2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32 * Decode an hexadecimal string. Returned value is the number of decoded
36 hextobin(unsigned char *dst
, const char *src
)
47 if (c
>= '0' && c
<= '9') {
49 } else if (c
>= 'A' && c
<= 'F') {
51 } else if (c
>= 'a' && c
<= 'f') {
57 *dst
++ = (acc
<< 4) + c
;
68 check_equals(const char *banner
, const void *v1
, const void *v2
, size_t len
)
71 const unsigned char *b
;
73 if (memcmp(v1
, v2
, len
) == 0) {
76 fprintf(stderr
, "\n%s failed\n", banner
);
77 fprintf(stderr
, "v1: ");
78 for (u
= 0, b
= v1
; u
< len
; u
++) {
79 fprintf(stderr
, "%02X", b
[u
]);
81 fprintf(stderr
, "\nv2: ");
82 for (u
= 0, b
= v2
; u
< len
; u
++) {
83 fprintf(stderr
, "%02X", b
[u
]);
85 fprintf(stderr
, "\n");
89 #define HASH_SIZE(cname) br_ ## cname ## _SIZE
91 #define TEST_HASH(Name, cname) \
93 test_ ## cname ## _internal(char *data, char *refres) \
95 br_ ## cname ## _context mc; \
96 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
99 hextobin(ref, refres); \
101 br_ ## cname ## _init(&mc); \
102 br_ ## cname ## _update(&mc, data, n); \
103 br_ ## cname ## _out(&mc, res); \
104 check_equals("KAT " #Name " 1", res, ref, HASH_SIZE(cname)); \
105 br_ ## cname ## _init(&mc); \
106 for (u = 0; u < n; u ++) { \
107 br_ ## cname ## _update(&mc, data + u, 1); \
109 br_ ## cname ## _out(&mc, res); \
110 check_equals("KAT " #Name " 2", res, ref, HASH_SIZE(cname)); \
111 for (u = 0; u < n; u ++) { \
112 br_ ## cname ## _context mc2; \
113 br_ ## cname ## _init(&mc); \
114 br_ ## cname ## _update(&mc, data, u); \
116 br_ ## cname ## _update(&mc, data + u, n - u); \
117 br_ ## cname ## _out(&mc, res); \
118 check_equals("KAT " #Name " 3", res, ref, HASH_SIZE(cname)); \
119 br_ ## cname ## _update(&mc2, data + u, n - u); \
120 br_ ## cname ## _out(&mc2, res); \
121 check_equals("KAT " #Name " 4", res, ref, HASH_SIZE(cname)); \
123 memset(&mc, 0, sizeof mc); \
124 memset(res, 0, sizeof res); \
125 br_ ## cname ## _vtable.init(&mc.vtable); \
126 mc.vtable->update(&mc.vtable, data, n); \
127 mc.vtable->out(&mc.vtable, res); \
128 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
129 memset(res, 0, sizeof res); \
130 mc.vtable->init(&mc.vtable); \
131 mc.vtable->update(&mc.vtable, data, n); \
132 mc.vtable->out(&mc.vtable, res); \
133 check_equals("KAT " #Name " 6", res, ref, HASH_SIZE(cname)); \
136 #define KAT_MILLION_A(Name, cname, refres) do { \
137 br_ ## cname ## _context mc; \
138 unsigned char buf[1000]; \
139 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
142 hextobin(ref, refres); \
143 memset(buf, 'a', sizeof buf); \
144 br_ ## cname ## _init(&mc); \
145 for (i = 0; i < 1000; i ++) { \
146 br_ ## cname ## _update(&mc, buf, sizeof buf); \
148 br_ ## cname ## _out(&mc, res); \
149 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
153 TEST_HASH(SHA
-1, sha1
)
154 TEST_HASH(SHA
-224, sha224
)
155 TEST_HASH(SHA
-256, sha256
)
156 TEST_HASH(SHA
-384, sha384
)
157 TEST_HASH(SHA
-512, sha512
)
162 printf("Test MD5: ");
164 test_md5_internal("", "d41d8cd98f00b204e9800998ecf8427e");
165 test_md5_internal("a", "0cc175b9c0f1b6a831c399e269772661");
166 test_md5_internal("abc", "900150983cd24fb0d6963f7d28e17f72");
167 test_md5_internal("message digest", "f96b697d7cb7938d525a2f31aaf161d0");
168 test_md5_internal("abcdefghijklmnopqrstuvwxyz",
169 "c3fcd3d76192e4007dfb496cca67e13b");
170 test_md5_internal("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstu"
171 "vwxyz0123456789", "d174ab98d277d9f5a5611c2c9f419d9f");
172 test_md5_internal("1234567890123456789012345678901234567890123456789"
173 "0123456789012345678901234567890",
174 "57edf4a22be3c955ac49da2e2107b67a");
175 KAT_MILLION_A(MD5
, md5
,
176 "7707d6ae4e027c70eea2a935c2296f21");
184 printf("Test SHA-1: ");
186 test_sha1_internal("abc", "a9993e364706816aba3e25717850c26c9cd0d89d");
187 test_sha1_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
188 "nomnopnopq", "84983e441c3bd26ebaae4aa1f95129e5e54670f1");
190 KAT_MILLION_A(SHA
-1, sha1
,
191 "34aa973cd4c4daa4f61eeb2bdbad27316534016f");
199 printf("Test SHA-224: ");
201 test_sha224_internal("abc",
202 "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7");
203 test_sha224_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
205 "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525");
207 KAT_MILLION_A(SHA
-224, sha224
,
208 "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67");
216 printf("Test SHA-256: ");
218 test_sha256_internal("abc",
219 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
220 test_sha256_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
222 "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1");
224 KAT_MILLION_A(SHA
-256, sha256
,
225 "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0");
233 printf("Test SHA-384: ");
235 test_sha384_internal("abc",
236 "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded163"
237 "1a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7");
238 test_sha384_internal(
239 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
240 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
241 "09330c33f71147e83d192fc782cd1b4753111b173b3b05d2"
242 "2fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039");
244 KAT_MILLION_A(SHA
-384, sha384
,
245 "9d0e1809716474cb086e834e310a4a1ced149e9c00f24852"
246 "7972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985");
254 printf("Test SHA-512: ");
256 test_sha512_internal("abc",
257 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
258 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
259 test_sha512_internal(
260 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
261 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
262 "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
263 "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909");
265 KAT_MILLION_A(SHA
-512, sha512
,
266 "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973eb"
267 "de0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b");
275 unsigned char buf
[500], out
[36], outM
[16], outS
[20];
276 unsigned char seed
[1];
277 br_hmac_drbg_context rc
;
280 br_md5sha1_context cc
;
283 printf("Test MD5+SHA-1: ");
287 br_hmac_drbg_init(&rc
, &br_sha256_vtable
, seed
, sizeof seed
);
288 for (u
= 0; u
< sizeof buf
; u
++) {
291 br_hmac_drbg_generate(&rc
, buf
, u
);
293 br_md5_update(&mc
, buf
, u
);
294 br_md5_out(&mc
, outM
);
296 br_sha1_update(&sc
, buf
, u
);
297 br_sha1_out(&sc
, outS
);
298 br_md5sha1_init(&cc
);
299 br_md5sha1_update(&cc
, buf
, u
);
300 br_md5sha1_out(&cc
, out
);
301 check_equals("MD5+SHA-1 [1]", out
, outM
, 16);
302 check_equals("MD5+SHA-1 [2]", out
+ 16, outS
, 20);
303 br_md5sha1_init(&cc
);
304 for (v
= 0; v
< u
; v
++) {
305 br_md5sha1_update(&cc
, buf
+ v
, 1);
307 br_md5sha1_out(&cc
, out
);
308 check_equals("MD5+SHA-1 [3]", out
, outM
, 16);
309 check_equals("MD5+SHA-1 [4]", out
+ 16, outS
, 20);
317 * Compute a hash function, on some data, by ID. Returned value is
318 * hash output length.
321 do_hash(int id
, const void *data
, size_t len
, void *out
)
324 br_sha1_context csha1
;
325 br_sha224_context csha224
;
326 br_sha256_context csha256
;
327 br_sha384_context csha384
;
328 br_sha512_context csha512
;
333 br_md5_update(&cmd5
, data
, len
);
334 br_md5_out(&cmd5
, out
);
337 br_sha1_init(&csha1
);
338 br_sha1_update(&csha1
, data
, len
);
339 br_sha1_out(&csha1
, out
);
342 br_sha224_init(&csha224
);
343 br_sha224_update(&csha224
, data
, len
);
344 br_sha224_out(&csha224
, out
);
347 br_sha256_init(&csha256
);
348 br_sha256_update(&csha256
, data
, len
);
349 br_sha256_out(&csha256
, out
);
352 br_sha384_init(&csha384
);
353 br_sha384_update(&csha384
, data
, len
);
354 br_sha384_out(&csha384
, out
);
357 br_sha512_init(&csha512
);
358 br_sha512_update(&csha512
, data
, len
);
359 br_sha512_out(&csha512
, out
);
362 fprintf(stderr
, "Uknown hash function: %d\n", id
);
369 * Tests for a multihash. Returned value should be 258 multiplied by the
370 * number of hash functions implemented by the context.
373 test_multihash_inner(br_multihash_context
*mc
)
376 * Try hashing messages for all lengths from 0 to 257 bytes
377 * (inclusive). Each attempt is done twice, with data input
378 * either in one go, or byte by byte. In the byte by byte
379 * test, intermediate result are obtained and checked.
382 unsigned char buf
[258];
387 for (len
= 0; len
< sizeof buf
; len
++) {
389 unsigned char tmp
[20];
392 br_sha1_update(&sc
, buf
, len
);
393 br_sha1_out(&sc
, tmp
);
396 for (len
= 0; len
<= 257; len
++) {
399 br_multihash_init(mc
);
400 br_multihash_update(mc
, buf
, len
);
401 for (i
= 1; i
<= 6; i
++) {
402 unsigned char tmp
[64], tmp2
[64];
405 olen
= br_multihash_out(mc
, i
, tmp
);
409 olen2
= do_hash(i
, buf
, len
, tmp2
);
412 "Bad hash output length: %u / %u\n",
413 (unsigned)olen
, (unsigned)olen2
);
416 check_equals("Hash output", tmp
, tmp2
, olen
);
420 br_multihash_init(mc
);
421 for (u
= 0; u
< len
; u
++) {
422 br_multihash_update(mc
, buf
+ u
, 1);
423 for (i
= 1; i
<= 6; i
++) {
424 unsigned char tmp
[64], tmp2
[64];
427 olen
= br_multihash_out(mc
, i
, tmp
);
431 olen2
= do_hash(i
, buf
, u
+ 1, tmp2
);
433 fprintf(stderr
, "Bad hash output"
434 " length: %u / %u\n",
439 check_equals("Hash output", tmp
, tmp2
, olen
);
449 br_multihash_context mc
;
451 printf("Test MultiHash: ");
454 br_multihash_zero(&mc
);
455 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
456 if (test_multihash_inner(&mc
) != 258) {
457 fprintf(stderr
, "Failed test count\n");
462 br_multihash_zero(&mc
);
463 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
464 if (test_multihash_inner(&mc
) != 258) {
465 fprintf(stderr
, "Failed test count\n");
470 br_multihash_zero(&mc
);
471 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
472 if (test_multihash_inner(&mc
) != 258) {
473 fprintf(stderr
, "Failed test count\n");
478 br_multihash_zero(&mc
);
479 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
480 if (test_multihash_inner(&mc
) != 258) {
481 fprintf(stderr
, "Failed test count\n");
486 br_multihash_zero(&mc
);
487 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
488 if (test_multihash_inner(&mc
) != 258) {
489 fprintf(stderr
, "Failed test count\n");
494 br_multihash_zero(&mc
);
495 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
496 if (test_multihash_inner(&mc
) != 258) {
497 fprintf(stderr
, "Failed test count\n");
502 br_multihash_zero(&mc
);
503 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
504 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
505 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
506 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
507 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
508 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
509 if (test_multihash_inner(&mc
) != 258 * 6) {
510 fprintf(stderr
, "Failed test count\n");
520 do_KAT_HMAC_bin_bin(const br_hash_class
*digest_class
,
521 const void *key
, size_t key_len
,
522 const void *data
, size_t data_len
, const char *href
)
524 br_hmac_key_context kc
;
526 unsigned char tmp
[64], ref
[64];
529 len
= hextobin(ref
, href
);
530 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
531 br_hmac_init(&ctx
, &kc
, 0);
532 br_hmac_update(&ctx
, data
, data_len
);
533 br_hmac_out(&ctx
, tmp
);
534 check_equals("KAT HMAC 1", tmp
, ref
, len
);
536 br_hmac_init(&ctx
, &kc
, 0);
537 for (u
= 0; u
< data_len
; u
++) {
538 br_hmac_update(&ctx
, (const unsigned char *)data
+ u
, 1);
540 br_hmac_out(&ctx
, tmp
);
541 check_equals("KAT HMAC 2", tmp
, ref
, len
);
543 for (u
= 0; u
< data_len
; u
++) {
544 br_hmac_init(&ctx
, &kc
, 0);
545 br_hmac_update(&ctx
, data
, u
);
546 br_hmac_out(&ctx
, tmp
);
548 (const unsigned char *)data
+ u
, data_len
- u
);
549 br_hmac_out(&ctx
, tmp
);
550 check_equals("KAT HMAC 3", tmp
, ref
, len
);
555 do_KAT_HMAC_str_str(const br_hash_class
*digest_class
, const char *key
,
556 const char *data
, const char *href
)
558 do_KAT_HMAC_bin_bin(digest_class
, key
, strlen(key
),
559 data
, strlen(data
), href
);
563 do_KAT_HMAC_hex_hex(const br_hash_class
*digest_class
, const char *skey
,
564 const char *sdata
, const char *href
)
566 unsigned char key
[1024];
567 unsigned char data
[1024];
569 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
570 data
, hextobin(data
, sdata
), href
);
574 do_KAT_HMAC_hex_str(const br_hash_class
*digest_class
,
575 const char *skey
, const char *data
, const char *href
)
577 unsigned char key
[1024];
579 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
580 data
, strlen(data
), href
);
584 test_HMAC_CT(const br_hash_class
*digest_class
,
585 const void *key
, size_t key_len
, const void *data
)
587 br_hmac_key_context kc
;
588 br_hmac_context hc1
, hc2
;
589 unsigned char buf1
[64], buf2
[64];
592 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
594 for (u
= 0; u
< 2; u
++) {
595 for (v
= 0; v
< 130; v
++) {
596 size_t min_len
, max_len
;
601 for (w
= min_len
; w
<= max_len
; w
++) {
605 br_hmac_init(&hc1
, &kc
, 0);
606 br_hmac_update(&hc1
, data
, u
+ w
);
607 hlen1
= br_hmac_out(&hc1
, buf1
);
608 br_hmac_init(&hc2
, &kc
, 0);
609 br_hmac_update(&hc2
, data
, u
);
610 hlen2
= br_hmac_outCT(&hc2
,
611 (const unsigned char *)data
+ u
, w
,
612 min_len
, max_len
, buf2
);
613 if (hlen1
!= hlen2
) {
614 fprintf(stderr
, "HMAC length mismatch:"
615 " %u / %u\n", (unsigned)hlen1
,
619 sprintf(tmp
, "HMAC CT %u,%u,%u",
620 (unsigned)u
, (unsigned)v
, (unsigned)w
);
621 check_equals(tmp
, buf1
, buf2
, hlen1
);
634 unsigned char data
[1000];
637 const char key
[] = "test HMAC key";
639 printf("Test HMAC: ");
641 do_KAT_HMAC_hex_str(&br_md5_vtable
,
642 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
644 "9294727a3638bb1c13f48ef8158bfc9d");
645 do_KAT_HMAC_str_str(&br_md5_vtable
,
647 "what do ya want for nothing?",
648 "750c783e6ab0b503eaa86e310a5db738");
649 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
650 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
651 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
652 "56be34521d144c88dbb8c733f0e8b3f6");
653 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
654 "0102030405060708090a0b0c0d0e0f10111213141516171819",
655 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
656 "697eaf0aca3a3aea3a75164746ffaa79");
657 do_KAT_HMAC_hex_str(&br_md5_vtable
,
658 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
659 "Test With Truncation",
660 "56461ef2342edc00f9bab995690efd4c");
661 do_KAT_HMAC_hex_str(&br_md5_vtable
,
662 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
663 "Test Using Larger Than Block-Size Key - Hash Key First",
664 "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd");
665 do_KAT_HMAC_hex_str(&br_md5_vtable
,
666 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
667 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
668 "6f630fad67cda0ee1fb1f562db3aa53e");
670 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
671 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
673 "b617318655057264e28bc0b6fb378c8ef146be00");
674 do_KAT_HMAC_str_str(&br_sha1_vtable
,
676 "what do ya want for nothing?",
677 "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79");
678 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
679 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
680 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
681 "125d7342b9ac11cd91a39af48aa17b4f63f175d3");
682 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
683 "0102030405060708090a0b0c0d0e0f10111213141516171819",
684 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
685 "4c9007f4026250c6bc8414f9bf50c86c2d7235da");
686 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
687 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
688 "Test With Truncation",
689 "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04");
690 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
691 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
692 "Test Using Larger Than Block-Size Key - Hash Key First",
693 "aa4ae5e15272d00e95705637ce8a3b55ed402112");
694 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
695 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
696 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
697 "e8e99d0f45237d786d6bbaa7965c7808bbff1a91");
701 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
702 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
704 "896fb1128abbdf196832107cd49df33f"
705 "47b4b1169912ba4f53684b22");
707 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
708 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
710 "b0344c61d8db38535ca8afceaf0bf12b"
711 "881dc200c9833da726e9376c2e32cff7");
713 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
714 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
716 "afd03944d84895626b0825f4ab46907f"
717 "15f9dadbe4101ec682aa034c7cebc59c"
718 "faea9ea9076ede7f4af152e8b2fa9cb6");
720 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
721 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
723 "87aa7cdea5ef619d4ff0b4241a1d6cb0"
724 "2379f4e2ce4ec2787ad0b30545e17cde"
725 "daa833b7d6b8a702038b274eaea3f4e4"
726 "be9d914eeb61f1702e696c203a126854");
728 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
730 "7768617420646f2079612077616e7420"
731 "666f72206e6f7468696e673f",
732 "a30e01098bc6dbbf45690f3a7e9e6d0f"
733 "8bbea2a39e6148008fd05e44");
735 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
737 "7768617420646f2079612077616e7420"
738 "666f72206e6f7468696e673f",
739 "5bdcc146bf60754e6a042426089575c7"
740 "5a003f089d2739839dec58b964ec3843");
742 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
744 "7768617420646f2079612077616e7420"
745 "666f72206e6f7468696e673f",
746 "af45d2e376484031617f78d2b58a6b1b"
747 "9c7ef464f5a01b47e42ec3736322445e"
748 "8e2240ca5e69e2c78b3239ecfab21649");
750 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
752 "7768617420646f2079612077616e7420"
753 "666f72206e6f7468696e673f",
754 "164b7a7bfcf819e2e395fbe73b56e0a3"
755 "87bd64222e831fd610270cd7ea250554"
756 "9758bf75c05a994a6d034f65f8f0e6fd"
757 "caeab1a34d4a6b4b636e070a38bce737");
759 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
760 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
762 "dddddddddddddddddddddddddddddddd"
763 "dddddddddddddddddddddddddddddddd"
764 "dddddddddddddddddddddddddddddddd"
766 "7fb3cb3588c6c1f6ffa9694d7d6ad264"
767 "9365b0c1f65d69d1ec8333ea");
769 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
770 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
772 "dddddddddddddddddddddddddddddddd"
773 "dddddddddddddddddddddddddddddddd"
774 "dddddddddddddddddddddddddddddddd"
776 "773ea91e36800e46854db8ebd09181a7"
777 "2959098b3ef8c122d9635514ced565fe");
779 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
780 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
782 "dddddddddddddddddddddddddddddddd"
783 "dddddddddddddddddddddddddddddddd"
784 "dddddddddddddddddddddddddddddddd"
786 "88062608d3e6ad8a0aa2ace014c8a86f"
787 "0aa635d947ac9febe83ef4e55966144b"
788 "2a5ab39dc13814b94e3ab6e101a34f27");
790 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
791 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
793 "dddddddddddddddddddddddddddddddd"
794 "dddddddddddddddddddddddddddddddd"
795 "dddddddddddddddddddddddddddddddd"
797 "fa73b0089d56a284efb0f0756c890be9"
798 "b1b5dbdd8ee81a3655f83e33b2279d39"
799 "bf3e848279a722c806b485a47e67c807"
800 "b946a337bee8942674278859e13292fb");
802 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
803 "0102030405060708090a0b0c0d0e0f10"
804 "111213141516171819",
805 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
806 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
807 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
809 "6c11506874013cac6a2abc1bb382627c"
810 "ec6a90d86efc012de7afec5a");
812 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
813 "0102030405060708090a0b0c0d0e0f10"
814 "111213141516171819",
815 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
816 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
817 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
819 "82558a389a443c0ea4cc819899f2083a"
820 "85f0faa3e578f8077a2e3ff46729665b");
822 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
823 "0102030405060708090a0b0c0d0e0f10"
824 "111213141516171819",
825 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
826 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
827 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
829 "3e8a69b7783c25851933ab6290af6ca7"
830 "7a9981480850009cc5577c6e1f573b4e"
831 "6801dd23c4a7d679ccf8a386c674cffb");
833 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
834 "0102030405060708090a0b0c0d0e0f10"
835 "111213141516171819",
836 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
837 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
838 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
840 "b0ba465637458c6990e5a8c5f61d4af7"
841 "e576d97ff94b872de76f8050361ee3db"
842 "a91ca5c11aa25eb4d679275cc5788063"
843 "a5f19741120c4f2de2adebeb10a298dd");
845 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
846 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
847 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
848 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
849 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
850 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
851 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
852 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
853 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
855 "54657374205573696e67204c61726765"
856 "72205468616e20426c6f636b2d53697a"
857 "65204b6579202d2048617368204b6579"
859 "95e9a0db962095adaebe9b2d6f0dbce2"
860 "d499f112f2d2b7273fa6870e");
862 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
863 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
864 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
865 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
866 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
867 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
868 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
869 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
870 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
872 "54657374205573696e67204c61726765"
873 "72205468616e20426c6f636b2d53697a"
874 "65204b6579202d2048617368204b6579"
876 "60e431591ee0b67f0d8a26aacbf5b77f"
877 "8e0bc6213728c5140546040f0ee37f54");
879 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
880 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
881 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
882 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
883 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
884 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
885 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
886 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
887 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
889 "54657374205573696e67204c61726765"
890 "72205468616e20426c6f636b2d53697a"
891 "65204b6579202d2048617368204b6579"
893 "4ece084485813e9088d2c63a041bc5b4"
894 "4f9ef1012a2b588f3cd11f05033ac4c6"
895 "0c2ef6ab4030fe8296248df163f44952");
897 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
898 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
899 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
900 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
901 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
902 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
903 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
904 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
905 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
907 "54657374205573696e67204c61726765"
908 "72205468616e20426c6f636b2d53697a"
909 "65204b6579202d2048617368204b6579"
911 "80b24263c7c1a3ebb71493c1dd7be8b4"
912 "9b46d1f41b4aeec1121b013783f8f352"
913 "6b56d037e05f2598bd0fd2215d6a1e52"
914 "95e64f73f63f0aec8b915a985d786598");
916 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
917 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
918 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
919 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
920 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
921 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
922 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
923 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
924 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
926 "54686973206973206120746573742075"
927 "73696e672061206c6172676572207468"
928 "616e20626c6f636b2d73697a65206b65"
929 "7920616e642061206c61726765722074"
930 "68616e20626c6f636b2d73697a652064"
931 "6174612e20546865206b6579206e6565"
932 "647320746f2062652068617368656420"
933 "6265666f7265206265696e6720757365"
934 "642062792074686520484d414320616c"
936 "3a854166ac5d9f023f54d517d0b39dbd"
937 "946770db9c2b95c9f6f565d1");
939 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
940 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
941 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
942 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
943 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
944 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
945 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
946 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
947 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
949 "54686973206973206120746573742075"
950 "73696e672061206c6172676572207468"
951 "616e20626c6f636b2d73697a65206b65"
952 "7920616e642061206c61726765722074"
953 "68616e20626c6f636b2d73697a652064"
954 "6174612e20546865206b6579206e6565"
955 "647320746f2062652068617368656420"
956 "6265666f7265206265696e6720757365"
957 "642062792074686520484d414320616c"
959 "9b09ffa71b942fcb27635fbcd5b0e944"
960 "bfdc63644f0713938a7f51535c3a35e2");
962 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
963 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
964 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
965 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
966 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
967 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
968 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
969 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
970 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
972 "54686973206973206120746573742075"
973 "73696e672061206c6172676572207468"
974 "616e20626c6f636b2d73697a65206b65"
975 "7920616e642061206c61726765722074"
976 "68616e20626c6f636b2d73697a652064"
977 "6174612e20546865206b6579206e6565"
978 "647320746f2062652068617368656420"
979 "6265666f7265206265696e6720757365"
980 "642062792074686520484d414320616c"
982 "6617178e941f020d351e2f254e8fd32c"
983 "602420feb0b8fb9adccebb82461e99c5"
984 "a678cc31e799176d3860e6110c46523e");
986 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
987 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
988 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
989 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
990 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
991 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
992 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
993 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
994 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
996 "54686973206973206120746573742075"
997 "73696e672061206c6172676572207468"
998 "616e20626c6f636b2d73697a65206b65"
999 "7920616e642061206c61726765722074"
1000 "68616e20626c6f636b2d73697a652064"
1001 "6174612e20546865206b6579206e6565"
1002 "647320746f2062652068617368656420"
1003 "6265666f7265206265696e6720757365"
1004 "642062792074686520484d414320616c"
1006 "e37b6a775dc87dbaa4dfa9f96e5e3ffd"
1007 "debd71f8867289865df5a32d20cdc944"
1008 "b6022cac3c4982b10d5eeb55c3e4de15"
1009 "134676fb6de0446065c97440fa8c6a58");
1011 for (x
= 1, u
= 0; u
< sizeof data
; u
++) {
1016 test_HMAC_CT(&br_md5_vtable
, key
, sizeof key
, data
);
1018 test_HMAC_CT(&br_sha1_vtable
, key
, sizeof key
, data
);
1019 printf("(SHA-224) ");
1020 test_HMAC_CT(&br_sha224_vtable
, key
, sizeof key
, data
);
1021 printf("(SHA-256) ");
1022 test_HMAC_CT(&br_sha256_vtable
, key
, sizeof key
, data
);
1023 printf("(SHA-384) ");
1024 test_HMAC_CT(&br_sha384_vtable
, key
, sizeof key
, data
);
1025 printf("(SHA-512) ");
1026 test_HMAC_CT(&br_sha512_vtable
, key
, sizeof key
, data
);
1033 test_HMAC_DRBG(void)
1035 br_hmac_drbg_context ctx
;
1036 unsigned char seed
[42], tmp
[30];
1037 unsigned char ref1
[30], ref2
[30], ref3
[30];
1040 printf("Test HMAC_DRBG: ");
1043 seed_len
= hextobin(seed
,
1044 "009A4D6792295A7F730FC3F2B49CBC0F62E862272F"
1045 "01795EDF0D54DB760F156D0DAC04C0322B3A204224");
1047 "9305A46DE7FF8EB107194DEBD3FD48AA"
1048 "20D5E7656CBE0EA69D2A8D4E7C67");
1050 "C70C78608A3B5BE9289BE90EF6E81A9E"
1051 "2C1516D5751D2F75F50033E45F73");
1053 "475E80E992140567FCC3A50DAB90FE84"
1054 "BCD7BB03638E9C4656A06F37F650");
1055 br_hmac_drbg_init(&ctx
, &br_sha256_vtable
, seed
, seed_len
);
1056 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1057 check_equals("KAT HMAC_DRBG 1", tmp
, ref1
, sizeof tmp
);
1058 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1059 check_equals("KAT HMAC_DRBG 2", tmp
, ref2
, sizeof tmp
);
1060 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1061 check_equals("KAT HMAC_DRBG 3", tmp
, ref3
, sizeof tmp
);
1063 memset(&ctx
, 0, sizeof ctx
);
1064 br_hmac_drbg_vtable
.init(&ctx
.vtable
,
1065 &br_sha256_vtable
, seed
, seed_len
);
1066 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1067 check_equals("KAT HMAC_DRBG 4", tmp
, ref1
, sizeof tmp
);
1068 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1069 check_equals("KAT HMAC_DRBG 5", tmp
, ref2
, sizeof tmp
);
1070 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1071 check_equals("KAT HMAC_DRBG 6", tmp
, ref3
, sizeof tmp
);
1078 test_AESCTR_DRBG(void)
1080 br_aesctr_drbg_context ctx
;
1081 const br_block_ctr_class
*ictr
;
1082 unsigned char tmp1
[64], tmp2
[64];
1084 printf("Test AESCTR_DRBG: ");
1087 ictr
= br_aes_x86ni_ctr_get_vtable();
1089 ictr
= br_aes_pwr8_ctr_get_vtable();
1092 ictr
= &br_aes_ct64_ctr_vtable
;
1094 ictr
= &br_aes_ct_ctr_vtable
;
1098 br_aesctr_drbg_init(&ctx
, ictr
, NULL
, 0);
1099 ctx
.vtable
->generate(&ctx
.vtable
, tmp1
, sizeof tmp1
);
1100 ctx
.vtable
->update(&ctx
.vtable
, "new seed", 8);
1101 ctx
.vtable
->generate(&ctx
.vtable
, tmp2
, sizeof tmp2
);
1103 if (memcmp(tmp1
, tmp2
, sizeof tmp1
) == 0) {
1104 fprintf(stderr
, "AESCTR_DRBG failure\n");
1113 do_KAT_PRF(br_tls_prf_impl prf
,
1114 const char *ssecret
, const char *label
, const char *sseed
,
1117 unsigned char secret
[100], seed
[100], ref
[500], out
[500];
1118 size_t secret_len
, seed_len
, ref_len
;
1119 br_tls_prf_seed_chunk chunks
[2];
1121 secret_len
= hextobin(secret
, ssecret
);
1122 seed_len
= hextobin(seed
, sseed
);
1123 ref_len
= hextobin(ref
, sref
);
1125 chunks
[0].data
= seed
;
1126 chunks
[0].len
= seed_len
;
1127 prf(out
, ref_len
, secret
, secret_len
, label
, 1, chunks
);
1128 check_equals("TLS PRF KAT 1", out
, ref
, ref_len
);
1130 chunks
[0].data
= seed
;
1131 chunks
[0].len
= seed_len
;
1132 chunks
[1].data
= NULL
;
1134 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1135 check_equals("TLS PRF KAT 2", out
, ref
, ref_len
);
1137 chunks
[0].data
= NULL
;
1139 chunks
[1].data
= seed
;
1140 chunks
[1].len
= seed_len
;
1141 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1142 check_equals("TLS PRF KAT 3", out
, ref
, ref_len
);
1144 chunks
[0].data
= seed
;
1145 chunks
[0].len
= seed_len
>> 1;
1146 chunks
[1].data
= seed
+ chunks
[0].len
;
1147 chunks
[1].len
= seed_len
- chunks
[0].len
;
1148 prf(out
, ref_len
, secret
, secret_len
, label
, 2, chunks
);
1149 check_equals("TLS PRF KAT 4", out
, ref
, ref_len
);
1155 printf("Test TLS PRF: ");
1159 * Test vector taken from an email that was on:
1160 * http://www.imc.org/ietf-tls/mail-archive/msg01589.html
1161 * but no longer exists there; a version archived in 2008
1162 * can be found on http://www.archive.org/
1164 do_KAT_PRF(&br_tls10_prf
,
1165 "abababababababababababababababababababababababababababababababababababababababababababababababab",
1167 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
1168 "d3d4d1e349b5d515044666d51de32bab258cb521b6b053463e354832fd976754443bcf9a296519bc289abcbc1187e4ebd31e602353776c408aafb74cbc85eff69255f9788faa184cbb957a9819d84a5d7eb006eb459d3ae8de9810454b8b2d8f1afbc655a8c9a013");
1171 * Test vectors are taken from:
1172 * https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
1174 do_KAT_PRF(&br_tls12_sha256_prf
,
1175 "9bbe436ba940f017b17652849a71db35",
1177 "a0ba9f936cda311827a6f796ffd5198c",
1178 "e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66");
1179 do_KAT_PRF(&br_tls12_sha384_prf
,
1180 "b80b733d6ceefcdc71566ea48e5567df",
1182 "cd665cf6a8447dd6ff8b27555edb7465",
1183 "7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f");
1190 * AES known-answer tests. Order: key, plaintext, ciphertext.
1192 static const char *const KAT_AES
[] = {
1196 "000102030405060708090a0b0c0d0e0f",
1197 "00112233445566778899aabbccddeeff",
1198 "69c4e0d86a7b0430d8cdb78070b4c55a",
1200 "000102030405060708090a0b0c0d0e0f1011121314151617",
1201 "00112233445566778899aabbccddeeff",
1202 "dda97ca4864cdfe06eaf70a0ec0d7191",
1204 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
1205 "00112233445566778899aabbccddeeff",
1206 "8ea2b7ca516745bfeafc49904b496089",
1209 * From NIST validation suite (ECBVarTxt128.rsp).
1211 "00000000000000000000000000000000",
1212 "80000000000000000000000000000000",
1213 "3ad78e726c1ec02b7ebfe92b23d9ec34",
1215 "00000000000000000000000000000000",
1216 "c0000000000000000000000000000000",
1217 "aae5939c8efdf2f04e60b9fe7117b2c2",
1219 "00000000000000000000000000000000",
1220 "e0000000000000000000000000000000",
1221 "f031d4d74f5dcbf39daaf8ca3af6e527",
1223 "00000000000000000000000000000000",
1224 "f0000000000000000000000000000000",
1225 "96d9fd5cc4f07441727df0f33e401a36",
1227 "00000000000000000000000000000000",
1228 "f8000000000000000000000000000000",
1229 "30ccdb044646d7e1f3ccea3dca08b8c0",
1231 "00000000000000000000000000000000",
1232 "fc000000000000000000000000000000",
1233 "16ae4ce5042a67ee8e177b7c587ecc82",
1235 "00000000000000000000000000000000",
1236 "fe000000000000000000000000000000",
1237 "b6da0bb11a23855d9c5cb1b4c6412e0a",
1239 "00000000000000000000000000000000",
1240 "ff000000000000000000000000000000",
1241 "db4f1aa530967d6732ce4715eb0ee24b",
1243 "00000000000000000000000000000000",
1244 "ff800000000000000000000000000000",
1245 "a81738252621dd180a34f3455b4baa2f",
1247 "00000000000000000000000000000000",
1248 "ffc00000000000000000000000000000",
1249 "77e2b508db7fd89234caf7939ee5621a",
1251 "00000000000000000000000000000000",
1252 "ffe00000000000000000000000000000",
1253 "b8499c251f8442ee13f0933b688fcd19",
1255 "00000000000000000000000000000000",
1256 "fff00000000000000000000000000000",
1257 "965135f8a81f25c9d630b17502f68e53",
1259 "00000000000000000000000000000000",
1260 "fff80000000000000000000000000000",
1261 "8b87145a01ad1c6cede995ea3670454f",
1263 "00000000000000000000000000000000",
1264 "fffc0000000000000000000000000000",
1265 "8eae3b10a0c8ca6d1d3b0fa61e56b0b2",
1267 "00000000000000000000000000000000",
1268 "fffe0000000000000000000000000000",
1269 "64b4d629810fda6bafdf08f3b0d8d2c5",
1271 "00000000000000000000000000000000",
1272 "ffff0000000000000000000000000000",
1273 "d7e5dbd3324595f8fdc7d7c571da6c2a",
1275 "00000000000000000000000000000000",
1276 "ffff8000000000000000000000000000",
1277 "f3f72375264e167fca9de2c1527d9606",
1279 "00000000000000000000000000000000",
1280 "ffffc000000000000000000000000000",
1281 "8ee79dd4f401ff9b7ea945d86666c13b",
1283 "00000000000000000000000000000000",
1284 "ffffe000000000000000000000000000",
1285 "dd35cea2799940b40db3f819cb94c08b",
1287 "00000000000000000000000000000000",
1288 "fffff000000000000000000000000000",
1289 "6941cb6b3e08c2b7afa581ebdd607b87",
1291 "00000000000000000000000000000000",
1292 "fffff800000000000000000000000000",
1293 "2c20f439f6bb097b29b8bd6d99aad799",
1295 "00000000000000000000000000000000",
1296 "fffffc00000000000000000000000000",
1297 "625d01f058e565f77ae86378bd2c49b3",
1299 "00000000000000000000000000000000",
1300 "fffffe00000000000000000000000000",
1301 "c0b5fd98190ef45fbb4301438d095950",
1303 "00000000000000000000000000000000",
1304 "ffffff00000000000000000000000000",
1305 "13001ff5d99806efd25da34f56be854b",
1307 "00000000000000000000000000000000",
1308 "ffffff80000000000000000000000000",
1309 "3b594c60f5c8277a5113677f94208d82",
1311 "00000000000000000000000000000000",
1312 "ffffffc0000000000000000000000000",
1313 "e9c0fc1818e4aa46bd2e39d638f89e05",
1315 "00000000000000000000000000000000",
1316 "ffffffe0000000000000000000000000",
1317 "f8023ee9c3fdc45a019b4e985c7e1a54",
1319 "00000000000000000000000000000000",
1320 "fffffff0000000000000000000000000",
1321 "35f40182ab4662f3023baec1ee796b57",
1323 "00000000000000000000000000000000",
1324 "fffffff8000000000000000000000000",
1325 "3aebbad7303649b4194a6945c6cc3694",
1327 "00000000000000000000000000000000",
1328 "fffffffc000000000000000000000000",
1329 "a2124bea53ec2834279bed7f7eb0f938",
1331 "00000000000000000000000000000000",
1332 "fffffffe000000000000000000000000",
1333 "b9fb4399fa4facc7309e14ec98360b0a",
1335 "00000000000000000000000000000000",
1336 "ffffffff000000000000000000000000",
1337 "c26277437420c5d634f715aea81a9132",
1339 "00000000000000000000000000000000",
1340 "ffffffff800000000000000000000000",
1341 "171a0e1b2dd424f0e089af2c4c10f32f",
1343 "00000000000000000000000000000000",
1344 "ffffffffc00000000000000000000000",
1345 "7cadbe402d1b208fe735edce00aee7ce",
1347 "00000000000000000000000000000000",
1348 "ffffffffe00000000000000000000000",
1349 "43b02ff929a1485af6f5c6d6558baa0f",
1351 "00000000000000000000000000000000",
1352 "fffffffff00000000000000000000000",
1353 "092faacc9bf43508bf8fa8613ca75dea",
1355 "00000000000000000000000000000000",
1356 "fffffffff80000000000000000000000",
1357 "cb2bf8280f3f9742c7ed513fe802629c",
1359 "00000000000000000000000000000000",
1360 "fffffffffc0000000000000000000000",
1361 "215a41ee442fa992a6e323986ded3f68",
1363 "00000000000000000000000000000000",
1364 "fffffffffe0000000000000000000000",
1365 "f21e99cf4f0f77cea836e11a2fe75fb1",
1367 "00000000000000000000000000000000",
1368 "ffffffffff0000000000000000000000",
1369 "95e3a0ca9079e646331df8b4e70d2cd6",
1371 "00000000000000000000000000000000",
1372 "ffffffffff8000000000000000000000",
1373 "4afe7f120ce7613f74fc12a01a828073",
1375 "00000000000000000000000000000000",
1376 "ffffffffffc000000000000000000000",
1377 "827f000e75e2c8b9d479beed913fe678",
1379 "00000000000000000000000000000000",
1380 "ffffffffffe000000000000000000000",
1381 "35830c8e7aaefe2d30310ef381cbf691",
1383 "00000000000000000000000000000000",
1384 "fffffffffff000000000000000000000",
1385 "191aa0f2c8570144f38657ea4085ebe5",
1387 "00000000000000000000000000000000",
1388 "fffffffffff800000000000000000000",
1389 "85062c2c909f15d9269b6c18ce99c4f0",
1391 "00000000000000000000000000000000",
1392 "fffffffffffc00000000000000000000",
1393 "678034dc9e41b5a560ed239eeab1bc78",
1395 "00000000000000000000000000000000",
1396 "fffffffffffe00000000000000000000",
1397 "c2f93a4ce5ab6d5d56f1b93cf19911c1",
1399 "00000000000000000000000000000000",
1400 "ffffffffffff00000000000000000000",
1401 "1c3112bcb0c1dcc749d799743691bf82",
1403 "00000000000000000000000000000000",
1404 "ffffffffffff80000000000000000000",
1405 "00c55bd75c7f9c881989d3ec1911c0d4",
1407 "00000000000000000000000000000000",
1408 "ffffffffffffc0000000000000000000",
1409 "ea2e6b5ef182b7dff3629abd6a12045f",
1411 "00000000000000000000000000000000",
1412 "ffffffffffffe0000000000000000000",
1413 "22322327e01780b17397f24087f8cc6f",
1415 "00000000000000000000000000000000",
1416 "fffffffffffff0000000000000000000",
1417 "c9cacb5cd11692c373b2411768149ee7",
1419 "00000000000000000000000000000000",
1420 "fffffffffffff8000000000000000000",
1421 "a18e3dbbca577860dab6b80da3139256",
1423 "00000000000000000000000000000000",
1424 "fffffffffffffc000000000000000000",
1425 "79b61c37bf328ecca8d743265a3d425c",
1427 "00000000000000000000000000000000",
1428 "fffffffffffffe000000000000000000",
1429 "d2d99c6bcc1f06fda8e27e8ae3f1ccc7",
1431 "00000000000000000000000000000000",
1432 "ffffffffffffff000000000000000000",
1433 "1bfd4b91c701fd6b61b7f997829d663b",
1435 "00000000000000000000000000000000",
1436 "ffffffffffffff800000000000000000",
1437 "11005d52f25f16bdc9545a876a63490a",
1439 "00000000000000000000000000000000",
1440 "ffffffffffffffc00000000000000000",
1441 "3a4d354f02bb5a5e47d39666867f246a",
1443 "00000000000000000000000000000000",
1444 "ffffffffffffffe00000000000000000",
1445 "d451b8d6e1e1a0ebb155fbbf6e7b7dc3",
1447 "00000000000000000000000000000000",
1448 "fffffffffffffff00000000000000000",
1449 "6898d4f42fa7ba6a10ac05e87b9f2080",
1451 "00000000000000000000000000000000",
1452 "fffffffffffffff80000000000000000",
1453 "b611295e739ca7d9b50f8e4c0e754a3f",
1455 "00000000000000000000000000000000",
1456 "fffffffffffffffc0000000000000000",
1457 "7d33fc7d8abe3ca1936759f8f5deaf20",
1459 "00000000000000000000000000000000",
1460 "fffffffffffffffe0000000000000000",
1461 "3b5e0f566dc96c298f0c12637539b25c",
1463 "00000000000000000000000000000000",
1464 "ffffffffffffffff0000000000000000",
1465 "f807c3e7985fe0f5a50e2cdb25c5109e",
1467 "00000000000000000000000000000000",
1468 "ffffffffffffffff8000000000000000",
1469 "41f992a856fb278b389a62f5d274d7e9",
1471 "00000000000000000000000000000000",
1472 "ffffffffffffffffc000000000000000",
1473 "10d3ed7a6fe15ab4d91acbc7d0767ab1",
1475 "00000000000000000000000000000000",
1476 "ffffffffffffffffe000000000000000",
1477 "21feecd45b2e675973ac33bf0c5424fc",
1479 "00000000000000000000000000000000",
1480 "fffffffffffffffff000000000000000",
1481 "1480cb3955ba62d09eea668f7c708817",
1483 "00000000000000000000000000000000",
1484 "fffffffffffffffff800000000000000",
1485 "66404033d6b72b609354d5496e7eb511",
1487 "00000000000000000000000000000000",
1488 "fffffffffffffffffc00000000000000",
1489 "1c317a220a7d700da2b1e075b00266e1",
1491 "00000000000000000000000000000000",
1492 "fffffffffffffffffe00000000000000",
1493 "ab3b89542233f1271bf8fd0c0f403545",
1495 "00000000000000000000000000000000",
1496 "ffffffffffffffffff00000000000000",
1497 "d93eae966fac46dca927d6b114fa3f9e",
1499 "00000000000000000000000000000000",
1500 "ffffffffffffffffff80000000000000",
1501 "1bdec521316503d9d5ee65df3ea94ddf",
1503 "00000000000000000000000000000000",
1504 "ffffffffffffffffffc0000000000000",
1505 "eef456431dea8b4acf83bdae3717f75f",
1507 "00000000000000000000000000000000",
1508 "ffffffffffffffffffe0000000000000",
1509 "06f2519a2fafaa596bfef5cfa15c21b9",
1511 "00000000000000000000000000000000",
1512 "fffffffffffffffffff0000000000000",
1513 "251a7eac7e2fe809e4aa8d0d7012531a",
1515 "00000000000000000000000000000000",
1516 "fffffffffffffffffff8000000000000",
1517 "3bffc16e4c49b268a20f8d96a60b4058",
1519 "00000000000000000000000000000000",
1520 "fffffffffffffffffffc000000000000",
1521 "e886f9281999c5bb3b3e8862e2f7c988",
1523 "00000000000000000000000000000000",
1524 "fffffffffffffffffffe000000000000",
1525 "563bf90d61beef39f48dd625fcef1361",
1527 "00000000000000000000000000000000",
1528 "ffffffffffffffffffff000000000000",
1529 "4d37c850644563c69fd0acd9a049325b",
1531 "00000000000000000000000000000000",
1532 "ffffffffffffffffffff800000000000",
1533 "b87c921b91829ef3b13ca541ee1130a6",
1535 "00000000000000000000000000000000",
1536 "ffffffffffffffffffffc00000000000",
1537 "2e65eb6b6ea383e109accce8326b0393",
1539 "00000000000000000000000000000000",
1540 "ffffffffffffffffffffe00000000000",
1541 "9ca547f7439edc3e255c0f4d49aa8990",
1543 "00000000000000000000000000000000",
1544 "fffffffffffffffffffff00000000000",
1545 "a5e652614c9300f37816b1f9fd0c87f9",
1547 "00000000000000000000000000000000",
1548 "fffffffffffffffffffff80000000000",
1549 "14954f0b4697776f44494fe458d814ed",
1551 "00000000000000000000000000000000",
1552 "fffffffffffffffffffffc0000000000",
1553 "7c8d9ab6c2761723fe42f8bb506cbcf7",
1555 "00000000000000000000000000000000",
1556 "fffffffffffffffffffffe0000000000",
1557 "db7e1932679fdd99742aab04aa0d5a80",
1559 "00000000000000000000000000000000",
1560 "ffffffffffffffffffffff0000000000",
1561 "4c6a1c83e568cd10f27c2d73ded19c28",
1563 "00000000000000000000000000000000",
1564 "ffffffffffffffffffffff8000000000",
1565 "90ecbe6177e674c98de412413f7ac915",
1567 "00000000000000000000000000000000",
1568 "ffffffffffffffffffffffc000000000",
1569 "90684a2ac55fe1ec2b8ebd5622520b73",
1571 "00000000000000000000000000000000",
1572 "ffffffffffffffffffffffe000000000",
1573 "7472f9a7988607ca79707795991035e6",
1575 "00000000000000000000000000000000",
1576 "fffffffffffffffffffffff000000000",
1577 "56aff089878bf3352f8df172a3ae47d8",
1579 "00000000000000000000000000000000",
1580 "fffffffffffffffffffffff800000000",
1581 "65c0526cbe40161b8019a2a3171abd23",
1583 "00000000000000000000000000000000",
1584 "fffffffffffffffffffffffc00000000",
1585 "377be0be33b4e3e310b4aabda173f84f",
1587 "00000000000000000000000000000000",
1588 "fffffffffffffffffffffffe00000000",
1589 "9402e9aa6f69de6504da8d20c4fcaa2f",
1591 "00000000000000000000000000000000",
1592 "ffffffffffffffffffffffff00000000",
1593 "123c1f4af313ad8c2ce648b2e71fb6e1",
1595 "00000000000000000000000000000000",
1596 "ffffffffffffffffffffffff80000000",
1597 "1ffc626d30203dcdb0019fb80f726cf4",
1599 "00000000000000000000000000000000",
1600 "ffffffffffffffffffffffffc0000000",
1601 "76da1fbe3a50728c50fd2e621b5ad885",
1603 "00000000000000000000000000000000",
1604 "ffffffffffffffffffffffffe0000000",
1605 "082eb8be35f442fb52668e16a591d1d6",
1607 "00000000000000000000000000000000",
1608 "fffffffffffffffffffffffff0000000",
1609 "e656f9ecf5fe27ec3e4a73d00c282fb3",
1611 "00000000000000000000000000000000",
1612 "fffffffffffffffffffffffff8000000",
1613 "2ca8209d63274cd9a29bb74bcd77683a",
1615 "00000000000000000000000000000000",
1616 "fffffffffffffffffffffffffc000000",
1617 "79bf5dce14bb7dd73a8e3611de7ce026",
1619 "00000000000000000000000000000000",
1620 "fffffffffffffffffffffffffe000000",
1621 "3c849939a5d29399f344c4a0eca8a576",
1623 "00000000000000000000000000000000",
1624 "ffffffffffffffffffffffffff000000",
1625 "ed3c0a94d59bece98835da7aa4f07ca2",
1627 "00000000000000000000000000000000",
1628 "ffffffffffffffffffffffffff800000",
1629 "63919ed4ce10196438b6ad09d99cd795",
1631 "00000000000000000000000000000000",
1632 "ffffffffffffffffffffffffffc00000",
1633 "7678f3a833f19fea95f3c6029e2bc610",
1635 "00000000000000000000000000000000",
1636 "ffffffffffffffffffffffffffe00000",
1637 "3aa426831067d36b92be7c5f81c13c56",
1639 "00000000000000000000000000000000",
1640 "fffffffffffffffffffffffffff00000",
1641 "9272e2d2cdd11050998c845077a30ea0",
1643 "00000000000000000000000000000000",
1644 "fffffffffffffffffffffffffff80000",
1645 "088c4b53f5ec0ff814c19adae7f6246c",
1647 "00000000000000000000000000000000",
1648 "fffffffffffffffffffffffffffc0000",
1649 "4010a5e401fdf0a0354ddbcc0d012b17",
1651 "00000000000000000000000000000000",
1652 "fffffffffffffffffffffffffffe0000",
1653 "a87a385736c0a6189bd6589bd8445a93",
1655 "00000000000000000000000000000000",
1656 "ffffffffffffffffffffffffffff0000",
1657 "545f2b83d9616dccf60fa9830e9cd287",
1659 "00000000000000000000000000000000",
1660 "ffffffffffffffffffffffffffff8000",
1661 "4b706f7f92406352394037a6d4f4688d",
1663 "00000000000000000000000000000000",
1664 "ffffffffffffffffffffffffffffc000",
1665 "b7972b3941c44b90afa7b264bfba7387",
1667 "00000000000000000000000000000000",
1668 "ffffffffffffffffffffffffffffe000",
1669 "6f45732cf10881546f0fd23896d2bb60",
1671 "00000000000000000000000000000000",
1672 "fffffffffffffffffffffffffffff000",
1673 "2e3579ca15af27f64b3c955a5bfc30ba",
1675 "00000000000000000000000000000000",
1676 "fffffffffffffffffffffffffffff800",
1677 "34a2c5a91ae2aec99b7d1b5fa6780447",
1679 "00000000000000000000000000000000",
1680 "fffffffffffffffffffffffffffffc00",
1681 "a4d6616bd04f87335b0e53351227a9ee",
1683 "00000000000000000000000000000000",
1684 "fffffffffffffffffffffffffffffe00",
1685 "7f692b03945867d16179a8cefc83ea3f",
1687 "00000000000000000000000000000000",
1688 "ffffffffffffffffffffffffffffff00",
1689 "3bd141ee84a0e6414a26e7a4f281f8a2",
1691 "00000000000000000000000000000000",
1692 "ffffffffffffffffffffffffffffff80",
1693 "d1788f572d98b2b16ec5d5f3922b99bc",
1695 "00000000000000000000000000000000",
1696 "ffffffffffffffffffffffffffffffc0",
1697 "0833ff6f61d98a57b288e8c3586b85a6",
1699 "00000000000000000000000000000000",
1700 "ffffffffffffffffffffffffffffffe0",
1701 "8568261797de176bf0b43becc6285afb",
1703 "00000000000000000000000000000000",
1704 "fffffffffffffffffffffffffffffff0",
1705 "f9b0fda0c4a898f5b9e6f661c4ce4d07",
1707 "00000000000000000000000000000000",
1708 "fffffffffffffffffffffffffffffff8",
1709 "8ade895913685c67c5269f8aae42983e",
1711 "00000000000000000000000000000000",
1712 "fffffffffffffffffffffffffffffffc",
1713 "39bde67d5c8ed8a8b1c37eb8fa9f5ac0",
1715 "00000000000000000000000000000000",
1716 "fffffffffffffffffffffffffffffffe",
1717 "5c005e72c1418c44f569f2ea33ba54f3",
1719 "00000000000000000000000000000000",
1720 "ffffffffffffffffffffffffffffffff",
1721 "3f5b8cc9ea855a0afa7347d23e8d664e",
1724 * From NIST validation suite (ECBVarTxt192.rsp).
