#1 v1.5 signatures are deterministic
4566 * (except the usual detail about hash function parameter
4567 * encoding, but OpenSSL uses the same convention as BearSSL).
4569 if (!fsign(SHA1_OID
, hv
, 20, &RSA_SK
, t2
)) {
4570 fprintf(stderr
, "Signature generation failed\n");
4573 check_equals("Regenerated signature", t1
, t2
, sizeof t1
);
4576 * Use the raw private core to generate fake signatures, where
4577 * one byte of the padded hash value is altered. They should all be
4580 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4581 for (u
= 0; u
< (sizeof t2
) - 20; u
++) {
4582 memcpy(t1
, t2
, sizeof t2
);
4584 if (!fpriv(t1
, &RSA_SK
)) {
4585 fprintf(stderr
, "RSA private key operation failed\n");
4588 if (fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
4590 "Signature verification should have failed\n");
4604 test_RSA_core("RSA i15 core", &br_rsa_i15_public
, &br_rsa_i15_private
);
4605 test_RSA_sign("RSA i15 sign", &br_rsa_i15_private
,
4606 &br_rsa_i15_pkcs1_sign
, &br_rsa_i15_pkcs1_vrfy
);
4612 test_RSA_core("RSA i31 core", &br_rsa_i31_public
, &br_rsa_i31_private
);
4613 test_RSA_sign("RSA i31 sign", &br_rsa_i31_private
,
4614 &br_rsa_i31_pkcs1_sign
, &br_rsa_i31_pkcs1_vrfy
);
4620 test_RSA_core("RSA i32 core", &br_rsa_i32_public
, &br_rsa_i32_private
);
4621 test_RSA_sign("RSA i32 sign", &br_rsa_i32_private
,
4622 &br_rsa_i32_pkcs1_sign
, &br_rsa_i32_pkcs1_vrfy
);
4629 br_rsa_private priv
;
4630 br_rsa_pkcs1_sign sign
;
4631 br_rsa_pkcs1_vrfy vrfy
;
4633 pub
= br_rsa_i62_public_get();
4634 priv
= br_rsa_i62_private_get();
4635 sign
= br_rsa_i62_pkcs1_sign_get();
4636 vrfy
= br_rsa_i62_pkcs1_vrfy_get();
4638 if (!priv
|| !sign
|| !vrfy
) {
4639 fprintf(stderr
, "Inconsistent i62 availability\n");
4642 test_RSA_core("RSA i62 core", pub
, priv
);
4643 test_RSA_sign("RSA i62 sign", priv
, sign
, vrfy
);
4645 if (priv
|| sign
|| vrfy
) {
4646 fprintf(stderr
, "Inconsistent i62 availability\n");
4649 printf("Test RSA i62: UNAVAILABLE\n");
4655 test_RSA_signatures(void)
4657 uint32_t n
[40], e
[2], p
[20], q
[20], dp
[20], dq
[20], iq
[20], x
[40];
4658 unsigned char hv
[20], sig
[128];
4659 unsigned char ref
[128], tmp
[128];
4662 printf("Test RSA signatures: ");
4666 * Decode RSA key elements.
4668 br_int_decode(n
, sizeof n
/ sizeof n
[0], RSA_N
, sizeof RSA_N
);
4669 br_int_decode(e
, sizeof e
/ sizeof e
[0], RSA_E
, sizeof RSA_E
);
4670 br_int_decode(p
, sizeof p
/ sizeof p
[0], RSA_P
, sizeof RSA_P
);
4671 br_int_decode(q
, sizeof q
/ sizeof q
[0], RSA_Q
, sizeof RSA_Q
);
4672 br_int_decode(dp
, sizeof dp
/ sizeof dp
[0], RSA_DP
, sizeof RSA_DP
);
4673 br_int_decode(dq
, sizeof dq
/ sizeof dq
[0], RSA_DQ
, sizeof RSA_DQ
);
4674 br_int_decode(iq
, sizeof iq
/ sizeof iq
[0], RSA_IQ
, sizeof RSA_IQ
);
4677 * Decode reference signature (computed with OpenSSL).
4679 hextobin(ref
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4682 * Recompute signature. Since PKCS#1 v1.5 signatures are
4683 * deterministic, we should get the same as the reference signature.
4686 br_sha1_update(&hc
, "test", 4);
4687 br_sha1_out(&hc
, hv
);
4688 if (!br_rsa_sign(sig
, sizeof sig
, p
, q
, dp
, dq
, iq
, br_sha1_ID
, hv
)) {
4689 fprintf(stderr
, "RSA-1024/SHA-1 sig generate failed\n");
4692 check_equals("KAT RSA-sign 1", sig
, ref
, sizeof sig
);
4697 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4698 fprintf(stderr
, "RSA-1024/SHA-1 sig verify failed\n");
4702 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4703 fprintf(stderr
, "RSA-1024/SHA-1 sig verify should have failed\n");
4709 * Generate a signature with the alternate encoding (no NULL) and
4712 hextobin(tmp
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00301F300706052B0E03021A0414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4713 br_int_decode(x
, sizeof x
/ sizeof x
[0], tmp
, sizeof tmp
);
4715 br_rsa_private_core(x
, p
, q
, dp
, dq
, iq
);
4716 br_int_encode(sig
, sizeof sig
, x
);
4717 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4718 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) failed\n");
4722 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4723 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) should have failed\n");
4734 * From: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
4736 static const char *const KAT_GHASH
[] = {
4738 "66e94bd4ef8a2c3b884cfa59ca342b2e",
4741 "00000000000000000000000000000000",
4743 "66e94bd4ef8a2c3b884cfa59ca342b2e",
4745 "0388dace60b6a392f328c2b971b2fe78",
4746 "f38cbb1ad69223dcc3457ae5b6b0f885",
4748 "b83b533708bf535d0aa6e52980d53b78",
4750 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
4751 "7f1b32b81b820d02614f8895ac1d4eac",
4753 "b83b533708bf535d0aa6e52980d53b78",
4754 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4755 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
4756 "698e57f70e6ecc7fd9463b7260a9ae5f",
4758 "b83b533708bf535d0aa6e52980d53b78",
4759 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4760 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
4761 "df586bb4c249b92cb6922877e444d37b",
4763 "b83b533708bf535d0aa6e52980d53b78",
4764 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4765 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
4766 "1c5afe9760d3932f3c9a878aac3dc3de",
4768 "aae06992acbf52a3e8f4a96ec9300bd7",
4770 "98e7247c07f0fe411c267e4384b0f600",
4771 "e2c63f0ac44ad0e02efa05ab6743d4ce",
4773 "466923ec9ae682214f2c082badb39249",
4775 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
4776 "51110d40f6c8fff0eb1ae33445a889f0",
4778 "466923ec9ae682214f2c082badb39249",
4779 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4780 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
4781 "ed2ce3062e4a8ec06db8b4c490e8a268",
4783 "466923ec9ae682214f2c082badb39249",
4784 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4785 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
