2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32 * Decode an hexadecimal string. Returned value is the number of decoded
36 hextobin(unsigned char *dst
, const char *src
)
47 if (c
>= '0' && c
<= '9') {
49 } else if (c
>= 'A' && c
<= 'F') {
51 } else if (c
>= 'a' && c
<= 'f') {
57 *dst
++ = (acc
<< 4) + c
;
68 check_equals(const char *banner
, const void *v1
, const void *v2
, size_t len
)
71 const unsigned char *b
;
73 if (memcmp(v1
, v2
, len
) == 0) {
76 fprintf(stderr
, "\n%s failed\n", banner
);
77 fprintf(stderr
, "v1: ");
78 for (u
= 0, b
= v1
; u
< len
; u
++) {
79 fprintf(stderr
, "%02X", b
[u
]);
81 fprintf(stderr
, "\nv2: ");
82 for (u
= 0, b
= v2
; u
< len
; u
++) {
83 fprintf(stderr
, "%02X", b
[u
]);
85 fprintf(stderr
, "\n");
89 #define HASH_SIZE(cname) br_ ## cname ## _SIZE
91 #define TEST_HASH(Name, cname) \
93 test_ ## cname ## _internal(char *data, char *refres) \
95 br_ ## cname ## _context mc; \
96 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
99 hextobin(ref, refres); \
101 br_ ## cname ## _init(&mc); \
102 br_ ## cname ## _update(&mc, data, n); \
103 br_ ## cname ## _out(&mc, res); \
104 check_equals("KAT " #Name " 1", res, ref, HASH_SIZE(cname)); \
105 br_ ## cname ## _init(&mc); \
106 for (u = 0; u < n; u ++) { \
107 br_ ## cname ## _update(&mc, data + u, 1); \
109 br_ ## cname ## _out(&mc, res); \
110 check_equals("KAT " #Name " 2", res, ref, HASH_SIZE(cname)); \
111 for (u = 0; u < n; u ++) { \
112 br_ ## cname ## _context mc2; \
113 br_ ## cname ## _init(&mc); \
114 br_ ## cname ## _update(&mc, data, u); \
116 br_ ## cname ## _update(&mc, data + u, n - u); \
117 br_ ## cname ## _out(&mc, res); \
118 check_equals("KAT " #Name " 3", res, ref, HASH_SIZE(cname)); \
119 br_ ## cname ## _update(&mc2, data + u, n - u); \
120 br_ ## cname ## _out(&mc2, res); \
121 check_equals("KAT " #Name " 4", res, ref, HASH_SIZE(cname)); \
123 memset(&mc, 0, sizeof mc); \
124 memset(res, 0, sizeof res); \
125 br_ ## cname ## _vtable.init(&mc.vtable); \
126 mc.vtable->update(&mc.vtable, data, n); \
127 mc.vtable->out(&mc.vtable, res); \
128 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
129 memset(res, 0, sizeof res); \
130 mc.vtable->init(&mc.vtable); \
131 mc.vtable->update(&mc.vtable, data, n); \
132 mc.vtable->out(&mc.vtable, res); \
133 check_equals("KAT " #Name " 6", res, ref, HASH_SIZE(cname)); \
136 #define KAT_MILLION_A(Name, cname, refres) do { \
137 br_ ## cname ## _context mc; \
138 unsigned char buf[1000]; \
139 unsigned char res[HASH_SIZE(cname)], ref[HASH_SIZE(cname)]; \
142 hextobin(ref, refres); \
143 memset(buf, 'a', sizeof buf); \
144 br_ ## cname ## _init(&mc); \
145 for (i = 0; i < 1000; i ++) { \
146 br_ ## cname ## _update(&mc, buf, sizeof buf); \
148 br_ ## cname ## _out(&mc, res); \
149 check_equals("KAT " #Name " 5", res, ref, HASH_SIZE(cname)); \
153 TEST_HASH(SHA
-1, sha1
)
154 TEST_HASH(SHA
-224, sha224
)
155 TEST_HASH(SHA
-256, sha256
)
156 TEST_HASH(SHA
-384, sha384
)
157 TEST_HASH(SHA
-512, sha512
)
162 printf("Test MD5: ");
164 test_md5_internal("", "d41d8cd98f00b204e9800998ecf8427e");
165 test_md5_internal("a", "0cc175b9c0f1b6a831c399e269772661");
166 test_md5_internal("abc", "900150983cd24fb0d6963f7d28e17f72");
167 test_md5_internal("message digest", "f96b697d7cb7938d525a2f31aaf161d0");
168 test_md5_internal("abcdefghijklmnopqrstuvwxyz",
169 "c3fcd3d76192e4007dfb496cca67e13b");
170 test_md5_internal("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstu"
171 "vwxyz0123456789", "d174ab98d277d9f5a5611c2c9f419d9f");
172 test_md5_internal("1234567890123456789012345678901234567890123456789"
173 "0123456789012345678901234567890",
174 "57edf4a22be3c955ac49da2e2107b67a");
175 KAT_MILLION_A(MD5
, md5
,
176 "7707d6ae4e027c70eea2a935c2296f21");
184 printf("Test SHA-1: ");
186 test_sha1_internal("abc", "a9993e364706816aba3e25717850c26c9cd0d89d");
187 test_sha1_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
188 "nomnopnopq", "84983e441c3bd26ebaae4aa1f95129e5e54670f1");
190 KAT_MILLION_A(SHA
-1, sha1
,
191 "34aa973cd4c4daa4f61eeb2bdbad27316534016f");
199 printf("Test SHA-224: ");
201 test_sha224_internal("abc",
202 "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7");
203 test_sha224_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
205 "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525");
207 KAT_MILLION_A(SHA
-224, sha224
,
208 "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67");
216 printf("Test SHA-256: ");
218 test_sha256_internal("abc",
219 "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad");
220 test_sha256_internal("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlm"
222 "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1");
224 KAT_MILLION_A(SHA
-256, sha256
,
225 "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0");
233 printf("Test SHA-384: ");
235 test_sha384_internal("abc",
236 "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded163"
237 "1a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7");
238 test_sha384_internal(
239 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
240 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
241 "09330c33f71147e83d192fc782cd1b4753111b173b3b05d2"
242 "2fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039");
244 KAT_MILLION_A(SHA
-384, sha384
,
245 "9d0e1809716474cb086e834e310a4a1ced149e9c00f24852"
246 "7972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985");
254 printf("Test SHA-512: ");
256 test_sha512_internal("abc",
257 "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a"
258 "2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f");
259 test_sha512_internal(
260 "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
261 "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
262 "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018"
263 "501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909");
265 KAT_MILLION_A(SHA
-512, sha512
,
266 "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973eb"
267 "de0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b");
275 unsigned char buf
[500], out
[36], outM
[16], outS
[20];
276 unsigned char seed
[1];
277 br_hmac_drbg_context rc
;
280 br_md5sha1_context cc
;
283 printf("Test MD5+SHA-1: ");
287 br_hmac_drbg_init(&rc
, &br_sha256_vtable
, seed
, sizeof seed
);
288 for (u
= 0; u
< sizeof buf
; u
++) {
291 br_hmac_drbg_generate(&rc
, buf
, u
);
293 br_md5_update(&mc
, buf
, u
);
294 br_md5_out(&mc
, outM
);
296 br_sha1_update(&sc
, buf
, u
);
297 br_sha1_out(&sc
, outS
);
298 br_md5sha1_init(&cc
);
299 br_md5sha1_update(&cc
, buf
, u
);
300 br_md5sha1_out(&cc
, out
);
301 check_equals("MD5+SHA-1 [1]", out
, outM
, 16);
302 check_equals("MD5+SHA-1 [2]", out
+ 16, outS
, 20);
303 br_md5sha1_init(&cc
);
304 for (v
= 0; v
< u
; v
++) {
305 br_md5sha1_update(&cc
, buf
+ v
, 1);
307 br_md5sha1_out(&cc
, out
);
308 check_equals("MD5+SHA-1 [3]", out
, outM
, 16);
309 check_equals("MD5+SHA-1 [4]", out
+ 16, outS
, 20);
317 * Compute a hash function, on some data, by ID. Returned value is
318 * hash output length.
321 do_hash(int id
, const void *data
, size_t len
, void *out
)
324 br_sha1_context csha1
;
325 br_sha224_context csha224
;
326 br_sha256_context csha256
;
327 br_sha384_context csha384
;
328 br_sha512_context csha512
;
333 br_md5_update(&cmd5
, data
, len
);
334 br_md5_out(&cmd5
, out
);
337 br_sha1_init(&csha1
);
338 br_sha1_update(&csha1
, data
, len
);
339 br_sha1_out(&csha1
, out
);
342 br_sha224_init(&csha224
);
343 br_sha224_update(&csha224
, data
, len
);
344 br_sha224_out(&csha224
, out
);
347 br_sha256_init(&csha256
);
348 br_sha256_update(&csha256
, data
, len
);
349 br_sha256_out(&csha256
, out
);
352 br_sha384_init(&csha384
);
353 br_sha384_update(&csha384
, data
, len
);
354 br_sha384_out(&csha384
, out
);
357 br_sha512_init(&csha512
);
358 br_sha512_update(&csha512
, data
, len
);
359 br_sha512_out(&csha512
, out
);
362 fprintf(stderr
, "Uknown hash function: %d\n", id
);
369 * Tests for a multihash. Returned value should be 258 multiplied by the
370 * number of hash functions implemented by the context.
373 test_multihash_inner(br_multihash_context
*mc
)
376 * Try hashing messages for all lengths from 0 to 257 bytes
377 * (inclusive). Each attempt is done twice, with data input
378 * either in one go, or byte by byte. In the byte by byte
379 * test, intermediate result are obtained and checked.
382 unsigned char buf
[258];
387 for (len
= 0; len
< sizeof buf
; len
++) {
389 unsigned char tmp
[20];
392 br_sha1_update(&sc
, buf
, len
);
393 br_sha1_out(&sc
, tmp
);
396 for (len
= 0; len
<= 257; len
++) {
399 br_multihash_init(mc
);
400 br_multihash_update(mc
, buf
, len
);
401 for (i
= 1; i
<= 6; i
++) {
402 unsigned char tmp
[64], tmp2
[64];
405 olen
= br_multihash_out(mc
, i
, tmp
);
409 olen2
= do_hash(i
, buf
, len
, tmp2
);
412 "Bad hash output length: %u / %u\n",
413 (unsigned)olen
, (unsigned)olen2
);
416 check_equals("Hash output", tmp
, tmp2
, olen
);
420 br_multihash_init(mc
);
421 for (u
= 0; u
< len
; u
++) {
422 br_multihash_update(mc
, buf
+ u
, 1);
423 for (i
= 1; i
<= 6; i
++) {
424 unsigned char tmp
[64], tmp2
[64];
427 olen
= br_multihash_out(mc
, i
, tmp
);
431 olen2
= do_hash(i
, buf
, u
+ 1, tmp2
);
433 fprintf(stderr
, "Bad hash output"
434 " length: %u / %u\n",
439 check_equals("Hash output", tmp
, tmp2
, olen
);
449 br_multihash_context mc
;
451 printf("Test MultiHash: ");
454 br_multihash_zero(&mc
);
455 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
456 if (test_multihash_inner(&mc
) != 258) {
457 fprintf(stderr
, "Failed test count\n");
462 br_multihash_zero(&mc
);
463 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
464 if (test_multihash_inner(&mc
) != 258) {
465 fprintf(stderr
, "Failed test count\n");
470 br_multihash_zero(&mc
);
471 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
472 if (test_multihash_inner(&mc
) != 258) {
473 fprintf(stderr
, "Failed test count\n");
478 br_multihash_zero(&mc
);
479 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
480 if (test_multihash_inner(&mc
) != 258) {
481 fprintf(stderr
, "Failed test count\n");
486 br_multihash_zero(&mc
);
487 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
488 if (test_multihash_inner(&mc
) != 258) {
489 fprintf(stderr
, "Failed test count\n");
494 br_multihash_zero(&mc
);
495 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
496 if (test_multihash_inner(&mc
) != 258) {
497 fprintf(stderr
, "Failed test count\n");
502 br_multihash_zero(&mc
);
503 br_multihash_setimpl(&mc
, br_md5_ID
, &br_md5_vtable
);
504 br_multihash_setimpl(&mc
, br_sha1_ID
, &br_sha1_vtable
);
505 br_multihash_setimpl(&mc
, br_sha224_ID
, &br_sha224_vtable
);
506 br_multihash_setimpl(&mc
, br_sha256_ID
, &br_sha256_vtable
);
507 br_multihash_setimpl(&mc
, br_sha384_ID
, &br_sha384_vtable
);
508 br_multihash_setimpl(&mc
, br_sha512_ID
, &br_sha512_vtable
);
509 if (test_multihash_inner(&mc
) != 258 * 6) {
510 fprintf(stderr
, "Failed test count\n");
520 do_KAT_HMAC_bin_bin(const br_hash_class
*digest_class
,
521 const void *key
, size_t key_len
,
522 const void *data
, size_t data_len
, const char *href
)
524 br_hmac_key_context kc
;
526 unsigned char tmp
[64], ref
[64];
529 len
= hextobin(ref
, href
);
530 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
531 br_hmac_init(&ctx
, &kc
, 0);
532 br_hmac_update(&ctx
, data
, data_len
);
533 br_hmac_out(&ctx
, tmp
);
534 check_equals("KAT HMAC 1", tmp
, ref
, len
);
536 br_hmac_init(&ctx
, &kc
, 0);
537 for (u
= 0; u
< data_len
; u
++) {
538 br_hmac_update(&ctx
, (const unsigned char *)data
+ u
, 1);
540 br_hmac_out(&ctx
, tmp
);
541 check_equals("KAT HMAC 2", tmp
, ref
, len
);
543 for (u
= 0; u
< data_len
; u
++) {
544 br_hmac_init(&ctx
, &kc
, 0);
545 br_hmac_update(&ctx
, data
, u
);
546 br_hmac_out(&ctx
, tmp
);
548 (const unsigned char *)data
+ u
, data_len
- u
);
549 br_hmac_out(&ctx
, tmp
);
550 check_equals("KAT HMAC 3", tmp
, ref
, len
);
555 do_KAT_HMAC_str_str(const br_hash_class
*digest_class
, const char *key
,
556 const char *data
, const char *href
)
558 do_KAT_HMAC_bin_bin(digest_class
, key
, strlen(key
),
559 data
, strlen(data
), href
);
563 do_KAT_HMAC_hex_hex(const br_hash_class
*digest_class
, const char *skey
,
564 const char *sdata
, const char *href
)
566 unsigned char key
[1024];
567 unsigned char data
[1024];
569 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
570 data
, hextobin(data
, sdata
), href
);
574 do_KAT_HMAC_hex_str(const br_hash_class
*digest_class
,
575 const char *skey
, const char *data
, const char *href
)
577 unsigned char key
[1024];
579 do_KAT_HMAC_bin_bin(digest_class
, key
, hextobin(key
, skey
),
580 data
, strlen(data
), href
);
584 test_HMAC_CT(const br_hash_class
*digest_class
,
585 const void *key
, size_t key_len
, const void *data
)
587 br_hmac_key_context kc
;
588 br_hmac_context hc1
, hc2
;
589 unsigned char buf1
[64], buf2
[64];
592 br_hmac_key_init(&kc
, digest_class
, key
, key_len
);
594 for (u
= 0; u
< 2; u
++) {
595 for (v
= 0; v
< 130; v
++) {
596 size_t min_len
, max_len
;
601 for (w
= min_len
; w
<= max_len
; w
++) {
605 br_hmac_init(&hc1
, &kc
, 0);
606 br_hmac_update(&hc1
, data
, u
+ w
);
607 hlen1
= br_hmac_out(&hc1
, buf1
);
608 br_hmac_init(&hc2
, &kc
, 0);
609 br_hmac_update(&hc2
, data
, u
);
610 hlen2
= br_hmac_outCT(&hc2
,
611 (const unsigned char *)data
+ u
, w
,
612 min_len
, max_len
, buf2
);
613 if (hlen1
!= hlen2
) {
614 fprintf(stderr
, "HMAC length mismatch:"
615 " %u / %u\n", (unsigned)hlen1
,
619 sprintf(tmp
, "HMAC CT %u,%u,%u",
620 (unsigned)u
, (unsigned)v
, (unsigned)w
);
621 check_equals(tmp
, buf1
, buf2
, hlen1
);
634 unsigned char data
[1000];
637 const char key
[] = "test HMAC key";
639 printf("Test HMAC: ");
641 do_KAT_HMAC_hex_str(&br_md5_vtable
,
642 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
644 "9294727a3638bb1c13f48ef8158bfc9d");
645 do_KAT_HMAC_str_str(&br_md5_vtable
,
647 "what do ya want for nothing?",
648 "750c783e6ab0b503eaa86e310a5db738");
649 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
650 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
651 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
652 "56be34521d144c88dbb8c733f0e8b3f6");
653 do_KAT_HMAC_hex_hex(&br_md5_vtable
,
654 "0102030405060708090a0b0c0d0e0f10111213141516171819",
655 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
656 "697eaf0aca3a3aea3a75164746ffaa79");
657 do_KAT_HMAC_hex_str(&br_md5_vtable
,
658 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
659 "Test With Truncation",
660 "56461ef2342edc00f9bab995690efd4c");
661 do_KAT_HMAC_hex_str(&br_md5_vtable
,
662 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
663 "Test Using Larger Than Block-Size Key - Hash Key First",
664 "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd");
665 do_KAT_HMAC_hex_str(&br_md5_vtable
,
666 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
667 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
668 "6f630fad67cda0ee1fb1f562db3aa53e");
670 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
671 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
673 "b617318655057264e28bc0b6fb378c8ef146be00");
674 do_KAT_HMAC_str_str(&br_sha1_vtable
,
676 "what do ya want for nothing?",
677 "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79");
678 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
679 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
680 "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
681 "125d7342b9ac11cd91a39af48aa17b4f63f175d3");
682 do_KAT_HMAC_hex_hex(&br_sha1_vtable
,
683 "0102030405060708090a0b0c0d0e0f10111213141516171819",
684 "CDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCD",
685 "4c9007f4026250c6bc8414f9bf50c86c2d7235da");
686 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
687 "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
688 "Test With Truncation",
689 "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04");
690 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
691 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
692 "Test Using Larger Than Block-Size Key - Hash Key First",
693 "aa4ae5e15272d00e95705637ce8a3b55ed402112");
694 do_KAT_HMAC_hex_str(&br_sha1_vtable
,
695 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
696 "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
697 "e8e99d0f45237d786d6bbaa7965c7808bbff1a91");
701 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
702 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
704 "896fb1128abbdf196832107cd49df33f"
705 "47b4b1169912ba4f53684b22");
707 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
708 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
710 "b0344c61d8db38535ca8afceaf0bf12b"
711 "881dc200c9833da726e9376c2e32cff7");
713 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
714 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
716 "afd03944d84895626b0825f4ab46907f"
717 "15f9dadbe4101ec682aa034c7cebc59c"
718 "faea9ea9076ede7f4af152e8b2fa9cb6");
720 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
721 "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
723 "87aa7cdea5ef619d4ff0b4241a1d6cb0"
724 "2379f4e2ce4ec2787ad0b30545e17cde"
725 "daa833b7d6b8a702038b274eaea3f4e4"
726 "be9d914eeb61f1702e696c203a126854");
728 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
730 "7768617420646f2079612077616e7420"
731 "666f72206e6f7468696e673f",
732 "a30e01098bc6dbbf45690f3a7e9e6d0f"
733 "8bbea2a39e6148008fd05e44");
735 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
737 "7768617420646f2079612077616e7420"
738 "666f72206e6f7468696e673f",
739 "5bdcc146bf60754e6a042426089575c7"
740 "5a003f089d2739839dec58b964ec3843");
742 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
744 "7768617420646f2079612077616e7420"
745 "666f72206e6f7468696e673f",
746 "af45d2e376484031617f78d2b58a6b1b"
747 "9c7ef464f5a01b47e42ec3736322445e"
748 "8e2240ca5e69e2c78b3239ecfab21649");
750 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
752 "7768617420646f2079612077616e7420"
753 "666f72206e6f7468696e673f",
754 "164b7a7bfcf819e2e395fbe73b56e0a3"
755 "87bd64222e831fd610270cd7ea250554"
756 "9758bf75c05a994a6d034f65f8f0e6fd"
757 "caeab1a34d4a6b4b636e070a38bce737");
759 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
760 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
762 "dddddddddddddddddddddddddddddddd"
763 "dddddddddddddddddddddddddddddddd"
764 "dddddddddddddddddddddddddddddddd"
766 "7fb3cb3588c6c1f6ffa9694d7d6ad264"
767 "9365b0c1f65d69d1ec8333ea");
769 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
770 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
772 "dddddddddddddddddddddddddddddddd"
773 "dddddddddddddddddddddddddddddddd"
774 "dddddddddddddddddddddddddddddddd"
776 "773ea91e36800e46854db8ebd09181a7"
777 "2959098b3ef8c122d9635514ced565fe");
779 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
780 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
782 "dddddddddddddddddddddddddddddddd"
783 "dddddddddddddddddddddddddddddddd"
784 "dddddddddddddddddddddddddddddddd"
786 "88062608d3e6ad8a0aa2ace014c8a86f"
787 "0aa635d947ac9febe83ef4e55966144b"
788 "2a5ab39dc13814b94e3ab6e101a34f27");
790 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
791 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
793 "dddddddddddddddddddddddddddddddd"
794 "dddddddddddddddddddddddddddddddd"
795 "dddddddddddddddddddddddddddddddd"
797 "fa73b0089d56a284efb0f0756c890be9"
798 "b1b5dbdd8ee81a3655f83e33b2279d39"
799 "bf3e848279a722c806b485a47e67c807"
800 "b946a337bee8942674278859e13292fb");
802 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
803 "0102030405060708090a0b0c0d0e0f10"
804 "111213141516171819",
805 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
806 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
807 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
809 "6c11506874013cac6a2abc1bb382627c"
810 "ec6a90d86efc012de7afec5a");
812 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
813 "0102030405060708090a0b0c0d0e0f10"
814 "111213141516171819",
815 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
816 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
817 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
819 "82558a389a443c0ea4cc819899f2083a"
820 "85f0faa3e578f8077a2e3ff46729665b");
822 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
823 "0102030405060708090a0b0c0d0e0f10"
824 "111213141516171819",
825 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
826 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
827 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
829 "3e8a69b7783c25851933ab6290af6ca7"
830 "7a9981480850009cc5577c6e1f573b4e"
831 "6801dd23c4a7d679ccf8a386c674cffb");
833 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
834 "0102030405060708090a0b0c0d0e0f10"
835 "111213141516171819",
836 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
837 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
838 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd"
840 "b0ba465637458c6990e5a8c5f61d4af7"
841 "e576d97ff94b872de76f8050361ee3db"
842 "a91ca5c11aa25eb4d679275cc5788063"
843 "a5f19741120c4f2de2adebeb10a298dd");
845 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
846 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
847 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
848 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
849 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
850 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
851 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
852 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
853 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
855 "54657374205573696e67204c61726765"
856 "72205468616e20426c6f636b2d53697a"
857 "65204b6579202d2048617368204b6579"
859 "95e9a0db962095adaebe9b2d6f0dbce2"
860 "d499f112f2d2b7273fa6870e");
862 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
863 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
864 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
865 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
866 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
867 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
868 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
869 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
870 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
872 "54657374205573696e67204c61726765"
873 "72205468616e20426c6f636b2d53697a"
874 "65204b6579202d2048617368204b6579"
876 "60e431591ee0b67f0d8a26aacbf5b77f"
877 "8e0bc6213728c5140546040f0ee37f54");
879 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
880 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
881 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
882 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
883 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
884 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
885 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
886 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
887 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
889 "54657374205573696e67204c61726765"
890 "72205468616e20426c6f636b2d53697a"
891 "65204b6579202d2048617368204b6579"
893 "4ece084485813e9088d2c63a041bc5b4"
894 "4f9ef1012a2b588f3cd11f05033ac4c6"
895 "0c2ef6ab4030fe8296248df163f44952");
897 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
898 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
899 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
900 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
901 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
902 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
903 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
904 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
905 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
907 "54657374205573696e67204c61726765"
908 "72205468616e20426c6f636b2d53697a"
909 "65204b6579202d2048617368204b6579"
911 "80b24263c7c1a3ebb71493c1dd7be8b4"
912 "9b46d1f41b4aeec1121b013783f8f352"
913 "6b56d037e05f2598bd0fd2215d6a1e52"
914 "95e64f73f63f0aec8b915a985d786598");
916 do_KAT_HMAC_hex_hex(&br_sha224_vtable
,
917 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
918 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
919 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
920 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
921 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
922 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
923 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
924 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
926 "54686973206973206120746573742075"
927 "73696e672061206c6172676572207468"
928 "616e20626c6f636b2d73697a65206b65"
929 "7920616e642061206c61726765722074"
930 "68616e20626c6f636b2d73697a652064"
931 "6174612e20546865206b6579206e6565"
932 "647320746f2062652068617368656420"
933 "6265666f7265206265696e6720757365"
934 "642062792074686520484d414320616c"
936 "3a854166ac5d9f023f54d517d0b39dbd"
937 "946770db9c2b95c9f6f565d1");
939 do_KAT_HMAC_hex_hex(&br_sha256_vtable
,
940 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
941 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
942 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
943 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
944 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
945 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
946 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
947 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
949 "54686973206973206120746573742075"
950 "73696e672061206c6172676572207468"
951 "616e20626c6f636b2d73697a65206b65"
952 "7920616e642061206c61726765722074"
953 "68616e20626c6f636b2d73697a652064"
954 "6174612e20546865206b6579206e6565"
955 "647320746f2062652068617368656420"
956 "6265666f7265206265696e6720757365"
957 "642062792074686520484d414320616c"
959 "9b09ffa71b942fcb27635fbcd5b0e944"
960 "bfdc63644f0713938a7f51535c3a35e2");
962 do_KAT_HMAC_hex_hex(&br_sha384_vtable
,
963 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
964 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
965 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
966 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
967 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
968 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
969 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
970 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
972 "54686973206973206120746573742075"
973 "73696e672061206c6172676572207468"
974 "616e20626c6f636b2d73697a65206b65"
975 "7920616e642061206c61726765722074"
976 "68616e20626c6f636b2d73697a652064"
977 "6174612e20546865206b6579206e6565"
978 "647320746f2062652068617368656420"
979 "6265666f7265206265696e6720757365"
980 "642062792074686520484d414320616c"
982 "6617178e941f020d351e2f254e8fd32c"
983 "602420feb0b8fb9adccebb82461e99c5"
984 "a678cc31e799176d3860e6110c46523e");
986 do_KAT_HMAC_hex_hex(&br_sha512_vtable
,
987 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
988 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
989 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
990 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
991 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
992 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
993 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
994 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
996 "54686973206973206120746573742075"
997 "73696e672061206c6172676572207468"
998 "616e20626c6f636b2d73697a65206b65"
999 "7920616e642061206c61726765722074"
1000 "68616e20626c6f636b2d73697a652064"
1001 "6174612e20546865206b6579206e6565"
1002 "647320746f2062652068617368656420"
1003 "6265666f7265206265696e6720757365"
1004 "642062792074686520484d414320616c"
1006 "e37b6a775dc87dbaa4dfa9f96e5e3ffd"
1007 "debd71f8867289865df5a32d20cdc944"
1008 "b6022cac3c4982b10d5eeb55c3e4de15"
1009 "134676fb6de0446065c97440fa8c6a58");
1011 for (x
= 1, u
= 0; u
< sizeof data
; u
++) {
1016 test_HMAC_CT(&br_md5_vtable
, key
, sizeof key
, data
);
1018 test_HMAC_CT(&br_sha1_vtable
, key
, sizeof key
, data
);
1019 printf("(SHA-224) ");
1020 test_HMAC_CT(&br_sha224_vtable
, key
, sizeof key
, data
);
1021 printf("(SHA-256) ");
1022 test_HMAC_CT(&br_sha256_vtable
, key
, sizeof key
, data
);
1023 printf("(SHA-384) ");
1024 test_HMAC_CT(&br_sha384_vtable
, key
, sizeof key
, data
);
1025 printf("(SHA-512) ");
1026 test_HMAC_CT(&br_sha512_vtable
, key
, sizeof key
, data
);
1033 test_HMAC_DRBG(void)
1035 br_hmac_drbg_context ctx
;
1036 unsigned char seed
[42], tmp
[30];
1037 unsigned char ref1
[30], ref2
[30], ref3
[30];
1040 printf("Test HMAC_DRBG: ");
1043 seed_len
= hextobin(seed
,
1044 "009A4D6792295A7F730FC3F2B49CBC0F62E862272F"
1045 "01795EDF0D54DB760F156D0DAC04C0322B3A204224");
1047 "9305A46DE7FF8EB107194DEBD3FD48AA"
1048 "20D5E7656CBE0EA69D2A8D4E7C67");
1050 "C70C78608A3B5BE9289BE90EF6E81A9E"
1051 "2C1516D5751D2F75F50033E45F73");
1053 "475E80E992140567FCC3A50DAB90FE84"
1054 "BCD7BB03638E9C4656A06F37F650");
1055 br_hmac_drbg_init(&ctx
, &br_sha256_vtable
, seed
, seed_len
);
1056 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1057 check_equals("KAT HMAC_DRBG 1", tmp
, ref1
, sizeof tmp
);
1058 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1059 check_equals("KAT HMAC_DRBG 2", tmp
, ref2
, sizeof tmp
);
1060 br_hmac_drbg_generate(&ctx
, tmp
, sizeof tmp
);
1061 check_equals("KAT HMAC_DRBG 3", tmp
, ref3
, sizeof tmp
);
1063 memset(&ctx
, 0, sizeof ctx
);
1064 br_hmac_drbg_vtable
.init(&ctx
.vtable
,
1065 &br_sha256_vtable
, seed
, seed_len
);
1066 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1067 check_equals("KAT HMAC_DRBG 4", tmp
, ref1
, sizeof tmp
);
1068 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1069 check_equals("KAT HMAC_DRBG 5", tmp
, ref2
, sizeof tmp
);
1070 ctx
.vtable
->generate(&ctx
.vtable
, tmp
, sizeof tmp
);
1071 check_equals("KAT HMAC_DRBG 6", tmp
, ref3
, sizeof tmp
);
1079 void (*prf
)(void *dst
, size_t len
,
1080 const void *secret
, size_t secret_len
,
1081 const char *label
, const void *seed
, size_t seed_len
),
1082 const char *ssecret
, const char *label
, const char *sseed
,
1085 unsigned char secret
[100], seed
[100], ref
[500], out
[500];
1086 size_t secret_len
, seed_len
, ref_len
;
1088 secret_len
= hextobin(secret
, ssecret
);
1089 seed_len
= hextobin(seed
, sseed
);
1090 ref_len
= hextobin(ref
, sref
);
1091 prf(out
, ref_len
, secret
, secret_len
, label
, seed
, seed_len
);
1092 check_equals("TLS PRF KAT", out
, ref
, ref_len
);
1098 printf("Test TLS PRF: ");
1102 * Test vector taken from an email that was on:
1103 * http://www.imc.org/ietf-tls/mail-archive/msg01589.html
1104 * but no longer exists there; a version archived in 2008
1105 * can be found on http://www.archive.org/
1107 do_KAT_PRF(&br_tls10_prf
,
1108 "abababababababababababababababababababababababababababababababababababababababababababababababab",
1110 "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
1111 "d3d4d1e349b5d515044666d51de32bab258cb521b6b053463e354832fd976754443bcf9a296519bc289abcbc1187e4ebd31e602353776c408aafb74cbc85eff69255f9788faa184cbb957a9819d84a5d7eb006eb459d3ae8de9810454b8b2d8f1afbc655a8c9a013");
1114 * Test vectors are taken from:
1115 * https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
1117 do_KAT_PRF(&br_tls12_sha256_prf
,
1118 "9bbe436ba940f017b17652849a71db35",
1120 "a0ba9f936cda311827a6f796ffd5198c",
1121 "e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66");
1122 do_KAT_PRF(&br_tls12_sha384_prf
,
1123 "b80b733d6ceefcdc71566ea48e5567df",
1125 "cd665cf6a8447dd6ff8b27555edb7465",
1126 "7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f");
1133 * AES known-answer tests. Order: key, plaintext, ciphertext.
1135 static const char *const KAT_AES
[] = {
1139 "000102030405060708090a0b0c0d0e0f",
1140 "00112233445566778899aabbccddeeff",
1141 "69c4e0d86a7b0430d8cdb78070b4c55a",
1143 "000102030405060708090a0b0c0d0e0f1011121314151617",
1144 "00112233445566778899aabbccddeeff",
1145 "dda97ca4864cdfe06eaf70a0ec0d7191",
1147 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
1148 "00112233445566778899aabbccddeeff",
1149 "8ea2b7ca516745bfeafc49904b496089",
1152 * From NIST validation suite (ECBVarTxt128.rsp).