1726 "000000000000000000000000000000000000000000000000",
1727 "80000000000000000000000000000000",
1728 "6cd02513e8d4dc986b4afe087a60bd0c",
1730 "000000000000000000000000000000000000000000000000",
1731 "c0000000000000000000000000000000",
1732 "2ce1f8b7e30627c1c4519eada44bc436",
1734 "000000000000000000000000000000000000000000000000",
1735 "e0000000000000000000000000000000",
1736 "9946b5f87af446f5796c1fee63a2da24",
1738 "000000000000000000000000000000000000000000000000",
1739 "f0000000000000000000000000000000",
1740 "2a560364ce529efc21788779568d5555",
1742 "000000000000000000000000000000000000000000000000",
1743 "f8000000000000000000000000000000",
1744 "35c1471837af446153bce55d5ba72a0a",
1746 "000000000000000000000000000000000000000000000000",
1747 "fc000000000000000000000000000000",
1748 "ce60bc52386234f158f84341e534cd9e",
1750 "000000000000000000000000000000000000000000000000",
1751 "fe000000000000000000000000000000",
1752 "8c7c27ff32bcf8dc2dc57c90c2903961",
1754 "000000000000000000000000000000000000000000000000",
1755 "ff000000000000000000000000000000",
1756 "32bb6a7ec84499e166f936003d55a5bb",
1758 "000000000000000000000000000000000000000000000000",
1759 "ff800000000000000000000000000000",
1760 "a5c772e5c62631ef660ee1d5877f6d1b",
1762 "000000000000000000000000000000000000000000000000",
1763 "ffc00000000000000000000000000000",
1764 "030d7e5b64f380a7e4ea5387b5cd7f49",
1766 "000000000000000000000000000000000000000000000000",
1767 "ffe00000000000000000000000000000",
1768 "0dc9a2610037009b698f11bb7e86c83e",
1770 "000000000000000000000000000000000000000000000000",
1771 "fff00000000000000000000000000000",
1772 "0046612c766d1840c226364f1fa7ed72",
1774 "000000000000000000000000000000000000000000000000",
1775 "fff80000000000000000000000000000",
1776 "4880c7e08f27befe78590743c05e698b",
1778 "000000000000000000000000000000000000000000000000",
1779 "fffc0000000000000000000000000000",
1780 "2520ce829a26577f0f4822c4ecc87401",
1782 "000000000000000000000000000000000000000000000000",
1783 "fffe0000000000000000000000000000",
1784 "8765e8acc169758319cb46dc7bcf3dca",
1786 "000000000000000000000000000000000000000000000000",
1787 "ffff0000000000000000000000000000",
1788 "e98f4ba4f073df4baa116d011dc24a28",
1790 "000000000000000000000000000000000000000000000000",
1791 "ffff8000000000000000000000000000",
1792 "f378f68c5dbf59e211b3a659a7317d94",
1794 "000000000000000000000000000000000000000000000000",
1795 "ffffc000000000000000000000000000",
1796 "283d3b069d8eb9fb432d74b96ca762b4",
1798 "000000000000000000000000000000000000000000000000",
1799 "ffffe000000000000000000000000000",
1800 "a7e1842e8a87861c221a500883245c51",
1802 "000000000000000000000000000000000000000000000000",
1803 "fffff000000000000000000000000000",
1804 "77aa270471881be070fb52c7067ce732",
1806 "000000000000000000000000000000000000000000000000",
1807 "fffff800000000000000000000000000",
1808 "01b0f476d484f43f1aeb6efa9361a8ac",
1810 "000000000000000000000000000000000000000000000000",
1811 "fffffc00000000000000000000000000",
1812 "1c3a94f1c052c55c2d8359aff2163b4f",
1814 "000000000000000000000000000000000000000000000000",
1815 "fffffe00000000000000000000000000",
1816 "e8a067b604d5373d8b0f2e05a03b341b",
1818 "000000000000000000000000000000000000000000000000",
1819 "ffffff00000000000000000000000000",
1820 "a7876ec87f5a09bfea42c77da30fd50e",
1822 "000000000000000000000000000000000000000000000000",
1823 "ffffff80000000000000000000000000",
1824 "0cf3e9d3a42be5b854ca65b13f35f48d",
1826 "000000000000000000000000000000000000000000000000",
1827 "ffffffc0000000000000000000000000",
1828 "6c62f6bbcab7c3e821c9290f08892dda",
1830 "000000000000000000000000000000000000000000000000",
1831 "ffffffe0000000000000000000000000",
1832 "7f5e05bd2068738196fee79ace7e3aec",
1834 "000000000000000000000000000000000000000000000000",
1835 "fffffff0000000000000000000000000",
1836 "440e0d733255cda92fb46e842fe58054",
1838 "000000000000000000000000000000000000000000000000",
1839 "fffffff8000000000000000000000000",
1840 "aa5d5b1c4ea1b7a22e5583ac2e9ed8a7",
1842 "000000000000000000000000000000000000000000000000",
1843 "fffffffc000000000000000000000000",
1844 "77e537e89e8491e8662aae3bc809421d",
1846 "000000000000000000000000000000000000000000000000",
1847 "fffffffe000000000000000000000000",
1848 "997dd3e9f1598bfa73f75973f7e93b76",
1850 "000000000000000000000000000000000000000000000000",
1851 "ffffffff000000000000000000000000",
1852 "1b38d4f7452afefcb7fc721244e4b72e",
1854 "000000000000000000000000000000000000000000000000",
1855 "ffffffff800000000000000000000000",
1856 "0be2b18252e774dda30cdda02c6906e3",
1858 "000000000000000000000000000000000000000000000000",
1859 "ffffffffc00000000000000000000000",
1860 "d2695e59c20361d82652d7d58b6f11b2",
1862 "000000000000000000000000000000000000000000000000",
1863 "ffffffffe00000000000000000000000",
1864 "902d88d13eae52089abd6143cfe394e9",
1866 "000000000000000000000000000000000000000000000000",
1867 "fffffffff00000000000000000000000",
1868 "d49bceb3b823fedd602c305345734bd2",
1870 "000000000000000000000000000000000000000000000000",
1871 "fffffffff80000000000000000000000",
1872 "707b1dbb0ffa40ef7d95def421233fae",
1874 "000000000000000000000000000000000000000000000000",
1875 "fffffffffc0000000000000000000000",
1876 "7ca0c1d93356d9eb8aa952084d75f913",
1878 "000000000000000000000000000000000000000000000000",
1879 "fffffffffe0000000000000000000000",
1880 "f2cbf9cb186e270dd7bdb0c28febc57d",
1882 "000000000000000000000000000000000000000000000000",
1883 "ffffffffff0000000000000000000000",
1884 "c94337c37c4e790ab45780bd9c3674a0",
1886 "000000000000000000000000000000000000000000000000",
1887 "ffffffffff8000000000000000000000",
1888 "8e3558c135252fb9c9f367ed609467a1",
1890 "000000000000000000000000000000000000000000000000",
1891 "ffffffffffc000000000000000000000",
1892 "1b72eeaee4899b443914e5b3a57fba92",
1894 "000000000000000000000000000000000000000000000000",
1895 "ffffffffffe000000000000000000000",
1896 "011865f91bc56868d051e52c9efd59b7",
1898 "000000000000000000000000000000000000000000000000",
1899 "fffffffffff000000000000000000000",
1900 "e4771318ad7a63dd680f6e583b7747ea",
1902 "000000000000000000000000000000000000000000000000",
1903 "fffffffffff800000000000000000000",
1904 "61e3d194088dc8d97e9e6db37457eac5",
1906 "000000000000000000000000000000000000000000000000",
1907 "fffffffffffc00000000000000000000",
1908 "36ff1ec9ccfbc349e5d356d063693ad6",
1910 "000000000000000000000000000000000000000000000000",
1911 "fffffffffffe00000000000000000000",
1912 "3cc9e9a9be8cc3f6fb2ea24088e9bb19",
1914 "000000000000000000000000000000000000000000000000",
1915 "ffffffffffff00000000000000000000",
1916 "1ee5ab003dc8722e74905d9a8fe3d350",
1918 "000000000000000000000000000000000000000000000000",
1919 "ffffffffffff80000000000000000000",
1920 "245339319584b0a412412869d6c2eada",
1922 "000000000000000000000000000000000000000000000000",
1923 "ffffffffffffc0000000000000000000",
1924 "7bd496918115d14ed5380852716c8814",
1926 "000000000000000000000000000000000000000000000000",
1927 "ffffffffffffe0000000000000000000",
1928 "273ab2f2b4a366a57d582a339313c8b1",
1930 "000000000000000000000000000000000000000000000000",
1931 "fffffffffffff0000000000000000000",
1932 "113365a9ffbe3b0ca61e98507554168b",
1934 "000000000000000000000000000000000000000000000000",
1935 "fffffffffffff8000000000000000000",
1936 "afa99c997ac478a0dea4119c9e45f8b1",
1938 "000000000000000000000000000000000000000000000000",
1939 "fffffffffffffc000000000000000000",
1940 "9216309a7842430b83ffb98638011512",
1942 "000000000000000000000000000000000000000000000000",
1943 "fffffffffffffe000000000000000000",
1944 "62abc792288258492a7cb45145f4b759",
1946 "000000000000000000000000000000000000000000000000",
1947 "ffffffffffffff000000000000000000",
1948 "534923c169d504d7519c15d30e756c50",
1950 "000000000000000000000000000000000000000000000000",
1951 "ffffffffffffff800000000000000000",
1952 "fa75e05bcdc7e00c273fa33f6ee441d2",
1954 "000000000000000000000000000000000000000000000000",
1955 "ffffffffffffffc00000000000000000",
1956 "7d350fa6057080f1086a56b17ec240db",
1958 "000000000000000000000000000000000000000000000000",
1959 "ffffffffffffffe00000000000000000",
1960 "f34e4a6324ea4a5c39a661c8fe5ada8f",
1962 "000000000000000000000000000000000000000000000000",
1963 "fffffffffffffff00000000000000000",
1964 "0882a16f44088d42447a29ac090ec17e",
1966 "000000000000000000000000000000000000000000000000",
1967 "fffffffffffffff80000000000000000",
1968 "3a3c15bfc11a9537c130687004e136ee",
1970 "000000000000000000000000000000000000000000000000",
1971 "fffffffffffffffc0000000000000000",
1972 "22c0a7678dc6d8cf5c8a6d5a9960767c",
1974 "000000000000000000000000000000000000000000000000",
1975 "fffffffffffffffe0000000000000000",
1976 "b46b09809d68b9a456432a79bdc2e38c",
1978 "000000000000000000000000000000000000000000000000",
1979 "ffffffffffffffff0000000000000000",
1980 "93baaffb35fbe739c17c6ac22eecf18f",
1982 "000000000000000000000000000000000000000000000000",
1983 "ffffffffffffffff8000000000000000",
1984 "c8aa80a7850675bc007c46df06b49868",
1986 "000000000000000000000000000000000000000000000000",
1987 "ffffffffffffffffc000000000000000",
1988 "12c6f3877af421a918a84b775858021d",
1990 "000000000000000000000000000000000000000000000000",
1991 "ffffffffffffffffe000000000000000",
1992 "33f123282c5d633924f7d5ba3f3cab11",
1994 "000000000000000000000000000000000000000000000000",
1995 "fffffffffffffffff000000000000000",
1996 "a8f161002733e93ca4527d22c1a0c5bb",
1998 "000000000000000000000000000000000000000000000000",
1999 "fffffffffffffffff800000000000000",
2000 "b72f70ebf3e3fda23f508eec76b42c02",
2002 "000000000000000000000000000000000000000000000000",
2003 "fffffffffffffffffc00000000000000",
2004 "6a9d965e6274143f25afdcfc88ffd77c",
2006 "000000000000000000000000000000000000000000000000",
2007 "fffffffffffffffffe00000000000000",
2008 "a0c74fd0b9361764ce91c5200b095357",
2010 "000000000000000000000000000000000000000000000000",
2011 "ffffffffffffffffff00000000000000",
2012 "091d1fdc2bd2c346cd5046a8c6209146",
2014 "000000000000000000000000000000000000000000000000",
2015 "ffffffffffffffffff80000000000000",
2016 "e2a37580116cfb71856254496ab0aca8",
2018 "000000000000000000000000000000000000000000000000",
2019 "ffffffffffffffffffc0000000000000",
2020 "e0b3a00785917c7efc9adba322813571",
2022 "000000000000000000000000000000000000000000000000",
2023 "ffffffffffffffffffe0000000000000",
2024 "733d41f4727b5ef0df4af4cf3cffa0cb",
2026 "000000000000000000000000000000000000000000000000",
2027 "fffffffffffffffffff0000000000000",
2028 "a99ebb030260826f981ad3e64490aa4f",
2030 "000000000000000000000000000000000000000000000000",
2031 "fffffffffffffffffff8000000000000",
2032 "73f34c7d3eae5e80082c1647524308ee",
2034 "000000000000000000000000000000000000000000000000",
2035 "fffffffffffffffffffc000000000000",
2036 "40ebd5ad082345b7a2097ccd3464da02",
2038 "000000000000000000000000000000000000000000000000",
2039 "fffffffffffffffffffe000000000000",
2040 "7cc4ae9a424b2cec90c97153c2457ec5",
2042 "000000000000000000000000000000000000000000000000",
2043 "ffffffffffffffffffff000000000000",
2044 "54d632d03aba0bd0f91877ebdd4d09cb",
2046 "000000000000000000000000000000000000000000000000",
2047 "ffffffffffffffffffff800000000000",
2048 "d3427be7e4d27cd54f5fe37b03cf0897",
2050 "000000000000000000000000000000000000000000000000",
2051 "ffffffffffffffffffffc00000000000",
2052 "b2099795e88cc158fd75ea133d7e7fbe",
2054 "000000000000000000000000000000000000000000000000",
2055 "ffffffffffffffffffffe00000000000",
2056 "a6cae46fb6fadfe7a2c302a34242817b",
2058 "000000000000000000000000000000000000000000000000",
2059 "fffffffffffffffffffff00000000000",
2060 "026a7024d6a902e0b3ffccbaa910cc3f",
2062 "000000000000000000000000000000000000000000000000",
2063 "fffffffffffffffffffff80000000000",
2064 "156f07767a85a4312321f63968338a01",
2066 "000000000000000000000000000000000000000000000000",
2067 "fffffffffffffffffffffc0000000000",
2068 "15eec9ebf42b9ca76897d2cd6c5a12e2",
2070 "000000000000000000000000000000000000000000000000",
2071 "fffffffffffffffffffffe0000000000",
2072 "db0d3a6fdcc13f915e2b302ceeb70fd8",
2074 "000000000000000000000000000000000000000000000000",
2075 "ffffffffffffffffffffff0000000000",
2076 "71dbf37e87a2e34d15b20e8f10e48924",
2078 "000000000000000000000000000000000000000000000000",
2079 "ffffffffffffffffffffff8000000000",
2080 "c745c451e96ff3c045e4367c833e3b54",
2082 "000000000000000000000000000000000000000000000000",
2083 "ffffffffffffffffffffffc000000000",
2084 "340da09c2dd11c3b679d08ccd27dd595",
2086 "000000000000000000000000000000000000000000000000",
2087 "ffffffffffffffffffffffe000000000",
2088 "8279f7c0c2a03ee660c6d392db025d18",
2090 "000000000000000000000000000000000000000000000000",
2091 "fffffffffffffffffffffff000000000",
2092 "a4b2c7d8eba531ff47c5041a55fbd1ec",
2094 "000000000000000000000000000000000000000000000000",
2095 "fffffffffffffffffffffff800000000",
2096 "74569a2ca5a7bd5131ce8dc7cbfbf72f",
2098 "000000000000000000000000000000000000000000000000",
2099 "fffffffffffffffffffffffc00000000",
2100 "3713da0c0219b63454035613b5a403dd",
2102 "000000000000000000000000000000000000000000000000",
2103 "fffffffffffffffffffffffe00000000",
2104 "8827551ddcc9df23fa72a3de4e9f0b07",
2106 "000000000000000000000000000000000000000000000000",
2107 "ffffffffffffffffffffffff00000000",
2108 "2e3febfd625bfcd0a2c06eb460da1732",
2110 "000000000000000000000000000000000000000000000000",
2111 "ffffffffffffffffffffffff80000000",
2112 "ee82e6ba488156f76496311da6941deb",
2114 "000000000000000000000000000000000000000000000000",
2115 "ffffffffffffffffffffffffc0000000",
2116 "4770446f01d1f391256e85a1b30d89d3",
2118 "000000000000000000000000000000000000000000000000",
2119 "ffffffffffffffffffffffffe0000000",
2120 "af04b68f104f21ef2afb4767cf74143c",
2122 "000000000000000000000000000000000000000000000000",
2123 "fffffffffffffffffffffffff0000000",
2124 "cf3579a9ba38c8e43653173e14f3a4c6",
2126 "000000000000000000000000000000000000000000000000",
2127 "fffffffffffffffffffffffff8000000",
2128 "b3bba904f4953e09b54800af2f62e7d4",
2130 "000000000000000000000000000000000000000000000000",
2131 "fffffffffffffffffffffffffc000000",
2132 "fc4249656e14b29eb9c44829b4c59a46",
2134 "000000000000000000000000000000000000000000000000",
2135 "fffffffffffffffffffffffffe000000",
2136 "9b31568febe81cfc2e65af1c86d1a308",
2138 "000000000000000000000000000000000000000000000000",
2139 "ffffffffffffffffffffffffff000000",
2140 "9ca09c25f273a766db98a480ce8dfedc",
2142 "000000000000000000000000000000000000000000000000",
2143 "ffffffffffffffffffffffffff800000",
2144 "b909925786f34c3c92d971883c9fbedf",
2146 "000000000000000000000000000000000000000000000000",
2147 "ffffffffffffffffffffffffffc00000",
2148 "82647f1332fe570a9d4d92b2ee771d3b",
2150 "000000000000000000000000000000000000000000000000",
2151 "ffffffffffffffffffffffffffe00000",
2152 "3604a7e80832b3a99954bca6f5b9f501",
2154 "000000000000000000000000000000000000000000000000",
2155 "fffffffffffffffffffffffffff00000",
2156 "884607b128c5de3ab39a529a1ef51bef",
2158 "000000000000000000000000000000000000000000000000",
2159 "fffffffffffffffffffffffffff80000",
2160 "670cfa093d1dbdb2317041404102435e",
2162 "000000000000000000000000000000000000000000000000",
2163 "fffffffffffffffffffffffffffc0000",
2164 "7a867195f3ce8769cbd336502fbb5130",
2166 "000000000000000000000000000000000000000000000000",
2167 "fffffffffffffffffffffffffffe0000",
2168 "52efcf64c72b2f7ca5b3c836b1078c15",
2170 "000000000000000000000000000000000000000000000000",
2171 "ffffffffffffffffffffffffffff0000",
2172 "4019250f6eefb2ac5ccbcae044e75c7e",
2174 "000000000000000000000000000000000000000000000000",
2175 "ffffffffffffffffffffffffffff8000",
2176 "022c4f6f5a017d292785627667ddef24",
2178 "000000000000000000000000000000000000000000000000",
2179 "ffffffffffffffffffffffffffffc000",
2180 "e9c21078a2eb7e03250f71000fa9e3ed",
2182 "000000000000000000000000000000000000000000000000",
2183 "ffffffffffffffffffffffffffffe000",
2184 "a13eaeeb9cd391da4e2b09490b3e7fad",
2186 "000000000000000000000000000000000000000000000000",
2187 "fffffffffffffffffffffffffffff000",
2188 "c958a171dca1d4ed53e1af1d380803a9",
2190 "000000000000000000000000000000000000000000000000",
2191 "fffffffffffffffffffffffffffff800",
2192 "21442e07a110667f2583eaeeee44dc8c",
2194 "000000000000000000000000000000000000000000000000",
2195 "fffffffffffffffffffffffffffffc00",
2196 "59bbb353cf1dd867a6e33737af655e99",
2198 "000000000000000000000000000000000000000000000000",
2199 "fffffffffffffffffffffffffffffe00",
2200 "43cd3b25375d0ce41087ff9fe2829639",
2202 "000000000000000000000000000000000000000000000000",
2203 "ffffffffffffffffffffffffffffff00",
2204 "6b98b17e80d1118e3516bd768b285a84",
2206 "000000000000000000000000000000000000000000000000",
2207 "ffffffffffffffffffffffffffffff80",
2208 "ae47ed3676ca0c08deea02d95b81db58",
2210 "000000000000000000000000000000000000000000000000",
2211 "ffffffffffffffffffffffffffffffc0",
2212 "34ec40dc20413795ed53628ea748720b",
2214 "000000000000000000000000000000000000000000000000",
2215 "ffffffffffffffffffffffffffffffe0",
2216 "4dc68163f8e9835473253542c8a65d46",
2218 "000000000000000000000000000000000000000000000000",
2219 "fffffffffffffffffffffffffffffff0",
2220 "2aabb999f43693175af65c6c612c46fb",
2222 "000000000000000000000000000000000000000000000000",
2223 "fffffffffffffffffffffffffffffff8",
2224 "e01f94499dac3547515c5b1d756f0f58",
2226 "000000000000000000000000000000000000000000000000",
2227 "fffffffffffffffffffffffffffffffc",
2228 "9d12435a46480ce00ea349f71799df9a",
2230 "000000000000000000000000000000000000000000000000",
2231 "fffffffffffffffffffffffffffffffe",
2232 "cef41d16d266bdfe46938ad7884cc0cf",
2234 "000000000000000000000000000000000000000000000000",
2235 "ffffffffffffffffffffffffffffffff",
2236 "b13db4da1f718bc6904797c82bcf2d32",
2239 * From NIST validation suite (ECBVarTxt256.rsp).
2241 "0000000000000000000000000000000000000000000000000000000000000000",
2242 "80000000000000000000000000000000",
2243 "ddc6bf790c15760d8d9aeb6f9a75fd4e",
2245 "0000000000000000000000000000000000000000000000000000000000000000",
2246 "c0000000000000000000000000000000",
2247 "0a6bdc6d4c1e6280301fd8e97ddbe601",
2249 "0000000000000000000000000000000000000000000000000000000000000000",
2250 "e0000000000000000000000000000000",
2251 "9b80eefb7ebe2d2b16247aa0efc72f5d",
2253 "0000000000000000000000000000000000000000000000000000000000000000",
2254 "f0000000000000000000000000000000",
2255 "7f2c5ece07a98d8bee13c51177395ff7",
2257 "0000000000000000000000000000000000000000000000000000000000000000",
2258 "f8000000000000000000000000000000",
2259 "7818d800dcf6f4be1e0e94f403d1e4c2",
2261 "0000000000000000000000000000000000000000000000000000000000000000",
2262 "fc000000000000000000000000000000",
2263 "e74cd1c92f0919c35a0324123d6177d3",
2265 "0000000000000000000000000000000000000000000000000000000000000000",
2266 "fe000000000000000000000000000000",
2267 "8092a4dcf2da7e77e93bdd371dfed82e",
2269 "0000000000000000000000000000000000000000000000000000000000000000",
2270 "ff000000000000000000000000000000",
2271 "49af6b372135acef10132e548f217b17",
2273 "0000000000000000000000000000000000000000000000000000000000000000",
2274 "ff800000000000000000000000000000",
2275 "8bcd40f94ebb63b9f7909676e667f1e7",
2277 "0000000000000000000000000000000000000000000000000000000000000000",
2278 "ffc00000000000000000000000000000",
2279 "fe1cffb83f45dcfb38b29be438dbd3ab",
2281 "0000000000000000000000000000000000000000000000000000000000000000",
2282 "ffe00000000000000000000000000000",
2283 "0dc58a8d886623705aec15cb1e70dc0e",
2285 "0000000000000000000000000000000000000000000000000000000000000000",
2286 "fff00000000000000000000000000000",
2287 "c218faa16056bd0774c3e8d79c35a5e4",
2289 "0000000000000000000000000000000000000000000000000000000000000000",
2290 "fff80000000000000000000000000000",
2291 "047bba83f7aa841731504e012208fc9e",
2293 "0000000000000000000000000000000000000000000000000000000000000000",
2294 "fffc0000000000000000000000000000",
2295 "dc8f0e4915fd81ba70a331310882f6da",
2297 "0000000000000000000000000000000000000000000000000000000000000000",
2298 "fffe0000000000000000000000000000",
2299 "1569859ea6b7206c30bf4fd0cbfac33c",
2301 "0000000000000000000000000000000000000000000000000000000000000000",
2302 "ffff0000000000000000000000000000",
2303 "300ade92f88f48fa2df730ec16ef44cd",
2305 "0000000000000000000000000000000000000000000000000000000000000000",
2306 "ffff8000000000000000000000000000",
2307 "1fe6cc3c05965dc08eb0590c95ac71d0",
2309 "0000000000000000000000000000000000000000000000000000000000000000",
2310 "ffffc000000000000000000000000000",
2311 "59e858eaaa97fec38111275b6cf5abc0",
2313 "0000000000000000000000000000000000000000000000000000000000000000",
2314 "ffffe000000000000000000000000000",
2315 "2239455e7afe3b0616100288cc5a723b",
2317 "0000000000000000000000000000000000000000000000000000000000000000",
2318 "fffff000000000000000000000000000",
2319 "3ee500c5c8d63479717163e55c5c4522",
2321 "0000000000000000000000000000000000000000000000000000000000000000",
2322 "fffff800000000000000000000000000",
2323 "d5e38bf15f16d90e3e214041d774daa8",
2325 "0000000000000000000000000000000000000000000000000000000000000000",
2326 "fffffc00000000000000000000000000",
2327 "b1f4066e6f4f187dfe5f2ad1b17819d0",
2329 "0000000000000000000000000000000000000000000000000000000000000000",
2330 "fffffe00000000000000000000000000",
2331 "6ef4cc4de49b11065d7af2909854794a",
2333 "0000000000000000000000000000000000000000000000000000000000000000",
2334 "ffffff00000000000000000000000000",
2335 "ac86bc606b6640c309e782f232bf367f",
2337 "0000000000000000000000000000000000000000000000000000000000000000",
2338 "ffffff80000000000000000000000000",
2339 "36aff0ef7bf3280772cf4cac80a0d2b2",
2341 "0000000000000000000000000000000000000000000000000000000000000000",
2342 "ffffffc0000000000000000000000000",
2343 "1f8eedea0f62a1406d58cfc3ecea72cf",
2345 "0000000000000000000000000000000000000000000000000000000000000000",
2346 "ffffffe0000000000000000000000000",
2347 "abf4154a3375a1d3e6b1d454438f95a6",
2349 "0000000000000000000000000000000000000000000000000000000000000000",
2350 "fffffff0000000000000000000000000",
2351 "96f96e9d607f6615fc192061ee648b07",
2353 "0000000000000000000000000000000000000000000000000000000000000000",
2354 "fffffff8000000000000000000000000",
2355 "cf37cdaaa0d2d536c71857634c792064",
2357 "0000000000000000000000000000000000000000000000000000000000000000",
2358 "fffffffc000000000000000000000000",
2359 "fbd6640c80245c2b805373f130703127",
2361 "0000000000000000000000000000000000000000000000000000000000000000",
2362 "fffffffe000000000000000000000000",
2363 "8d6a8afe55a6e481badae0d146f436db",
2365 "0000000000000000000000000000000000000000000000000000000000000000",
2366 "ffffffff000000000000000000000000",
2367 "6a4981f2915e3e68af6c22385dd06756",
2369 "0000000000000000000000000000000000000000000000000000000000000000",
2370 "ffffffff800000000000000000000000",
2371 "42a1136e5f8d8d21d3101998642d573b",
2373 "0000000000000000000000000000000000000000000000000000000000000000",
2374 "ffffffffc00000000000000000000000",
2375 "9b471596dc69ae1586cee6158b0b0181",
2377 "0000000000000000000000000000000000000000000000000000000000000000",
2378 "ffffffffe00000000000000000000000",
2379 "753665c4af1eff33aa8b628bf8741cfd",
2381 "0000000000000000000000000000000000000000000000000000000000000000",
2382 "fffffffff00000000000000000000000",
2383 "9a682acf40be01f5b2a4193c9a82404d",
2385 "0000000000000000000000000000000000000000000000000000000000000000",
2386 "fffffffff80000000000000000000000",
2387 "54fafe26e4287f17d1935f87eb9ade01",
2389 "0000000000000000000000000000000000000000000000000000000000000000",
2390 "fffffffffc0000000000000000000000",
2391 "49d541b2e74cfe73e6a8e8225f7bd449",
2393 "0000000000000000000000000000000000000000000000000000000000000000",
2394 "fffffffffe0000000000000000000000",
2395 "11a45530f624ff6f76a1b3826626ff7b",
2397 "0000000000000000000000000000000000000000000000000000000000000000",
2398 "ffffffffff0000000000000000000000",
2399 "f96b0c4a8bc6c86130289f60b43b8fba",
2401 "0000000000000000000000000000000000000000000000000000000000000000",
2402 "ffffffffff8000000000000000000000",
2403 "48c7d0e80834ebdc35b6735f76b46c8b",
2405 "0000000000000000000000000000000000000000000000000000000000000000",
2406 "ffffffffffc000000000000000000000",
2407 "2463531ab54d66955e73edc4cb8eaa45",
2409 "0000000000000000000000000000000000000000000000000000000000000000",
2410 "ffffffffffe000000000000000000000",
2411 "ac9bd8e2530469134b9d5b065d4f565b",
2413 "0000000000000000000000000000000000000000000000000000000000000000",
2414 "fffffffffff000000000000000000000",
2415 "3f5f9106d0e52f973d4890e6f37e8a00",
2417 "0000000000000000000000000000000000000000000000000000000000000000",
2418 "fffffffffff800000000000000000000",
2419 "20ebc86f1304d272e2e207e59db639f0",
2421 "0000000000000000000000000000000000000000000000000000000000000000",
2422 "fffffffffffc00000000000000000000",
2423 "e67ae6426bf9526c972cff072b52252c",
2425 "0000000000000000000000000000000000000000000000000000000000000000",
2426 "fffffffffffe00000000000000000000",
2427 "1a518dddaf9efa0d002cc58d107edfc8",
2429 "0000000000000000000000000000000000000000000000000000000000000000",
2430 "ffffffffffff00000000000000000000",
2431 "ead731af4d3a2fe3b34bed047942a49f",
2433 "0000000000000000000000000000000000000000000000000000000000000000",
2434 "ffffffffffff80000000000000000000",
2435 "b1d4efe40242f83e93b6c8d7efb5eae9",
2437 "0000000000000000000000000000000000000000000000000000000000000000",
2438 "ffffffffffffc0000000000000000000",
2439 "cd2b1fec11fd906c5c7630099443610a",
2441 "0000000000000000000000000000000000000000000000000000000000000000",
2442 "ffffffffffffe0000000000000000000",
2443 "a1853fe47fe29289d153161d06387d21",
2445 "0000000000000000000000000000000000000000000000000000000000000000",
2446 "fffffffffffff0000000000000000000",
2447 "4632154179a555c17ea604d0889fab14",
2449 "0000000000000000000000000000000000000000000000000000000000000000",
2450 "fffffffffffff8000000000000000000",
2451 "dd27cac6401a022e8f38f9f93e774417",
2453 "0000000000000000000000000000000000000000000000000000000000000000",
2454 "fffffffffffffc000000000000000000",
2455 "c090313eb98674f35f3123385fb95d4d",
2457 "0000000000000000000000000000000000000000000000000000000000000000",
2458 "fffffffffffffe000000000000000000",
2459 "cc3526262b92f02edce548f716b9f45c",
2461 "0000000000000000000000000000000000000000000000000000000000000000",
2462 "ffffffffffffff000000000000000000",
2463 "c0838d1a2b16a7c7f0dfcc433c399c33",
2465 "0000000000000000000000000000000000000000000000000000000000000000",
2466 "ffffffffffffff800000000000000000",
2467 "0d9ac756eb297695eed4d382eb126d26",
2469 "0000000000000000000000000000000000000000000000000000000000000000",
2470 "ffffffffffffffc00000000000000000",
2471 "56ede9dda3f6f141bff1757fa689c3e1",
2473 "0000000000000000000000000000000000000000000000000000000000000000",
2474 "ffffffffffffffe00000000000000000",
2475 "768f520efe0f23e61d3ec8ad9ce91774",
2477 "0000000000000000000000000000000000000000000000000000000000000000",
2478 "fffffffffffffff00000000000000000",
2479 "b1144ddfa75755213390e7c596660490",
2481 "0000000000000000000000000000000000000000000000000000000000000000",
2482 "fffffffffffffff80000000000000000",
2483 "1d7c0c4040b355b9d107a99325e3b050",
2485 "0000000000000000000000000000000000000000000000000000000000000000",
2486 "fffffffffffffffc0000000000000000",
2487 "d8e2bb1ae8ee3dcf5bf7d6c38da82a1a",
2489 "0000000000000000000000000000000000000000000000000000000000000000",
2490 "fffffffffffffffe0000000000000000",
2491 "faf82d178af25a9886a47e7f789b98d7",
2493 "0000000000000000000000000000000000000000000000000000000000000000",
2494 "ffffffffffffffff0000000000000000",
2495 "9b58dbfd77fe5aca9cfc190cd1b82d19",
2497 "0000000000000000000000000000000000000000000000000000000000000000",
2498 "ffffffffffffffff8000000000000000",
2499 "77f392089042e478ac16c0c86a0b5db5",
2501 "0000000000000000000000000000000000000000000000000000000000000000",
2502 "ffffffffffffffffc000000000000000",
2503 "19f08e3420ee69b477ca1420281c4782",
2505 "0000000000000000000000000000000000000000000000000000000000000000",
2506 "ffffffffffffffffe000000000000000",
2507 "a1b19beee4e117139f74b3c53fdcb875",
2509 "0000000000000000000000000000000000000000000000000000000000000000",
2510 "fffffffffffffffff000000000000000",
2511 "a37a5869b218a9f3a0868d19aea0ad6a",
2513 "0000000000000000000000000000000000000000000000000000000000000000",
2514 "fffffffffffffffff800000000000000",
2515 "bc3594e865bcd0261b13202731f33580",
2517 "0000000000000000000000000000000000000000000000000000000000000000",
2518 "fffffffffffffffffc00000000000000",
2519 "811441ce1d309eee7185e8c752c07557",
2521 "0000000000000000000000000000000000000000000000000000000000000000",
2522 "fffffffffffffffffe00000000000000",
2523 "959971ce4134190563518e700b9874d1",
2525 "0000000000000000000000000000000000000000000000000000000000000000",
2526 "ffffffffffffffffff00000000000000",
2527 "76b5614a042707c98e2132e2e805fe63",
2529 "0000000000000000000000000000000000000000000000000000000000000000",
2530 "ffffffffffffffffff80000000000000",
2531 "7d9fa6a57530d0f036fec31c230b0cc6",
2533 "0000000000000000000000000000000000000000000000000000000000000000",
2534 "ffffffffffffffffffc0000000000000",
2535 "964153a83bf6989a4ba80daa91c3e081",
2537 "0000000000000000000000000000000000000000000000000000000000000000",
2538 "ffffffffffffffffffe0000000000000",
2539 "a013014d4ce8054cf2591d06f6f2f176",
2541 "0000000000000000000000000000000000000000000000000000000000000000",
2542 "fffffffffffffffffff0000000000000",
2543 "d1c5f6399bf382502e385eee1474a869",
2545 "0000000000000000000000000000000000000000000000000000000000000000",
2546 "fffffffffffffffffff8000000000000",
2547 "0007e20b8298ec354f0f5fe7470f36bd",
2549 "0000000000000000000000000000000000000000000000000000000000000000",
2550 "fffffffffffffffffffc000000000000",
2551 "b95ba05b332da61ef63a2b31fcad9879",
2553 "0000000000000000000000000000000000000000000000000000000000000000",
2554 "fffffffffffffffffffe000000000000",
2555 "4620a49bd967491561669ab25dce45f4",
2557 "0000000000000000000000000000000000000000000000000000000000000000",
2558 "ffffffffffffffffffff000000000000",
2559 "12e71214ae8e04f0bb63d7425c6f14d5",
2561 "0000000000000000000000000000000000000000000000000000000000000000",
2562 "ffffffffffffffffffff800000000000",
2563 "4cc42fc1407b008fe350907c092e80ac",
2565 "0000000000000000000000000000000000000000000000000000000000000000",
2566 "ffffffffffffffffffffc00000000000",
2567 "08b244ce7cbc8ee97fbba808cb146fda",
2569 "0000000000000000000000000000000000000000000000000000000000000000",
2570 "ffffffffffffffffffffe00000000000",
2571 "39b333e8694f21546ad1edd9d87ed95b",
2573 "0000000000000000000000000000000000000000000000000000000000000000",
2574 "fffffffffffffffffffff00000000000",
2575 "3b271f8ab2e6e4a20ba8090f43ba78f3",
2577 "0000000000000000000000000000000000000000000000000000000000000000",
2578 "fffffffffffffffffffff80000000000",
2579 "9ad983f3bf651cd0393f0a73cccdea50",
2581 "0000000000000000000000000000000000000000000000000000000000000000",
2582 "fffffffffffffffffffffc0000000000",
2583 "8f476cbff75c1f725ce18e4bbcd19b32",
2585 "0000000000000000000000000000000000000000000000000000000000000000",
2586 "fffffffffffffffffffffe0000000000",
2587 "905b6267f1d6ab5320835a133f096f2a",
2589 "0000000000000000000000000000000000000000000000000000000000000000",
2590 "ffffffffffffffffffffff0000000000",
2591 "145b60d6d0193c23f4221848a892d61a",
2593 "0000000000000000000000000000000000000000000000000000000000000000",
2594 "ffffffffffffffffffffff8000000000",
2595 "55cfb3fb6d75cad0445bbc8dafa25b0f",
2597 "0000000000000000000000000000000000000000000000000000000000000000",
2598 "ffffffffffffffffffffffc000000000",
2599 "7b8e7098e357ef71237d46d8b075b0f5",
2601 "0000000000000000000000000000000000000000000000000000000000000000",
2602 "ffffffffffffffffffffffe000000000",
2603 "2bf27229901eb40f2df9d8398d1505ae",
2605 "0000000000000000000000000000000000000000000000000000000000000000",
2606 "fffffffffffffffffffffff000000000",
2607 "83a63402a77f9ad5c1e931a931ecd706",
2609 "0000000000000000000000000000000000000000000000000000000000000000",
2610 "fffffffffffffffffffffff800000000",
2611 "6f8ba6521152d31f2bada1843e26b973",
2613 "0000000000000000000000000000000000000000000000000000000000000000",
2614 "fffffffffffffffffffffffc00000000",
2615 "e5c3b8e30fd2d8e6239b17b44bd23bbd",
2617 "0000000000000000000000000000000000000000000000000000000000000000",
2618 "fffffffffffffffffffffffe00000000",
2619 "1ac1f7102c59933e8b2ddc3f14e94baa",
2621 "0000000000000000000000000000000000000000000000000000000000000000",
2622 "ffffffffffffffffffffffff00000000",
2623 "21d9ba49f276b45f11af8fc71a088e3d",
2625 "0000000000000000000000000000000000000000000000000000000000000000",
2626 "ffffffffffffffffffffffff80000000",
2627 "649f1cddc3792b4638635a392bc9bade",
2629 "0000000000000000000000000000000000000000000000000000000000000000",
2630 "ffffffffffffffffffffffffc0000000",
2631 "e2775e4b59c1bc2e31a2078c11b5a08c",
2633 "0000000000000000000000000000000000000000000000000000000000000000",
2634 "ffffffffffffffffffffffffe0000000",
2635 "2be1fae5048a25582a679ca10905eb80",
2637 "0000000000000000000000000000000000000000000000000000000000000000",
2638 "fffffffffffffffffffffffff0000000",
2639 "da86f292c6f41ea34fb2068df75ecc29",
2641 "0000000000000000000000000000000000000000000000000000000000000000",
2642 "fffffffffffffffffffffffff8000000",
2643 "220df19f85d69b1b562fa69a3c5beca5",
2645 "0000000000000000000000000000000000000000000000000000000000000000",
2646 "fffffffffffffffffffffffffc000000",
2647 "1f11d5d0355e0b556ccdb6c7f5083b4d",
2649 "0000000000000000000000000000000000000000000000000000000000000000",
2650 "fffffffffffffffffffffffffe000000",
2651 "62526b78be79cb384633c91f83b4151b",
2653 "0000000000000000000000000000000000000000000000000000000000000000",
2654 "ffffffffffffffffffffffffff000000",
2655 "90ddbcb950843592dd47bbef00fdc876",
2657 "0000000000000000000000000000000000000000000000000000000000000000",
2658 "ffffffffffffffffffffffffff800000",
2659 "2fd0e41c5b8402277354a7391d2618e2",
2661 "0000000000000000000000000000000000000000000000000000000000000000",
2662 "ffffffffffffffffffffffffffc00000",
2663 "3cdf13e72dee4c581bafec70b85f9660",
2665 "0000000000000000000000000000000000000000000000000000000000000000",
2666 "ffffffffffffffffffffffffffe00000",
2667 "afa2ffc137577092e2b654fa199d2c43",
2669 "0000000000000000000000000000000000000000000000000000000000000000",
2670 "fffffffffffffffffffffffffff00000",
2671 "8d683ee63e60d208e343ce48dbc44cac",
2673 "0000000000000000000000000000000000000000000000000000000000000000",
2674 "fffffffffffffffffffffffffff80000",
2675 "705a4ef8ba2133729c20185c3d3a4763",
2677 "0000000000000000000000000000000000000000000000000000000000000000",
2678 "fffffffffffffffffffffffffffc0000",
2679 "0861a861c3db4e94194211b77ed761b9",
2681 "0000000000000000000000000000000000000000000000000000000000000000",
2682 "fffffffffffffffffffffffffffe0000",
2683 "4b00c27e8b26da7eab9d3a88dec8b031",
2685 "0000000000000000000000000000000000000000000000000000000000000000",
2686 "ffffffffffffffffffffffffffff0000",
2687 "5f397bf03084820cc8810d52e5b666e9",
2689 "0000000000000000000000000000000000000000000000000000000000000000",
2690 "ffffffffffffffffffffffffffff8000",
2691 "63fafabb72c07bfbd3ddc9b1203104b8",
2693 "0000000000000000000000000000000000000000000000000000000000000000",
2694 "ffffffffffffffffffffffffffffc000",
2695 "683e2140585b18452dd4ffbb93c95df9",
2697 "0000000000000000000000000000000000000000000000000000000000000000",
2698 "ffffffffffffffffffffffffffffe000",
2699 "286894e48e537f8763b56707d7d155c8",
2701 "0000000000000000000000000000000000000000000000000000000000000000",
2702 "fffffffffffffffffffffffffffff000",
2703 "a423deabc173dcf7e2c4c53e77d37cd1",
2705 "0000000000000000000000000000000000000000000000000000000000000000",
2706 "fffffffffffffffffffffffffffff800",
2707 "eb8168313e1cfdfdb5e986d5429cf172",
2709 "0000000000000000000000000000000000000000000000000000000000000000",
2710 "fffffffffffffffffffffffffffffc00",
2711 "27127daafc9accd2fb334ec3eba52323",
2713 "0000000000000000000000000000000000000000000000000000000000000000",
2714 "fffffffffffffffffffffffffffffe00",
2715 "ee0715b96f72e3f7a22a5064fc592f4c",
2717 "0000000000000000000000000000000000000000000000000000000000000000",
2718 "ffffffffffffffffffffffffffffff00",
2719 "29ee526770f2a11dcfa989d1ce88830f",
2721 "0000000000000000000000000000000000000000000000000000000000000000",
2722 "ffffffffffffffffffffffffffffff80",
2723 "0493370e054b09871130fe49af730a5a",
2725 "0000000000000000000000000000000000000000000000000000000000000000",
2726 "ffffffffffffffffffffffffffffffc0",
2727 "9b7b940f6c509f9e44a4ee140448ee46",
2729 "0000000000000000000000000000000000000000000000000000000000000000",
2730 "ffffffffffffffffffffffffffffffe0",
2731 "2915be4a1ecfdcbe3e023811a12bb6c7",
2733 "0000000000000000000000000000000000000000000000000000000000000000",
2734 "fffffffffffffffffffffffffffffff0",
2735 "7240e524bc51d8c4d440b1be55d1062c",
2737 "0000000000000000000000000000000000000000000000000000000000000000",
2738 "fffffffffffffffffffffffffffffff8",
2739 "da63039d38cb4612b2dc36ba26684b93",
2741 "0000000000000000000000000000000000000000000000000000000000000000",
2742 "fffffffffffffffffffffffffffffffc",
2743 "0f59cb5a4b522e2ac56c1a64f558ad9a",
2745 "0000000000000000000000000000000000000000000000000000000000000000",
2746 "fffffffffffffffffffffffffffffffe",
2747 "7bfe9d876c6d63c1d035da8fe21c409d",
2749 "0000000000000000000000000000000000000000000000000000000000000000",
2750 "ffffffffffffffffffffffffffffffff",
2751 "acdace8078a32b1a182bfa4987ca1347",
2760 * AES known-answer tests for CBC. Order: key, IV, plaintext, ciphertext.