4786 "1e6a133806607858ee80eaf237064089",
4788 "466923ec9ae682214f2c082badb39249",
4789 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4790 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
4791 "82567fb0b4cc371801eadec005968e94",
4793 "dc95c078a2408989ad48a21492842087",
4795 "cea7403d4d606b6e074ec5d3baf39d18",
4796 "83de425c5edc5d498f382c441041ca92",
4798 "acbef20579b4b8ebce889bac8732dad7",
4800 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
4801 "4db870d37cb75fcb46097c36230d1612",
4803 "acbef20579b4b8ebce889bac8732dad7",
4804 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4805 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
4806 "8bd0c4d8aacd391e67cca447e8c38f65",
4808 "acbef20579b4b8ebce889bac8732dad7",
4809 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4810 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
4811 "75a34288b8c68f811c52b2e9a2f97f63",
4813 "acbef20579b4b8ebce889bac8732dad7",
4814 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4815 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
4816 "d5ffcf6fc5ac4d69722187421a7f170b",
4822 test_GHASH(const char *name
, br_ghash gh
)
4826 printf("Test %s: ", name
);
4829 for (u
= 0; KAT_GHASH
[u
]; u
+= 4) {
4830 unsigned char h
[16];
4831 unsigned char a
[100];
4833 unsigned char c
[100];
4835 unsigned char p
[16];
4836 unsigned char y
[16];
4837 unsigned char ref
[16];
4839 hextobin(h
, KAT_GHASH
[u
]);
4840 a_len
= hextobin(a
, KAT_GHASH
[u
+ 1]);
4841 c_len
= hextobin(c
, KAT_GHASH
[u
+ 2]);
4842 hextobin(ref
, KAT_GHASH
[u
+ 3]);
4843 memset(y
, 0, sizeof y
);
4846 memset(p
, 0, sizeof p
);
4847 br_enc32be(p
+ 4, (uint32_t)a_len
<< 3);
4848 br_enc32be(p
+ 12, (uint32_t)c_len
<< 3);
4849 gh(y
, h
, p
, sizeof p
);
4850 check_equals("KAT GHASH", y
, ref
, sizeof ref
);
4853 for (u
= 0; u
<= 1024; u
++) {
4854 unsigned char key
[32], iv
[12];
4855 unsigned char buf
[1024 + 32];
4856 unsigned char y0
[16], y1
[16];
4859 memset(key
, 0, sizeof key
);
4860 memset(iv
, 0, sizeof iv
);
4862 memset(buf
, 0, sizeof buf
);
4863 br_chacha20_ct_run(key
, iv
, 1, buf
, sizeof buf
);
4865 memcpy(y0
, buf
, 16);
4866 br_ghash_ctmul32(y0
, buf
+ 16, buf
+ 32, u
);
4867 memcpy(y1
, buf
, 16);
4868 gh(y1
, buf
+ 16, buf
+ 32, u
);
4869 sprintf(tmp
, "XREF %s (len = %u)", name
, (unsigned)u
);
4870 check_equals(tmp
, y0
, y1
, 16);
4872 if ((u
& 31) == 0) {
4883 test_GHASH_ctmul(void)
4885 test_GHASH("GHASH_ctmul", br_ghash_ctmul
);
4889 test_GHASH_ctmul32(void)
4891 test_GHASH("GHASH_ctmul32", br_ghash_ctmul32
);
4895 test_GHASH_ctmul64(void)
4897 test_GHASH("GHASH_ctmul64", br_ghash_ctmul64
);
4901 test_GHASH_pclmul(void)
4905 gh
= br_ghash_pclmul_get();
4907 printf("Test GHASH_pclmul: UNAVAILABLE\n");
4909 test_GHASH("GHASH_pclmul", gh
);
4914 test_GHASH_pwr8(void)
4918 gh
= br_ghash_pwr8_get();
4920 printf("Test GHASH_pwr8: UNAVAILABLE\n");
4922 test_GHASH("GHASH_pwr8", gh
);
4927 * From: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
4929 * Order: key, plaintext, AAD, IV, ciphertext, tag
4931 static const char *const KAT_GCM
[] = {
4932 "00000000000000000000000000000000",
4935 "000000000000000000000000",
4937 "58e2fccefa7e3061367f1d57a4e7455a",
4939 "00000000000000000000000000000000",
4940 "00000000000000000000000000000000",
4942 "000000000000000000000000",
4943 "0388dace60b6a392f328c2b971b2fe78",
4944 "ab6e47d42cec13bdf53a67b21257bddf",
4946 "feffe9928665731c6d6a8f9467308308",
4947 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
4949 "cafebabefacedbaddecaf888",
4950 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
4951 "4d5c2af327cd64a62cf35abd2ba6fab4",
4953 "feffe9928665731c6d6a8f9467308308",
4954 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4955 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4956 "cafebabefacedbaddecaf888",
4957 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
4958 "5bc94fbc3221a5db94fae95ae7121a47",
4960 "feffe9928665731c6d6a8f9467308308",
4961 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4962 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4964 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
4965 "3612d2e79e3b0785561be14aaca2fccb",
4967 "feffe9928665731c6d6a8f9467308308",
4968 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4969 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4970 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
4971 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
4972 "619cc5aefffe0bfa462af43c1699d050",
4974 "000000000000000000000000000000000000000000000000",
4977 "000000000000000000000000",
4979 "cd33b28ac773f74ba00ed1f312572435",
4981 "000000000000000000000000000000000000000000000000",
4982 "00000000000000000000000000000000",
4984 "000000000000000000000000",
4985 "98e7247c07f0fe411c267e4384b0f600",
4986 "2ff58d80033927ab8ef4d4587514f0fb",
4988 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
4989 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
4991 "cafebabefacedbaddecaf888",
4992 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
4993 "9924a7c8587336bfb118024db8674a14",
4995 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
4996 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
4997 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4998 "cafebabefacedbaddecaf888",
4999 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
5000 "2519498e80f1478f37ba55bd6d27618c",
5002 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
5003 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
5004 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
5006 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
5007 "65dcc57fcf623a24094fcca40d3533f8",
5009 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
5010 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
5011 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