1154 "00000000000000000000000000000000",
1155 "80000000000000000000000000000000",
1156 "3ad78e726c1ec02b7ebfe92b23d9ec34",
1158 "00000000000000000000000000000000",
1159 "c0000000000000000000000000000000",
1160 "aae5939c8efdf2f04e60b9fe7117b2c2",
1162 "00000000000000000000000000000000",
1163 "e0000000000000000000000000000000",
1164 "f031d4d74f5dcbf39daaf8ca3af6e527",
1166 "00000000000000000000000000000000",
1167 "f0000000000000000000000000000000",
1168 "96d9fd5cc4f07441727df0f33e401a36",
1170 "00000000000000000000000000000000",
1171 "f8000000000000000000000000000000",
1172 "30ccdb044646d7e1f3ccea3dca08b8c0",
1174 "00000000000000000000000000000000",
1175 "fc000000000000000000000000000000",
1176 "16ae4ce5042a67ee8e177b7c587ecc82",
1178 "00000000000000000000000000000000",
1179 "fe000000000000000000000000000000",
1180 "b6da0bb11a23855d9c5cb1b4c6412e0a",
1182 "00000000000000000000000000000000",
1183 "ff000000000000000000000000000000",
1184 "db4f1aa530967d6732ce4715eb0ee24b",
1186 "00000000000000000000000000000000",
1187 "ff800000000000000000000000000000",
1188 "a81738252621dd180a34f3455b4baa2f",
1190 "00000000000000000000000000000000",
1191 "ffc00000000000000000000000000000",
1192 "77e2b508db7fd89234caf7939ee5621a",
1194 "00000000000000000000000000000000",
1195 "ffe00000000000000000000000000000",
1196 "b8499c251f8442ee13f0933b688fcd19",
1198 "00000000000000000000000000000000",
1199 "fff00000000000000000000000000000",
1200 "965135f8a81f25c9d630b17502f68e53",
1202 "00000000000000000000000000000000",
1203 "fff80000000000000000000000000000",
1204 "8b87145a01ad1c6cede995ea3670454f",
1206 "00000000000000000000000000000000",
1207 "fffc0000000000000000000000000000",
1208 "8eae3b10a0c8ca6d1d3b0fa61e56b0b2",
1210 "00000000000000000000000000000000",
1211 "fffe0000000000000000000000000000",
1212 "64b4d629810fda6bafdf08f3b0d8d2c5",
1214 "00000000000000000000000000000000",
1215 "ffff0000000000000000000000000000",
1216 "d7e5dbd3324595f8fdc7d7c571da6c2a",
1218 "00000000000000000000000000000000",
1219 "ffff8000000000000000000000000000",
1220 "f3f72375264e167fca9de2c1527d9606",
1222 "00000000000000000000000000000000",
1223 "ffffc000000000000000000000000000",
1224 "8ee79dd4f401ff9b7ea945d86666c13b",
1226 "00000000000000000000000000000000",
1227 "ffffe000000000000000000000000000",
1228 "dd35cea2799940b40db3f819cb94c08b",
1230 "00000000000000000000000000000000",
1231 "fffff000000000000000000000000000",
1232 "6941cb6b3e08c2b7afa581ebdd607b87",
1234 "00000000000000000000000000000000",
1235 "fffff800000000000000000000000000",
1236 "2c20f439f6bb097b29b8bd6d99aad799",
1238 "00000000000000000000000000000000",
1239 "fffffc00000000000000000000000000",
1240 "625d01f058e565f77ae86378bd2c49b3",
1242 "00000000000000000000000000000000",
1243 "fffffe00000000000000000000000000",
1244 "c0b5fd98190ef45fbb4301438d095950",
1246 "00000000000000000000000000000000",
1247 "ffffff00000000000000000000000000",
1248 "13001ff5d99806efd25da34f56be854b",
1250 "00000000000000000000000000000000",
1251 "ffffff80000000000000000000000000",
1252 "3b594c60f5c8277a5113677f94208d82",
1254 "00000000000000000000000000000000",
1255 "ffffffc0000000000000000000000000",
1256 "e9c0fc1818e4aa46bd2e39d638f89e05",
1258 "00000000000000000000000000000000",
1259 "ffffffe0000000000000000000000000",
1260 "f8023ee9c3fdc45a019b4e985c7e1a54",
1262 "00000000000000000000000000000000",
1263 "fffffff0000000000000000000000000",
1264 "35f40182ab4662f3023baec1ee796b57",
1266 "00000000000000000000000000000000",
1267 "fffffff8000000000000000000000000",
1268 "3aebbad7303649b4194a6945c6cc3694",
1270 "00000000000000000000000000000000",
1271 "fffffffc000000000000000000000000",
1272 "a2124bea53ec2834279bed7f7eb0f938",
1274 "00000000000000000000000000000000",
1275 "fffffffe000000000000000000000000",
1276 "b9fb4399fa4facc7309e14ec98360b0a",
1278 "00000000000000000000000000000000",
1279 "ffffffff000000000000000000000000",
1280 "c26277437420c5d634f715aea81a9132",
1282 "00000000000000000000000000000000",
1283 "ffffffff800000000000000000000000",
1284 "171a0e1b2dd424f0e089af2c4c10f32f",
1286 "00000000000000000000000000000000",
1287 "ffffffffc00000000000000000000000",
1288 "7cadbe402d1b208fe735edce00aee7ce",
1290 "00000000000000000000000000000000",
1291 "ffffffffe00000000000000000000000",
1292 "43b02ff929a1485af6f5c6d6558baa0f",
1294 "00000000000000000000000000000000",
1295 "fffffffff00000000000000000000000",
1296 "092faacc9bf43508bf8fa8613ca75dea",
1298 "00000000000000000000000000000000",
1299 "fffffffff80000000000000000000000",
1300 "cb2bf8280f3f9742c7ed513fe802629c",
1302 "00000000000000000000000000000000",
1303 "fffffffffc0000000000000000000000",
1304 "215a41ee442fa992a6e323986ded3f68",
1306 "00000000000000000000000000000000",
1307 "fffffffffe0000000000000000000000",
1308 "f21e99cf4f0f77cea836e11a2fe75fb1",
1310 "00000000000000000000000000000000",
1311 "ffffffffff0000000000000000000000",
1312 "95e3a0ca9079e646331df8b4e70d2cd6",
1314 "00000000000000000000000000000000",
1315 "ffffffffff8000000000000000000000",
1316 "4afe7f120ce7613f74fc12a01a828073",
1318 "00000000000000000000000000000000",
1319 "ffffffffffc000000000000000000000",
1320 "827f000e75e2c8b9d479beed913fe678",
1322 "00000000000000000000000000000000",
1323 "ffffffffffe000000000000000000000",
1324 "35830c8e7aaefe2d30310ef381cbf691",
1326 "00000000000000000000000000000000",
1327 "fffffffffff000000000000000000000",
1328 "191aa0f2c8570144f38657ea4085ebe5",
1330 "00000000000000000000000000000000",
1331 "fffffffffff800000000000000000000",
1332 "85062c2c909f15d9269b6c18ce99c4f0",
1334 "00000000000000000000000000000000",
1335 "fffffffffffc00000000000000000000",
1336 "678034dc9e41b5a560ed239eeab1bc78",
1338 "00000000000000000000000000000000",
1339 "fffffffffffe00000000000000000000",
1340 "c2f93a4ce5ab6d5d56f1b93cf19911c1",
1342 "00000000000000000000000000000000",
1343 "ffffffffffff00000000000000000000",
1344 "1c3112bcb0c1dcc749d799743691bf82",
1346 "00000000000000000000000000000000",
1347 "ffffffffffff80000000000000000000",
1348 "00c55bd75c7f9c881989d3ec1911c0d4",
1350 "00000000000000000000000000000000",
1351 "ffffffffffffc0000000000000000000",
1352 "ea2e6b5ef182b7dff3629abd6a12045f",
1354 "00000000000000000000000000000000",
1355 "ffffffffffffe0000000000000000000",
1356 "22322327e01780b17397f24087f8cc6f",
1358 "00000000000000000000000000000000",
1359 "fffffffffffff0000000000000000000",
1360 "c9cacb5cd11692c373b2411768149ee7",
1362 "00000000000000000000000000000000",
1363 "fffffffffffff8000000000000000000",
1364 "a18e3dbbca577860dab6b80da3139256",
1366 "00000000000000000000000000000000",
1367 "fffffffffffffc000000000000000000",
1368 "79b61c37bf328ecca8d743265a3d425c",
1370 "00000000000000000000000000000000",
1371 "fffffffffffffe000000000000000000",
1372 "d2d99c6bcc1f06fda8e27e8ae3f1ccc7",
1374 "00000000000000000000000000000000",
1375 "ffffffffffffff000000000000000000",
1376 "1bfd4b91c701fd6b61b7f997829d663b",
1378 "00000000000000000000000000000000",
1379 "ffffffffffffff800000000000000000",
1380 "11005d52f25f16bdc9545a876a63490a",
1382 "00000000000000000000000000000000",
1383 "ffffffffffffffc00000000000000000",
1384 "3a4d354f02bb5a5e47d39666867f246a",
1386 "00000000000000000000000000000000",
1387 "ffffffffffffffe00000000000000000",
1388 "d451b8d6e1e1a0ebb155fbbf6e7b7dc3",
1390 "00000000000000000000000000000000",
1391 "fffffffffffffff00000000000000000",
1392 "6898d4f42fa7ba6a10ac05e87b9f2080",
1394 "00000000000000000000000000000000",
1395 "fffffffffffffff80000000000000000",
1396 "b611295e739ca7d9b50f8e4c0e754a3f",
1398 "00000000000000000000000000000000",
1399 "fffffffffffffffc0000000000000000",
1400 "7d33fc7d8abe3ca1936759f8f5deaf20",
1402 "00000000000000000000000000000000",
1403 "fffffffffffffffe0000000000000000",
1404 "3b5e0f566dc96c298f0c12637539b25c",
1406 "00000000000000000000000000000000",
1407 "ffffffffffffffff0000000000000000",
1408 "f807c3e7985fe0f5a50e2cdb25c5109e",
1410 "00000000000000000000000000000000",
1411 "ffffffffffffffff8000000000000000",
1412 "41f992a856fb278b389a62f5d274d7e9",
1414 "00000000000000000000000000000000",
1415 "ffffffffffffffffc000000000000000",
1416 "10d3ed7a6fe15ab4d91acbc7d0767ab1",
1418 "00000000000000000000000000000000",
1419 "ffffffffffffffffe000000000000000",
1420 "21feecd45b2e675973ac33bf0c5424fc",
1422 "00000000000000000000000000000000",
1423 "fffffffffffffffff000000000000000",
1424 "1480cb3955ba62d09eea668f7c708817",
1426 "00000000000000000000000000000000",
1427 "fffffffffffffffff800000000000000",
1428 "66404033d6b72b609354d5496e7eb511",
1430 "00000000000000000000000000000000",
1431 "fffffffffffffffffc00000000000000",
1432 "1c317a220a7d700da2b1e075b00266e1",
1434 "00000000000000000000000000000000",
1435 "fffffffffffffffffe00000000000000",
1436 "ab3b89542233f1271bf8fd0c0f403545",
1438 "00000000000000000000000000000000",
1439 "ffffffffffffffffff00000000000000",
1440 "d93eae966fac46dca927d6b114fa3f9e",
1442 "00000000000000000000000000000000",
1443 "ffffffffffffffffff80000000000000",
1444 "1bdec521316503d9d5ee65df3ea94ddf",
1446 "00000000000000000000000000000000",
1447 "ffffffffffffffffffc0000000000000",
1448 "eef456431dea8b4acf83bdae3717f75f",
1450 "00000000000000000000000000000000",
1451 "ffffffffffffffffffe0000000000000",
1452 "06f2519a2fafaa596bfef5cfa15c21b9",
1454 "00000000000000000000000000000000",
1455 "fffffffffffffffffff0000000000000",
1456 "251a7eac7e2fe809e4aa8d0d7012531a",
1458 "00000000000000000000000000000000",
1459 "fffffffffffffffffff8000000000000",
1460 "3bffc16e4c49b268a20f8d96a60b4058",
1462 "00000000000000000000000000000000",
1463 "fffffffffffffffffffc000000000000",
1464 "e886f9281999c5bb3b3e8862e2f7c988",
1466 "00000000000000000000000000000000",
1467 "fffffffffffffffffffe000000000000",
1468 "563bf90d61beef39f48dd625fcef1361",
1470 "00000000000000000000000000000000",
1471 "ffffffffffffffffffff000000000000",
1472 "4d37c850644563c69fd0acd9a049325b",
1474 "00000000000000000000000000000000",
1475 "ffffffffffffffffffff800000000000",
1476 "b87c921b91829ef3b13ca541ee1130a6",
1478 "00000000000000000000000000000000",
1479 "ffffffffffffffffffffc00000000000",
1480 "2e65eb6b6ea383e109accce8326b0393",
1482 "00000000000000000000000000000000",
1483 "ffffffffffffffffffffe00000000000",
1484 "9ca547f7439edc3e255c0f4d49aa8990",
1486 "00000000000000000000000000000000",
1487 "fffffffffffffffffffff00000000000",
1488 "a5e652614c9300f37816b1f9fd0c87f9",
1490 "00000000000000000000000000000000",
1491 "fffffffffffffffffffff80000000000",
1492 "14954f0b4697776f44494fe458d814ed",
1494 "00000000000000000000000000000000",
1495 "fffffffffffffffffffffc0000000000",
1496 "7c8d9ab6c2761723fe42f8bb506cbcf7",
1498 "00000000000000000000000000000000",
1499 "fffffffffffffffffffffe0000000000",
1500 "db7e1932679fdd99742aab04aa0d5a80",
1502 "00000000000000000000000000000000",
1503 "ffffffffffffffffffffff0000000000",
1504 "4c6a1c83e568cd10f27c2d73ded19c28",
1506 "00000000000000000000000000000000",
1507 "ffffffffffffffffffffff8000000000",
1508 "90ecbe6177e674c98de412413f7ac915",
1510 "00000000000000000000000000000000",
1511 "ffffffffffffffffffffffc000000000",
1512 "90684a2ac55fe1ec2b8ebd5622520b73",
1514 "00000000000000000000000000000000",
1515 "ffffffffffffffffffffffe000000000",
1516 "7472f9a7988607ca79707795991035e6",
1518 "00000000000000000000000000000000",
1519 "fffffffffffffffffffffff000000000",
1520 "56aff089878bf3352f8df172a3ae47d8",
1522 "00000000000000000000000000000000",
1523 "fffffffffffffffffffffff800000000",
1524 "65c0526cbe40161b8019a2a3171abd23",
1526 "00000000000000000000000000000000",
1527 "fffffffffffffffffffffffc00000000",
1528 "377be0be33b4e3e310b4aabda173f84f",
1530 "00000000000000000000000000000000",
1531 "fffffffffffffffffffffffe00000000",
1532 "9402e9aa6f69de6504da8d20c4fcaa2f",
1534 "00000000000000000000000000000000",
1535 "ffffffffffffffffffffffff00000000",
1536 "123c1f4af313ad8c2ce648b2e71fb6e1",
1538 "00000000000000000000000000000000",
1539 "ffffffffffffffffffffffff80000000",
1540 "1ffc626d30203dcdb0019fb80f726cf4",
1542 "00000000000000000000000000000000",
1543 "ffffffffffffffffffffffffc0000000",
1544 "76da1fbe3a50728c50fd2e621b5ad885",
1546 "00000000000000000000000000000000",
1547 "ffffffffffffffffffffffffe0000000",
1548 "082eb8be35f442fb52668e16a591d1d6",
1550 "00000000000000000000000000000000",
1551 "fffffffffffffffffffffffff0000000",
1552 "e656f9ecf5fe27ec3e4a73d00c282fb3",
1554 "00000000000000000000000000000000",
1555 "fffffffffffffffffffffffff8000000",
1556 "2ca8209d63274cd9a29bb74bcd77683a",
1558 "00000000000000000000000000000000",
1559 "fffffffffffffffffffffffffc000000",
1560 "79bf5dce14bb7dd73a8e3611de7ce026",
1562 "00000000000000000000000000000000",
1563 "fffffffffffffffffffffffffe000000",
1564 "3c849939a5d29399f344c4a0eca8a576",
1566 "00000000000000000000000000000000",
1567 "ffffffffffffffffffffffffff000000",
1568 "ed3c0a94d59bece98835da7aa4f07ca2",
1570 "00000000000000000000000000000000",
1571 "ffffffffffffffffffffffffff800000",
1572 "63919ed4ce10196438b6ad09d99cd795",
1574 "00000000000000000000000000000000",
1575 "ffffffffffffffffffffffffffc00000",
1576 "7678f3a833f19fea95f3c6029e2bc610",
1578 "00000000000000000000000000000000",
1579 "ffffffffffffffffffffffffffe00000",
1580 "3aa426831067d36b92be7c5f81c13c56",
1582 "00000000000000000000000000000000",
1583 "fffffffffffffffffffffffffff00000",
1584 "9272e2d2cdd11050998c845077a30ea0",
1586 "00000000000000000000000000000000",
1587 "fffffffffffffffffffffffffff80000",
1588 "088c4b53f5ec0ff814c19adae7f6246c",
1590 "00000000000000000000000000000000",
1591 "fffffffffffffffffffffffffffc0000",
1592 "4010a5e401fdf0a0354ddbcc0d012b17",
1594 "00000000000000000000000000000000",
1595 "fffffffffffffffffffffffffffe0000",
1596 "a87a385736c0a6189bd6589bd8445a93",
1598 "00000000000000000000000000000000",
1599 "ffffffffffffffffffffffffffff0000",
1600 "545f2b83d9616dccf60fa9830e9cd287",
1602 "00000000000000000000000000000000",
1603 "ffffffffffffffffffffffffffff8000",
1604 "4b706f7f92406352394037a6d4f4688d",
1606 "00000000000000000000000000000000",
1607 "ffffffffffffffffffffffffffffc000",
1608 "b7972b3941c44b90afa7b264bfba7387",
1610 "00000000000000000000000000000000",
1611 "ffffffffffffffffffffffffffffe000",
1612 "6f45732cf10881546f0fd23896d2bb60",
1614 "00000000000000000000000000000000",
1615 "fffffffffffffffffffffffffffff000",
1616 "2e3579ca15af27f64b3c955a5bfc30ba",
1618 "00000000000000000000000000000000",
1619 "fffffffffffffffffffffffffffff800",
1620 "34a2c5a91ae2aec99b7d1b5fa6780447",
1622 "00000000000000000000000000000000",
1623 "fffffffffffffffffffffffffffffc00",
1624 "a4d6616bd04f87335b0e53351227a9ee",
1626 "00000000000000000000000000000000",
1627 "fffffffffffffffffffffffffffffe00",
1628 "7f692b03945867d16179a8cefc83ea3f",
1630 "00000000000000000000000000000000",
1631 "ffffffffffffffffffffffffffffff00",
1632 "3bd141ee84a0e6414a26e7a4f281f8a2",
1634 "00000000000000000000000000000000",
1635 "ffffffffffffffffffffffffffffff80",
1636 "d1788f572d98b2b16ec5d5f3922b99bc",
1638 "00000000000000000000000000000000",
1639 "ffffffffffffffffffffffffffffffc0",
1640 "0833ff6f61d98a57b288e8c3586b85a6",
1642 "00000000000000000000000000000000",
1643 "ffffffffffffffffffffffffffffffe0",
1644 "8568261797de176bf0b43becc6285afb",
1646 "00000000000000000000000000000000",
1647 "fffffffffffffffffffffffffffffff0",
1648 "f9b0fda0c4a898f5b9e6f661c4ce4d07",
1650 "00000000000000000000000000000000",
1651 "fffffffffffffffffffffffffffffff8",
1652 "8ade895913685c67c5269f8aae42983e",
1654 "00000000000000000000000000000000",
1655 "fffffffffffffffffffffffffffffffc",
1656 "39bde67d5c8ed8a8b1c37eb8fa9f5ac0",
1658 "00000000000000000000000000000000",
1659 "fffffffffffffffffffffffffffffffe",
1660 "5c005e72c1418c44f569f2ea33ba54f3",
1662 "00000000000000000000000000000000",
1663 "ffffffffffffffffffffffffffffffff",
1664 "3f5b8cc9ea855a0afa7347d23e8d664e",
1667 * From NIST validation suite (ECBVarTxt192.rsp).
1669 "000000000000000000000000000000000000000000000000",
1670 "80000000000000000000000000000000",
1671 "6cd02513e8d4dc986b4afe087a60bd0c",
1673 "000000000000000000000000000000000000000000000000",
1674 "c0000000000000000000000000000000",
1675 "2ce1f8b7e30627c1c4519eada44bc436",
1677 "000000000000000000000000000000000000000000000000",
1678 "e0000000000000000000000000000000",
1679 "9946b5f87af446f5796c1fee63a2da24",
1681 "000000000000000000000000000000000000000000000000",
1682 "f0000000000000000000000000000000",
1683 "2a560364ce529efc21788779568d5555",
1685 "000000000000000000000000000000000000000000000000",
1686 "f8000000000000000000000000000000",
1687 "35c1471837af446153bce55d5ba72a0a",
1689 "000000000000000000000000000000000000000000000000",
1690 "fc000000000000000000000000000000",
1691 "ce60bc52386234f158f84341e534cd9e",
1693 "000000000000000000000000000000000000000000000000",
1694 "fe000000000000000000000000000000",
1695 "8c7c27ff32bcf8dc2dc57c90c2903961",
1697 "000000000000000000000000000000000000000000000000",
1698 "ff000000000000000000000000000000",
1699 "32bb6a7ec84499e166f936003d55a5bb",
1701 "000000000000000000000000000000000000000000000000",
1702 "ff800000000000000000000000000000",
1703 "a5c772e5c62631ef660ee1d5877f6d1b",
1705 "000000000000000000000000000000000000000000000000",
1706 "ffc00000000000000000000000000000",
1707 "030d7e5b64f380a7e4ea5387b5cd7f49",
1709 "000000000000000000000000000000000000000000000000",
1710 "ffe00000000000000000000000000000",
1711 "0dc9a2610037009b698f11bb7e86c83e",
1713 "000000000000000000000000000000000000000000000000",
1714 "fff00000000000000000000000000000",
1715 "0046612c766d1840c226364f1fa7ed72",
1717 "000000000000000000000000000000000000000000000000",
1718 "fff80000000000000000000000000000",
1719 "4880c7e08f27befe78590743c05e698b",
1721 "000000000000000000000000000000000000000000000000",
1722 "fffc0000000000000000000000000000",
1723 "2520ce829a26577f0f4822c4ecc87401",
1725 "000000000000000000000000000000000000000000000000",
1726 "fffe0000000000000000000000000000",
1727 "8765e8acc169758319cb46dc7bcf3dca",
1729 "000000000000000000000000000000000000000000000000",
1730 "ffff0000000000000000000000000000",
1731 "e98f4ba4f073df4baa116d011dc24a28",
1733 "000000000000000000000000000000000000000000000000",
1734 "ffff8000000000000000000000000000",
1735 "f378f68c5dbf59e211b3a659a7317d94",
1737 "000000000000000000000000000000000000000000000000",
1738 "ffffc000000000000000000000000000",
1739 "283d3b069d8eb9fb432d74b96ca762b4",
1741 "000000000000000000000000000000000000000000000000",
1742 "ffffe000000000000000000000000000",
1743 "a7e1842e8a87861c221a500883245c51",
1745 "000000000000000000000000000000000000000000000000",
1746 "fffff000000000000000000000000000",
1747 "77aa270471881be070fb52c7067ce732",
1749 "000000000000000000000000000000000000000000000000",
1750 "fffff800000000000000000000000000",
1751 "01b0f476d484f43f1aeb6efa9361a8ac",
1753 "000000000000000000000000000000000000000000000000",
1754 "fffffc00000000000000000000000000",
1755 "1c3a94f1c052c55c2d8359aff2163b4f",
1757 "000000000000000000000000000000000000000000000000",
1758 "fffffe00000000000000000000000000",
1759 "e8a067b604d5373d8b0f2e05a03b341b",
1761 "000000000000000000000000000000000000000000000000",
1762 "ffffff00000000000000000000000000",
1763 "a7876ec87f5a09bfea42c77da30fd50e",
1765 "000000000000000000000000000000000000000000000000",
1766 "ffffff80000000000000000000000000",
1767 "0cf3e9d3a42be5b854ca65b13f35f48d",
1769 "000000000000000000000000000000000000000000000000",
1770 "ffffffc0000000000000000000000000",
1771 "6c62f6bbcab7c3e821c9290f08892dda",
1773 "000000000000000000000000000000000000000000000000",
1774 "ffffffe0000000000000000000000000",
1775 "7f5e05bd2068738196fee79ace7e3aec",
1777 "000000000000000000000000000000000000000000000000",
1778 "fffffff0000000000000000000000000",
1779 "440e0d733255cda92fb46e842fe58054",
1781 "000000000000000000000000000000000000000000000000",
1782 "fffffff8000000000000000000000000",
1783 "aa5d5b1c4ea1b7a22e5583ac2e9ed8a7",
1785 "000000000000000000000000000000000000000000000000",
1786 "fffffffc000000000000000000000000",
1787 "77e537e89e8491e8662aae3bc809421d",
1789 "000000000000000000000000000000000000000000000000",
1790 "fffffffe000000000000000000000000",
1791 "997dd3e9f1598bfa73f75973f7e93b76",
1793 "000000000000000000000000000000000000000000000000",
1794 "ffffffff000000000000000000000000",
1795 "1b38d4f7452afefcb7fc721244e4b72e",
1797 "000000000000000000000000000000000000000000000000",
1798 "ffffffff800000000000000000000000",
1799 "0be2b18252e774dda30cdda02c6906e3",
1801 "000000000000000000000000000000000000000000000000",
1802 "ffffffffc00000000000000000000000",
1803 "d2695e59c20361d82652d7d58b6f11b2",
1805 "000000000000000000000000000000000000000000000000",
1806 "ffffffffe00000000000000000000000",
1807 "902d88d13eae52089abd6143cfe394e9",
1809 "000000000000000000000000000000000000000000000000",
1810 "fffffffff00000000000000000000000",
1811 "d49bceb3b823fedd602c305345734bd2",
1813 "000000000000000000000000000000000000000000000000",
1814 "fffffffff80000000000000000000000",
1815 "707b1dbb0ffa40ef7d95def421233fae",
1817 "000000000000000000000000000000000000000000000000",
1818 "fffffffffc0000000000000000000000",
1819 "7ca0c1d93356d9eb8aa952084d75f913",
1821 "000000000000000000000000000000000000000000000000",
1822 "fffffffffe0000000000000000000000",
1823 "f2cbf9cb186e270dd7bdb0c28febc57d",
1825 "000000000000000000000000000000000000000000000000",
1826 "ffffffffff0000000000000000000000",
1827 "c94337c37c4e790ab45780bd9c3674a0",
1829 "000000000000000000000000000000000000000000000000",
1830 "ffffffffff8000000000000000000000",
1831 "8e3558c135252fb9c9f367ed609467a1",
1833 "000000000000000000000000000000000000000000000000",
1834 "ffffffffffc000000000000000000000",
1835 "1b72eeaee4899b443914e5b3a57fba92",
1837 "000000000000000000000000000000000000000000000000",
1838 "ffffffffffe000000000000000000000",
1839 "011865f91bc56868d051e52c9efd59b7",
1841 "000000000000000000000000000000000000000000000000",
1842 "fffffffffff000000000000000000000",
1843 "e4771318ad7a63dd680f6e583b7747ea",
1845 "000000000000000000000000000000000000000000000000",
1846 "fffffffffff800000000000000000000",
1847 "61e3d194088dc8d97e9e6db37457eac5",
1849 "000000000000000000000000000000000000000000000000",
1850 "fffffffffffc00000000000000000000",
1851 "36ff1ec9ccfbc349e5d356d063693ad6",
1853 "000000000000000000000000000000000000000000000000",
1854 "fffffffffffe00000000000000000000",
1855 "3cc9e9a9be8cc3f6fb2ea24088e9bb19",
1857 "000000000000000000000000000000000000000000000000",
1858 "ffffffffffff00000000000000000000",
1859 "1ee5ab003dc8722e74905d9a8fe3d350",
1861 "000000000000000000000000000000000000000000000000",
1862 "ffffffffffff80000000000000000000",
1863 "245339319584b0a412412869d6c2eada",
1865 "000000000000000000000000000000000000000000000000",
1866 "ffffffffffffc0000000000000000000",
1867 "7bd496918115d14ed5380852716c8814",
1869 "000000000000000000000000000000000000000000000000",
1870 "ffffffffffffe0000000000000000000",
1871 "273ab2f2b4a366a57d582a339313c8b1",
1873 "000000000000000000000000000000000000000000000000",
1874 "fffffffffffff0000000000000000000",
1875 "113365a9ffbe3b0ca61e98507554168b",
1877 "000000000000000000000000000000000000000000000000",
1878 "fffffffffffff8000000000000000000",
1879 "afa99c997ac478a0dea4119c9e45f8b1",
1881 "000000000000000000000000000000000000000000000000",
1882 "fffffffffffffc000000000000000000",
1883 "9216309a7842430b83ffb98638011512",
1885 "000000000000000000000000000000000000000000000000",
1886 "fffffffffffffe000000000000000000",
1887 "62abc792288258492a7cb45145f4b759",
1889 "000000000000000000000000000000000000000000000000",
1890 "ffffffffffffff000000000000000000",
1891 "534923c169d504d7519c15d30e756c50",
1893 "000000000000000000000000000000000000000000000000",
1894 "ffffffffffffff800000000000000000",
1895 "fa75e05bcdc7e00c273fa33f6ee441d2",
1897 "000000000000000000000000000000000000000000000000",
1898 "ffffffffffffffc00000000000000000",
1899 "7d350fa6057080f1086a56b17ec240db",
1901 "000000000000000000000000000000000000000000000000",
1902 "ffffffffffffffe00000000000000000",
1903 "f34e4a6324ea4a5c39a661c8fe5ada8f",
1905 "000000000000000000000000000000000000000000000000",
1906 "fffffffffffffff00000000000000000",
1907 "0882a16f44088d42447a29ac090ec17e",
1909 "000000000000000000000000000000000000000000000000",
1910 "fffffffffffffff80000000000000000",
1911 "3a3c15bfc11a9537c130687004e136ee",
1913 "000000000000000000000000000000000000000000000000",
1914 "fffffffffffffffc0000000000000000",
1915 "22c0a7678dc6d8cf5c8a6d5a9960767c",
1917 "000000000000000000000000000000000000000000000000",
1918 "fffffffffffffffe0000000000000000",
1919 "b46b09809d68b9a456432a79bdc2e38c",
1921 "000000000000000000000000000000000000000000000000",
1922 "ffffffffffffffff0000000000000000",
1923 "93baaffb35fbe739c17c6ac22eecf18f",
1925 "000000000000000000000000000000000000000000000000",
1926 "ffffffffffffffff8000000000000000",
1927 "c8aa80a7850675bc007c46df06b49868",
1929 "000000000000000000000000000000000000000000000000",
1930 "ffffffffffffffffc000000000000000",
1931 "12c6f3877af421a918a84b775858021d",
1933 "000000000000000000000000000000000000000000000000",
1934 "ffffffffffffffffe000000000000000",
1935 "33f123282c5d633924f7d5ba3f3cab11",
1937 "000000000000000000000000000000000000000000000000",
1938 "fffffffffffffffff000000000000000",
1939 "a8f161002733e93ca4527d22c1a0c5bb",
1941 "000000000000000000000000000000000000000000000000",
1942 "fffffffffffffffff800000000000000",
1943 "b72f70ebf3e3fda23f508eec76b42c02",
1945 "000000000000000000000000000000000000000000000000",
1946 "fffffffffffffffffc00000000000000",
1947 "6a9d965e6274143f25afdcfc88ffd77c",
1949 "000000000000000000000000000000000000000000000000",
1950 "fffffffffffffffffe00000000000000",
1951 "a0c74fd0b9361764ce91c5200b095357",
1953 "000000000000000000000000000000000000000000000000",
1954 "ffffffffffffffffff00000000000000",
1955 "091d1fdc2bd2c346cd5046a8c6209146",
1957 "000000000000000000000000000000000000000000000000",
1958 "ffffffffffffffffff80000000000000",
1959 "e2a37580116cfb71856254496ab0aca8",
1961 "000000000000000000000000000000000000000000000000",
1962 "ffffffffffffffffffc0000000000000",
1963 "e0b3a00785917c7efc9adba322813571",
1965 "000000000000000000000000000000000000000000000000",
1966 "ffffffffffffffffffe0000000000000",
1967 "733d41f4727b5ef0df4af4cf3cffa0cb",
1969 "000000000000000000000000000000000000000000000000",
1970 "fffffffffffffffffff0000000000000",
1971 "a99ebb030260826f981ad3e64490aa4f",
1973 "000000000000000000000000000000000000000000000000",
1974 "fffffffffffffffffff8000000000000",
1975 "73f34c7d3eae5e80082c1647524308ee",
1977 "000000000000000000000000000000000000000000000000",
1978 "fffffffffffffffffffc000000000000",
1979 "40ebd5ad082345b7a2097ccd3464da02",
1981 "000000000000000000000000000000000000000000000000",
1982 "fffffffffffffffffffe000000000000",
1983 "7cc4ae9a424b2cec90c97153c2457ec5",
1985 "000000000000000000000000000000000000000000000000",
1986 "ffffffffffffffffffff000000000000",
1987 "54d632d03aba0bd0f91877ebdd4d09cb",
1989 "000000000000000000000000000000000000000000000000",
1990 "ffffffffffffffffffff800000000000",
1991 "d3427be7e4d27cd54f5fe37b03cf0897",
1993 "000000000000000000000000000000000000000000000000",
1994 "ffffffffffffffffffffc00000000000",
1995 "b2099795e88cc158fd75ea133d7e7fbe",
1997 "000000000000000000000000000000000000000000000000",
1998 "ffffffffffffffffffffe00000000000",
1999 "a6cae46fb6fadfe7a2c302a34242817b",
2001 "000000000000000000000000000000000000000000000000",
2002 "fffffffffffffffffffff00000000000",
2003 "026a7024d6a902e0b3ffccbaa910cc3f",
2005 "000000000000000000000000000000000000000000000000",
2006 "fffffffffffffffffffff80000000000",
2007 "156f07767a85a4312321f63968338a01",
2009 "000000000000000000000000000000000000000000000000",
2010 "fffffffffffffffffffffc0000000000",
2011 "15eec9ebf42b9ca76897d2cd6c5a12e2",
2013 "000000000000000000000000000000000000000000000000",
2014 "fffffffffffffffffffffe0000000000",
2015 "db0d3a6fdcc13f915e2b302ceeb70fd8",
2017 "000000000000000000000000000000000000000000000000",
2018 "ffffffffffffffffffffff0000000000",
2019 "71dbf37e87a2e34d15b20e8f10e48924",
2021 "000000000000000000000000000000000000000000000000",
2022 "ffffffffffffffffffffff8000000000",
2023 "c745c451e96ff3c045e4367c833e3b54",
2025 "000000000000000000000000000000000000000000000000",
2026 "ffffffffffffffffffffffc000000000",
2027 "340da09c2dd11c3b679d08ccd27dd595",
2029 "000000000000000000000000000000000000000000000000",
2030 "ffffffffffffffffffffffe000000000",
2031 "8279f7c0c2a03ee660c6d392db025d18",
2033 "000000000000000000000000000000000000000000000000",
2034 "fffffffffffffffffffffff000000000",
2035 "a4b2c7d8eba531ff47c5041a55fbd1ec",
2037 "000000000000000000000000000000000000000000000000",
2038 "fffffffffffffffffffffff800000000",
2039 "74569a2ca5a7bd5131ce8dc7cbfbf72f",
2041 "000000000000000000000000000000000000000000000000",
2042 "fffffffffffffffffffffffc00000000",
2043 "3713da0c0219b63454035613b5a403dd",
2045 "000000000000000000000000000000000000000000000000",
2046 "fffffffffffffffffffffffe00000000",
2047 "8827551ddcc9df23fa72a3de4e9f0b07",
2049 "000000000000000000000000000000000000000000000000",
2050 "ffffffffffffffffffffffff00000000",
2051 "2e3febfd625bfcd0a2c06eb460da1732",
2053 "000000000000000000000000000000000000000000000000",
2054 "ffffffffffffffffffffffff80000000",
2055 "ee82e6ba488156f76496311da6941deb",
2057 "000000000000000000000000000000000000000000000000",
2058 "ffffffffffffffffffffffffc0000000",
2059 "4770446f01d1f391256e85a1b30d89d3",
2061 "000000000000000000000000000000000000000000000000",
2062 "ffffffffffffffffffffffffe0000000",
2063 "af04b68f104f21ef2afb4767cf74143c",
2065 "000000000000000000000000000000000000000000000000",
2066 "fffffffffffffffffffffffff0000000",
2067 "cf3579a9ba38c8e43653173e14f3a4c6",
2069 "000000000000000000000000000000000000000000000000",
2070 "fffffffffffffffffffffffff8000000",
2071 "b3bba904f4953e09b54800af2f62e7d4",
2073 "000000000000000000000000000000000000000000000000",
2074 "fffffffffffffffffffffffffc000000",
2075 "fc4249656e14b29eb9c44829b4c59a46",
2077 "000000000000000000000000000000000000000000000000",
2078 "fffffffffffffffffffffffffe000000",
2079 "9b31568febe81cfc2e65af1c86d1a308",
2081 "000000000000000000000000000000000000000000000000",
2082 "ffffffffffffffffffffffffff000000",
2083 "9ca09c25f273a766db98a480ce8dfedc",
2085 "000000000000000000000000000000000000000000000000",
2086 "ffffffffffffffffffffffffff800000",
2087 "b909925786f34c3c92d971883c9fbedf",
2089 "000000000000000000000000000000000000000000000000",
2090 "ffffffffffffffffffffffffffc00000",
2091 "82647f1332fe570a9d4d92b2ee771d3b",
2093 "000000000000000000000000000000000000000000000000",
2094 "ffffffffffffffffffffffffffe00000",
2095 "3604a7e80832b3a99954bca6f5b9f501",
2097 "000000000000000000000000000000000000000000000000",
2098 "fffffffffffffffffffffffffff00000",
2099 "884607b128c5de3ab39a529a1ef51bef",
2101 "000000000000000000000000000000000000000000000000",
2102 "fffffffffffffffffffffffffff80000",
2103 "670cfa093d1dbdb2317041404102435e",
2105 "000000000000000000000000000000000000000000000000",
2106 "fffffffffffffffffffffffffffc0000",
2107 "7a867195f3ce8769cbd336502fbb5130",
2109 "000000000000000000000000000000000000000000000000",
2110 "fffffffffffffffffffffffffffe0000",
2111 "52efcf64c72b2f7ca5b3c836b1078c15",
2113 "000000000000000000000000000000000000000000000000",
2114 "ffffffffffffffffffffffffffff0000",
2115 "4019250f6eefb2ac5ccbcae044e75c7e",
2117 "000000000000000000000000000000000000000000000000",
2118 "ffffffffffffffffffffffffffff8000",
2119 "022c4f6f5a017d292785627667ddef24",
2121 "000000000000000000000000000000000000000000000000",
2122 "ffffffffffffffffffffffffffffc000",
2123 "e9c21078a2eb7e03250f71000fa9e3ed",
2125 "000000000000000000000000000000000000000000000000",
2126 "ffffffffffffffffffffffffffffe000",
2127 "a13eaeeb9cd391da4e2b09490b3e7fad",
2129 "000000000000000000000000000000000000000000000000",
2130 "fffffffffffffffffffffffffffff000",
2131 "c958a171dca1d4ed53e1af1d380803a9",
2133 "000000000000000000000000000000000000000000000000",
2134 "fffffffffffffffffffffffffffff800",
2135 "21442e07a110667f2583eaeeee44dc8c",
2137 "000000000000000000000000000000000000000000000000",
2138 "fffffffffffffffffffffffffffffc00",
2139 "59bbb353cf1dd867a6e33737af655e99",
2141 "000000000000000000000000000000000000000000000000",
2142 "fffffffffffffffffffffffffffffe00",
2143 "43cd3b25375d0ce41087ff9fe2829639",
2145 "000000000000000000000000000000000000000000000000",
2146 "ffffffffffffffffffffffffffffff00",
2147 "6b98b17e80d1118e3516bd768b285a84",
2149 "000000000000000000000000000000000000000000000000",
2150 "ffffffffffffffffffffffffffffff80",
2151 "ae47ed3676ca0c08deea02d95b81db58",
2153 "000000000000000000000000000000000000000000000000",
2154 "ffffffffffffffffffffffffffffffc0",
2155 "34ec40dc20413795ed53628ea748720b",
2157 "000000000000000000000000000000000000000000000000",
2158 "ffffffffffffffffffffffffffffffe0",
2159 "4dc68163f8e9835473253542c8a65d46",
2161 "000000000000000000000000000000000000000000000000",
2162 "fffffffffffffffffffffffffffffff0",
2163 "2aabb999f43693175af65c6c612c46fb",
2165 "000000000000000000000000000000000000000000000000",
2166 "fffffffffffffffffffffffffffffff8",
2167 "e01f94499dac3547515c5b1d756f0f58",
2169 "000000000000000000000000000000000000000000000000",
2170 "fffffffffffffffffffffffffffffffc",
2171 "9d12435a46480ce00ea349f71799df9a",
2173 "000000000000000000000000000000000000000000000000",
2174 "fffffffffffffffffffffffffffffffe",
2175 "cef41d16d266bdfe46938ad7884cc0cf",
2177 "000000000000000000000000000000000000000000000000",
2178 "ffffffffffffffffffffffffffffffff",
2179 "b13db4da1f718bc6904797c82bcf2d32",
2182 * From NIST validation suite (ECBVarTxt256.rsp).