2762 static const char *const KAT_AES_CBC
[] = {
2764 * From NIST validation suite "Multiblock Message Test"
2767 "1f8e4973953f3fb0bd6b16662e9a3c17",
2768 "2fe2b333ceda8f98f4a99b40d2cd34a8",
2769 "45cf12964fc824ab76616ae2f4bf0822",
2770 "0f61c4d44c5147c03c195ad7e2cc12b2",
2772 "0700d603a1c514e46b6191ba430a3a0c",
2773 "aad1583cd91365e3bb2f0c3430d065bb",
2774 "068b25c7bfb1f8bdd4cfc908f69dffc5ddc726a197f0e5f720f730393279be91",
2775 "c4dc61d9725967a3020104a9738f23868527ce839aab1752fd8bdb95a82c4d00",
2777 "3348aa51e9a45c2dbe33ccc47f96e8de",
2778 "19153c673160df2b1d38c28060e59b96",
2779 "9b7cee827a26575afdbb7c7a329f887238052e3601a7917456ba61251c214763d5e1847a6ad5d54127a399ab07ee3599",
2780 "d5aed6c9622ec451a15db12819952b6752501cf05cdbf8cda34a457726ded97818e1f127a28d72db5652749f0c6afee5",
2782 "b7f3c9576e12dd0db63e8f8fac2b9a39",
2783 "c80f095d8bb1a060699f7c19974a1aa0",
2784 "9ac19954ce1319b354d3220460f71c1e373f1cd336240881160cfde46ebfed2e791e8d5a1a136ebd1dc469dec00c4187722b841cdabcb22c1be8a14657da200e",
2785 "19b9609772c63f338608bf6eb52ca10be65097f89c1e0905c42401fd47791ae2c5440b2d473116ca78bd9ff2fb6015cfd316524eae7dcb95ae738ebeae84a467",
2787 "b6f9afbfe5a1562bba1368fc72ac9d9c",
2788 "3f9d5ebe250ee7ce384b0d00ee849322",
2789 "db397ec22718dbffb9c9d13de0efcd4611bf792be4fce0dc5f25d4f577ed8cdbd4eb9208d593dda3d4653954ab64f05676caa3ce9bfa795b08b67ceebc923fdc89a8c431188e9e482d8553982cf304d1",
2790 "10ea27b19e16b93af169c4a88e06e35c99d8b420980b058e34b4b8f132b13766f72728202b089f428fecdb41c79f8aa0d0ef68f5786481cca29e2126f69bc14160f1ae2187878ba5c49cf3961e1b7ee9",
2792 "bbe7b7ba07124ff1ae7c3416fe8b465e",
2793 "7f65b5ee3630bed6b84202d97fb97a1e",
2794 "2aad0c2c4306568bad7447460fd3dac054346d26feddbc9abd9110914011b4794be2a9a00a519a51a5b5124014f4ed2735480db21b434e99a911bb0b60fe0253763725b628d5739a5117b7ee3aefafc5b4c1bf446467e7bf5f78f31ff7caf187",
2795 "3b8611bfc4973c5cd8e982b073b33184cd26110159172e44988eb5ff5661a1e16fad67258fcbfee55469267a12dc374893b4e3533d36f5634c3095583596f135aa8cd1138dc898bc5651ee35a92ebf89ab6aeb5366653bc60a70e0074fc11efe",
2797 "89a553730433f7e6d67d16d373bd5360",
2798 "f724558db3433a523f4e51a5bea70497",
2799 "807bc4ea684eedcfdcca30180680b0f1ae2814f35f36d053c5aea6595a386c1442770f4d7297d8b91825ee7237241da8925dd594ccf676aecd46ca2068e8d37a3a0ec8a7d5185a201e663b5ff36ae197110188a23503763b8218826d23ced74b31e9f6e2d7fbfa6cb43420c7807a8625",
2800 "406af1429a478c3d07e555c5287a60500d37fc39b68e5bbb9bafd6ddb223828561d6171a308d5b1a4551e8a5e7d572918d25c968d3871848d2f16635caa9847f38590b1df58ab5efb985f2c66cfaf86f61b3f9c0afad6c963c49cee9b8bc81a2ddb06c967f325515a4849eec37ce721a",
2802 "c491ca31f91708458e29a925ec558d78",
2803 "9ef934946e5cd0ae97bd58532cb49381",
2804 "cb6a787e0dec56f9a165957f81af336ca6b40785d9e94093c6190e5152649f882e874d79ac5e167bd2a74ce5ae088d2ee854f6539e0a94796b1e1bd4c9fcdbc79acbef4d01eeb89776d18af71ae2a4fc47dd66df6c4dbe1d1850e466549a47b636bcc7c2b3a62495b56bb67b6d455f1eebd9bfefecbca6c7f335cfce9b45cb9d",
2805 "7b2931f5855f717145e00f152a9f4794359b1ffcb3e55f594e33098b51c23a6c74a06c1d94fded7fd2ae42c7db7acaef5844cb33aeddc6852585ed0020a6699d2cb53809cefd169148ce42292afab063443978306c582c18b9ce0da3d084ce4d3c482cfd8fcf1a85084e89fb88b40a084d5e972466d07666126fb761f84078f2",
2807 "f6e87d71b0104d6eb06a68dc6a71f498",
2808 "1c245f26195b76ebebc2edcac412a2f8",
2809 "f82bef3c73a6f7f80db285726d691db6bf55eec25a859d3ba0e0445f26b9bb3b16a3161ed1866e4dd8f2e5f8ecb4e46d74a7a78c20cdfc7bcc9e479ba7a0caba9438238ad0c01651d5d98de37f03ddce6e6b4bd4ab03cf9e8ed818aedfa1cf963b932067b97d776dce1087196e7e913f7448e38244509f0caf36bd8217e15336d35c149fd4e41707893fdb84014f8729",
2810 "b09512f3eff9ed0d85890983a73dadbb7c3678d52581be64a8a8fc586f490f2521297a478a0598040ebd0f5509fafb0969f9d9e600eaef33b1b93eed99687b167f89a5065aac439ce46f3b8d22d30865e64e45ef8cd30b6984353a844a11c8cd60dba0e8866b3ee30d24b3fa8a643b328353e06010fa8273c8fd54ef0a2b6930e5520aae5cd5902f9b86a33592ca4365",
2812 "2c14413751c31e2730570ba3361c786b",
2813 "1dbbeb2f19abb448af849796244a19d7",
2814 "40d930f9a05334d9816fe204999c3f82a03f6a0457a8c475c94553d1d116693adc618049f0a769a2eed6a6cb14c0143ec5cccdbc8dec4ce560cfd206225709326d4de7948e54d603d01b12d7fed752fb23f1aa4494fbb00130e9ded4e77e37c079042d828040c325b1a5efd15fc842e44014ca4374bf38f3c3fc3ee327733b0c8aee1abcd055772f18dc04603f7b2c1ea69ff662361f2be0a171bbdcea1e5d3f",
2815 "6be8a12800455a320538853e0cba31bd2d80ea0c85164a4c5c261ae485417d93effe2ebc0d0a0b51d6ea18633d210cf63c0c4ddbc27607f2e81ed9113191ef86d56f3b99be6c415a4150299fb846ce7160b40b63baf1179d19275a2e83698376d28b92548c68e06e6d994e2c1501ed297014e702cdefee2f656447706009614d801de1caaf73f8b7fa56cf1ba94b631933bbe577624380850f117435a0355b2b",
2818 * From NIST validation suite "Multiblock Message Test"
2821 "ba75f4d1d9d7cf7f551445d56cc1a8ab2a078e15e049dc2c",
2822 "531ce78176401666aa30db94ec4a30eb",
2823 "c51fc276774dad94bcdc1d2891ec8668",
2824 "70dd95a14ee975e239df36ff4aee1d5d",
2826 "eab3b19c581aa873e1981c83ab8d83bbf8025111fb2e6b21",
2827 "f3d6667e8d4d791e60f7505ba383eb05",
2828 "9d4e4cccd1682321856df069e3f1c6fa391a083a9fb02d59db74c14081b3acc4",
2829 "51d44779f90d40a80048276c035cb49ca2a47bcb9b9cf7270b9144793787d53f",
2831 "16c93bb398f1fc0cf6d68fc7a5673cdf431fa147852b4a2d",
2832 "eaaeca2e07ddedf562f94df63f0a650f",
2833 "c5ce958613bf741718c17444484ebaf1050ddcacb59b9590178cbe69d7ad7919608cb03af13bbe04f3506b718a301ea0",
2834 "ed6a50e0c6921d52d6647f75d67b4fd56ace1fedb8b5a6a997b4d131640547d22c5d884a75e6752b5846b5b33a5181f4",
2836 "067bb17b4df785697eaccf961f98e212cb75e6797ce935cb",
2837 "8b59c9209c529ca8391c9fc0ce033c38",
2838 "db3785a889b4bd387754da222f0e4c2d2bfe0d79e05bc910fba941beea30f1239eacf0068f4619ec01c368e986fca6b7c58e490579d29611bd10087986eff54f",
2839 "d5f5589760bf9c762228fde236de1fa2dd2dad448db3fa9be0c4196efd46a35c84dd1ac77d9db58c95918cb317a6430a08d2fb6a8e8b0f1c9b72c7a344dc349f",
2841 "0fd39de83e0be77a79c8a4a612e3dd9c8aae2ce35e7a2bf8",
2842 "7e1d629b84f93b079be51f9a5f5cb23c",
2843 "38fbda37e28fa86d9d83a4345e419dea95d28c7818ff25925db6ac3aedaf0a86154e20a4dfcc5b1b4192895393e5eb5846c88bdbd41ecf7af3104f410eaee470f5d9017ed460475f626953035a13db1f",
2844 "edadae2f9a45ff3473e02d904c94d94a30a4d92da4deb6bcb4b0774472694571842039f21c496ef93fd658842c735f8a81fcd0aa578442ab893b18f606aed1bab11f81452dd45e9b56adf2eccf4ea095",
2846 "e3fecc75f0075a09b383dfd389a3d33cc9b854b3b254c0f4",
2847 "36eab883afef936cc38f63284619cd19",
2848 "931b2f5f3a5820d53a6beaaa6431083a3488f4eb03b0f5b57ef838e1579623103bd6e6800377538b2e51ef708f3c4956432e8a8ee6a34e190642b26ad8bdae6c2af9a6c7996f3b6004d2671e41f1c9f40ee03d1c4a52b0a0654a331f15f34dce",
2849 "75395974bd32b3665654a6c8e396b88ae34b123575872a7ab687d8e76b46df911a8a590cd01d2f5c330be3a6626e9dd3aa5e10ed14e8ff829811b6fed50f3f533ca4385a1cbca78f5c4744e50f2f8359165c2485d1324e76c3eae76a0ccac629",
2851 "f9c27565eb07947c8cb51b79248430f7b1066c3d2fdc3d13",
2852 "2bd67cc89ab7948d644a49672843cbd9",
2853 "6abcc270173cf114d44847e911a050db57ba7a2e2c161c6f37ccb6aaa4677bddcaf50cad0b5f8758fcf7c0ebc650ceb5cd52cafb8f8dd3edcece55d9f1f08b9fa8f54365cf56e28b9596a7e1dd1d3418e4444a7724add4cf79d527b183ec88de4be4eeff29c80a97e54f85351cb189ee",
2854 "ca282924a61187feb40520979106e5cc861957f23828dcb7285e0eaac8a0ca2a6b60503d63d6039f4693dba32fa1f73ae2e709ca94911f28a5edd1f30eaddd54680c43acc9c74cd90d8bb648b4e544275f47e514daa20697f66c738eb30337f017fca1a26da4d1a0cc0a0e98e2463070",
2856 "fb09cf9e00dbf883689d079c920077c0073c31890b55bab5",
2857 "e3c89bd097c3abddf64f4881db6dbfe2",
2858 "c1a37683fb289467dd1b2c89efba16bbd2ee24cf18d19d44596ded2682c79a2f711c7a32bf6a24badd32a4ee637c73b7a41da6258635650f91fb9ffa45bdfc3cb122136241b3deced8996aa51ea8d3e81c9d70e006a44bc0571ed48623a0d622a93fa9da290baaedf5d9e876c94620945ff8ecc83f27379ed55cf490c5790f27",
2859 "8158e21420f25b59d6ae943fa1cbf21f02e979f419dab0126a721b7eef55bee9ad97f5ccff7d239057bbc19a8c378142f7672f1d5e7e17d7bebcb0070e8355cace6660171a53b61816ae824a6ef69ce470b6ffd3b5bb4b438874d91d27854d3b6f25860d3868958de3307d62b1339bdddb8a318c0ce0f33c17caf0e9f6040820",
2861 "bca6fa3c67fd294e958f66fe8bd64f45f428f5bc8e9733a7",
2862 "92a47f2833f1450d1da41717bdc6e83c",
2863 "5becbc31d8bead6d36ae014a5863d14a431e6b55d29ea6baaa417271716db3a33b2e506b452086dfe690834ac2de30bc41254ec5401ec47d064237c7792fdcd7914d8af20eb114756642d519021a8c75a92f6bc53d326ae9a5b7e1b10a9756574692934d9939fc399e0c203f7edf8e7e6482eadd31a0400770e897b48c6bca2b404593045080e93377358c42a0f4dede",
2864 "926db248cc1ba20f0c57631a7c8aef094f791937b905949e3460240e8bfa6fa483115a1b310b6e4369caebc5262888377b1ddaa5800ea496a2bdff0f9a1031e7129c9a20e35621e7f0b8baca0d87030f2ae7ca8593c8599677a06fd4b26009ead08fecac24caa9cf2cad3b470c8227415a7b1e0f2eab3fad96d70a209c8bb26c627677e2531b9435ca6e3c444d195b5f",
2866 "162ad50ee64a0702aa551f571dedc16b2c1b6a1e4d4b5eee",
2867 "24408038161a2ccae07b029bb66355c1",
2868 "be8abf00901363987a82cc77d0ec91697ba3857f9e4f84bd79406c138d02698f003276d0449120bef4578d78fecabe8e070e11710b3f0a2744bd52434ec70015884c181ebdfd51c604a71c52e4c0e110bc408cd462b248a80b8a8ac06bb952ac1d7faed144807f1a731b7febcaf7835762defe92eccfc7a9944e1c702cffe6bc86733ed321423121085ac02df8962bcbc1937092eebf0e90a8b20e3dd8c244ae",
2869 "c82cf2c476dea8cb6a6e607a40d2f0391be82ea9ec84a537a6820f9afb997b76397d005424faa6a74dc4e8c7aa4a8900690f894b6d1dca80675393d2243adac762f159301e357e98b724762310cd5a7bafe1c2a030dba46fd93a9fdb89cc132ca9c17dc72031ec6822ee5a9d99dbca66c784c01b0885cbb62e29d97801927ec415a5d215158d325f9ee689437ad1b7684ad33c0d92739451ac87f39ff8c31b84",
2872 * From NIST validation suite "Multiblock Message Test"
2875 "6ed76d2d97c69fd1339589523931f2a6cff554b15f738f21ec72dd97a7330907",
2876 "851e8764776e6796aab722dbb644ace8",
2877 "6282b8c05c5c1530b97d4816ca434762",
2878 "6acc04142e100a65f51b97adf5172c41",
2880 "dce26c6b4cfb286510da4eecd2cffe6cdf430f33db9b5f77b460679bd49d13ae",
2881 "fdeaa134c8d7379d457175fd1a57d3fc",
2882 "50e9eee1ac528009e8cbcd356975881f957254b13f91d7c6662d10312052eb00",
2883 "2fa0df722a9fd3b64cb18fb2b3db55ff2267422757289413f8f657507412a64c",
2885 "fe8901fecd3ccd2ec5fdc7c7a0b50519c245b42d611a5ef9e90268d59f3edf33",
2886 "bd416cb3b9892228d8f1df575692e4d0",
2887 "8d3aa196ec3d7c9b5bb122e7fe77fb1295a6da75abe5d3a510194d3a8a4157d5c89d40619716619859da3ec9b247ced9",
2888 "608e82c7ab04007adb22e389a44797fed7de090c8c03ca8a2c5acd9e84df37fbc58ce8edb293e98f02b640d6d1d72464",
2890 "0493ff637108af6a5b8e90ac1fdf035a3d4bafd1afb573be7ade9e8682e663e5",
2891 "c0cd2bebccbb6c49920bd5482ac756e8",
2892 "8b37f9148df4bb25956be6310c73c8dc58ea9714ff49b643107b34c9bff096a94fedd6823526abc27a8e0b16616eee254ab4567dd68e8ccd4c38ac563b13639c",
2893 "05d5c77729421b08b737e41119fa4438d1f570cc772a4d6c3df7ffeda0384ef84288ce37fc4c4c7d1125a499b051364c389fd639bdda647daa3bdadab2eb5594",
2895 "9adc8fbd506e032af7fa20cf5343719de6d1288c158c63d6878aaf64ce26ca85",
2896 "11958dc6ab81e1c7f01631e9944e620f",
2897 "c7917f84f747cd8c4b4fedc2219bdbc5f4d07588389d8248854cf2c2f89667a2d7bcf53e73d32684535f42318e24cd45793950b3825e5d5c5c8fcd3e5dda4ce9246d18337ef3052d8b21c5561c8b660e",
2898 "9c99e68236bb2e929db1089c7750f1b356d39ab9d0c40c3e2f05108ae9d0c30b04832ccdbdc08ebfa426b7f5efde986ed05784ce368193bb3699bc691065ac62e258b9aa4cc557e2b45b49ce05511e65",
2900 "73b8faf00b3302ac99855cf6f9e9e48518690a5906a4869d4dcf48d282faae2a",
2901 "b3cb97a80a539912b8c21f450d3b9395",
2902 "3adea6e06e42c4f041021491f2775ef6378cb08824165edc4f6448e232175b60d0345b9f9c78df6596ec9d22b7b9e76e8f3c76b32d5d67273f1d83fe7a6fc3dd3c49139170fa5701b3beac61b490f0a9e13f844640c4500f9ad3087adfb0ae10",
2903 "ac3d6dbafe2e0f740632fd9e820bf6044cd5b1551cbb9cc03c0b25c39ccb7f33b83aacfca40a3265f2bbff879153448acacb88fcfb3bb7b10fe463a68c0109f028382e3e557b1adf02ed648ab6bb895df0205d26ebbfa9a5fd8cebd8e4bee3dc",
2905 "9ddf3745896504ff360a51a3eb49c01b79fccebc71c3abcb94a949408b05b2c9",
2906 "e79026639d4aa230b5ccffb0b29d79bc",
2907 "cf52e5c3954c51b94c9e38acb8c9a7c76aebdaa9943eae0a1ce155a2efdb4d46985d935511471452d9ee64d2461cb2991d59fc0060697f9a671672163230f367fed1422316e52d29eceacb8768f56d9b80f6d278093c9a8acd3cfd7edd8ebd5c293859f64d2f8486ae1bd593c65bc014",
2908 "34df561bd2cfebbcb7af3b4b8d21ca5258312e7e2e4e538e35ad2490b6112f0d7f148f6aa8d522a7f3c61d785bd667db0e1dc4606c318ea4f26af4fe7d11d4dcff0456511b4aed1a0d91ba4a1fd6cd9029187bc5881a5a07fe02049d39368e83139b12825bae2c7be81e6f12c61bb5c5",
2910 "458b67bf212d20f3a57fce392065582dcefbf381aa22949f8338ab9052260e1d",
2911 "4c12effc5963d40459602675153e9649",
2912 "256fd73ce35ae3ea9c25dd2a9454493e96d8633fe633b56176dce8785ce5dbbb84dbf2c8a2eeb1e96b51899605e4f13bbc11b93bf6f39b3469be14858b5b720d4a522d36feed7a329c9b1e852c9280c47db8039c17c4921571a07d1864128330e09c308ddea1694e95c84500f1a61e614197e86a30ecc28df64ccb3ccf5437aa",
2913 "90b7b9630a2378f53f501ab7beff039155008071bc8438e789932cfd3eb1299195465e6633849463fdb44375278e2fdb1310821e6492cf80ff15cb772509fb426f3aeee27bd4938882fd2ae6b5bd9d91fa4a43b17bb439ebbe59c042310163a82a5fe5388796eee35a181a1271f00be29b852d8fa759bad01ff4678f010594cd",
2915 "d2412db0845d84e5732b8bbd642957473b81fb99ca8bff70e7920d16c1dbec89",
2916 "51c619fcf0b23f0c7925f400a6cacb6d",
2917 "026006c4a71a180c9929824d9d095b8faaa86fc4fa25ecac61d85ff6de92dfa8702688c02a282c1b8af4449707f22d75e91991015db22374c95f8f195d5bb0afeb03040ff8965e0e1339dba5653e174f8aa5a1b39fe3ac839ce307a4e44b4f8f1b0063f738ec18acdbff2ebfe07383e734558723e741f0a1836dafdf9de82210a9248bc113b3c1bc8b4e252ca01bd803",
2918 "0254b23463bcabec5a395eb74c8fb0eb137a07bc6f5e9f61ec0b057de305714f8fa294221c91a159c315939b81e300ee902192ec5f15254428d8772f79324ec43298ca21c00b370273ee5e5ed90e43efa1e05a5d171209fe34f9f29237dba2a6726650fd3b1321747d1208863c6c3c6b3e2d879ab5f25782f08ba8f2abbe63e0bedb4a227e81afb36bb6645508356d34",
2920 "48be597e632c16772324c8d3fa1d9c5a9ecd010f14ec5d110d3bfec376c5532b",
2921 "d6d581b8cf04ebd3b6eaa1b53f047ee1",
2922 "0c63d413d3864570e70bb6618bf8a4b9585586688c32bba0a5ecc1362fada74ada32c52acfd1aa7444ba567b4e7daaecf7cc1cb29182af164ae5232b002868695635599807a9a7f07a1f137e97b1e1c9dabc89b6a5e4afa9db5855edaa575056a8f4f8242216242bb0c256310d9d329826ac353d715fa39f80cec144d6424558f9f70b98c920096e0f2c855d594885a00625880e9dfb734163cecef72cf030b8",
2923 "fc5873e50de8faf4c6b84ba707b0854e9db9ab2e9f7d707fbba338c6843a18fc6facebaf663d26296fb329b4d26f18494c79e09e779647f9bafa87489630d79f4301610c2300c19dbf3148b7cac8c4f4944102754f332e92b6f7c5e75bc6179eb877a078d4719009021744c14f13fd2a55a2b9c44d18000685a845a4f632c7c56a77306efa66a24d05d088dcd7c13fe24fc447275965db9e4d37fbc9304448cd",
2926 * End-of-table marker.
2932 * AES known-answer tests for CTR. Order: key, IV, plaintext, ciphertext.
2934 static const char *const KAT_AES_CTR
[] = {
2938 "ae6852f8121067cc4bf7a5765577f39e",
2939 "000000300000000000000000",
2940 "53696e676c6520626c6f636b206d7367",
2941 "e4095d4fb7a7b3792d6175a3261311b8",
2943 "7e24067817fae0d743d6ce1f32539163",
2944 "006cb6dbc0543b59da48d90b",
2945 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2946 "5104a106168a72d9790d41ee8edad388eb2e1efc46da57c8fce630df9141be28",
2948 "7691be035e5020a8ac6e618529f9a0dc",
2949 "00e0017b27777f3f4a1786f0",
2950 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2951 "c1cf48a89f2ffdd9cf4652e9efdb72d74540a42bde6d7836d59a5ceaaef3105325b2072f",
2953 "16af5b145fc9f579c175f93e3bfb0eed863d06ccfdb78515",
2954 "0000004836733c147d6d93cb",
2955 "53696e676c6520626c6f636b206d7367",
2956 "4b55384fe259c9c84e7935a003cbe928",
2958 "7c5cb2401b3dc33c19e7340819e0f69c678c3db8e6f6a91a",
2959 "0096b03b020c6eadc2cb500d",
2960 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2961 "453243fc609b23327edfaafa7131cd9f8490701c5ad4a79cfc1fe0ff42f4fb00",
2963 "02bf391ee8ecb159b959617b0965279bf59b60a786d3e0fe",
2964 "0007bdfd5cbd60278dcc0912",
2965 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2966 "96893fc55e5c722f540b7dd1ddf7e758d288bc95c69165884536c811662f2188abee0935",
2968 "776beff2851db06f4c8a0542c8696f6c6a81af1eec96b4d37fc1d689e6c1c104",
2969 "00000060db5672c97aa8f0b2",
2970 "53696e676c6520626c6f636b206d7367",
2971 "145ad01dbf824ec7560863dc71e3e0c0",
2973 "f6d66d6bd52d59bb0796365879eff886c66dd51a5b6a99744b50590c87a23884",
2974 "00faac24c1585ef15a43d875",
2975 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2976 "f05e231b3894612c49ee000b804eb2a9b8306b508f839d6a5530831d9344af1c",
2978 "ff7a617ce69148e4f1726e2f43581de2aa62d9f805532edff1eed687fb54153d",
2979 "001cc5b751a51d70a1c11148",
2980 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2981 "eb6c52821d0bbbf7ce7594462aca4faab407df866569fd07f48cc0b583d6071f1ec0e6b8",
2984 * End-of-table marker.
2990 monte_carlo_AES_encrypt(const br_block_cbcenc_class
*ve
,
2991 char *skey
, char *splain
, char *scipher
)
2993 unsigned char key
[32];
2994 unsigned char buf
[16];
2995 unsigned char pbuf
[16];
2996 unsigned char cipher
[16];
2999 br_aes_gen_cbcenc_keys v_ec
;
3000 const br_block_cbcenc_class
**ec
;
3003 key_len
= hextobin(key
, skey
);
3004 hextobin(buf
, splain
);
3005 hextobin(cipher
, scipher
);
3006 for (i
= 0; i
< 100; i
++) {
3007 ve
->init(ec
, key
, key_len
);
3008 for (j
= 0; j
< 1000; j
++) {
3009 unsigned char iv
[16];
3011 memcpy(pbuf
, buf
, sizeof buf
);
3012 memset(iv
, 0, sizeof iv
);
3013 ve
->run(ec
, iv
, buf
, sizeof buf
);
3017 for (k
= 0; k
< 16; k
++) {
3022 for (k
= 0; k
< 8; k
++) {
3023 key
[k
] ^= pbuf
[8 + k
];
3025 for (k
= 0; k
< 16; k
++) {
3026 key
[8 + k
] ^= buf
[k
];
3030 for (k
= 0; k
< 16; k
++) {
3032 key
[16 + k
] ^= buf
[k
];
3041 check_equals("MC AES encrypt", buf
, cipher
, sizeof buf
);
3045 monte_carlo_AES_decrypt(const br_block_cbcdec_class
*vd
,
3046 char *skey
, char *scipher
, char *splain
)
3048 unsigned char key
[32];
3049 unsigned char buf
[16];
3050 unsigned char pbuf
[16];
3051 unsigned char plain
[16];
3054 br_aes_gen_cbcdec_keys v_dc
;
3055 const br_block_cbcdec_class
**dc
;
3058 key_len
= hextobin(key
, skey
);
3059 hextobin(buf
, scipher
);
3060 hextobin(plain
, splain
);
3061 for (i
= 0; i
< 100; i
++) {
3062 vd
->init(dc
, key
, key_len
);
3063 for (j
= 0; j
< 1000; j
++) {
3064 unsigned char iv
[16];
3066 memcpy(pbuf
, buf
, sizeof buf
);
3067 memset(iv
, 0, sizeof iv
);
3068 vd
->run(dc
, iv
, buf
, sizeof buf
);
3072 for (k
= 0; k
< 16; k
++) {
3077 for (k
= 0; k
< 8; k
++) {
3078 key
[k
] ^= pbuf
[8 + k
];
3080 for (k
= 0; k
< 16; k
++) {
3081 key
[8 + k
] ^= buf
[k
];
3085 for (k
= 0; k
< 16; k
++) {
3087 key
[16 + k
] ^= buf
[k
];
3096 check_equals("MC AES decrypt", buf
, plain
, sizeof buf
);
3100 test_AES_generic(char *name
,
3101 const br_block_cbcenc_class
*ve
,
3102 const br_block_cbcdec_class
*vd
,
3103 const br_block_ctr_class
*vc
,
3104 int with_MC
, int with_CBC
)
3108 printf("Test %s: ", name
);
3111 if (ve
->block_size
!= 16 || vd
->block_size
!= 16
3112 || ve
->log_block_size
!= 4 || vd
->log_block_size
!= 4)
3114 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3118 for (u
= 0; KAT_AES
[u
]; u
+= 3) {
3119 unsigned char key
[32];
3120 unsigned char plain
[16];
3121 unsigned char cipher
[16];
3122 unsigned char buf
[16];
3123 unsigned char iv
[16];
3125 br_aes_gen_cbcenc_keys v_ec
;
3126 br_aes_gen_cbcdec_keys v_dc
;
3127 const br_block_cbcenc_class
**ec
;
3128 const br_block_cbcdec_class
**dc
;
3132 key_len
= hextobin(key
, KAT_AES
[u
]);
3133 hextobin(plain
, KAT_AES
[u
+ 1]);
3134 hextobin(cipher
, KAT_AES
[u
+ 2]);
3135 ve
->init(ec
, key
, key_len
);
3136 memcpy(buf
, plain
, sizeof plain
);
3137 memset(iv
, 0, sizeof iv
);
3138 ve
->run(ec
, iv
, buf
, sizeof buf
);
3139 check_equals("KAT AES encrypt", buf
, cipher
, sizeof cipher
);
3140 vd
->init(dc
, key
, key_len
);
3141 memset(iv
, 0, sizeof iv
);
3142 vd
->run(dc
, iv
, buf
, sizeof buf
);
3143 check_equals("KAT AES decrypt", buf
, plain
, sizeof plain
);
3147 for (u
= 0; KAT_AES_CBC
[u
]; u
+= 4) {
3148 unsigned char key
[32];
3149 unsigned char ivref
[16];
3150 unsigned char plain
[200];
3151 unsigned char cipher
[200];
3152 unsigned char buf
[200];
3153 unsigned char iv
[16];
3154 size_t key_len
, data_len
, v
;
3155 br_aes_gen_cbcenc_keys v_ec
;
3156 br_aes_gen_cbcdec_keys v_dc
;
3157 const br_block_cbcenc_class
**ec
;
3158 const br_block_cbcdec_class
**dc
;
3162 key_len
= hextobin(key
, KAT_AES_CBC
[u
]);
3163 hextobin(ivref
, KAT_AES_CBC
[u
+ 1]);
3164 data_len
= hextobin(plain
, KAT_AES_CBC
[u
+ 2]);
3165 hextobin(cipher
, KAT_AES_CBC
[u
+ 3]);
3166 ve
->init(ec
, key
, key_len
);
3168 memcpy(buf
, plain
, data_len
);
3169 memcpy(iv
, ivref
, 16);
3170 ve
->run(ec
, iv
, buf
, data_len
);
3171 check_equals("KAT CBC AES encrypt",
3172 buf
, cipher
, data_len
);
3173 vd
->init(dc
, key
, key_len
);
3174 memcpy(iv
, ivref
, 16);
3175 vd
->run(dc
, iv
, buf
, data_len
);
3176 check_equals("KAT CBC AES decrypt",
3177 buf
, plain
, data_len
);
3179 memcpy(buf
, plain
, data_len
);
3180 memcpy(iv
, ivref
, 16);
3181 for (v
= 0; v
< data_len
; v
+= 16) {
3182 ve
->run(ec
, iv
, buf
+ v
, 16);
3184 check_equals("KAT CBC AES encrypt (2)",
3185 buf
, cipher
, data_len
);
3186 memcpy(iv
, ivref
, 16);
3187 for (v
= 0; v
< data_len
; v
+= 16) {
3188 vd
->run(dc
, iv
, buf
+ v
, 16);
3190 check_equals("KAT CBC AES decrypt (2)",
3191 buf
, plain
, data_len
);
3195 * We want to check proper IV management for CBC:
3196 * encryption and decryption must properly copy the _last_
3197 * encrypted block as new IV, for all sizes.
3199 for (u
= 1; u
<= 35; u
++) {
3200 br_hmac_drbg_context rng
;
3202 size_t key_len
, data_len
;
3205 br_hmac_drbg_init(&rng
, &br_sha256_vtable
,
3206 "seed for AES/CBC", 16);
3208 br_hmac_drbg_update(&rng
, &x
, 1);
3210 for (key_len
= 16; key_len
<= 32; key_len
+= 16) {
3211 unsigned char key
[32];
3212 unsigned char iv
[16], iv1
[16], iv2
[16];
3213 unsigned char plain
[35 * 16];
3214 unsigned char tmp1
[sizeof plain
];
3215 unsigned char tmp2
[sizeof plain
];
3216 br_aes_gen_cbcenc_keys v_ec
;
3217 br_aes_gen_cbcdec_keys v_dc
;
3218 const br_block_cbcenc_class
**ec
;
3219 const br_block_cbcdec_class
**dc
;
3221 br_hmac_drbg_generate(&rng
, key
, key_len
);
3222 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
3223 br_hmac_drbg_generate(&rng
, plain
, data_len
);
3226 ve
->init(ec
, key
, key_len
);
3227 memcpy(iv1
, iv
, sizeof iv
);
3228 memcpy(tmp1
, plain
, data_len
);
3229 ve
->run(ec
, iv1
, tmp1
, data_len
);
3230 check_equals("IV CBC AES (1)",
3231 tmp1
+ data_len
- 16, iv1
, 16);
3232 memcpy(iv2
, iv
, sizeof iv
);
3233 memcpy(tmp2
, plain
, data_len
);
3234 for (v
= 0; v
< data_len
; v
+= 16) {
3235 ve
->run(ec
, iv2
, tmp2
+ v
, 16);
3237 check_equals("IV CBC AES (2)",
3238 tmp2
+ data_len
- 16, iv2
, 16);
3239 check_equals("IV CBC AES (3)",
3240 tmp1
, tmp2
, data_len
);
3243 vd
->init(dc
, key
, key_len
);
3244 memcpy(iv1
, iv
, sizeof iv
);
3245 vd
->run(dc
, iv1
, tmp1
, data_len
);
3246 check_equals("IV CBC AES (4)", iv1
, iv2
, 16);
3247 check_equals("IV CBC AES (5)",
3248 tmp1
, plain
, data_len
);
3249 memcpy(iv2
, iv
, sizeof iv
);
3250 for (v
= 0; v
< data_len
; v
+= 16) {
3251 vd
->run(dc
, iv2
, tmp2
+ v
, 16);
3253 check_equals("IV CBC AES (6)", iv1
, iv2
, 16);
3254 check_equals("IV CBC AES (7)",
3255 tmp2
, plain
, data_len
);
3261 if (vc
->block_size
!= 16 || vc
->log_block_size
!= 4) {
3262 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3265 for (u
= 0; KAT_AES_CTR
[u
]; u
+= 4) {
3266 unsigned char key
[32];
3267 unsigned char iv
[12];
3268 unsigned char plain
[200];
3269 unsigned char cipher
[200];
3270 unsigned char buf
[200];
3271 size_t key_len
, data_len
, v
;
3273 br_aes_gen_ctr_keys v_xc
;
3274 const br_block_ctr_class
**xc
;
3277 key_len
= hextobin(key
, KAT_AES_CTR
[u
]);
3278 hextobin(iv
, KAT_AES_CTR
[u
+ 1]);
3279 data_len
= hextobin(plain
, KAT_AES_CTR
[u
+ 2]);
3280 hextobin(cipher
, KAT_AES_CTR
[u
+ 3]);
3281 vc
->init(xc
, key
, key_len
);
3282 memcpy(buf
, plain
, data_len
);
3283 vc
->run(xc
, iv
, 1, buf
, data_len
);
3284 check_equals("KAT CTR AES (1)", buf
, cipher
, data_len
);
3285 vc
->run(xc
, iv
, 1, buf
, data_len
);
3286 check_equals("KAT CTR AES (2)", buf
, plain
, data_len
);
3288 memcpy(buf
, plain
, data_len
);
3290 for (v
= 0; v
< data_len
; v
+= 32) {
3293 clen
= data_len
- v
;
3297 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3299 check_equals("KAT CTR AES (3)", buf
, cipher
, data_len
);
3301 memcpy(buf
, plain
, data_len
);
3303 for (v
= 0; v
< data_len
; v
+= 16) {
3306 clen
= data_len
- v
;
3310 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3312 check_equals("KAT CTR AES (4)", buf
, cipher
, data_len
);
3317 monte_carlo_AES_encrypt(
3319 "139a35422f1d61de3c91787fe0507afd",
3320 "b9145a768b7dc489a096b546f43b231f",
3321 "fb2649694783b551eacd9d5db6126d47");
3322 monte_carlo_AES_decrypt(
3324 "0c60e7bf20ada9baa9e1ddf0d1540726",
3325 "b08a29b11a500ea3aca42c36675b9785",
3326 "d1d2bfdc58ffcad2341b095bce55221e");
3328 monte_carlo_AES_encrypt(
3330 "b9a63e09e1dfc42e93a90d9bad739e5967aef672eedd5da9",
3331 "85a1f7a58167b389cddc8a9ff175ee26",
3332 "5d1196da8f184975e240949a25104554");
3333 monte_carlo_AES_decrypt(
3335 "4b97585701c03fbebdfa8555024f589f1482c58a00fdd9fd",
3336 "d0bd0e02ded155e4516be83f42d347a4",
3337 "b63ef1b79507a62eba3dafcec54a6328");
3339 monte_carlo_AES_encrypt(
3341 "f9e8389f5b80712e3886cc1fa2d28a3b8c9cd88a2d4a54c6aa86ce0fef944be0",
3342 "b379777f9050e2a818f2940cbbd9aba4",
3343 "c5d2cb3d5b7ff0e23e308967ee074825");
3344 monte_carlo_AES_decrypt(
3346 "2b09ba39b834062b9e93f48373b8dd018dedf1e5ba1b8af831ebbacbc92a2643",
3347 "89649bd0115f30bd878567610223a59d",
3348 "e3d3868f578caf34e36445bf14cefc68");
3358 test_AES_generic("AES_big",
3359 &br_aes_big_cbcenc_vtable
,
3360 &br_aes_big_cbcdec_vtable
,
3361 &br_aes_big_ctr_vtable
,
3366 test_AES_small(void)
3368 test_AES_generic("AES_small",
3369 &br_aes_small_cbcenc_vtable
,
3370 &br_aes_small_cbcdec_vtable
,
3371 &br_aes_small_ctr_vtable
,
3378 test_AES_generic("AES_ct",
3379 &br_aes_ct_cbcenc_vtable
,
3380 &br_aes_ct_cbcdec_vtable
,
3381 &br_aes_ct_ctr_vtable
,
3388 test_AES_generic("AES_ct64",
3389 &br_aes_ct64_cbcenc_vtable
,
3390 &br_aes_ct64_cbcdec_vtable
,
3391 &br_aes_ct64_ctr_vtable
,
3396 test_AES_x86ni(void)
3398 const br_block_cbcenc_class
*x_cbcenc
;
3399 const br_block_cbcdec_class
*x_cbcdec
;
3400 const br_block_ctr_class
*x_ctr
;
3401 int hcbcenc
, hcbcdec
, hctr
;
3403 x_cbcenc
= br_aes_x86ni_cbcenc_get_vtable();
3404 x_cbcdec
= br_aes_x86ni_cbcdec_get_vtable();
3405 x_ctr
= br_aes_x86ni_ctr_get_vtable();
3406 hcbcenc
= (x_cbcenc
!= NULL
);
3407 hcbcdec
= (x_cbcdec
!= NULL
);
3408 hctr
= (x_ctr
!= NULL
);
3409 if (hcbcenc
!= hctr
|| hcbcdec
!= hctr
) {
3410 fprintf(stderr
, "AES_x86ni availability mismatch (%d/%d/%d)\n",
3411 hcbcenc
, hcbcdec
, hctr
);
3415 test_AES_generic("AES_x86ni",
3416 x_cbcenc
, x_cbcdec
, x_ctr
, 1, 1);
3418 printf("Test AES_x86ni: UNAVAILABLE\n");
3425 const br_block_cbcenc_class
*x_cbcenc
;
3426 const br_block_cbcdec_class
*x_cbcdec
;
3427 const br_block_ctr_class
*x_ctr
;
3428 int hcbcenc
, hcbcdec
, hctr
;
3430 x_cbcenc
= br_aes_pwr8_cbcenc_get_vtable();
3431 x_cbcdec
= br_aes_pwr8_cbcdec_get_vtable();
3432 x_ctr
= br_aes_pwr8_ctr_get_vtable();
3433 hcbcenc
= (x_cbcenc
!= NULL
);
3434 hcbcdec
= (x_cbcdec
!= NULL
);
3435 hctr
= (x_ctr
!= NULL
);
3436 if (hcbcenc
!= hctr
|| hcbcdec
!= hctr
) {
3437 fprintf(stderr
, "AES_pwr8 availability mismatch (%d/%d/%d)\n",
3438 hcbcenc
, hcbcdec
, hctr
);
3442 test_AES_generic("AES_pwr8",
3443 x_cbcenc
, x_cbcdec
, x_ctr
, 1, 1);
3445 printf("Test AES_pwr8: UNAVAILABLE\n");
3450 * Custom CTR + CBC-MAC AES implementation. Can also do CTR-only, and
3451 * CBC-MAC-only. The 'aes_big' implementation (CTR) is used. This is
3452 * meant for comparisons.
3454 * If 'ctr' is NULL then no encryption/decryption is done; otherwise,
3455 * CTR encryption/decryption is performed (full-block counter) and the
3456 * 'ctr' array is updated with the new counter value.
3458 * If 'cbcmac' is NULL then no CBC-MAC is done; otherwise, CBC-MAC is
3459 * applied on the encrypted data, with 'cbcmac' as IV and destination
3460 * buffer for the output. If 'ctr' is not NULL and 'encrypt' is non-zero,
3461 * then CBC-MAC is computed over the result of CTR processing; otherwise,
3462 * CBC-MAC is computed over the input data itself.
3465 do_aes_ctrcbc(const void *key
, size_t key_len
, int encrypt
,
3466 void *ctr
, void *cbcmac
, unsigned char *data
, size_t len
)
3468 br_aes_big_ctr_keys bc
;
3471 br_aes_big_ctr_init(&bc
, key
, key_len
);
3472 for (i
= 0; i
< 2; i
++) {
3474 * CBC-MAC is computed on the encrypted data, so in
3475 * first pass if decrypting, second pass if encrypting.
3478 && ((encrypt
&& i
== 1) || (!encrypt
&& i
== 0)))
3480 unsigned char zz
[16];
3483 memcpy(zz
, cbcmac
, sizeof zz
);
3484 for (u
= 0; u
< len
; u
+= 16) {
3485 unsigned char tmp
[16];
3488 for (v
= 0; v
< 16; v
++) {
3489 tmp
[v
] = zz
[v
] ^ data
[u
+ v
];
3491 memset(zz
, 0, sizeof zz
);
3492 br_aes_big_ctr_run(&bc
,
3493 tmp
, br_dec32be(tmp
+ 12), zz
, 16);
3495 memcpy(cbcmac
, zz
, sizeof zz
);
3499 * CTR encryption/decryption is done only in the first pass.
3500 * We process data block per block, because the CTR-only
3501 * class uses a 32-bit counter, while the CTR+CBC-MAC
3502 * class uses a 128-bit counter.