5012 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
5013 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
5014 "dcf566ff291c25bbb8568fc3d376a6d9",
5016 "0000000000000000000000000000000000000000000000000000000000000000",
5019 "000000000000000000000000",
5021 "530f8afbc74536b9a963b4f1c4cb738b",
5023 "0000000000000000000000000000000000000000000000000000000000000000",
5024 "00000000000000000000000000000000",
5026 "000000000000000000000000",
5027 "cea7403d4d606b6e074ec5d3baf39d18",
5028 "d0d1c8a799996bf0265b98b5d48ab919",
5030 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
5031 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
5033 "cafebabefacedbaddecaf888",
5034 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
5035 "b094dac5d93471bdec1a502270e3cc6c",
5037 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
5038 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
5039 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
5040 "cafebabefacedbaddecaf888",
5041 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
5042 "76fc6ece0f4e1768cddf8853bb2d551b",
5044 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
5045 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
5046 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
5048 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
5049 "3a337dbf46a792c45e454913fe2ea8f2",
5051 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
5052 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
5053 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
5054 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
5055 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
5056 "a44a8266ee1c8eb0c8b5d4cf5ae9f19a",
5066 printf("Test GCM: ");
5069 for (u
= 0; KAT_GCM
[u
]; u
+= 6) {
5070 unsigned char key
[32];
5071 unsigned char plain
[100];
5072 unsigned char aad
[100];
5073 unsigned char iv
[100];
5074 unsigned char cipher
[100];
5075 unsigned char tag
[100];
5076 size_t key_len
, plain_len
, aad_len
, iv_len
;
5077 br_aes_ct_ctr_keys bc
;
5079 unsigned char tmp
[100], out
[16];
5082 key_len
= hextobin(key
, KAT_GCM
[u
]);
5083 plain_len
= hextobin(plain
, KAT_GCM
[u
+ 1]);
5084 aad_len
= hextobin(aad
, KAT_GCM
[u
+ 2]);
5085 iv_len
= hextobin(iv
, KAT_GCM
[u
+ 3]);
5086 hextobin(cipher
, KAT_GCM
[u
+ 4]);
5087 hextobin(tag
, KAT_GCM
[u
+ 5]);
5089 br_aes_ct_ctr_init(&bc
, key
, key_len
);
5090 br_gcm_init(&gc
, &bc
.vtable
, br_ghash_ctmul32
);
5092 memset(tmp
, 0x54, sizeof tmp
);
5097 memcpy(tmp
, plain
, plain_len
);
5098 br_gcm_reset(&gc
, iv
, iv_len
);
5099 br_gcm_aad_inject(&gc
, aad
, aad_len
);
5101 br_gcm_run(&gc
, 1, tmp
, plain_len
);
5102 br_gcm_get_tag(&gc
, out
);
5103 check_equals("KAT GCM 1", tmp
, cipher
, plain_len
);
5104 check_equals("KAT GCM 2", out
, tag
, 16);
5106 br_gcm_reset(&gc
, iv
, iv_len
);
5107 br_gcm_aad_inject(&gc
, aad
, aad_len
);
5109 br_gcm_run(&gc
, 0, tmp
, plain_len
);
5110 check_equals("KAT GCM 3", tmp
, plain
, plain_len
);
5111 if (!br_gcm_check_tag(&gc
, tag
)) {
5112 fprintf(stderr
, "Tag not verified (1)\n");
5116 for (v
= plain_len
; v
< sizeof tmp
; v
++) {
5117 if (tmp
[v
] != 0x54) {
5118 fprintf(stderr
, "overflow on data\n");
5124 * Byte-by-byte injection.
5126 br_gcm_reset(&gc
, iv
, iv_len
);
5127 for (v
= 0; v
< aad_len
; v
++) {
5128 br_gcm_aad_inject(&gc
, aad
+ v
, 1);
5131 for (v
= 0; v
< plain_len
; v
++) {
5132 br_gcm_run(&gc
, 1, tmp
+ v
, 1);
5134 check_equals("KAT GCM 4", tmp
, cipher
, plain_len
);
5135 if (!br_gcm_check_tag(&gc
, tag
)) {
5136 fprintf(stderr
, "Tag not verified (2)\n");
5140 br_gcm_reset(&gc
, iv
, iv_len
);
5141 for (v
= 0; v
< aad_len
; v
++) {
5142 br_gcm_aad_inject(&gc
, aad
+ v
, 1);
5145 for (v
= 0; v
< plain_len
; v
++) {
5146 br_gcm_run(&gc
, 0, tmp
+ v
, 1);
5148 br_gcm_get_tag(&gc
, out
);
5149 check_equals("KAT GCM 5", tmp
, plain
, plain_len
);
5150 check_equals("KAT GCM 6", out
, tag
, 16);
5153 * Check that alterations are detected.
5155 for (v
= 0; v
< aad_len
; v
++) {
5156 memcpy(tmp
, cipher
, plain_len
);
5157 br_gcm_reset(&gc
, iv
, iv_len
);
5159 br_gcm_aad_inject(&gc
, aad
, aad_len
);
5162 br_gcm_run(&gc
, 0, tmp
, plain_len
);
5163 check_equals("KAT GCM 7", tmp
, plain
, plain_len
);
5164 if (br_gcm_check_tag(&gc
, tag
)) {
5165 fprintf(stderr
, "Tag should have changed\n");
5179 test_EC_inner(const char *sk
, const char *sU
,
5180 const br_ec_impl
*impl
, int curve
)
5182 unsigned char bk
[70];
5183 unsigned char eG
[150], eU
[150];
5184 uint32_t n
[22], n0i
;
5185 size_t klen
, ulen
, nlen
;
5186 const br_ec_curve_def
*cd
;
5187 br_hmac_drbg_context rng
;
5190 klen
= hextobin(bk
, sk
);
5191 ulen
= hextobin(eU
, sU
);
5193 case BR_EC_secp256r1
:
5196 case BR_EC_secp384r1
:
5199 case BR_EC_secp521r1
:
5203 fprintf(stderr
, "Unknown curve: %d\n", curve
);
5207 if (ulen
!= cd
->generator_len
) {
5208 fprintf(stderr
, "KAT vector wrong (%lu / %lu)\n",
5209 (unsigned long)ulen
,
5210 (unsigned long)cd
->generator_len
);
5212 memcpy(eG
, cd
->generator
, ulen
);
5213 if (impl
->mul(eG
, ulen
, bk
, klen
, curve
) != 1) {
5214 fprintf(stderr
, "KAT multiplication failed\n");
5217 if (memcmp(eG
, eU
, ulen
) != 0) {
5218 fprintf(stderr
, "KAT mul: mismatch\n");
5223 * Test the two-point-mul function. We want to test the basic
5224 * functionality, and the following special cases:
5226 * x + y = curve order
5228 nlen
= cd
->order_len
;
5229 br_i31_decode(n
, cd
->order
, nlen
);
5230 n0i
= br_i31_ninv31(n
[1]);
5231 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for EC", 11);
5232 for (i
= 0; i
< 10; i
++) {
5233 unsigned char ba
[80], bb
[80], bx
[80], by
[80], bz
[80];
5234 uint32_t a
[22], b
[22], x
[22], y
[22], z
[22], t1
[22], t2
[22];
5236 unsigned char eA
[160], eB
[160], eC
[160], eD
[160];
5239 * Generate random a and b, and compute A = a*G and B = b*G.