2184 "0000000000000000000000000000000000000000000000000000000000000000",
2185 "80000000000000000000000000000000",
2186 "ddc6bf790c15760d8d9aeb6f9a75fd4e",
2188 "0000000000000000000000000000000000000000000000000000000000000000",
2189 "c0000000000000000000000000000000",
2190 "0a6bdc6d4c1e6280301fd8e97ddbe601",
2192 "0000000000000000000000000000000000000000000000000000000000000000",
2193 "e0000000000000000000000000000000",
2194 "9b80eefb7ebe2d2b16247aa0efc72f5d",
2196 "0000000000000000000000000000000000000000000000000000000000000000",
2197 "f0000000000000000000000000000000",
2198 "7f2c5ece07a98d8bee13c51177395ff7",
2200 "0000000000000000000000000000000000000000000000000000000000000000",
2201 "f8000000000000000000000000000000",
2202 "7818d800dcf6f4be1e0e94f403d1e4c2",
2204 "0000000000000000000000000000000000000000000000000000000000000000",
2205 "fc000000000000000000000000000000",
2206 "e74cd1c92f0919c35a0324123d6177d3",
2208 "0000000000000000000000000000000000000000000000000000000000000000",
2209 "fe000000000000000000000000000000",
2210 "8092a4dcf2da7e77e93bdd371dfed82e",
2212 "0000000000000000000000000000000000000000000000000000000000000000",
2213 "ff000000000000000000000000000000",
2214 "49af6b372135acef10132e548f217b17",
2216 "0000000000000000000000000000000000000000000000000000000000000000",
2217 "ff800000000000000000000000000000",
2218 "8bcd40f94ebb63b9f7909676e667f1e7",
2220 "0000000000000000000000000000000000000000000000000000000000000000",
2221 "ffc00000000000000000000000000000",
2222 "fe1cffb83f45dcfb38b29be438dbd3ab",
2224 "0000000000000000000000000000000000000000000000000000000000000000",
2225 "ffe00000000000000000000000000000",
2226 "0dc58a8d886623705aec15cb1e70dc0e",
2228 "0000000000000000000000000000000000000000000000000000000000000000",
2229 "fff00000000000000000000000000000",
2230 "c218faa16056bd0774c3e8d79c35a5e4",
2232 "0000000000000000000000000000000000000000000000000000000000000000",
2233 "fff80000000000000000000000000000",
2234 "047bba83f7aa841731504e012208fc9e",
2236 "0000000000000000000000000000000000000000000000000000000000000000",
2237 "fffc0000000000000000000000000000",
2238 "dc8f0e4915fd81ba70a331310882f6da",
2240 "0000000000000000000000000000000000000000000000000000000000000000",
2241 "fffe0000000000000000000000000000",
2242 "1569859ea6b7206c30bf4fd0cbfac33c",
2244 "0000000000000000000000000000000000000000000000000000000000000000",
2245 "ffff0000000000000000000000000000",
2246 "300ade92f88f48fa2df730ec16ef44cd",
2248 "0000000000000000000000000000000000000000000000000000000000000000",
2249 "ffff8000000000000000000000000000",
2250 "1fe6cc3c05965dc08eb0590c95ac71d0",
2252 "0000000000000000000000000000000000000000000000000000000000000000",
2253 "ffffc000000000000000000000000000",
2254 "59e858eaaa97fec38111275b6cf5abc0",
2256 "0000000000000000000000000000000000000000000000000000000000000000",
2257 "ffffe000000000000000000000000000",
2258 "2239455e7afe3b0616100288cc5a723b",
2260 "0000000000000000000000000000000000000000000000000000000000000000",
2261 "fffff000000000000000000000000000",
2262 "3ee500c5c8d63479717163e55c5c4522",
2264 "0000000000000000000000000000000000000000000000000000000000000000",
2265 "fffff800000000000000000000000000",
2266 "d5e38bf15f16d90e3e214041d774daa8",
2268 "0000000000000000000000000000000000000000000000000000000000000000",
2269 "fffffc00000000000000000000000000",
2270 "b1f4066e6f4f187dfe5f2ad1b17819d0",
2272 "0000000000000000000000000000000000000000000000000000000000000000",
2273 "fffffe00000000000000000000000000",
2274 "6ef4cc4de49b11065d7af2909854794a",
2276 "0000000000000000000000000000000000000000000000000000000000000000",
2277 "ffffff00000000000000000000000000",
2278 "ac86bc606b6640c309e782f232bf367f",
2280 "0000000000000000000000000000000000000000000000000000000000000000",
2281 "ffffff80000000000000000000000000",
2282 "36aff0ef7bf3280772cf4cac80a0d2b2",
2284 "0000000000000000000000000000000000000000000000000000000000000000",
2285 "ffffffc0000000000000000000000000",
2286 "1f8eedea0f62a1406d58cfc3ecea72cf",
2288 "0000000000000000000000000000000000000000000000000000000000000000",
2289 "ffffffe0000000000000000000000000",
2290 "abf4154a3375a1d3e6b1d454438f95a6",
2292 "0000000000000000000000000000000000000000000000000000000000000000",
2293 "fffffff0000000000000000000000000",
2294 "96f96e9d607f6615fc192061ee648b07",
2296 "0000000000000000000000000000000000000000000000000000000000000000",
2297 "fffffff8000000000000000000000000",
2298 "cf37cdaaa0d2d536c71857634c792064",
2300 "0000000000000000000000000000000000000000000000000000000000000000",
2301 "fffffffc000000000000000000000000",
2302 "fbd6640c80245c2b805373f130703127",
2304 "0000000000000000000000000000000000000000000000000000000000000000",
2305 "fffffffe000000000000000000000000",
2306 "8d6a8afe55a6e481badae0d146f436db",
2308 "0000000000000000000000000000000000000000000000000000000000000000",
2309 "ffffffff000000000000000000000000",
2310 "6a4981f2915e3e68af6c22385dd06756",
2312 "0000000000000000000000000000000000000000000000000000000000000000",
2313 "ffffffff800000000000000000000000",
2314 "42a1136e5f8d8d21d3101998642d573b",
2316 "0000000000000000000000000000000000000000000000000000000000000000",
2317 "ffffffffc00000000000000000000000",
2318 "9b471596dc69ae1586cee6158b0b0181",
2320 "0000000000000000000000000000000000000000000000000000000000000000",
2321 "ffffffffe00000000000000000000000",
2322 "753665c4af1eff33aa8b628bf8741cfd",
2324 "0000000000000000000000000000000000000000000000000000000000000000",
2325 "fffffffff00000000000000000000000",
2326 "9a682acf40be01f5b2a4193c9a82404d",
2328 "0000000000000000000000000000000000000000000000000000000000000000",
2329 "fffffffff80000000000000000000000",
2330 "54fafe26e4287f17d1935f87eb9ade01",
2332 "0000000000000000000000000000000000000000000000000000000000000000",
2333 "fffffffffc0000000000000000000000",
2334 "49d541b2e74cfe73e6a8e8225f7bd449",
2336 "0000000000000000000000000000000000000000000000000000000000000000",
2337 "fffffffffe0000000000000000000000",
2338 "11a45530f624ff6f76a1b3826626ff7b",
2340 "0000000000000000000000000000000000000000000000000000000000000000",
2341 "ffffffffff0000000000000000000000",
2342 "f96b0c4a8bc6c86130289f60b43b8fba",
2344 "0000000000000000000000000000000000000000000000000000000000000000",
2345 "ffffffffff8000000000000000000000",
2346 "48c7d0e80834ebdc35b6735f76b46c8b",
2348 "0000000000000000000000000000000000000000000000000000000000000000",
2349 "ffffffffffc000000000000000000000",
2350 "2463531ab54d66955e73edc4cb8eaa45",
2352 "0000000000000000000000000000000000000000000000000000000000000000",
2353 "ffffffffffe000000000000000000000",
2354 "ac9bd8e2530469134b9d5b065d4f565b",
2356 "0000000000000000000000000000000000000000000000000000000000000000",
2357 "fffffffffff000000000000000000000",
2358 "3f5f9106d0e52f973d4890e6f37e8a00",
2360 "0000000000000000000000000000000000000000000000000000000000000000",
2361 "fffffffffff800000000000000000000",
2362 "20ebc86f1304d272e2e207e59db639f0",
2364 "0000000000000000000000000000000000000000000000000000000000000000",
2365 "fffffffffffc00000000000000000000",
2366 "e67ae6426bf9526c972cff072b52252c",
2368 "0000000000000000000000000000000000000000000000000000000000000000",
2369 "fffffffffffe00000000000000000000",
2370 "1a518dddaf9efa0d002cc58d107edfc8",
2372 "0000000000000000000000000000000000000000000000000000000000000000",
2373 "ffffffffffff00000000000000000000",
2374 "ead731af4d3a2fe3b34bed047942a49f",
2376 "0000000000000000000000000000000000000000000000000000000000000000",
2377 "ffffffffffff80000000000000000000",
2378 "b1d4efe40242f83e93b6c8d7efb5eae9",
2380 "0000000000000000000000000000000000000000000000000000000000000000",
2381 "ffffffffffffc0000000000000000000",
2382 "cd2b1fec11fd906c5c7630099443610a",
2384 "0000000000000000000000000000000000000000000000000000000000000000",
2385 "ffffffffffffe0000000000000000000",
2386 "a1853fe47fe29289d153161d06387d21",
2388 "0000000000000000000000000000000000000000000000000000000000000000",
2389 "fffffffffffff0000000000000000000",
2390 "4632154179a555c17ea604d0889fab14",
2392 "0000000000000000000000000000000000000000000000000000000000000000",
2393 "fffffffffffff8000000000000000000",
2394 "dd27cac6401a022e8f38f9f93e774417",
2396 "0000000000000000000000000000000000000000000000000000000000000000",
2397 "fffffffffffffc000000000000000000",
2398 "c090313eb98674f35f3123385fb95d4d",
2400 "0000000000000000000000000000000000000000000000000000000000000000",
2401 "fffffffffffffe000000000000000000",
2402 "cc3526262b92f02edce548f716b9f45c",
2404 "0000000000000000000000000000000000000000000000000000000000000000",
2405 "ffffffffffffff000000000000000000",
2406 "c0838d1a2b16a7c7f0dfcc433c399c33",
2408 "0000000000000000000000000000000000000000000000000000000000000000",
2409 "ffffffffffffff800000000000000000",
2410 "0d9ac756eb297695eed4d382eb126d26",
2412 "0000000000000000000000000000000000000000000000000000000000000000",
2413 "ffffffffffffffc00000000000000000",
2414 "56ede9dda3f6f141bff1757fa689c3e1",
2416 "0000000000000000000000000000000000000000000000000000000000000000",
2417 "ffffffffffffffe00000000000000000",
2418 "768f520efe0f23e61d3ec8ad9ce91774",
2420 "0000000000000000000000000000000000000000000000000000000000000000",
2421 "fffffffffffffff00000000000000000",
2422 "b1144ddfa75755213390e7c596660490",
2424 "0000000000000000000000000000000000000000000000000000000000000000",
2425 "fffffffffffffff80000000000000000",
2426 "1d7c0c4040b355b9d107a99325e3b050",
2428 "0000000000000000000000000000000000000000000000000000000000000000",
2429 "fffffffffffffffc0000000000000000",
2430 "d8e2bb1ae8ee3dcf5bf7d6c38da82a1a",
2432 "0000000000000000000000000000000000000000000000000000000000000000",
2433 "fffffffffffffffe0000000000000000",
2434 "faf82d178af25a9886a47e7f789b98d7",
2436 "0000000000000000000000000000000000000000000000000000000000000000",
2437 "ffffffffffffffff0000000000000000",
2438 "9b58dbfd77fe5aca9cfc190cd1b82d19",
2440 "0000000000000000000000000000000000000000000000000000000000000000",
2441 "ffffffffffffffff8000000000000000",
2442 "77f392089042e478ac16c0c86a0b5db5",
2444 "0000000000000000000000000000000000000000000000000000000000000000",
2445 "ffffffffffffffffc000000000000000",
2446 "19f08e3420ee69b477ca1420281c4782",
2448 "0000000000000000000000000000000000000000000000000000000000000000",
2449 "ffffffffffffffffe000000000000000",
2450 "a1b19beee4e117139f74b3c53fdcb875",
2452 "0000000000000000000000000000000000000000000000000000000000000000",
2453 "fffffffffffffffff000000000000000",
2454 "a37a5869b218a9f3a0868d19aea0ad6a",
2456 "0000000000000000000000000000000000000000000000000000000000000000",
2457 "fffffffffffffffff800000000000000",
2458 "bc3594e865bcd0261b13202731f33580",
2460 "0000000000000000000000000000000000000000000000000000000000000000",
2461 "fffffffffffffffffc00000000000000",
2462 "811441ce1d309eee7185e8c752c07557",
2464 "0000000000000000000000000000000000000000000000000000000000000000",
2465 "fffffffffffffffffe00000000000000",
2466 "959971ce4134190563518e700b9874d1",
2468 "0000000000000000000000000000000000000000000000000000000000000000",
2469 "ffffffffffffffffff00000000000000",
2470 "76b5614a042707c98e2132e2e805fe63",
2472 "0000000000000000000000000000000000000000000000000000000000000000",
2473 "ffffffffffffffffff80000000000000",
2474 "7d9fa6a57530d0f036fec31c230b0cc6",
2476 "0000000000000000000000000000000000000000000000000000000000000000",
2477 "ffffffffffffffffffc0000000000000",
2478 "964153a83bf6989a4ba80daa91c3e081",
2480 "0000000000000000000000000000000000000000000000000000000000000000",
2481 "ffffffffffffffffffe0000000000000",
2482 "a013014d4ce8054cf2591d06f6f2f176",
2484 "0000000000000000000000000000000000000000000000000000000000000000",
2485 "fffffffffffffffffff0000000000000",
2486 "d1c5f6399bf382502e385eee1474a869",
2488 "0000000000000000000000000000000000000000000000000000000000000000",
2489 "fffffffffffffffffff8000000000000",
2490 "0007e20b8298ec354f0f5fe7470f36bd",
2492 "0000000000000000000000000000000000000000000000000000000000000000",
2493 "fffffffffffffffffffc000000000000",
2494 "b95ba05b332da61ef63a2b31fcad9879",
2496 "0000000000000000000000000000000000000000000000000000000000000000",
2497 "fffffffffffffffffffe000000000000",
2498 "4620a49bd967491561669ab25dce45f4",
2500 "0000000000000000000000000000000000000000000000000000000000000000",
2501 "ffffffffffffffffffff000000000000",
2502 "12e71214ae8e04f0bb63d7425c6f14d5",
2504 "0000000000000000000000000000000000000000000000000000000000000000",
2505 "ffffffffffffffffffff800000000000",
2506 "4cc42fc1407b008fe350907c092e80ac",
2508 "0000000000000000000000000000000000000000000000000000000000000000",
2509 "ffffffffffffffffffffc00000000000",
2510 "08b244ce7cbc8ee97fbba808cb146fda",
2512 "0000000000000000000000000000000000000000000000000000000000000000",
2513 "ffffffffffffffffffffe00000000000",
2514 "39b333e8694f21546ad1edd9d87ed95b",
2516 "0000000000000000000000000000000000000000000000000000000000000000",
2517 "fffffffffffffffffffff00000000000",
2518 "3b271f8ab2e6e4a20ba8090f43ba78f3",
2520 "0000000000000000000000000000000000000000000000000000000000000000",
2521 "fffffffffffffffffffff80000000000",
2522 "9ad983f3bf651cd0393f0a73cccdea50",
2524 "0000000000000000000000000000000000000000000000000000000000000000",
2525 "fffffffffffffffffffffc0000000000",
2526 "8f476cbff75c1f725ce18e4bbcd19b32",
2528 "0000000000000000000000000000000000000000000000000000000000000000",
2529 "fffffffffffffffffffffe0000000000",
2530 "905b6267f1d6ab5320835a133f096f2a",
2532 "0000000000000000000000000000000000000000000000000000000000000000",
2533 "ffffffffffffffffffffff0000000000",
2534 "145b60d6d0193c23f4221848a892d61a",
2536 "0000000000000000000000000000000000000000000000000000000000000000",
2537 "ffffffffffffffffffffff8000000000",
2538 "55cfb3fb6d75cad0445bbc8dafa25b0f",
2540 "0000000000000000000000000000000000000000000000000000000000000000",
2541 "ffffffffffffffffffffffc000000000",
2542 "7b8e7098e357ef71237d46d8b075b0f5",
2544 "0000000000000000000000000000000000000000000000000000000000000000",
2545 "ffffffffffffffffffffffe000000000",
2546 "2bf27229901eb40f2df9d8398d1505ae",
2548 "0000000000000000000000000000000000000000000000000000000000000000",
2549 "fffffffffffffffffffffff000000000",
2550 "83a63402a77f9ad5c1e931a931ecd706",
2552 "0000000000000000000000000000000000000000000000000000000000000000",
2553 "fffffffffffffffffffffff800000000",
2554 "6f8ba6521152d31f2bada1843e26b973",
2556 "0000000000000000000000000000000000000000000000000000000000000000",
2557 "fffffffffffffffffffffffc00000000",
2558 "e5c3b8e30fd2d8e6239b17b44bd23bbd",
2560 "0000000000000000000000000000000000000000000000000000000000000000",
2561 "fffffffffffffffffffffffe00000000",
2562 "1ac1f7102c59933e8b2ddc3f14e94baa",
2564 "0000000000000000000000000000000000000000000000000000000000000000",
2565 "ffffffffffffffffffffffff00000000",
2566 "21d9ba49f276b45f11af8fc71a088e3d",
2568 "0000000000000000000000000000000000000000000000000000000000000000",
2569 "ffffffffffffffffffffffff80000000",
2570 "649f1cddc3792b4638635a392bc9bade",
2572 "0000000000000000000000000000000000000000000000000000000000000000",
2573 "ffffffffffffffffffffffffc0000000",
2574 "e2775e4b59c1bc2e31a2078c11b5a08c",
2576 "0000000000000000000000000000000000000000000000000000000000000000",
2577 "ffffffffffffffffffffffffe0000000",
2578 "2be1fae5048a25582a679ca10905eb80",
2580 "0000000000000000000000000000000000000000000000000000000000000000",
2581 "fffffffffffffffffffffffff0000000",
2582 "da86f292c6f41ea34fb2068df75ecc29",
2584 "0000000000000000000000000000000000000000000000000000000000000000",
2585 "fffffffffffffffffffffffff8000000",
2586 "220df19f85d69b1b562fa69a3c5beca5",
2588 "0000000000000000000000000000000000000000000000000000000000000000",
2589 "fffffffffffffffffffffffffc000000",
2590 "1f11d5d0355e0b556ccdb6c7f5083b4d",
2592 "0000000000000000000000000000000000000000000000000000000000000000",
2593 "fffffffffffffffffffffffffe000000",
2594 "62526b78be79cb384633c91f83b4151b",
2596 "0000000000000000000000000000000000000000000000000000000000000000",
2597 "ffffffffffffffffffffffffff000000",
2598 "90ddbcb950843592dd47bbef00fdc876",
2600 "0000000000000000000000000000000000000000000000000000000000000000",
2601 "ffffffffffffffffffffffffff800000",
2602 "2fd0e41c5b8402277354a7391d2618e2",
2604 "0000000000000000000000000000000000000000000000000000000000000000",
2605 "ffffffffffffffffffffffffffc00000",
2606 "3cdf13e72dee4c581bafec70b85f9660",
2608 "0000000000000000000000000000000000000000000000000000000000000000",
2609 "ffffffffffffffffffffffffffe00000",
2610 "afa2ffc137577092e2b654fa199d2c43",
2612 "0000000000000000000000000000000000000000000000000000000000000000",
2613 "fffffffffffffffffffffffffff00000",
2614 "8d683ee63e60d208e343ce48dbc44cac",
2616 "0000000000000000000000000000000000000000000000000000000000000000",
2617 "fffffffffffffffffffffffffff80000",
2618 "705a4ef8ba2133729c20185c3d3a4763",
2620 "0000000000000000000000000000000000000000000000000000000000000000",
2621 "fffffffffffffffffffffffffffc0000",
2622 "0861a861c3db4e94194211b77ed761b9",
2624 "0000000000000000000000000000000000000000000000000000000000000000",
2625 "fffffffffffffffffffffffffffe0000",
2626 "4b00c27e8b26da7eab9d3a88dec8b031",
2628 "0000000000000000000000000000000000000000000000000000000000000000",
2629 "ffffffffffffffffffffffffffff0000",
2630 "5f397bf03084820cc8810d52e5b666e9",
2632 "0000000000000000000000000000000000000000000000000000000000000000",
2633 "ffffffffffffffffffffffffffff8000",
2634 "63fafabb72c07bfbd3ddc9b1203104b8",
2636 "0000000000000000000000000000000000000000000000000000000000000000",
2637 "ffffffffffffffffffffffffffffc000",
2638 "683e2140585b18452dd4ffbb93c95df9",
2640 "0000000000000000000000000000000000000000000000000000000000000000",
2641 "ffffffffffffffffffffffffffffe000",
2642 "286894e48e537f8763b56707d7d155c8",
2644 "0000000000000000000000000000000000000000000000000000000000000000",
2645 "fffffffffffffffffffffffffffff000",
2646 "a423deabc173dcf7e2c4c53e77d37cd1",
2648 "0000000000000000000000000000000000000000000000000000000000000000",
2649 "fffffffffffffffffffffffffffff800",
2650 "eb8168313e1cfdfdb5e986d5429cf172",
2652 "0000000000000000000000000000000000000000000000000000000000000000",
2653 "fffffffffffffffffffffffffffffc00",
2654 "27127daafc9accd2fb334ec3eba52323",
2656 "0000000000000000000000000000000000000000000000000000000000000000",
2657 "fffffffffffffffffffffffffffffe00",
2658 "ee0715b96f72e3f7a22a5064fc592f4c",
2660 "0000000000000000000000000000000000000000000000000000000000000000",
2661 "ffffffffffffffffffffffffffffff00",
2662 "29ee526770f2a11dcfa989d1ce88830f",
2664 "0000000000000000000000000000000000000000000000000000000000000000",
2665 "ffffffffffffffffffffffffffffff80",
2666 "0493370e054b09871130fe49af730a5a",
2668 "0000000000000000000000000000000000000000000000000000000000000000",
2669 "ffffffffffffffffffffffffffffffc0",
2670 "9b7b940f6c509f9e44a4ee140448ee46",
2672 "0000000000000000000000000000000000000000000000000000000000000000",
2673 "ffffffffffffffffffffffffffffffe0",
2674 "2915be4a1ecfdcbe3e023811a12bb6c7",
2676 "0000000000000000000000000000000000000000000000000000000000000000",
2677 "fffffffffffffffffffffffffffffff0",
2678 "7240e524bc51d8c4d440b1be55d1062c",
2680 "0000000000000000000000000000000000000000000000000000000000000000",
2681 "fffffffffffffffffffffffffffffff8",
2682 "da63039d38cb4612b2dc36ba26684b93",
2684 "0000000000000000000000000000000000000000000000000000000000000000",
2685 "fffffffffffffffffffffffffffffffc",
2686 "0f59cb5a4b522e2ac56c1a64f558ad9a",
2688 "0000000000000000000000000000000000000000000000000000000000000000",
2689 "fffffffffffffffffffffffffffffffe",
2690 "7bfe9d876c6d63c1d035da8fe21c409d",
2692 "0000000000000000000000000000000000000000000000000000000000000000",
2693 "ffffffffffffffffffffffffffffffff",
2694 "acdace8078a32b1a182bfa4987ca1347",
2703 * AES known-answer tests for CBC. Order: key, IV, plaintext, ciphertext.