3504 if (ctr
!= NULL
&& i
== 0) {
3505 unsigned char zz
[16];
3508 memcpy(zz
, ctr
, sizeof zz
);
3509 for (u
= 0; u
< len
; u
+= 16) {
3512 br_aes_big_ctr_run(&bc
,
3513 zz
, br_dec32be(zz
+ 12), data
+ u
, 16);
3514 for (i
= 15; i
>= 0; i
--) {
3515 zz
[i
] = (zz
[i
] + 1) & 0xFF;
3521 memcpy(ctr
, zz
, sizeof zz
);
3527 test_AES_CTRCBC_inner(const char *name
, const br_block_ctrcbc_class
*vt
)
3529 br_hmac_drbg_context rng
;
3532 printf("Test AES CTR/CBC-MAC %s: ", name
);
3535 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, name
, strlen(name
));
3536 for (key_len
= 16; key_len
<= 32; key_len
+= 8) {
3537 br_aes_gen_ctrcbc_keys bc
;
3538 unsigned char key
[32];
3541 br_hmac_drbg_generate(&rng
, key
, key_len
);
3542 vt
->init(&bc
.vtable
, key
, key_len
);
3543 for (data_len
= 0; data_len
<= 512; data_len
+= 16) {
3544 unsigned char plain
[512];
3545 unsigned char data1
[sizeof plain
];
3546 unsigned char data2
[sizeof plain
];
3547 unsigned char ctr
[16], cbcmac
[16];
3548 unsigned char ctr1
[16], cbcmac1
[16];
3549 unsigned char ctr2
[16], cbcmac2
[16];
3552 br_hmac_drbg_generate(&rng
, plain
, data_len
);
3554 for (i
= 0; i
<= 16; i
++) {
3556 br_hmac_drbg_generate(&rng
, ctr
, 16);
3558 memset(ctr
, 0, i
- 1);
3559 memset(ctr
+ i
- 1, 0xFF, 17 - i
);
3561 br_hmac_drbg_generate(&rng
, cbcmac
, 16);
3563 memcpy(data1
, plain
, data_len
);
3564 memcpy(ctr1
, ctr
, 16);
3565 vt
->ctr(&bc
.vtable
, ctr1
, data1
, data_len
);
3566 memcpy(data2
, plain
, data_len
);
3567 memcpy(ctr2
, ctr
, 16);
3568 do_aes_ctrcbc(key
, key_len
, 1,
3569 ctr2
, NULL
, data2
, data_len
);
3570 check_equals("CTR-only data",
3571 data1
, data2
, data_len
);
3572 check_equals("CTR-only counter",
3575 memcpy(data1
, plain
, data_len
);
3576 memcpy(cbcmac1
, cbcmac
, 16);
3577 vt
->mac(&bc
.vtable
, cbcmac1
, data1
, data_len
);
3578 memcpy(data2
, plain
, data_len
);
3579 memcpy(cbcmac2
, cbcmac
, 16);
3580 do_aes_ctrcbc(key
, key_len
, 1,
3581 NULL
, cbcmac2
, data2
, data_len
);
3582 check_equals("CBC-MAC-only",
3583 cbcmac1
, cbcmac2
, 16);
3585 memcpy(data1
, plain
, data_len
);
3586 memcpy(ctr1
, ctr
, 16);
3587 memcpy(cbcmac1
, cbcmac
, 16);
3588 vt
->encrypt(&bc
.vtable
,
3589 ctr1
, cbcmac1
, data1
, data_len
);
3590 memcpy(data2
, plain
, data_len
);
3591 memcpy(ctr2
, ctr
, 16);
3592 memcpy(cbcmac2
, cbcmac
, 16);
3593 do_aes_ctrcbc(key
, key_len
, 1,
3594 ctr2
, cbcmac2
, data2
, data_len
);
3595 check_equals("encrypt: combined data",
3596 data1
, data2
, data_len
);
3597 check_equals("encrypt: combined counter",
3599 check_equals("encrypt: combined CBC-MAC",
3600 cbcmac1
, cbcmac2
, 16);
3602 memcpy(ctr1
, ctr
, 16);
3603 memcpy(cbcmac1
, cbcmac
, 16);
3604 vt
->decrypt(&bc
.vtable
,
3605 ctr1
, cbcmac1
, data1
, data_len
);
3606 memcpy(ctr2
, ctr
, 16);
3607 memcpy(cbcmac2
, cbcmac
, 16);
3608 do_aes_ctrcbc(key
, key_len
, 0,
3609 ctr2
, cbcmac2
, data2
, data_len
);
3610 check_equals("decrypt: combined data",
3611 data1
, data2
, data_len
);
3612 check_equals("decrypt: combined counter",
3614 check_equals("decrypt: combined CBC-MAC",
3615 cbcmac1
, cbcmac2
, 16);
3631 test_AES_CTRCBC_big(void)
3633 test_AES_CTRCBC_inner("big", &br_aes_big_ctrcbc_vtable
);
3637 test_AES_CTRCBC_small(void)
3639 test_AES_CTRCBC_inner("small", &br_aes_small_ctrcbc_vtable
);
3643 test_AES_CTRCBC_ct(void)
3645 test_AES_CTRCBC_inner("ct", &br_aes_ct_ctrcbc_vtable
);
3649 test_AES_CTRCBC_ct64(void)
3651 test_AES_CTRCBC_inner("ct64", &br_aes_ct64_ctrcbc_vtable
);
3655 test_AES_CTRCBC_x86ni(void)
3657 const br_block_ctrcbc_class
*vt
;
3659 vt
= br_aes_x86ni_ctrcbc_get_vtable();
3661 test_AES_CTRCBC_inner("x86ni", vt
);
3663 printf("Test AES CTR/CBC-MAC x86ni: UNAVAILABLE\n");
3668 * DES known-answer tests. Order: plaintext, key, ciphertext.
3669 * (mostly from NIST SP 800-20).
3671 static const char *const KAT_DES
[] = {
3672 "10316E028C8F3B4A", "0000000000000000", "82DCBAFBDEAB6602",
3673 "8000000000000000", "0000000000000000", "95A8D72813DAA94D",
3674 "4000000000000000", "0000000000000000", "0EEC1487DD8C26D5",
3675 "2000000000000000", "0000000000000000", "7AD16FFB79C45926",
3676 "1000000000000000", "0000000000000000", "D3746294CA6A6CF3",
3677 "0800000000000000", "0000000000000000", "809F5F873C1FD761",
3678 "0400000000000000", "0000000000000000", "C02FAFFEC989D1FC",
3679 "0200000000000000", "0000000000000000", "4615AA1D33E72F10",
3680 "0100000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3681 "0080000000000000", "0000000000000000", "2055123350C00858",
3682 "0040000000000000", "0000000000000000", "DF3B99D6577397C8",
3683 "0020000000000000", "0000000000000000", "31FE17369B5288C9",
3684 "0010000000000000", "0000000000000000", "DFDD3CC64DAE1642",
3685 "0008000000000000", "0000000000000000", "178C83CE2B399D94",
3686 "0004000000000000", "0000000000000000", "50F636324A9B7F80",
3687 "0002000000000000", "0000000000000000", "A8468EE3BC18F06D",
3688 "0001000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3689 "0000800000000000", "0000000000000000", "A2DC9E92FD3CDE92",
3690 "0000400000000000", "0000000000000000", "CAC09F797D031287",
3691 "0000200000000000", "0000000000000000", "90BA680B22AEB525",
3692 "0000100000000000", "0000000000000000", "CE7A24F350E280B6",
3693 "0000080000000000", "0000000000000000", "882BFF0AA01A0B87",
3694 "0000040000000000", "0000000000000000", "25610288924511C2",
3695 "0000020000000000", "0000000000000000", "C71516C29C75D170",
3696 "0000010000000000", "0000000000000000", "8CA64DE9C1B123A7",
3697 "0000008000000000", "0000000000000000", "5199C29A52C9F059",
3698 "0000004000000000", "0000000000000000", "C22F0A294A71F29F",
3699 "0000002000000000", "0000000000000000", "EE371483714C02EA",
3700 "0000001000000000", "0000000000000000", "A81FBD448F9E522F",
3701 "0000000800000000", "0000000000000000", "4F644C92E192DFED",
3702 "0000000400000000", "0000000000000000", "1AFA9A66A6DF92AE",
3703 "0000000200000000", "0000000000000000", "B3C1CC715CB879D8",
3704 "0000000100000000", "0000000000000000", "8CA64DE9C1B123A7",
3705 "0000000080000000", "0000000000000000", "19D032E64AB0BD8B",
3706 "0000000040000000", "0000000000000000", "3CFAA7A7DC8720DC",
3707 "0000000020000000", "0000000000000000", "B7265F7F447AC6F3",
3708 "0000000010000000", "0000000000000000", "9DB73B3C0D163F54",
3709 "0000000008000000", "0000000000000000", "8181B65BABF4A975",
3710 "0000000004000000", "0000000000000000", "93C9B64042EAA240",
3711 "0000000002000000", "0000000000000000", "5570530829705592",
3712 "0000000001000000", "0000000000000000", "8CA64DE9C1B123A7",
3713 "0000000000800000", "0000000000000000", "8638809E878787A0",
3714 "0000000000400000", "0000000000000000", "41B9A79AF79AC208",
3715 "0000000000200000", "0000000000000000", "7A9BE42F2009A892",
3716 "0000000000100000", "0000000000000000", "29038D56BA6D2745",
3717 "0000000000080000", "0000000000000000", "5495C6ABF1E5DF51",
3718 "0000000000040000", "0000000000000000", "AE13DBD561488933",
3719 "0000000000020000", "0000000000000000", "024D1FFA8904E389",
3720 "0000000000010000", "0000000000000000", "8CA64DE9C1B123A7",
3721 "0000000000008000", "0000000000000000", "D1399712F99BF02E",
3722 "0000000000004000", "0000000000000000", "14C1D7C1CFFEC79E",
3723 "0000000000002000", "0000000000000000", "1DE5279DAE3BED6F",
3724 "0000000000001000", "0000000000000000", "E941A33F85501303",
3725 "0000000000000800", "0000000000000000", "DA99DBBC9A03F379",
3726 "0000000000000400", "0000000000000000", "B7FC92F91D8E92E9",
3727 "0000000000000200", "0000000000000000", "AE8E5CAA3CA04E85",
3728 "0000000000000100", "0000000000000000", "8CA64DE9C1B123A7",
3729 "0000000000000080", "0000000000000000", "9CC62DF43B6EED74",
3730 "0000000000000040", "0000000000000000", "D863DBB5C59A91A0",
3731 "0000000000000020", "0000000000000000", "A1AB2190545B91D7",
3732 "0000000000000010", "0000000000000000", "0875041E64C570F7",
3733 "0000000000000008", "0000000000000000", "5A594528BEBEF1CC",
3734 "0000000000000004", "0000000000000000", "FCDB3291DE21F0C0",
3735 "0000000000000002", "0000000000000000", "869EFD7F9F265A09",
3736 "0000000000000001", "0000000000000000", "8CA64DE9C1B123A7",
3737 "0000000000000000", "8000000000000000", "95F8A5E5DD31D900",
3738 "0000000000000000", "4000000000000000", "DD7F121CA5015619",
3739 "0000000000000000", "2000000000000000", "2E8653104F3834EA",
3740 "0000000000000000", "1000000000000000", "4BD388FF6CD81D4F",
3741 "0000000000000000", "0800000000000000", "20B9E767B2FB1456",
3742 "0000000000000000", "0400000000000000", "55579380D77138EF",
3743 "0000000000000000", "0200000000000000", "6CC5DEFAAF04512F",
3744 "0000000000000000", "0100000000000000", "0D9F279BA5D87260",
3745 "0000000000000000", "0080000000000000", "D9031B0271BD5A0A",
3746 "0000000000000000", "0040000000000000", "424250B37C3DD951",
3747 "0000000000000000", "0020000000000000", "B8061B7ECD9A21E5",
3748 "0000000000000000", "0010000000000000", "F15D0F286B65BD28",
3749 "0000000000000000", "0008000000000000", "ADD0CC8D6E5DEBA1",
3750 "0000000000000000", "0004000000000000", "E6D5F82752AD63D1",
3751 "0000000000000000", "0002000000000000", "ECBFE3BD3F591A5E",
3752 "0000000000000000", "0001000000000000", "F356834379D165CD",
3753 "0000000000000000", "0000800000000000", "2B9F982F20037FA9",
3754 "0000000000000000", "0000400000000000", "889DE068A16F0BE6",
3755 "0000000000000000", "0000200000000000", "E19E275D846A1298",
3756 "0000000000000000", "0000100000000000", "329A8ED523D71AEC",
3757 "0000000000000000", "0000080000000000", "E7FCE22557D23C97",
3758 "0000000000000000", "0000040000000000", "12A9F5817FF2D65D",
3759 "0000000000000000", "0000020000000000", "A484C3AD38DC9C19",
3760 "0000000000000000", "0000010000000000", "FBE00A8A1EF8AD72",
3761 "0000000000000000", "0000008000000000", "750D079407521363",
3762 "0000000000000000", "0000004000000000", "64FEED9C724C2FAF",
3763 "0000000000000000", "0000002000000000", "F02B263B328E2B60",
3764 "0000000000000000", "0000001000000000", "9D64555A9A10B852",
3765 "0000000000000000", "0000000800000000", "D106FF0BED5255D7",
3766 "0000000000000000", "0000000400000000", "E1652C6B138C64A5",
3767 "0000000000000000", "0000000200000000", "E428581186EC8F46",
3768 "0000000000000000", "0000000100000000", "AEB5F5EDE22D1A36",
3769 "0000000000000000", "0000000080000000", "E943D7568AEC0C5C",
3770 "0000000000000000", "0000000040000000", "DF98C8276F54B04B",
3771 "0000000000000000", "0000000020000000", "B160E4680F6C696F",
3772 "0000000000000000", "0000000010000000", "FA0752B07D9C4AB8",
3773 "0000000000000000", "0000000008000000", "CA3A2B036DBC8502",
3774 "0000000000000000", "0000000004000000", "5E0905517BB59BCF",
3775 "0000000000000000", "0000000002000000", "814EEB3B91D90726",
3776 "0000000000000000", "0000000001000000", "4D49DB1532919C9F",
3777 "0000000000000000", "0000000000800000", "25EB5FC3F8CF0621",
3778 "0000000000000000", "0000000000400000", "AB6A20C0620D1C6F",
3779 "0000000000000000", "0000000000200000", "79E90DBC98F92CCA",
3780 "0000000000000000", "0000000000100000", "866ECEDD8072BB0E",
3781 "0000000000000000", "0000000000080000", "8B54536F2F3E64A8",
3782 "0000000000000000", "0000000000040000", "EA51D3975595B86B",
3783 "0000000000000000", "0000000000020000", "CAFFC6AC4542DE31",
3784 "0000000000000000", "0000000000010000", "8DD45A2DDF90796C",
3785 "0000000000000000", "0000000000008000", "1029D55E880EC2D0",
3786 "0000000000000000", "0000000000004000", "5D86CB23639DBEA9",
3787 "0000000000000000", "0000000000002000", "1D1CA853AE7C0C5F",
3788 "0000000000000000", "0000000000001000", "CE332329248F3228",
3789 "0000000000000000", "0000000000000800", "8405D1ABE24FB942",
3790 "0000000000000000", "0000000000000400", "E643D78090CA4207",
3791 "0000000000000000", "0000000000000200", "48221B9937748A23",
3792 "0000000000000000", "0000000000000100", "DD7C0BBD61FAFD54",
3793 "0000000000000000", "0000000000000080", "2FBC291A570DB5C4",
3794 "0000000000000000", "0000000000000040", "E07C30D7E4E26E12",
3795 "0000000000000000", "0000000000000020", "0953E2258E8E90A1",
3796 "0000000000000000", "0000000000000010", "5B711BC4CEEBF2EE",
3797 "0000000000000000", "0000000000000008", "CC083F1E6D9E85F6",
3798 "0000000000000000", "0000000000000004", "D2FD8867D50D2DFE",
3799 "0000000000000000", "0000000000000002", "06E7EA22CE92708F",
3800 "0000000000000000", "0000000000000001", "166B40B44ABA4BD6",
3801 "0000000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3802 "0101010101010101", "0101010101010101", "994D4DC157B96C52",
3803 "0202020202020202", "0202020202020202", "E127C2B61D98E6E2",
3804 "0303030303030303", "0303030303030303", "984C91D78A269CE3",
3805 "0404040404040404", "0404040404040404", "1F4570BB77550683",
3806 "0505050505050505", "0505050505050505", "3990ABF98D672B16",
3807 "0606060606060606", "0606060606060606", "3F5150BBA081D585",
3808 "0707070707070707", "0707070707070707", "C65242248C9CF6F2",
3809 "0808080808080808", "0808080808080808", "10772D40FAD24257",
3810 "0909090909090909", "0909090909090909", "F0139440647A6E7B",
3811 "0A0A0A0A0A0A0A0A", "0A0A0A0A0A0A0A0A", "0A288603044D740C",
3812 "0B0B0B0B0B0B0B0B", "0B0B0B0B0B0B0B0B", "6359916942F7438F",
3813 "0C0C0C0C0C0C0C0C", "0C0C0C0C0C0C0C0C", "934316AE443CF08B",
3814 "0D0D0D0D0D0D0D0D", "0D0D0D0D0D0D0D0D", "E3F56D7F1130A2B7",
3815 "0E0E0E0E0E0E0E0E", "0E0E0E0E0E0E0E0E", "A2E4705087C6B6B4",
3816 "0F0F0F0F0F0F0F0F", "0F0F0F0F0F0F0F0F", "D5D76E09A447E8C3",
3817 "1010101010101010", "1010101010101010", "DD7515F2BFC17F85",
3818 "1111111111111111", "1111111111111111", "F40379AB9E0EC533",
3819 "1212121212121212", "1212121212121212", "96CD27784D1563E5",
3820 "1313131313131313", "1313131313131313", "2911CF5E94D33FE1",
3821 "1414141414141414", "1414141414141414", "377B7F7CA3E5BBB3",
3822 "1515151515151515", "1515151515151515", "701AA63832905A92",
3823 "1616161616161616", "1616161616161616", "2006E716C4252D6D",
3824 "1717171717171717", "1717171717171717", "452C1197422469F8",
3825 "1818181818181818", "1818181818181818", "C33FD1EB49CB64DA",
3826 "1919191919191919", "1919191919191919", "7572278F364EB50D",
3827 "1A1A1A1A1A1A1A1A", "1A1A1A1A1A1A1A1A", "69E51488403EF4C3",
3828 "1B1B1B1B1B1B1B1B", "1B1B1B1B1B1B1B1B", "FF847E0ADF192825",
3829 "1C1C1C1C1C1C1C1C", "1C1C1C1C1C1C1C1C", "521B7FB3B41BB791",
3830 "1D1D1D1D1D1D1D1D", "1D1D1D1D1D1D1D1D", "26059A6A0F3F6B35",
3831 "1E1E1E1E1E1E1E1E", "1E1E1E1E1E1E1E1E", "F24A8D2231C77538",
3832 "1F1F1F1F1F1F1F1F", "1F1F1F1F1F1F1F1F", "4FD96EC0D3304EF6",
3833 "2020202020202020", "2020202020202020", "18A9D580A900B699",
3834 "2121212121212121", "2121212121212121", "88586E1D755B9B5A",
3835 "2222222222222222", "2222222222222222", "0F8ADFFB11DC2784",
3836 "2323232323232323", "2323232323232323", "2F30446C8312404A",
3837 "2424242424242424", "2424242424242424", "0BA03D9E6C196511",
3838 "2525252525252525", "2525252525252525", "3E55E997611E4B7D",
3839 "2626262626262626", "2626262626262626", "B2522FB5F158F0DF",
3840 "2727272727272727", "2727272727272727", "2109425935406AB8",
3841 "2828282828282828", "2828282828282828", "11A16028F310FF16",
3842 "2929292929292929", "2929292929292929", "73F0C45F379FE67F",
3843 "2A2A2A2A2A2A2A2A", "2A2A2A2A2A2A2A2A", "DCAD4338F7523816",
3844 "2B2B2B2B2B2B2B2B", "2B2B2B2B2B2B2B2B", "B81634C1CEAB298C",
3845 "2C2C2C2C2C2C2C2C", "2C2C2C2C2C2C2C2C", "DD2CCB29B6C4C349",
3846 "2D2D2D2D2D2D2D2D", "2D2D2D2D2D2D2D2D", "7D07A77A2ABD50A7",
3847 "2E2E2E2E2E2E2E2E", "2E2E2E2E2E2E2E2E", "30C1B0C1FD91D371",
3848 "2F2F2F2F2F2F2F2F", "2F2F2F2F2F2F2F2F", "C4427B31AC61973B",
3849 "3030303030303030", "3030303030303030", "F47BB46273B15EB5",
3850 "3131313131313131", "3131313131313131", "655EA628CF62585F",
3851 "3232323232323232", "3232323232323232", "AC978C247863388F",
3852 "3333333333333333", "3333333333333333", "0432ED386F2DE328",
3853 "3434343434343434", "3434343434343434", "D254014CB986B3C2",
3854 "3535353535353535", "3535353535353535", "B256E34BEDB49801",
3855 "3636363636363636", "3636363636363636", "37F8759EB77E7BFC",
3856 "3737373737373737", "3737373737373737", "5013CA4F62C9CEA0",
3857 "3838383838383838", "3838383838383838", "8940F7B3EACA5939",
3858 "3939393939393939", "3939393939393939", "E22B19A55086774B",
3859 "3A3A3A3A3A3A3A3A", "3A3A3A3A3A3A3A3A", "B04A2AAC925ABB0B",
3860 "3B3B3B3B3B3B3B3B", "3B3B3B3B3B3B3B3B", "8D250D58361597FC",
3861 "3C3C3C3C3C3C3C3C", "3C3C3C3C3C3C3C3C", "51F0114FB6A6CD37",
3862 "3D3D3D3D3D3D3D3D", "3D3D3D3D3D3D3D3D", "9D0BB4DB830ECB73",
3863 "3E3E3E3E3E3E3E3E", "3E3E3E3E3E3E3E3E", "E96089D6368F3E1A",
3864 "3F3F3F3F3F3F3F3F", "3F3F3F3F3F3F3F3F", "5C4CA877A4E1E92D",
3865 "4040404040404040", "4040404040404040", "6D55DDBC8DEA95FF",
3866 "4141414141414141", "4141414141414141", "19DF84AC95551003",
3867 "4242424242424242", "4242424242424242", "724E7332696D08A7",
3868 "4343434343434343", "4343434343434343", "B91810B8CDC58FE2",
3869 "4444444444444444", "4444444444444444", "06E23526EDCCD0C4",
3870 "4545454545454545", "4545454545454545", "EF52491D5468D441",
3871 "4646464646464646", "4646464646464646", "48019C59E39B90C5",
3872 "4747474747474747", "4747474747474747", "0544083FB902D8C0",
3873 "4848484848484848", "4848484848484848", "63B15CADA668CE12",
3874 "4949494949494949", "4949494949494949", "EACC0C1264171071",
3875 "4A4A4A4A4A4A4A4A", "4A4A4A4A4A4A4A4A", "9D2B8C0AC605F274",
3876 "4B4B4B4B4B4B4B4B", "4B4B4B4B4B4B4B4B", "C90F2F4C98A8FB2A",
3877 "4C4C4C4C4C4C4C4C", "4C4C4C4C4C4C4C4C", "03481B4828FD1D04",
3878 "4D4D4D4D4D4D4D4D", "4D4D4D4D4D4D4D4D", "C78FC45A1DCEA2E2",
3879 "4E4E4E4E4E4E4E4E", "4E4E4E4E4E4E4E4E", "DB96D88C3460D801",
3880 "4F4F4F4F4F4F4F4F", "4F4F4F4F4F4F4F4F", "6C69E720F5105518",
3881 "5050505050505050", "5050505050505050", "0D262E418BC893F3",
3882 "5151515151515151", "5151515151515151", "6AD84FD7848A0A5C",
3883 "5252525252525252", "5252525252525252", "C365CB35B34B6114",
3884 "5353535353535353", "5353535353535353", "1155392E877F42A9",
3885 "5454545454545454", "5454545454545454", "531BE5F9405DA715",
3886 "5555555555555555", "5555555555555555", "3BCDD41E6165A5E8",
3887 "5656565656565656", "5656565656565656", "2B1FF5610A19270C",
3888 "5757575757575757", "5757575757575757", "D90772CF3F047CFD",
3889 "5858585858585858", "5858585858585858", "1BEA27FFB72457B7",
3890 "5959595959595959", "5959595959595959", "85C3E0C429F34C27",
3891 "5A5A5A5A5A5A5A5A", "5A5A5A5A5A5A5A5A", "F9038021E37C7618",
3892 "5B5B5B5B5B5B5B5B", "5B5B5B5B5B5B5B5B", "35BC6FF838DBA32F",
3893 "5C5C5C5C5C5C5C5C", "5C5C5C5C5C5C5C5C", "4927ACC8CE45ECE7",
3894 "5D5D5D5D5D5D5D5D", "5D5D5D5D5D5D5D5D", "E812EE6E3572985C",
3895 "5E5E5E5E5E5E5E5E", "5E5E5E5E5E5E5E5E", "9BB93A89627BF65F",
3896 "5F5F5F5F5F5F5F5F", "5F5F5F5F5F5F5F5F", "EF12476884CB74CA",
3897 "6060606060606060", "6060606060606060", "1BF17E00C09E7CBF",
3898 "6161616161616161", "6161616161616161", "29932350C098DB5D",
3899 "6262626262626262", "6262626262626262", "B476E6499842AC54",
3900 "6363636363636363", "6363636363636363", "5C662C29C1E96056",
3901 "6464646464646464", "6464646464646464", "3AF1703D76442789",
3902 "6565656565656565", "6565656565656565", "86405D9B425A8C8C",
3903 "6666666666666666", "6666666666666666", "EBBF4810619C2C55",
3904 "6767676767676767", "6767676767676767", "F8D1CD7367B21B5D",
3905 "6868686868686868", "6868686868686868", "9EE703142BF8D7E2",
3906 "6969696969696969", "6969696969696969", "5FDFFFC3AAAB0CB3",
3907 "6A6A6A6A6A6A6A6A", "6A6A6A6A6A6A6A6A", "26C940AB13574231",
3908 "6B6B6B6B6B6B6B6B", "6B6B6B6B6B6B6B6B", "1E2DC77E36A84693",
3909 "6C6C6C6C6C6C6C6C", "6C6C6C6C6C6C6C6C", "0F4FF4D9BC7E2244",
3910 "6D6D6D6D6D6D6D6D", "6D6D6D6D6D6D6D6D", "A4C9A0D04D3280CD",
3911 "6E6E6E6E6E6E6E6E", "6E6E6E6E6E6E6E6E", "9FAF2C96FE84919D",
3912 "6F6F6F6F6F6F6F6F", "6F6F6F6F6F6F6F6F", "115DBC965E6096C8",
3913 "7070707070707070", "7070707070707070", "AF531E9520994017",
3914 "7171717171717171", "7171717171717171", "B971ADE70E5C89EE",
3915 "7272727272727272", "7272727272727272", "415D81C86AF9C376",
3916 "7373737373737373", "7373737373737373", "8DFB864FDB3C6811",
3917 "7474747474747474", "7474747474747474", "10B1C170E3398F91",
3918 "7575757575757575", "7575757575757575", "CFEF7A1C0218DB1E",
3919 "7676767676767676", "7676767676767676", "DBAC30A2A40B1B9C",
3920 "7777777777777777", "7777777777777777", "89D3BF37052162E9",
3921 "7878787878787878", "7878787878787878", "80D9230BDAEB67DC",
3922 "7979797979797979", "7979797979797979", "3440911019AD68D7",
3923 "7A7A7A7A7A7A7A7A", "7A7A7A7A7A7A7A7A", "9626FE57596E199E",
3924 "7B7B7B7B7B7B7B7B", "7B7B7B7B7B7B7B7B", "DEA0B796624BB5BA",
3925 "7C7C7C7C7C7C7C7C", "7C7C7C7C7C7C7C7C", "E9E40542BDDB3E9D",
3926 "7D7D7D7D7D7D7D7D", "7D7D7D7D7D7D7D7D", "8AD99914B354B911",
3927 "7E7E7E7E7E7E7E7E", "7E7E7E7E7E7E7E7E", "6F85B98DD12CB13B",
3928 "7F7F7F7F7F7F7F7F", "7F7F7F7F7F7F7F7F", "10130DA3C3A23924",
3929 "8080808080808080", "8080808080808080", "EFECF25C3C5DC6DB",
3930 "8181818181818181", "8181818181818181", "907A46722ED34EC4",
3931 "8282828282828282", "8282828282828282", "752666EB4CAB46EE",
3932 "8383838383838383", "8383838383838383", "161BFABD4224C162",
3933 "8484848484848484", "8484848484848484", "215F48699DB44A45",
3934 "8585858585858585", "8585858585858585", "69D901A8A691E661",
3935 "8686868686868686", "8686868686868686", "CBBF6EEFE6529728",
3936 "8787878787878787", "8787878787878787", "7F26DCF425149823",
3937 "8888888888888888", "8888888888888888", "762C40C8FADE9D16",
3938 "8989898989898989", "8989898989898989", "2453CF5D5BF4E463",
3939 "8A8A8A8A8A8A8A8A", "8A8A8A8A8A8A8A8A", "301085E3FDE724E1",
3940 "8B8B8B8B8B8B8B8B", "8B8B8B8B8B8B8B8B", "EF4E3E8F1CC6706E",
3941 "8C8C8C8C8C8C8C8C", "8C8C8C8C8C8C8C8C", "720479B024C397EE",
3942 "8D8D8D8D8D8D8D8D", "8D8D8D8D8D8D8D8D", "BEA27E3795063C89",
3943 "8E8E8E8E8E8E8E8E", "8E8E8E8E8E8E8E8E", "468E5218F1A37611",
3944 "8F8F8F8F8F8F8F8F", "8F8F8F8F8F8F8F8F", "50ACE16ADF66BFE8",
3945 "9090909090909090", "9090909090909090", "EEA24369A19F6937",
3946 "9191919191919191", "9191919191919191", "6050D369017B6E62",
3947 "9292929292929292", "9292929292929292", "5B365F2FB2CD7F32",
3948 "9393939393939393", "9393939393939393", "F0B00B264381DDBB",
3949 "9494949494949494", "9494949494949494", "E1D23881C957B96C",
3950 "9595959595959595", "9595959595959595", "D936BF54ECA8BDCE",
3951 "9696969696969696", "9696969696969696", "A020003C5554F34C",
3952 "9797979797979797", "9797979797979797", "6118FCEBD407281D",
3953 "9898989898989898", "9898989898989898", "072E328C984DE4A2",
3954 "9999999999999999", "9999999999999999", "1440B7EF9E63D3AA",
3955 "9A9A9A9A9A9A9A9A", "9A9A9A9A9A9A9A9A", "79BFA264BDA57373",
3956 "9B9B9B9B9B9B9B9B", "9B9B9B9B9B9B9B9B", "C50E8FC289BBD876",
3957 "9C9C9C9C9C9C9C9C", "9C9C9C9C9C9C9C9C", "A399D3D63E169FA9",
3958 "9D9D9D9D9D9D9D9D", "9D9D9D9D9D9D9D9D", "4B8919B667BD53AB",
3959 "9E9E9E9E9E9E9E9E", "9E9E9E9E9E9E9E9E", "D66CDCAF3F6724A2",
3960 "9F9F9F9F9F9F9F9F", "9F9F9F9F9F9F9F9F", "E40E81FF3F618340",
3961 "A0A0A0A0A0A0A0A0", "A0A0A0A0A0A0A0A0", "10EDB8977B348B35",
3962 "A1A1A1A1A1A1A1A1", "A1A1A1A1A1A1A1A1", "6446C5769D8409A0",
3963 "A2A2A2A2A2A2A2A2", "A2A2A2A2A2A2A2A2", "17ED1191CA8D67A3",
3964 "A3A3A3A3A3A3A3A3", "A3A3A3A3A3A3A3A3", "B6D8533731BA1318",
3965 "A4A4A4A4A4A4A4A4", "A4A4A4A4A4A4A4A4", "CA439007C7245CD0",
3966 "A5A5A5A5A5A5A5A5", "A5A5A5A5A5A5A5A5", "06FC7FDE1C8389E7",
3967 "A6A6A6A6A6A6A6A6", "A6A6A6A6A6A6A6A6", "7A3C1F3BD60CB3D8",
3968 "A7A7A7A7A7A7A7A7", "A7A7A7A7A7A7A7A7", "E415D80048DBA848",
3969 "A8A8A8A8A8A8A8A8", "A8A8A8A8A8A8A8A8", "26F88D30C0FB8302",
3970 "A9A9A9A9A9A9A9A9", "A9A9A9A9A9A9A9A9", "D4E00A9EF5E6D8F3",
3971 "AAAAAAAAAAAAAAAA", "AAAAAAAAAAAAAAAA", "C4322BE19E9A5A17",
3972 "ABABABABABABABAB", "ABABABABABABABAB", "ACE41A06BFA258EA",
3973 "ACACACACACACACAC", "ACACACACACACACAC", "EEAAC6D17880BD56",
3974 "ADADADADADADADAD", "ADADADADADADADAD", "3C9A34CA4CB49EEB",
3975 "AEAEAEAEAEAEAEAE", "AEAEAEAEAEAEAEAE", "9527B0287B75F5A3",
3976 "AFAFAFAFAFAFAFAF", "AFAFAFAFAFAFAFAF", "F2D9D1BE74376C0C",
3977 "B0B0B0B0B0B0B0B0", "B0B0B0B0B0B0B0B0", "939618DF0AEFAAE7",
3978 "B1B1B1B1B1B1B1B1", "B1B1B1B1B1B1B1B1", "24692773CB9F27FE",
3979 "B2B2B2B2B2B2B2B2", "B2B2B2B2B2B2B2B2", "38703BA5E2315D1D",
3980 "B3B3B3B3B3B3B3B3", "B3B3B3B3B3B3B3B3", "FCB7E4B7D702E2FB",
3981 "B4B4B4B4B4B4B4B4", "B4B4B4B4B4B4B4B4", "36F0D0B3675704D5",
3982 "B5B5B5B5B5B5B5B5", "B5B5B5B5B5B5B5B5", "62D473F539FA0D8B",
3983 "B6B6B6B6B6B6B6B6", "B6B6B6B6B6B6B6B6", "1533F3ED9BE8EF8E",
3984 "B7B7B7B7B7B7B7B7", "B7B7B7B7B7B7B7B7", "9C4EA352599731ED",
3985 "B8B8B8B8B8B8B8B8", "B8B8B8B8B8B8B8B8", "FABBF7C046FD273F",
3986 "B9B9B9B9B9B9B9B9", "B9B9B9B9B9B9B9B9", "B7FE63A61C646F3A",
3987 "BABABABABABABABA", "BABABABABABABABA", "10ADB6E2AB972BBE",
3988 "BBBBBBBBBBBBBBBB", "BBBBBBBBBBBBBBBB", "F91DCAD912332F3B",
3989 "BCBCBCBCBCBCBCBC", "BCBCBCBCBCBCBCBC", "46E7EF47323A701D",
3990 "BDBDBDBDBDBDBDBD", "BDBDBDBDBDBDBDBD", "8DB18CCD9692F758",
3991 "BEBEBEBEBEBEBEBE", "BEBEBEBEBEBEBEBE", "E6207B536AAAEFFC",
3992 "BFBFBFBFBFBFBFBF", "BFBFBFBFBFBFBFBF", "92AA224372156A00",
3993 "C0C0C0C0C0C0C0C0", "C0C0C0C0C0C0C0C0", "A3B357885B1E16D2",
3994 "C1C1C1C1C1C1C1C1", "C1C1C1C1C1C1C1C1", "169F7629C970C1E5",
3995 "C2C2C2C2C2C2C2C2", "C2C2C2C2C2C2C2C2", "62F44B247CF1348C",
3996 "C3C3C3C3C3C3C3C3", "C3C3C3C3C3C3C3C3", "AE0FEEB0495932C8",
3997 "C4C4C4C4C4C4C4C4", "C4C4C4C4C4C4C4C4", "72DAF2A7C9EA6803",
3998 "C5C5C5C5C5C5C5C5", "C5C5C5C5C5C5C5C5", "4FB5D5536DA544F4",
3999 "C6C6C6C6C6C6C6C6", "C6C6C6C6C6C6C6C6", "1DD4E65AAF7988B4",
4000 "C7C7C7C7C7C7C7C7", "C7C7C7C7C7C7C7C7", "76BF084C1535A6C6",
4001 "C8C8C8C8C8C8C8C8", "C8C8C8C8C8C8C8C8", "AFEC35B09D36315F",
4002 "C9C9C9C9C9C9C9C9", "C9C9C9C9C9C9C9C9", "C8078A6148818403",
4003 "CACACACACACACACA", "CACACACACACACACA", "4DA91CB4124B67FE",
4004 "CBCBCBCBCBCBCBCB", "CBCBCBCBCBCBCBCB", "2DABFEB346794C3D",
4005 "CCCCCCCCCCCCCCCC", "CCCCCCCCCCCCCCCC", "FBCD12C790D21CD7",
4006 "CDCDCDCDCDCDCDCD", "CDCDCDCDCDCDCDCD", "536873DB879CC770",
4007 "CECECECECECECECE", "CECECECECECECECE", "9AA159D7309DA7A0",
4008 "CFCFCFCFCFCFCFCF", "CFCFCFCFCFCFCFCF", "0B844B9D8C4EA14A",
4009 "D0D0D0D0D0D0D0D0", "D0D0D0D0D0D0D0D0", "3BBD84CE539E68C4",
4010 "D1D1D1D1D1D1D1D1", "D1D1D1D1D1D1D1D1", "CF3E4F3E026E2C8E",
4011 "D2D2D2D2D2D2D2D2", "D2D2D2D2D2D2D2D2", "82F85885D542AF58",
4012 "D3D3D3D3D3D3D3D3", "D3D3D3D3D3D3D3D3", "22D334D6493B3CB6",
4013 "D4D4D4D4D4D4D4D4", "D4D4D4D4D4D4D4D4", "47E9CB3E3154D673",
4014 "D5D5D5D5D5D5D5D5", "D5D5D5D5D5D5D5D5", "2352BCC708ADC7E9",
4015 "D6D6D6D6D6D6D6D6", "D6D6D6D6D6D6D6D6", "8C0F3BA0C8601980",
4016 "D7D7D7D7D7D7D7D7", "D7D7D7D7D7D7D7D7", "EE5E9FD70CEF00E9",
4017 "D8D8D8D8D8D8D8D8", "D8D8D8D8D8D8D8D8", "DEF6BDA6CABF9547",
4018 "D9D9D9D9D9D9D9D9", "D9D9D9D9D9D9D9D9", "4DADD04A0EA70F20",
4019 "DADADADADADADADA", "DADADADADADADADA", "C1AA16689EE1B482",
4020 "DBDBDBDBDBDBDBDB", "DBDBDBDBDBDBDBDB", "F45FC26193E69AEE",
4021 "DCDCDCDCDCDCDCDC", "DCDCDCDCDCDCDCDC", "D0CFBB937CEDBFB5",
4022 "DDDDDDDDDDDDDDDD", "DDDDDDDDDDDDDDDD", "F0752004EE23D87B",
4023 "DEDEDEDEDEDEDEDE", "DEDEDEDEDEDEDEDE", "77A791E28AA464A5",
4024 "DFDFDFDFDFDFDFDF", "DFDFDFDFDFDFDFDF", "E7562A7F56FF4966",
4025 "E0E0E0E0E0E0E0E0", "E0E0E0E0E0E0E0E0", "B026913F2CCFB109",
4026 "E1E1E1E1E1E1E1E1", "E1E1E1E1E1E1E1E1", "0DB572DDCE388AC7",
4027 "E2E2E2E2E2E2E2E2", "E2E2E2E2E2E2E2E2", "D9FA6595F0C094CA",
4028 "E3E3E3E3E3E3E3E3", "E3E3E3E3E3E3E3E3", "ADE4804C4BE4486E",
4029 "E4E4E4E4E4E4E4E4", "E4E4E4E4E4E4E4E4", "007B81F520E6D7DA",
4030 "E5E5E5E5E5E5E5E5", "E5E5E5E5E5E5E5E5", "961AEB77BFC10B3C",
4031 "E6E6E6E6E6E6E6E6", "E6E6E6E6E6E6E6E6", "8A8DD870C9B14AF2",
4032 "E7E7E7E7E7E7E7E7", "E7E7E7E7E7E7E7E7", "3CC02E14B6349B25",
4033 "E8E8E8E8E8E8E8E8", "E8E8E8E8E8E8E8E8", "BAD3EE68BDDB9607",
4034 "E9E9E9E9E9E9E9E9", "E9E9E9E9E9E9E9E9", "DFF918E93BDAD292",
4035 "EAEAEAEAEAEAEAEA", "EAEAEAEAEAEAEAEA", "8FE559C7CD6FA56D",
4036 "EBEBEBEBEBEBEBEB", "EBEBEBEBEBEBEBEB", "C88480835C1A444C",
4037 "ECECECECECECECEC", "ECECECECECECECEC", "D6EE30A16B2CC01E",
4038 "EDEDEDEDEDEDEDED", "EDEDEDEDEDEDEDED", "6932D887B2EA9C1A",
4039 "EEEEEEEEEEEEEEEE", "EEEEEEEEEEEEEEEE", "0BFC865461F13ACC",
4040 "EFEFEFEFEFEFEFEF", "EFEFEFEFEFEFEFEF", "228AEA0D403E807A",
4041 "F0F0F0F0F0F0F0F0", "F0F0F0F0F0F0F0F0", "2A2891F65BB8173C",
4042 "F1F1F1F1F1F1F1F1", "F1F1F1F1F1F1F1F1", "5D1B8FAF7839494B",
4043 "F2F2F2F2F2F2F2F2", "F2F2F2F2F2F2F2F2", "1C0A9280EECF5D48",
4044 "F3F3F3F3F3F3F3F3", "F3F3F3F3F3F3F3F3", "6CBCE951BBC30F74",
4045 "F4F4F4F4F4F4F4F4", "F4F4F4F4F4F4F4F4", "9CA66E96BD08BC70",
4046 "F5F5F5F5F5F5F5F5", "F5F5F5F5F5F5F5F5", "F5D779FCFBB28BF3",
4047 "F6F6F6F6F6F6F6F6", "F6F6F6F6F6F6F6F6", "0FEC6BBF9B859184",
4048 "F7F7F7F7F7F7F7F7", "F7F7F7F7F7F7F7F7", "EF88D2BF052DBDA8",
4049 "F8F8F8F8F8F8F8F8", "F8F8F8F8F8F8F8F8", "39ADBDDB7363090D",
4050 "F9F9F9F9F9F9F9F9", "F9F9F9F9F9F9F9F9", "C0AEAF445F7E2A7A",
4051 "FAFAFAFAFAFAFAFA", "FAFAFAFAFAFAFAFA", "C66F54067298D4E9",
4052 "FBFBFBFBFBFBFBFB", "FBFBFBFBFBFBFBFB", "E0BA8F4488AAF97C",
4053 "FCFCFCFCFCFCFCFC", "FCFCFCFCFCFCFCFC", "67B36E2875D9631C",
4054 "FDFDFDFDFDFDFDFD", "FDFDFDFDFDFDFDFD", "1ED83D49E267191D",
4055 "FEFEFEFEFEFEFEFE", "FEFEFEFEFEFEFEFE", "66B2B23EA84693AD",
4056 "FFFFFFFFFFFFFFFF", "FFFFFFFFFFFFFFFF", "7359B2163E4EDC58",
4057 "0001020304050607", "0011223344556677", "3EF0A891CF8ED990",
4058 "2BD6459F82C5B300", "EA024714AD5C4D84", "126EFE8ED312190A",
4064 * Known-answer tests for DES/3DES in CBC mode. Order: key, IV,
4065 * plaintext, ciphertext.
4067 static const char *const KAT_DES_CBC
[] = {
4069 * From NIST validation suite (tdesmmt.zip).