5241 br_hmac_drbg_generate(&rng
, ba
, sizeof ba
);
5242 br_i31_decode_reduce(a
, ba
, sizeof ba
, n
);
5243 br_i31_encode(ba
, nlen
, a
);
5244 br_hmac_drbg_generate(&rng
, bb
, sizeof bb
);
5245 br_i31_decode_reduce(b
, bb
, sizeof bb
, n
);
5246 br_i31_encode(bb
, nlen
, b
);
5247 memcpy(eA
, cd
->generator
, ulen
);
5248 impl
->mul(eA
, ulen
, ba
, nlen
, cd
->curve
);
5249 memcpy(eB
, cd
->generator
, ulen
);
5250 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
5253 * Generate random x and y (modulo n).
5255 br_hmac_drbg_generate(&rng
, bx
, sizeof bx
);
5256 br_i31_decode_reduce(x
, bx
, sizeof bx
, n
);
5257 br_i31_encode(bx
, nlen
, x
);
5258 br_hmac_drbg_generate(&rng
, by
, sizeof by
);
5259 br_i31_decode_reduce(y
, by
, sizeof by
, n
);
5260 br_i31_encode(by
, nlen
, y
);
5263 * Compute z = a*x + b*y (mod n).
5265 memcpy(t1
, x
, sizeof x
);
5266 br_i31_to_monty(t1
, n
);
5267 br_i31_montymul(z
, a
, t1
, n
, n0i
);
5268 memcpy(t1
, y
, sizeof y
);
5269 br_i31_to_monty(t1
, n
);
5270 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
5271 r
= br_i31_add(z
, t2
, 1);
5272 r
|= br_i31_sub(z
, n
, 0) ^ 1;
5273 br_i31_sub(z
, n
, r
);
5274 br_i31_encode(bz
, nlen
, z
);
5277 * Compute C = x*A + y*B with muladd(), and also
5278 * D = z*G with mul(). The two points must match.
5280 memcpy(eC
, eA
, ulen
);
5281 if (impl
->muladd(eC
, eB
, ulen
,
5282 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
5284 fprintf(stderr
, "muladd() failed (1)\n");
5287 memcpy(eD
, cd
->generator
, ulen
);
5288 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
5289 fprintf(stderr
, "mul() failed (1)\n");
5292 if (memcmp(eC
, eD
, nlen
) != 0) {
5293 fprintf(stderr
, "mul() / muladd() mismatch\n");
5298 * Also recomputed D = z*G with mulgen(). This must
5301 memset(eD
, 0, ulen
);
5302 if (impl
->mulgen(eD
, bz
, nlen
, cd
->curve
) != ulen
) {
5303 fprintf(stderr
, "mulgen() failed: wrong length\n");
5306 if (memcmp(eC
, eD
, nlen
) != 0) {
5307 fprintf(stderr
, "mulgen() / muladd() mismatch\n");
5312 * Check with x*A = y*B. We do so by setting b = x and y = a.
5314 memcpy(b
, x
, sizeof x
);
5315 br_i31_encode(bb
, nlen
, b
);
5316 memcpy(eB
, cd
->generator
, ulen
);
5317 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
5318 memcpy(y
, a
, sizeof a
);
5319 br_i31_encode(by
, nlen
, y
);
5321 memcpy(t1
, x
, sizeof x
);
5322 br_i31_to_monty(t1
, n
);
5323 br_i31_montymul(z
, a
, t1
, n
, n0i
);
5324 memcpy(t1
, y
, sizeof y
);
5325 br_i31_to_monty(t1
, n
);
5326 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
5327 r
= br_i31_add(z
, t2
, 1);
5328 r
|= br_i31_sub(z
, n
, 0) ^ 1;
5329 br_i31_sub(z
, n
, r
);
5330 br_i31_encode(bz
, nlen
, z
);
5332 memcpy(eC
, eA
, ulen
);
5333 if (impl
->muladd(eC
, eB
, ulen
,
5334 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
5336 fprintf(stderr
, "muladd() failed (2)\n");
5339 memcpy(eD
, cd
->generator
, ulen
);
5340 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
5341 fprintf(stderr
, "mul() failed (2)\n");
5344 if (memcmp(eC
, eD
, nlen
) != 0) {
5346 "mul() / muladd() mismatch (x*A=y*B)\n");
5351 * Check with x*A + y*B = 0. At that point, b = x, so we
5352 * just need to set y = -a (mod n).