2705 static const char *const KAT_AES_CBC
[] = {
2707 * From NIST validation suite "Multiblock Message Test"
2710 "1f8e4973953f3fb0bd6b16662e9a3c17",
2711 "2fe2b333ceda8f98f4a99b40d2cd34a8",
2712 "45cf12964fc824ab76616ae2f4bf0822",
2713 "0f61c4d44c5147c03c195ad7e2cc12b2",
2715 "0700d603a1c514e46b6191ba430a3a0c",
2716 "aad1583cd91365e3bb2f0c3430d065bb",
2717 "068b25c7bfb1f8bdd4cfc908f69dffc5ddc726a197f0e5f720f730393279be91",
2718 "c4dc61d9725967a3020104a9738f23868527ce839aab1752fd8bdb95a82c4d00",
2720 "3348aa51e9a45c2dbe33ccc47f96e8de",
2721 "19153c673160df2b1d38c28060e59b96",
2722 "9b7cee827a26575afdbb7c7a329f887238052e3601a7917456ba61251c214763d5e1847a6ad5d54127a399ab07ee3599",
2723 "d5aed6c9622ec451a15db12819952b6752501cf05cdbf8cda34a457726ded97818e1f127a28d72db5652749f0c6afee5",
2725 "b7f3c9576e12dd0db63e8f8fac2b9a39",
2726 "c80f095d8bb1a060699f7c19974a1aa0",
2727 "9ac19954ce1319b354d3220460f71c1e373f1cd336240881160cfde46ebfed2e791e8d5a1a136ebd1dc469dec00c4187722b841cdabcb22c1be8a14657da200e",
2728 "19b9609772c63f338608bf6eb52ca10be65097f89c1e0905c42401fd47791ae2c5440b2d473116ca78bd9ff2fb6015cfd316524eae7dcb95ae738ebeae84a467",
2730 "b6f9afbfe5a1562bba1368fc72ac9d9c",
2731 "3f9d5ebe250ee7ce384b0d00ee849322",
2732 "db397ec22718dbffb9c9d13de0efcd4611bf792be4fce0dc5f25d4f577ed8cdbd4eb9208d593dda3d4653954ab64f05676caa3ce9bfa795b08b67ceebc923fdc89a8c431188e9e482d8553982cf304d1",
2733 "10ea27b19e16b93af169c4a88e06e35c99d8b420980b058e34b4b8f132b13766f72728202b089f428fecdb41c79f8aa0d0ef68f5786481cca29e2126f69bc14160f1ae2187878ba5c49cf3961e1b7ee9",
2735 "bbe7b7ba07124ff1ae7c3416fe8b465e",
2736 "7f65b5ee3630bed6b84202d97fb97a1e",
2737 "2aad0c2c4306568bad7447460fd3dac054346d26feddbc9abd9110914011b4794be2a9a00a519a51a5b5124014f4ed2735480db21b434e99a911bb0b60fe0253763725b628d5739a5117b7ee3aefafc5b4c1bf446467e7bf5f78f31ff7caf187",
2738 "3b8611bfc4973c5cd8e982b073b33184cd26110159172e44988eb5ff5661a1e16fad67258fcbfee55469267a12dc374893b4e3533d36f5634c3095583596f135aa8cd1138dc898bc5651ee35a92ebf89ab6aeb5366653bc60a70e0074fc11efe",
2740 "89a553730433f7e6d67d16d373bd5360",
2741 "f724558db3433a523f4e51a5bea70497",
2742 "807bc4ea684eedcfdcca30180680b0f1ae2814f35f36d053c5aea6595a386c1442770f4d7297d8b91825ee7237241da8925dd594ccf676aecd46ca2068e8d37a3a0ec8a7d5185a201e663b5ff36ae197110188a23503763b8218826d23ced74b31e9f6e2d7fbfa6cb43420c7807a8625",
2743 "406af1429a478c3d07e555c5287a60500d37fc39b68e5bbb9bafd6ddb223828561d6171a308d5b1a4551e8a5e7d572918d25c968d3871848d2f16635caa9847f38590b1df58ab5efb985f2c66cfaf86f61b3f9c0afad6c963c49cee9b8bc81a2ddb06c967f325515a4849eec37ce721a",
2745 "c491ca31f91708458e29a925ec558d78",
2746 "9ef934946e5cd0ae97bd58532cb49381",
2747 "cb6a787e0dec56f9a165957f81af336ca6b40785d9e94093c6190e5152649f882e874d79ac5e167bd2a74ce5ae088d2ee854f6539e0a94796b1e1bd4c9fcdbc79acbef4d01eeb89776d18af71ae2a4fc47dd66df6c4dbe1d1850e466549a47b636bcc7c2b3a62495b56bb67b6d455f1eebd9bfefecbca6c7f335cfce9b45cb9d",
2748 "7b2931f5855f717145e00f152a9f4794359b1ffcb3e55f594e33098b51c23a6c74a06c1d94fded7fd2ae42c7db7acaef5844cb33aeddc6852585ed0020a6699d2cb53809cefd169148ce42292afab063443978306c582c18b9ce0da3d084ce4d3c482cfd8fcf1a85084e89fb88b40a084d5e972466d07666126fb761f84078f2",
2750 "f6e87d71b0104d6eb06a68dc6a71f498",
2751 "1c245f26195b76ebebc2edcac412a2f8",
2752 "f82bef3c73a6f7f80db285726d691db6bf55eec25a859d3ba0e0445f26b9bb3b16a3161ed1866e4dd8f2e5f8ecb4e46d74a7a78c20cdfc7bcc9e479ba7a0caba9438238ad0c01651d5d98de37f03ddce6e6b4bd4ab03cf9e8ed818aedfa1cf963b932067b97d776dce1087196e7e913f7448e38244509f0caf36bd8217e15336d35c149fd4e41707893fdb84014f8729",
2753 "b09512f3eff9ed0d85890983a73dadbb7c3678d52581be64a8a8fc586f490f2521297a478a0598040ebd0f5509fafb0969f9d9e600eaef33b1b93eed99687b167f89a5065aac439ce46f3b8d22d30865e64e45ef8cd30b6984353a844a11c8cd60dba0e8866b3ee30d24b3fa8a643b328353e06010fa8273c8fd54ef0a2b6930e5520aae5cd5902f9b86a33592ca4365",
2755 "2c14413751c31e2730570ba3361c786b",
2756 "1dbbeb2f19abb448af849796244a19d7",
2757 "40d930f9a05334d9816fe204999c3f82a03f6a0457a8c475c94553d1d116693adc618049f0a769a2eed6a6cb14c0143ec5cccdbc8dec4ce560cfd206225709326d4de7948e54d603d01b12d7fed752fb23f1aa4494fbb00130e9ded4e77e37c079042d828040c325b1a5efd15fc842e44014ca4374bf38f3c3fc3ee327733b0c8aee1abcd055772f18dc04603f7b2c1ea69ff662361f2be0a171bbdcea1e5d3f",
2758 "6be8a12800455a320538853e0cba31bd2d80ea0c85164a4c5c261ae485417d93effe2ebc0d0a0b51d6ea18633d210cf63c0c4ddbc27607f2e81ed9113191ef86d56f3b99be6c415a4150299fb846ce7160b40b63baf1179d19275a2e83698376d28b92548c68e06e6d994e2c1501ed297014e702cdefee2f656447706009614d801de1caaf73f8b7fa56cf1ba94b631933bbe577624380850f117435a0355b2b",
2761 * From NIST validation suite "Multiblock Message Test"
2764 "ba75f4d1d9d7cf7f551445d56cc1a8ab2a078e15e049dc2c",
2765 "531ce78176401666aa30db94ec4a30eb",
2766 "c51fc276774dad94bcdc1d2891ec8668",
2767 "70dd95a14ee975e239df36ff4aee1d5d",
2769 "eab3b19c581aa873e1981c83ab8d83bbf8025111fb2e6b21",
2770 "f3d6667e8d4d791e60f7505ba383eb05",
2771 "9d4e4cccd1682321856df069e3f1c6fa391a083a9fb02d59db74c14081b3acc4",
2772 "51d44779f90d40a80048276c035cb49ca2a47bcb9b9cf7270b9144793787d53f",
2774 "16c93bb398f1fc0cf6d68fc7a5673cdf431fa147852b4a2d",
2775 "eaaeca2e07ddedf562f94df63f0a650f",
2776 "c5ce958613bf741718c17444484ebaf1050ddcacb59b9590178cbe69d7ad7919608cb03af13bbe04f3506b718a301ea0",
2777 "ed6a50e0c6921d52d6647f75d67b4fd56ace1fedb8b5a6a997b4d131640547d22c5d884a75e6752b5846b5b33a5181f4",
2779 "067bb17b4df785697eaccf961f98e212cb75e6797ce935cb",
2780 "8b59c9209c529ca8391c9fc0ce033c38",
2781 "db3785a889b4bd387754da222f0e4c2d2bfe0d79e05bc910fba941beea30f1239eacf0068f4619ec01c368e986fca6b7c58e490579d29611bd10087986eff54f",
2782 "d5f5589760bf9c762228fde236de1fa2dd2dad448db3fa9be0c4196efd46a35c84dd1ac77d9db58c95918cb317a6430a08d2fb6a8e8b0f1c9b72c7a344dc349f",
2784 "0fd39de83e0be77a79c8a4a612e3dd9c8aae2ce35e7a2bf8",
2785 "7e1d629b84f93b079be51f9a5f5cb23c",
2786 "38fbda37e28fa86d9d83a4345e419dea95d28c7818ff25925db6ac3aedaf0a86154e20a4dfcc5b1b4192895393e5eb5846c88bdbd41ecf7af3104f410eaee470f5d9017ed460475f626953035a13db1f",
2787 "edadae2f9a45ff3473e02d904c94d94a30a4d92da4deb6bcb4b0774472694571842039f21c496ef93fd658842c735f8a81fcd0aa578442ab893b18f606aed1bab11f81452dd45e9b56adf2eccf4ea095",
2789 "e3fecc75f0075a09b383dfd389a3d33cc9b854b3b254c0f4",
2790 "36eab883afef936cc38f63284619cd19",
2791 "931b2f5f3a5820d53a6beaaa6431083a3488f4eb03b0f5b57ef838e1579623103bd6e6800377538b2e51ef708f3c4956432e8a8ee6a34e190642b26ad8bdae6c2af9a6c7996f3b6004d2671e41f1c9f40ee03d1c4a52b0a0654a331f15f34dce",
2792 "75395974bd32b3665654a6c8e396b88ae34b123575872a7ab687d8e76b46df911a8a590cd01d2f5c330be3a6626e9dd3aa5e10ed14e8ff829811b6fed50f3f533ca4385a1cbca78f5c4744e50f2f8359165c2485d1324e76c3eae76a0ccac629",
2794 "f9c27565eb07947c8cb51b79248430f7b1066c3d2fdc3d13",
2795 "2bd67cc89ab7948d644a49672843cbd9",
2796 "6abcc270173cf114d44847e911a050db57ba7a2e2c161c6f37ccb6aaa4677bddcaf50cad0b5f8758fcf7c0ebc650ceb5cd52cafb8f8dd3edcece55d9f1f08b9fa8f54365cf56e28b9596a7e1dd1d3418e4444a7724add4cf79d527b183ec88de4be4eeff29c80a97e54f85351cb189ee",
2797 "ca282924a61187feb40520979106e5cc861957f23828dcb7285e0eaac8a0ca2a6b60503d63d6039f4693dba32fa1f73ae2e709ca94911f28a5edd1f30eaddd54680c43acc9c74cd90d8bb648b4e544275f47e514daa20697f66c738eb30337f017fca1a26da4d1a0cc0a0e98e2463070",
2799 "fb09cf9e00dbf883689d079c920077c0073c31890b55bab5",
2800 "e3c89bd097c3abddf64f4881db6dbfe2",
2801 "c1a37683fb289467dd1b2c89efba16bbd2ee24cf18d19d44596ded2682c79a2f711c7a32bf6a24badd32a4ee637c73b7a41da6258635650f91fb9ffa45bdfc3cb122136241b3deced8996aa51ea8d3e81c9d70e006a44bc0571ed48623a0d622a93fa9da290baaedf5d9e876c94620945ff8ecc83f27379ed55cf490c5790f27",
2802 "8158e21420f25b59d6ae943fa1cbf21f02e979f419dab0126a721b7eef55bee9ad97f5ccff7d239057bbc19a8c378142f7672f1d5e7e17d7bebcb0070e8355cace6660171a53b61816ae824a6ef69ce470b6ffd3b5bb4b438874d91d27854d3b6f25860d3868958de3307d62b1339bdddb8a318c0ce0f33c17caf0e9f6040820",
2804 "bca6fa3c67fd294e958f66fe8bd64f45f428f5bc8e9733a7",
2805 "92a47f2833f1450d1da41717bdc6e83c",
2806 "5becbc31d8bead6d36ae014a5863d14a431e6b55d29ea6baaa417271716db3a33b2e506b452086dfe690834ac2de30bc41254ec5401ec47d064237c7792fdcd7914d8af20eb114756642d519021a8c75a92f6bc53d326ae9a5b7e1b10a9756574692934d9939fc399e0c203f7edf8e7e6482eadd31a0400770e897b48c6bca2b404593045080e93377358c42a0f4dede",
2807 "926db248cc1ba20f0c57631a7c8aef094f791937b905949e3460240e8bfa6fa483115a1b310b6e4369caebc5262888377b1ddaa5800ea496a2bdff0f9a1031e7129c9a20e35621e7f0b8baca0d87030f2ae7ca8593c8599677a06fd4b26009ead08fecac24caa9cf2cad3b470c8227415a7b1e0f2eab3fad96d70a209c8bb26c627677e2531b9435ca6e3c444d195b5f",
2809 "162ad50ee64a0702aa551f571dedc16b2c1b6a1e4d4b5eee",
2810 "24408038161a2ccae07b029bb66355c1",
2811 "be8abf00901363987a82cc77d0ec91697ba3857f9e4f84bd79406c138d02698f003276d0449120bef4578d78fecabe8e070e11710b3f0a2744bd52434ec70015884c181ebdfd51c604a71c52e4c0e110bc408cd462b248a80b8a8ac06bb952ac1d7faed144807f1a731b7febcaf7835762defe92eccfc7a9944e1c702cffe6bc86733ed321423121085ac02df8962bcbc1937092eebf0e90a8b20e3dd8c244ae",
2812 "c82cf2c476dea8cb6a6e607a40d2f0391be82ea9ec84a537a6820f9afb997b76397d005424faa6a74dc4e8c7aa4a8900690f894b6d1dca80675393d2243adac762f159301e357e98b724762310cd5a7bafe1c2a030dba46fd93a9fdb89cc132ca9c17dc72031ec6822ee5a9d99dbca66c784c01b0885cbb62e29d97801927ec415a5d215158d325f9ee689437ad1b7684ad33c0d92739451ac87f39ff8c31b84",
2815 * From NIST validation suite "Multiblock Message Test"
2818 "6ed76d2d97c69fd1339589523931f2a6cff554b15f738f21ec72dd97a7330907",
2819 "851e8764776e6796aab722dbb644ace8",
2820 "6282b8c05c5c1530b97d4816ca434762",
2821 "6acc04142e100a65f51b97adf5172c41",
2823 "dce26c6b4cfb286510da4eecd2cffe6cdf430f33db9b5f77b460679bd49d13ae",
2824 "fdeaa134c8d7379d457175fd1a57d3fc",
2825 "50e9eee1ac528009e8cbcd356975881f957254b13f91d7c6662d10312052eb00",
2826 "2fa0df722a9fd3b64cb18fb2b3db55ff2267422757289413f8f657507412a64c",
2828 "fe8901fecd3ccd2ec5fdc7c7a0b50519c245b42d611a5ef9e90268d59f3edf33",
2829 "bd416cb3b9892228d8f1df575692e4d0",
2830 "8d3aa196ec3d7c9b5bb122e7fe77fb1295a6da75abe5d3a510194d3a8a4157d5c89d40619716619859da3ec9b247ced9",
2831 "608e82c7ab04007adb22e389a44797fed7de090c8c03ca8a2c5acd9e84df37fbc58ce8edb293e98f02b640d6d1d72464",
2833 "0493ff637108af6a5b8e90ac1fdf035a3d4bafd1afb573be7ade9e8682e663e5",
2834 "c0cd2bebccbb6c49920bd5482ac756e8",
2835 "8b37f9148df4bb25956be6310c73c8dc58ea9714ff49b643107b34c9bff096a94fedd6823526abc27a8e0b16616eee254ab4567dd68e8ccd4c38ac563b13639c",
2836 "05d5c77729421b08b737e41119fa4438d1f570cc772a4d6c3df7ffeda0384ef84288ce37fc4c4c7d1125a499b051364c389fd639bdda647daa3bdadab2eb5594",
2838 "9adc8fbd506e032af7fa20cf5343719de6d1288c158c63d6878aaf64ce26ca85",
2839 "11958dc6ab81e1c7f01631e9944e620f",
2840 "c7917f84f747cd8c4b4fedc2219bdbc5f4d07588389d8248854cf2c2f89667a2d7bcf53e73d32684535f42318e24cd45793950b3825e5d5c5c8fcd3e5dda4ce9246d18337ef3052d8b21c5561c8b660e",
2841 "9c99e68236bb2e929db1089c7750f1b356d39ab9d0c40c3e2f05108ae9d0c30b04832ccdbdc08ebfa426b7f5efde986ed05784ce368193bb3699bc691065ac62e258b9aa4cc557e2b45b49ce05511e65",
2843 "73b8faf00b3302ac99855cf6f9e9e48518690a5906a4869d4dcf48d282faae2a",
2844 "b3cb97a80a539912b8c21f450d3b9395",
2845 "3adea6e06e42c4f041021491f2775ef6378cb08824165edc4f6448e232175b60d0345b9f9c78df6596ec9d22b7b9e76e8f3c76b32d5d67273f1d83fe7a6fc3dd3c49139170fa5701b3beac61b490f0a9e13f844640c4500f9ad3087adfb0ae10",
2846 "ac3d6dbafe2e0f740632fd9e820bf6044cd5b1551cbb9cc03c0b25c39ccb7f33b83aacfca40a3265f2bbff879153448acacb88fcfb3bb7b10fe463a68c0109f028382e3e557b1adf02ed648ab6bb895df0205d26ebbfa9a5fd8cebd8e4bee3dc",
2848 "9ddf3745896504ff360a51a3eb49c01b79fccebc71c3abcb94a949408b05b2c9",
2849 "e79026639d4aa230b5ccffb0b29d79bc",
2850 "cf52e5c3954c51b94c9e38acb8c9a7c76aebdaa9943eae0a1ce155a2efdb4d46985d935511471452d9ee64d2461cb2991d59fc0060697f9a671672163230f367fed1422316e52d29eceacb8768f56d9b80f6d278093c9a8acd3cfd7edd8ebd5c293859f64d2f8486ae1bd593c65bc014",
2851 "34df561bd2cfebbcb7af3b4b8d21ca5258312e7e2e4e538e35ad2490b6112f0d7f148f6aa8d522a7f3c61d785bd667db0e1dc4606c318ea4f26af4fe7d11d4dcff0456511b4aed1a0d91ba4a1fd6cd9029187bc5881a5a07fe02049d39368e83139b12825bae2c7be81e6f12c61bb5c5",
2853 "458b67bf212d20f3a57fce392065582dcefbf381aa22949f8338ab9052260e1d",
2854 "4c12effc5963d40459602675153e9649",
2855 "256fd73ce35ae3ea9c25dd2a9454493e96d8633fe633b56176dce8785ce5dbbb84dbf2c8a2eeb1e96b51899605e4f13bbc11b93bf6f39b3469be14858b5b720d4a522d36feed7a329c9b1e852c9280c47db8039c17c4921571a07d1864128330e09c308ddea1694e95c84500f1a61e614197e86a30ecc28df64ccb3ccf5437aa",
2856 "90b7b9630a2378f53f501ab7beff039155008071bc8438e789932cfd3eb1299195465e6633849463fdb44375278e2fdb1310821e6492cf80ff15cb772509fb426f3aeee27bd4938882fd2ae6b5bd9d91fa4a43b17bb439ebbe59c042310163a82a5fe5388796eee35a181a1271f00be29b852d8fa759bad01ff4678f010594cd",
2858 "d2412db0845d84e5732b8bbd642957473b81fb99ca8bff70e7920d16c1dbec89",
2859 "51c619fcf0b23f0c7925f400a6cacb6d",
2860 "026006c4a71a180c9929824d9d095b8faaa86fc4fa25ecac61d85ff6de92dfa8702688c02a282c1b8af4449707f22d75e91991015db22374c95f8f195d5bb0afeb03040ff8965e0e1339dba5653e174f8aa5a1b39fe3ac839ce307a4e44b4f8f1b0063f738ec18acdbff2ebfe07383e734558723e741f0a1836dafdf9de82210a9248bc113b3c1bc8b4e252ca01bd803",
2861 "0254b23463bcabec5a395eb74c8fb0eb137a07bc6f5e9f61ec0b057de305714f8fa294221c91a159c315939b81e300ee902192ec5f15254428d8772f79324ec43298ca21c00b370273ee5e5ed90e43efa1e05a5d171209fe34f9f29237dba2a6726650fd3b1321747d1208863c6c3c6b3e2d879ab5f25782f08ba8f2abbe63e0bedb4a227e81afb36bb6645508356d34",
2863 "48be597e632c16772324c8d3fa1d9c5a9ecd010f14ec5d110d3bfec376c5532b",
2864 "d6d581b8cf04ebd3b6eaa1b53f047ee1",
2865 "0c63d413d3864570e70bb6618bf8a4b9585586688c32bba0a5ecc1362fada74ada32c52acfd1aa7444ba567b4e7daaecf7cc1cb29182af164ae5232b002868695635599807a9a7f07a1f137e97b1e1c9dabc89b6a5e4afa9db5855edaa575056a8f4f8242216242bb0c256310d9d329826ac353d715fa39f80cec144d6424558f9f70b98c920096e0f2c855d594885a00625880e9dfb734163cecef72cf030b8",
2866 "fc5873e50de8faf4c6b84ba707b0854e9db9ab2e9f7d707fbba338c6843a18fc6facebaf663d26296fb329b4d26f18494c79e09e779647f9bafa87489630d79f4301610c2300c19dbf3148b7cac8c4f4944102754f332e92b6f7c5e75bc6179eb877a078d4719009021744c14f13fd2a55a2b9c44d18000685a845a4f632c7c56a77306efa66a24d05d088dcd7c13fe24fc447275965db9e4d37fbc9304448cd",
2869 * End-of-table marker.
2875 * AES known-answer tests for CTR. Order: key, IV, plaintext, ciphertext.
2877 static const char *const KAT_AES_CTR
[] = {
2881 "ae6852f8121067cc4bf7a5765577f39e",
2882 "000000300000000000000000",
2883 "53696e676c6520626c6f636b206d7367",
2884 "e4095d4fb7a7b3792d6175a3261311b8",
2886 "7e24067817fae0d743d6ce1f32539163",
2887 "006cb6dbc0543b59da48d90b",
2888 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2889 "5104a106168a72d9790d41ee8edad388eb2e1efc46da57c8fce630df9141be28",
2891 "7691be035e5020a8ac6e618529f9a0dc",
2892 "00e0017b27777f3f4a1786f0",
2893 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2894 "c1cf48a89f2ffdd9cf4652e9efdb72d74540a42bde6d7836d59a5ceaaef3105325b2072f",
2896 "16af5b145fc9f579c175f93e3bfb0eed863d06ccfdb78515",
2897 "0000004836733c147d6d93cb",
2898 "53696e676c6520626c6f636b206d7367",
2899 "4b55384fe259c9c84e7935a003cbe928",
2901 "7c5cb2401b3dc33c19e7340819e0f69c678c3db8e6f6a91a",
2902 "0096b03b020c6eadc2cb500d",
2903 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2904 "453243fc609b23327edfaafa7131cd9f8490701c5ad4a79cfc1fe0ff42f4fb00",
2906 "02bf391ee8ecb159b959617b0965279bf59b60a786d3e0fe",
2907 "0007bdfd5cbd60278dcc0912",
2908 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2909 "96893fc55e5c722f540b7dd1ddf7e758d288bc95c69165884536c811662f2188abee0935",
2911 "776beff2851db06f4c8a0542c8696f6c6a81af1eec96b4d37fc1d689e6c1c104",
2912 "00000060db5672c97aa8f0b2",
2913 "53696e676c6520626c6f636b206d7367",
2914 "145ad01dbf824ec7560863dc71e3e0c0",
2916 "f6d66d6bd52d59bb0796365879eff886c66dd51a5b6a99744b50590c87a23884",
2917 "00faac24c1585ef15a43d875",
2918 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
2919 "f05e231b3894612c49ee000b804eb2a9b8306b508f839d6a5530831d9344af1c",
2921 "ff7a617ce69148e4f1726e2f43581de2aa62d9f805532edff1eed687fb54153d",
2922 "001cc5b751a51d70a1c11148",
2923 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223",
2924 "eb6c52821d0bbbf7ce7594462aca4faab407df866569fd07f48cc0b583d6071f1ec0e6b8",
2927 * End-of-table marker.
2933 monte_carlo_AES_encrypt(const br_block_cbcenc_class
*ve
,
2934 char *skey
, char *splain
, char *scipher
)
2936 unsigned char key
[32];
2937 unsigned char buf
[16];
2938 unsigned char pbuf
[16];
2939 unsigned char cipher
[16];
2942 br_aes_gen_cbcenc_keys v_ec
;
2943 const br_block_cbcenc_class
**ec
;
2946 key_len
= hextobin(key
, skey
);
2947 hextobin(buf
, splain
);
2948 hextobin(cipher
, scipher
);
2949 for (i
= 0; i
< 100; i
++) {
2950 ve
->init(ec
, key
, key_len
);
2951 for (j
= 0; j
< 1000; j
++) {
2952 unsigned char iv
[16];
2954 memcpy(pbuf
, buf
, sizeof buf
);
2955 memset(iv
, 0, sizeof iv
);
2956 ve
->run(ec
, iv
, buf
, sizeof buf
);
2960 for (k
= 0; k
< 16; k
++) {
2965 for (k
= 0; k
< 8; k
++) {
2966 key
[k
] ^= pbuf
[8 + k
];
2968 for (k
= 0; k
< 16; k
++) {
2969 key
[8 + k
] ^= buf
[k
];
2973 for (k
= 0; k
< 16; k
++) {
2975 key
[16 + k
] ^= buf
[k
];
2984 check_equals("MC AES encrypt", buf
, cipher
, sizeof buf
);
2988 monte_carlo_AES_decrypt(const br_block_cbcdec_class
*vd
,
2989 char *skey
, char *scipher
, char *splain
)
2991 unsigned char key
[32];
2992 unsigned char buf
[16];
2993 unsigned char pbuf
[16];
2994 unsigned char plain
[16];
2997 br_aes_gen_cbcdec_keys v_dc
;
2998 const br_block_cbcdec_class
**dc
;
3001 key_len
= hextobin(key
, skey
);
3002 hextobin(buf
, scipher
);
3003 hextobin(plain
, splain
);
3004 for (i
= 0; i
< 100; i
++) {
3005 vd
->init(dc
, key
, key_len
);
3006 for (j
= 0; j
< 1000; j
++) {
3007 unsigned char iv
[16];
3009 memcpy(pbuf
, buf
, sizeof buf
);
3010 memset(iv
, 0, sizeof iv
);
3011 vd
->run(dc
, iv
, buf
, sizeof buf
);
3015 for (k
= 0; k
< 16; k
++) {
3020 for (k
= 0; k
< 8; k
++) {
3021 key
[k
] ^= pbuf
[8 + k
];
3023 for (k
= 0; k
< 16; k
++) {
3024 key
[8 + k
] ^= buf
[k
];
3028 for (k
= 0; k
< 16; k
++) {
3030 key
[16 + k
] ^= buf
[k
];
3039 check_equals("MC AES decrypt", buf
, plain
, sizeof buf
);
3043 test_AES_generic(char *name
,
3044 const br_block_cbcenc_class
*ve
,
3045 const br_block_cbcdec_class
*vd
,
3046 const br_block_ctr_class
*vc
,
3047 int with_MC
, int with_CBC
)
3051 printf("Test %s: ", name
);
3054 if (ve
->block_size
!= 16 || vd
->block_size
!= 16
3055 || ve
->log_block_size
!= 4 || vd
->log_block_size
!= 4)
3057 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3061 for (u
= 0; KAT_AES
[u
]; u
+= 3) {
3062 unsigned char key
[32];
3063 unsigned char plain
[16];
3064 unsigned char cipher
[16];
3065 unsigned char buf
[16];
3066 unsigned char iv
[16];
3068 br_aes_gen_cbcenc_keys v_ec
;
3069 br_aes_gen_cbcdec_keys v_dc
;
3070 const br_block_cbcenc_class
**ec
;
3071 const br_block_cbcdec_class
**dc
;
3075 key_len
= hextobin(key
, KAT_AES
[u
]);
3076 hextobin(plain
, KAT_AES
[u
+ 1]);
3077 hextobin(cipher
, KAT_AES
[u
+ 2]);
3078 ve
->init(ec
, key
, key_len
);
3079 memcpy(buf
, plain
, sizeof plain
);
3080 memset(iv
, 0, sizeof iv
);
3081 ve
->run(ec
, iv
, buf
, sizeof buf
);
3082 check_equals("KAT AES encrypt", buf
, cipher
, sizeof cipher
);
3083 vd
->init(dc
, key
, key_len
);
3084 memset(iv
, 0, sizeof iv
);
3085 vd
->run(dc
, iv
, buf
, sizeof buf
);
3086 check_equals("KAT AES decrypt", buf
, plain
, sizeof plain
);
3090 for (u
= 0; KAT_AES_CBC
[u
]; u
+= 4) {
3091 unsigned char key
[32];
3092 unsigned char ivref
[16];
3093 unsigned char plain
[200];
3094 unsigned char cipher
[200];
3095 unsigned char buf
[200];
3096 unsigned char iv
[16];
3097 size_t key_len
, data_len
, v
;
3098 br_aes_gen_cbcenc_keys v_ec
;
3099 br_aes_gen_cbcdec_keys v_dc
;
3100 const br_block_cbcenc_class
**ec
;
3101 const br_block_cbcdec_class
**dc
;
3105 key_len
= hextobin(key
, KAT_AES_CBC
[u
]);
3106 hextobin(ivref
, KAT_AES_CBC
[u
+ 1]);
3107 data_len
= hextobin(plain
, KAT_AES_CBC
[u
+ 2]);
3108 hextobin(cipher
, KAT_AES_CBC
[u
+ 3]);
3109 ve
->init(ec
, key
, key_len
);
3111 memcpy(buf
, plain
, data_len
);
3112 memcpy(iv
, ivref
, 16);
3113 ve
->run(ec
, iv
, buf
, data_len
);
3114 check_equals("KAT CBC AES encrypt",
3115 buf
, cipher
, data_len
);
3116 vd
->init(dc
, key
, key_len
);
3117 memcpy(iv
, ivref
, 16);
3118 vd
->run(dc
, iv
, buf
, data_len
);
3119 check_equals("KAT CBC AES decrypt",
3120 buf
, plain
, data_len
);
3122 memcpy(buf
, plain
, data_len
);
3123 memcpy(iv
, ivref
, 16);
3124 for (v
= 0; v
< data_len
; v
+= 16) {
3125 ve
->run(ec
, iv
, buf
+ v
, 16);
3127 check_equals("KAT CBC AES encrypt (2)",
3128 buf
, cipher
, data_len
);
3129 memcpy(iv
, ivref
, 16);
3130 for (v
= 0; v
< data_len
; v
+= 16) {
3131 vd
->run(dc
, iv
, buf
+ v
, 16);
3133 check_equals("KAT CBC AES decrypt (2)",
3134 buf
, plain
, data_len
);
3138 * We want to check proper IV management for CBC:
3139 * encryption and decryption must properly copy the _last_
3140 * encrypted block as new IV, for all sizes.