4071 "34a41a8c293176c1b30732ecfe38ae8a34a41a8c293176c1",
4076 "70a88fa1dfb9942fa77f40157ffef2ad70a88fa1dfb9942f",
4078 "bc225304d5a3a5c9918fc5006cbc40cc",
4079 "27f67dc87af7ddb4b68f63fa7c2d454a",
4081 "e091790be55be0bc0780153861a84adce091790be55be0bc",
4083 "03c7fffd7f36499c703dedc9df4de4a92dd4382e576d6ae9",
4084 "053aeba85dd3a23bfbe8440a432f9578f312be60fb9f0035",
4086 "857feacd16157c58e5347a70e56e578a857feacd16157c58",
4088 "1f13701c7f0d7385307507a18e89843ebd295bd5e239ef109347a6898c6d3fd5",
4089 "a0e4edde34f05bd8397ce279e49853e9387ba04be562f5fa19c3289c3f5a3391",
4091 "a173545b265875ba852331fbb95b49a8a173545b265875ba",
4093 "d08894c565608d9ae51dda63b85b3b33b1703bb5e4f1abcbb8794e743da5d6f3bf630f2e9b6d5b54",
4094 "370b47acf89ac6bdbb13c9a7336787dc41e1ad8beead32281d0609fb54968404bdf2894892590658",
4096 "26376bcb2f23df1083cd684fe00ed3c726376bcb2f23df10",
4098 "903a1911da1e6877f23c1985a9b61786ef438e0ce1240885035ad60fc916b18e5d71a1fb9c5d1eff61db75c0076f6efb",
4099 "7a4f7510f6ec0b93e2495d21a8355684d303a770ebda2e0e51ff33d72b20cb73e58e2e3de2ef6b2e12c504c0f181ba63",
4101 "3e1f98135d027cec752f67765408a7913e1f98135d027cec",
4103 "7c022f5af24f7925d323d4d0e20a2ce49272c5e764b22c806f4b6ddc406d864fe5bd1c3f45556d3eb30c8676c2f8b54a5a32423a0bd95a07",
4104 "2bb4b131fa4ae0b4f0378a2cdb68556af6eee837613016d7ea936f3931f25f8b3ae351d5e9d00be665676e2400408b5db9892d95421e7f1a",
4106 "13b9d549cd136ec7bf9e9810ef2cdcbf13b9d549cd136ec7",
4108 "1fff1563bc1645b55cb23ea34a0049dfc06607150614b621dedcb07f20433402a2d869c95ac4a070c7a3da838c928a385f899c5d21ecb58f4e5cbdad98d39b8c",
4109 "75f804d4a2c542a31703e23df26cc38861a0729090e6eae5672c1db8c0b09fba9b125bbca7d6c7d330b3859e6725c6d26de21c4e3af7f5ea94df3cde2349ce37",
4111 "20320dfdad579bb57c6e4acd769dbadf20320dfdad579bb5",
4113 "0431283cc8bb4dc7750a9d5c68578486932091632a12d0a79f2c54e3d122130881fff727050f317a40fcd1a8d13793458b99fc98254ba6a233e3d95b55cf5a3faff78809999ea4bf",
4114 "85d17840eb2af5fc727027336bfd71a2b31bd14a1d9eb64f8a08bfc4f56eaa9ca7654a5ae698287869cc27324813730de4f1384e0b8cfbc472ff5470e3c5e4bd8ceb23dc2d91988c",
4116 "23abb073a2df34cb3d1fdce6b092582c23abb073a2df34cb",
4118 "31e718fd95e6d7ca4f94763191add2674ab07c909d88c486916c16d60a048a0cf8cdb631cebec791362cd0c202eb61e166b65c1f65d0047c8aec57d3d84b9e17032442dce148e1191b06a12c284cc41e",
4119 "c9a3f75ab6a7cd08a7fd53ca540aafe731d257ee1c379fadcc4cc1a06e7c12bddbeb7562c436d1da849ed072629e82a97b56d9becc25ff4f16f21c5f2a01911604f0b5c49df96cb641faee662ca8aa68",
4121 "b5cb1504802326c73df186e3e352a20de643b0d63ee30e37",
4126 "a49d7564199e97cb529d2c9d97bf2f98d35edf57ba1f7358",
4128 "c689aee38a301bb316da75db36f110b5",
4129 "e9afaba5ec75ea1bbe65506655bb4ecb",
4131 "1a5d4c0825072a15a8ad9dfdaeda8c048adffb85bc4fced0",
4133 "983c3edacd939406010e1bc6ff9e12320ac5008117fa8f84",
4134 "d84fa24f38cf451ca2c9adc960120bd8ff9871584fe31cee",
4136 "d98aadc76d4a3716158c32866efbb9ce834af2297379a49d",
4138 "6174079dda53ca723ebf00a66837f8d5ce648c08acaa5ee45ffe62210ef79d3e",
4139 "f5bd4d600bed77bec78409e3530ebda1d815506ed53103015b87e371ae000958",
4141 "ef6d3e54266d978ffb0b8ce6689d803e2cd34cc802fd0252",
4143 "c4f228b537223cd01c0debb5d9d4e12ba71656618d119b2f8f0af29d23efa3a9e43c4c458a1b79a0",
4144 "9e3289fb18379f55aa4e45a7e0e6df160b33b75f8627ad0954f8fdcb78cee55a4664caeda1000fe5",
4146 "625bc19b19df83abfb2f5bec9d4f2062017525a75bc26e70",
4148 "8152d2ab876c3c8201403a5a406d3feaf27319dbea6ad01e24f4d18203704b86de70da6bbb6d638e5aba3ff576b79b28",
4149 "706fe7a973fac40e25b2b4499ce527078944c70e976d017b6af86a3a7a6b52943a72ba18a58000d2b61fdc3bfef2bc4a",
4151 "b6383176046e6880a1023bf45768b5bf5119022fe054bfe5",
4153 "cd5a886e9af011346c4dba36a424f96a78a1ddf28aaa4188bf65451f4efaffc7179a6dd237c0ae35d9b672314e5cb032612597f7e462c6f3",
4154 "b030f976f46277ee211c4a324d5c87555d1084513a1223d3b84416b52bbc28f4b77f3a9d8d0d91dc37d3dbe8af8be98f74674b02f9a38527",
4156 "3d8cf273d343b9aedccddacb91ad86206737adc86b4a49a7",
4158 "1fde3991c32ce220b5b6666a9234f2fd7bd24b921829fd9cdc6eb4218be9eac9faa9c2351777349128086b6d58776bc86ff2f76ee1b3b2850a318462b8983fa1",
4159 "422ce705a46bb52ad928dab6c863166d617c6fc24003633120d91918314bbf464cea7345c3c35f2042f2d6929735d74d7728f22fea618a0b9cf5b1281acb13fb",
4161 "fbceb5cb646b925be0b92f7f6b493d5e5b16e9159732732a",
4163 "4c309bc8e1e464fdd2a2b8978645d668d455f7526bd8d7b6716a722f6a900b815c4a73cc30e788065c1dfca7bf5958a6cc5440a5ebe7f8691c20278cde95db764ff8ce8994ece89c",
4164 "c02129bdf4bbbd75e71605a00b12c80db6b4e05308e916615011f09147ed915dd1bc67f27f9e027e4e13df36b55464a31c11b4d1fe3d855d89df492e1a7201b995c1ba16a8dbabee",
4166 "9b162a0df8ad9b61c88676e3d586434570b902f12a2046e0",
4168 "f4c1c918e77355c8156f0fd778da52bff121ae5f2f44eaf4d2754946d0e10d1f18ce3a0176e69c18b7d20b6e0d0bee5eb5edfe4bd60e4d92adcd86bce72e76f94ee5cbcaa8b01cfddcea2ade575e66ac",
4169 "1ff3c8709f403a8eff291aedf50c010df5c5ff64a8b205f1fce68564798897a390db16ee0d053856b75898009731da290fcc119dad987277aacef694872e880c4bb41471063fae05c89f25e4bd0cad6a",
4175 xor_buf(unsigned char *dst
, const unsigned char *src
, size_t len
)
4177 while (len
-- > 0) {
4183 monte_carlo_DES_encrypt(const br_block_cbcenc_class
*ve
)
4185 unsigned char k1
[8], k2
[8], k3
[8];
4186 unsigned char buf
[8];
4187 unsigned char cipher
[8];
4189 br_des_gen_cbcenc_keys v_ec
;
4193 hextobin(k1
, "9ec2372c86379df4");
4194 hextobin(k2
, "ad7ac4464f73805d");
4195 hextobin(k3
, "20c4f87564527c91");
4196 hextobin(buf
, "b624d6bd41783ab1");
4197 hextobin(cipher
, "eafd97b190b167fe");
4198 for (i
= 0; i
< 400; i
++) {
4199 unsigned char key
[24];
4202 memcpy(key
+ 8, k2
, 8);
4203 memcpy(key
+ 16, k3
, 8);
4204 ve
->init(ec
, key
, sizeof key
);
4205 for (j
= 0; j
< 10000; j
++) {
4206 unsigned char iv
[8];
4208 memset(iv
, 0, sizeof iv
);
4209 ve
->run(ec
, iv
, buf
, sizeof buf
);
4211 case 9997: xor_buf(k3
, buf
, 8); break;
4212 case 9998: xor_buf(k2
, buf
, 8); break;
4213 case 9999: xor_buf(k1
, buf
, 8); break;
4221 check_equals("MC DES encrypt", buf
, cipher
, sizeof buf
);
4225 monte_carlo_DES_decrypt(const br_block_cbcdec_class
*vd
)
4227 unsigned char k1
[8], k2
[8], k3
[8];
4228 unsigned char buf
[8];
4229 unsigned char plain
[8];
4231 br_des_gen_cbcdec_keys v_dc
;
4235 hextobin(k1
, "79b63486e0ce37e0");
4236 hextobin(k2
, "08e65231abae3710");
4237 hextobin(k3
, "1f5eb69e925ef185");
4238 hextobin(buf
, "2783aa729432fe96");
4239 hextobin(plain
, "44937ca532cdbf98");
4240 for (i
= 0; i
< 400; i
++) {
4241 unsigned char key
[24];
4244 memcpy(key
+ 8, k2
, 8);
4245 memcpy(key
+ 16, k3
, 8);
4246 vd
->init(dc
, key
, sizeof key
);
4247 for (j
= 0; j
< 10000; j
++) {
4248 unsigned char iv
[8];
4250 memset(iv
, 0, sizeof iv
);
4251 vd
->run(dc
, iv
, buf
, sizeof buf
);
4253 case 9997: xor_buf(k3
, buf
, 8); break;
4254 case 9998: xor_buf(k2
, buf
, 8); break;
4255 case 9999: xor_buf(k1
, buf
, 8); break;
4263 check_equals("MC DES decrypt", buf
, plain
, sizeof buf
);
4267 test_DES_generic(char *name
,
4268 const br_block_cbcenc_class
*ve
,
4269 const br_block_cbcdec_class
*vd
,
4270 int with_MC
, int with_CBC
)
4274 printf("Test %s: ", name
);
4277 if (ve
->block_size
!= 8 || vd
->block_size
!= 8) {
4278 fprintf(stderr
, "%s failed: wrong block size\n", name
);
4282 for (u
= 0; KAT_DES
[u
]; u
+= 3) {
4283 unsigned char key
[24];
4284 unsigned char plain
[8];
4285 unsigned char cipher
[8];
4286 unsigned char buf
[8];
4287 unsigned char iv
[8];
4289 br_des_gen_cbcenc_keys v_ec
;
4290 br_des_gen_cbcdec_keys v_dc
;
4291 const br_block_cbcenc_class
**ec
;
4292 const br_block_cbcdec_class
**dc
;
4296 key_len
= hextobin(key
, KAT_DES
[u
]);
4297 hextobin(plain
, KAT_DES
[u
+ 1]);
4298 hextobin(cipher
, KAT_DES
[u
+ 2]);
4299 ve
->init(ec
, key
, key_len
);
4300 memcpy(buf
, plain
, sizeof plain
);
4301 memset(iv
, 0, sizeof iv
);
4302 ve
->run(ec
, iv
, buf
, sizeof buf
);
4303 check_equals("KAT DES encrypt", buf
, cipher
, sizeof cipher
);
4304 vd
->init(dc
, key
, key_len
);
4305 memset(iv
, 0, sizeof iv
);
4306 vd
->run(dc
, iv
, buf
, sizeof buf
);
4307 check_equals("KAT DES decrypt", buf
, plain
, sizeof plain
);
4310 memcpy(key
+ 8, key
, 8);
4311 memcpy(key
+ 16, key
, 8);
4312 ve
->init(ec
, key
, 24);
4313 memcpy(buf
, plain
, sizeof plain
);
4314 memset(iv
, 0, sizeof iv
);
4315 ve
->run(ec
, iv
, buf
, sizeof buf
);
4316 check_equals("KAT DES->3 encrypt",
4317 buf
, cipher
, sizeof cipher
);
4318 vd
->init(dc
, key
, 24);
4319 memset(iv
, 0, sizeof iv
);
4320 vd
->run(dc
, iv
, buf
, sizeof buf
);
4321 check_equals("KAT DES->3 decrypt",
4322 buf
, plain
, sizeof plain
);
4327 for (u
= 0; KAT_DES_CBC
[u
]; u
+= 4) {
4328 unsigned char key
[24];
4329 unsigned char ivref
[8];
4330 unsigned char plain
[200];
4331 unsigned char cipher
[200];
4332 unsigned char buf
[200];
4333 unsigned char iv
[8];
4334 size_t key_len
, data_len
, v
;
4335 br_des_gen_cbcenc_keys v_ec
;
4336 br_des_gen_cbcdec_keys v_dc
;
4337 const br_block_cbcenc_class
**ec
;
4338 const br_block_cbcdec_class
**dc
;
4342 key_len
= hextobin(key
, KAT_DES_CBC
[u
]);
4343 hextobin(ivref
, KAT_DES_CBC
[u
+ 1]);
4344 data_len
= hextobin(plain
, KAT_DES_CBC
[u
+ 2]);
4345 hextobin(cipher
, KAT_DES_CBC
[u
+ 3]);
4346 ve
->init(ec
, key
, key_len
);
4348 memcpy(buf
, plain
, data_len
);
4349 memcpy(iv
, ivref
, 8);
4350 ve
->run(ec
, iv
, buf
, data_len
);
4351 check_equals("KAT CBC DES encrypt",
4352 buf
, cipher
, data_len
);
4353 vd
->init(dc
, key
, key_len
);
4354 memcpy(iv
, ivref
, 8);
4355 vd
->run(dc
, iv
, buf
, data_len
);
4356 check_equals("KAT CBC DES decrypt",
4357 buf
, plain
, data_len
);
4359 memcpy(buf
, plain
, data_len
);
4360 memcpy(iv
, ivref
, 8);
4361 for (v
= 0; v
< data_len
; v
+= 8) {
4362 ve
->run(ec
, iv
, buf
+ v
, 8);
4364 check_equals("KAT CBC DES encrypt (2)",
4365 buf
, cipher
, data_len
);
4366 memcpy(iv
, ivref
, 8);
4367 for (v
= 0; v
< data_len
; v
+= 8) {
4368 vd
->run(dc
, iv
, buf
+ v
, 8);
4370 check_equals("KAT CBC DES decrypt (2)",
4371 buf
, plain
, data_len
);
4376 monte_carlo_DES_encrypt(ve
);
4377 monte_carlo_DES_decrypt(vd
);
4387 test_DES_generic("DES_tab",
4388 &br_des_tab_cbcenc_vtable
,
4389 &br_des_tab_cbcdec_vtable
,
4396 test_DES_generic("DES_ct",
4397 &br_des_ct_cbcenc_vtable
,
4398 &br_des_ct_cbcdec_vtable
,
4402 static const struct {
4407 const char *scipher
;
4408 } KAT_CHACHA20
[] = {
4410 "0000000000000000000000000000000000000000000000000000000000000000",
4411 "000000000000000000000000",
4413 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
4414 "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586"
4417 "0000000000000000000000000000000000000000000000000000000000000001",
4418 "000000000000000000000002",
4420 "416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f",
4421 "a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec2a97948bd3722915c8f3d337f7d370050e9e96d647b7c39f56e031ca5eb6250d4042e02785ececfa4b4bb5e8ead0440e20b6e8db09d881a7c6132f420e52795042bdfa7773d8a9051447b3291ce1411c680465552aa6c405b7764d5e87bea85ad00f8449ed8f72d0d662ab052691ca66424bc86d2df80ea41f43abf937d3259dc4b2d0dfb48a6c9139ddd7f76966e928e635553ba76c5c879d7b35d49eb2e62b0871cdac638939e25e8a1e0ef9d5280fa8ca328b351c3c765989cbcf3daa8b6ccc3aaf9f3979c92b3720fc88dc95ed84a1be059c6499b9fda236e7e818b04b0bc39c1e876b193bfe5569753f88128cc08aaa9b63d1a16f80ef2554d7189c411f5869ca52c5b83fa36ff216b9c1d30062bebcfd2dc5bce0911934fda79a86f6e698ced759c3ff9b6477338f3da4f9cd8514ea9982ccafb341b2384dd902f3d1ab7ac61dd29c6f21ba5b862f3730e37cfdc4fd806c22f221"
4424 "1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0",
4425 "000000000000000000000002",
4427 "2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e",
4428 "62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1"
4434 test_ChaCha20_generic(const char *name
, br_chacha20_run cr
)
4438 printf("Test %s: ", name
);
4441 printf("UNAVAILABLE\n");
4445 for (u
= 0; KAT_CHACHA20
[u
].skey
; u
++) {
4446 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4450 hextobin(key
, KAT_CHACHA20
[u
].skey
);
4451 hextobin(nonce
, KAT_CHACHA20
[u
].snonce
);
4452 cc
= KAT_CHACHA20
[u
].counter
;
4453 len
= hextobin(plain
, KAT_CHACHA20
[u
].splain
);
4454 hextobin(cipher
, KAT_CHACHA20
[u
].scipher
);
4456 for (v
= 0; v
< len
; v
++) {
4457 unsigned char tmp
[400];
4461 memset(tmp
, 0, sizeof tmp
);
4462 memcpy(tmp
, plain
, v
);
4463 if (cr(key
, nonce
, cc
, tmp
, v
)
4464 != cc
+ (uint32_t)((v
+ 63) >> 6))
4466 fprintf(stderr
, "ChaCha20: wrong counter\n");
4469 if (memcmp(tmp
, cipher
, v
) != 0) {
4470 fprintf(stderr
, "ChaCha20 KAT fail (1)\n");
4473 for (w
= v
; w
< sizeof tmp
; w
++) {
4475 fprintf(stderr
, "ChaCha20: overrun\n");
4479 for (w
= 0, cc2
= cc
; w
< v
; w
+= 64, cc2
++) {
4486 if (cr(key
, nonce
, cc2
, tmp
+ w
, x
)
4489 fprintf(stderr
, "ChaCha20:"
4490 " wrong counter (2)\n");
4494 if (memcmp(tmp
, plain
, v
) != 0) {
4495 fprintf(stderr
, "ChaCha20 KAT fail (2)\n");
4509 test_ChaCha20_ct(void)
4511 test_ChaCha20_generic("ChaCha20_ct", &br_chacha20_ct_run
);
4515 test_ChaCha20_sse2(void)
4517 test_ChaCha20_generic("ChaCha20_sse2", br_chacha20_sse2_get());
4520 static const struct {
4525 const char *scipher
;
4527 } KAT_POLY1305
[] = {
4529 "4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e",
4530 "50515253c0c1c2c3c4c5c6c7",
4531 "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f",
4532 "070000004041424344454647",
4533 "d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116",
4534 "1ae10b594f09e26a7e902ecbd0600691"
4536 { 0, 0, 0, 0, 0, 0 }
4540 test_Poly1305_inner(const char *name
, br_poly1305_run ipoly
,
4541 br_poly1305_run iref
)
4544 br_hmac_drbg_context rng
;
4546 printf("Test %s: ", name
);
4549 for (u
= 0; KAT_POLY1305
[u
].skey
; u
++) {
4550 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4551 unsigned char aad
[400], tag
[16], data
[400], tmp
[16];
4552 size_t len
, aad_len
;
4554 len
= hextobin(plain
, KAT_POLY1305
[u
].splain
);
4555 aad_len
= hextobin(aad
, KAT_POLY1305
[u
].saad
);
4556 hextobin(key
, KAT_POLY1305
[u
].skey
);
4557 hextobin(nonce
, KAT_POLY1305
[u
].snonce
);
4558 hextobin(cipher
, KAT_POLY1305
[u
].scipher
);
4559 hextobin(tag
, KAT_POLY1305
[u
].stag
);
4561 memcpy(data
, plain
, len
);
4562 ipoly(key
, nonce
, data
, len
,
4563 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 1);
4564 check_equals("ChaCha20+Poly1305 KAT (1)", data
, cipher
, len
);
4565 check_equals("ChaCha20+Poly1305 KAT (2)", tmp
, tag
, 16);
4566 ipoly(key
, nonce
, data
, len
,
4567 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 0);
4568 check_equals("ChaCha20+Poly1305 KAT (3)", data
, plain
, len
);
4569 check_equals("ChaCha20+Poly1305 KAT (4)", tmp
, tag
, 16);
4579 * We compare the "ipoly" and "iref" implementations together on
4580 * a bunch of pseudo-random messages.
4582 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for Poly1305", 17);
4583 for (u
= 0; u
< 100; u
++) {
4584 unsigned char plain
[100], aad
[100], tmp
[100];
4585 unsigned char key
[32], iv
[12], tag1
[16], tag2
[16];
4587 br_hmac_drbg_generate(&rng
, key
, sizeof key
);
4588 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
4589 br_hmac_drbg_generate(&rng
, plain
, u
);
4590 br_hmac_drbg_generate(&rng
, aad
, u
);
4591 memcpy(tmp
, plain
, u
);
4592 memset(tmp
+ u
, 0xFF, (sizeof tmp
) - u
);
4593 ipoly(key
, iv
, tmp
, u
, aad
, u
, tag1
,
4594 &br_chacha20_ct_run
, 1);
4595 memset(tmp
+ u
, 0x00, (sizeof tmp
) - u
);
4596 iref(key
, iv
, tmp
, u
, aad
, u
, tag2
,
4597 &br_chacha20_ct_run
, 0);
4598 if (memcmp(tmp
, plain
, u
) != 0) {
4599 fprintf(stderr
, "cross enc/dec failed\n");
4602 if (memcmp(tag1
, tag2
, sizeof tag1
) != 0) {
4603 fprintf(stderr
, "cross MAC failed\n");
4615 test_Poly1305_ctmul(void)
4617 test_Poly1305_inner("Poly1305_ctmul", &br_poly1305_ctmul_run
,
4618 &br_poly1305_i15_run
);
4622 test_Poly1305_ctmul32(void)
4624 test_Poly1305_inner("Poly1305_ctmul32", &br_poly1305_ctmul32_run
,
4625 &br_poly1305_i15_run
);
4629 test_Poly1305_i15(void)
4631 test_Poly1305_inner("Poly1305_i15", &br_poly1305_i15_run
,
4632 &br_poly1305_ctmul_run
);
4636 test_Poly1305_ctmulq(void)
4640 bp
= br_poly1305_ctmulq_get();
4642 printf("Test Poly1305_ctmulq: UNAVAILABLE\n");
4644 test_Poly1305_inner("Poly1305_ctmulq", bp
,
4645 &br_poly1305_ctmul_run
);
4650 * A 1024-bit RSA key, generated with OpenSSL.
4652 static const unsigned char RSA_N
[] = {
4653 0xBF, 0xB4, 0xA6, 0x2E, 0x87, 0x3F, 0x9C, 0x8D,
4654 0xA0, 0xC4, 0x2E, 0x7B, 0x59, 0x36, 0x0F, 0xB0,
4655 0xFF, 0xE1, 0x25, 0x49, 0xE5, 0xE6, 0x36, 0xB0,
4656 0x48, 0xC2, 0x08, 0x6B, 0x77, 0xA7, 0xC0, 0x51,
4657 0x66, 0x35, 0x06, 0xA9, 0x59, 0xDF, 0x17, 0x7F,
4658 0x15, 0xF6, 0xB4, 0xE5, 0x44, 0xEE, 0x72, 0x3C,
4659 0x53, 0x11, 0x52, 0xC9, 0xC9, 0x61, 0x4F, 0x92,
4660 0x33, 0x64, 0x70, 0x43, 0x07, 0xF1, 0x3F, 0x7F,
4661 0x15, 0xAC, 0xF0, 0xC1, 0x54, 0x7D, 0x55, 0xC0,
4662 0x29, 0xDC, 0x9E, 0xCC, 0xE4, 0x1D, 0x11, 0x72,
4663 0x45, 0xF4, 0xD2, 0x70, 0xFC, 0x34, 0xB2, 0x1F,
4664 0xF3, 0xAD, 0x6A, 0xF0, 0xE5, 0x56, 0x11, 0xF8,
4665 0x0C, 0x3A, 0x8B, 0x04, 0x46, 0x7C, 0x77, 0xD9,
4666 0x41, 0x1F, 0x40, 0xBE, 0x93, 0x80, 0x9D, 0x23,
4667 0x75, 0x80, 0x12, 0x26, 0x5A, 0x72, 0x1C, 0xDD,
4668 0x47, 0xB3, 0x2A, 0x33, 0xD8, 0x19, 0x61, 0xE3
4670 static const unsigned char RSA_E
[] = {
4674 static const unsigned char RSA_D[] = {
4675 0xAE, 0x56, 0x0B, 0x56, 0x7E, 0xDA, 0x83, 0x75,
4676 0x6C, 0xC1, 0x5C, 0x00, 0x02, 0x96, 0x1E, 0x58,
4677 0xF9, 0xA9, 0xF7, 0x2E, 0x27, 0xEB, 0x5E, 0xCA,
4678 0x9B, 0xB0, 0x10, 0xD6, 0x22, 0x7F, 0xA4, 0x6E,
4679 0xA2, 0x03, 0x10, 0xE6, 0xCB, 0x7B, 0x0D, 0x34,
4680 0x1E, 0x76, 0x37, 0xF5, 0xD3, 0xE5, 0x00, 0x70,
4681 0x09, 0x9E, 0xD4, 0x69, 0xFB, 0x40, 0x0A, 0x8B,
4682 0xCB, 0x3E, 0xC8, 0xB4, 0xBC, 0xB1, 0x50, 0xEA,
4683 0x9D, 0xD9, 0x89, 0x8A, 0x98, 0x40, 0x79, 0xD1,
4684 0x07, 0x66, 0xA7, 0x90, 0x63, 0x82, 0xB1, 0xE0,
4685 0x24, 0xD0, 0x89, 0x6A, 0xEC, 0xC5, 0xF3, 0x21,
4686 0x7D, 0xB8, 0xA5, 0x45, 0x3A, 0x3B, 0x34, 0x42,
4687 0xC2, 0x82, 0x3C, 0x8D, 0xFA, 0x5D, 0xA0, 0xA8,
4688 0x24, 0xC8, 0x40, 0x22, 0x19, 0xCB, 0xB5, 0x85,
4689 0x67, 0x69, 0x60, 0xE4, 0xD0, 0x7E, 0xA3, 0x3B,
4690 0xF7, 0x70, 0x50, 0xC9, 0x5C, 0x97, 0x29, 0x49
4693 static const unsigned char RSA_P
[] = {
4694 0xF2, 0xE7, 0x6F, 0x66, 0x2E, 0xC4, 0x03, 0xD4,
4695 0x89, 0x24, 0xCC, 0xE1, 0xCD, 0x3F, 0x01, 0x82,
4696 0xC1, 0xFB, 0xAF, 0x44, 0xFA, 0xCC, 0x0E, 0xAA,
4697 0x9D, 0x74, 0xA9, 0x65, 0xEF, 0xED, 0x4C, 0x87,
4698 0xF0, 0xB3, 0xC6, 0xEA, 0x61, 0x85, 0xDE, 0x4E,
4699 0x66, 0xB2, 0x5A, 0x9F, 0x7A, 0x41, 0xC5, 0x66,
4700 0x57, 0xDF, 0x88, 0xF0, 0xB5, 0xF2, 0xC7, 0x7E,
4701 0xE6, 0x55, 0x21, 0x96, 0x83, 0xD8, 0xAB, 0x57
4703 static const unsigned char RSA_Q
[] = {
4704 0xCA, 0x0A, 0x92, 0xBF, 0x58, 0xB0, 0x2E, 0xF6,
4705 0x66, 0x50, 0xB1, 0x48, 0x29, 0x42, 0x86, 0x6C,
4706 0x98, 0x06, 0x7E, 0xB8, 0xB5, 0x4F, 0xFB, 0xC4,
4707 0xF3, 0xC3, 0x36, 0x91, 0x07, 0xB6, 0xDB, 0xE9,
4708 0x56, 0x3C, 0x51, 0x7D, 0xB5, 0xEC, 0x0A, 0xA9,
4709 0x7C, 0x66, 0xF9, 0xD8, 0x25, 0xDE, 0xD2, 0x94,
4710 0x5A, 0x58, 0xF1, 0x93, 0xE4, 0xF0, 0x5F, 0x27,
4711 0xBD, 0x83, 0xC7, 0xCA, 0x48, 0x6A, 0xB2, 0x55
4713 static const unsigned char RSA_DP
[] = {
4714 0xAF, 0x97, 0xBE, 0x60, 0x0F, 0xCE, 0x83, 0x36,
4715 0x51, 0x2D, 0xD9, 0x2E, 0x22, 0x41, 0x39, 0xC6,
4716 0x5C, 0x94, 0xA4, 0xCF, 0x28, 0xBD, 0xFA, 0x9C,
4717 0x3B, 0xD6, 0xE9, 0xDE, 0x56, 0xE3, 0x24, 0x3F,
4718 0xE1, 0x31, 0x14, 0xCA, 0xBA, 0x55, 0x1B, 0xAF,
4719 0x71, 0x6D, 0xDD, 0x35, 0x0C, 0x1C, 0x1F, 0xA7,
4720 0x2C, 0x3E, 0xDB, 0xAF, 0xA6, 0xD8, 0x2A, 0x7F,
4721 0x01, 0xE2, 0xE8, 0xB4, 0xF5, 0xFA, 0xDB, 0x61
4723 static const unsigned char RSA_DQ
[] = {
4724 0x29, 0xC0, 0x4B, 0x98, 0xFD, 0x13, 0xD3, 0x70,
4725 0x99, 0xAE, 0x1D, 0x24, 0x83, 0x5A, 0x3A, 0xFB,
4726 0x1F, 0xE3, 0x5F, 0xB6, 0x7D, 0xC9, 0x5C, 0x86,
4727 0xD3, 0xB4, 0xC8, 0x86, 0xE9, 0xE8, 0x30, 0xC3,
4728 0xA4, 0x4D, 0x6C, 0xAD, 0xA4, 0xB5, 0x75, 0x72,
4729 0x96, 0xC1, 0x94, 0xE9, 0xC4, 0xD1, 0xAA, 0x04,
4730 0x7C, 0x33, 0x1B, 0x20, 0xEB, 0xD3, 0x7C, 0x66,
4731 0x72, 0xF4, 0x53, 0x8A, 0x0A, 0xB2, 0xF9, 0xCD
4733 static const unsigned char RSA_IQ
[] = {
4734 0xE8, 0xEB, 0x04, 0x79, 0xA5, 0xC1, 0x79, 0xDE,
4735 0xD5, 0x49, 0xA1, 0x0B, 0x48, 0xB9, 0x0E, 0x55,
4736 0x74, 0x2C, 0x54, 0xEE, 0xA8, 0xB0, 0x01, 0xC2,
4737 0xD2, 0x3C, 0x3E, 0x47, 0x3A, 0x7C, 0xC8, 0x3D,
4738 0x2E, 0x33, 0x54, 0x4D, 0x40, 0x29, 0x41, 0x74,
4739 0xBA, 0xE1, 0x93, 0x09, 0xEC, 0xE0, 0x1B, 0x4D,
4740 0x1F, 0x2A, 0xCA, 0x4A, 0x0B, 0x5F, 0xE6, 0xBE,
4741 0x59, 0x0A, 0xC4, 0xC9, 0xD9, 0x82, 0xAC, 0xE1
4744 static const br_rsa_public_key RSA_PK
= {
4745 (void *)RSA_N
, sizeof RSA_N
,
4746 (void *)RSA_E
, sizeof RSA_E
4749 static const br_rsa_private_key RSA_SK
= {
4751 (void *)RSA_P
, sizeof RSA_P
,
4752 (void *)RSA_Q
, sizeof RSA_Q
,
4753 (void *)RSA_DP
, sizeof RSA_DP
,
4754 (void *)RSA_DQ
, sizeof RSA_DQ
,
4755 (void *)RSA_IQ
, sizeof RSA_IQ
4759 * A 2048-bit RSA key, generated with OpenSSL.
4761 static const unsigned char RSA2048_N
[] = {
4762 0xEA, 0xB1, 0xB0, 0x87, 0x60, 0xE2, 0x69, 0xF5,
4763 0xC9, 0x3F, 0xCB, 0x4F, 0x9E, 0x7D, 0xD0, 0x56,
4764 0x54, 0x8F, 0xF5, 0x59, 0x97, 0x04, 0x3F, 0x30,
4765 0xE1, 0xFB, 0x7B, 0xF5, 0xA0, 0xEB, 0xA7, 0x7B,
4766 0x29, 0x96, 0x7B, 0x32, 0x48, 0x48, 0xA4, 0x99,
4767 0x90, 0x92, 0x48, 0xFB, 0xDC, 0xEC, 0x8A, 0x3B,
4768 0xE0, 0x57, 0x6E, 0xED, 0x1C, 0x5B, 0x78, 0xCF,
4769 0x07, 0x41, 0x96, 0x4C, 0x2F, 0xA2, 0xD1, 0xC8,
4770 0xA0, 0x5F, 0xFC, 0x2A, 0x5B, 0x3F, 0xBC, 0xD7,
4771 0xE6, 0x91, 0xF1, 0x44, 0xD6, 0xD8, 0x41, 0x66,
4772 0x3E, 0x80, 0xEE, 0x98, 0x73, 0xD5, 0x32, 0x60,
4773 0x7F, 0xDF, 0xBF, 0xB2, 0x0B, 0xA5, 0xCA, 0x11,
4774 0x88, 0x1A, 0x0E, 0xA1, 0x61, 0x4C, 0x5A, 0x70,
4775 0xCE, 0x12, 0xC0, 0x61, 0xF5, 0x50, 0x0E, 0xF6,
4776 0xC1, 0xC2, 0x88, 0x8B, 0xE5, 0xCE, 0xAE, 0x90,
4777 0x65, 0x23, 0xA7, 0xAD, 0xCB, 0x04, 0x17, 0x00,
4778 0xA2, 0xDB, 0xB0, 0x21, 0x49, 0xDD, 0x3C, 0x2E,
4779 0x8C, 0x47, 0x27, 0xF2, 0x84, 0x51, 0x63, 0xEB,
4780 0xF8, 0xAF, 0x63, 0xA7, 0x89, 0xE1, 0xF0, 0x2F,
4781 0xF9, 0x9C, 0x0A, 0x8A, 0xBC, 0x57, 0x05, 0xB0,
4782 0xEF, 0xA0, 0xDA, 0x67, 0x70, 0xAF, 0x3F, 0xA4,
4783 0x92, 0xFC, 0x4A, 0xAC, 0xEF, 0x89, 0x41, 0x58,
4784 0x57, 0x63, 0x0F, 0x6A, 0x89, 0x68, 0x45, 0x4C,
4785 0x20, 0xF9, 0x7F, 0x50, 0x9D, 0x8C, 0x52, 0xC4,
4786 0xC1, 0x33, 0xCD, 0x42, 0x35, 0x12, 0xEC, 0x82,
4787 0xF9, 0xC1, 0xB7, 0x60, 0x7B, 0x52, 0x61, 0xD0,
4788 0xAE, 0xFD, 0x4B, 0x68, 0xB1, 0x55, 0x0E, 0xAB,
4789 0x99, 0x24, 0x52, 0x60, 0x8E, 0xDB, 0x90, 0x34,
4790 0x61, 0xE3, 0x95, 0x7C, 0x34, 0x64, 0x06, 0xCB,
4791 0x44, 0x17, 0x70, 0x78, 0xC1, 0x1B, 0x87, 0x8F,
4792 0xCF, 0xB0, 0x7D, 0x93, 0x59, 0x84, 0x49, 0xF5,
4793 0x55, 0xBB, 0x48, 0xCA, 0xD3, 0x76, 0x1E, 0x7F
4795 static const unsigned char RSA2048_E
[] = {
4798 static const unsigned char RSA2048_P
[] = {
4799 0xF9, 0xA7, 0xB5, 0xC4, 0xE8, 0x52, 0xEC, 0xB1,
4800 0x33, 0x6A, 0x68, 0x32, 0x63, 0x2D, 0xBA, 0xE5,
4801 0x61, 0x14, 0x69, 0x82, 0xC8, 0x31, 0x14, 0xD5,
4802 0xC2, 0x6C, 0x1A, 0xBE, 0xA0, 0x68, 0xA6, 0xC5,
4803 0xEA, 0x40, 0x59, 0xFB, 0x0A, 0x30, 0x3D, 0xD5,
4804 0xDD, 0x94, 0xAE, 0x0C, 0x9F, 0xEE, 0x19, 0x0C,
4805 0xA8, 0xF2, 0x85, 0x27, 0x60, 0xAA, 0xD5, 0x7C,
4806 0x59, 0x91, 0x1F, 0xAF, 0x5E, 0x00, 0xC8, 0x2D,
4807 0xCA, 0xB4, 0x70, 0xA1, 0xF8, 0x8C, 0x0A, 0xB3,
4808 0x08, 0x95, 0x03, 0x9E, 0xA4, 0x6B, 0x9D, 0x55,
4809 0x47, 0xE0, 0xEC, 0xB3, 0x21, 0x7C, 0xE4, 0x16,
4810 0x91, 0xE3, 0xD7, 0x1B, 0x3D, 0x81, 0xF1, 0xED,
4811 0x16, 0xF9, 0x05, 0x0E, 0xA6, 0x9F, 0x37, 0x73,
4812 0x18, 0x1B, 0x9C, 0x9D, 0x33, 0xAD, 0x25, 0xEF,
4813 0x3A, 0xC0, 0x4B, 0x34, 0x24, 0xF5, 0xFD, 0x59,
4814 0xF5, 0x65, 0xE6, 0x92, 0x2A, 0x04, 0x06, 0x3D
4816 static const unsigned char RSA2048_Q
[] = {
4817 0xF0, 0xA8, 0xA4, 0x20, 0xDD, 0xF3, 0x99, 0xE6,
4818 0x1C, 0xB1, 0x21, 0xE8, 0x66, 0x68, 0x48, 0x00,
4819 0x04, 0xE3, 0x21, 0xA3, 0xE8, 0xC5, 0xFD, 0x85,
4820 0x6D, 0x2C, 0x98, 0xE3, 0x36, 0x39, 0x3E, 0x80,
4821 0xB7, 0x36, 0xA5, 0xA9, 0xBB, 0xEB, 0x1E, 0xB8,
4822 0xEB, 0x44, 0x65, 0xE8, 0x81, 0x7D, 0xE0, 0x87,
4823 0xC1, 0x08, 0x94, 0xDD, 0x92, 0x40, 0xF4, 0x8B,
4824 0x3C, 0xB5, 0xC1, 0xAD, 0x9D, 0x4C, 0x14, 0xCD,
4825 0xD9, 0x2D, 0xB6, 0xE4, 0x99, 0xB3, 0x71, 0x63,
4826 0x64, 0xE1, 0x31, 0x7E, 0x34, 0x95, 0x96, 0x52,
4827 0x85, 0x27, 0xBE, 0x40, 0x10, 0x0A, 0x9E, 0x01,
4828 0x1C, 0xBB, 0xB2, 0x5B, 0x40, 0x85, 0x65, 0x6E,
4829 0xA0, 0x88, 0x73, 0xF6, 0x22, 0xCC, 0x23, 0x26,
4830 0x62, 0xAD, 0x92, 0x57, 0x57, 0xF4, 0xD4, 0xDF,
4831 0xD9, 0x7C, 0xDE, 0xAD, 0xD2, 0x1F, 0x32, 0x29,
4832 0xBA, 0xE7, 0xE2, 0x32, 0xA1, 0xA0, 0xBF, 0x6B
4834 static const unsigned char RSA2048_DP
[] = {
4835 0xB2, 0xF9, 0xD7, 0x66, 0xC5, 0x83, 0x05, 0x6A,
4836 0x77, 0xC8, 0xB5, 0xD0, 0x41, 0xA7, 0xBC, 0x0F,
4837 0xCB, 0x4B, 0xFD, 0xE4, 0x23, 0x2E, 0x84, 0x98,
4838 0x46, 0x1C, 0x88, 0x03, 0xD7, 0x2D, 0x8F, 0x39,
4839 0xDD, 0x98, 0xAA, 0xA9, 0x3D, 0x01, 0x9E, 0xA2,
4840 0xDE, 0x8A, 0x43, 0x48, 0x8B, 0xB2, 0xFE, 0xC4,
4841 0x43, 0xAE, 0x31, 0x65, 0x2C, 0x78, 0xEC, 0x39,
4842 0x8C, 0x60, 0x6C, 0xCD, 0xA4, 0xDF, 0x7C, 0xA2,
4843 0xCF, 0x6A, 0x12, 0x41, 0x1B, 0xD5, 0x11, 0xAA,
4844 0x8D, 0xE1, 0x7E, 0x49, 0xD1, 0xE7, 0xD0, 0x50,
4845 0x1E, 0x0A, 0x92, 0xC6, 0x4C, 0xA0, 0xA3, 0x47,
4846 0xC6, 0xE9, 0x07, 0x01, 0xE1, 0x53, 0x72, 0x23,
4847 0x9D, 0x4F, 0x82, 0x9F, 0xA1, 0x36, 0x0D, 0x63,
4848 0x76, 0x89, 0xFC, 0xF9, 0xF9, 0xDD, 0x0C, 0x8F,
4849 0xF7, 0x97, 0x79, 0x92, 0x75, 0x58, 0xE0, 0x7B,
4850 0x08, 0x61, 0x38, 0x2D, 0xDA, 0xEF, 0x2D, 0xA5
4852 static const unsigned char RSA2048_DQ
[] = {
4853 0x8B, 0x69, 0x56, 0x33, 0x08, 0x00, 0x8F, 0x3D,
4854 0xC3, 0x8F, 0x45, 0x52, 0x48, 0xC8, 0xCE, 0x34,
4855 0xDC, 0x9F, 0xEB, 0x23, 0xF5, 0xBB, 0x84, 0x62,
4856 0xDF, 0xDC, 0xBE, 0xF0, 0x98, 0xBF, 0xCE, 0x9A,
4857 0x68, 0x08, 0x4B, 0x2D, 0xA9, 0x83, 0xC9, 0xF7,
4858 0x5B, 0xAA, 0xF2, 0xD2, 0x1E, 0xF9, 0x99, 0xB1,
4859 0x6A, 0xBC, 0x9A, 0xE8, 0x44, 0x4A, 0x46, 0x9F,
4860 0xC6, 0x5A, 0x90, 0x49, 0x0F, 0xDF, 0x3C, 0x0A,
4861 0x07, 0x6E, 0xB9, 0x0D, 0x72, 0x90, 0x85, 0xF6,
4862 0x0B, 0x41, 0x7D, 0x17, 0x5C, 0x44, 0xEF, 0xA0,
4863 0xFC, 0x2C, 0x0A, 0xC5, 0x37, 0xC5, 0xBE, 0xC4,
4864 0x6C, 0x2D, 0xBB, 0x63, 0xAB, 0x5B, 0xDB, 0x67,
4865 0x9B, 0xAD, 0x90, 0x67, 0x9C, 0xBE, 0xDE, 0xF9,
4866 0xE4, 0x9E, 0x22, 0x31, 0x60, 0xED, 0x9E, 0xC7,
4867 0xD2, 0x48, 0xC9, 0x02, 0xAE, 0xBF, 0x8D, 0xA2,
4868 0xA8, 0xF8, 0x9D, 0x8B, 0xB1, 0x1F, 0xDA, 0xE3
4870 static const unsigned char RSA2048_IQ
[] = {
4871 0xB5, 0x48, 0xD4, 0x48, 0x5A, 0x33, 0xCD, 0x13,
4872 0xFE, 0xC6, 0xF7, 0x01, 0x0A, 0x3E, 0x40, 0xA3,
4873 0x45, 0x94, 0x6F, 0x85, 0xE4, 0x68, 0x66, 0xEC,
4874 0x69, 0x6A, 0x3E, 0xE0, 0x62, 0x3F, 0x0C, 0xEF,
4875 0x21, 0xCC, 0xDA, 0xAD, 0x75, 0x98, 0x12, 0xCA,
4876 0x9E, 0x31, 0xDD, 0x95, 0x0D, 0xBD, 0x55, 0xEB,
4877 0x92, 0xF7, 0x9E, 0xBD, 0xFC, 0x28, 0x35, 0x96,
4878 0x31, 0xDC, 0x53, 0x80, 0xA3, 0x57, 0x89, 0x3C,
4879 0x4A, 0xEC, 0x40, 0x75, 0x13, 0xAC, 0x4F, 0x36,
4880 0x3A, 0x86, 0x9A, 0xA6, 0x58, 0xC9, 0xED, 0xCB,
4881 0xD6, 0xBB, 0xB2, 0xD9, 0xAA, 0x04, 0xC4, 0xE8,
4882 0x47, 0x3E, 0xBD, 0x14, 0x9B, 0x8F, 0x61, 0x70,
4883 0x69, 0x66, 0x23, 0x62, 0x18, 0xE3, 0x52, 0x98,
4884 0xE3, 0x22, 0xE9, 0x6F, 0xDA, 0x28, 0x68, 0x08,
4885 0xB8, 0xB9, 0x8B, 0x97, 0x8B, 0x77, 0x3F, 0xCA,
4886 0x9D, 0x9D, 0xBE, 0xD5, 0x2D, 0x3E, 0xC2, 0x11
4889 static const br_rsa_public_key RSA2048_PK
= {
4890 (void *)RSA2048_N
, sizeof RSA2048_N
,
4891 (void *)RSA2048_E
, sizeof RSA2048_E
4894 static const br_rsa_private_key RSA2048_SK
= {
4896 (void *)RSA2048_P
, sizeof RSA2048_P
,
4897 (void *)RSA2048_Q
, sizeof RSA2048_Q
,
4898 (void *)RSA2048_DP
, sizeof RSA2048_DP
,
4899 (void *)RSA2048_DQ
, sizeof RSA2048_DQ
,
4900 (void *)RSA2048_IQ
, sizeof RSA2048_IQ
4904 * A 4096-bit RSA key, generated with OpenSSL.