5354 memcpy(y
, n
, sizeof n
);
5355 br_i31_sub(y
, a
, 1);
5356 br_i31_encode(by
, nlen
, y
);
5357 memcpy(eC
, eA
, ulen
);
5358 if (impl
->muladd(eC
, eB
, ulen
,
5359 bx
, nlen
, by
, nlen
, cd
->curve
) != 0)
5361 fprintf(stderr
, "muladd() should have failed\n");
5371 test_EC_P256_carry_inner(const br_ec_impl
*impl
, const char *sP
, const char *sQ
)
5373 unsigned char P
[65], Q
[sizeof P
], k
[1];
5376 plen
= hextobin(P
, sP
);
5377 qlen
= hextobin(Q
, sQ
);
5378 if (plen
!= sizeof P
|| qlen
!= sizeof P
) {
5379 fprintf(stderr
, "KAT is incorrect\n");
5383 if (impl
->mul(P
, plen
, k
, 1, BR_EC_secp256r1
) != 1) {
5384 fprintf(stderr
, "P-256 multiplication failed\n");
5387 check_equals("P256_carry", P
, Q
, plen
);
5393 test_EC_P256_carry(const br_ec_impl
*impl
)
5395 test_EC_P256_carry_inner(impl
,
5396 "0435BAA24B2B6E1B3C88E22A383BD88CC4B9A3166E7BCF94FF6591663AE066B33B821EBA1B4FC8EA609A87EB9A9C9A1CCD5C9F42FA1365306F64D7CAA718B8C978",
5397 "0447752A76CA890328D34E675C4971EC629132D1FC4863EDB61219B72C4E58DC5E9D51E7B293488CFD913C3CF20E438BB65C2BA66A7D09EABB45B55E804260C5EB");
5398 test_EC_P256_carry_inner(impl
,
5399 "04DCAE9D9CE211223602024A6933BD42F77B6BF4EAB9C8915F058C149419FADD2CC9FC0707B270A1B5362BA4D249AFC8AC3DA1EFCA8270176EEACA525B49EE19E6",
5400 "048DAC7B0BE9B3206FCE8B24B6B4AEB122F2A67D13E536B390B6585CA193427E63F222388B5F51D744D6F5D47536D89EEEC89552BCB269E7828019C4410DFE980A");
5404 test_EC_KAT(const char *name
, const br_ec_impl
*impl
, uint32_t curve_mask
)
5407 printf("Test %s: ", name
);
5410 if (curve_mask
& ((uint32_t)1 << BR_EC_secp256r1
)) {
5412 "C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721",
5413 "0460FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB67903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299",
5414 impl
, BR_EC_secp256r1
);
5415 test_EC_P256_carry(impl
);
5417 if (curve_mask
& ((uint32_t)1 << BR_EC_secp384r1
)) {
5419 "6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5",
5420 "04EC3A4E415B4E19A4568618029F427FA5DA9A8BC4AE92E02E06AAE5286B300C64DEF8F0EA9055866064A254515480BC138015D9B72D7D57244EA8EF9AC0C621896708A59367F9DFB9F54CA84B3F1C9DB1288B231C3AE0D4FE7344FD2533264720",
5421 impl
, BR_EC_secp384r1
);
5423 if (curve_mask
& ((uint32_t)1 << BR_EC_secp521r1
)) {
5425 "00FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538",
5426 "0401894550D0785932E00EAA23B694F213F8C3121F86DC97A04E5A7167DB4E5BCD371123D46E45DB6B5D5370A7F20FB633155D38FFA16D2BD761DCAC474B9A2F5023A400493101C962CD4D2FDDF782285E64584139C2F91B47F87FF82354D6630F746A28A0DB25741B5B34A828008B22ACC23F924FAAFBD4D33F81EA66956DFEAA2BFDFCF5",
5427 impl
, BR_EC_secp521r1
);
5435 test_EC_prime_i15(void)
5437 test_EC_KAT("EC_prime_i15", &br_ec_prime_i15
,
5438 (uint32_t)1 << BR_EC_secp256r1
5439 | (uint32_t)1 << BR_EC_secp384r1
5440 | (uint32_t)1 << BR_EC_secp521r1
);
5444 test_EC_prime_i31(void)
5446 test_EC_KAT("EC_prime_i31", &br_ec_prime_i31
,
5447 (uint32_t)1 << BR_EC_secp256r1
5448 | (uint32_t)1 << BR_EC_secp384r1
5449 | (uint32_t)1 << BR_EC_secp521r1
);
5453 test_EC_p256_m15(void)
5455 test_EC_KAT("EC_p256_m15", &br_ec_p256_m15
,
5456 (uint32_t)1 << BR_EC_secp256r1
);
5460 test_EC_p256_m31(void)
5462 test_EC_KAT("EC_p256_m31", &br_ec_p256_m31
,
5463 (uint32_t)1 << BR_EC_secp256r1
);
5471 { "A546E36BF0527C9D3B16154B82465EDD62144C0AC1FC5A18506A2244BA449AC4",
5472 "E6DB6867583030DB3594C1A424B15F7C726624EC26B3353B10A903A6D0AB1C4C",
5473 "C3DA55379DE9C6908E94EA4DF28D084F32ECCF03491C71F754B4075577A28552" },
5474 { "4B66E9D4D1B4673C5AD22691957D6AF5C11B6421E0EA01D42CA4169E7918BA0D",
5475 "E5210F12786811D3F4B7959D0538AE2C31DBE7106FC03C3EFC4CD549C715A493",
5476 "95CBDE9476E8907D7AADE45CB4B873F88B595A68799FA152E6F8F7647AAC7957" },
5481 test_EC_c25519(const char *name
, const br_ec_impl
*iec
)
5483 unsigned char bu
[32], bk
[32], br
[32];
5487 printf("Test %s: ", name
);
5489 for (v
= 0; C25519_KAT
[v
].scalar
; v
++) {
5490 hextobin(bk
, C25519_KAT
[v
].scalar
);
5491 hextobin(bu
, C25519_KAT
[v
].u_in
);
5492 hextobin(br
, C25519_KAT
[v
].u_out
);
5493 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
5494 fprintf(stderr
, "Curve25519 multiplication failed\n");
5497 if (memcmp(bu
, br
, sizeof bu
) != 0) {
5498 fprintf(stderr
, "Curve25519 failed KAT\n");
5507 memset(bu
, 0, sizeof bu
);
5509 memcpy(bk
, bu
, sizeof bu
);
5510 for (i
= 1; i
<= 1000; i
++) {
5511 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
5512 fprintf(stderr
, "Curve25519 multiplication failed"
5516 for (v
= 0; v
< sizeof bu
; v
++) {
5523 if (i
== 1 || i
== 1000) {
5527 ? "422C8E7A6227D7BCA1350B3E2BB7279F7897B87BB6854B783C60E80311AE3079"
5528 : "684CF59BA83309552800EF566F2F4D3C1C3887C49360E3875F2EB94D99532C51";
5530 if (memcmp(bk
, br
, sizeof bk
) != 0) {
5532 "Curve25519 failed KAT (iter=%d)\n", i
);
5547 test_EC_c25519_i15(void)
5549 test_EC_c25519("EC_c25519_i15", &br_ec_c25519_i15
);
5553 test_EC_c25519_i31(void)
5555 test_EC_c25519("EC_c25519_i31", &br_ec_c25519_i31
);
5559 test_EC_c25519_m15(void)
5561 test_EC_c25519("EC_c25519_m15", &br_ec_c25519_m15
);
5565 test_EC_c25519_m31(void)
5567 test_EC_c25519("EC_c25519_m31", &br_ec_c25519_m31
);
5570 static const unsigned char EC_P256_PUB_POINT
[] = {
5571 0x04, 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D,
5572 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D,
5573 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA,
5574 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F,
5575 0xB6, 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC,
5576 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC,
5577 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F,
5578 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22,
5582 static const unsigned char EC_P256_PRIV_X
[] = {
5583 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16,
5584 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93,
5585 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12,
5586 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21
5589 static const br_ec_public_key EC_P256_PUB
= {
5591 (unsigned char *)EC_P256_PUB_POINT
, sizeof EC_P256_PUB_POINT
5594 static const br_ec_private_key EC_P256_PRIV
= {
5596 (unsigned char *)EC_P256_PRIV_X
, sizeof EC_P256_PRIV_X
5599 static const unsigned char EC_P384_PUB_POINT
[] = {
5600 0x04, 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19,
5601 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F,
5602 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0,
5603 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C,
5604 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86,