3142 for (u
= 1; u
<= 35; u
++) {
3143 br_hmac_drbg_context rng
;
3145 size_t key_len
, data_len
;
3148 br_hmac_drbg_init(&rng
, &br_sha256_vtable
,
3149 "seed for AES/CBC", 16);
3151 br_hmac_drbg_update(&rng
, &x
, 1);
3153 for (key_len
= 16; key_len
<= 32; key_len
+= 16) {
3154 unsigned char key
[32];
3155 unsigned char iv
[16], iv1
[16], iv2
[16];
3156 unsigned char plain
[35 * 16];
3157 unsigned char tmp1
[sizeof plain
];
3158 unsigned char tmp2
[sizeof plain
];
3159 br_aes_gen_cbcenc_keys v_ec
;
3160 br_aes_gen_cbcdec_keys v_dc
;
3161 const br_block_cbcenc_class
**ec
;
3162 const br_block_cbcdec_class
**dc
;
3164 br_hmac_drbg_generate(&rng
, key
, key_len
);
3165 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
3166 br_hmac_drbg_generate(&rng
, plain
, data_len
);
3169 ve
->init(ec
, key
, key_len
);
3170 memcpy(iv1
, iv
, sizeof iv
);
3171 memcpy(tmp1
, plain
, data_len
);
3172 ve
->run(ec
, iv1
, tmp1
, data_len
);
3173 check_equals("IV CBC AES (1)",
3174 tmp1
+ data_len
- 16, iv1
, 16);
3175 memcpy(iv2
, iv
, sizeof iv
);
3176 memcpy(tmp2
, plain
, data_len
);
3177 for (v
= 0; v
< data_len
; v
+= 16) {
3178 ve
->run(ec
, iv2
, tmp2
+ v
, 16);
3180 check_equals("IV CBC AES (2)",
3181 tmp2
+ data_len
- 16, iv2
, 16);
3182 check_equals("IV CBC AES (3)",
3183 tmp1
, tmp2
, data_len
);
3186 vd
->init(dc
, key
, key_len
);
3187 memcpy(iv1
, iv
, sizeof iv
);
3188 vd
->run(dc
, iv1
, tmp1
, data_len
);
3189 check_equals("IV CBC AES (4)", iv1
, iv2
, 16);
3190 check_equals("IV CBC AES (5)",
3191 tmp1
, plain
, data_len
);
3192 memcpy(iv2
, iv
, sizeof iv
);
3193 for (v
= 0; v
< data_len
; v
+= 16) {
3194 vd
->run(dc
, iv2
, tmp2
+ v
, 16);
3196 check_equals("IV CBC AES (6)", iv1
, iv2
, 16);
3197 check_equals("IV CBC AES (7)",
3198 tmp2
, plain
, data_len
);
3204 if (vc
->block_size
!= 16 || vc
->log_block_size
!= 4) {
3205 fprintf(stderr
, "%s failed: wrong block size\n", name
);
3208 for (u
= 0; KAT_AES_CTR
[u
]; u
+= 4) {
3209 unsigned char key
[32];
3210 unsigned char iv
[12];
3211 unsigned char plain
[200];
3212 unsigned char cipher
[200];
3213 unsigned char buf
[200];
3214 size_t key_len
, data_len
, v
;
3216 br_aes_gen_ctr_keys v_xc
;
3217 const br_block_ctr_class
**xc
;
3220 key_len
= hextobin(key
, KAT_AES_CTR
[u
]);
3221 hextobin(iv
, KAT_AES_CTR
[u
+ 1]);
3222 data_len
= hextobin(plain
, KAT_AES_CTR
[u
+ 2]);
3223 hextobin(cipher
, KAT_AES_CTR
[u
+ 3]);
3224 vc
->init(xc
, key
, key_len
);
3225 memcpy(buf
, plain
, data_len
);
3226 vc
->run(xc
, iv
, 1, buf
, data_len
);
3227 check_equals("KAT CTR AES (1)", buf
, cipher
, data_len
);
3228 vc
->run(xc
, iv
, 1, buf
, data_len
);
3229 check_equals("KAT CTR AES (2)", buf
, plain
, data_len
);
3231 memcpy(buf
, plain
, data_len
);
3233 for (v
= 0; v
< data_len
; v
+= 32) {
3236 clen
= data_len
- v
;
3240 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3242 check_equals("KAT CTR AES (3)", buf
, cipher
, data_len
);
3244 memcpy(buf
, plain
, data_len
);
3246 for (v
= 0; v
< data_len
; v
+= 16) {
3249 clen
= data_len
- v
;
3253 c
= vc
->run(xc
, iv
, c
, buf
+ v
, clen
);
3255 check_equals("KAT CTR AES (4)", buf
, cipher
, data_len
);
3260 monte_carlo_AES_encrypt(
3262 "139a35422f1d61de3c91787fe0507afd",
3263 "b9145a768b7dc489a096b546f43b231f",
3264 "fb2649694783b551eacd9d5db6126d47");
3265 monte_carlo_AES_decrypt(
3267 "0c60e7bf20ada9baa9e1ddf0d1540726",
3268 "b08a29b11a500ea3aca42c36675b9785",
3269 "d1d2bfdc58ffcad2341b095bce55221e");
3271 monte_carlo_AES_encrypt(
3273 "b9a63e09e1dfc42e93a90d9bad739e5967aef672eedd5da9",
3274 "85a1f7a58167b389cddc8a9ff175ee26",
3275 "5d1196da8f184975e240949a25104554");
3276 monte_carlo_AES_decrypt(
3278 "4b97585701c03fbebdfa8555024f589f1482c58a00fdd9fd",
3279 "d0bd0e02ded155e4516be83f42d347a4",
3280 "b63ef1b79507a62eba3dafcec54a6328");
3282 monte_carlo_AES_encrypt(
3284 "f9e8389f5b80712e3886cc1fa2d28a3b8c9cd88a2d4a54c6aa86ce0fef944be0",
3285 "b379777f9050e2a818f2940cbbd9aba4",
3286 "c5d2cb3d5b7ff0e23e308967ee074825");
3287 monte_carlo_AES_decrypt(
3289 "2b09ba39b834062b9e93f48373b8dd018dedf1e5ba1b8af831ebbacbc92a2643",
3290 "89649bd0115f30bd878567610223a59d",
3291 "e3d3868f578caf34e36445bf14cefc68");
3301 test_AES_generic("AES_big",
3302 &br_aes_big_cbcenc_vtable
,
3303 &br_aes_big_cbcdec_vtable
,
3304 &br_aes_big_ctr_vtable
,
3309 test_AES_small(void)
3311 test_AES_generic("AES_small",
3312 &br_aes_small_cbcenc_vtable
,
3313 &br_aes_small_cbcdec_vtable
,
3314 &br_aes_small_ctr_vtable
,
3321 test_AES_generic("AES_ct",
3322 &br_aes_ct_cbcenc_vtable
,
3323 &br_aes_ct_cbcdec_vtable
,
3324 &br_aes_ct_ctr_vtable
,
3331 test_AES_generic("AES_ct64",
3332 &br_aes_ct64_cbcenc_vtable
,
3333 &br_aes_ct64_cbcdec_vtable
,
3334 &br_aes_ct64_ctr_vtable
,
3339 test_AES_x86ni(void)
3341 const br_block_cbcenc_class
*x_cbcenc
;
3342 const br_block_cbcdec_class
*x_cbcdec
;
3343 const br_block_ctr_class
*x_ctr
;
3344 int hcbcenc
, hcbcdec
, hctr
;
3346 x_cbcenc
= br_aes_x86ni_cbcenc_get_vtable();
3347 x_cbcdec
= br_aes_x86ni_cbcdec_get_vtable();
3348 x_ctr
= br_aes_x86ni_ctr_get_vtable();
3349 hcbcenc
= (x_cbcenc
!= NULL
);
3350 hcbcdec
= (x_cbcdec
!= NULL
);
3351 hctr
= (x_ctr
!= NULL
);
3352 if (hcbcenc
!= hctr
|| hcbcdec
!= hctr
) {
3353 fprintf(stderr
, "AES_x86ni availability mismatch (%d/%d/%d)\n",
3354 hcbcenc
, hcbcdec
, hctr
);
3358 test_AES_generic("AES_x86ni",
3359 x_cbcenc
, x_cbcdec
, x_ctr
, 1, 1);
3361 printf("Test AES_x86ni: UNAVAILABLE\n");
3368 const br_block_cbcenc_class
*x_cbcenc
;
3369 const br_block_cbcdec_class
*x_cbcdec
;
3370 const br_block_ctr_class
*x_ctr
;
3371 int hcbcenc
, hcbcdec
, hctr
;
3373 x_cbcenc
= br_aes_pwr8_cbcenc_get_vtable();
3374 x_cbcdec
= br_aes_pwr8_cbcdec_get_vtable();
3375 x_ctr
= br_aes_pwr8_ctr_get_vtable();
3376 hcbcenc
= (x_cbcenc
!= NULL
);
3377 hcbcdec
= (x_cbcdec
!= NULL
);
3378 hctr
= (x_ctr
!= NULL
);
3379 if (hcbcenc
!= hctr
|| hcbcdec
!= hctr
) {
3380 fprintf(stderr
, "AES_pwr8 availability mismatch (%d/%d/%d)\n",
3381 hcbcenc
, hcbcdec
, hctr
);
3385 test_AES_generic("AES_pwr8",
3386 x_cbcenc
, x_cbcdec
, x_ctr
, 1, 1);
3388 printf("Test AES_pwr8: UNAVAILABLE\n");
3393 * DES known-answer tests. Order: plaintext, key, ciphertext.
3394 * (mostly from NIST SP 800-20).
3396 static const char *const KAT_DES
[] = {
3397 "10316E028C8F3B4A", "0000000000000000", "82DCBAFBDEAB6602",
3398 "8000000000000000", "0000000000000000", "95A8D72813DAA94D",
3399 "4000000000000000", "0000000000000000", "0EEC1487DD8C26D5",
3400 "2000000000000000", "0000000000000000", "7AD16FFB79C45926",
3401 "1000000000000000", "0000000000000000", "D3746294CA6A6CF3",
3402 "0800000000000000", "0000000000000000", "809F5F873C1FD761",
3403 "0400000000000000", "0000000000000000", "C02FAFFEC989D1FC",
3404 "0200000000000000", "0000000000000000", "4615AA1D33E72F10",
3405 "0100000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3406 "0080000000000000", "0000000000000000", "2055123350C00858",
3407 "0040000000000000", "0000000000000000", "DF3B99D6577397C8",
3408 "0020000000000000", "0000000000000000", "31FE17369B5288C9",
3409 "0010000000000000", "0000000000000000", "DFDD3CC64DAE1642",
3410 "0008000000000000", "0000000000000000", "178C83CE2B399D94",
3411 "0004000000000000", "0000000000000000", "50F636324A9B7F80",
3412 "0002000000000000", "0000000000000000", "A8468EE3BC18F06D",
3413 "0001000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3414 "0000800000000000", "0000000000000000", "A2DC9E92FD3CDE92",
3415 "0000400000000000", "0000000000000000", "CAC09F797D031287",
3416 "0000200000000000", "0000000000000000", "90BA680B22AEB525",
3417 "0000100000000000", "0000000000000000", "CE7A24F350E280B6",
3418 "0000080000000000", "0000000000000000", "882BFF0AA01A0B87",
3419 "0000040000000000", "0000000000000000", "25610288924511C2",
3420 "0000020000000000", "0000000000000000", "C71516C29C75D170",
3421 "0000010000000000", "0000000000000000", "8CA64DE9C1B123A7",
3422 "0000008000000000", "0000000000000000", "5199C29A52C9F059",
3423 "0000004000000000", "0000000000000000", "C22F0A294A71F29F",
3424 "0000002000000000", "0000000000000000", "EE371483714C02EA",
3425 "0000001000000000", "0000000000000000", "A81FBD448F9E522F",
3426 "0000000800000000", "0000000000000000", "4F644C92E192DFED",
3427 "0000000400000000", "0000000000000000", "1AFA9A66A6DF92AE",
3428 "0000000200000000", "0000000000000000", "B3C1CC715CB879D8",
3429 "0000000100000000", "0000000000000000", "8CA64DE9C1B123A7",
3430 "0000000080000000", "0000000000000000", "19D032E64AB0BD8B",
3431 "0000000040000000", "0000000000000000", "3CFAA7A7DC8720DC",
3432 "0000000020000000", "0000000000000000", "B7265F7F447AC6F3",
3433 "0000000010000000", "0000000000000000", "9DB73B3C0D163F54",
3434 "0000000008000000", "0000000000000000", "8181B65BABF4A975",
3435 "0000000004000000", "0000000000000000", "93C9B64042EAA240",
3436 "0000000002000000", "0000000000000000", "5570530829705592",
3437 "0000000001000000", "0000000000000000", "8CA64DE9C1B123A7",
3438 "0000000000800000", "0000000000000000", "8638809E878787A0",
3439 "0000000000400000", "0000000000000000", "41B9A79AF79AC208",
3440 "0000000000200000", "0000000000000000", "7A9BE42F2009A892",
3441 "0000000000100000", "0000000000000000", "29038D56BA6D2745",
3442 "0000000000080000", "0000000000000000", "5495C6ABF1E5DF51",
3443 "0000000000040000", "0000000000000000", "AE13DBD561488933",
3444 "0000000000020000", "0000000000000000", "024D1FFA8904E389",
3445 "0000000000010000", "0000000000000000", "8CA64DE9C1B123A7",
3446 "0000000000008000", "0000000000000000", "D1399712F99BF02E",
3447 "0000000000004000", "0000000000000000", "14C1D7C1CFFEC79E",
3448 "0000000000002000", "0000000000000000", "1DE5279DAE3BED6F",
3449 "0000000000001000", "0000000000000000", "E941A33F85501303",
3450 "0000000000000800", "0000000000000000", "DA99DBBC9A03F379",
3451 "0000000000000400", "0000000000000000", "B7FC92F91D8E92E9",
3452 "0000000000000200", "0000000000000000", "AE8E5CAA3CA04E85",
3453 "0000000000000100", "0000000000000000", "8CA64DE9C1B123A7",
3454 "0000000000000080", "0000000000000000", "9CC62DF43B6EED74",
3455 "0000000000000040", "0000000000000000", "D863DBB5C59A91A0",
3456 "0000000000000020", "0000000000000000", "A1AB2190545B91D7",
3457 "0000000000000010", "0000000000000000", "0875041E64C570F7",
3458 "0000000000000008", "0000000000000000", "5A594528BEBEF1CC",
3459 "0000000000000004", "0000000000000000", "FCDB3291DE21F0C0",
3460 "0000000000000002", "0000000000000000", "869EFD7F9F265A09",
3461 "0000000000000001", "0000000000000000", "8CA64DE9C1B123A7",
3462 "0000000000000000", "8000000000000000", "95F8A5E5DD31D900",
3463 "0000000000000000", "4000000000000000", "DD7F121CA5015619",
3464 "0000000000000000", "2000000000000000", "2E8653104F3834EA",
3465 "0000000000000000", "1000000000000000", "4BD388FF6CD81D4F",
3466 "0000000000000000", "0800000000000000", "20B9E767B2FB1456",
3467 "0000000000000000", "0400000000000000", "55579380D77138EF",
3468 "0000000000000000", "0200000000000000", "6CC5DEFAAF04512F",
3469 "0000000000000000", "0100000000000000", "0D9F279BA5D87260",
3470 "0000000000000000", "0080000000000000", "D9031B0271BD5A0A",
3471 "0000000000000000", "0040000000000000", "424250B37C3DD951",
3472 "0000000000000000", "0020000000000000", "B8061B7ECD9A21E5",
3473 "0000000000000000", "0010000000000000", "F15D0F286B65BD28",
3474 "0000000000000000", "0008000000000000", "ADD0CC8D6E5DEBA1",
3475 "0000000000000000", "0004000000000000", "E6D5F82752AD63D1",
3476 "0000000000000000", "0002000000000000", "ECBFE3BD3F591A5E",
3477 "0000000000000000", "0001000000000000", "F356834379D165CD",
3478 "0000000000000000", "0000800000000000", "2B9F982F20037FA9",
3479 "0000000000000000", "0000400000000000", "889DE068A16F0BE6",
3480 "0000000000000000", "0000200000000000", "E19E275D846A1298",
3481 "0000000000000000", "0000100000000000", "329A8ED523D71AEC",
3482 "0000000000000000", "0000080000000000", "E7FCE22557D23C97",
3483 "0000000000000000", "0000040000000000", "12A9F5817FF2D65D",
3484 "0000000000000000", "0000020000000000", "A484C3AD38DC9C19",
3485 "0000000000000000", "0000010000000000", "FBE00A8A1EF8AD72",
3486 "0000000000000000", "0000008000000000", "750D079407521363",
3487 "0000000000000000", "0000004000000000", "64FEED9C724C2FAF",
3488 "0000000000000000", "0000002000000000", "F02B263B328E2B60",
3489 "0000000000000000", "0000001000000000", "9D64555A9A10B852",
3490 "0000000000000000", "0000000800000000", "D106FF0BED5255D7",
3491 "0000000000000000", "0000000400000000", "E1652C6B138C64A5",
3492 "0000000000000000", "0000000200000000", "E428581186EC8F46",
3493 "0000000000000000", "0000000100000000", "AEB5F5EDE22D1A36",
3494 "0000000000000000", "0000000080000000", "E943D7568AEC0C5C",
3495 "0000000000000000", "0000000040000000", "DF98C8276F54B04B",
3496 "0000000000000000", "0000000020000000", "B160E4680F6C696F",
3497 "0000000000000000", "0000000010000000", "FA0752B07D9C4AB8",
3498 "0000000000000000", "0000000008000000", "CA3A2B036DBC8502",
3499 "0000000000000000", "0000000004000000", "5E0905517BB59BCF",
3500 "0000000000000000", "0000000002000000", "814EEB3B91D90726",
3501 "0000000000000000", "0000000001000000", "4D49DB1532919C9F",
3502 "0000000000000000", "0000000000800000", "25EB5FC3F8CF0621",
3503 "0000000000000000", "0000000000400000", "AB6A20C0620D1C6F",
3504 "0000000000000000", "0000000000200000", "79E90DBC98F92CCA",
3505 "0000000000000000", "0000000000100000", "866ECEDD8072BB0E",
3506 "0000000000000000", "0000000000080000", "8B54536F2F3E64A8",
3507 "0000000000000000", "0000000000040000", "EA51D3975595B86B",
3508 "0000000000000000", "0000000000020000", "CAFFC6AC4542DE31",
3509 "0000000000000000", "0000000000010000", "8DD45A2DDF90796C",
3510 "0000000000000000", "0000000000008000", "1029D55E880EC2D0",
3511 "0000000000000000", "0000000000004000", "5D86CB23639DBEA9",
3512 "0000000000000000", "0000000000002000", "1D1CA853AE7C0C5F",
3513 "0000000000000000", "0000000000001000", "CE332329248F3228",
3514 "0000000000000000", "0000000000000800", "8405D1ABE24FB942",
3515 "0000000000000000", "0000000000000400", "E643D78090CA4207",
3516 "0000000000000000", "0000000000000200", "48221B9937748A23",
3517 "0000000000000000", "0000000000000100", "DD7C0BBD61FAFD54",
3518 "0000000000000000", "0000000000000080", "2FBC291A570DB5C4",
3519 "0000000000000000", "0000000000000040", "E07C30D7E4E26E12",
3520 "0000000000000000", "0000000000000020", "0953E2258E8E90A1",
3521 "0000000000000000", "0000000000000010", "5B711BC4CEEBF2EE",
3522 "0000000000000000", "0000000000000008", "CC083F1E6D9E85F6",
3523 "0000000000000000", "0000000000000004", "D2FD8867D50D2DFE",
3524 "0000000000000000", "0000000000000002", "06E7EA22CE92708F",
3525 "0000000000000000", "0000000000000001", "166B40B44ABA4BD6",
3526 "0000000000000000", "0000000000000000", "8CA64DE9C1B123A7",
3527 "0101010101010101", "0101010101010101", "994D4DC157B96C52",
3528 "0202020202020202", "0202020202020202", "E127C2B61D98E6E2",
3529 "0303030303030303", "0303030303030303", "984C91D78A269CE3",
3530 "0404040404040404", "0404040404040404", "1F4570BB77550683",
3531 "0505050505050505", "0505050505050505", "3990ABF98D672B16",
3532 "0606060606060606", "0606060606060606", "3F5150BBA081D585",
3533 "0707070707070707", "0707070707070707", "C65242248C9CF6F2",
3534 "0808080808080808", "0808080808080808", "10772D40FAD24257",
3535 "0909090909090909", "0909090909090909", "F0139440647A6E7B",
3536 "0A0A0A0A0A0A0A0A", "0A0A0A0A0A0A0A0A", "0A288603044D740C",
3537 "0B0B0B0B0B0B0B0B", "0B0B0B0B0B0B0B0B", "6359916942F7438F",
3538 "0C0C0C0C0C0C0C0C", "0C0C0C0C0C0C0C0C", "934316AE443CF08B",
3539 "0D0D0D0D0D0D0D0D", "0D0D0D0D0D0D0D0D", "E3F56D7F1130A2B7",
3540 "0E0E0E0E0E0E0E0E", "0E0E0E0E0E0E0E0E", "A2E4705087C6B6B4",
3541 "0F0F0F0F0F0F0F0F", "0F0F0F0F0F0F0F0F", "D5D76E09A447E8C3",
3542 "1010101010101010", "1010101010101010", "DD7515F2BFC17F85",
3543 "1111111111111111", "1111111111111111", "F40379AB9E0EC533",
3544 "1212121212121212", "1212121212121212", "96CD27784D1563E5",
3545 "1313131313131313", "1313131313131313", "2911CF5E94D33FE1",
3546 "1414141414141414", "1414141414141414", "377B7F7CA3E5BBB3",
3547 "1515151515151515", "1515151515151515", "701AA63832905A92",
3548 "1616161616161616", "1616161616161616", "2006E716C4252D6D",
3549 "1717171717171717", "1717171717171717", "452C1197422469F8",
3550 "1818181818181818", "1818181818181818", "C33FD1EB49CB64DA",
3551 "1919191919191919", "1919191919191919", "7572278F364EB50D",
3552 "1A1A1A1A1A1A1A1A", "1A1A1A1A1A1A1A1A", "69E51488403EF4C3",
3553 "1B1B1B1B1B1B1B1B", "1B1B1B1B1B1B1B1B", "FF847E0ADF192825",
3554 "1C1C1C1C1C1C1C1C", "1C1C1C1C1C1C1C1C", "521B7FB3B41BB791",
3555 "1D1D1D1D1D1D1D1D", "1D1D1D1D1D1D1D1D", "26059A6A0F3F6B35",
3556 "1E1E1E1E1E1E1E1E", "1E1E1E1E1E1E1E1E", "F24A8D2231C77538",
3557 "1F1F1F1F1F1F1F1F", "1F1F1F1F1F1F1F1F", "4FD96EC0D3304EF6",
3558 "2020202020202020", "2020202020202020", "18A9D580A900B699",
3559 "2121212121212121", "2121212121212121", "88586E1D755B9B5A",
3560 "2222222222222222", "2222222222222222", "0F8ADFFB11DC2784",
3561 "2323232323232323", "2323232323232323", "2F30446C8312404A",
3562 "2424242424242424", "2424242424242424", "0BA03D9E6C196511",
3563 "2525252525252525", "2525252525252525", "3E55E997611E4B7D",
3564 "2626262626262626", "2626262626262626", "B2522FB5F158F0DF",
3565 "2727272727272727", "2727272727272727", "2109425935406AB8",
3566 "2828282828282828", "2828282828282828", "11A16028F310FF16",
3567 "2929292929292929", "2929292929292929", "73F0C45F379FE67F",
3568 "2A2A2A2A2A2A2A2A", "2A2A2A2A2A2A2A2A", "DCAD4338F7523816",
3569 "2B2B2B2B2B2B2B2B", "2B2B2B2B2B2B2B2B", "B81634C1CEAB298C",
3570 "2C2C2C2C2C2C2C2C", "2C2C2C2C2C2C2C2C", "DD2CCB29B6C4C349",
3571 "2D2D2D2D2D2D2D2D", "2D2D2D2D2D2D2D2D", "7D07A77A2ABD50A7",
3572 "2E2E2E2E2E2E2E2E", "2E2E2E2E2E2E2E2E", "30C1B0C1FD91D371",
3573 "2F2F2F2F2F2F2F2F", "2F2F2F2F2F2F2F2F", "C4427B31AC61973B",
3574 "3030303030303030", "3030303030303030", "F47BB46273B15EB5",
3575 "3131313131313131", "3131313131313131", "655EA628CF62585F",
3576 "3232323232323232", "3232323232323232", "AC978C247863388F",
3577 "3333333333333333", "3333333333333333", "0432ED386F2DE328",
3578 "3434343434343434", "3434343434343434", "D254014CB986B3C2",
3579 "3535353535353535", "3535353535353535", "B256E34BEDB49801",
3580 "3636363636363636", "3636363636363636", "37F8759EB77E7BFC",
3581 "3737373737373737", "3737373737373737", "5013CA4F62C9CEA0",
3582 "3838383838383838", "3838383838383838", "8940F7B3EACA5939",
3583 "3939393939393939", "3939393939393939", "E22B19A55086774B",
3584 "3A3A3A3A3A3A3A3A", "3A3A3A3A3A3A3A3A", "B04A2AAC925ABB0B",
3585 "3B3B3B3B3B3B3B3B", "3B3B3B3B3B3B3B3B", "8D250D58361597FC",
3586 "3C3C3C3C3C3C3C3C", "3C3C3C3C3C3C3C3C", "51F0114FB6A6CD37",
3587 "3D3D3D3D3D3D3D3D", "3D3D3D3D3D3D3D3D", "9D0BB4DB830ECB73",
3588 "3E3E3E3E3E3E3E3E", "3E3E3E3E3E3E3E3E", "E96089D6368F3E1A",
3589 "3F3F3F3F3F3F3F3F", "3F3F3F3F3F3F3F3F", "5C4CA877A4E1E92D",
3590 "4040404040404040", "4040404040404040", "6D55DDBC8DEA95FF",
3591 "4141414141414141", "4141414141414141", "19DF84AC95551003",
3592 "4242424242424242", "4242424242424242", "724E7332696D08A7",
3593 "4343434343434343", "4343434343434343", "B91810B8CDC58FE2",
3594 "4444444444444444", "4444444444444444", "06E23526EDCCD0C4",
3595 "4545454545454545", "4545454545454545", "EF52491D5468D441",
3596 "4646464646464646", "4646464646464646", "48019C59E39B90C5",
3597 "4747474747474747", "4747474747474747", "0544083FB902D8C0",
3598 "4848484848484848", "4848484848484848", "63B15CADA668CE12",
3599 "4949494949494949", "4949494949494949", "EACC0C1264171071",
3600 "4A4A4A4A4A4A4A4A", "4A4A4A4A4A4A4A4A", "9D2B8C0AC605F274",
3601 "4B4B4B4B4B4B4B4B", "4B4B4B4B4B4B4B4B", "C90F2F4C98A8FB2A",
3602 "4C4C4C4C4C4C4C4C", "4C4C4C4C4C4C4C4C", "03481B4828FD1D04",
3603 "4D4D4D4D4D4D4D4D", "4D4D4D4D4D4D4D4D", "C78FC45A1DCEA2E2",
3604 "4E4E4E4E4E4E4E4E", "4E4E4E4E4E4E4E4E", "DB96D88C3460D801",
3605 "4F4F4F4F4F4F4F4F", "4F4F4F4F4F4F4F4F", "6C69E720F5105518",
3606 "5050505050505050", "5050505050505050", "0D262E418BC893F3",
3607 "5151515151515151", "5151515151515151", "6AD84FD7848A0A5C",
3608 "5252525252525252", "5252525252525252", "C365CB35B34B6114",
3609 "5353535353535353", "5353535353535353", "1155392E877F42A9",
3610 "5454545454545454", "5454545454545454", "531BE5F9405DA715",
3611 "5555555555555555", "5555555555555555", "3BCDD41E6165A5E8",
3612 "5656565656565656", "5656565656565656", "2B1FF5610A19270C",
3613 "5757575757575757", "5757575757575757", "D90772CF3F047CFD",
3614 "5858585858585858", "5858585858585858", "1BEA27FFB72457B7",
3615 "5959595959595959", "5959595959595959", "85C3E0C429F34C27",
3616 "5A5A5A5A5A5A5A5A", "5A5A5A5A5A5A5A5A", "F9038021E37C7618",
3617 "5B5B5B5B5B5B5B5B", "5B5B5B5B5B5B5B5B", "35BC6FF838DBA32F",
3618 "5C5C5C5C5C5C5C5C", "5C5C5C5C5C5C5C5C", "4927ACC8CE45ECE7",
3619 "5D5D5D5D5D5D5D5D", "5D5D5D5D5D5D5D5D", "E812EE6E3572985C",
3620 "5E5E5E5E5E5E5E5E", "5E5E5E5E5E5E5E5E", "9BB93A89627BF65F",
3621 "5F5F5F5F5F5F5F5F", "5F5F5F5F5F5F5F5F", "EF12476884CB74CA",
3622 "6060606060606060", "6060606060606060", "1BF17E00C09E7CBF",
3623 "6161616161616161", "6161616161616161", "29932350C098DB5D",
3624 "6262626262626262", "6262626262626262", "B476E6499842AC54",
3625 "6363636363636363", "6363636363636363", "5C662C29C1E96056",
3626 "6464646464646464", "6464646464646464", "3AF1703D76442789",
3627 "6565656565656565", "6565656565656565", "86405D9B425A8C8C",
3628 "6666666666666666", "6666666666666666", "EBBF4810619C2C55",
3629 "6767676767676767", "6767676767676767", "F8D1CD7367B21B5D",
3630 "6868686868686868", "6868686868686868", "9EE703142BF8D7E2",
3631 "6969696969696969", "6969696969696969", "5FDFFFC3AAAB0CB3",
3632 "6A6A6A6A6A6A6A6A", "6A6A6A6A6A6A6A6A", "26C940AB13574231",
3633 "6B6B6B6B6B6B6B6B", "6B6B6B6B6B6B6B6B", "1E2DC77E36A84693",
3634 "6C6C6C6C6C6C6C6C", "6C6C6C6C6C6C6C6C", "0F4FF4D9BC7E2244",
3635 "6D6D6D6D6D6D6D6D", "6D6D6D6D6D6D6D6D", "A4C9A0D04D3280CD",
3636 "6E6E6E6E6E6E6E6E", "6E6E6E6E6E6E6E6E", "9FAF2C96FE84919D",
3637 "6F6F6F6F6F6F6F6F", "6F6F6F6F6F6F6F6F", "115DBC965E6096C8",
3638 "7070707070707070", "7070707070707070", "AF531E9520994017",
3639 "7171717171717171", "7171717171717171", "B971ADE70E5C89EE",
3640 "7272727272727272", "7272727272727272", "415D81C86AF9C376",
3641 "7373737373737373", "7373737373737373", "8DFB864FDB3C6811",
3642 "7474747474747474", "7474747474747474", "10B1C170E3398F91",
3643 "7575757575757575", "7575757575757575", "CFEF7A1C0218DB1E",
3644 "7676767676767676", "7676767676767676", "DBAC30A2A40B1B9C",
3645 "7777777777777777", "7777777777777777", "89D3BF37052162E9",
3646 "7878787878787878", "7878787878787878", "80D9230BDAEB67DC",
3647 "7979797979797979", "7979797979797979", "3440911019AD68D7",
3648 "7A7A7A7A7A7A7A7A", "7A7A7A7A7A7A7A7A", "9626FE57596E199E",
3649 "7B7B7B7B7B7B7B7B", "7B7B7B7B7B7B7B7B", "DEA0B796624BB5BA",
3650 "7C7C7C7C7C7C7C7C", "7C7C7C7C7C7C7C7C", "E9E40542BDDB3E9D",
3651 "7D7D7D7D7D7D7D7D", "7D7D7D7D7D7D7D7D", "8AD99914B354B911",
3652 "7E7E7E7E7E7E7E7E", "7E7E7E7E7E7E7E7E", "6F85B98DD12CB13B",
3653 "7F7F7F7F7F7F7F7F", "7F7F7F7F7F7F7F7F", "10130DA3C3A23924",
3654 "8080808080808080", "8080808080808080", "EFECF25C3C5DC6DB",
3655 "8181818181818181", "8181818181818181", "907A46722ED34EC4",