4906 static const unsigned char RSA4096_N
[] = {
4907 0xAA, 0x17, 0x71, 0xBC, 0x92, 0x3E, 0xB5, 0xBD,
4908 0x3E, 0x64, 0xCF, 0x03, 0x9B, 0x24, 0x65, 0x33,
4909 0x5F, 0xB4, 0x47, 0x89, 0xE5, 0x63, 0xE4, 0xA0,
4910 0x5A, 0x51, 0x95, 0x07, 0x73, 0xEE, 0x00, 0xF6,
4911 0x3E, 0x31, 0x0E, 0xDA, 0x15, 0xC3, 0xAA, 0x21,
4912 0x6A, 0xCD, 0xFF, 0x46, 0x6B, 0xDF, 0x0A, 0x7F,
4913 0x8A, 0xC2, 0x25, 0x19, 0x47, 0x44, 0xD8, 0x52,
4914 0xC1, 0x56, 0x25, 0x6A, 0xE0, 0xD2, 0x61, 0x11,
4915 0x2C, 0xF7, 0x73, 0x9F, 0x5F, 0x74, 0xAA, 0xDD,
4916 0xDE, 0xAF, 0x81, 0xF6, 0x0C, 0x1A, 0x3A, 0xF9,
4917 0xC5, 0x47, 0x82, 0x75, 0x1D, 0x41, 0xF0, 0xB2,
4918 0xFD, 0xBA, 0xE2, 0xA4, 0xA1, 0xB8, 0x32, 0x48,
4919 0x06, 0x0D, 0x29, 0x2F, 0x44, 0x14, 0xF5, 0xAC,
4920 0x54, 0x83, 0xC4, 0xB6, 0x85, 0x85, 0x9B, 0x1C,
4921 0x05, 0x61, 0x28, 0x62, 0x24, 0xA8, 0xF0, 0xE6,
4922 0x80, 0xA7, 0x91, 0xE8, 0xC7, 0x8E, 0x52, 0x17,
4923 0xBE, 0xAF, 0xC6, 0x0A, 0xA3, 0xFB, 0xD1, 0x04,
4924 0x15, 0x3B, 0x14, 0x35, 0xA5, 0x41, 0xF5, 0x30,
4925 0xFE, 0xEF, 0x53, 0xA7, 0x89, 0x91, 0x78, 0x30,
4926 0xBE, 0x3A, 0xB1, 0x4B, 0x2E, 0x4A, 0x0E, 0x25,
4927 0x1D, 0xCF, 0x51, 0x54, 0x52, 0xF1, 0x88, 0x85,
4928 0x36, 0x23, 0xDE, 0xBA, 0x66, 0x25, 0x60, 0x8D,
4929 0x45, 0xD7, 0xD8, 0x10, 0x41, 0x64, 0xC7, 0x4B,
4930 0xCE, 0x72, 0x13, 0xD7, 0x20, 0xF8, 0x2A, 0x74,
4931 0xA5, 0x05, 0xF4, 0x5A, 0x90, 0xF4, 0x9C, 0xE7,
4932 0xC9, 0xCF, 0x1E, 0xD5, 0x9C, 0xAC, 0xE5, 0x00,
4933 0x83, 0x73, 0x9F, 0xE7, 0xC6, 0x93, 0xC0, 0x06,
4934 0xA7, 0xB8, 0xF8, 0x46, 0x90, 0xC8, 0x78, 0x27,
4935 0x2E, 0xCC, 0xC0, 0x2A, 0x20, 0xC5, 0xFC, 0x63,
4936 0x22, 0xA1, 0xD6, 0x16, 0xAD, 0x9C, 0xD6, 0xFC,
4937 0x7A, 0x6E, 0x9C, 0x98, 0x51, 0xEE, 0x6B, 0x6D,
4938 0x8F, 0xEF, 0xCE, 0x7C, 0x5D, 0x16, 0xB0, 0xCE,
4939 0x9C, 0xEE, 0x92, 0xCF, 0xB7, 0xEB, 0x41, 0x36,
4940 0x3A, 0x6C, 0xF2, 0x0D, 0x26, 0x11, 0x2F, 0x6C,
4941 0x27, 0x62, 0xA2, 0xCC, 0x63, 0x53, 0xBD, 0xFC,
4942 0x9F, 0xBE, 0x9B, 0xBD, 0xE5, 0xA7, 0xDA, 0xD4,
4943 0xF8, 0xED, 0x5E, 0x59, 0x2D, 0xAC, 0xCD, 0x13,
4944 0xEB, 0xE5, 0x9E, 0x39, 0x82, 0x8B, 0xFD, 0xA8,
4945 0xFB, 0xCB, 0x86, 0x27, 0xC7, 0x4B, 0x4C, 0xD0,
4946 0xBA, 0x12, 0xD0, 0x76, 0x1A, 0xDB, 0x30, 0xC5,
4947 0xB3, 0x2C, 0x4C, 0xC5, 0x32, 0x03, 0x05, 0x67,
4948 0x8D, 0xD0, 0x14, 0x37, 0x59, 0x2B, 0xE3, 0x1C,
4949 0x25, 0x3E, 0xA5, 0xE4, 0xF1, 0x0D, 0x34, 0xBB,
4950 0xD5, 0xF6, 0x76, 0x45, 0x5B, 0x0F, 0x1E, 0x07,
4951 0x0A, 0xBA, 0x9D, 0x71, 0x87, 0xDE, 0x45, 0x50,
4952 0xE5, 0x0F, 0x32, 0xBB, 0x5C, 0x32, 0x2D, 0x40,
4953 0xCD, 0x19, 0x95, 0x4E, 0xC5, 0x54, 0x3A, 0x9A,
4954 0x46, 0x9B, 0x85, 0xFE, 0x53, 0xB7, 0xD8, 0x65,
4955 0x6D, 0x68, 0x0C, 0xBB, 0xE3, 0x3D, 0x8E, 0x64,
4956 0xBE, 0x27, 0x15, 0xAB, 0x12, 0x20, 0xD9, 0x84,
4957 0xF5, 0x02, 0xE4, 0xBB, 0xDD, 0xAB, 0x59, 0x51,
4958 0xF4, 0xE1, 0x79, 0xBE, 0xB8, 0xA3, 0x8E, 0xD1,
4959 0x1C, 0xB0, 0xFA, 0x48, 0x76, 0xC2, 0x9D, 0x7A,
4960 0x01, 0xA5, 0xAF, 0x8C, 0xBA, 0xAA, 0x4C, 0x06,
4961 0x2B, 0x0A, 0x62, 0xF0, 0x79, 0x5B, 0x42, 0xFC,
4962 0xF8, 0xBF, 0xD4, 0xDD, 0x62, 0x32, 0xE3, 0xCE,
4963 0xF1, 0x2C, 0xE6, 0xED, 0xA8, 0x8A, 0x41, 0xA3,
4964 0xC1, 0x1E, 0x07, 0xB6, 0x43, 0x10, 0x80, 0xB7,
4965 0xF3, 0xD0, 0x53, 0x2A, 0x9A, 0x98, 0xA7, 0x4F,
4966 0x9E, 0xA3, 0x3E, 0x1B, 0xDA, 0x93, 0x15, 0xF2,
4967 0xF4, 0x20, 0xA5, 0xA8, 0x4F, 0x8A, 0xBA, 0xED,
4968 0xB1, 0x17, 0x6C, 0x0F, 0xD9, 0x8F, 0x38, 0x11,
4969 0xF3, 0xD9, 0x5E, 0x88, 0xA1, 0xA1, 0x82, 0x8B,
4970 0x30, 0xD7, 0xC6, 0xCE, 0x4E, 0x30, 0x55, 0x57
4972 static const unsigned char RSA4096_E
[] = {
4975 static const unsigned char RSA4096_P
[] = {
4976 0xD3, 0x7A, 0x22, 0xD8, 0x9B, 0xBF, 0x42, 0xB4,
4977 0x53, 0x04, 0x10, 0x6A, 0x84, 0xFD, 0x7C, 0x1D,
4978 0xF6, 0xF4, 0x10, 0x65, 0xAA, 0xE5, 0xE1, 0x4E,
4979 0xB4, 0x37, 0xF7, 0xAC, 0xF7, 0xD3, 0xB2, 0x3B,
4980 0xFE, 0xE7, 0x63, 0x42, 0xE9, 0xF0, 0x3C, 0xE0,
4981 0x42, 0xB4, 0xBB, 0x09, 0xD0, 0xB2, 0x7C, 0x70,
4982 0xA4, 0x11, 0x97, 0x90, 0x01, 0xD0, 0x0E, 0x7B,
4983 0xAF, 0x7D, 0x30, 0x4E, 0x6B, 0x3A, 0xCC, 0x50,
4984 0x4E, 0xAF, 0x2F, 0xC3, 0xC2, 0x4F, 0x7E, 0xC5,
4985 0xB3, 0x76, 0x33, 0xFB, 0xA7, 0xB1, 0x96, 0xA5,
4986 0x46, 0x41, 0xC6, 0xDA, 0x5A, 0xFD, 0x17, 0x0A,
4987 0x6A, 0x86, 0x54, 0x83, 0xE1, 0x57, 0xE7, 0xAF,
4988 0x8C, 0x42, 0xE5, 0x39, 0xF2, 0xC7, 0xFC, 0x4A,
4989 0x3D, 0x3C, 0x94, 0x89, 0xC2, 0xC6, 0x2D, 0x0A,
4990 0x5F, 0xD0, 0x21, 0x23, 0x5C, 0xC9, 0xC8, 0x44,
4991 0x8A, 0x96, 0x72, 0x4D, 0x96, 0xC6, 0x17, 0x0C,
4992 0x36, 0x43, 0x7F, 0xD8, 0xA0, 0x7A, 0x31, 0x7E,
4993 0xCE, 0x13, 0xE3, 0x13, 0x2E, 0xE0, 0x91, 0xC2,
4994 0x61, 0x13, 0x16, 0x8D, 0x99, 0xCB, 0xA9, 0x2C,
4995 0x4D, 0x9D, 0xDD, 0x1D, 0x03, 0xE7, 0xA7, 0x50,
4996 0xF4, 0x16, 0x43, 0xB1, 0x7F, 0x99, 0x61, 0x3F,
4997 0xA5, 0x59, 0x91, 0x16, 0xC3, 0x06, 0x63, 0x59,
4998 0xE9, 0xDA, 0xB5, 0x06, 0x2E, 0x0C, 0xD9, 0xAB,
4999 0x93, 0x89, 0x12, 0x82, 0xFB, 0x90, 0xD9, 0x30,
5000 0x60, 0xF7, 0x35, 0x2D, 0x18, 0x78, 0xEB, 0x2B,
5001 0xA1, 0x06, 0x67, 0x37, 0xDE, 0x72, 0x20, 0xD2,
5002 0x80, 0xE5, 0x2C, 0xD7, 0x5E, 0xC7, 0x67, 0x2D,
5003 0x40, 0xE7, 0x7A, 0xCF, 0x4A, 0x69, 0x9D, 0xA7,
5004 0x90, 0x9F, 0x3B, 0xDF, 0x07, 0x97, 0x64, 0x69,
5005 0x06, 0x4F, 0xBA, 0xF4, 0xE5, 0xBD, 0x71, 0x60,
5006 0x36, 0xB7, 0xA3, 0xDE, 0x76, 0xC5, 0x38, 0xD7,
5007 0x1D, 0x9A, 0xFC, 0x36, 0x3D, 0x3B, 0xDC, 0xCF
5009 static const unsigned char RSA4096_Q
[] = {
5010 0xCD, 0xE6, 0xC6, 0xA6, 0x42, 0x4C, 0x45, 0x65,
5011 0x8B, 0x85, 0x76, 0xFC, 0x21, 0xB6, 0x57, 0x79,
5012 0x3C, 0xE4, 0xE3, 0x85, 0x55, 0x2F, 0x59, 0xD3,
5013 0x3F, 0x74, 0xAF, 0x9F, 0x11, 0x04, 0x10, 0x8B,
5014 0xF9, 0x5F, 0x4D, 0x25, 0xEE, 0x20, 0xF9, 0x69,
5015 0x3B, 0x02, 0xB6, 0x43, 0x0D, 0x0C, 0xED, 0x30,
5016 0x31, 0x57, 0xE7, 0x9A, 0x57, 0x24, 0x6B, 0x4A,
5017 0x5E, 0xA2, 0xBF, 0xD4, 0x47, 0x7D, 0xFA, 0x78,
5018 0x51, 0x86, 0x80, 0x68, 0x85, 0x7C, 0x7B, 0x08,
5019 0x4A, 0x35, 0x24, 0x4F, 0x8B, 0x24, 0x49, 0xF8,
5020 0x16, 0x06, 0x9C, 0x57, 0x4E, 0x94, 0x4C, 0xBD,
5021 0x6E, 0x53, 0x52, 0xC9, 0xC1, 0x64, 0x43, 0x22,
5022 0x1E, 0xDD, 0xEB, 0xAC, 0x90, 0x58, 0xCA, 0xBA,
5023 0x9C, 0xAC, 0xCF, 0xDD, 0x08, 0x6D, 0xB7, 0x31,
5024 0xDB, 0x0D, 0x83, 0xE6, 0x50, 0xA6, 0x69, 0xB1,
5025 0x1C, 0x68, 0x92, 0xB4, 0xB5, 0x76, 0xDE, 0xBD,
5026 0x4F, 0xA5, 0x30, 0xED, 0x23, 0xFF, 0xE5, 0x80,
5027 0x21, 0xAB, 0xED, 0xE6, 0xDC, 0x32, 0x3D, 0xF7,
5028 0x45, 0xB8, 0x19, 0x3D, 0x8E, 0x15, 0x7C, 0xE5,
5029 0x0D, 0xC8, 0x9B, 0x7D, 0x1F, 0x7C, 0x14, 0x14,
5030 0x41, 0x09, 0xA7, 0xEB, 0xFB, 0xD9, 0x5F, 0x9A,
5031 0x94, 0xB6, 0xD5, 0xA0, 0x2C, 0xAF, 0xB5, 0xEF,
5032 0x5C, 0x5A, 0x8E, 0x34, 0xA1, 0x8F, 0xEB, 0x38,
5033 0x0F, 0x31, 0x6E, 0x45, 0x21, 0x7A, 0xAA, 0xAF,
5034 0x6C, 0xB1, 0x8E, 0xB2, 0xB9, 0xD4, 0x1E, 0xEF,
5035 0x66, 0xD8, 0x4E, 0x3D, 0xF2, 0x0C, 0xF1, 0xBA,
5036 0xFB, 0xA9, 0x27, 0xD2, 0x45, 0x54, 0x83, 0x4B,
5037 0x10, 0xC4, 0x9A, 0x32, 0x9C, 0xC7, 0x9A, 0xCF,
5038 0x4E, 0xBF, 0x07, 0xFC, 0x27, 0xB7, 0x96, 0x1D,
5039 0xDE, 0x9D, 0xE4, 0x84, 0x68, 0x00, 0x9A, 0x9F,
5040 0x3D, 0xE6, 0xC7, 0x26, 0x11, 0x48, 0x79, 0xFA,
5041 0x09, 0x76, 0xC8, 0x25, 0x3A, 0xE4, 0x70, 0xF9
5043 static const unsigned char RSA4096_DP
[] = {
5044 0x5C, 0xE3, 0x3E, 0xBF, 0x09, 0xD9, 0xFE, 0x80,
5045 0x9A, 0x1E, 0x24, 0xDF, 0xC4, 0xBE, 0x5A, 0x70,
5046 0x06, 0xF2, 0xB8, 0xE9, 0x0F, 0x21, 0x9D, 0xCF,
5047 0x26, 0x15, 0x97, 0x32, 0x60, 0x40, 0x99, 0xFF,
5048 0x04, 0x3D, 0xBA, 0x39, 0xBF, 0xEB, 0x87, 0xB1,
5049 0xB1, 0x5B, 0x14, 0xF4, 0x80, 0xB8, 0x85, 0x34,
5050 0x2C, 0xBC, 0x95, 0x67, 0xE9, 0x83, 0xEB, 0x78,
5051 0xA4, 0x62, 0x46, 0x7F, 0x8B, 0x55, 0xEE, 0x3C,
5052 0x2F, 0xF3, 0x7E, 0xF5, 0x6B, 0x39, 0xE3, 0xA3,
5053 0x0E, 0xEA, 0x92, 0x76, 0xAC, 0xF7, 0xB2, 0x05,
5054 0xB2, 0x50, 0x5D, 0xF9, 0xB7, 0x11, 0x87, 0xB7,
5055 0x49, 0x86, 0xEB, 0x44, 0x6A, 0x0C, 0x64, 0x75,
5056 0x95, 0x14, 0x24, 0xFF, 0x49, 0x06, 0x52, 0x68,
5057 0x81, 0x71, 0x44, 0x85, 0x26, 0x0A, 0x49, 0xEA,
5058 0x4E, 0x9F, 0x6A, 0x8E, 0xCF, 0xC8, 0xC9, 0xB0,
5059 0x61, 0x77, 0x27, 0x89, 0xB0, 0xFA, 0x1D, 0x51,
5060 0x7D, 0xDC, 0x34, 0x21, 0x80, 0x8B, 0x6B, 0x86,
5061 0x19, 0x1A, 0x5F, 0x19, 0x23, 0xF3, 0xFB, 0xD1,
5062 0xF7, 0x35, 0x9D, 0x28, 0x61, 0x2F, 0x35, 0x85,
5063 0x82, 0x2A, 0x1E, 0xDF, 0x09, 0xC2, 0x0C, 0x99,
5064 0xE0, 0x3C, 0x8F, 0x4B, 0x3D, 0x92, 0xAF, 0x46,
5065 0x77, 0x68, 0x59, 0xF4, 0x37, 0x81, 0x6C, 0xCE,
5066 0x27, 0x8B, 0xAB, 0x0B, 0xA5, 0xDA, 0x7B, 0x19,
5067 0x83, 0xDA, 0x27, 0x49, 0x65, 0x1A, 0x00, 0x6B,
5068 0xE1, 0x8B, 0x73, 0xCD, 0xF4, 0xFB, 0xD7, 0xBF,
5069 0xF8, 0x20, 0x89, 0xE1, 0xDE, 0x51, 0x1E, 0xDD,
5070 0x97, 0x44, 0x12, 0x68, 0x1E, 0xF7, 0x52, 0xF8,
5071 0x6B, 0x93, 0xC1, 0x3B, 0x9F, 0xA1, 0xB8, 0x5F,
5072 0xCB, 0x84, 0x45, 0x95, 0xF7, 0x0D, 0xA6, 0x4B,
5073 0x03, 0x3C, 0xAE, 0x0F, 0xB7, 0x81, 0x78, 0x75,
5074 0x1C, 0x53, 0x99, 0x24, 0xB3, 0xE2, 0x78, 0xCE,
5075 0xF3, 0xF0, 0x09, 0x6C, 0x01, 0x85, 0x73, 0xBD
5077 static const unsigned char RSA4096_DQ
[] = {
5078 0xCD, 0x88, 0xAC, 0x8B, 0x92, 0x6A, 0xA8, 0x6B,
5079 0x71, 0x16, 0xCD, 0x6B, 0x6A, 0x0B, 0xA6, 0xCD,
5080 0xF3, 0x27, 0x58, 0xA6, 0xE4, 0x1D, 0xDC, 0x40,
5081 0xAF, 0x7B, 0x3F, 0x44, 0x3D, 0xAC, 0x1D, 0x08,
5082 0x5C, 0xE9, 0xF1, 0x0D, 0x07, 0xE4, 0x0A, 0x94,
5083 0x2C, 0xBF, 0xCC, 0x48, 0xAA, 0x62, 0x58, 0xF2,
5084 0x5E, 0x8F, 0x2D, 0x36, 0x37, 0xFE, 0xB6, 0xCB,
5085 0x0A, 0x24, 0xD3, 0xF0, 0x87, 0x5D, 0x0E, 0x05,
5086 0xC4, 0xFB, 0xCA, 0x7A, 0x8B, 0xA5, 0x72, 0xFB,
5087 0x17, 0x78, 0x6C, 0xC2, 0xAA, 0x56, 0x93, 0x2F,
5088 0xFE, 0x6C, 0xA2, 0xEB, 0xD4, 0x18, 0xDD, 0x71,
5089 0xCB, 0x0B, 0x89, 0xFC, 0xB3, 0xFB, 0xED, 0xB7,
5090 0xC5, 0xB0, 0x29, 0x6D, 0x9C, 0xB9, 0xC5, 0xC4,
5091 0xFA, 0x58, 0xD7, 0x36, 0x01, 0x0F, 0xE4, 0x6A,
5092 0xF4, 0x0B, 0x4D, 0xBB, 0x3E, 0x8E, 0x9F, 0xBA,
5093 0x98, 0x6D, 0x1A, 0xE5, 0x20, 0xAF, 0x84, 0x30,
5094 0xDD, 0xAC, 0x3C, 0x66, 0xBC, 0x24, 0xD9, 0x67,
5095 0x4A, 0x35, 0x61, 0xC9, 0xAD, 0xCC, 0xC9, 0x66,
5096 0x68, 0x46, 0x19, 0x8C, 0x04, 0xA5, 0x16, 0x83,
5097 0x5F, 0x7A, 0xFD, 0x1B, 0xAD, 0xAE, 0x22, 0x2D,
5098 0x05, 0xAF, 0x29, 0xDC, 0xBB, 0x0E, 0x86, 0x0C,
5099 0xBC, 0x9E, 0xB6, 0x28, 0xA9, 0xF2, 0xCC, 0x5E,
5100 0x1F, 0x86, 0x95, 0xA5, 0x9C, 0x11, 0x19, 0xF0,
5101 0x5F, 0xDA, 0x2C, 0x04, 0xFE, 0x22, 0x80, 0xF7,
5102 0x94, 0x3C, 0xBA, 0x01, 0x56, 0xD6, 0x93, 0xFA,
5103 0xCE, 0x62, 0xE5, 0xD7, 0x98, 0x23, 0xAB, 0xB9,
5104 0xC7, 0x35, 0x57, 0xF6, 0xE2, 0x16, 0x36, 0xE9,
5105 0x5B, 0xD7, 0xA5, 0x45, 0x18, 0x93, 0x77, 0xC9,
5106 0xB1, 0x05, 0xA8, 0x66, 0xE1, 0x0E, 0xB5, 0xDF,
5107 0x23, 0x35, 0xE1, 0xC2, 0xFA, 0x3E, 0x80, 0x1A,
5108 0xAD, 0xA4, 0x0C, 0xEF, 0xC7, 0x18, 0xDE, 0x09,
5109 0xE6, 0x20, 0x98, 0x31, 0xF1, 0xD3, 0xCF, 0xA1
5111 static const unsigned char RSA4096_IQ
[] = {
5112 0x76, 0xD7, 0x75, 0xDF, 0xA3, 0x0C, 0x9D, 0x64,
5113 0x6E, 0x00, 0x82, 0x2E, 0x5C, 0x5E, 0x43, 0xC4,
5114 0xD2, 0x28, 0xB0, 0xB1, 0xA8, 0xD8, 0x26, 0x91,
5115 0xA0, 0xF5, 0xC8, 0x69, 0xFF, 0x24, 0x33, 0xAB,
5116 0x67, 0xC7, 0xA3, 0xAE, 0xBB, 0x17, 0x27, 0x5B,
5117 0x5A, 0xCD, 0x67, 0xA3, 0x70, 0x91, 0x9E, 0xD5,
5118 0xF1, 0x97, 0x00, 0x0A, 0x30, 0x64, 0x3D, 0x9B,
5119 0xBF, 0xB5, 0x8C, 0xAC, 0xC7, 0x20, 0x0A, 0xD2,
5120 0x76, 0x36, 0x36, 0x5D, 0xE4, 0xAC, 0x5D, 0xBC,
5121 0x44, 0x32, 0xB0, 0x76, 0x33, 0x40, 0xDD, 0x29,
5122 0x22, 0xE0, 0xFF, 0x55, 0x4C, 0xCE, 0x3F, 0x43,
5123 0x34, 0x95, 0x94, 0x7C, 0x22, 0x0D, 0xAB, 0x20,
5124 0x38, 0x70, 0xC3, 0x4A, 0x19, 0xCF, 0x81, 0xCE,
5125 0x79, 0x28, 0x6C, 0xC2, 0xA3, 0xB3, 0x48, 0x20,
5126 0x2D, 0x3E, 0x74, 0x45, 0x2C, 0xAA, 0x9F, 0xA5,
5127 0xC2, 0xE3, 0x2D, 0x41, 0x95, 0xBD, 0x78, 0xAB,
5128 0x6A, 0xA8, 0x7A, 0x45, 0x52, 0xE2, 0x66, 0xE7,
5129 0x6C, 0x38, 0x03, 0xA5, 0xDA, 0xAD, 0x94, 0x3C,
5130 0x6A, 0xA1, 0xA2, 0xD5, 0xCD, 0xDE, 0x05, 0xCC,
5131 0x6E, 0x3D, 0x8A, 0xF6, 0x9A, 0xA5, 0x0F, 0xA9,
5132 0x18, 0xC4, 0xF9, 0x9C, 0x2F, 0xB3, 0xF1, 0x30,
5133 0x38, 0x60, 0x69, 0x09, 0x67, 0x2C, 0xE9, 0x42,
5134 0x68, 0x3C, 0x70, 0x32, 0x1A, 0x44, 0x32, 0x02,
5135 0x82, 0x9F, 0x60, 0xE8, 0xA4, 0x42, 0x74, 0xA2,
5136 0xA2, 0x5A, 0x99, 0xDC, 0xC8, 0xCA, 0x15, 0x4D,
5137 0xFF, 0xF1, 0x8A, 0x23, 0xD8, 0xD3, 0xB1, 0x9A,
5138 0xB4, 0x0B, 0xBB, 0xE8, 0x38, 0x74, 0x0C, 0x52,
5139 0xC7, 0x8B, 0x63, 0x4C, 0xEA, 0x7D, 0x5F, 0x58,
5140 0x34, 0x53, 0x3E, 0x23, 0x10, 0xBB, 0x60, 0x6B,
5141 0x52, 0x9D, 0x89, 0x9F, 0xF0, 0x5F, 0xCE, 0xB3,
5142 0x9C, 0x0E, 0x75, 0x0F, 0x87, 0xF6, 0x66, 0xA5,
5143 0x4C, 0x94, 0x84, 0xFE, 0x94, 0xB9, 0x04, 0xB7
5146 static const br_rsa_public_key RSA4096_PK
= {
5147 (void *)RSA4096_N
, sizeof RSA4096_N
,
5148 (void *)RSA4096_E
, sizeof RSA4096_E
5151 static const br_rsa_private_key RSA4096_SK
= {
5153 (void *)RSA4096_P
, sizeof RSA4096_P
,
5154 (void *)RSA4096_Q
, sizeof RSA4096_Q
,
5155 (void *)RSA4096_DP
, sizeof RSA4096_DP
,
5156 (void *)RSA4096_DQ
, sizeof RSA4096_DQ
,
5157 (void *)RSA4096_IQ
, sizeof RSA4096_IQ
5161 test_RSA_core(const char *name
, br_rsa_public fpub
, br_rsa_private fpriv
)
5163 unsigned char t1
[512], t2
[512], t3
[512];
5166 printf("Test %s: ", name
);
5170 * A KAT test (computed with OpenSSL).
5172 len
= hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
5173 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
5174 memcpy(t3
, t1
, len
);
5175 if (!fpub(t3
, len
, &RSA_PK
)) {
5176 fprintf(stderr
, "RSA public operation failed (1)\n");
5179 check_equals("KAT RSA pub", t2
, t3
, len
);
5180 if (!fpriv(t3
, &RSA_SK
)) {
5181 fprintf(stderr
, "RSA private operation failed (1)\n");
5184 check_equals("KAT RSA priv (1)", t1
, t3
, len
);
5187 * Another KAT test, with a (fake) hash value slightly different
5188 * (last byte is 0xD9 instead of 0xD3).
5190 len
= hextobin(t1
, "32C2DB8B2C73BBCA9960CB3F11FEDEE7B699359EF2EEC3A632E56B7FF3DE2F371E5179BAB03F17E0BB20D2891ACAB679F95DA9B43A01DAAD192FADD25D8ACCF1498EC80F5BBCAC88EA59D60E3BC9D3CE27743981DE42385FFFFF04DD2D716E1A46C04A28ECAF6CD200DAB81083A830D61538D69BB39A183107BD50302AA6BC28");
5191 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD9");
5192 memcpy(t3
, t1
, len
);
5193 if (!fpub(t3
, len
, &RSA_PK
)) {
5194 fprintf(stderr
, "RSA public operation failed (2)\n");
5197 check_equals("KAT RSA pub", t2
, t3
, len
);
5198 if (!fpriv(t3
, &RSA_SK
)) {
5199 fprintf(stderr
, "RSA private operation failed (2)\n");
5202 check_equals("KAT RSA priv (2)", t1
, t3
, len
);
5205 * Third KAT vector is invalid, because the encrypted value is
5206 * out of range: instead of x, value is x+n (where n is the
5207 * modulus). Mathematically, this still works, but implementations
5208 * are supposed to reject such cases.
5210 len
= hextobin(t1
, "F27781B9B3B358583A24F9BA6B34EE98B67A5AE8D8D4FA567BA773EB6B85EF88848680640A1E2F5FD117876E5FB928B64C6EFC7E03632A3F4C941E15657C0C705F3BB8D0B03A0249143674DB1FE6E5406D690BF2DA76EA7FF3AC6FCE12C7801252FAD52D332BE4AB41F9F8CF1728CDF98AB8E8C20E0C350E4F707A6402C01E0B");
5211 hextobin(t2
, "BFB6A62E873F9C8DA0C42E7B59360FB0FFE12549E5E636B048C2086B77A7C051663506A959DF177F15F6B4E544EE723C531152C9C9614F923364704307F13F7F15ACF0C1547D55C029DC9ECCE41D117245F4D270FC34B21FF3AD6AEFE58633281540902F547F79F3461F44D33CCB2D094231ADCC76BE25511B4513BB70491DBC");
5212 memcpy(t3
, t1
, len
);
5213 if (fpub(t3
, len
, &RSA_PK
)) {
5215 fprintf(stderr
, "RSA public operation should have failed"
5216 " (value out of range)\n");
5217 fprintf(stderr
, "x = ");
5218 for (u
= 0; u
< len
; u
++) {
5219 fprintf(stderr
, "%02X", t3
[u
]);
5221 fprintf(stderr
, "\n");
5224 memcpy(t3
, t2
, len
);
5225 if (fpriv(t3
, &RSA_SK
)) {
5227 fprintf(stderr
, "RSA private operation should have failed"
5228 " (value out of range)\n");
5229 fprintf(stderr
, "x = ");
5230 for (u
= 0; u
< len
; u
++) {
5231 fprintf(stderr
, "%02X", t3
[u
]);
5233 fprintf(stderr
, "\n");
5238 * RSA-2048 test vector.
5240 len
= hextobin(t1
, "B188ED4EF173A30AED3889926E3CF1CE03FE3BAA7AB122B119A8CD529062F235A7B321008FB898894A624B3E6C8C5374950E78FAC86651345FE2ABA0791968284F23B0D794F8DCDDA924518854822CB7FF2AA9F205AACD909BB5EA541534CC00DBC2EF7727B9FE1BAFE6241B931E8BD01E13632E5AF9E94F4A335772B61F24D6F6AA642AEABB173E36F546CB02B19A1E5D4E27E3EB67F2E986E9F084D4BD266543800B1DC96088A05DFA9AFA595398E9A766D41DD8DA4F74F36C9D74867F0BF7BFA8622EE43C79DA0CEAC14B5D39DE074BDB89D84145BC19D8B2D0EA74DBF2DC29E907BF7C7506A2603CD8BC25EFE955D0125EDB2685EF158B020C9FC539242A");
5241 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003031300D060960864801650304020105000420A5A0A792A09438811584A68E240C6C89F1FB1C53C0C86E270B942635F4F6B24A");
5242 memcpy(t3
, t1
, len
);
5243 if (!fpub(t3
, len
, &RSA2048_PK
)) {
5244 fprintf(stderr
, "RSA public operation failed (2048)\n");
5247 check_equals("KAT RSA pub", t2
, t3
, len
);
5248 if (!fpriv(t3
, &RSA2048_SK
)) {
5249 fprintf(stderr
, "RSA private operation failed (2048)\n");
5252 check_equals("KAT RSA priv (2048)", t1
, t3
, len
);
5255 * RSA-4096 test vector.
5257 len
= hextobin(t1
, "7D35B6B4D85252D08A2658C0B04126CC617B0E56B2A782A5FA2722AD05BD49538111682C12DA2C5FA1B9C30FB1AB8DA2C6A49EB4226A4D32290CF091FBB22EC499C7B18192C230B29F957DAF551F1EAD1917BA9E03D757100BD1F96B829708A6188A3927436113BB21E175D436BBB7A90E20162203FFB8F675313DFB21EFDA3EA0C7CC9B605AE7FB47E2DD2A9C4D5F124D7DE1B690AF9ADFEDC6055E0F9D2C9A891FB2501F3055D6DA7E94D51672BA1E86AEB782E4B020F70E0DF5399262909FC5B4770B987F2826EF2099A15F3CD5A0D6FE82E0C85FBA2C53C77305F534A7B0C7EA0D5244E37F1C1318EEF7079995F0642E4AB80EB0ED60DB4955FB652ED372DAC787581054A827C37A25C7B4DE7AE7EF3D099D47D6682ADF02BCC4DE04DDF2920F7124CF5B4955705E4BDB97A0BF341B584797878B4D3795134A9469FB391E4E4988F0AA451027CBC2ED6121FC23B26BF593E3C51DEDD53B62E23050D5B41CA34204679916A87AF1B17873A0867924D0C303942ADA478B769487FCEF861D4B20DCEE6942CCB84184833CDB258167258631C796BC1977D001354E2EE168ABE3B45FC969EA7F22B8E133C57A10FBB25ED19694E89C399CF7723B3C0DF0CC9F57A8ED0959EFC392FB31B8ADAEA969E2DEE8282CB245E5677368F00CCE4BA52C07C16BE7F9889D57191D5B2FE552D72B3415C64C09EE622457766EC809344A1EFE");
5258 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003031300D0609608648016503040201050004205B60DD5AD5B3C62E0DA25FD0D8CB26325E1CE32CC9ED234B288235BCCF6ED2C8");
5259 memcpy(t3
, t1
, len
);
5260 if (!fpub(t3
, len
, &RSA4096_PK
)) {
5261 fprintf(stderr
, "RSA public operation failed (4096)\n");
5264 check_equals("KAT RSA pub", t2
, t3
, len
);
5265 if (!fpriv(t3
, &RSA4096_SK
)) {
5266 fprintf(stderr
, "RSA private operation failed (4096)\n");
5269 check_equals("KAT RSA priv (4096)", t1
, t3
, len
);
5275 static const unsigned char SHA1_OID
[] = {
5276 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
5280 test_RSA_sign(const char *name
, br_rsa_private fpriv
,
5281 br_rsa_pkcs1_sign fsign
, br_rsa_pkcs1_vrfy fvrfy
)
5283 unsigned char t1
[128], t2
[128];
5284 unsigned char hv
[20], tmp
[20];
5285 unsigned char rsa_n
[128], rsa_e
[3], rsa_p
[64], rsa_q
[64];
5286 unsigned char rsa_dp
[64], rsa_dq
[64], rsa_iq
[64];
5287 br_rsa_public_key rsa_pk
;
5288 br_rsa_private_key rsa_sk
;
5289 unsigned char hv2
[64], tmp2
[64], sig
[128];
5293 printf("Test %s: ", name
);
5297 * Verify the KAT test (computed with OpenSSL).
5299 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
5301 br_sha1_update(&hc
, "test", 4);
5302 br_sha1_out(&hc
, hv
);
5303 if (!fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
5304 fprintf(stderr
, "Signature verification failed\n");
5307 check_equals("Extracted hash value", hv
, tmp
, sizeof tmp
);
5310 * Regenerate the signature. This should yield the same value as
5311 * the KAT test, since PKCS#1 v1.5 signatures are deterministic
5312 * (except the usual detail about hash function parameter
5313 * encoding, but OpenSSL uses the same convention as BearSSL).
5315 if (!fsign(SHA1_OID
, hv
, 20, &RSA_SK
, t2
)) {
5316 fprintf(stderr
, "Signature generation failed\n");
5319 check_equals("Regenerated signature", t1
, t2
, sizeof t1
);
5322 * Use the raw private core to generate fake signatures, where
5323 * one byte of the padded hash value is altered. They should all be
5326 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
5327 for (u
= 0; u
< (sizeof t2
) - 20; u
++) {
5328 memcpy(t1
, t2
, sizeof t2
);
5330 if (!fpriv(t1
, &RSA_SK
)) {
5331 fprintf(stderr
, "RSA private key operation failed\n");
5334 if (fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
5336 "Signature verification should have failed\n");
5344 * Another KAT test, which historically showed a bug.
5347 rsa_pk
.nlen
= hextobin(rsa_n
, "E65DAEF196D22C300B3DAE1CE5157EDF821BB6038E419D8D363A8B2DA84A1321042330E6F87A8BD8FE6BA1D2A17031955ED2315CC5FD2397197E238A5E0D2D0AFD25717E814EC4D2BBA887327A3C5B3A450FD8D547BDFCBB0F73B997CA13DD5E7572C4D5BAA764A349BAB2F868ACF4574AE2C7AEC94B77D2EE00A21B6CB175BB");
5349 rsa_pk
.elen
= hextobin(rsa_e
, "010001");
5351 rsa_sk
.n_bitlen
= 1024;
5353 rsa_sk
.plen
= hextobin(rsa_p
, "FF58513DBA4F3F42DFDFD3E6AFB6BD62DE27E06BA3C9D9F9B542CB21228C2AAE67936514161C8FDC1A248A50195CAF22ADC50DA89BFED1B9EEFBB37304241357");
5355 rsa_sk
.qlen
= hextobin(rsa_q
, "E6F4F66818B7442297DDEB45E9B3D438E5B57BB5EF86EFF2462AD6B9C10F383517CDD2E7E36EAD4BEBCC57CFE8AA985F7E7B38B96D30FFBE9ED9FE21B1CFB63D");
5357 rsa_sk
.dplen
= hextobin(rsa_dp
, "6F89517B682D83919F9EF2BDBA955526A1A9C382E139A3A84AC01160B8E9871F458901C7035D988D6931FAE4C01F57350BB89E9DBEFE50F829E6F25CD43B39E3");
5359 rsa_sk
.dqlen
= hextobin(rsa_dq
, "409E08D2D7176F58BE64B88EB6F4394C31F8B4C412600E821A5FA1F416AFCB6A0F5EE6C33A3E9CFDC0DB4B3640427A9F3D23FC9AE491F0FBC435F98433DB8981");
5361 rsa_sk
.iqlen
= hextobin(rsa_iq
, "CF333D6AD66D02B4D11C8C23CA669D14D71803ADC3943BE03B1E48F52F385BCFDDFD0F85AD02A984E504FC6612549D4E7867B7D09DD13196BFC3FAA4B57393A9");
5362 hextobin(sig
, "CFB84D161E6DB130736FC6212EBE575571AF341CEF5757C19952A5364C90E3C47549E520E26253DAE70F645F31FA8B5DA9AE282741D3CA4B1CC365B7BD75D6D61D4CFD9AD9EDD17D23E0BA7D9775138DBABC7FF2A57587FE1EA1B51E8F3C68326E26FF89D8CF92BDD4C787D04857DFC3266E6B33B92AA08809929C72642F35C2");
5364 hextobin(hv2
, "F66C62B38E1CC69C378C0E16574AE5C6443FDFA3E85C6205C00B3231CAA3074EC1481BDC22AB575E6CF3CCD9EDA6B39F83923FC0E6475C799D257545F77233B4");
5365 if (!fsign(BR_HASH_OID_SHA512
, hv2
, 64, &rsa_sk
, t2
)) {
5366 fprintf(stderr
, "Signature generation failed (2)\n");
5369 check_equals("Regenerated signature (2)", t2
, sig
, sizeof t2
);
5370 if (!fvrfy(t2
, sizeof t2
, BR_HASH_OID_SHA512
,
5371 sizeof tmp2
, &rsa_pk
, tmp2
))
5373 fprintf(stderr
, "Signature verification failed (2)\n");
5376 check_equals("Extracted hash value (2)", hv2
, tmp2
, sizeof tmp2
);
5383 * Test vectors from pkcs-1v2-1d2-vec.zip (originally from ftp.rsa.com).
5384 * There are ten RSA keys, and for each RSA key, there are 6 messages,
5385 * each with an explicit seed.
5389 * public exponent (e)
5392 * first private exponent (dp)
5393 * second private exponent (dq)
5394 * CRT coefficient (iq)
5396 * seed 1 (20-byte random value)
5399 * seed 2 (20-byte random value)
5403 * seed 6 (20-byte random value)
5406 * This pattern is repeated for all keys. The array stops on a NULL.