5605 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC,
5606 0x13, 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57,
5607 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21,
5608 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF,
5609 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D,
5610 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4,
5611 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47,
5615 static const unsigned char EC_P384_PRIV_X
[] = {
5616 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C,
5617 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D,
5618 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA,
5619 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8,
5620 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25,
5621 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5
5624 static const br_ec_public_key EC_P384_PUB
= {
5626 (unsigned char *)EC_P384_PUB_POINT
, sizeof EC_P384_PUB_POINT
5629 static const br_ec_private_key EC_P384_PRIV
= {
5631 (unsigned char *)EC_P384_PRIV_X
, sizeof EC_P384_PRIV_X
5634 static const unsigned char EC_P521_PUB_POINT
[] = {
5635 0x04, 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59,
5636 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2,
5637 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97,
5638 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B,
5639 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB,
5640 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6,
5641 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B,
5642 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F,
5643 0x50, 0x23, 0xA4, 0x00, 0x49, 0x31, 0x01, 0xC9,
5644 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28,
5645 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B,
5646 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63,
5647 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74,
5648 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22,
5649 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4,
5650 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE,
5651 0xAA, 0x2B, 0xFD, 0xFC, 0xF5
5654 static const unsigned char EC_P521_PRIV_X
[] = {
5655 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B,
5656 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57,
5657 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F,
5658 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75,
5659 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C,
5660 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC,
5661 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB,
5662 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8,
5666 static const br_ec_public_key EC_P521_PUB
= {
5668 (unsigned char *)EC_P521_PUB_POINT
, sizeof EC_P521_PUB_POINT
5671 static const br_ec_private_key EC_P521_PRIV
= {
5673 (unsigned char *)EC_P521_PRIV_X
, sizeof EC_P521_PRIV_X
5677 const br_ec_public_key
*pub
;
5678 const br_ec_private_key
*priv
;
5679 const br_hash_class
*hf
;
5686 const ecdsa_kat_vector ECDSA_KAT
[] = {
5688 /* Test vectors for P-256, from RFC 6979. */
5692 &br_sha1_vtable
, "sample",
5693 "882905F1227FD620FBF2ABF21244F0BA83D0DC3A9103DBBEE43A1FB858109DB4",
5694 "61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D326D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB",
5695 "3044022061340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D3202206D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
5700 &br_sha224_vtable
, "sample",
5701 "103F90EE9DC52E5E7FB5132B7033C63066D194321491862059967C715985D473",
5702 "53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3FB9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C",
5703 "3045022053B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F022100B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
5708 &br_sha256_vtable
, "sample",
5709 "A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60",
5710 "EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8",
5711 "3046022100EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716022100F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8"
5716 &br_sha384_vtable
, "sample",
5717 "09F634B188CEFD98E7EC88B1AA9852D734D0BC272F7D2A47DECC6EBEB375AAD4",
5718 "0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF77194861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954",
5719 "304402200EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF771902204861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954"
5724 &br_sha512_vtable
, "sample",
5725 "5FA81C63109BADB88C1F367B47DA606DA28CAD69AA22C4FE6AD7DF73A7173AA5",
5726 "8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F002362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE",
5727 "30450221008496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F0002202362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE"
5732 &br_sha1_vtable
, "test",
5733 "8C9520267C55D6B980DF741E56B4ADEE114D84FBFA2E62137954164028632A2E",
5734 "0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A8901B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1",
5735 "304402200CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89022001B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
5740 &br_sha224_vtable
, "test",
5741 "669F4426F2688B8BE0DB3A6BD1989BDAEFFF84B649EEB84F3DD26080F667FAA7",
5742 "C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D",
5743 "3046022100C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692022100C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
5748 &br_sha256_vtable
, "test",
5749 "D16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0",
5750 "F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083",
5751 "3045022100F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D383670220019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083"
5756 &br_sha384_vtable
, "test",
5757 "16AEFFA357260B04B1DD199693960740066C1A8F3E8EDD79070AA914D361B3B8",
5758 "83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB68DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C",
5759 "304602210083910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB60221008DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C"
5764 &br_sha512_vtable
, "test",
5765 "6915D11632ACA3C40D5D51C08DAF9C555933819548784480E93499000D9F0B7F",
5766 "461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A0439AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55",
5767 "30440220461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04022039AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55"