3656 "8282828282828282", "8282828282828282", "752666EB4CAB46EE",
3657 "8383838383838383", "8383838383838383", "161BFABD4224C162",
3658 "8484848484848484", "8484848484848484", "215F48699DB44A45",
3659 "8585858585858585", "8585858585858585", "69D901A8A691E661",
3660 "8686868686868686", "8686868686868686", "CBBF6EEFE6529728",
3661 "8787878787878787", "8787878787878787", "7F26DCF425149823",
3662 "8888888888888888", "8888888888888888", "762C40C8FADE9D16",
3663 "8989898989898989", "8989898989898989", "2453CF5D5BF4E463",
3664 "8A8A8A8A8A8A8A8A", "8A8A8A8A8A8A8A8A", "301085E3FDE724E1",
3665 "8B8B8B8B8B8B8B8B", "8B8B8B8B8B8B8B8B", "EF4E3E8F1CC6706E",
3666 "8C8C8C8C8C8C8C8C", "8C8C8C8C8C8C8C8C", "720479B024C397EE",
3667 "8D8D8D8D8D8D8D8D", "8D8D8D8D8D8D8D8D", "BEA27E3795063C89",
3668 "8E8E8E8E8E8E8E8E", "8E8E8E8E8E8E8E8E", "468E5218F1A37611",
3669 "8F8F8F8F8F8F8F8F", "8F8F8F8F8F8F8F8F", "50ACE16ADF66BFE8",
3670 "9090909090909090", "9090909090909090", "EEA24369A19F6937",
3671 "9191919191919191", "9191919191919191", "6050D369017B6E62",
3672 "9292929292929292", "9292929292929292", "5B365F2FB2CD7F32",
3673 "9393939393939393", "9393939393939393", "F0B00B264381DDBB",
3674 "9494949494949494", "9494949494949494", "E1D23881C957B96C",
3675 "9595959595959595", "9595959595959595", "D936BF54ECA8BDCE",
3676 "9696969696969696", "9696969696969696", "A020003C5554F34C",
3677 "9797979797979797", "9797979797979797", "6118FCEBD407281D",
3678 "9898989898989898", "9898989898989898", "072E328C984DE4A2",
3679 "9999999999999999", "9999999999999999", "1440B7EF9E63D3AA",
3680 "9A9A9A9A9A9A9A9A", "9A9A9A9A9A9A9A9A", "79BFA264BDA57373",
3681 "9B9B9B9B9B9B9B9B", "9B9B9B9B9B9B9B9B", "C50E8FC289BBD876",
3682 "9C9C9C9C9C9C9C9C", "9C9C9C9C9C9C9C9C", "A399D3D63E169FA9",
3683 "9D9D9D9D9D9D9D9D", "9D9D9D9D9D9D9D9D", "4B8919B667BD53AB",
3684 "9E9E9E9E9E9E9E9E", "9E9E9E9E9E9E9E9E", "D66CDCAF3F6724A2",
3685 "9F9F9F9F9F9F9F9F", "9F9F9F9F9F9F9F9F", "E40E81FF3F618340",
3686 "A0A0A0A0A0A0A0A0", "A0A0A0A0A0A0A0A0", "10EDB8977B348B35",
3687 "A1A1A1A1A1A1A1A1", "A1A1A1A1A1A1A1A1", "6446C5769D8409A0",
3688 "A2A2A2A2A2A2A2A2", "A2A2A2A2A2A2A2A2", "17ED1191CA8D67A3",
3689 "A3A3A3A3A3A3A3A3", "A3A3A3A3A3A3A3A3", "B6D8533731BA1318",
3690 "A4A4A4A4A4A4A4A4", "A4A4A4A4A4A4A4A4", "CA439007C7245CD0",
3691 "A5A5A5A5A5A5A5A5", "A5A5A5A5A5A5A5A5", "06FC7FDE1C8389E7",
3692 "A6A6A6A6A6A6A6A6", "A6A6A6A6A6A6A6A6", "7A3C1F3BD60CB3D8",
3693 "A7A7A7A7A7A7A7A7", "A7A7A7A7A7A7A7A7", "E415D80048DBA848",
3694 "A8A8A8A8A8A8A8A8", "A8A8A8A8A8A8A8A8", "26F88D30C0FB8302",
3695 "A9A9A9A9A9A9A9A9", "A9A9A9A9A9A9A9A9", "D4E00A9EF5E6D8F3",
3696 "AAAAAAAAAAAAAAAA", "AAAAAAAAAAAAAAAA", "C4322BE19E9A5A17",
3697 "ABABABABABABABAB", "ABABABABABABABAB", "ACE41A06BFA258EA",
3698 "ACACACACACACACAC", "ACACACACACACACAC", "EEAAC6D17880BD56",
3699 "ADADADADADADADAD", "ADADADADADADADAD", "3C9A34CA4CB49EEB",
3700 "AEAEAEAEAEAEAEAE", "AEAEAEAEAEAEAEAE", "9527B0287B75F5A3",
3701 "AFAFAFAFAFAFAFAF", "AFAFAFAFAFAFAFAF", "F2D9D1BE74376C0C",
3702 "B0B0B0B0B0B0B0B0", "B0B0B0B0B0B0B0B0", "939618DF0AEFAAE7",
3703 "B1B1B1B1B1B1B1B1", "B1B1B1B1B1B1B1B1", "24692773CB9F27FE",
3704 "B2B2B2B2B2B2B2B2", "B2B2B2B2B2B2B2B2", "38703BA5E2315D1D",
3705 "B3B3B3B3B3B3B3B3", "B3B3B3B3B3B3B3B3", "FCB7E4B7D702E2FB",
3706 "B4B4B4B4B4B4B4B4", "B4B4B4B4B4B4B4B4", "36F0D0B3675704D5",
3707 "B5B5B5B5B5B5B5B5", "B5B5B5B5B5B5B5B5", "62D473F539FA0D8B",
3708 "B6B6B6B6B6B6B6B6", "B6B6B6B6B6B6B6B6", "1533F3ED9BE8EF8E",
3709 "B7B7B7B7B7B7B7B7", "B7B7B7B7B7B7B7B7", "9C4EA352599731ED",
3710 "B8B8B8B8B8B8B8B8", "B8B8B8B8B8B8B8B8", "FABBF7C046FD273F",
3711 "B9B9B9B9B9B9B9B9", "B9B9B9B9B9B9B9B9", "B7FE63A61C646F3A",
3712 "BABABABABABABABA", "BABABABABABABABA", "10ADB6E2AB972BBE",
3713 "BBBBBBBBBBBBBBBB", "BBBBBBBBBBBBBBBB", "F91DCAD912332F3B",
3714 "BCBCBCBCBCBCBCBC", "BCBCBCBCBCBCBCBC", "46E7EF47323A701D",
3715 "BDBDBDBDBDBDBDBD", "BDBDBDBDBDBDBDBD", "8DB18CCD9692F758",
3716 "BEBEBEBEBEBEBEBE", "BEBEBEBEBEBEBEBE", "E6207B536AAAEFFC",
3717 "BFBFBFBFBFBFBFBF", "BFBFBFBFBFBFBFBF", "92AA224372156A00",
3718 "C0C0C0C0C0C0C0C0", "C0C0C0C0C0C0C0C0", "A3B357885B1E16D2",
3719 "C1C1C1C1C1C1C1C1", "C1C1C1C1C1C1C1C1", "169F7629C970C1E5",
3720 "C2C2C2C2C2C2C2C2", "C2C2C2C2C2C2C2C2", "62F44B247CF1348C",
3721 "C3C3C3C3C3C3C3C3", "C3C3C3C3C3C3C3C3", "AE0FEEB0495932C8",
3722 "C4C4C4C4C4C4C4C4", "C4C4C4C4C4C4C4C4", "72DAF2A7C9EA6803",
3723 "C5C5C5C5C5C5C5C5", "C5C5C5C5C5C5C5C5", "4FB5D5536DA544F4",
3724 "C6C6C6C6C6C6C6C6", "C6C6C6C6C6C6C6C6", "1DD4E65AAF7988B4",
3725 "C7C7C7C7C7C7C7C7", "C7C7C7C7C7C7C7C7", "76BF084C1535A6C6",
3726 "C8C8C8C8C8C8C8C8", "C8C8C8C8C8C8C8C8", "AFEC35B09D36315F",
3727 "C9C9C9C9C9C9C9C9", "C9C9C9C9C9C9C9C9", "C8078A6148818403",
3728 "CACACACACACACACA", "CACACACACACACACA", "4DA91CB4124B67FE",
3729 "CBCBCBCBCBCBCBCB", "CBCBCBCBCBCBCBCB", "2DABFEB346794C3D",
3730 "CCCCCCCCCCCCCCCC", "CCCCCCCCCCCCCCCC", "FBCD12C790D21CD7",
3731 "CDCDCDCDCDCDCDCD", "CDCDCDCDCDCDCDCD", "536873DB879CC770",
3732 "CECECECECECECECE", "CECECECECECECECE", "9AA159D7309DA7A0",
3733 "CFCFCFCFCFCFCFCF", "CFCFCFCFCFCFCFCF", "0B844B9D8C4EA14A",
3734 "D0D0D0D0D0D0D0D0", "D0D0D0D0D0D0D0D0", "3BBD84CE539E68C4",
3735 "D1D1D1D1D1D1D1D1", "D1D1D1D1D1D1D1D1", "CF3E4F3E026E2C8E",
3736 "D2D2D2D2D2D2D2D2", "D2D2D2D2D2D2D2D2", "82F85885D542AF58",
3737 "D3D3D3D3D3D3D3D3", "D3D3D3D3D3D3D3D3", "22D334D6493B3CB6",
3738 "D4D4D4D4D4D4D4D4", "D4D4D4D4D4D4D4D4", "47E9CB3E3154D673",
3739 "D5D5D5D5D5D5D5D5", "D5D5D5D5D5D5D5D5", "2352BCC708ADC7E9",
3740 "D6D6D6D6D6D6D6D6", "D6D6D6D6D6D6D6D6", "8C0F3BA0C8601980",
3741 "D7D7D7D7D7D7D7D7", "D7D7D7D7D7D7D7D7", "EE5E9FD70CEF00E9",
3742 "D8D8D8D8D8D8D8D8", "D8D8D8D8D8D8D8D8", "DEF6BDA6CABF9547",
3743 "D9D9D9D9D9D9D9D9", "D9D9D9D9D9D9D9D9", "4DADD04A0EA70F20",
3744 "DADADADADADADADA", "DADADADADADADADA", "C1AA16689EE1B482",
3745 "DBDBDBDBDBDBDBDB", "DBDBDBDBDBDBDBDB", "F45FC26193E69AEE",
3746 "DCDCDCDCDCDCDCDC", "DCDCDCDCDCDCDCDC", "D0CFBB937CEDBFB5",
3747 "DDDDDDDDDDDDDDDD", "DDDDDDDDDDDDDDDD", "F0752004EE23D87B",
3748 "DEDEDEDEDEDEDEDE", "DEDEDEDEDEDEDEDE", "77A791E28AA464A5",
3749 "DFDFDFDFDFDFDFDF", "DFDFDFDFDFDFDFDF", "E7562A7F56FF4966",
3750 "E0E0E0E0E0E0E0E0", "E0E0E0E0E0E0E0E0", "B026913F2CCFB109",
3751 "E1E1E1E1E1E1E1E1", "E1E1E1E1E1E1E1E1", "0DB572DDCE388AC7",
3752 "E2E2E2E2E2E2E2E2", "E2E2E2E2E2E2E2E2", "D9FA6595F0C094CA",
3753 "E3E3E3E3E3E3E3E3", "E3E3E3E3E3E3E3E3", "ADE4804C4BE4486E",
3754 "E4E4E4E4E4E4E4E4", "E4E4E4E4E4E4E4E4", "007B81F520E6D7DA",
3755 "E5E5E5E5E5E5E5E5", "E5E5E5E5E5E5E5E5", "961AEB77BFC10B3C",
3756 "E6E6E6E6E6E6E6E6", "E6E6E6E6E6E6E6E6", "8A8DD870C9B14AF2",
3757 "E7E7E7E7E7E7E7E7", "E7E7E7E7E7E7E7E7", "3CC02E14B6349B25",
3758 "E8E8E8E8E8E8E8E8", "E8E8E8E8E8E8E8E8", "BAD3EE68BDDB9607",
3759 "E9E9E9E9E9E9E9E9", "E9E9E9E9E9E9E9E9", "DFF918E93BDAD292",
3760 "EAEAEAEAEAEAEAEA", "EAEAEAEAEAEAEAEA", "8FE559C7CD6FA56D",
3761 "EBEBEBEBEBEBEBEB", "EBEBEBEBEBEBEBEB", "C88480835C1A444C",
3762 "ECECECECECECECEC", "ECECECECECECECEC", "D6EE30A16B2CC01E",
3763 "EDEDEDEDEDEDEDED", "EDEDEDEDEDEDEDED", "6932D887B2EA9C1A",
3764 "EEEEEEEEEEEEEEEE", "EEEEEEEEEEEEEEEE", "0BFC865461F13ACC",
3765 "EFEFEFEFEFEFEFEF", "EFEFEFEFEFEFEFEF", "228AEA0D403E807A",
3766 "F0F0F0F0F0F0F0F0", "F0F0F0F0F0F0F0F0", "2A2891F65BB8173C",
3767 "F1F1F1F1F1F1F1F1", "F1F1F1F1F1F1F1F1", "5D1B8FAF7839494B",
3768 "F2F2F2F2F2F2F2F2", "F2F2F2F2F2F2F2F2", "1C0A9280EECF5D48",
3769 "F3F3F3F3F3F3F3F3", "F3F3F3F3F3F3F3F3", "6CBCE951BBC30F74",
3770 "F4F4F4F4F4F4F4F4", "F4F4F4F4F4F4F4F4", "9CA66E96BD08BC70",
3771 "F5F5F5F5F5F5F5F5", "F5F5F5F5F5F5F5F5", "F5D779FCFBB28BF3",
3772 "F6F6F6F6F6F6F6F6", "F6F6F6F6F6F6F6F6", "0FEC6BBF9B859184",
3773 "F7F7F7F7F7F7F7F7", "F7F7F7F7F7F7F7F7", "EF88D2BF052DBDA8",
3774 "F8F8F8F8F8F8F8F8", "F8F8F8F8F8F8F8F8", "39ADBDDB7363090D",
3775 "F9F9F9F9F9F9F9F9", "F9F9F9F9F9F9F9F9", "C0AEAF445F7E2A7A",
3776 "FAFAFAFAFAFAFAFA", "FAFAFAFAFAFAFAFA", "C66F54067298D4E9",
3777 "FBFBFBFBFBFBFBFB", "FBFBFBFBFBFBFBFB", "E0BA8F4488AAF97C",
3778 "FCFCFCFCFCFCFCFC", "FCFCFCFCFCFCFCFC", "67B36E2875D9631C",
3779 "FDFDFDFDFDFDFDFD", "FDFDFDFDFDFDFDFD", "1ED83D49E267191D",
3780 "FEFEFEFEFEFEFEFE", "FEFEFEFEFEFEFEFE", "66B2B23EA84693AD",
3781 "FFFFFFFFFFFFFFFF", "FFFFFFFFFFFFFFFF", "7359B2163E4EDC58",
3782 "0001020304050607", "0011223344556677", "3EF0A891CF8ED990",
3783 "2BD6459F82C5B300", "EA024714AD5C4D84", "126EFE8ED312190A",
3789 * Known-answer tests for DES/3DES in CBC mode. Order: key, IV,
3790 * plaintext, ciphertext.
3792 static const char *const KAT_DES_CBC
[] = {
3794 * From NIST validation suite (tdesmmt.zip).
3796 "34a41a8c293176c1b30732ecfe38ae8a34a41a8c293176c1",
3801 "70a88fa1dfb9942fa77f40157ffef2ad70a88fa1dfb9942f",
3803 "bc225304d5a3a5c9918fc5006cbc40cc",
3804 "27f67dc87af7ddb4b68f63fa7c2d454a",
3806 "e091790be55be0bc0780153861a84adce091790be55be0bc",
3808 "03c7fffd7f36499c703dedc9df4de4a92dd4382e576d6ae9",
3809 "053aeba85dd3a23bfbe8440a432f9578f312be60fb9f0035",
3811 "857feacd16157c58e5347a70e56e578a857feacd16157c58",
3813 "1f13701c7f0d7385307507a18e89843ebd295bd5e239ef109347a6898c6d3fd5",
3814 "a0e4edde34f05bd8397ce279e49853e9387ba04be562f5fa19c3289c3f5a3391",
3816 "a173545b265875ba852331fbb95b49a8a173545b265875ba",
3818 "d08894c565608d9ae51dda63b85b3b33b1703bb5e4f1abcbb8794e743da5d6f3bf630f2e9b6d5b54",
3819 "370b47acf89ac6bdbb13c9a7336787dc41e1ad8beead32281d0609fb54968404bdf2894892590658",
3821 "26376bcb2f23df1083cd684fe00ed3c726376bcb2f23df10",
3823 "903a1911da1e6877f23c1985a9b61786ef438e0ce1240885035ad60fc916b18e5d71a1fb9c5d1eff61db75c0076f6efb",
3824 "7a4f7510f6ec0b93e2495d21a8355684d303a770ebda2e0e51ff33d72b20cb73e58e2e3de2ef6b2e12c504c0f181ba63",
3826 "3e1f98135d027cec752f67765408a7913e1f98135d027cec",
3828 "7c022f5af24f7925d323d4d0e20a2ce49272c5e764b22c806f4b6ddc406d864fe5bd1c3f45556d3eb30c8676c2f8b54a5a32423a0bd95a07",
3829 "2bb4b131fa4ae0b4f0378a2cdb68556af6eee837613016d7ea936f3931f25f8b3ae351d5e9d00be665676e2400408b5db9892d95421e7f1a",
3831 "13b9d549cd136ec7bf9e9810ef2cdcbf13b9d549cd136ec7",
3833 "1fff1563bc1645b55cb23ea34a0049dfc06607150614b621dedcb07f20433402a2d869c95ac4a070c7a3da838c928a385f899c5d21ecb58f4e5cbdad98d39b8c",
3834 "75f804d4a2c542a31703e23df26cc38861a0729090e6eae5672c1db8c0b09fba9b125bbca7d6c7d330b3859e6725c6d26de21c4e3af7f5ea94df3cde2349ce37",
3836 "20320dfdad579bb57c6e4acd769dbadf20320dfdad579bb5",
3838 "0431283cc8bb4dc7750a9d5c68578486932091632a12d0a79f2c54e3d122130881fff727050f317a40fcd1a8d13793458b99fc98254ba6a233e3d95b55cf5a3faff78809999ea4bf",
3839 "85d17840eb2af5fc727027336bfd71a2b31bd14a1d9eb64f8a08bfc4f56eaa9ca7654a5ae698287869cc27324813730de4f1384e0b8cfbc472ff5470e3c5e4bd8ceb23dc2d91988c",
3841 "23abb073a2df34cb3d1fdce6b092582c23abb073a2df34cb",
3843 "31e718fd95e6d7ca4f94763191add2674ab07c909d88c486916c16d60a048a0cf8cdb631cebec791362cd0c202eb61e166b65c1f65d0047c8aec57d3d84b9e17032442dce148e1191b06a12c284cc41e",
3844 "c9a3f75ab6a7cd08a7fd53ca540aafe731d257ee1c379fadcc4cc1a06e7c12bddbeb7562c436d1da849ed072629e82a97b56d9becc25ff4f16f21c5f2a01911604f0b5c49df96cb641faee662ca8aa68",
3846 "b5cb1504802326c73df186e3e352a20de643b0d63ee30e37",
3851 "a49d7564199e97cb529d2c9d97bf2f98d35edf57ba1f7358",
3853 "c689aee38a301bb316da75db36f110b5",
3854 "e9afaba5ec75ea1bbe65506655bb4ecb",
3856 "1a5d4c0825072a15a8ad9dfdaeda8c048adffb85bc4fced0",
3858 "983c3edacd939406010e1bc6ff9e12320ac5008117fa8f84",
3859 "d84fa24f38cf451ca2c9adc960120bd8ff9871584fe31cee",
3861 "d98aadc76d4a3716158c32866efbb9ce834af2297379a49d",
3863 "6174079dda53ca723ebf00a66837f8d5ce648c08acaa5ee45ffe62210ef79d3e",
3864 "f5bd4d600bed77bec78409e3530ebda1d815506ed53103015b87e371ae000958",
3866 "ef6d3e54266d978ffb0b8ce6689d803e2cd34cc802fd0252",
3868 "c4f228b537223cd01c0debb5d9d4e12ba71656618d119b2f8f0af29d23efa3a9e43c4c458a1b79a0",
3869 "9e3289fb18379f55aa4e45a7e0e6df160b33b75f8627ad0954f8fdcb78cee55a4664caeda1000fe5",
3871 "625bc19b19df83abfb2f5bec9d4f2062017525a75bc26e70",
3873 "8152d2ab876c3c8201403a5a406d3feaf27319dbea6ad01e24f4d18203704b86de70da6bbb6d638e5aba3ff576b79b28",
3874 "706fe7a973fac40e25b2b4499ce527078944c70e976d017b6af86a3a7a6b52943a72ba18a58000d2b61fdc3bfef2bc4a",
3876 "b6383176046e6880a1023bf45768b5bf5119022fe054bfe5",
3878 "cd5a886e9af011346c4dba36a424f96a78a1ddf28aaa4188bf65451f4efaffc7179a6dd237c0ae35d9b672314e5cb032612597f7e462c6f3",
3879 "b030f976f46277ee211c4a324d5c87555d1084513a1223d3b84416b52bbc28f4b77f3a9d8d0d91dc37d3dbe8af8be98f74674b02f9a38527",
3881 "3d8cf273d343b9aedccddacb91ad86206737adc86b4a49a7",
3883 "1fde3991c32ce220b5b6666a9234f2fd7bd24b921829fd9cdc6eb4218be9eac9faa9c2351777349128086b6d58776bc86ff2f76ee1b3b2850a318462b8983fa1",
3884 "422ce705a46bb52ad928dab6c863166d617c6fc24003633120d91918314bbf464cea7345c3c35f2042f2d6929735d74d7728f22fea618a0b9cf5b1281acb13fb",
3886 "fbceb5cb646b925be0b92f7f6b493d5e5b16e9159732732a",
3888 "4c309bc8e1e464fdd2a2b8978645d668d455f7526bd8d7b6716a722f6a900b815c4a73cc30e788065c1dfca7bf5958a6cc5440a5ebe7f8691c20278cde95db764ff8ce8994ece89c",
3889 "c02129bdf4bbbd75e71605a00b12c80db6b4e05308e916615011f09147ed915dd1bc67f27f9e027e4e13df36b55464a31c11b4d1fe3d855d89df492e1a7201b995c1ba16a8dbabee",
3891 "9b162a0df8ad9b61c88676e3d586434570b902f12a2046e0",
3893 "f4c1c918e77355c8156f0fd778da52bff121ae5f2f44eaf4d2754946d0e10d1f18ce3a0176e69c18b7d20b6e0d0bee5eb5edfe4bd60e4d92adcd86bce72e76f94ee5cbcaa8b01cfddcea2ade575e66ac",
3894 "1ff3c8709f403a8eff291aedf50c010df5c5ff64a8b205f1fce68564798897a390db16ee0d053856b75898009731da290fcc119dad987277aacef694872e880c4bb41471063fae05c89f25e4bd0cad6a",
3900 xor_buf(unsigned char *dst
, const unsigned char *src
, size_t len
)
3902 while (len
-- > 0) {
3908 monte_carlo_DES_encrypt(const br_block_cbcenc_class
*ve
)
3910 unsigned char k1
[8], k2
[8], k3
[8];
3911 unsigned char buf
[8];
3912 unsigned char cipher
[8];
3914 br_des_gen_cbcenc_keys v_ec
;
3918 hextobin(k1
, "9ec2372c86379df4");
3919 hextobin(k2
, "ad7ac4464f73805d");
3920 hextobin(k3
, "20c4f87564527c91");
3921 hextobin(buf
, "b624d6bd41783ab1");
3922 hextobin(cipher
, "eafd97b190b167fe");
3923 for (i
= 0; i
< 400; i
++) {
3924 unsigned char key
[24];
3927 memcpy(key
+ 8, k2
, 8);
3928 memcpy(key
+ 16, k3
, 8);
3929 ve
->init(ec
, key
, sizeof key
);
3930 for (j
= 0; j
< 10000; j
++) {
3931 unsigned char iv
[8];
3933 memset(iv
, 0, sizeof iv
);
3934 ve
->run(ec
, iv
, buf
, sizeof buf
);
3936 case 9997: xor_buf(k3
, buf
, 8); break;
3937 case 9998: xor_buf(k2
, buf
, 8); break;
3938 case 9999: xor_buf(k1
, buf
, 8); break;
3946 check_equals("MC DES encrypt", buf
, cipher
, sizeof buf
);
3950 monte_carlo_DES_decrypt(const br_block_cbcdec_class
*vd
)
3952 unsigned char k1
[8], k2
[8], k3
[8];
3953 unsigned char buf
[8];
3954 unsigned char plain
[8];
3956 br_des_gen_cbcdec_keys v_dc
;
3960 hextobin(k1
, "79b63486e0ce37e0");
3961 hextobin(k2
, "08e65231abae3710");
3962 hextobin(k3
, "1f5eb69e925ef185");
3963 hextobin(buf
, "2783aa729432fe96");
3964 hextobin(plain
, "44937ca532cdbf98");
3965 for (i
= 0; i
< 400; i
++) {
3966 unsigned char key
[24];
3969 memcpy(key
+ 8, k2
, 8);
3970 memcpy(key
+ 16, k3
, 8);
3971 vd
->init(dc
, key
, sizeof key
);
3972 for (j
= 0; j
< 10000; j
++) {
3973 unsigned char iv
[8];
3975 memset(iv
, 0, sizeof iv
);
3976 vd
->run(dc
, iv
, buf
, sizeof buf
);
3978 case 9997: xor_buf(k3
, buf
, 8); break;
3979 case 9998: xor_buf(k2
, buf
, 8); break;
3980 case 9999: xor_buf(k1
, buf
, 8); break;
3988 check_equals("MC DES decrypt", buf
, plain
, sizeof buf
);
3992 test_DES_generic(char *name
,
3993 const br_block_cbcenc_class
*ve
,
3994 const br_block_cbcdec_class
*vd
,
3995 int with_MC
, int with_CBC
)
3999 printf("Test %s: ", name
);
4002 if (ve
->block_size
!= 8 || vd
->block_size
!= 8) {
4003 fprintf(stderr
, "%s failed: wrong block size\n", name
);
4007 for (u
= 0; KAT_DES
[u
]; u
+= 3) {
4008 unsigned char key
[24];
4009 unsigned char plain
[8];
4010 unsigned char cipher
[8];
4011 unsigned char buf
[8];
4012 unsigned char iv
[8];
4014 br_des_gen_cbcenc_keys v_ec
;
4015 br_des_gen_cbcdec_keys v_dc
;
4016 const br_block_cbcenc_class
**ec
;
4017 const br_block_cbcdec_class
**dc
;
4021 key_len
= hextobin(key
, KAT_DES
[u
]);
4022 hextobin(plain
, KAT_DES
[u
+ 1]);
4023 hextobin(cipher
, KAT_DES
[u
+ 2]);
4024 ve
->init(ec
, key
, key_len
);
4025 memcpy(buf
, plain
, sizeof plain
);
4026 memset(iv
, 0, sizeof iv
);
4027 ve
->run(ec
, iv
, buf
, sizeof buf
);
4028 check_equals("KAT DES encrypt", buf
, cipher
, sizeof cipher
);
4029 vd
->init(dc
, key
, key_len
);
4030 memset(iv
, 0, sizeof iv
);
4031 vd
->run(dc
, iv
, buf
, sizeof buf
);
4032 check_equals("KAT DES decrypt", buf
, plain
, sizeof plain
);
4035 memcpy(key
+ 8, key
, 8);
4036 memcpy(key
+ 16, key
, 8);
4037 ve
->init(ec
, key
, 24);
4038 memcpy(buf
, plain
, sizeof plain
);
4039 memset(iv
, 0, sizeof iv
);
4040 ve
->run(ec
, iv
, buf
, sizeof buf
);
4041 check_equals("KAT DES->3 encrypt",
4042 buf
, cipher
, sizeof cipher
);
4043 vd
->init(dc
, key
, 24);
4044 memset(iv
, 0, sizeof iv
);
4045 vd
->run(dc
, iv
, buf
, sizeof buf
);
4046 check_equals("KAT DES->3 decrypt",
4047 buf
, plain
, sizeof plain
);
4052 for (u
= 0; KAT_DES_CBC
[u
]; u
+= 4) {
4053 unsigned char key
[24];
4054 unsigned char ivref
[8];
4055 unsigned char plain
[200];
4056 unsigned char cipher
[200];
4057 unsigned char buf
[200];
4058 unsigned char iv
[8];
4059 size_t key_len
, data_len
, v
;
4060 br_des_gen_cbcenc_keys v_ec
;
4061 br_des_gen_cbcdec_keys v_dc
;
4062 const br_block_cbcenc_class
**ec
;
4063 const br_block_cbcdec_class
**dc
;
4067 key_len
= hextobin(key
, KAT_DES_CBC
[u
]);
4068 hextobin(ivref
, KAT_DES_CBC
[u
+ 1]);
4069 data_len
= hextobin(plain
, KAT_DES_CBC
[u
+ 2]);
4070 hextobin(cipher
, KAT_DES_CBC
[u
+ 3]);
4071 ve
->init(ec
, key
, key_len
);
4073 memcpy(buf
, plain
, data_len
);
4074 memcpy(iv
, ivref
, 8);
4075 ve
->run(ec
, iv
, buf
, data_len
);
4076 check_equals("KAT CBC DES encrypt",
4077 buf
, cipher
, data_len
);
4078 vd
->init(dc
, key
, key_len
);
4079 memcpy(iv
, ivref
, 8);
4080 vd
->run(dc
, iv
, buf
, data_len
);
4081 check_equals("KAT CBC DES decrypt",
4082 buf
, plain
, data_len
);
4084 memcpy(buf
, plain
, data_len
);
4085 memcpy(iv
, ivref
, 8);
4086 for (v
= 0; v
< data_len
; v
+= 8) {
4087 ve
->run(ec
, iv
, buf
+ v
, 8);
4089 check_equals("KAT CBC DES encrypt (2)",
4090 buf
, cipher
, data_len
);
4091 memcpy(iv
, ivref
, 8);
4092 for (v
= 0; v
< data_len
; v
+= 8) {
4093 vd
->run(dc
, iv
, buf
+ v
, 8);
4095 check_equals("KAT CBC DES decrypt (2)",
4096 buf
, plain
, data_len
);
4101 monte_carlo_DES_encrypt(ve
);
4102 monte_carlo_DES_decrypt(vd
);
4112 test_DES_generic("DES_tab",
4113 &br_des_tab_cbcenc_vtable
,
4114 &br_des_tab_cbcdec_vtable
,
4121 test_DES_generic("DES_ct",
4122 &br_des_ct_cbcenc_vtable
,
4123 &br_des_ct_cbcdec_vtable
,
4127 static const struct {
4132 const char *scipher
;
4133 } KAT_CHACHA20
[] = {
4135 "0000000000000000000000000000000000000000000000000000000000000000",
4136 "000000000000000000000000",
4138 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
4139 "76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586"
4142 "0000000000000000000000000000000000000000000000000000000000000001",
4143 "000000000000000000000002",
4145 "416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f",
4146 "a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec2a97948bd3722915c8f3d337f7d370050e9e96d647b7c39f56e031ca5eb6250d4042e02785ececfa4b4bb5e8ead0440e20b6e8db09d881a7c6132f420e52795042bdfa7773d8a9051447b3291ce1411c680465552aa6c405b7764d5e87bea85ad00f8449ed8f72d0d662ab052691ca66424bc86d2df80ea41f43abf937d3259dc4b2d0dfb48a6c9139ddd7f76966e928e635553ba76c5c879d7b35d49eb2e62b0871cdac638939e25e8a1e0ef9d5280fa8ca328b351c3c765989cbcf3daa8b6ccc3aaf9f3979c92b3720fc88dc95ed84a1be059c6499b9fda236e7e818b04b0bc39c1e876b193bfe5569753f88128cc08aaa9b63d1a16f80ef2554d7189c411f5869ca52c5b83fa36ff216b9c1d30062bebcfd2dc5bce0911934fda79a86f6e698ced759c3ff9b6477338f3da4f9cd8514ea9982ccafb341b2384dd902f3d1ab7ac61dd29c6f21ba5b862f3730e37cfdc4fd806c22f221"
4149 "1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0",
4150 "000000000000000000000002",
4152 "2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e",
4153 "62e6347f95ed87a45ffae7426f27a1df5fb69110044c0d73118effa95b01e5cf166d3df2d721caf9b21e5fb14c616871fd84c54f9d65b283196c7fe4f60553ebf39c6402c42234e32a356b3e764312a61a5532055716ead6962568f87d3f3f7704c6a8d1bcd1bf4d50d6154b6da731b187b58dfd728afa36757a797ac188d1"
4159 test_ChaCha20_ct(void)
4163 printf("Test ChaCha20_ct: ");
4166 for (u
= 0; KAT_CHACHA20
[u
].skey
; u
++) {
4167 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4171 hextobin(key
, KAT_CHACHA20
[u
].skey
);
4172 hextobin(nonce
, KAT_CHACHA20
[u
].snonce
);
4173 cc
= KAT_CHACHA20
[u
].counter
;
4174 len
= hextobin(plain
, KAT_CHACHA20
[u
].splain
);
4175 hextobin(cipher
, KAT_CHACHA20
[u
].scipher
);
4177 for (v
= 0; v
< len
; v
++) {
4178 unsigned char tmp
[400];
4181 memset(tmp
, 0, sizeof tmp
);
4182 memcpy(tmp
, plain
, v
);
4183 if (br_chacha20_ct_run(key
, nonce
, cc
, tmp
, v
)
4184 != cc
+ (uint32_t)((v
+ 63) >> 6))
4186 fprintf(stderr
, "ChaCha20: wrong counter\n");
4189 if (memcmp(tmp
, cipher
, v
) != 0) {
4190 fprintf(stderr
, "ChaCha20 KAT fail (1)\n");
4193 for (w
= v
; w
< sizeof tmp
; w
++) {
4195 fprintf(stderr
, "ChaCha20: overrun\n");
4199 br_chacha20_ct_run(key
, nonce
, cc
, tmp
, v
);
4200 if (memcmp(tmp
, plain
, v
) != 0) {
4201 fprintf(stderr
, "ChaCha20 KAT fail (2)\n");
4214 static const struct {
4219 const char *scipher
;
4221 } KAT_POLY1305
[] = {
4223 "4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e",
4224 "50515253c0c1c2c3c4c5c6c7",
4225 "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f",
4226 "070000004041424344454647",
4227 "d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116",
4228 "1ae10b594f09e26a7e902ecbd0600691"
4230 { 0, 0, 0, 0, 0, 0 }
4234 test_Poly1305_inner(const char *name
, br_poly1305_run ipoly
,
4235 br_poly1305_run iref
)
4238 br_hmac_drbg_context rng
;
4240 printf("Test %s: ", name
);
4243 for (u
= 0; KAT_POLY1305
[u
].skey
; u
++) {
4244 unsigned char key
[32], nonce
[12], plain
[400], cipher
[400];
4245 unsigned char aad
[400], tag
[16], data
[400], tmp
[16];
4246 size_t len
, aad_len
;
4248 len
= hextobin(plain
, KAT_POLY1305
[u
].splain
);
4249 aad_len
= hextobin(aad
, KAT_POLY1305
[u
].saad
);
4250 hextobin(key
, KAT_POLY1305
[u
].skey
);
4251 hextobin(nonce
, KAT_POLY1305
[u
].snonce
);
4252 hextobin(cipher
, KAT_POLY1305
[u
].scipher
);
4253 hextobin(tag
, KAT_POLY1305
[u
].stag
);
4255 memcpy(data
, plain
, len
);
4256 ipoly(key
, nonce
, data
, len
,
4257 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 1);
4258 check_equals("ChaCha20+Poly1305 KAT (1)", data
, cipher
, len
);
4259 check_equals("ChaCha20+Poly1305 KAT (2)", tmp
, tag
, 16);
4260 ipoly(key
, nonce
, data
, len
,
4261 aad
, aad_len
, tmp
, br_chacha20_ct_run
, 0);
4262 check_equals("ChaCha20+Poly1305 KAT (3)", data
, plain
, len
);
4263 check_equals("ChaCha20+Poly1305 KAT (4)", tmp
, tag
, 16);
4273 * We compare the "ipoly" and "iref" implementations together on
4274 * a bunch of pseudo-random messages.