5408 static const char *KAT_RSA_OAEP
[] = {
5409 /* 1024-bit key, from oeap-int.txt */
5410 "BBF82F090682CE9C2338AC2B9DA871F7368D07EED41043A440D6B6F07454F51FB8DFBAAF035C02AB61EA48CEEB6FCD4876ED520D60E1EC4619719D8A5B8B807FAFB8E0A3DFC737723EE6B4B7D93A2584EE6A649D060953748834B2454598394EE0AAB12D7B61A51F527A9A41F6C1687FE2537298CA2A8F5946F8E5FD091DBDCB",
5412 "EECFAE81B1B9B3C908810B10A1B5600199EB9F44AEF4FDA493B81A9E3D84F632124EF0236E5D1E3B7E28FAE7AA040A2D5B252176459D1F397541BA2A58FB6599",
5413 "C97FB1F027F453F6341233EAAAD1D9353F6C42D08866B1D05A0F2035028B9D869840B41666B42E92EA0DA3B43204B5CFCE3352524D0416A5A441E700AF461503",
5414 "54494CA63EBA0337E4E24023FCD69A5AEB07DDDC0183A4D0AC9B54B051F2B13ED9490975EAB77414FF59C1F7692E9A2E202B38FC910A474174ADC93C1F67C981",
5415 "471E0290FF0AF0750351B7F878864CA961ADBD3A8A7E991C5C0556A94C3146A7F9803F8F6F8AE342E931FD8AE47A220D1B99A495849807FE39F9245A9836DA3D",
5416 "B06C4FDABB6301198D265BDBAE9423B380F271F73453885093077FCD39E2119FC98632154F5883B167A967BF402B4E9E2E0F9656E698EA3666EDFB25798039F7",
5418 /* oaep-int.txt contains only one message, so we repeat it six
5419 times to respect our array format. */
5420 "D436E99569FD32A7C8A05BBC90D32C49",
5421 "AAFD12F659CAE63489B479E5076DDEC2F06CB58F",
5422 "1253E04DC0A5397BB44A7AB87E9BF2A039A33D1E996FC82A94CCD30074C95DF763722017069E5268DA5D1C0B4F872CF653C11DF82314A67968DFEAE28DEF04BB6D84B1C31D654A1970E5783BD6EB96A024C2CA2F4A90FE9F2EF5C9C140E5BB48DA9536AD8700C84FC9130ADEA74E558D51A74DDF85D8B50DE96838D6063E0955",
5424 "D436E99569FD32A7C8A05BBC90D32C49",
5425 "AAFD12F659CAE63489B479E5076DDEC2F06CB58F",
5426 "1253E04DC0A5397BB44A7AB87E9BF2A039A33D1E996FC82A94CCD30074C95DF763722017069E5268DA5D1C0B4F872CF653C11DF82314A67968DFEAE28DEF04BB6D84B1C31D654A1970E5783BD6EB96A024C2CA2F4A90FE9F2EF5C9C140E5BB48DA9536AD8700C84FC9130ADEA74E558D51A74DDF85D8B50DE96838D6063E0955",
5428 "D436E99569FD32A7C8A05BBC90D32C49",
5429 "AAFD12F659CAE63489B479E5076DDEC2F06CB58F",
5430 "1253E04DC0A5397BB44A7AB87E9BF2A039A33D1E996FC82A94CCD30074C95DF763722017069E5268DA5D1C0B4F872CF653C11DF82314A67968DFEAE28DEF04BB6D84B1C31D654A1970E5783BD6EB96A024C2CA2F4A90FE9F2EF5C9C140E5BB48DA9536AD8700C84FC9130ADEA74E558D51A74DDF85D8B50DE96838D6063E0955",
5432 "D436E99569FD32A7C8A05BBC90D32C49",
5433 "AAFD12F659CAE63489B479E5076DDEC2F06CB58F",
5434 "1253E04DC0A5397BB44A7AB87E9BF2A039A33D1E996FC82A94CCD30074C95DF763722017069E5268DA5D1C0B4F872CF653C11DF82314A67968DFEAE28DEF04BB6D84B1C31D654A1970E5783BD6EB96A024C2CA2F4A90FE9F2EF5C9C140E5BB48DA9536AD8700C84FC9130ADEA74E558D51A74DDF85D8B50DE96838D6063E0955",
5436 "D436E99569FD32A7C8A05BBC90D32C49",
5437 "AAFD12F659CAE63489B479E5076DDEC2F06CB58F",
5438 "1253E04DC0A5397BB44A7AB87E9BF2A039A33D1E996FC82A94CCD30074C95DF763722017069E5268DA5D1C0B4F872CF653C11DF82314A67968DFEAE28DEF04BB6D84B1C31D654A1970E5783BD6EB96A024C2CA2F4A90FE9F2EF5C9C140E5BB48DA9536AD8700C84FC9130ADEA74E558D51A74DDF85D8B50DE96838D6063E0955",
5440 "D436E99569FD32A7C8A05BBC90D32C49",
5441 "AAFD12F659CAE63489B479E5076DDEC2F06CB58F",
5442 "1253E04DC0A5397BB44A7AB87E9BF2A039A33D1E996FC82A94CCD30074C95DF763722017069E5268DA5D1C0B4F872CF653C11DF82314A67968DFEAE28DEF04BB6D84B1C31D654A1970E5783BD6EB96A024C2CA2F4A90FE9F2EF5C9C140E5BB48DA9536AD8700C84FC9130ADEA74E558D51A74DDF85D8B50DE96838D6063E0955",
5445 "A8B3B284AF8EB50B387034A860F146C4919F318763CD6C5598C8AE4811A1E0ABC4C7E0B082D693A5E7FCED675CF4668512772C0CBC64A742C6C630F533C8CC72F62AE833C40BF25842E984BB78BDBF97C0107D55BDB662F5C4E0FAB9845CB5148EF7392DD3AAFF93AE1E6B667BB3D4247616D4F5BA10D4CFD226DE88D39F16FB",
5447 "D32737E7267FFE1341B2D5C0D150A81B586FB3132BED2F8D5262864A9CB9F30AF38BE448598D413A172EFB802C21ACF1C11C520C2F26A471DCAD212EAC7CA39D",
5448 "CC8853D1D54DA630FAC004F471F281C7B8982D8224A490EDBEB33D3E3D5CC93C4765703D1DD791642F1F116A0DD852BE2419B2AF72BFE9A030E860B0288B5D77",
5449 "0E12BF1718E9CEF5599BA1C3882FE8046A90874EEFCE8F2CCC20E4F2741FB0A33A3848AEC9C9305FBECBD2D76819967D4671ACC6431E4037968DB37878E695C1",
5450 "95297B0F95A2FA67D00707D609DFD4FC05C89DAFC2EF6D6EA55BEC771EA333734D9251E79082ECDA866EFEF13C459E1A631386B7E354C899F5F112CA85D71583",
5451 "4F456C502493BDC0ED2AB756A3A6ED4D67352A697D4216E93212B127A63D5411CE6FA98D5DBEFD73263E3728142743818166ED7DD63687DD2A8CA1D2F4FBD8E1",
5453 "6628194E12073DB03BA94CDA9EF9532397D50DBA79B987004AFEFE34",
5454 "18B776EA21069D69776A33E96BAD48E1DDA0A5EF",
5455 "354FE67B4A126D5D35FE36C777791A3F7BA13DEF484E2D3908AFF722FAD468FB21696DE95D0BE911C2D3174F8AFCC201035F7B6D8E69402DE5451618C21A535FA9D7BFC5B8DD9FC243F8CF927DB31322D6E881EAA91A996170E657A05A266426D98C88003F8477C1227094A0D9FA1E8C4024309CE1ECCCB5210035D47AC72E8A",
5457 "750C4047F547E8E41411856523298AC9BAE245EFAF1397FBE56F9DD5",
5458 "0CC742CE4A9B7F32F951BCB251EFD925FE4FE35F",
5459 "640DB1ACC58E0568FE5407E5F9B701DFF8C3C91E716C536FC7FCEC6CB5B71C1165988D4A279E1577D730FC7A29932E3F00C81515236D8D8E31017A7A09DF4352D904CDEB79AA583ADCC31EA698A4C05283DABA9089BE5491F67C1A4EE48DC74BBBE6643AEF846679B4CB395A352D5ED115912DF696FFE0702932946D71492B44",
5461 "D94AE0832E6445CE42331CB06D531A82B1DB4BAAD30F746DC916DF24D4E3C2451FFF59A6423EB0E1D02D4FE646CF699DFD818C6E97B051",
5462 "2514DF4695755A67B288EAF4905C36EEC66FD2FD",
5463 "423736ED035F6026AF276C35C0B3741B365E5F76CA091B4E8C29E2F0BEFEE603595AA8322D602D2E625E95EB81B2F1C9724E822ECA76DB8618CF09C5343503A4360835B5903BC637E3879FB05E0EF32685D5AEC5067CD7CC96FE4B2670B6EAC3066B1FCF5686B68589AAFB7D629B02D8F8625CA3833624D4800FB081B1CF94EB",
5465 "52E650D98E7F2A048B4F86852153B97E01DD316F346A19F67A85",
5466 "C4435A3E1A18A68B6820436290A37CEFB85DB3FB",
5467 "45EAD4CA551E662C9800F1ACA8283B0525E6ABAE30BE4B4ABA762FA40FD3D38E22ABEFC69794F6EBBBC05DDBB11216247D2F412FD0FBA87C6E3ACD888813646FD0E48E785204F9C3F73D6D8239562722DDDD8771FEC48B83A31EE6F592C4CFD4BC88174F3B13A112AAE3B9F7B80E0FC6F7255BA880DC7D8021E22AD6A85F0755",
5469 "8DA89FD9E5F974A29FEFFB462B49180F6CF9E802",
5470 "B318C42DF3BE0F83FEA823F5A7B47ED5E425A3B5",
5471 "36F6E34D94A8D34DAACBA33A2139D00AD85A9345A86051E73071620056B920E219005855A213A0F23897CDCD731B45257C777FE908202BEFDD0B58386B1244EA0CF539A05D5D10329DA44E13030FD760DCD644CFEF2094D1910D3F433E1C7C6DD18BC1F2DF7F643D662FB9DD37EAD9059190F4FA66CA39E869C4EB449CBDC439",
5474 "E4EC0982C2336F3A677F6A356174EB0CE887ABC2",
5475 "42CEE2617B1ECEA4DB3F4829386FBD61DAFBF038E180D837C96366DF24C097B4AB0FAC6BDF590D821C9F10642E681AD05B8D78B378C0F46CE2FAD63F74E0AD3DF06B075D7EB5F5636F8D403B9059CA761B5C62BB52AA45002EA70BAACE08DED243B9D8CBD62A68ADE265832B56564E43A6FA42ED199A099769742DF1539E8255",
5478 "01947C7FCE90425F47279E70851F25D5E62316FE8A1DF19371E3E628E260543E4901EF6081F68C0B8141190D2AE8DABA7D1250EC6DB636E944EC3722877C7C1D0A67F14B1694C5F0379451A43E49A32DDE83670B73DA91A1C99BC23B436A60055C610F0BAF99C1A079565B95A3F1526632D1D4DA60F20EDA25E653C4F002766F45",
5480 "0159DBDE04A33EF06FB608B80B190F4D3E22BCC13AC8E4A081033ABFA416EDB0B338AA08B57309EA5A5240E7DC6E54378C69414C31D97DDB1F406DB3769CC41A43",
5481 "012B652F30403B38B40995FD6FF41A1ACC8ADA70373236B7202D39B2EE30CFB46DB09511F6F307CC61CC21606C18A75B8A62F822DF031BA0DF0DAFD5506F568BD7",
5482 "436EF508DE736519C2DA4C580D98C82CB7452A3FB5EFADC3B9C7789A1BC6584F795ADDBBD32439C74686552ECB6C2C307A4D3AF7F539EEC157248C7B31F1A255",
5483 "012B15A89F3DFB2B39073E73F02BDD0C1A7B379DD435F05CDDE2EFF9E462948B7CEC62EE9050D5E0816E0785A856B49108DCB75F3683874D1CA6329A19013066FF",
5484 "0270DB17D5914B018D76118B24389A7350EC836B0063A21721236FD8EDB6D89B51E7EEB87B611B7132CB7EA7356C23151C1E7751507C786D9EE1794170A8C8E8",
5486 "8FF00CAA605C702830634D9A6C3D42C652B58CF1D92FEC570BEEE7",
5487 "8C407B5EC2899E5099C53E8CE793BF94E71B1782",
5488 "0181AF8922B9FCB4D79D92EBE19815992FC0C1439D8BCD491398A0F4AD3A329A5BD9385560DB532683C8B7DA04E4B12AED6AACDF471C34C9CDA891ADDCC2DF3456653AA6382E9AE59B54455257EB099D562BBE10453F2B6D13C59C02E10F1F8ABB5DA0D0570932DACF2D0901DB729D0FEFCC054E70968EA540C81B04BCAEFE720E",
5491 "B600CF3C2E506D7F16778C910D3A8B003EEE61D5",
5492 "018759FF1DF63B2792410562314416A8AEAF2AC634B46F940AB82D64DBF165EEE33011DA749D4BAB6E2FCD18129C9E49277D8453112B429A222A8471B070993998E758861C4D3F6D749D91C4290D332C7A4AB3F7EA35FF3A07D497C955FF0FFC95006B62C6D296810D9BFAB024196C7934012C2DF978EF299ABA239940CBA10245",
5494 "74FC88C51BC90F77AF9D5E9A4A70133D4B4E0B34DA3C37C7EF8E",
5495 "A73768AEEAA91F9D8C1ED6F9D2B63467F07CCAE3",
5496 "018802BAB04C60325E81C4962311F2BE7C2ADCE93041A00719C88F957575F2C79F1B7BC8CED115C706B311C08A2D986CA3B6A9336B147C29C6F229409DDEC651BD1FDD5A0B7F610C9937FDB4A3A762364B8B3206B4EA485FD098D08F63D4AA8BB2697D027B750C32D7F74EAF5180D2E9B66B17CB2FA55523BC280DA10D14BE2053",
5498 "A7EB2A5036931D27D4E891326D99692FFADDA9BF7EFD3E34E622C4ADC085F721DFE885072C78A203B151739BE540FA8C153A10F00A",
5499 "9A7B3B0E708BD96F8190ECAB4FB9B2B3805A8156",
5500 "00A4578CBC176318A638FBA7D01DF15746AF44D4F6CD96D7E7C495CBF425B09C649D32BF886DA48FBAF989A2117187CAFB1FB580317690E3CCD446920B7AF82B31DB5804D87D01514ACBFA9156E782F867F6BED9449E0E9A2C09BCECC6AA087636965E34B3EC766F2FE2E43018A2FDDEB140616A0E9D82E5331024EE0652FC7641",
5502 "2EF2B066F854C33F3BDCBB5994A435E73D6C6C",
5503 "EB3CEBBC4ADC16BB48E88C8AEC0E34AF7F427FD3",
5504 "00EBC5F5FDA77CFDAD3C83641A9025E77D72D8A6FB33A810F5950F8D74C73E8D931E8634D86AB1246256AE07B6005B71B7F2FB98351218331CE69B8FFBDC9DA08BBC9C704F876DEB9DF9FC2EC065CAD87F9090B07ACC17AA7F997B27ACA48806E897F771D95141FE4526D8A5301B678627EFAB707FD40FBEBD6E792A25613E7AEC",
5506 "8A7FB344C8B6CB2CF2EF1F643F9A3218F6E19BBA89C0",
5507 "4C45CF4D57C98E3D6D2095ADC51C489EB50DFF84",
5508 "010839EC20C27B9052E55BEFB9B77E6FC26E9075D7A54378C646ABDF51E445BD5715DE81789F56F1803D9170764A9E93CB78798694023EE7393CE04BC5D8F8C5A52C171D43837E3ACA62F609EB0AA5FFB0960EF04198DD754F57F7FBE6ABF765CF118B4CA443B23B5AAB266F952326AC4581100644325F8B721ACD5D04FF14EF3A",
5511 "AE45ED5601CEC6B8CC05F803935C674DDBE0D75C4C09FD7951FC6B0CAEC313A8DF39970C518BFFBA5ED68F3F0D7F22A4029D413F1AE07E4EBE9E4177CE23E7F5404B569E4EE1BDCF3C1FB03EF113802D4F855EB9B5134B5A7C8085ADCAE6FA2FA1417EC3763BE171B0C62B760EDE23C12AD92B980884C641F5A8FAC26BDAD4A03381A22FE1B754885094C82506D4019A535A286AFEB271BB9BA592DE18DCF600C2AEEAE56E02F7CF79FC14CF3BDC7CD84FEBBBF950CA90304B2219A7AA063AEFA2C3C1980E560CD64AFE779585B6107657B957857EFDE6010988AB7DE417FC88D8F384C4E6E72C3F943E0C31C0C4A5CC36F879D8A3AC9D7D59860EAADA6B83BB",
5513 "ECF5AECD1E5515FFFACBD75A2816C6EBF49018CDFB4638E185D66A7396B6F8090F8018C7FD95CC34B857DC17F0CC6516BB1346AB4D582CADAD7B4103352387B70338D084047C9D9539B6496204B3DD6EA442499207BEC01F964287FF6336C3984658336846F56E46861881C10233D2176BF15A5E96DDC780BC868AA77D3CE769",
5514 "BC46C464FC6AC4CA783B0EB08A3C841B772F7E9B2F28BABD588AE885E1A0C61E4858A0FB25AC299990F35BE85164C259BA1175CDD7192707135184992B6C29B746DD0D2CABE142835F7D148CC161524B4A09946D48B828473F1CE76B6CB6886C345C03E05F41D51B5C3A90A3F24073C7D74A4FE25D9CF21C75960F3FC3863183",
5515 "C73564571D00FB15D08A3DE9957A50915D7126E9442DACF42BC82E862E5673FF6A008ED4D2E374617DF89F17A160B43B7FDA9CB6B6B74218609815F7D45CA263C159AA32D272D127FAF4BC8CA2D77378E8AEB19B0AD7DA3CB3DE0AE7314980F62B6D4B0A875D1DF03C1BAE39CCD833EF6CD7E2D9528BF084D1F969E794E9F6C1",
5516 "2658B37F6DF9C1030BE1DB68117FA9D87E39EA2B693B7E6D3A2F70947413EEC6142E18FB8DFCB6AC545D7C86A0AD48F8457170F0EFB26BC48126C53EFD1D16920198DC2A1107DC282DB6A80CD3062360BA3FA13F70E4312FF1A6CD6B8FC4CD9C5C3DB17C6D6A57212F73AE29F619327BAD59B153858585BA4E28B60A62A45E49",
5517 "6F38526B3925085534EF3E415A836EDE8B86158A2C7CBFECCB0BD834304FEC683BA8D4F479C433D43416E63269623CEA100776D85AFF401D3FFF610EE65411CE3B1363D63A9709EEDE42647CEA561493D54570A879C18682CD97710B96205EC31117D73B5F36223FADD6E8BA90DD7C0EE61D44E163251E20C7F66EB305117CB8",
5519 "8BBA6BF82A6C0F86D5F1756E97956870B08953B06B4EB205BC1694EE",
5520 "47E1AB7119FEE56C95EE5EAAD86F40D0AA63BD33",
5521 "53EA5DC08CD260FB3B858567287FA91552C30B2FEBFBA213F0AE87702D068D19BAB07FE574523DFB42139D68C3C5AFEEE0BFE4CB7969CBF382B804D6E61396144E2D0E60741F8993C3014B58B9B1957A8BABCD23AF854F4C356FB1662AA72BFCC7E586559DC4280D160C126785A723EBEEBEFF71F11594440AAEF87D10793A8774A239D4A04C87FE1467B9DAF85208EC6C7255794A96CC29142F9A8BD418E3C1FD67344B0CD0829DF3B2BEC60253196293C6B34D3F75D32F213DD45C6273D505ADF4CCED1057CB758FC26AEEFA441255ED4E64C199EE075E7F16646182FDB464739B68AB5DAFF0E63E9552016824F054BF4D3C8C90A97BB6B6553284EB429FCC",
5523 "E6AD181F053B58A904F2457510373E57",
5524 "6D17F5B4C1FFAC351D195BF7B09D09F09A4079CF",
5525 "A2B1A430A9D657E2FA1C2BB5ED43FFB25C05A308FE9093C01031795F5874400110828AE58FB9B581CE9DDDD3E549AE04A0985459BDE6C626594E7B05DC4278B2A1465C1368408823C85E96DC66C3A30983C639664FC4569A37FE21E5A195B5776EED2DF8D8D361AF686E750229BBD663F161868A50615E0C337BEC0CA35FEC0BB19C36EB2E0BBCC0582FA1D93AACDB061063F59F2CE1EE43605E5D89ECA183D2ACDFE9F81011022AD3B43A3DD417DAC94B4E11EA81B192966E966B182082E71964607B4F8002F36299844A11F2AE0FAEAC2EAE70F8F4F98088ACDCD0AC556E9FCCC511521908FAD26F04C64201450305778758B0538BF8B5BB144A828E629795",
5527 "510A2CF60E866FA2340553C94EA39FBC256311E83E94454B4124",
5528 "385387514DECCC7C740DD8CDF9DAEE49A1CBFD54",
5529 "9886C3E6764A8B9A84E84148EBD8C3B1AA8050381A78F668714C16D9CFD2A6EDC56979C535D9DEE3B44B85C18BE8928992371711472216D95DDA98D2EE8347C9B14DFFDFF84AA48D25AC06F7D7E65398AC967B1CE90925F67DCE049B7F812DB0742997A74D44FE81DBE0E7A3FEAF2E5C40AF888D550DDBBE3BC20657A29543F8FC2913B9BD1A61B2AB2256EC409BBD7DC0D17717EA25C43F42ED27DF8738BF4AFC6766FF7AFF0859555EE283920F4C8A63C4A7340CBAFDDC339ECDB4B0515002F96C932B5B79167AF699C0AD3FCCFDF0F44E85A70262BF2E18FE34B850589975E867FF969D48EABF212271546CDC05A69ECB526E52870C836F307BD798780EDE",
5531 "BCDD190DA3B7D300DF9A06E22CAAE2A75F10C91FF667B7C16BDE8B53064A2649A94045C9",
5532 "5CACA6A0F764161A9684F85D92B6E0EF37CA8B65",
5533 "6318E9FB5C0D05E5307E1683436E903293AC4642358AAA223D7163013ABA87E2DFDA8E60C6860E29A1E92686163EA0B9175F329CA3B131A1EDD3A77759A8B97BAD6A4F8F4396F28CF6F39CA58112E48160D6E203DAA5856F3ACA5FFED577AF499408E3DFD233E3E604DBE34A9C4C9082DE65527CAC6331D29DC80E0508A0FA7122E7F329F6CCA5CFA34D4D1DA417805457E008BEC549E478FF9E12A763C477D15BBB78F5B69BD57830FC2C4ED686D79BC72A95D85F88134C6B0AFE56A8CCFBC855828BB339BD17909CF1D70DE3335AE07039093E606D655365DE6550B872CD6DE1D440EE031B61945F629AD8A353B0D40939E96A3C450D2A8D5EEE9F678093C8",
5535 "A7DD6C7DC24B46F9DD5F1E91ADA4C3B3DF947E877232A9",
5536 "95BCA9E3859894B3DD869FA7ECD5BBC6401BF3E4",
5537 "75290872CCFD4A4505660D651F56DA6DAA09CA1301D890632F6A992F3D565CEE464AFDED40ED3B5BE9356714EA5AA7655F4A1366C2F17C728F6F2C5A5D1F8E28429BC4E6F8F2CFF8DA8DC0E0A9808E45FD09EA2FA40CB2B6CE6FFFF5C0E159D11B68D90A85F7B84E103B09E682666480C657505C0929259468A314786D74EAB131573CF234BF57DB7D9E66CC6748192E002DC0DEEA930585F0831FDCD9BC33D51F79ED2FFC16BCF4D59812FCEBCAA3F9069B0E445686D644C25CCF63B456EE5FA6FFE96F19CDF751FED9EAF35957754DBF4BFEA5216AA1844DC507CB2D080E722EBA150308C2B5FF1193620F1766ECF4481BAFB943BD292877F2136CA494ABA0",
5539 "EAF1A73A1B0C4609537DE69CD9228BBCFB9A8CA8C6C3EFAF056FE4A7F4634ED00B7C39EC6922D7B8EA2C04EBAC",
5540 "9F47DDF42E97EEA856A9BDBC714EB3AC22F6EB32",
5541 "2D207A73432A8FB4C03051B3F73B28A61764098DFA34C47A20995F8115AA6816679B557E82DBEE584908C6E69782D7DEB34DBD65AF063D57FCA76A5FD069492FD6068D9984D209350565A62E5C77F23038C12CB10C6634709B547C46F6B4A709BD85CA122D74465EF97762C29763E06DBC7A9E738C78BFCA0102DC5E79D65B973F28240CAAB2E161A78B57D262457ED8195D53E3C7AE9DA021883C6DB7C24AFDD2322EAC972AD3C354C5FCEF1E146C3A0290FB67ADF007066E00428D2CEC18CE58F9328698DEFEF4B2EB5EC76918FDE1C198CBB38B7AFC67626A9AEFEC4322BFD90D2563481C9A221F78C8272C82D1B62AB914E1C69F6AF6EF30CA5260DB4A46",
5547 * Fake RNG that returns exactly the provided bytes.
5550 const br_prng_class
*vtable
;
5551 unsigned char buf
[128];
5555 static void rng_oaep_init(rng_oaep_ctx
*cc
,
5556 const void *params
, const void *seed
, size_t len
);
5557 static void rng_oaep_generate(rng_oaep_ctx
*cc
, void *dst
, size_t len
);
5558 static void rng_oaep_update(rng_oaep_ctx
*cc
, const void *src
, size_t len
);
5560 static const br_prng_class rng_oaep_vtable
= {
5561 sizeof(rng_oaep_ctx
),
5562 (void (*)(const br_prng_class
**,
5563 const void *, const void *, size_t))&rng_oaep_init
,
5564 (void (*)(const br_prng_class
**,
5565 void *, size_t))&rng_oaep_generate
,
5566 (void (*)(const br_prng_class
**,
5567 const void *, size_t))&rng_oaep_update
5571 rng_oaep_init(rng_oaep_ctx
*cc
, const void *params
,
5572 const void *seed
, size_t len
)
5575 if (len
> sizeof cc
->buf
) {
5576 fprintf(stderr
, "seed is too large (%lu bytes)\n",
5577 (unsigned long)len
);
5580 cc
->vtable
= &rng_oaep_vtable
;
5581 memcpy(cc
->buf
, seed
, len
);
5587 rng_oaep_generate(rng_oaep_ctx
*cc
, void *dst
, size_t len
)
5589 if (len
> (cc
->len
- cc
->ptr
)) {
5590 fprintf(stderr
, "asking for more data than expected\n");
5593 memcpy(dst
, cc
->buf
+ cc
->ptr
, len
);
5598 rng_oaep_update(rng_oaep_ctx
*cc
, const void *src
, size_t len
)
5603 fprintf(stderr
, "unexpected update\n");
5608 test_RSA_OAEP(const char *name
,
5609 br_rsa_oaep_encrypt menc
, br_rsa_oaep_decrypt mdec
)
5613 printf("Test %s: ", name
);
5617 while (KAT_RSA_OAEP
[u
] != NULL
) {
5618 unsigned char n
[512];
5620 unsigned char p
[256];
5621 unsigned char q
[256];
5622 unsigned char dp
[256];
5623 unsigned char dq
[256];
5624 unsigned char iq
[256];
5625 br_rsa_public_key pk
;
5626 br_rsa_private_key sk
;
5630 pk
.nlen
= hextobin(n
, KAT_RSA_OAEP
[u
++]);
5632 pk
.elen
= hextobin(e
, KAT_RSA_OAEP
[u
++]);
5634 for (v
= 0; n
[v
] == 0; v
++);
5635 sk
.n_bitlen
= BIT_LENGTH(n
[v
]) + ((pk
.nlen
- 1 - v
) << 3);
5637 sk
.plen
= hextobin(p
, KAT_RSA_OAEP
[u
++]);
5639 sk
.qlen
= hextobin(q
, KAT_RSA_OAEP
[u
++]);
5641 sk
.dplen
= hextobin(dp
, KAT_RSA_OAEP
[u
++]);
5643 sk
.dqlen
= hextobin(dq
, KAT_RSA_OAEP
[u
++]);
5645 sk
.iqlen
= hextobin(iq
, KAT_RSA_OAEP
[u
++]);
5647 for (v
= 0; v
< 6; v
++) {
5648 unsigned char plain
[512], seed
[128], cipher
[512];
5649 size_t plain_len
, seed_len
, cipher_len
;
5651 unsigned char tmp
[513];
5654 plain_len
= hextobin(plain
, KAT_RSA_OAEP
[u
++]);
5655 seed_len
= hextobin(seed
, KAT_RSA_OAEP
[u
++]);
5656 cipher_len
= hextobin(cipher
, KAT_RSA_OAEP
[u
++]);
5657 rng_oaep_init(&rng
, NULL
, seed
, seed_len
);
5659 len
= menc(&rng
.vtable
, &br_sha1_vtable
, NULL
, 0, &pk
,
5660 tmp
, sizeof tmp
, plain
, plain_len
);
5661 if (len
!= cipher_len
) {
5663 "wrong encrypted length: %lu vs %lu\n",
5665 (unsigned long)cipher_len
);
5667 if (rng
.ptr
!= rng
.len
) {
5668 fprintf(stderr
, "seed not fully consumed\n");
5671 check_equals("KAT RSA/OAEP encrypt", tmp
, cipher
, len
);
5673 if (mdec(&br_sha1_vtable
, NULL
, 0,
5674 &sk
, tmp
, &len
) != 1)
5676 fprintf(stderr
, "decryption failed\n");
5679 if (len
!= plain_len
) {
5681 "wrong decrypted length: %lu vs %lu\n",
5683 (unsigned long)plain_len
);
5685 check_equals("KAT RSA/OAEP decrypt", tmp
, plain
, len
);
5688 * Try with a different label; it should fail.
5690 memcpy(tmp
, cipher
, cipher_len
);
5692 if (mdec(&br_sha1_vtable
, "T", 1,
5693 &sk
, tmp
, &len
) != 0)
5695 fprintf(stderr
, "decryption should have failed"
5696 " (wrong label)\n");
5701 * Try with a the wrong length; it should fail.
5704 memcpy(tmp
+ 1, cipher
, cipher_len
);
5705 len
= cipher_len
+ 1;
5706 if (mdec(&br_sha1_vtable
, "T", 1,
5707 &sk
, tmp
, &len
) != 0)
5709 fprintf(stderr
, "decryption should have failed"
5710 " (wrong length)\n");
5724 test_RSA_keygen(const char *name
, br_rsa_keygen kg
,
5725 br_rsa_pkcs1_sign sign
, br_rsa_pkcs1_vrfy vrfy
)
5727 br_hmac_drbg_context rng
;
5730 printf("Test %s: ", name
);
5733 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for RSA keygen", 19);
5735 for (i
= 0; i
< 40; i
++) {
5738 br_rsa_private_key sk
;
5739 br_rsa_public_key pk
;
5740 unsigned char kbuf_priv
[BR_RSA_KBUF_PRIV_SIZE(2048)];
5741 unsigned char kbuf_pub
[BR_RSA_KBUF_PUB_SIZE(2048)];
5745 unsigned char sig
[257], hv
[32], hv2
[sizeof hv
];
5746 unsigned mask1
, mask2
;
5753 pubexp
= (i
<< 1) - 69;
5756 if (!kg(&rng
.vtable
,
5757 &sk
, kbuf_priv
, &pk
, kbuf_pub
, size
, pubexp
))
5759 fprintf(stderr
, "RSA key pair generation failure\n");
5763 for (u
= pk
.elen
; u
> 0; u
--) {
5764 if (pk
.e
[u
- 1] != (pubexp
& 0xFF)) {
5765 fprintf(stderr
, "wrong public exponent\n");
5771 fprintf(stderr
, "truncated public exponent\n");
5775 memset(mod
, 0, sizeof mod
);
5776 for (u
= 0; u
< sk
.plen
; u
++) {
5777 for (v
= 0; v
< sk
.qlen
; v
++) {
5778 mod
[u
+ v
] += (uint32_t)sk
.p
[sk
.plen
- 1 - u
]
5779 * (uint32_t)sk
.q
[sk
.qlen
- 1 - v
];
5783 for (u
= 0; u
< sk
.plen
+ sk
.qlen
; u
++) {
5788 for (u
= 0; u
< pk
.nlen
; u
++) {
5789 if (mod
[pk
.nlen
- 1 - u
] != pk
.n
[u
]) {
5790 fprintf(stderr
, "wrong modulus\n");
5794 if (sk
.n_bitlen
!= size
) {
5795 fprintf(stderr
, "wrong key size\n");
5798 if (pk
.nlen
!= (size
+ 7) >> 3) {
5799 fprintf(stderr
, "wrong modulus size (bytes)\n");
5802 mask1
= 0x01 << ((size
+ 7) & 7);
5803 mask2
= 0xFF & -mask1
;
5804 if ((pk
.n
[0] & mask2
) != mask1
) {
5805 fprintf(stderr
, "wrong modulus size (bits)\n");
5809 rng
.vtable
->generate(&rng
.vtable
, hv
, sizeof hv
);
5810 memset(sig
, 0, sizeof sig
);
5811 sig
[pk
.nlen
] = 0x00;
5812 if (!sign(BR_HASH_OID_SHA256
, hv
, sizeof hv
, &sk
, sig
)) {
5813 fprintf(stderr
, "signature error\n");
5816 if (sig
[pk
.nlen
] != 0x00) {
5817 fprintf(stderr
, "signature length error\n");
5820 if (!vrfy(sig
, pk
.nlen
, BR_HASH_OID_SHA256
, sizeof hv
,
5823 fprintf(stderr
, "signature verification error (1)\n");
5826 if (memcmp(hv
, hv2
, sizeof hv
) != 0) {
5827 fprintf(stderr
, "signature verification error (2)\n");
5842 test_RSA_core("RSA i15 core", &br_rsa_i15_public
, &br_rsa_i15_private
);
5843 test_RSA_sign("RSA i15 sign", &br_rsa_i15_private
,
5844 &br_rsa_i15_pkcs1_sign
, &br_rsa_i15_pkcs1_vrfy
);
5845 test_RSA_OAEP("RSA i15 OAEP",
5846 &br_rsa_i15_oaep_encrypt
, &br_rsa_i15_oaep_decrypt
);
5847 test_RSA_keygen("RSA i15 keygen", &br_rsa_i15_keygen
,
5848 &br_rsa_i15_pkcs1_sign
, &br_rsa_i15_pkcs1_vrfy
);
5854 test_RSA_core("RSA i31 core", &br_rsa_i31_public
, &br_rsa_i31_private
);
5855 test_RSA_sign("RSA i31 sign", &br_rsa_i31_private
,
5856 &br_rsa_i31_pkcs1_sign
, &br_rsa_i31_pkcs1_vrfy
);
5857 test_RSA_OAEP("RSA i31 OAEP",
5858 &br_rsa_i31_oaep_encrypt
, &br_rsa_i31_oaep_decrypt
);
5859 test_RSA_keygen("RSA i31 keygen", &br_rsa_i31_keygen
,
5860 &br_rsa_i31_pkcs1_sign
, &br_rsa_i31_pkcs1_vrfy
);
5866 test_RSA_core("RSA i32 core", &br_rsa_i32_public
, &br_rsa_i32_private
);
5867 test_RSA_sign("RSA i32 sign", &br_rsa_i32_private
,
5868 &br_rsa_i32_pkcs1_sign
, &br_rsa_i32_pkcs1_vrfy
);
5869 test_RSA_OAEP("RSA i32 OAEP",
5870 &br_rsa_i32_oaep_encrypt
, &br_rsa_i32_oaep_decrypt
);
5877 br_rsa_private priv
;
5878 br_rsa_pkcs1_sign sign
;
5879 br_rsa_pkcs1_vrfy vrfy
;
5880 br_rsa_oaep_encrypt menc
;
5881 br_rsa_oaep_decrypt mdec
;
5884 pub
= br_rsa_i62_public_get();
5885 priv
= br_rsa_i62_private_get();
5886 sign
= br_rsa_i62_pkcs1_sign_get();
5887 vrfy
= br_rsa_i62_pkcs1_vrfy_get();
5888 menc
= br_rsa_i62_oaep_encrypt_get();
5889 mdec
= br_rsa_i62_oaep_decrypt_get();
5890 kgen
= br_rsa_i62_keygen_get();
5892 if (!priv
|| !sign
|| !vrfy
|| !menc
|| !mdec
|| !kgen
) {
5893 fprintf(stderr
, "Inconsistent i62 availability\n");
5896 test_RSA_core("RSA i62 core", pub
, priv
);
5897 test_RSA_sign("RSA i62 sign", priv
, sign
, vrfy
);
5898 test_RSA_OAEP("RSA i62 OAEP", menc
, mdec
);
5899 test_RSA_keygen("RSA i62 keygen", kgen
, sign
, vrfy
);
5901 if (priv
|| sign
|| vrfy
|| menc
|| mdec
|| kgen
) {
5902 fprintf(stderr
, "Inconsistent i62 availability\n");
5905 printf("Test RSA i62: UNAVAILABLE\n");
5911 test_RSA_signatures(void)
5913 uint32_t n
[40], e
[2], p
[20], q
[20], dp
[20], dq
[20], iq
[20], x
[40];
5914 unsigned char hv
[20], sig
[128];
5915 unsigned char ref
[128], tmp
[128];
5918 printf("Test RSA signatures: ");
5922 * Decode RSA key elements.
5924 br_int_decode(n
, sizeof n
/ sizeof n
[0], RSA_N
, sizeof RSA_N
);
5925 br_int_decode(e
, sizeof e
/ sizeof e
[0], RSA_E
, sizeof RSA_E
);
5926 br_int_decode(p
, sizeof p
/ sizeof p
[0], RSA_P
, sizeof RSA_P
);
5927 br_int_decode(q
, sizeof q
/ sizeof q
[0], RSA_Q
, sizeof RSA_Q
);
5928 br_int_decode(dp
, sizeof dp
/ sizeof dp
[0], RSA_DP
, sizeof RSA_DP
);
5929 br_int_decode(dq
, sizeof dq
/ sizeof dq
[0], RSA_DQ
, sizeof RSA_DQ
);
5930 br_int_decode(iq
, sizeof iq
/ sizeof iq
[0], RSA_IQ
, sizeof RSA_IQ
);
5933 * Decode reference signature (computed with OpenSSL).
5935 hextobin(ref
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
5938 * Recompute signature. Since PKCS#1 v1.5 signatures are
5939 * deterministic, we should get the same as the reference signature.
5942 br_sha1_update(&hc
, "test", 4);
5943 br_sha1_out(&hc
, hv
);
5944 if (!br_rsa_sign(sig
, sizeof sig
, p
, q
, dp
, dq
, iq
, br_sha1_ID
, hv
)) {
5945 fprintf(stderr
, "RSA-1024/SHA-1 sig generate failed\n");
5948 check_equals("KAT RSA-sign 1", sig
, ref
, sizeof sig
);
5953 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
5954 fprintf(stderr
, "RSA-1024/SHA-1 sig verify failed\n");
5958 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
5959 fprintf(stderr
, "RSA-1024/SHA-1 sig verify should have failed\n");
5965 * Generate a signature with the alternate encoding (no NULL) and
5968 hextobin(tmp
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00301F300706052B0E03021A0414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
5969 br_int_decode(x
, sizeof x
/ sizeof x
[0], tmp
, sizeof tmp
);
5971 br_rsa_private_core(x
, p
, q
, dp
, dq
, iq
);
5972 br_int_encode(sig
, sizeof sig
, x
);
5973 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
5974 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) failed\n");
5978 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
5979 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) should have failed\n");
5990 * From: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
5992 static const char *const KAT_GHASH
[] = {
5994 "66e94bd4ef8a2c3b884cfa59ca342b2e",
5997 "00000000000000000000000000000000",
5999 "66e94bd4ef8a2c3b884cfa59ca342b2e",
6001 "0388dace60b6a392f328c2b971b2fe78",
6002 "f38cbb1ad69223dcc3457ae5b6b0f885",
6004 "b83b533708bf535d0aa6e52980d53b78",
6006 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
6007 "7f1b32b81b820d02614f8895ac1d4eac",
6009 "b83b533708bf535d0aa6e52980d53b78",
6010 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6011 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
6012 "698e57f70e6ecc7fd9463b7260a9ae5f",
6014 "b83b533708bf535d0aa6e52980d53b78",
6015 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6016 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
6017 "df586bb4c249b92cb6922877e444d37b",
6019 "b83b533708bf535d0aa6e52980d53b78",
6020 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6021 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
6022 "1c5afe9760d3932f3c9a878aac3dc3de",
6024 "aae06992acbf52a3e8f4a96ec9300bd7",
6026 "98e7247c07f0fe411c267e4384b0f600",
6027 "e2c63f0ac44ad0e02efa05ab6743d4ce",
6029 "466923ec9ae682214f2c082badb39249",
6031 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
6032 "51110d40f6c8fff0eb1ae33445a889f0",
6034 "466923ec9ae682214f2c082badb39249",
6035 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6036 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
6037 "ed2ce3062e4a8ec06db8b4c490e8a268",
6039 "466923ec9ae682214f2c082badb39249",
6040 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6041 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
6042 "1e6a133806607858ee80eaf237064089",
6044 "466923ec9ae682214f2c082badb39249",
6045 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6046 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
6047 "82567fb0b4cc371801eadec005968e94",
6049 "dc95c078a2408989ad48a21492842087",
6051 "cea7403d4d606b6e074ec5d3baf39d18",
6052 "83de425c5edc5d498f382c441041ca92",
6054 "acbef20579b4b8ebce889bac8732dad7",
6056 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
6057 "4db870d37cb75fcb46097c36230d1612",
6059 "acbef20579b4b8ebce889bac8732dad7",
6060 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6061 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
6062 "8bd0c4d8aacd391e67cca447e8c38f65",
6064 "acbef20579b4b8ebce889bac8732dad7",
6065 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6066 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
6067 "75a34288b8c68f811c52b2e9a2f97f63",
6069 "acbef20579b4b8ebce889bac8732dad7",
6070 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6071 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
6072 "d5ffcf6fc5ac4d69722187421a7f170b",
6078 test_GHASH(const char *name
, br_ghash gh
)
6082 printf("Test %s: ", name
);
6085 for (u
= 0; KAT_GHASH
[u
]; u
+= 4) {
6086 unsigned char h
[16];
6087 unsigned char a
[100];
6089 unsigned char c
[100];
6091 unsigned char p
[16];
6092 unsigned char y
[16];
6093 unsigned char ref
[16];
6095 hextobin(h
, KAT_GHASH
[u
]);
6096 a_len
= hextobin(a
, KAT_GHASH
[u
+ 1]);
6097 c_len
= hextobin(c
, KAT_GHASH
[u
+ 2]);
6098 hextobin(ref
, KAT_GHASH
[u
+ 3]);
6099 memset(y
, 0, sizeof y
);
6102 memset(p
, 0, sizeof p
);
6103 br_enc32be(p
+ 4, (uint32_t)a_len
<< 3);
6104 br_enc32be(p
+ 12, (uint32_t)c_len
<< 3);
6105 gh(y
, h
, p
, sizeof p
);
6106 check_equals("KAT GHASH", y
, ref
, sizeof ref
);
6109 for (u
= 0; u
<= 1024; u
++) {
6110 unsigned char key
[32], iv
[12];
6111 unsigned char buf
[1024 + 32];
6112 unsigned char y0
[16], y1
[16];
6115 memset(key
, 0, sizeof key
);
6116 memset(iv
, 0, sizeof iv
);
6118 memset(buf
, 0, sizeof buf
);
6119 br_chacha20_ct_run(key
, iv
, 1, buf
, sizeof buf
);
6121 memcpy(y0
, buf
, 16);
6122 br_ghash_ctmul32(y0
, buf
+ 16, buf
+ 32, u
);
6123 memcpy(y1
, buf
, 16);
6124 gh(y1
, buf
+ 16, buf
+ 32, u
);
6125 sprintf(tmp
, "XREF %s (len = %u)", name
, (unsigned)u
);
6126 check_equals(tmp
, y0
, y1
, 16);
6128 if ((u
& 31) == 0) {
6139 test_GHASH_ctmul(void)
6141 test_GHASH("GHASH_ctmul", br_ghash_ctmul
);
6145 test_GHASH_ctmul32(void)
6147 test_GHASH("GHASH_ctmul32", br_ghash_ctmul32
);
6151 test_GHASH_ctmul64(void)
6153 test_GHASH("GHASH_ctmul64", br_ghash_ctmul64
);
6157 test_GHASH_pclmul(void)
6161 gh
= br_ghash_pclmul_get();
6163 printf("Test GHASH_pclmul: UNAVAILABLE\n");
6165 test_GHASH("GHASH_pclmul", gh
);
6170 test_GHASH_pwr8(void)
6174 gh
= br_ghash_pwr8_get();
6176 printf("Test GHASH_pwr8: UNAVAILABLE\n");
6178 test_GHASH("GHASH_pwr8", gh
);
6183 * From: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
6185 * Order: key, plaintext, AAD, IV, ciphertext, tag
6187 static const char *const KAT_GCM
[] = {
6188 "00000000000000000000000000000000",
6191 "000000000000000000000000",
6193 "58e2fccefa7e3061367f1d57a4e7455a",
6195 "00000000000000000000000000000000",
6196 "00000000000000000000000000000000",
6198 "000000000000000000000000",
6199 "0388dace60b6a392f328c2b971b2fe78",
6200 "ab6e47d42cec13bdf53a67b21257bddf",
6202 "feffe9928665731c6d6a8f9467308308",
6203 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
6205 "cafebabefacedbaddecaf888",
6206 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
6207 "4d5c2af327cd64a62cf35abd2ba6fab4",
6209 "feffe9928665731c6d6a8f9467308308",
6210 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6211 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6212 "cafebabefacedbaddecaf888",
6213 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
6214 "5bc94fbc3221a5db94fae95ae7121a47",
6216 "feffe9928665731c6d6a8f9467308308",
6217 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6218 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6220 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
6221 "3612d2e79e3b0785561be14aaca2fccb",
6223 "feffe9928665731c6d6a8f9467308308",
6224 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6225 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6226 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
6227 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
6228 "619cc5aefffe0bfa462af43c1699d050",
6230 "000000000000000000000000000000000000000000000000",
6233 "000000000000000000000000",
6235 "cd33b28ac773f74ba00ed1f312572435",
6237 "000000000000000000000000000000000000000000000000",
6238 "00000000000000000000000000000000",
6240 "000000000000000000000000",
6241 "98e7247c07f0fe411c267e4384b0f600",
6242 "2ff58d80033927ab8ef4d4587514f0fb",
6244 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
6245 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
6247 "cafebabefacedbaddecaf888",
6248 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
6249 "9924a7c8587336bfb118024db8674a14",
6251 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
6252 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6253 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6254 "cafebabefacedbaddecaf888",
6255 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
6256 "2519498e80f1478f37ba55bd6d27618c",
6258 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
6259 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6260 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6262 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
6263 "65dcc57fcf623a24094fcca40d3533f8",
6265 "feffe9928665731c6d6a8f9467308308feffe9928665731c",
6266 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6267 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6268 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
6269 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
6270 "dcf566ff291c25bbb8568fc3d376a6d9",
6272 "0000000000000000000000000000000000000000000000000000000000000000",
6275 "000000000000000000000000",
6277 "530f8afbc74536b9a963b4f1c4cb738b",
6279 "0000000000000000000000000000000000000000000000000000000000000000",
6280 "00000000000000000000000000000000",
6282 "000000000000000000000000",
6283 "cea7403d4d606b6e074ec5d3baf39d18",
6284 "d0d1c8a799996bf0265b98b5d48ab919",
6286 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
6287 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255",
6289 "cafebabefacedbaddecaf888",
6290 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
6291 "b094dac5d93471bdec1a502270e3cc6c",
6293 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
6294 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6295 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6296 "cafebabefacedbaddecaf888",
6297 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
6298 "76fc6ece0f4e1768cddf8853bb2d551b",
6300 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
6301 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6302 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6304 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
6305 "3a337dbf46a792c45e454913fe2ea8f2",
6307 "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308",
6308 "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39",
6309 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
6310 "9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b",
6311 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
6312 "a44a8266ee1c8eb0c8b5d4cf5ae9f19a",
6322 printf("Test GCM: ");
6325 for (u
= 0; KAT_GCM
[u
]; u
+= 6) {
6326 unsigned char key
[32];
6327 unsigned char plain
[100];
6328 unsigned char aad
[100];
6329 unsigned char iv
[100];
6330 unsigned char cipher
[100];
6331 unsigned char tag
[100];
6332 size_t key_len
, plain_len
, aad_len
, iv_len
;
6333 br_aes_ct_ctr_keys bc
;
6335 unsigned char tmp
[100], out
[16];
6338 key_len
= hextobin(key
, KAT_GCM
[u
]);
6339 plain_len
= hextobin(plain
, KAT_GCM
[u
+ 1]);
6340 aad_len
= hextobin(aad
, KAT_GCM
[u
+ 2]);
6341 iv_len
= hextobin(iv
, KAT_GCM
[u
+ 3]);
6342 hextobin(cipher
, KAT_GCM
[u
+ 4]);
6343 hextobin(tag
, KAT_GCM
[u
+ 5]);
6345 br_aes_ct_ctr_init(&bc
, key
, key_len
);
6346 br_gcm_init(&gc
, &bc
.vtable
, br_ghash_ctmul32
);
6348 memset(tmp
, 0x54, sizeof tmp
);
6353 memcpy(tmp
, plain
, plain_len
);
6354 br_gcm_reset(&gc
, iv
, iv_len
);
6355 br_gcm_aad_inject(&gc
, aad
, aad_len
);
6357 br_gcm_run(&gc
, 1, tmp
, plain_len
);
6358 br_gcm_get_tag(&gc
, out
);
6359 check_equals("KAT GCM 1", tmp
, cipher
, plain_len
);
6360 check_equals("KAT GCM 2", out
, tag
, 16);
6362 br_gcm_reset(&gc
, iv
, iv_len
);
6363 br_gcm_aad_inject(&gc
, aad
, aad_len
);
6365 br_gcm_run(&gc
, 0, tmp
, plain_len
);
6366 check_equals("KAT GCM 3", tmp
, plain
, plain_len
);
6367 if (!br_gcm_check_tag(&gc
, tag
)) {
6368 fprintf(stderr
, "Tag not verified (1)\n");
6372 for (v
= plain_len
; v
< sizeof tmp
; v
++) {
6373 if (tmp
[v
] != 0x54) {
6374 fprintf(stderr
, "overflow on data\n");
6380 * Byte-by-byte injection.
6382 br_gcm_reset(&gc
, iv
, iv_len
);
6383 for (v
= 0; v
< aad_len
; v
++) {
6384 br_gcm_aad_inject(&gc
, aad
+ v
, 1);
6387 for (v
= 0; v
< plain_len
; v
++) {
6388 br_gcm_run(&gc
, 1, tmp
+ v
, 1);
6390 check_equals("KAT GCM 4", tmp
, cipher
, plain_len
);
6391 if (!br_gcm_check_tag(&gc
, tag
)) {
6392 fprintf(stderr
, "Tag not verified (2)\n");
6396 br_gcm_reset(&gc
, iv
, iv_len
);
6397 for (v
= 0; v
< aad_len
; v
++) {
6398 br_gcm_aad_inject(&gc
, aad
+ v
, 1);
6401 for (v
= 0; v
< plain_len
; v
++) {
6402 br_gcm_run(&gc
, 0, tmp
+ v
, 1);
6404 br_gcm_get_tag(&gc
, out
);
6405 check_equals("KAT GCM 5", tmp
, plain
, plain_len
);
6406 check_equals("KAT GCM 6", out
, tag
, 16);
6409 * Check that alterations are detected.
6411 for (v
= 0; v
< aad_len
; v
++) {
6412 memcpy(tmp
, cipher
, plain_len
);
6413 br_gcm_reset(&gc
, iv
, iv_len
);
6415 br_gcm_aad_inject(&gc
, aad
, aad_len
);
6418 br_gcm_run(&gc
, 0, tmp
, plain_len
);
6419 check_equals("KAT GCM 7", tmp
, plain
, plain_len
);
6420 if (br_gcm_check_tag(&gc
, tag
)) {
6421 fprintf(stderr
, "Tag should have changed\n");
6429 for (tag_len
= 1; tag_len
<= 16; tag_len
++) {
6430 memset(out
, 0x54, sizeof out
);
6431 memcpy(tmp
, plain
, plain_len
);
6432 br_gcm_reset(&gc
, iv
, iv_len
);
6433 br_gcm_aad_inject(&gc
, aad
, aad_len
);
6435 br_gcm_run(&gc
, 1, tmp
, plain_len
);
6436 br_gcm_get_tag_trunc(&gc
, out
, tag_len
);
6437 check_equals("KAT GCM 8", out
, tag
, tag_len
);
6438 for (v
= tag_len
; v
< sizeof out
; v
++) {
6439 if (out
[v
] != 0x54) {
6440 fprintf(stderr
, "overflow on tag\n");
6445 memcpy(tmp
, plain
, plain_len
);
6446 br_gcm_reset(&gc
, iv
, iv_len
);
6447 br_gcm_aad_inject(&gc
, aad
, aad_len
);
6449 br_gcm_run(&gc
, 1, tmp
, plain_len
);
6450 if (!br_gcm_check_tag_trunc(&gc
, out
, tag_len
)) {
6451 fprintf(stderr
, "Tag not verified (3)\n");
6465 * From "The EAX Mode of Operation (A Two-Pass Authenticated Encryption
6466 * Scheme Optimized for Simplicity and Efficiency)" (Bellare, Rogaway,
6467 * Wagner), presented at FSE 2004. Full article is available at:
6468 * http://web.cs.ucdavis.edu/~rogaway/papers/eax.html
6470 * EAX specification concatenates the authentication tag at the end of
6471 * the ciphertext; in our API and the vectors below, the tag is separate.
6473 * Order is: plaintext, key, nonce, header, ciphertext, tag.
6475 static const char *const KAT_EAX
[] = {
6477 "233952dee4d5ed5f9b9c6d6ff80ff478",
6478 "62ec67f9c3a4a407fcb2a8c49031a8b3",
6481 "e037830e8389f27b025a2d6527e79d01",
6484 "91945d3f4dcbee0bf45ef52255f095a4",
6485 "becaf043b0a23d843194ba972c66debd",
6488 "5c4c9331049d0bdab0277408f67967e5",
6491 "01f74ad64077f2e704c0f60ada3dd523",
6492 "70c3db4f0d26368400a10ed05d2bff5e",
6495 "3a59f238a23e39199dc9266626c40f80",
6498 "d07cf6cbb7f313bdde66b727afd3c5e8",
6499 "8408dfff3c1a2b1292dc199e46b7d617",
6502 "d4c168a4225d8e1ff755939974a7bede",
6505 "35b6d0580005bbc12b0587124557d2c2",
6506 "fdb6b06676eedc5c61d74276e1f8e816",
6509 "cb0677e536f73afe6a14b74ee49844dd",
6511 "4de3b35c3fc039245bd1fb7d",
6512 "bd8e6e11475e60b268784c38c62feb22",
6513 "6eac5c93072d8e8513f750935e46da1b",
6515 "835bb4f15d743e350e728414",
6516 "abb8644fd6ccb86947c5e10590210a4f",
6518 "8b0a79306c9ce7ed99dae4f87f8dd61636",
6519 "7c77d6e813bed5ac98baa417477a2e7d",
6520 "1a8c98dcd73d38393b2bf1569deefc19",
6522 "02083e3979da014812f59f11d52630da30",
6523 "137327d10649b0aa6e1c181db617d7f2",
6525 "1bda122bce8a8dbaf1877d962b8592dd2d56",
6526 "5fff20cafab119ca2fc73549e20f5b0d",
6527 "dde59b97d722156d4d9aff2bc7559826",
6529 "2ec47b2c4954a489afc7ba4897edcdae8cc3",
6530 "3b60450599bd02c96382902aef7f832a",
6532 "6cf36720872b8513f6eab1a8a44438d5ef11",
6533 "a4a4782bcffd3ec5e7ef6d8c34a56123",
6534 "b781fcf2f75fa5a8de97a9ca48e522ec",
6536 "0de18fd0fdd91e7af19f1d8ee8733938b1e8",
6537 "e7f6d2231618102fdb7fe55ff1991700",
6539 "ca40d7446e545ffaed3bd12a740a659ffbbb3ceab7",
6540 "8395fcf1e95bebd697bd010bc766aac3",
6541 "22e7add93cfc6393c57ec0b3c17d6b44",
6543 "cb8920f87a6c75cff39627b56e3ed197c552d295a7",
6544 "cfc46afc253b4652b1af3795b124ab6e",
6550 test_EAX_inner(const char *name
, const br_block_ctrcbc_class
*vt
)
6554 printf("Test EAX %s: ", name
);
6557 for (u
= 0; KAT_EAX
[u
]; u
+= 6) {
6558 unsigned char plain
[100];
6559 unsigned char key
[32];
6560 unsigned char nonce
[100];
6561 unsigned char aad
[100];
6562 unsigned char cipher
[100];
6563 unsigned char tag
[100];
6564 size_t plain_len
, key_len
, nonce_len
, aad_len
;
6565 br_aes_gen_ctrcbc_keys bc
;
6568 unsigned char tmp
[100], out
[16];
6571 plain_len
= hextobin(plain
, KAT_EAX
[u
]);
6572 key_len
= hextobin(key
, KAT_EAX
[u
+ 1]);
6573 nonce_len
= hextobin(nonce
, KAT_EAX
[u
+ 2]);
6574 aad_len
= hextobin(aad
, KAT_EAX
[u
+ 3]);
6575 hextobin(cipher
, KAT_EAX
[u
+ 4]);
6576 hextobin(tag
, KAT_EAX
[u
+ 5]);
6578 vt
->init(&bc
.vtable
, key
, key_len
);
6579 br_eax_init(&ec
, &bc
.vtable
);
6581 memset(tmp
, 0x54, sizeof tmp
);
6586 memcpy(tmp
, plain
, plain_len
);
6587 br_eax_reset(&ec
, nonce
, nonce_len
);
6588 br_eax_aad_inject(&ec
, aad
, aad_len
);
6590 br_eax_run(&ec
, 1, tmp
, plain_len
);
6591 br_eax_get_tag(&ec
, out
);
6592 check_equals("KAT EAX 1", tmp
, cipher
, plain_len
);
6593 check_equals("KAT EAX 2", out
, tag
, 16);
6595 br_eax_reset(&ec
, nonce
, nonce_len
);
6596 br_eax_aad_inject(&ec
, aad
, aad_len
);
6598 br_eax_run(&ec
, 0, tmp
, plain_len
);
6599 check_equals("KAT EAX 3", tmp
, plain
, plain_len
);
6600 if (!br_eax_check_tag(&ec
, tag
)) {
6601 fprintf(stderr
, "Tag not verified (1)\n");
6605 for (v
= plain_len
; v
< sizeof tmp
; v
++) {
6606 if (tmp
[v
] != 0x54) {
6607 fprintf(stderr
, "overflow on data\n");
6613 * Byte-by-byte injection.