5770 /* Test vectors for P-384, from RFC 6979. */
5774 &br_sha1_vtable
, "sample",
5775 "4471EF7518BB2C7C20F62EAE1C387AD0C5E8E470995DB4ACF694466E6AB096630F29E5938D25106C3C340045A2DB01A7",
5776 "EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443",
5777 "3066023100EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2023100A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
5783 &br_sha224_vtable
, "sample",
5784 "A4E4D2F0E729EB786B31FC20AD5D849E304450E0AE8E3E341134A5C1AFA03CAB8083EE4E3C45B06A5899EA56C51B5879",
5785 "42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601229DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D",
5786 "3065023042356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601220231009DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
5791 &br_sha256_vtable
, "sample",
5792 "180AE9F9AEC5438A44BC159A1FCB277C7BE54FA20E7CF404B490650A8ACC414E375572342863C899F9F2EDF9747A9B60",
5793 "21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CDF3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0",
5794 "3065023021B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD023100F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0"
5799 &br_sha384_vtable
, "sample",
5800 "94ED910D1A099DAD3254E9242AE85ABDE4BA15168EAF0CA87A555FD56D10FBCA2907E3E83BA95368623B8C4686915CF9",
5801 "94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4699EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8",
5802 "306602310094EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4602310099EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8"
5807 &br_sha512_vtable
, "sample",
5808 "92FC3C7183A883E24216D1141F1A8976C5B0DD797DFA597E3D7B32198BD35331A4E966532593A52980D0E3AAA5E10EC3",
5809 "ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5",
5810 "3065023100ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD78824337090230512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5"
5815 &br_sha1_vtable
, "test",
5816 "66CC2C8F4D303FC962E5FF6A27BD79F84EC812DDAE58CF5243B64A4AD8094D47EC3727F3A3C186C15054492E30698497",
5817 "4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282",
5818 "306502304BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7023100D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
5823 &br_sha224_vtable
, "test",
5824 "18FA39DB95AA5F561F30FA3591DC59C0FA3653A80DAFFA0B48D1A4C6DFCBFF6E3D33BE4DC5EB8886A8ECD093F2935726",
5825 "E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E7207041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66",
5826 "3065023100E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72023007041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
5831 &br_sha256_vtable
, "test",
5832 "0CFAC37587532347DC3389FDC98286BBA8C73807285B184C83E62E26C401C0FAA48DD070BA79921A3457ABFF2D630AD7",
5833 "6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265",
5834 "306402306D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B02302D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265"
5839 &br_sha384_vtable
, "test",
5840 "015EE46A5BF88773ED9123A5AB0807962D193719503C527B031B4C2D225092ADA71F4A459BC0DA98ADB95837DB8312EA",
5841 "8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DBDDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5",
5842 "30660231008203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB023100DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5"
5847 &br_sha512_vtable
, "test",
5848 "3780C4F67CB15518B6ACAE34C9F83568D2E12E47DEAB6C50A4E4EE5319D1E8CE0E2CC8A136036DC4B9C00E6888F66B6C",
5849 "A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736",
5850 "3066023100A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277023100976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736"
5853 /* Test vectors for P-521, from RFC 6979. */
5857 &br_sha1_vtable
, "sample",
5858 "0089C071B419E1C2820962321787258469511958E80582E95D8378E0C2CCDB3CB42BEDE42F50E3FA3C71F5A76724281D31D9C89F0F91FC1BE4918DB1C03A5838D0F9",
5859 "00343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D00E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16",
5860 "3081870241343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D024200E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
5865 &br_sha224_vtable
, "sample",
5866 "0121415EC2CD7726330A61F7F3FA5DE14BE9436019C4DB8CB4041F3B54CF31BE0493EE3F427FB906393D895A19C9523F3A1D54BB8702BD4AA9C99DAB2597B92113F3",
5867 "01776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E0050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F",
5868 "308187024201776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E024150CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
5873 &br_sha256_vtable
, "sample",
5874 "00EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0",
5875 "01511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7004A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC",
5876 "308187024201511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A702414A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC"
5881 &br_sha384_vtable
, "sample",
5882 "01546A108BC23A15D6F21872F7DED661FA8431DDBD922D0DCDB77CC878C8553FFAD064C95A920A750AC9137E527390D2D92F153E66196966EA554D9ADFCB109C4211",
5883 "01EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C6745101F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61",
5884 "308188024201EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451024201F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61"
5889 &br_sha512_vtable
, "sample",
5890 "01DAE2EA071F8110DC26882D4D5EAE0621A3256FC8847FB9022E2B7D28E6F10198B1574FDD03A9053C08A1854A168AA5A57470EC97DD5CE090124EF52A2F7ECBFFD3",
5891 "00C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA00617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A",
5892 "308187024200C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA0241617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A"
5897 &br_sha1_vtable
, "test",
5898 "00BB9F2BF4FE1038CCF4DABD7139A56F6FD8BB1386561BD3C6A4FC818B20DF5DDBA80795A947107A1AB9D12DAA615B1ADE4F7A9DC05E8E6311150F47F5C57CE8B222",
5899 "013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D036701E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF",
5900 "3081880242013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367024201E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
5905 &br_sha224_vtable
, "test",
5906 "0040D09FCF3C8A5F62CF4FB223CBBB2B9937F6B0577C27020A99602C25A01136987E452988781484EDBBCF1C47E554E7FC901BC3085E5206D9F619CFF07E73D6F706",