4276 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for Poly1305", 17);
4277 for (u
= 0; u
< 100; u
++) {
4278 unsigned char plain
[100], aad
[100], tmp
[100];
4279 unsigned char key
[32], iv
[12], tag1
[16], tag2
[16];
4281 br_hmac_drbg_generate(&rng
, key
, sizeof key
);
4282 br_hmac_drbg_generate(&rng
, iv
, sizeof iv
);
4283 br_hmac_drbg_generate(&rng
, plain
, u
);
4284 br_hmac_drbg_generate(&rng
, aad
, u
);
4285 memcpy(tmp
, plain
, u
);
4286 memset(tmp
+ u
, 0xFF, (sizeof tmp
) - u
);
4287 ipoly(key
, iv
, tmp
, u
, aad
, u
, tag1
,
4288 &br_chacha20_ct_run
, 1);
4289 memset(tmp
+ u
, 0x00, (sizeof tmp
) - u
);
4290 iref(key
, iv
, tmp
, u
, aad
, u
, tag2
,
4291 &br_chacha20_ct_run
, 0);
4292 if (memcmp(tmp
, plain
, u
) != 0) {
4293 fprintf(stderr
, "cross enc/dec failed\n");
4296 if (memcmp(tag1
, tag2
, sizeof tag1
) != 0) {
4297 fprintf(stderr
, "cross MAC failed\n");
4309 test_Poly1305_ctmul(void)
4311 test_Poly1305_inner("Poly1305_ctmul", &br_poly1305_ctmul_run
,
4312 &br_poly1305_i15_run
);
4316 test_Poly1305_ctmul32(void)
4318 test_Poly1305_inner("Poly1305_ctmul32", &br_poly1305_ctmul32_run
,
4319 &br_poly1305_i15_run
);
4323 test_Poly1305_i15(void)
4325 test_Poly1305_inner("Poly1305_i15", &br_poly1305_i15_run
,
4326 &br_poly1305_ctmul_run
);
4330 test_Poly1305_ctmulq(void)
4334 bp
= br_poly1305_ctmulq_get();
4336 printf("Test Poly1305_ctmulq: UNAVAILABLE\n");
4338 test_Poly1305_inner("Poly1305_ctmulq", bp
,
4339 &br_poly1305_ctmul_run
);
4344 * A 1024-bit RSA key, generated with OpenSSL.
4346 static const unsigned char RSA_N
[] = {
4347 0xBF, 0xB4, 0xA6, 0x2E, 0x87, 0x3F, 0x9C, 0x8D,
4348 0xA0, 0xC4, 0x2E, 0x7B, 0x59, 0x36, 0x0F, 0xB0,
4349 0xFF, 0xE1, 0x25, 0x49, 0xE5, 0xE6, 0x36, 0xB0,
4350 0x48, 0xC2, 0x08, 0x6B, 0x77, 0xA7, 0xC0, 0x51,
4351 0x66, 0x35, 0x06, 0xA9, 0x59, 0xDF, 0x17, 0x7F,
4352 0x15, 0xF6, 0xB4, 0xE5, 0x44, 0xEE, 0x72, 0x3C,
4353 0x53, 0x11, 0x52, 0xC9, 0xC9, 0x61, 0x4F, 0x92,
4354 0x33, 0x64, 0x70, 0x43, 0x07, 0xF1, 0x3F, 0x7F,
4355 0x15, 0xAC, 0xF0, 0xC1, 0x54, 0x7D, 0x55, 0xC0,
4356 0x29, 0xDC, 0x9E, 0xCC, 0xE4, 0x1D, 0x11, 0x72,
4357 0x45, 0xF4, 0xD2, 0x70, 0xFC, 0x34, 0xB2, 0x1F,
4358 0xF3, 0xAD, 0x6A, 0xF0, 0xE5, 0x56, 0x11, 0xF8,
4359 0x0C, 0x3A, 0x8B, 0x04, 0x46, 0x7C, 0x77, 0xD9,
4360 0x41, 0x1F, 0x40, 0xBE, 0x93, 0x80, 0x9D, 0x23,
4361 0x75, 0x80, 0x12, 0x26, 0x5A, 0x72, 0x1C, 0xDD,
4362 0x47, 0xB3, 0x2A, 0x33, 0xD8, 0x19, 0x61, 0xE3
4364 static const unsigned char RSA_E
[] = {
4368 static const unsigned char RSA_D[] = {
4369 0xAE, 0x56, 0x0B, 0x56, 0x7E, 0xDA, 0x83, 0x75,
4370 0x6C, 0xC1, 0x5C, 0x00, 0x02, 0x96, 0x1E, 0x58,
4371 0xF9, 0xA9, 0xF7, 0x2E, 0x27, 0xEB, 0x5E, 0xCA,
4372 0x9B, 0xB0, 0x10, 0xD6, 0x22, 0x7F, 0xA4, 0x6E,
4373 0xA2, 0x03, 0x10, 0xE6, 0xCB, 0x7B, 0x0D, 0x34,
4374 0x1E, 0x76, 0x37, 0xF5, 0xD3, 0xE5, 0x00, 0x70,
4375 0x09, 0x9E, 0xD4, 0x69, 0xFB, 0x40, 0x0A, 0x8B,
4376 0xCB, 0x3E, 0xC8, 0xB4, 0xBC, 0xB1, 0x50, 0xEA,
4377 0x9D, 0xD9, 0x89, 0x8A, 0x98, 0x40, 0x79, 0xD1,
4378 0x07, 0x66, 0xA7, 0x90, 0x63, 0x82, 0xB1, 0xE0,
4379 0x24, 0xD0, 0x89, 0x6A, 0xEC, 0xC5, 0xF3, 0x21,
4380 0x7D, 0xB8, 0xA5, 0x45, 0x3A, 0x3B, 0x34, 0x42,
4381 0xC2, 0x82, 0x3C, 0x8D, 0xFA, 0x5D, 0xA0, 0xA8,
4382 0x24, 0xC8, 0x40, 0x22, 0x19, 0xCB, 0xB5, 0x85,
4383 0x67, 0x69, 0x60, 0xE4, 0xD0, 0x7E, 0xA3, 0x3B,
4384 0xF7, 0x70, 0x50, 0xC9, 0x5C, 0x97, 0x29, 0x49
4387 static const unsigned char RSA_P
[] = {
4388 0xF2, 0xE7, 0x6F, 0x66, 0x2E, 0xC4, 0x03, 0xD4,
4389 0x89, 0x24, 0xCC, 0xE1, 0xCD, 0x3F, 0x01, 0x82,
4390 0xC1, 0xFB, 0xAF, 0x44, 0xFA, 0xCC, 0x0E, 0xAA,
4391 0x9D, 0x74, 0xA9, 0x65, 0xEF, 0xED, 0x4C, 0x87,
4392 0xF0, 0xB3, 0xC6, 0xEA, 0x61, 0x85, 0xDE, 0x4E,
4393 0x66, 0xB2, 0x5A, 0x9F, 0x7A, 0x41, 0xC5, 0x66,
4394 0x57, 0xDF, 0x88, 0xF0, 0xB5, 0xF2, 0xC7, 0x7E,
4395 0xE6, 0x55, 0x21, 0x96, 0x83, 0xD8, 0xAB, 0x57
4397 static const unsigned char RSA_Q
[] = {
4398 0xCA, 0x0A, 0x92, 0xBF, 0x58, 0xB0, 0x2E, 0xF6,
4399 0x66, 0x50, 0xB1, 0x48, 0x29, 0x42, 0x86, 0x6C,
4400 0x98, 0x06, 0x7E, 0xB8, 0xB5, 0x4F, 0xFB, 0xC4,
4401 0xF3, 0xC3, 0x36, 0x91, 0x07, 0xB6, 0xDB, 0xE9,
4402 0x56, 0x3C, 0x51, 0x7D, 0xB5, 0xEC, 0x0A, 0xA9,
4403 0x7C, 0x66, 0xF9, 0xD8, 0x25, 0xDE, 0xD2, 0x94,
4404 0x5A, 0x58, 0xF1, 0x93, 0xE4, 0xF0, 0x5F, 0x27,
4405 0xBD, 0x83, 0xC7, 0xCA, 0x48, 0x6A, 0xB2, 0x55
4407 static const unsigned char RSA_DP
[] = {
4408 0xAF, 0x97, 0xBE, 0x60, 0x0F, 0xCE, 0x83, 0x36,
4409 0x51, 0x2D, 0xD9, 0x2E, 0x22, 0x41, 0x39, 0xC6,
4410 0x5C, 0x94, 0xA4, 0xCF, 0x28, 0xBD, 0xFA, 0x9C,
4411 0x3B, 0xD6, 0xE9, 0xDE, 0x56, 0xE3, 0x24, 0x3F,
4412 0xE1, 0x31, 0x14, 0xCA, 0xBA, 0x55, 0x1B, 0xAF,
4413 0x71, 0x6D, 0xDD, 0x35, 0x0C, 0x1C, 0x1F, 0xA7,
4414 0x2C, 0x3E, 0xDB, 0xAF, 0xA6, 0xD8, 0x2A, 0x7F,
4415 0x01, 0xE2, 0xE8, 0xB4, 0xF5, 0xFA, 0xDB, 0x61
4417 static const unsigned char RSA_DQ
[] = {
4418 0x29, 0xC0, 0x4B, 0x98, 0xFD, 0x13, 0xD3, 0x70,
4419 0x99, 0xAE, 0x1D, 0x24, 0x83, 0x5A, 0x3A, 0xFB,
4420 0x1F, 0xE3, 0x5F, 0xB6, 0x7D, 0xC9, 0x5C, 0x86,
4421 0xD3, 0xB4, 0xC8, 0x86, 0xE9, 0xE8, 0x30, 0xC3,
4422 0xA4, 0x4D, 0x6C, 0xAD, 0xA4, 0xB5, 0x75, 0x72,
4423 0x96, 0xC1, 0x94, 0xE9, 0xC4, 0xD1, 0xAA, 0x04,
4424 0x7C, 0x33, 0x1B, 0x20, 0xEB, 0xD3, 0x7C, 0x66,
4425 0x72, 0xF4, 0x53, 0x8A, 0x0A, 0xB2, 0xF9, 0xCD
4427 static const unsigned char RSA_IQ
[] = {
4428 0xE8, 0xEB, 0x04, 0x79, 0xA5, 0xC1, 0x79, 0xDE,
4429 0xD5, 0x49, 0xA1, 0x0B, 0x48, 0xB9, 0x0E, 0x55,
4430 0x74, 0x2C, 0x54, 0xEE, 0xA8, 0xB0, 0x01, 0xC2,
4431 0xD2, 0x3C, 0x3E, 0x47, 0x3A, 0x7C, 0xC8, 0x3D,
4432 0x2E, 0x33, 0x54, 0x4D, 0x40, 0x29, 0x41, 0x74,
4433 0xBA, 0xE1, 0x93, 0x09, 0xEC, 0xE0, 0x1B, 0x4D,
4434 0x1F, 0x2A, 0xCA, 0x4A, 0x0B, 0x5F, 0xE6, 0xBE,
4435 0x59, 0x0A, 0xC4, 0xC9, 0xD9, 0x82, 0xAC, 0xE1
4438 static const br_rsa_public_key RSA_PK
= {
4439 (void *)RSA_N
, sizeof RSA_N
,
4440 (void *)RSA_E
, sizeof RSA_E
4443 static const br_rsa_private_key RSA_SK
= {
4445 (void *)RSA_P
, sizeof RSA_P
,
4446 (void *)RSA_Q
, sizeof RSA_Q
,
4447 (void *)RSA_DP
, sizeof RSA_DP
,
4448 (void *)RSA_DQ
, sizeof RSA_DQ
,
4449 (void *)RSA_IQ
, sizeof RSA_IQ
4453 test_RSA_core(const char *name
, br_rsa_public fpub
, br_rsa_private fpriv
)
4455 unsigned char t1
[128], t2
[128], t3
[128];
4457 printf("Test %s: ", name
);
4461 * A KAT test (computed with OpenSSL).
4463 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4464 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4465 memcpy(t3
, t1
, sizeof t1
);
4466 if (!fpub(t3
, sizeof t3
, &RSA_PK
)) {
4467 fprintf(stderr
, "RSA public operation failed\n");
4470 check_equals("KAT RSA pub", t2
, t3
, sizeof t2
);
4471 if (!fpriv(t3
, &RSA_SK
)) {
4472 fprintf(stderr
, "RSA private operation failed\n");
4475 check_equals("KAT RSA priv", t1
, t3
, sizeof t1
);
4481 static const unsigned char SHA1_OID
[] = {
4482 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
4486 test_RSA_sign(const char *name
, br_rsa_private fpriv
,
4487 br_rsa_pkcs1_sign fsign
, br_rsa_pkcs1_vrfy fvrfy
)
4489 unsigned char t1
[128], t2
[128];
4490 unsigned char hv
[20], tmp
[20];
4494 printf("Test %s: ", name
);
4498 * Verify the KAT test (computed with OpenSSL).
4500 hextobin(t1
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4502 br_sha1_update(&hc
, "test", 4);
4503 br_sha1_out(&hc
, hv
);
4504 if (!fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
4505 fprintf(stderr
, "Signature verification failed\n");
4508 check_equals("Extracted hash value", hv
, tmp
, sizeof tmp
);
4511 * Regenerate the signature. This should yield the same value as
4512 * the KAT test, since PKCS#1 v1.5 signatures are deterministic
4513 * (except the usual detail about hash function parameter
4514 * encoding, but OpenSSL uses the same convention as BearSSL).
4516 if (!fsign(SHA1_OID
, hv
, 20, &RSA_SK
, t2
)) {
4517 fprintf(stderr
, "Signature generation failed\n");
4520 check_equals("Regenerated signature", t1
, t2
, sizeof t1
);
4523 * Use the raw private core to generate fake signatures, where
4524 * one byte of the padded hash value is altered. They should all be
4527 hextobin(t2
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4528 for (u
= 0; u
< (sizeof t2
) - 20; u
++) {
4529 memcpy(t1
, t2
, sizeof t2
);
4531 if (!fpriv(t1
, &RSA_SK
)) {
4532 fprintf(stderr
, "RSA private key operation failed\n");
4535 if (fvrfy(t1
, sizeof t1
, SHA1_OID
, sizeof tmp
, &RSA_PK
, tmp
)) {
4537 "Signature verification should have failed\n");
4551 test_RSA_core("RSA i15 core", &br_rsa_i15_public
, &br_rsa_i15_private
);
4552 test_RSA_sign("RSA i15 sign", &br_rsa_i15_private
,
4553 &br_rsa_i15_pkcs1_sign
, &br_rsa_i15_pkcs1_vrfy
);
4559 test_RSA_core("RSA i31 core", &br_rsa_i31_public
, &br_rsa_i31_private
);
4560 test_RSA_sign("RSA i31 sign", &br_rsa_i31_private
,
4561 &br_rsa_i31_pkcs1_sign
, &br_rsa_i31_pkcs1_vrfy
);
4567 test_RSA_core("RSA i32 core", &br_rsa_i32_public
, &br_rsa_i32_private
);
4568 test_RSA_sign("RSA i32 sign", &br_rsa_i32_private
,
4569 &br_rsa_i32_pkcs1_sign
, &br_rsa_i32_pkcs1_vrfy
);
4576 br_rsa_private priv
;
4577 br_rsa_pkcs1_sign sign
;
4578 br_rsa_pkcs1_vrfy vrfy
;
4580 pub
= br_rsa_i62_public_get();
4581 priv
= br_rsa_i62_private_get();
4582 sign
= br_rsa_i62_pkcs1_sign_get();
4583 vrfy
= br_rsa_i62_pkcs1_vrfy_get();
4585 if (!priv
|| !sign
|| !vrfy
) {
4586 fprintf(stderr
, "Inconsistent i62 availability\n");
4589 test_RSA_core("RSA i62 core", pub
, priv
);
4590 test_RSA_sign("RSA i62 sign", priv
, sign
, vrfy
);
4592 if (priv
|| sign
|| vrfy
) {
4593 fprintf(stderr
, "Inconsistent i62 availability\n");
4596 printf("Test RSA i62: UNAVAILABLE\n");
4602 test_RSA_signatures(void)
4604 uint32_t n
[40], e
[2], p
[20], q
[20], dp
[20], dq
[20], iq
[20], x
[40];
4605 unsigned char hv
[20], sig
[128];
4606 unsigned char ref
[128], tmp
[128];
4609 printf("Test RSA signatures: ");
4613 * Decode RSA key elements.
4615 br_int_decode(n
, sizeof n
/ sizeof n
[0], RSA_N
, sizeof RSA_N
);
4616 br_int_decode(e
, sizeof e
/ sizeof e
[0], RSA_E
, sizeof RSA_E
);
4617 br_int_decode(p
, sizeof p
/ sizeof p
[0], RSA_P
, sizeof RSA_P
);
4618 br_int_decode(q
, sizeof q
/ sizeof q
[0], RSA_Q
, sizeof RSA_Q
);
4619 br_int_decode(dp
, sizeof dp
/ sizeof dp
[0], RSA_DP
, sizeof RSA_DP
);
4620 br_int_decode(dq
, sizeof dq
/ sizeof dq
[0], RSA_DQ
, sizeof RSA_DQ
);
4621 br_int_decode(iq
, sizeof iq
/ sizeof iq
[0], RSA_IQ
, sizeof RSA_IQ
);
4624 * Decode reference signature (computed with OpenSSL).
4626 hextobin(ref
, "45A3DC6A106BCD3BD0E48FB579643AA3FF801E5903E80AA9B43A695A8E7F454E93FA208B69995FF7A6D5617C2FEB8E546375A664977A48931842AAE796B5A0D64393DCA35F3490FC157F5BD83B9D58C2F7926E6AE648A2BD96CAB8FCCD3D35BB11424AD47D973FF6D69CA774841AEC45DFAE99CCF79893E7047FDE6CB00AA76D");
4629 * Recompute signature. Since PKCS#1 v1.5 signatures are
4630 * deterministic, we should get the same as the reference signature.
4633 br_sha1_update(&hc
, "test", 4);
4634 br_sha1_out(&hc
, hv
);
4635 if (!br_rsa_sign(sig
, sizeof sig
, p
, q
, dp
, dq
, iq
, br_sha1_ID
, hv
)) {
4636 fprintf(stderr
, "RSA-1024/SHA-1 sig generate failed\n");
4639 check_equals("KAT RSA-sign 1", sig
, ref
, sizeof sig
);
4644 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4645 fprintf(stderr
, "RSA-1024/SHA-1 sig verify failed\n");
4649 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4650 fprintf(stderr
, "RSA-1024/SHA-1 sig verify should have failed\n");
4656 * Generate a signature with the alternate encoding (no NULL) and
4659 hextobin(tmp
, "0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00301F300706052B0E03021A0414A94A8FE5CCB19BA61C4C0873D391E987982FBBD3");
4660 br_int_decode(x
, sizeof x
/ sizeof x
[0], tmp
, sizeof tmp
);
4662 br_rsa_private_core(x
, p
, q
, dp
, dq
, iq
);
4663 br_int_encode(sig
, sizeof sig
, x
);
4664 if (!br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4665 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) failed\n");
4669 if (br_rsa_verify(sig
, sizeof sig
, n
, e
, br_sha1_ID
, hv
)) {
4670 fprintf(stderr
, "RSA-1024/SHA-1 sig verify (alt) should have failed\n");
4681 * From: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
4683 static const char *const KAT_GHASH
[] = {
4685 "66e94bd4ef8a2c3b884cfa59ca342b2e",
4688 "00000000000000000000000000000000",
4690 "66e94bd4ef8a2c3b884cfa59ca342b2e",
4692 "0388dace60b6a392f328c2b971b2fe78",
4693 "f38cbb1ad69223dcc3457ae5b6b0f885",
4695 "b83b533708bf535d0aa6e52980d53b78",
4697 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985",
4698 "7f1b32b81b820d02614f8895ac1d4eac",
4700 "b83b533708bf535d0aa6e52980d53b78",
4701 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4702 "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091",
4703 "698e57f70e6ecc7fd9463b7260a9ae5f",
4705 "b83b533708bf535d0aa6e52980d53b78",
4706 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4707 "61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598",
4708 "df586bb4c249b92cb6922877e444d37b",
4710 "b83b533708bf535d0aa6e52980d53b78",
4711 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4712 "8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5",
4713 "1c5afe9760d3932f3c9a878aac3dc3de",
4715 "aae06992acbf52a3e8f4a96ec9300bd7",
4717 "98e7247c07f0fe411c267e4384b0f600",
4718 "e2c63f0ac44ad0e02efa05ab6743d4ce",
4720 "466923ec9ae682214f2c082badb39249",
4722 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256",
4723 "51110d40f6c8fff0eb1ae33445a889f0",
4725 "466923ec9ae682214f2c082badb39249",
4726 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4727 "3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710",
4728 "ed2ce3062e4a8ec06db8b4c490e8a268",
4730 "466923ec9ae682214f2c082badb39249",
4731 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4732 "0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7",
4733 "1e6a133806607858ee80eaf237064089",
4735 "466923ec9ae682214f2c082badb39249",
4736 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4737 "d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b",
4738 "82567fb0b4cc371801eadec005968e94",
4740 "dc95c078a2408989ad48a21492842087",
4742 "cea7403d4d606b6e074ec5d3baf39d18",
4743 "83de425c5edc5d498f382c441041ca92",
4745 "acbef20579b4b8ebce889bac8732dad7",
4747 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad",
4748 "4db870d37cb75fcb46097c36230d1612",
4750 "acbef20579b4b8ebce889bac8732dad7",
4751 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4752 "522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662",
4753 "8bd0c4d8aacd391e67cca447e8c38f65",
4755 "acbef20579b4b8ebce889bac8732dad7",
4756 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4757 "c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f",
4758 "75a34288b8c68f811c52b2e9a2f97f63",
4760 "acbef20579b4b8ebce889bac8732dad7",
4761 "feedfacedeadbeeffeedfacedeadbeefabaddad2",
4762 "5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f",
4763 "d5ffcf6fc5ac4d69722187421a7f170b",
4769 test_GHASH(const char *name
, br_ghash gh
)
4773 printf("Test %s: ", name
);
4776 for (u
= 0; KAT_GHASH
[u
]; u
+= 4) {
4777 unsigned char h
[16];
4778 unsigned char a
[100];
4780 unsigned char c
[100];
4782 unsigned char p
[16];
4783 unsigned char y
[16];
4784 unsigned char ref
[16];
4786 hextobin(h
, KAT_GHASH
[u
]);
4787 a_len
= hextobin(a
, KAT_GHASH
[u
+ 1]);
4788 c_len
= hextobin(c
, KAT_GHASH
[u
+ 2]);
4789 hextobin(ref
, KAT_GHASH
[u
+ 3]);
4790 memset(y
, 0, sizeof y
);
4793 memset(p
, 0, sizeof p
);
4794 br_enc32be(p
+ 4, (uint32_t)a_len
<< 3);
4795 br_enc32be(p
+ 12, (uint32_t)c_len
<< 3);
4796 gh(y
, h
, p
, sizeof p
);
4797 check_equals("KAT GHASH", y
, ref
, sizeof ref
);
4800 for (u
= 0; u
<= 1024; u
++) {
4801 unsigned char key
[32], iv
[12];
4802 unsigned char buf
[1024 + 32];
4803 unsigned char y0
[16], y1
[16];
4806 memset(key
, 0, sizeof key
);
4807 memset(iv
, 0, sizeof iv
);
4809 memset(buf
, 0, sizeof buf
);
4810 br_chacha20_ct_run(key
, iv
, 1, buf
, sizeof buf
);
4812 memcpy(y0
, buf
, 16);
4813 br_ghash_ctmul32(y0
, buf
+ 16, buf
+ 32, u
);
4814 memcpy(y1
, buf
, 16);
4815 gh(y1
, buf
+ 16, buf
+ 32, u
);
4816 sprintf(tmp
, "XREF %s (len = %u)", name
, (unsigned)u
);
4817 check_equals(tmp
, y0
, y1
, 16);
4819 if ((u
& 31) == 0) {
4830 test_GHASH_ctmul(void)
4832 test_GHASH("GHASH_ctmul", br_ghash_ctmul
);
4836 test_GHASH_ctmul32(void)
4838 test_GHASH("GHASH_ctmul32", br_ghash_ctmul32
);
4842 test_GHASH_ctmul64(void)
4844 test_GHASH("GHASH_ctmul64", br_ghash_ctmul64
);
4848 test_GHASH_pclmul(void)
4852 gh
= br_ghash_pclmul_get();
4854 printf("Test GHASH_pclmul: UNAVAILABLE\n");
4856 test_GHASH("GHASH_pclmul", gh
);
4861 test_GHASH_pwr8(void)
4865 gh
= br_ghash_pwr8_get();
4867 printf("Test GHASH_pwr8: UNAVAILABLE\n");
4869 test_GHASH("GHASH_pwr8", gh
);
4874 test_EC_inner(const char *sk
, const char *sU
,
4875 const br_ec_impl
*impl
, int curve
)
4877 unsigned char bk
[70];
4878 unsigned char eG
[150], eU
[150];
4879 uint32_t n
[22], n0i
;
4880 size_t klen
, ulen
, nlen
;
4881 const br_ec_curve_def
*cd
;
4882 br_hmac_drbg_context rng
;
4885 klen
= hextobin(bk
, sk
);
4886 ulen
= hextobin(eU
, sU
);
4888 case BR_EC_secp256r1
:
4891 case BR_EC_secp384r1
:
4894 case BR_EC_secp521r1
:
4898 fprintf(stderr
, "Unknown curve: %d\n", curve
);
4902 if (ulen
!= cd
->generator_len
) {
4903 fprintf(stderr
, "KAT vector wrong (%lu / %lu)\n",
4904 (unsigned long)ulen
,
4905 (unsigned long)cd
->generator_len
);
4907 memcpy(eG
, cd
->generator
, ulen
);
4908 if (impl
->mul(eG
, ulen
, bk
, klen
, curve
) != 1) {
4909 fprintf(stderr
, "KAT multiplication failed\n");
4912 if (memcmp(eG
, eU
, ulen
) != 0) {
4913 fprintf(stderr
, "KAT mul: mismatch\n");
4918 * Test the two-point-mul function. We want to test the basic
4919 * functionality, and the following special cases:
4921 * x + y = curve order
4923 nlen
= cd
->order_len
;
4924 br_i31_decode(n
, cd
->order
, nlen
);
4925 n0i
= br_i31_ninv31(n
[1]);
4926 br_hmac_drbg_init(&rng
, &br_sha256_vtable
, "seed for EC", 11);
4927 for (i
= 0; i
< 10; i
++) {
4928 unsigned char ba
[80], bb
[80], bx
[80], by
[80], bz
[80];
4929 uint32_t a
[22], b
[22], x
[22], y
[22], z
[22], t1
[22], t2
[22];
4931 unsigned char eA
[160], eB
[160], eC
[160], eD
[160];
4934 * Generate random a and b, and compute A = a*G and B = b*G.
4936 br_hmac_drbg_generate(&rng
, ba
, sizeof ba
);
4937 br_i31_decode_reduce(a
, ba
, sizeof ba
, n
);
4938 br_i31_encode(ba
, nlen
, a
);
4939 br_hmac_drbg_generate(&rng
, bb
, sizeof bb
);
4940 br_i31_decode_reduce(b
, bb
, sizeof bb
, n
);
4941 br_i31_encode(bb
, nlen
, b
);
4942 memcpy(eA
, cd
->generator
, ulen
);
4943 impl
->mul(eA
, ulen
, ba
, nlen
, cd
->curve
);
4944 memcpy(eB
, cd
->generator
, ulen
);
4945 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
4948 * Generate random x and y (modulo n).
4950 br_hmac_drbg_generate(&rng
, bx
, sizeof bx
);
4951 br_i31_decode_reduce(x
, bx
, sizeof bx
, n
);
4952 br_i31_encode(bx
, nlen
, x
);
4953 br_hmac_drbg_generate(&rng
, by
, sizeof by
);
4954 br_i31_decode_reduce(y
, by
, sizeof by
, n
);
4955 br_i31_encode(by
, nlen
, y
);
4958 * Compute z = a*x + b*y (mod n).
4960 memcpy(t1
, x
, sizeof x
);
4961 br_i31_to_monty(t1
, n
);
4962 br_i31_montymul(z
, a
, t1
, n
, n0i
);
4963 memcpy(t1
, y
, sizeof y
);
4964 br_i31_to_monty(t1
, n
);
4965 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
4966 r
= br_i31_add(z
, t2
, 1);
4967 r
|= br_i31_sub(z
, n
, 0) ^ 1;
4968 br_i31_sub(z
, n
, r
);
4969 br_i31_encode(bz
, nlen
, z
);
4972 * Compute C = x*A + y*B with muladd(), and also
4973 * D = z*G with mul(). The two points must match.