6615 br_eax_reset(&ec
, nonce
, nonce_len
);
6616 for (v
= 0; v
< aad_len
; v
++) {
6617 br_eax_aad_inject(&ec
, aad
+ v
, 1);
6620 for (v
= 0; v
< plain_len
; v
++) {
6621 br_eax_run(&ec
, 1, tmp
+ v
, 1);
6623 check_equals("KAT EAX 4", tmp
, cipher
, plain_len
);
6624 if (!br_eax_check_tag(&ec
, tag
)) {
6625 fprintf(stderr
, "Tag not verified (2)\n");
6629 br_eax_reset(&ec
, nonce
, nonce_len
);
6630 for (v
= 0; v
< aad_len
; v
++) {
6631 br_eax_aad_inject(&ec
, aad
+ v
, 1);
6634 for (v
= 0; v
< plain_len
; v
++) {
6635 br_eax_run(&ec
, 0, tmp
+ v
, 1);
6637 br_eax_get_tag(&ec
, out
);
6638 check_equals("KAT EAX 5", tmp
, plain
, plain_len
);
6639 check_equals("KAT EAX 6", out
, tag
, 16);
6642 * Check that alterations are detected.
6644 for (v
= 0; v
< aad_len
; v
++) {
6645 memcpy(tmp
, cipher
, plain_len
);
6646 br_eax_reset(&ec
, nonce
, nonce_len
);
6648 br_eax_aad_inject(&ec
, aad
, aad_len
);
6651 br_eax_run(&ec
, 0, tmp
, plain_len
);
6652 check_equals("KAT EAX 7", tmp
, plain
, plain_len
);
6653 if (br_eax_check_tag(&ec
, tag
)) {
6654 fprintf(stderr
, "Tag should have changed\n");
6662 for (tag_len
= 1; tag_len
<= 16; tag_len
++) {
6663 memset(out
, 0x54, sizeof out
);
6664 memcpy(tmp
, plain
, plain_len
);
6665 br_eax_reset(&ec
, nonce
, nonce_len
);
6666 br_eax_aad_inject(&ec
, aad
, aad_len
);
6668 br_eax_run(&ec
, 1, tmp
, plain_len
);
6669 br_eax_get_tag_trunc(&ec
, out
, tag_len
);
6670 check_equals("KAT EAX 8", out
, tag
, tag_len
);
6671 for (v
= tag_len
; v
< sizeof out
; v
++) {
6672 if (out
[v
] != 0x54) {
6673 fprintf(stderr
, "overflow on tag\n");
6678 memcpy(tmp
, plain
, plain_len
);
6679 br_eax_reset(&ec
, nonce
, nonce_len
);
6680 br_eax_aad_inject(&ec
, aad
, aad_len
);
6682 br_eax_run(&ec
, 1, tmp
, plain_len
);
6683 if (!br_eax_check_tag_trunc(&ec
, out
, tag_len
)) {
6684 fprintf(stderr
, "Tag not verified (3)\n");
6693 * For capture tests, we need the message to be non-empty.
6695 if (plain_len
== 0) {
6700 * Captured state, pre-AAD. This requires the AAD and the
6701 * message to be non-empty.
6703 br_eax_capture(&ec
, &st
);
6706 br_eax_reset_pre_aad(&ec
, &st
, nonce
, nonce_len
);
6707 br_eax_aad_inject(&ec
, aad
, aad_len
);
6709 memcpy(tmp
, plain
, plain_len
);
6710 br_eax_run(&ec
, 1, tmp
, plain_len
);
6711 br_eax_get_tag(&ec
, out
);
6712 check_equals("KAT EAX 9", tmp
, cipher
, plain_len
);
6713 check_equals("KAT EAX 10", out
, tag
, 16);
6715 br_eax_reset_pre_aad(&ec
, &st
, nonce
, nonce_len
);
6716 br_eax_aad_inject(&ec
, aad
, aad_len
);
6718 br_eax_run(&ec
, 0, tmp
, plain_len
);
6719 br_eax_get_tag(&ec
, out
);
6720 check_equals("KAT EAX 11", tmp
, plain
, plain_len
);
6721 check_equals("KAT EAX 12", out
, tag
, 16);
6725 * Captured state, post-AAD. This requires the message to
6728 br_eax_reset(&ec
, nonce
, nonce_len
);
6729 br_eax_aad_inject(&ec
, aad
, aad_len
);
6731 br_eax_get_aad_mac(&ec
, &st
);
6733 br_eax_reset_post_aad(&ec
, &st
, nonce
, nonce_len
);
6734 memcpy(tmp
, plain
, plain_len
);
6735 br_eax_run(&ec
, 1, tmp
, plain_len
);
6736 br_eax_get_tag(&ec
, out
);
6737 check_equals("KAT EAX 13", tmp
, cipher
, plain_len
);
6738 check_equals("KAT EAX 14", out
, tag
, 16);
6740 br_eax_reset_post_aad(&ec
, &st
, nonce
, nonce_len
);
6741 br_eax_run(&ec
, 0, tmp
, plain_len
);
6742 br_eax_get_tag(&ec
, out
);
6743 check_equals("KAT EAX 15", tmp
, plain
, plain_len
);
6744 check_equals("KAT EAX 16", out
, tag
, 16);
6757 const br_block_ctrcbc_class
*x_ctrcbc
;
6759 test_EAX_inner("aes_big", &br_aes_big_ctrcbc_vtable
);
6760 test_EAX_inner("aes_small", &br_aes_small_ctrcbc_vtable
);
6761 test_EAX_inner("aes_ct", &br_aes_ct_ctrcbc_vtable
);
6762 test_EAX_inner("aes_ct64", &br_aes_ct64_ctrcbc_vtable
);
6764 x_ctrcbc
= br_aes_x86ni_ctrcbc_get_vtable();
6765 if (x_ctrcbc
!= NULL
) {
6766 test_EAX_inner("aes_x86ni", x_ctrcbc
);
6768 printf("Test EAX aes_x86ni: UNAVAILABLE\n");
6773 * From NIST SP 800-38C, appendix C.
6775 * CCM specification concatenates the authentication tag at the end of
6776 * the ciphertext; in our API and the vectors below, the tag is separate.
6778 * Order is: key, nonce, aad, plaintext, ciphertext, tag.
6780 static const char *const KAT_CCM
[] = {
6781 "404142434445464748494a4b4c4d4e4f",
6788 "404142434445464748494a4b4c4d4e4f",
6790 "000102030405060708090a0b0c0d0e0f",
6791 "202122232425262728292a2b2c2d2e2f",
6792 "d2a1f0e051ea5f62081a7792073d593d",
6795 "404142434445464748494a4b4c4d4e4f",
6796 "101112131415161718191a1b",
6797 "000102030405060708090a0b0c0d0e0f10111213",
6798 "202122232425262728292a2b2c2d2e2f3031323334353637",
6799 "e3b201a9f5b71a7a9b1ceaeccd97e70b6176aad9a4428aa5",
6802 "404142434445464748494a4b4c4d4e4f",
6803 "101112131415161718191a1b1c",
6805 "202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
6806 "69915dad1e84c6376a68c2967e4dab615ae0fd1faec44cc484828529463ccf72",
6807 "b4ac6bec93e8598e7f0dadbcea5b",
6813 test_CCM_inner(const char *name
, const br_block_ctrcbc_class
*vt
)
6817 printf("Test CCM %s: ", name
);
6820 for (u
= 0; KAT_CCM
[u
]; u
+= 6) {
6821 unsigned char plain
[100];
6822 unsigned char key
[32];
6823 unsigned char nonce
[100];
6824 unsigned char aad_buf
[100], *aad
;
6825 unsigned char cipher
[100];
6826 unsigned char tag
[100];
6827 size_t plain_len
, key_len
, nonce_len
, aad_len
, tag_len
;
6828 br_aes_gen_ctrcbc_keys bc
;
6830 unsigned char tmp
[100], out
[16];
6833 key_len
= hextobin(key
, KAT_CCM
[u
]);
6834 nonce_len
= hextobin(nonce
, KAT_CCM
[u
+ 1]);
6835 if (KAT_CCM
[u
+ 2] == NULL
) {
6837 aad
= malloc(aad_len
);
6839 fprintf(stderr
, "OOM error\n");
6842 for (v
= 0; v
< 65536; v
++) {
6843 aad
[v
] = (unsigned char)v
;
6847 aad_len
= hextobin(aad
, KAT_CCM
[u
+ 2]);
6849 plain_len
= hextobin(plain
, KAT_CCM
[u
+ 3]);
6850 hextobin(cipher
, KAT_CCM
[u
+ 4]);
6851 tag_len
= hextobin(tag
, KAT_CCM
[u
+ 5]);
6853 vt
->init(&bc
.vtable
, key
, key_len
);
6854 br_ccm_init(&ec
, &bc
.vtable
);
6856 memset(tmp
, 0x54, sizeof tmp
);
6861 memcpy(tmp
, plain
, plain_len
);
6862 if (!br_ccm_reset(&ec
, nonce
, nonce_len
,
6863 aad_len
, plain_len
, tag_len
))
6865 fprintf(stderr
, "CCM reset failed\n");
6868 br_ccm_aad_inject(&ec
, aad
, aad_len
);
6870 br_ccm_run(&ec
, 1, tmp
, plain_len
);
6871 if (br_ccm_get_tag(&ec
, out
) != tag_len
) {
6872 fprintf(stderr
, "CCM returned wrong tag length\n");
6875 check_equals("KAT CCM 1", tmp
, cipher
, plain_len
);
6876 check_equals("KAT CCM 2", out
, tag
, tag_len
);
6878 br_ccm_reset(&ec
, nonce
, nonce_len
,
6879 aad_len
, plain_len
, tag_len
);
6880 br_ccm_aad_inject(&ec
, aad
, aad_len
);
6882 br_ccm_run(&ec
, 0, tmp
, plain_len
);
6883 check_equals("KAT CCM 3", tmp
, plain
, plain_len
);
6884 if (!br_ccm_check_tag(&ec
, tag
)) {
6885 fprintf(stderr
, "Tag not verified (1)\n");
6889 for (v
= plain_len
; v
< sizeof tmp
; v
++) {
6890 if (tmp
[v
] != 0x54) {
6891 fprintf(stderr
, "overflow on data\n");
6897 * Byte-by-byte injection.
6899 br_ccm_reset(&ec
, nonce
, nonce_len
,
6900 aad_len
, plain_len
, tag_len
);
6901 for (v
= 0; v
< aad_len
; v
++) {
6902 br_ccm_aad_inject(&ec
, aad
+ v
, 1);
6905 for (v
= 0; v
< plain_len
; v
++) {
6906 br_ccm_run(&ec
, 1, tmp
+ v
, 1);
6908 check_equals("KAT CCM 4", tmp
, cipher
, plain_len
);
6909 if (!br_ccm_check_tag(&ec
, tag
)) {
6910 fprintf(stderr
, "Tag not verified (2)\n");
6914 br_ccm_reset(&ec
, nonce
, nonce_len
,
6915 aad_len
, plain_len
, tag_len
);
6916 for (v
= 0; v
< aad_len
; v
++) {
6917 br_ccm_aad_inject(&ec
, aad
+ v
, 1);
6920 for (v
= 0; v
< plain_len
; v
++) {
6921 br_ccm_run(&ec
, 0, tmp
+ v
, 1);
6923 br_ccm_get_tag(&ec
, out
);
6924 check_equals("KAT CCM 5", tmp
, plain
, plain_len
);
6925 check_equals("KAT CCM 6", out
, tag
, tag_len
);
6928 * Check that alterations are detected.
6930 for (v
= 0; v
< aad_len
; v
++) {
6931 memcpy(tmp
, cipher
, plain_len
);
6932 br_ccm_reset(&ec
, nonce
, nonce_len
,
6933 aad_len
, plain_len
, tag_len
);
6935 br_ccm_aad_inject(&ec
, aad
, aad_len
);
6938 br_ccm_run(&ec
, 0, tmp
, plain_len
);
6939 check_equals("KAT CCM 7", tmp
, plain
, plain_len
);
6940 if (br_ccm_check_tag(&ec
, tag
)) {
6941 fprintf(stderr
, "Tag should have changed\n");
6946 * When the AAD is really big, we don't want to do
6947 * the complete quadratic operation.
6954 if (aad
!= aad_buf
) {
6969 const br_block_ctrcbc_class
*x_ctrcbc
;
6971 test_CCM_inner("aes_big", &br_aes_big_ctrcbc_vtable
);
6972 test_CCM_inner("aes_small", &br_aes_small_ctrcbc_vtable
);
6973 test_CCM_inner("aes_ct", &br_aes_ct_ctrcbc_vtable
);
6974 test_CCM_inner("aes_ct64", &br_aes_ct64_ctrcbc_vtable
);
6976 x_ctrcbc
= br_aes_x86ni_ctrcbc_get_vtable();
6977 if (x_ctrcbc
!= NULL
) {
6978 test_CCM_inner("aes_x86ni", x_ctrcbc
);
6980 printf("Test CCM aes_x86ni: UNAVAILABLE\n");
6985 test_EC_inner(const char *sk
, const char *sU
,
6986 const br_ec_impl
*impl
, int curve
)
6988 unsigned char bk
[70];
6989 unsigned char eG
[150], eU
[150];
6990 uint32_t n
[22], n0i
;
6991 size_t klen
, ulen
, nlen
;
6992 const br_ec_curve_def
*cd
;
6993 br_hmac_drbg_context rng
;
6996 klen
= hextobin(bk
, sk
);
6997 ulen
= hextobin(eU
, sU
);
6999 case BR_EC_secp256r1
:
7002 case BR_EC_secp384r1
:
7005 case BR_EC_secp521r1
:
7009 fprintf(stderr
, "Unknown curve: %d\n", curve
);
7013 if (ulen
!= cd
->generator_len
) {
7014 fprintf(stderr
, "KAT vector wrong (%lu / %lu)\n",
7015 (unsigned long)ulen
,
7016 (unsigned long)cd
->generator_len
);
7018 memcpy(eG
, cd
->generator
, ulen
);
7019 if (impl
->mul(eG
, ulen
, bk
, klen
, curve
) != 1) {
7020 fprintf(stderr
, "KAT multiplication failed\n");
7023 if (memcmp(eG
, eU
, ulen
) != 0) {
7024 fprintf(stderr
, "KAT mul: mismatch\n");
7029 * Test the two-point-mul function. We want to test the basic
7030 * functionality, and the following special cases:
7032 * x + y = curve order
7034 nlen
= cd
->order_len
;
7035 br_i31_decode(n
, cd
->order
, nlen
);
7036 n0i
= br_i31_ninv31(n
[1]);
7037 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for EC", 11);
7038 for (i
= 0; i
< 10; i
++) {
7039 unsigned char ba
[80], bb
[80], bx
[80], by
[80], bz
[80];
7040 uint32_t a
[22], b
[22], x
[22], y
[22], z
[22], t1
[22], t2
[22];
7042 unsigned char eA
[160], eB
[160], eC
[160], eD
[160];
7045 * Generate random a and b, and compute A = a*G and B = b*G.
7047 br_hmac_drbg_generate(&rng
, ba
, sizeof ba
);
7048 br_i31_decode_reduce(a
, ba
, sizeof ba
, n
);
7049 br_i31_encode(ba
, nlen
, a
);
7050 br_hmac_drbg_generate(&rng
, bb
, sizeof bb
);
7051 br_i31_decode_reduce(b
, bb
, sizeof bb
, n
);
7052 br_i31_encode(bb
, nlen
, b
);
7053 memcpy(eA
, cd
->generator
, ulen
);
7054 impl
->mul(eA
, ulen
, ba
, nlen
, cd
->curve
);
7055 memcpy(eB
, cd
->generator
, ulen
);
7056 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
7059 * Generate random x and y (modulo n).
7061 br_hmac_drbg_generate(&rng
, bx
, sizeof bx
);
7062 br_i31_decode_reduce(x
, bx
, sizeof bx
, n
);
7063 br_i31_encode(bx
, nlen
, x
);
7064 br_hmac_drbg_generate(&rng
, by
, sizeof by
);
7065 br_i31_decode_reduce(y
, by
, sizeof by
, n
);
7066 br_i31_encode(by
, nlen
, y
);
7069 * Compute z = a*x + b*y (mod n).
7071 memcpy(t1
, x
, sizeof x
);
7072 br_i31_to_monty(t1
, n
);
7073 br_i31_montymul(z
, a
, t1
, n
, n0i
);
7074 memcpy(t1
, y
, sizeof y
);
7075 br_i31_to_monty(t1
, n
);
7076 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
7077 r
= br_i31_add(z
, t2
, 1);
7078 r
|= br_i31_sub(z
, n
, 0) ^ 1;
7079 br_i31_sub(z
, n
, r
);
7080 br_i31_encode(bz
, nlen
, z
);
7083 * Compute C = x*A + y*B with muladd(), and also
7084 * D = z*G with mul(). The two points must match.
7086 memcpy(eC
, eA
, ulen
);
7087 if (impl
->muladd(eC
, eB
, ulen
,
7088 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
7090 fprintf(stderr
, "muladd() failed (1)\n");
7093 memcpy(eD
, cd
->generator
, ulen
);
7094 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
7095 fprintf(stderr
, "mul() failed (1)\n");
7098 if (memcmp(eC
, eD
, nlen
) != 0) {
7099 fprintf(stderr
, "mul() / muladd() mismatch\n");
7104 * Also recomputed D = z*G with mulgen(). This must
7107 memset(eD
, 0, ulen
);
7108 if (impl
->mulgen(eD
, bz
, nlen
, cd
->curve
) != ulen
) {
7109 fprintf(stderr
, "mulgen() failed: wrong length\n");
7112 if (memcmp(eC
, eD
, nlen
) != 0) {
7113 fprintf(stderr
, "mulgen() / muladd() mismatch\n");
7118 * Check with x*A = y*B. We do so by setting b = x and y = a.
7120 memcpy(b
, x
, sizeof x
);
7121 br_i31_encode(bb
, nlen
, b
);
7122 memcpy(eB
, cd
->generator
, ulen
);
7123 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
7124 memcpy(y
, a
, sizeof a
);
7125 br_i31_encode(by
, nlen
, y
);
7127 memcpy(t1
, x
, sizeof x
);
7128 br_i31_to_monty(t1
, n
);
7129 br_i31_montymul(z
, a
, t1
, n
, n0i
);
7130 memcpy(t1
, y
, sizeof y
);
7131 br_i31_to_monty(t1
, n
);
7132 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
7133 r
= br_i31_add(z
, t2
, 1);
7134 r
|= br_i31_sub(z
, n
, 0) ^ 1;
7135 br_i31_sub(z
, n
, r
);
7136 br_i31_encode(bz
, nlen
, z
);
7138 memcpy(eC
, eA
, ulen
);
7139 if (impl
->muladd(eC
, eB
, ulen
,
7140 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
7142 fprintf(stderr
, "muladd() failed (2)\n");
7145 memcpy(eD
, cd
->generator
, ulen
);
7146 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
7147 fprintf(stderr
, "mul() failed (2)\n");
7150 if (memcmp(eC
, eD
, nlen
) != 0) {
7152 "mul() / muladd() mismatch (x*A=y*B)\n");
7157 * Check with x*A + y*B = 0. At that point, b = x, so we
7158 * just need to set y = -a (mod n).
7160 memcpy(y
, n
, sizeof n
);
7161 br_i31_sub(y
, a
, 1);
7162 br_i31_encode(by
, nlen
, y
);
7163 memcpy(eC
, eA
, ulen
);
7164 if (impl
->muladd(eC
, eB
, ulen
,
7165 bx
, nlen
, by
, nlen
, cd
->curve
) != 0)
7167 fprintf(stderr
, "muladd() should have failed\n");
7177 test_EC_P256_carry_inner(const br_ec_impl
*impl
, const char *sP
, const char *sQ
)
7179 unsigned char P
[65], Q
[sizeof P
], k
[1];
7182 plen
= hextobin(P
, sP
);
7183 qlen
= hextobin(Q
, sQ
);
7184 if (plen
!= sizeof P
|| qlen
!= sizeof P
) {
7185 fprintf(stderr
, "KAT is incorrect\n");
7189 if (impl
->mul(P
, plen
, k
, 1, BR_EC_secp256r1
) != 1) {
7190 fprintf(stderr
, "P-256 multiplication failed\n");
7193 check_equals("P256_carry", P
, Q
, plen
);
7199 test_EC_P256_carry(const br_ec_impl
*impl
)
7201 test_EC_P256_carry_inner(impl
,
7202 "0435BAA24B2B6E1B3C88E22A383BD88CC4B9A3166E7BCF94FF6591663AE066B33B821EBA1B4FC8EA609A87EB9A9C9A1CCD5C9F42FA1365306F64D7CAA718B8C978",
7203 "0447752A76CA890328D34E675C4971EC629132D1FC4863EDB61219B72C4E58DC5E9D51E7B293488CFD913C3CF20E438BB65C2BA66A7D09EABB45B55E804260C5EB");
7204 test_EC_P256_carry_inner(impl
,
7205 "04DCAE9D9CE211223602024A6933BD42F77B6BF4EAB9C8915F058C149419FADD2CC9FC0707B270A1B5362BA4D249AFC8AC3DA1EFCA8270176EEACA525B49EE19E6",
7206 "048DAC7B0BE9B3206FCE8B24B6B4AEB122F2A67D13E536B390B6585CA193427E63F222388B5F51D744D6F5D47536D89EEEC89552BCB269E7828019C4410DFE980A");
7210 test_EC_KAT(const char *name
, const br_ec_impl
*impl
, uint32_t curve_mask
)
7213 printf("Test %s: ", name
);
7216 if (curve_mask
& ((uint32_t)1 << BR_EC_secp256r1
)) {
7218 "C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721",
7219 "0460FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB67903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299",
7220 impl
, BR_EC_secp256r1
);
7221 test_EC_P256_carry(impl
);
7223 if (curve_mask
& ((uint32_t)1 << BR_EC_secp384r1
)) {
7225 "6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5",
7226 "04EC3A4E415B4E19A4568618029F427FA5DA9A8BC4AE92E02E06AAE5286B300C64DEF8F0EA9055866064A254515480BC138015D9B72D7D57244EA8EF9AC0C621896708A59367F9DFB9F54CA84B3F1C9DB1288B231C3AE0D4FE7344FD2533264720",
7227 impl
, BR_EC_secp384r1
);
7229 if (curve_mask
& ((uint32_t)1 << BR_EC_secp521r1
)) {
7231 "00FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538",
7232 "0401894550D0785932E00EAA23B694F213F8C3121F86DC97A04E5A7167DB4E5BCD371123D46E45DB6B5D5370A7F20FB633155D38FFA16D2BD761DCAC474B9A2F5023A400493101C962CD4D2FDDF782285E64584139C2F91B47F87FF82354D6630F746A28A0DB25741B5B34A828008B22ACC23F924FAAFBD4D33F81EA66956DFEAA2BFDFCF5",
7233 impl
, BR_EC_secp521r1
);
7241 test_EC_prime_i15(void)
7243 test_EC_KAT("EC_prime_i15", &br_ec_prime_i15
,
7244 (uint32_t)1 << BR_EC_secp256r1
7245 | (uint32_t)1 << BR_EC_secp384r1
7246 | (uint32_t)1 << BR_EC_secp521r1
);
7250 test_EC_prime_i31(void)
7252 test_EC_KAT("EC_prime_i31", &br_ec_prime_i31
,
7253 (uint32_t)1 << BR_EC_secp256r1
7254 | (uint32_t)1 << BR_EC_secp384r1
7255 | (uint32_t)1 << BR_EC_secp521r1
);
7259 test_EC_p256_m15(void)
7261 test_EC_KAT("EC_p256_m15", &br_ec_p256_m15
,
7262 (uint32_t)1 << BR_EC_secp256r1
);
7266 test_EC_p256_m31(void)
7268 test_EC_KAT("EC_p256_m31", &br_ec_p256_m31
,
7269 (uint32_t)1 << BR_EC_secp256r1
);
7277 { "A546E36BF0527C9D3B16154B82465EDD62144C0AC1FC5A18506A2244BA449AC4",
7278 "E6DB6867583030DB3594C1A424B15F7C726624EC26B3353B10A903A6D0AB1C4C",
7279 "C3DA55379DE9C6908E94EA4DF28D084F32ECCF03491C71F754B4075577A28552" },
7280 { "4B66E9D4D1B4673C5AD22691957D6AF5C11B6421E0EA01D42CA4169E7918BA0D",
7281 "E5210F12786811D3F4B7959D0538AE2C31DBE7106FC03C3EFC4CD549C715A493",
7282 "95CBDE9476E8907D7AADE45CB4B873F88B595A68799FA152E6F8F7647AAC7957" },
7287 test_EC_c25519(const char *name
, const br_ec_impl
*iec
)
7289 unsigned char bu
[32], bk
[32], br
[32];
7293 printf("Test %s: ", name
);
7295 for (v
= 0; C25519_KAT
[v
].scalar
; v
++) {
7296 hextobin(bk
, C25519_KAT
[v
].scalar
);
7297 hextobin(bu
, C25519_KAT
[v
].u_in
);
7298 hextobin(br
, C25519_KAT
[v
].u_out
);
7299 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
7300 fprintf(stderr
, "Curve25519 multiplication failed\n");
7303 if (memcmp(bu
, br
, sizeof bu
) != 0) {
7304 fprintf(stderr
, "Curve25519 failed KAT\n");
7313 memset(bu
, 0, sizeof bu
);
7315 memcpy(bk
, bu
, sizeof bu
);
7316 for (i
= 1; i
<= 1000; i
++) {
7317 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
7318 fprintf(stderr
, "Curve25519 multiplication failed"
7322 for (v
= 0; v
< sizeof bu
; v
++) {
7329 if (i
== 1 || i
== 1000) {
7333 ? "422C8E7A6227D7BCA1350B3E2BB7279F7897B87BB6854B783C60E80311AE3079"
7334 : "684CF59BA83309552800EF566F2F4D3C1C3887C49360E3875F2EB94D99532C51";
7336 if (memcmp(bk
, br
, sizeof bk
) != 0) {
7338 "Curve25519 failed KAT (iter=%d)\n", i
);
7353 test_EC_c25519_i15(void)
7355 test_EC_c25519("EC_c25519_i15", &br_ec_c25519_i15
);
7359 test_EC_c25519_i31(void)
7361 test_EC_c25519("EC_c25519_i31", &br_ec_c25519_i31
);
7365 test_EC_c25519_m15(void)
7367 test_EC_c25519("EC_c25519_m15", &br_ec_c25519_m15
);
7371 test_EC_c25519_m31(void)
7373 test_EC_c25519("EC_c25519_m31", &br_ec_c25519_m31
);
7376 static const unsigned char EC_P256_PUB_POINT
[] = {
7377 0x04, 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D,
7378 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D,
7379 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA,
7380 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F,
7381 0xB6, 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC,
7382 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC,
7383 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F,
7384 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22,
7388 static const unsigned char EC_P256_PRIV_X
[] = {
7389 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16,
7390 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93,
7391 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12,
7392 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21
7395 static const br_ec_public_key EC_P256_PUB
= {
7397 (unsigned char *)EC_P256_PUB_POINT
, sizeof EC_P256_PUB_POINT
7400 static const br_ec_private_key EC_P256_PRIV
= {
7402 (unsigned char *)EC_P256_PRIV_X
, sizeof EC_P256_PRIV_X
7405 static const unsigned char EC_P384_PUB_POINT
[] = {
7406 0x04, 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19,
7407 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F,
7408 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0,
7409 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C,
7410 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86,
7411 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC,
7412 0x13, 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57,
7413 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21,
7414 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF,
7415 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D,
7416 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4,
7417 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47,
7421 static const unsigned char EC_P384_PRIV_X
[] = {
7422 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C,
7423 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D,
7424 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA,
7425 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8,
7426 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25,
7427 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5
7430 static const br_ec_public_key EC_P384_PUB
= {
7432 (unsigned char *)EC_P384_PUB_POINT
, sizeof EC_P384_PUB_POINT
7435 static const br_ec_private_key EC_P384_PRIV
= {
7437 (unsigned char *)EC_P384_PRIV_X
, sizeof EC_P384_PRIV_X
7440 static const unsigned char EC_P521_PUB_POINT
[] = {
7441 0x04, 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59,
7442 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2,
7443 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97,
7444 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B,
7445 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB,
7446 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6,
7447 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B,
7448 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F,
7449 0x50, 0x23, 0xA4, 0x00, 0x49, 0x31, 0x01, 0xC9,
7450 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28,
7451 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B,
7452 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63,
7453 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74,
7454 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22,
7455 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4,
7456 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE,
7457 0xAA, 0x2B, 0xFD, 0xFC, 0xF5
7460 static const unsigned char EC_P521_PRIV_X
[] = {
7461 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B,
7462 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57,
7463 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F,
7464 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75,
7465 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C,
7466 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC,
7467 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB,
7468 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8,
7472 static const br_ec_public_key EC_P521_PUB
= {
7474 (unsigned char *)EC_P521_PUB_POINT
, sizeof EC_P521_PUB_POINT
7477 static const br_ec_private_key EC_P521_PRIV
= {
7479 (unsigned char *)EC_P521_PRIV_X
, sizeof EC_P521_PRIV_X
7483 const br_ec_public_key
*pub
;
7484 const br_ec_private_key
*priv
;
7485 const br_hash_class
*hf
;
7492 const ecdsa_kat_vector ECDSA_KAT
[] = {
7494 /* Test vectors for P-256, from RFC 6979. */
7498 &br_sha1_vtable
, "sample",
7499 "882905F1227FD620FBF2ABF21244F0BA83D0DC3A9103DBBEE43A1FB858109DB4",
7500 "61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D326D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB",
7501 "3044022061340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D3202206D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
7506 &br_sha224_vtable
, "sample",
7507 "103F90EE9DC52E5E7FB5132B7033C63066D194321491862059967C715985D473",
7508 "53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3FB9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C",
7509 "3045022053B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F022100B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
7514 &br_sha256_vtable
, "sample",
7515 "A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60",
7516 "EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8",
7517 "3046022100EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716022100F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8"
7522 &br_sha384_vtable
, "sample",
7523 "09F634B188CEFD98E7EC88B1AA9852D734D0BC272F7D2A47DECC6EBEB375AAD4",
7524 "0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF77194861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954",
7525 "304402200EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF771902204861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954"
7530 &br_sha512_vtable
, "sample",
7531 "5FA81C63109BADB88C1F367B47DA606DA28CAD69AA22C4FE6AD7DF73A7173AA5",
7532 "8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F002362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE",
7533 "30450221008496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F0002202362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE"
7538 &br_sha1_vtable
, "test",
7539 "8C9520267C55D6B980DF741E56B4ADEE114D84FBFA2E62137954164028632A2E",
7540 "0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A8901B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1",
7541 "304402200CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89022001B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
7546 &br_sha224_vtable
, "test",
7547 "669F4426F2688B8BE0DB3A6BD1989BDAEFFF84B649EEB84F3DD26080F667FAA7",
7548 "C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D",
7549 "3046022100C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692022100C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
7554 &br_sha256_vtable
, "test",
7555 "D16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0",
7556 "F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083",
7557 "3045022100F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D383670220019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083"
7562 &br_sha384_vtable
, "test",
7563 "16AEFFA357260B04B1DD199693960740066C1A8F3E8EDD79070AA914D361B3B8",
7564 "83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB68DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C",
7565 "304602210083910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB60221008DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C"
7570 &br_sha512_vtable
, "test",
7571 "6915D11632ACA3C40D5D51C08DAF9C555933819548784480E93499000D9F0B7F",
7572 "461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A0439AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55",
7573 "30440220461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04022039AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55"
7576 /* Test vectors for P-384, from RFC 6979. */
7580 &br_sha1_vtable
, "sample",
7581 "4471EF7518BB2C7C20F62EAE1C387AD0C5E8E470995DB4ACF694466E6AB096630F29E5938D25106C3C340045A2DB01A7",
7582 "EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443",
7583 "3066023100EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2023100A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
7589 &br_sha224_vtable
, "sample",
7590 "A4E4D2F0E729EB786B31FC20AD5D849E304450E0AE8E3E341134A5C1AFA03CAB8083EE4E3C45B06A5899EA56C51B5879",
7591 "42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601229DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D",
7592 "3065023042356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601220231009DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
7597 &br_sha256_vtable
, "sample",
7598 "180AE9F9AEC5438A44BC159A1FCB277C7BE54FA20E7CF404B490650A8ACC414E375572342863C899F9F2EDF9747A9B60",
7599 "21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CDF3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0",
7600 "3065023021B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD023100F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0"
7605 &br_sha384_vtable
, "sample",
7606 "94ED910D1A099DAD3254E9242AE85ABDE4BA15168EAF0CA87A555FD56D10FBCA2907E3E83BA95368623B8C4686915CF9",
7607 "94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4699EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8",
7608 "306602310094EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4602310099EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8"
7613 &br_sha512_vtable
, "sample",
7614 "92FC3C7183A883E24216D1141F1A8976C5B0DD797DFA597E3D7B32198BD35331A4E966532593A52980D0E3AAA5E10EC3",
7615 "ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5",
7616 "3065023100ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD78824337090230512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5"
7621 &br_sha1_vtable
, "test",
7622 "66CC2C8F4D303FC962E5FF6A27BD79F84EC812DDAE58CF5243B64A4AD8094D47EC3727F3A3C186C15054492E30698497",
7623 "4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282",
7624 "306502304BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7023100D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
7629 &br_sha224_vtable
, "test",
7630 "18FA39DB95AA5F561F30FA3591DC59C0FA3653A80DAFFA0B48D1A4C6DFCBFF6E3D33BE4DC5EB8886A8ECD093F2935726",
7631 "E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E7207041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66",
7632 "3065023100E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72023007041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
7637 &br_sha256_vtable
, "test",
7638 "0CFAC37587532347DC3389FDC98286BBA8C73807285B184C83E62E26C401C0FAA48DD070BA79921A3457ABFF2D630AD7",
7639 "6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265",
7640 "306402306D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B02302D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265"
7645 &br_sha384_vtable
, "test",
7646 "015EE46A5BF88773ED9123A5AB0807962D193719503C527B031B4C2D225092ADA71F4A459BC0DA98ADB95837DB8312EA",
7647 "8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DBDDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5",
7648 "30660231008203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB023100DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5"
7653 &br_sha512_vtable
, "test",
7654 "3780C4F67CB15518B6ACAE34C9F83568D2E12E47DEAB6C50A4E4EE5319D1E8CE0E2CC8A136036DC4B9C00E6888F66B6C",
7655 "A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736",
7656 "3066023100A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277023100976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736"
7659 /* Test vectors for P-521, from RFC 6979. */
7663 &br_sha1_vtable
, "sample",
7664 "0089C071B419E1C2820962321787258469511958E80582E95D8378E0C2CCDB3CB42BEDE42F50E3FA3C71F5A76724281D31D9C89F0F91FC1BE4918DB1C03A5838D0F9",
7665 "00343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D00E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16",
7666 "3081870241343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D024200E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
7671 &br_sha224_vtable
, "sample",
7672 "0121415EC2CD7726330A61F7F3FA5DE14BE9436019C4DB8CB4041F3B54CF31BE0493EE3F427FB906393D895A19C9523F3A1D54BB8702BD4AA9C99DAB2597B92113F3",
7673 "01776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E0050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F",
7674 "308187024201776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E024150CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
7679 &br_sha256_vtable
, "sample",
7680 "00EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0",
7681 "01511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7004A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC",
7682 "308187024201511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A702414A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC"
7687 &br_sha384_vtable
, "sample",
7688 "01546A108BC23A15D6F21872F7DED661FA8431DDBD922D0DCDB77CC878C8553FFAD064C95A920A750AC9137E527390D2D92F153E66196966EA554D9ADFCB109C4211",
7689 "01EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C6745101F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61",
7690 "308188024201EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451024201F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61"
7695 &br_sha512_vtable
, "sample",
7696 "01DAE2EA071F8110DC26882D4D5EAE0621A3256FC8847FB9022E2B7D28E6F10198B1574FDD03A9053C08A1854A168AA5A57470EC97DD5CE090124EF52A2F7ECBFFD3",
7697 "00C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA00617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A",
7698 "308187024200C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA0241617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A"
7703 &br_sha1_vtable
, "test",
7704 "00BB9F2BF4FE1038CCF4DABD7139A56F6FD8BB1386561BD3C6A4FC818B20DF5DDBA80795A947107A1AB9D12DAA615B1ADE4F7A9DC05E8E6311150F47F5C57CE8B222",
7705 "013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D036701E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF",
7706 "3081880242013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367024201E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
7711 &br_sha224_vtable
, "test",
7712 "0040D09FCF3C8A5F62CF4FB223CBBB2B9937F6B0577C27020A99602C25A01136987E452988781484EDBBCF1C47E554E7FC901BC3085E5206D9F619CFF07E73D6F706",
7713 "01C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB0177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4",
7714 "308188024201C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB02420177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
7719 &br_sha256_vtable
, "test",
7720 "001DE74955EFAABC4C4F17F8E84D881D1310B5392D7700275F82F145C61E843841AF09035BF7A6210F5A431A6A9E81C9323354A9E69135D44EBD2FCAA7731B909258",
7721 "000E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA800CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86",
7722 "30818702410E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8024200CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86"
7727 &br_sha384_vtable
, "test",
7728 "01F1FC4A349A7DA9A9E116BFDD055DC08E78252FF8E23AC276AC88B1770AE0B5DCEB1ED14A4916B769A523CE1E90BA22846AF11DF8B300C38818F713DADD85DE0C88",
7729 "014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C0133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979",
7730 "3081880242014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C02420133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979"
7735 &br_sha512_vtable
, "test",
7736 "016200813020EC986863BEDFC1B121F605C1215645018AEA1A7B215A564DE9EB1B38A67AA1128B80CE391C4FB71187654AAA3431027BFC7F395766CA988C964DC56D",
7737 "013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D01FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3",
7738 "3081880242013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D024201FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
7741 /* Terminator for list of test vectors. */
7748 test_ECDSA_KAT(const br_ec_impl
*iec
,
7749 br_ecdsa_sign sign
, br_ecdsa_vrfy vrfy
, int asn1
)
7753 for (u
= 0;; u
++) {
7754 const ecdsa_kat_vector
*kv
;
7755 unsigned char hash
[64];
7757 unsigned char sig
[150], sig2
[150];
7758 size_t sig_len
, sig2_len
;
7759 br_hash_compat_context hc
;
7765 kv
->hf
->init(&hc
.vtable
);
7766 kv
->hf
->update(&hc
.vtable
, kv
->msg
, strlen(kv
->msg
));
7767 kv
->hf
->out(&hc
.vtable
, hash
);
7768 hash_len
= (kv
->hf
->desc
>> BR_HASHDESC_OUT_OFF
)
7769 & BR_HASHDESC_OUT_MASK
;
7771 sig_len
= hextobin(sig
, kv
->sasn1
);
7773 sig_len
= hextobin(sig
, kv
->sraw
);
7776 if (vrfy(iec
, hash
, hash_len
,
7777 kv
->pub
, sig
, sig_len
) != 1)
7779 fprintf(stderr
, "ECDSA KAT verify failed (1)\n");
7783 if (vrfy(iec
, hash
, hash_len
,
7784 kv
->pub
, sig
, sig_len
) != 0)
7786 fprintf(stderr
, "ECDSA KAT verify shoud have failed\n");
7790 if (vrfy(iec
, hash
, hash_len
,
7791 kv
->pub
, sig
, sig_len
) != 1)
7793 fprintf(stderr
, "ECDSA KAT verify failed (2)\n");
7797 sig2_len
= sign(iec
, kv
->hf
, hash
, kv
->priv
, sig2
);
7798 if (sig2_len
== 0) {
7799 fprintf(stderr
, "ECDSA KAT sign failed\n");
7802 if (sig2_len
!= sig_len
|| memcmp(sig
, sig2
, sig_len
) != 0) {
7803 fprintf(stderr
, "ECDSA KAT wrong signature value\n");
7813 test_ECDSA_i31(void)
7815 printf("Test ECDSA/i31: ");
7819 test_ECDSA_KAT(&br_ec_prime_i31
,
7820 &br_ecdsa_i31_sign_raw
, &br_ecdsa_i31_vrfy_raw
, 0);
7823 test_ECDSA_KAT(&br_ec_prime_i31
,
7824 &br_ecdsa_i31_sign_asn1
, &br_ecdsa_i31_vrfy_asn1
, 1);
7830 test_ECDSA_i15(void)
7832 printf("Test ECDSA/i15: ");
7836 test_ECDSA_KAT(&br_ec_prime_i15
,
7837 &br_ecdsa_i15_sign_raw
, &br_ecdsa_i15_vrfy_raw
, 0);
7840 test_ECDSA_KAT(&br_ec_prime_i31
,
7841 &br_ecdsa_i15_sign_asn1
, &br_ecdsa_i15_vrfy_asn1
, 1);
7847 test_modpow_i31(void)
7849 br_hmac_drbg_context hc
;
7852 printf("Test ModPow/i31: ");
7854 br_hmac_drbg_init(&hc
, &br_sha256_vtable
, "seed modpow", 11);
7855 for (k
= 10; k
<= 500; k
++) {
7857 unsigned char bm
[128], bx
[128], bx1
[128], bx2
[128];
7858 unsigned char be
[128];
7860 uint32_t x1
[35], m1
[35];
7861 uint16_t x2
[70], m2
[70];
7862 uint32_t tmp1
[1000];
7863 uint16_t tmp2
[2000];
7865 blen
= (k
+ 7) >> 3;
7866 br_hmac_drbg_generate(&hc
, bm
, blen
);
7867 br_hmac_drbg_generate(&hc
, bx
, blen
);
7868 br_hmac_drbg_generate(&hc
, be
, blen
);
7869 bm
[blen
- 1] |= 0x01;
7870 mask
= 0xFF >> ((int)(blen
<< 3) - k
);
7872 bm
[0] |= (mask
- (mask
>> 1));
7873 bx
[0] &= (mask
>> 1);
7875 br_i31_decode(m1
, bm
, blen
);
7876 br_i31_decode_mod(x1
, bx
, blen
, m1
);
7877 br_i31_modpow_opt(x1
, be
, blen
, m1
, br_i31_ninv31(m1
[1]),
7878 tmp1
, (sizeof tmp1
) / (sizeof tmp1
[0]));
7879 br_i31_encode(bx1
, blen
, x1
);
7881 br_i15_decode(m2
, bm
, blen
);
7882 br_i15_decode_mod(x2
, bx
, blen
, m2
);
7883 br_i15_modpow_opt(x2
, be
, blen
, m2
, br_i15_ninv15(m2
[1]),
7884 tmp2
, (sizeof tmp2
) / (sizeof tmp2
[0]));
7885 br_i15_encode(bx2
, blen
, x2
);
7887 check_equals("ModPow i31/i15", bx1
, bx2
, blen
);
7898 test_modpow_i62(void)
7900 br_hmac_drbg_context hc
;
7903 printf("Test ModPow/i62: ");
7905 br_hmac_drbg_init(&hc
, &br_sha256_vtable
, "seed modpow", 11);
7906 for (k
= 10; k
<= 500; k
++) {
7908 unsigned char bm
[128], bx
[128], bx1
[128], bx2
[128];
7909 unsigned char be
[128];
7911 uint32_t x1
[35], m1
[35];
7912 uint16_t x2
[70], m2
[70];
7914 uint16_t tmp2
[2000];
7916 blen
= (k
+ 7) >> 3;
7917 br_hmac_drbg_generate(&hc
, bm
, blen
);
7918 br_hmac_drbg_generate(&hc
, bx
, blen
);
7919 br_hmac_drbg_generate(&hc
, be
, blen
);
7920 bm
[blen
- 1] |= 0x01;
7921 mask
= 0xFF >> ((int)(blen
<< 3) - k
);
7923 bm
[0] |= (mask
- (mask
>> 1));
7924 bx
[0] &= (mask
>> 1);
7926 br_i31_decode(m1
, bm
, blen
);
7927 br_i31_decode_mod(x1
, bx
, blen
, m1
);
7928 br_i62_modpow_opt(x1
, be
, blen
, m1
, br_i31_ninv31(m1
[1]),
7929 tmp1
, (sizeof tmp1
) / (sizeof tmp1
[0]));
7930 br_i31_encode(bx1
, blen
, x1
);
7932 br_i15_decode(m2
, bm
, blen
);
7933 br_i15_decode_mod(x2
, bx
, blen
, m2
);
7934 br_i15_modpow_opt(x2
, be
, blen
, m2
, br_i15_ninv15(m2
[1]),
7935 tmp2
, (sizeof tmp2
) / (sizeof tmp2
[0]));
7936 br_i15_encode(bx2
, blen
, x2
);
7938 check_equals("ModPow i62/i15", bx1
, bx2
, blen
);
7949 eq_name(const char *s1
, const char *s2
)
7956 if (c1
>= 'A' && c1
<= 'Z') {
7960 case '-': case '_': case '.': case ' ':
7968 if (c2
>= 'A' && c2
<= 'Z') {
7972 case '-': case '_': case '.': case ' ':
7987 #define STU(x) { &test_ ## x, #x }
7989 static const struct {
8011 STU(AES_CTRCBC_big
),
8012 STU(AES_CTRCBC_small
),
8014 STU(AES_CTRCBC_ct64
),
8015 STU(AES_CTRCBC_x86ni
),
8020 STU(Poly1305_ctmul
),
8021 STU(Poly1305_ctmul32
),
8022 STU(Poly1305_ctmulq
),
8052 main(int argc
, char *argv
[])
8057 printf("usage: testcrypto all | name...\n");
8058 printf("individual test names:\n");
8059 for (u
= 0; tfns
[u
].name
; u
++) {
8060 printf(" %s\n", tfns
[u
].name
);
8063 for (u
= 0; tfns
[u
].name
; u
++) {
8066 for (i
= 1; i
< argc
; i
++) {
8067 if (eq_name(argv
[i
], tfns
[u
].name
)
8068 || eq_name(argv
[i
], "all"))