5907 "01C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB0177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4",
5908 "308188024201C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB02420177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
5913 &br_sha256_vtable
, "test",
5914 "001DE74955EFAABC4C4F17F8E84D881D1310B5392D7700275F82F145C61E843841AF09035BF7A6210F5A431A6A9E81C9323354A9E69135D44EBD2FCAA7731B909258",
5915 "000E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA800CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86",
5916 "30818702410E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8024200CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86"
5921 &br_sha384_vtable
, "test",
5922 "01F1FC4A349A7DA9A9E116BFDD055DC08E78252FF8E23AC276AC88B1770AE0B5DCEB1ED14A4916B769A523CE1E90BA22846AF11DF8B300C38818F713DADD85DE0C88",
5923 "014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C0133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979",
5924 "3081880242014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C02420133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979"
5929 &br_sha512_vtable
, "test",
5930 "016200813020EC986863BEDFC1B121F605C1215645018AEA1A7B215A564DE9EB1B38A67AA1128B80CE391C4FB71187654AAA3431027BFC7F395766CA988C964DC56D",
5931 "013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D01FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3",
5932 "3081880242013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D024201FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
5935 /* Terminator for list of test vectors. */
5942 test_ECDSA_KAT(const br_ec_impl
*iec
,
5943 br_ecdsa_sign sign
, br_ecdsa_vrfy vrfy
, int asn1
)
5947 for (u
= 0;; u
++) {
5948 const ecdsa_kat_vector
*kv
;
5949 unsigned char hash
[64];
5951 unsigned char sig
[150], sig2
[150];
5952 size_t sig_len
, sig2_len
;
5953 br_hash_compat_context hc
;
5959 kv
->hf
->init(&hc
.vtable
);
5960 kv
->hf
->update(&hc
.vtable
, kv
->msg
, strlen(kv
->msg
));
5961 kv
->hf
->out(&hc
.vtable
, hash
);
5962 hash_len
= (kv
->hf
->desc
>> BR_HASHDESC_OUT_OFF
)
5963 & BR_HASHDESC_OUT_MASK
;
5965 sig_len
= hextobin(sig
, kv
->sasn1
);
5967 sig_len
= hextobin(sig
, kv
->sraw
);
5970 if (vrfy(iec
, hash
, hash_len
,
5971 kv
->pub
, sig
, sig_len
) != 1)
5973 fprintf(stderr
, "ECDSA KAT verify failed (1)\n");
5977 if (vrfy(iec
, hash
, hash_len
,
5978 kv
->pub
, sig
, sig_len
) != 0)
5980 fprintf(stderr
, "ECDSA KAT verify shoud have failed\n");
5984 if (vrfy(iec
, hash
, hash_len
,
5985 kv
->pub
, sig
, sig_len
) != 1)
5987 fprintf(stderr
, "ECDSA KAT verify failed (2)\n");
5991 sig2_len
= sign(iec
, kv
->hf
, hash
, kv
->priv
, sig2
);
5992 if (sig2_len
== 0) {
5993 fprintf(stderr
, "ECDSA KAT sign failed\n");
5996 if (sig2_len
!= sig_len
|| memcmp(sig
, sig2
, sig_len
) != 0) {
5997 fprintf(stderr
, "ECDSA KAT wrong signature value\n");
6007 test_ECDSA_i31(void)
6009 printf("Test ECDSA/i31: ");
6013 test_ECDSA_KAT(&br_ec_prime_i31
,
6014 &br_ecdsa_i31_sign_raw
, &br_ecdsa_i31_vrfy_raw
, 0);
6017 test_ECDSA_KAT(&br_ec_prime_i31
,
6018 &br_ecdsa_i31_sign_asn1
, &br_ecdsa_i31_vrfy_asn1
, 1);
6024 test_ECDSA_i15(void)
6026 printf("Test ECDSA/i15: ");
6030 test_ECDSA_KAT(&br_ec_prime_i15
,
6031 &br_ecdsa_i15_sign_raw
, &br_ecdsa_i15_vrfy_raw
, 0);
6034 test_ECDSA_KAT(&br_ec_prime_i31
,
6035 &br_ecdsa_i15_sign_asn1
, &br_ecdsa_i15_vrfy_asn1
, 1);
6041 test_modpow_i31(void)
6043 br_hmac_drbg_context hc
;
6046 printf("Test ModPow/i31: ");
6048 br_hmac_drbg_init(&hc
, &br_sha256_vtable
, "seed modpow", 11);
6049 for (k
= 10; k
<= 500; k
++) {
6051 unsigned char bm
[128], bx
[128], bx1
[128], bx2
[128];
6052 unsigned char be
[128];
6054 uint32_t x1
[35], m1
[35];
6055 uint16_t x2
[70], m2
[70];
6056 uint32_t tmp1
[1000];
6057 uint16_t tmp2
[2000];
6059 blen
= (k
+ 7) >> 3;
6060 br_hmac_drbg_generate(&hc
, bm
, blen
);
6061 br_hmac_drbg_generate(&hc
, bx
, blen
);
6062 br_hmac_drbg_generate(&hc
, be
, blen
);
6063 bm
[blen
- 1] |= 0x01;
6064 mask
= 0xFF >> ((int)(blen
<< 3) - k
);
6066 bm
[0] |= (mask
- (mask
>> 1));
6067 bx
[0] &= (mask
>> 1);
6069 br_i31_decode(m1
, bm
, blen
);
6070 br_i31_decode_mod(x1
, bx
, blen
, m1
);
6071 br_i31_modpow_opt(x1
, be
, blen
, m1
, br_i31_ninv31(m1
[1]),
6072 tmp1
, (sizeof tmp1
) / (sizeof tmp1
[0]));
6073 br_i31_encode(bx1
, blen
, x1
);
6075 br_i15_decode(m2
, bm
, blen
);
6076 br_i15_decode_mod(x2
, bx
, blen
, m2
);
6077 br_i15_modpow_opt(x2
, be
, blen
, m2
, br_i15_ninv15(m2
[1]),
6078 tmp2
, (sizeof tmp2
) / (sizeof tmp2
[0]));
6079 br_i15_encode(bx2
, blen
, x2
);
6081 check_equals("ModPow i31/i15", bx1
, bx2
, blen
);
6092 test_modpow_i62(void)
6094 br_hmac_drbg_context hc
;
6097 printf("Test ModPow/i62: ");
6099 br_hmac_drbg_init(&hc
, &br_sha256_vtable
, "seed modpow", 11);
6100 for (k
= 10; k
<= 500; k
++) {
6102 unsigned char bm
[128], bx
[128], bx1
[128], bx2
[128];
6103 unsigned char be
[128];
6105 uint32_t x1
[35], m1
[35];
6106 uint16_t x2
[70], m2
[70];
6108 uint16_t tmp2
[2000];
6110 blen
= (k
+ 7) >> 3;
6111 br_hmac_drbg_generate(&hc
, bm
, blen
);
6112 br_hmac_drbg_generate(&hc
, bx
, blen
);
6113 br_hmac_drbg_generate(&hc
, be
, blen
);
6114 bm
[blen
- 1] |= 0x01;
6115 mask
= 0xFF >> ((int)(blen
<< 3) - k
);
6117 bm
[0] |= (mask
- (mask
>> 1));
6118 bx
[0] &= (mask
>> 1);
6120 br_i31_decode(m1
, bm
, blen
);
6121 br_i31_decode_mod(x1
, bx
, blen
, m1
);
6122 br_i62_modpow_opt(x1
, be
, blen
, m1
, br_i31_ninv31(m1
[1]),
6123 tmp1
, (sizeof tmp1
) / (sizeof tmp1
[0]));
6124 br_i31_encode(bx1
, blen
, x1
);
6126 br_i15_decode(m2
, bm
, blen
);
6127 br_i15_decode_mod(x2
, bx
, blen
, m2
);
6128 br_i15_modpow_opt(x2
, be
, blen
, m2
, br_i15_ninv15(m2
[1]),
6129 tmp2
, (sizeof tmp2
) / (sizeof tmp2
[0]));
6130 br_i15_encode(bx2
, blen
, x2
);
6132 check_equals("ModPow i62/i15", bx1
, bx2
, blen
);
6143 eq_name(const char *s1
, const char *s2
)
6150 if (c1
>= 'A' && c1
<= 'Z') {
6154 case '-': case '_': case '.': case ' ':
6162 if (c2
>= 'A' && c2
<= 'Z') {
6166 case '-': case '_': case '.': case ' ':
6181 #define STU(x) { &test_ ## x, #x }
6183 static const struct {
6208 STU(Poly1305_ctmul
),
6209 STU(Poly1305_ctmul32
),
6210 STU(Poly1305_ctmulq
),
6238 main(int argc
, char *argv
[])
6243 printf("usage: testcrypto all | name...\n");
6244 printf("individual test names:\n");
6245 for (u
= 0; tfns
[u
].name
; u
++) {
6246 printf(" %s\n", tfns
[u
].name
);
6249 for (u
= 0; tfns
[u
].name
; u
++) {
6252 for (i
= 1; i
< argc
; i
++) {
6253 if (eq_name(argv
[i
], tfns
[u
].name
)
6254 || eq_name(argv
[i
], "all"))