4975 memcpy(eC
, eA
, ulen
);
4976 if (impl
->muladd(eC
, eB
, ulen
,
4977 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
4979 fprintf(stderr
, "muladd() failed (1)\n");
4982 memcpy(eD
, cd
->generator
, ulen
);
4983 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
4984 fprintf(stderr
, "mul() failed (1)\n");
4987 if (memcmp(eC
, eD
, nlen
) != 0) {
4988 fprintf(stderr
, "mul() / muladd() mismatch\n");
4993 * Also recomputed D = z*G with mulgen(). This must
4996 memset(eD
, 0, ulen
);
4997 if (impl
->mulgen(eD
, bz
, nlen
, cd
->curve
) != ulen
) {
4998 fprintf(stderr
, "mulgen() failed: wrong length\n");
5001 if (memcmp(eC
, eD
, nlen
) != 0) {
5002 fprintf(stderr
, "mulgen() / muladd() mismatch\n");
5007 * Check with x*A = y*B. We do so by setting b = x and y = a.
5009 memcpy(b
, x
, sizeof x
);
5010 br_i31_encode(bb
, nlen
, b
);
5011 memcpy(eB
, cd
->generator
, ulen
);
5012 impl
->mul(eB
, ulen
, bb
, nlen
, cd
->curve
);
5013 memcpy(y
, a
, sizeof a
);
5014 br_i31_encode(by
, nlen
, y
);
5016 memcpy(t1
, x
, sizeof x
);
5017 br_i31_to_monty(t1
, n
);
5018 br_i31_montymul(z
, a
, t1
, n
, n0i
);
5019 memcpy(t1
, y
, sizeof y
);
5020 br_i31_to_monty(t1
, n
);
5021 br_i31_montymul(t2
, b
, t1
, n
, n0i
);
5022 r
= br_i31_add(z
, t2
, 1);
5023 r
|= br_i31_sub(z
, n
, 0) ^ 1;
5024 br_i31_sub(z
, n
, r
);
5025 br_i31_encode(bz
, nlen
, z
);
5027 memcpy(eC
, eA
, ulen
);
5028 if (impl
->muladd(eC
, eB
, ulen
,
5029 bx
, nlen
, by
, nlen
, cd
->curve
) != 1)
5031 fprintf(stderr
, "muladd() failed (2)\n");
5034 memcpy(eD
, cd
->generator
, ulen
);
5035 if (impl
->mul(eD
, ulen
, bz
, nlen
, cd
->curve
) != 1) {
5036 fprintf(stderr
, "mul() failed (2)\n");
5039 if (memcmp(eC
, eD
, nlen
) != 0) {
5041 "mul() / muladd() mismatch (x*A=y*B)\n");
5046 * Check with x*A + y*B = 0. At that point, b = x, so we
5047 * just need to set y = -a (mod n).
5049 memcpy(y
, n
, sizeof n
);
5050 br_i31_sub(y
, a
, 1);
5051 br_i31_encode(by
, nlen
, y
);
5052 memcpy(eC
, eA
, ulen
);
5053 if (impl
->muladd(eC
, eB
, ulen
,
5054 bx
, nlen
, by
, nlen
, cd
->curve
) != 0)
5056 fprintf(stderr
, "muladd() should have failed\n");
5066 test_EC_KAT(const char *name
, const br_ec_impl
*impl
, uint32_t curve_mask
)
5069 printf("Test %s: ", name
);
5072 if (curve_mask
& ((uint32_t)1 << BR_EC_secp256r1
)) {
5074 "C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721",
5075 "0460FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB67903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299",
5076 impl
, BR_EC_secp256r1
);
5078 if (curve_mask
& ((uint32_t)1 << BR_EC_secp384r1
)) {
5080 "6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5",
5081 "04EC3A4E415B4E19A4568618029F427FA5DA9A8BC4AE92E02E06AAE5286B300C64DEF8F0EA9055866064A254515480BC138015D9B72D7D57244EA8EF9AC0C621896708A59367F9DFB9F54CA84B3F1C9DB1288B231C3AE0D4FE7344FD2533264720",
5082 impl
, BR_EC_secp384r1
);
5084 if (curve_mask
& ((uint32_t)1 << BR_EC_secp521r1
)) {
5086 "00FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538",
5087 "0401894550D0785932E00EAA23B694F213F8C3121F86DC97A04E5A7167DB4E5BCD371123D46E45DB6B5D5370A7F20FB633155D38FFA16D2BD761DCAC474B9A2F5023A400493101C962CD4D2FDDF782285E64584139C2F91B47F87FF82354D6630F746A28A0DB25741B5B34A828008B22ACC23F924FAAFBD4D33F81EA66956DFEAA2BFDFCF5",
5088 impl
, BR_EC_secp521r1
);
5096 test_EC_prime_i15(void)
5098 test_EC_KAT("EC_prime_i15", &br_ec_prime_i15
,
5099 (uint32_t)1 << BR_EC_secp256r1
5100 | (uint32_t)1 << BR_EC_secp384r1
5101 | (uint32_t)1 << BR_EC_secp521r1
);
5105 test_EC_prime_i31(void)
5107 test_EC_KAT("EC_prime_i31", &br_ec_prime_i31
,
5108 (uint32_t)1 << BR_EC_secp256r1
5109 | (uint32_t)1 << BR_EC_secp384r1
5110 | (uint32_t)1 << BR_EC_secp521r1
);
5114 test_EC_p256_m15(void)
5116 test_EC_KAT("EC_p256_m15", &br_ec_p256_m15
,
5117 (uint32_t)1 << BR_EC_secp256r1
);
5121 test_EC_p256_m31(void)
5123 test_EC_KAT("EC_p256_m31", &br_ec_p256_m31
,
5124 (uint32_t)1 << BR_EC_secp256r1
);
5132 { "A546E36BF0527C9D3B16154B82465EDD62144C0AC1FC5A18506A2244BA449AC4",
5133 "E6DB6867583030DB3594C1A424B15F7C726624EC26B3353B10A903A6D0AB1C4C",
5134 "C3DA55379DE9C6908E94EA4DF28D084F32ECCF03491C71F754B4075577A28552" },
5135 { "4B66E9D4D1B4673C5AD22691957D6AF5C11B6421E0EA01D42CA4169E7918BA0D",
5136 "E5210F12786811D3F4B7959D0538AE2C31DBE7106FC03C3EFC4CD549C715A493",
5137 "95CBDE9476E8907D7AADE45CB4B873F88B595A68799FA152E6F8F7647AAC7957" },
5142 test_EC_c25519(const char *name
, const br_ec_impl
*iec
)
5144 unsigned char bu
[32], bk
[32], br
[32];
5148 printf("Test %s: ", name
);
5150 for (v
= 0; C25519_KAT
[v
].scalar
; v
++) {
5151 hextobin(bk
, C25519_KAT
[v
].scalar
);
5152 hextobin(bu
, C25519_KAT
[v
].u_in
);
5153 hextobin(br
, C25519_KAT
[v
].u_out
);
5154 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
5155 fprintf(stderr
, "Curve25519 multiplication failed\n");
5158 if (memcmp(bu
, br
, sizeof bu
) != 0) {
5159 fprintf(stderr
, "Curve25519 failed KAT\n");
5168 memset(bu
, 0, sizeof bu
);
5170 memcpy(bk
, bu
, sizeof bu
);
5171 for (i
= 1; i
<= 1000; i
++) {
5172 if (!iec
->mul(bu
, sizeof bu
, bk
, sizeof bk
, BR_EC_curve25519
)) {
5173 fprintf(stderr
, "Curve25519 multiplication failed"
5177 for (v
= 0; v
< sizeof bu
; v
++) {
5184 if (i
== 1 || i
== 1000) {
5188 ? "422C8E7A6227D7BCA1350B3E2BB7279F7897B87BB6854B783C60E80311AE3079"
5189 : "684CF59BA83309552800EF566F2F4D3C1C3887C49360E3875F2EB94D99532C51";
5191 if (memcmp(bk
, br
, sizeof bk
) != 0) {
5193 "Curve25519 failed KAT (iter=%d)\n", i
);
5208 test_EC_c25519_i15(void)
5210 test_EC_c25519("EC_c25519_i15", &br_ec_c25519_i15
);
5214 test_EC_c25519_i31(void)
5216 test_EC_c25519("EC_c25519_i31", &br_ec_c25519_i31
);
5220 test_EC_c25519_m15(void)
5222 test_EC_c25519("EC_c25519_m15", &br_ec_c25519_m15
);
5226 test_EC_c25519_m31(void)
5228 test_EC_c25519("EC_c25519_m31", &br_ec_c25519_m31
);
5231 static const unsigned char EC_P256_PUB_POINT
[] = {
5232 0x04, 0x60, 0xFE, 0xD4, 0xBA, 0x25, 0x5A, 0x9D,
5233 0x31, 0xC9, 0x61, 0xEB, 0x74, 0xC6, 0x35, 0x6D,
5234 0x68, 0xC0, 0x49, 0xB8, 0x92, 0x3B, 0x61, 0xFA,
5235 0x6C, 0xE6, 0x69, 0x62, 0x2E, 0x60, 0xF2, 0x9F,
5236 0xB6, 0x79, 0x03, 0xFE, 0x10, 0x08, 0xB8, 0xBC,
5237 0x99, 0xA4, 0x1A, 0xE9, 0xE9, 0x56, 0x28, 0xBC,
5238 0x64, 0xF2, 0xF1, 0xB2, 0x0C, 0x2D, 0x7E, 0x9F,
5239 0x51, 0x77, 0xA3, 0xC2, 0x94, 0xD4, 0x46, 0x22,
5243 static const unsigned char EC_P256_PRIV_X
[] = {
5244 0xC9, 0xAF, 0xA9, 0xD8, 0x45, 0xBA, 0x75, 0x16,
5245 0x6B, 0x5C, 0x21, 0x57, 0x67, 0xB1, 0xD6, 0x93,
5246 0x4E, 0x50, 0xC3, 0xDB, 0x36, 0xE8, 0x9B, 0x12,
5247 0x7B, 0x8A, 0x62, 0x2B, 0x12, 0x0F, 0x67, 0x21
5250 static const br_ec_public_key EC_P256_PUB
= {
5252 (unsigned char *)EC_P256_PUB_POINT
, sizeof EC_P256_PUB_POINT
5255 static const br_ec_private_key EC_P256_PRIV
= {
5257 (unsigned char *)EC_P256_PRIV_X
, sizeof EC_P256_PRIV_X
5260 static const unsigned char EC_P384_PUB_POINT
[] = {
5261 0x04, 0xEC, 0x3A, 0x4E, 0x41, 0x5B, 0x4E, 0x19,
5262 0xA4, 0x56, 0x86, 0x18, 0x02, 0x9F, 0x42, 0x7F,
5263 0xA5, 0xDA, 0x9A, 0x8B, 0xC4, 0xAE, 0x92, 0xE0,
5264 0x2E, 0x06, 0xAA, 0xE5, 0x28, 0x6B, 0x30, 0x0C,
5265 0x64, 0xDE, 0xF8, 0xF0, 0xEA, 0x90, 0x55, 0x86,
5266 0x60, 0x64, 0xA2, 0x54, 0x51, 0x54, 0x80, 0xBC,
5267 0x13, 0x80, 0x15, 0xD9, 0xB7, 0x2D, 0x7D, 0x57,
5268 0x24, 0x4E, 0xA8, 0xEF, 0x9A, 0xC0, 0xC6, 0x21,
5269 0x89, 0x67, 0x08, 0xA5, 0x93, 0x67, 0xF9, 0xDF,
5270 0xB9, 0xF5, 0x4C, 0xA8, 0x4B, 0x3F, 0x1C, 0x9D,
5271 0xB1, 0x28, 0x8B, 0x23, 0x1C, 0x3A, 0xE0, 0xD4,
5272 0xFE, 0x73, 0x44, 0xFD, 0x25, 0x33, 0x26, 0x47,
5276 static const unsigned char EC_P384_PRIV_X
[] = {
5277 0x6B, 0x9D, 0x3D, 0xAD, 0x2E, 0x1B, 0x8C, 0x1C,
5278 0x05, 0xB1, 0x98, 0x75, 0xB6, 0x65, 0x9F, 0x4D,
5279 0xE2, 0x3C, 0x3B, 0x66, 0x7B, 0xF2, 0x97, 0xBA,
5280 0x9A, 0xA4, 0x77, 0x40, 0x78, 0x71, 0x37, 0xD8,
5281 0x96, 0xD5, 0x72, 0x4E, 0x4C, 0x70, 0xA8, 0x25,
5282 0xF8, 0x72, 0xC9, 0xEA, 0x60, 0xD2, 0xED, 0xF5
5285 static const br_ec_public_key EC_P384_PUB
= {
5287 (unsigned char *)EC_P384_PUB_POINT
, sizeof EC_P384_PUB_POINT
5290 static const br_ec_private_key EC_P384_PRIV
= {
5292 (unsigned char *)EC_P384_PRIV_X
, sizeof EC_P384_PRIV_X
5295 static const unsigned char EC_P521_PUB_POINT
[] = {
5296 0x04, 0x01, 0x89, 0x45, 0x50, 0xD0, 0x78, 0x59,
5297 0x32, 0xE0, 0x0E, 0xAA, 0x23, 0xB6, 0x94, 0xF2,
5298 0x13, 0xF8, 0xC3, 0x12, 0x1F, 0x86, 0xDC, 0x97,
5299 0xA0, 0x4E, 0x5A, 0x71, 0x67, 0xDB, 0x4E, 0x5B,
5300 0xCD, 0x37, 0x11, 0x23, 0xD4, 0x6E, 0x45, 0xDB,
5301 0x6B, 0x5D, 0x53, 0x70, 0xA7, 0xF2, 0x0F, 0xB6,
5302 0x33, 0x15, 0x5D, 0x38, 0xFF, 0xA1, 0x6D, 0x2B,
5303 0xD7, 0x61, 0xDC, 0xAC, 0x47, 0x4B, 0x9A, 0x2F,
5304 0x50, 0x23, 0xA4, 0x00, 0x49, 0x31, 0x01, 0xC9,
5305 0x62, 0xCD, 0x4D, 0x2F, 0xDD, 0xF7, 0x82, 0x28,
5306 0x5E, 0x64, 0x58, 0x41, 0x39, 0xC2, 0xF9, 0x1B,
5307 0x47, 0xF8, 0x7F, 0xF8, 0x23, 0x54, 0xD6, 0x63,
5308 0x0F, 0x74, 0x6A, 0x28, 0xA0, 0xDB, 0x25, 0x74,
5309 0x1B, 0x5B, 0x34, 0xA8, 0x28, 0x00, 0x8B, 0x22,
5310 0xAC, 0xC2, 0x3F, 0x92, 0x4F, 0xAA, 0xFB, 0xD4,
5311 0xD3, 0x3F, 0x81, 0xEA, 0x66, 0x95, 0x6D, 0xFE,
5312 0xAA, 0x2B, 0xFD, 0xFC, 0xF5
5315 static const unsigned char EC_P521_PRIV_X
[] = {
5316 0x00, 0xFA, 0xD0, 0x6D, 0xAA, 0x62, 0xBA, 0x3B,
5317 0x25, 0xD2, 0xFB, 0x40, 0x13, 0x3D, 0xA7, 0x57,
5318 0x20, 0x5D, 0xE6, 0x7F, 0x5B, 0xB0, 0x01, 0x8F,
5319 0xEE, 0x8C, 0x86, 0xE1, 0xB6, 0x8C, 0x7E, 0x75,
5320 0xCA, 0xA8, 0x96, 0xEB, 0x32, 0xF1, 0xF4, 0x7C,
5321 0x70, 0x85, 0x58, 0x36, 0xA6, 0xD1, 0x6F, 0xCC,
5322 0x14, 0x66, 0xF6, 0xD8, 0xFB, 0xEC, 0x67, 0xDB,
5323 0x89, 0xEC, 0x0C, 0x08, 0xB0, 0xE9, 0x96, 0xB8,
5327 static const br_ec_public_key EC_P521_PUB
= {
5329 (unsigned char *)EC_P521_PUB_POINT
, sizeof EC_P521_PUB_POINT
5332 static const br_ec_private_key EC_P521_PRIV
= {
5334 (unsigned char *)EC_P521_PRIV_X
, sizeof EC_P521_PRIV_X
5338 const br_ec_public_key
*pub
;
5339 const br_ec_private_key
*priv
;
5340 const br_hash_class
*hf
;
5347 const ecdsa_kat_vector ECDSA_KAT
[] = {
5349 /* Test vectors for P-256, from RFC 6979. */
5353 &br_sha1_vtable
, "sample",
5354 "882905F1227FD620FBF2ABF21244F0BA83D0DC3A9103DBBEE43A1FB858109DB4",
5355 "61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D326D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB",
5356 "3044022061340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D3202206D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
5361 &br_sha224_vtable
, "sample",
5362 "103F90EE9DC52E5E7FB5132B7033C63066D194321491862059967C715985D473",
5363 "53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3FB9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C",
5364 "3045022053B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F022100B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
5369 &br_sha256_vtable
, "sample",
5370 "A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60",
5371 "EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8",
5372 "3046022100EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716022100F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8"
5377 &br_sha384_vtable
, "sample",
5378 "09F634B188CEFD98E7EC88B1AA9852D734D0BC272F7D2A47DECC6EBEB375AAD4",
5379 "0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF77194861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954",
5380 "304402200EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF771902204861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954"
5385 &br_sha512_vtable
, "sample",
5386 "5FA81C63109BADB88C1F367B47DA606DA28CAD69AA22C4FE6AD7DF73A7173AA5",
5387 "8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F002362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE",
5388 "30450221008496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F0002202362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE"
5393 &br_sha1_vtable
, "test",
5394 "8C9520267C55D6B980DF741E56B4ADEE114D84FBFA2E62137954164028632A2E",
5395 "0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A8901B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1",
5396 "304402200CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89022001B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
5401 &br_sha224_vtable
, "test",
5402 "669F4426F2688B8BE0DB3A6BD1989BDAEFFF84B649EEB84F3DD26080F667FAA7",
5403 "C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D",
5404 "3046022100C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692022100C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
5409 &br_sha256_vtable
, "test",
5410 "D16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0",
5411 "F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083",
5412 "3045022100F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D383670220019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083"
5417 &br_sha384_vtable
, "test",
5418 "16AEFFA357260B04B1DD199693960740066C1A8F3E8EDD79070AA914D361B3B8",
5419 "83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB68DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C",
5420 "304602210083910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB60221008DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C"
5425 &br_sha512_vtable
, "test",
5426 "6915D11632ACA3C40D5D51C08DAF9C555933819548784480E93499000D9F0B7F",
5427 "461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A0439AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55",
5428 "30440220461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04022039AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55"
5431 /* Test vectors for P-384, from RFC 6979. */
5435 &br_sha1_vtable
, "sample",
5436 "4471EF7518BB2C7C20F62EAE1C387AD0C5E8E470995DB4ACF694466E6AB096630F29E5938D25106C3C340045A2DB01A7",
5437 "EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443",
5438 "3066023100EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2023100A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
5444 &br_sha224_vtable
, "sample",
5445 "A4E4D2F0E729EB786B31FC20AD5D849E304450E0AE8E3E341134A5C1AFA03CAB8083EE4E3C45B06A5899EA56C51B5879",
5446 "42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601229DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D",
5447 "3065023042356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE0601220231009DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
5452 &br_sha256_vtable
, "sample",
5453 "180AE9F9AEC5438A44BC159A1FCB277C7BE54FA20E7CF404B490650A8ACC414E375572342863C899F9F2EDF9747A9B60",
5454 "21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CDF3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0",
5455 "3065023021B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD023100F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0"
5460 &br_sha384_vtable
, "sample",
5461 "94ED910D1A099DAD3254E9242AE85ABDE4BA15168EAF0CA87A555FD56D10FBCA2907E3E83BA95368623B8C4686915CF9",
5462 "94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4699EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8",
5463 "306602310094EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE4602310099EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8"
5468 &br_sha512_vtable
, "sample",
5469 "92FC3C7183A883E24216D1141F1A8976C5B0DD797DFA597E3D7B32198BD35331A4E966532593A52980D0E3AAA5E10EC3",
5470 "ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5",
5471 "3065023100ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD78824337090230512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5"
5476 &br_sha1_vtable
, "test",
5477 "66CC2C8F4D303FC962E5FF6A27BD79F84EC812DDAE58CF5243B64A4AD8094D47EC3727F3A3C186C15054492E30698497",
5478 "4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282",
5479 "306502304BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7023100D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
5484 &br_sha224_vtable
, "test",
5485 "18FA39DB95AA5F561F30FA3591DC59C0FA3653A80DAFFA0B48D1A4C6DFCBFF6E3D33BE4DC5EB8886A8ECD093F2935726",
5486 "E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E7207041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66",
5487 "3065023100E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72023007041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
5492 &br_sha256_vtable
, "test",
5493 "0CFAC37587532347DC3389FDC98286BBA8C73807285B184C83E62E26C401C0FAA48DD070BA79921A3457ABFF2D630AD7",
5494 "6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265",
5495 "306402306D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B02302D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265"
5500 &br_sha384_vtable
, "test",
5501 "015EE46A5BF88773ED9123A5AB0807962D193719503C527B031B4C2D225092ADA71F4A459BC0DA98ADB95837DB8312EA",
5502 "8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DBDDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5",
5503 "30660231008203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB023100DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5"
5508 &br_sha512_vtable
, "test",
5509 "3780C4F67CB15518B6ACAE34C9F83568D2E12E47DEAB6C50A4E4EE5319D1E8CE0E2CC8A136036DC4B9C00E6888F66B6C",
5510 "A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736",
5511 "3066023100A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277023100976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736"
5514 /* Test vectors for P-521, from RFC 6979. */
5518 &br_sha1_vtable
, "sample",
5519 "0089C071B419E1C2820962321787258469511958E80582E95D8378E0C2CCDB3CB42BEDE42F50E3FA3C71F5A76724281D31D9C89F0F91FC1BE4918DB1C03A5838D0F9",
5520 "00343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D00E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16",
5521 "3081870241343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D024200E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
5526 &br_sha224_vtable
, "sample",
5527 "0121415EC2CD7726330A61F7F3FA5DE14BE9436019C4DB8CB4041F3B54CF31BE0493EE3F427FB906393D895A19C9523F3A1D54BB8702BD4AA9C99DAB2597B92113F3",
5528 "01776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E0050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F",
5529 "308187024201776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E024150CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
5534 &br_sha256_vtable
, "sample",
5535 "00EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0",
5536 "01511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7004A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC",
5537 "308187024201511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A702414A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC"
5542 &br_sha384_vtable
, "sample",
5543 "01546A108BC23A15D6F21872F7DED661FA8431DDBD922D0DCDB77CC878C8553FFAD064C95A920A750AC9137E527390D2D92F153E66196966EA554D9ADFCB109C4211",
5544 "01EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C6745101F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61",
5545 "308188024201EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451024201F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61"
5550 &br_sha512_vtable
, "sample",
5551 "01DAE2EA071F8110DC26882D4D5EAE0621A3256FC8847FB9022E2B7D28E6F10198B1574FDD03A9053C08A1854A168AA5A57470EC97DD5CE090124EF52A2F7ECBFFD3",
5552 "00C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA00617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A",
5553 "308187024200C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA0241617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A"
5558 &br_sha1_vtable
, "test",
5559 "00BB9F2BF4FE1038CCF4DABD7139A56F6FD8BB1386561BD3C6A4FC818B20DF5DDBA80795A947107A1AB9D12DAA615B1ADE4F7A9DC05E8E6311150F47F5C57CE8B222",
5560 "013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D036701E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF",
5561 "3081880242013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367024201E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
5566 &br_sha224_vtable
, "test",
5567 "0040D09FCF3C8A5F62CF4FB223CBBB2B9937F6B0577C27020A99602C25A01136987E452988781484EDBBCF1C47E554E7FC901BC3085E5206D9F619CFF07E73D6F706",
5568 "01C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB0177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4",
5569 "308188024201C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB02420177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
5574 &br_sha256_vtable
, "test",
5575 "001DE74955EFAABC4C4F17F8E84D881D1310B5392D7700275F82F145C61E843841AF09035BF7A6210F5A431A6A9E81C9323354A9E69135D44EBD2FCAA7731B909258",
5576 "000E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA800CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86",
5577 "30818702410E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8024200CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86"
5582 &br_sha384_vtable
, "test",
5583 "01F1FC4A349A7DA9A9E116BFDD055DC08E78252FF8E23AC276AC88B1770AE0B5DCEB1ED14A4916B769A523CE1E90BA22846AF11DF8B300C38818F713DADD85DE0C88",
5584 "014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C0133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979",
5585 "3081880242014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C02420133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979"
5590 &br_sha512_vtable
, "test",
5591 "016200813020EC986863BEDFC1B121F605C1215645018AEA1A7B215A564DE9EB1B38A67AA1128B80CE391C4FB71187654AAA3431027BFC7F395766CA988C964DC56D",
5592 "013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D01FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3",
5593 "3081880242013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D024201FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
5596 /* Terminator for list of test vectors. */
5603 test_ECDSA_KAT(const br_ec_impl
*iec
,
5604 br_ecdsa_sign sign
, br_ecdsa_vrfy vrfy
, int asn1
)
5608 for (u
= 0;; u
++) {
5609 const ecdsa_kat_vector
*kv
;
5610 unsigned char hash
[64];
5612 unsigned char sig
[150], sig2
[150];
5613 size_t sig_len
, sig2_len
;
5614 br_hash_compat_context hc
;
5620 kv
->hf
->init(&hc
.vtable
);
5621 kv
->hf
->update(&hc
.vtable
, kv
->msg
, strlen(kv
->msg
));
5622 kv
->hf
->out(&hc
.vtable
, hash
);
5623 hash_len
= (kv
->hf
->desc
>> BR_HASHDESC_OUT_OFF
)
5624 & BR_HASHDESC_OUT_MASK
;
5626 sig_len
= hextobin(sig
, kv
->sasn1
);
5628 sig_len
= hextobin(sig
, kv
->sraw
);
5631 if (vrfy(iec
, hash
, hash_len
,
5632 kv
->pub
, sig
, sig_len
) != 1)
5634 fprintf(stderr
, "ECDSA KAT verify failed (1)\n");
5638 if (vrfy(iec
, hash
, hash_len
,
5639 kv
->pub
, sig
, sig_len
) != 0)
5641 fprintf(stderr
, "ECDSA KAT verify shoud have failed\n");
5645 if (vrfy(iec
, hash
, hash_len
,
5646 kv
->pub
, sig
, sig_len
) != 1)
5648 fprintf(stderr
, "ECDSA KAT verify failed (2)\n");
5652 sig2_len
= sign(iec
, kv
->hf
, hash
, kv
->priv
, sig2
);
5653 if (sig2_len
== 0) {
5654 fprintf(stderr
, "ECDSA KAT sign failed\n");
5657 if (sig2_len
!= sig_len
|| memcmp(sig
, sig2
, sig_len
) != 0) {
5658 fprintf(stderr
, "ECDSA KAT wrong signature value\n");
5668 test_ECDSA_i31(void)
5670 printf("Test ECDSA/i31: ");
5674 test_ECDSA_KAT(&br_ec_prime_i31
,
5675 &br_ecdsa_i31_sign_raw
, &br_ecdsa_i31_vrfy_raw
, 0);
5678 test_ECDSA_KAT(&br_ec_prime_i31
,
5679 &br_ecdsa_i31_sign_asn1
, &br_ecdsa_i31_vrfy_asn1
, 1);
5685 test_ECDSA_i15(void)
5687 printf("Test ECDSA/i15: ");
5691 test_ECDSA_KAT(&br_ec_prime_i15
,
5692 &br_ecdsa_i15_sign_raw
, &br_ecdsa_i15_vrfy_raw
, 0);
5695 test_ECDSA_KAT(&br_ec_prime_i31
,
5696 &br_ecdsa_i15_sign_asn1
, &br_ecdsa_i15_vrfy_asn1
, 1);
5702 test_modpow_i31(void)
5704 br_hmac_drbg_context hc
;
5707 printf("Test ModPow/i31: ");
5709 br_hmac_drbg_init(&hc
, &br_sha256_vtable
, "seed modpow", 11);
5710 for (k
= 10; k
<= 500; k
++) {
5712 unsigned char bm
[128], bx
[128], bx1
[128], bx2
[128];
5713 unsigned char be
[128];
5715 uint32_t x1
[35], m1
[35];
5716 uint16_t x2
[70], m2
[70];
5717 uint32_t tmp1
[1000];
5718 uint16_t tmp2
[2000];
5720 blen
= (k
+ 7) >> 3;
5721 br_hmac_drbg_generate(&hc
, bm
, blen
);
5722 br_hmac_drbg_generate(&hc
, bx
, blen
);
5723 br_hmac_drbg_generate(&hc
, be
, blen
);
5724 bm
[blen
- 1] |= 0x01;
5725 mask
= 0xFF >> ((int)(blen
<< 3) - k
);
5727 bm
[0] |= (mask
- (mask
>> 1));
5728 bx
[0] &= (mask
>> 1);
5730 br_i31_decode(m1
, bm
, blen
);
5731 br_i31_decode_mod(x1
, bx
, blen
, m1
);
5732 br_i31_modpow_opt(x1
, be
, blen
, m1
, br_i31_ninv31(m1
[1]),
5733 tmp1
, (sizeof tmp1
) / (sizeof tmp1
[0]));
5734 br_i31_encode(bx1
, blen
, x1
);
5736 br_i15_decode(m2
, bm
, blen
);
5737 br_i15_decode_mod(x2
, bx
, blen
, m2
);
5738 br_i15_modpow_opt(x2
, be
, blen
, m2
, br_i15_ninv15(m2
[1]),
5739 tmp2
, (sizeof tmp2
) / (sizeof tmp2
[0]));
5740 br_i15_encode(bx2
, blen
, x2
);
5742 check_equals("ModPow i31/i15", bx1
, bx2
, blen
);
5753 test_modpow_i62(void)
5755 br_hmac_drbg_context hc
;
5758 printf("Test ModPow/i62: ");
5760 br_hmac_drbg_init(&hc
, &br_sha256_vtable
, "seed modpow", 11);
5761 for (k
= 10; k
<= 500; k
++) {
5763 unsigned char bm
[128], bx
[128], bx1
[128], bx2
[128];
5764 unsigned char be
[128];
5766 uint32_t x1
[35], m1
[35];
5767 uint16_t x2
[70], m2
[70];
5769 uint16_t tmp2
[2000];
5771 blen
= (k
+ 7) >> 3;
5772 br_hmac_drbg_generate(&hc
, bm
, blen
);
5773 br_hmac_drbg_generate(&hc
, bx
, blen
);
5774 br_hmac_drbg_generate(&hc
, be
, blen
);
5775 bm
[blen
- 1] |= 0x01;
5776 mask
= 0xFF >> ((int)(blen
<< 3) - k
);
5778 bm
[0] |= (mask
- (mask
>> 1));
5779 bx
[0] &= (mask
>> 1);
5781 br_i31_decode(m1
, bm
, blen
);
5782 br_i31_decode_mod(x1
, bx
, blen
, m1
);
5783 br_i62_modpow_opt(x1
, be
, blen
, m1
, br_i31_ninv31(m1
[1]),
5784 tmp1
, (sizeof tmp1
) / (sizeof tmp1
[0]));
5785 br_i31_encode(bx1
, blen
, x1
);
5787 br_i15_decode(m2
, bm
, blen
);
5788 br_i15_decode_mod(x2
, bx
, blen
, m2
);
5789 br_i15_modpow_opt(x2
, be
, blen
, m2
, br_i15_ninv15(m2
[1]),
5790 tmp2
, (sizeof tmp2
) / (sizeof tmp2
[0]));
5791 br_i15_encode(bx2
, blen
, x2
);
5793 check_equals("ModPow i62/i15", bx1
, bx2
, blen
);
5804 eq_name(const char *s1
, const char *s2
)
5811 if (c1
>= 'A' && c1
<= 'Z') {
5815 case '-': case '_': case '.': case ' ':
5823 if (c2
>= 'A' && c2
<= 'Z') {
5827 case '-': case '_': case '.': case ' ':
5842 #define STU(x) { &test_ ## x, #x }
5844 static const struct {
5868 STU(Poly1305_ctmul
),
5869 STU(Poly1305_ctmul32
),
5870 STU(Poly1305_ctmulq
),
5897 main(int argc
, char *argv
[])
5902 printf("usage: testcrypto all | name...\n");
5903 printf("individual test names:\n");
5904 for (u
= 0; tfns
[u
].name
; u
++) {
5905 printf(" %s\n", tfns
[u
].name
);
5908 for (u
= 0; tfns
[u
].name
; u
++) {
5911 for (i
= 1; i
< argc
; i
++) {
5912 if (eq_name(argv
[i
], tfns
[u
].name
)
5913 || eq_name(argv
[i
], "all"))