VirtualBox

source: vbox/trunk/src/libs/openssl-3.4.1/test/modes_internal_test.c

Last change on this file was 109052, checked in by vboxsync, 4 weeks ago

openssl-3.4.1: Applied our changes, regenerated files, added missing files and functions. This time with a three way merge. ​bugref:10890
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 29.2 KB
Line 
1/*
2 * Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/* Internal tests for the modes module */
11
12/*
13 * This file uses the low level AES functions (which are deprecated for
14 * non-internal use) in order to test the modes code
15 */
16#include "internal/deprecated.h"
17
18#include <stdio.h>
19#include <string.h>
20
21#include <openssl/aes.h>
22#include <openssl/modes.h>
23#include "testutil.h"
24#include "crypto/modes.h"
25#include "internal/nelem.h"
26
27typedef struct {
28 size_t size;
29 const unsigned char *data;
30} SIZED_DATA;
31
32/**********************************************************************
33 *
34 * Test of cts128
35 *
36 ***/
37
38/* cts128 test vectors from RFC 3962 */
39static const unsigned char cts128_test_key[16] = "chicken teriyaki";
40static const unsigned char cts128_test_input[64] =
41 "I would like the" " General Gau's C"
42 "hicken, please, " "and wonton soup.";
43static const unsigned char cts128_test_iv[] = {
44 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
45};
46
47static const unsigned char vector_17[17] = {
48 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
49 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
50 0x97
51};
52
53static const unsigned char vector_31[31] = {
54 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
55 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
56 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
57 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
58};
59
60static const unsigned char vector_32[32] = {
61 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
62 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
63 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
64 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
65};
66
67static const unsigned char vector_47[47] = {
68 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
69 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
70 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
71 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
72 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
73 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
74};
75
76static const unsigned char vector_48[48] = {
77 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
78 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
79 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
80 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
81 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
82 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
83};
84
85static const unsigned char vector_64[64] = {
86 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
87 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
88 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
89 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
90 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
91 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
92 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
93 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
94};
95
96#define CTS128_TEST_VECTOR(len) \
97 { \
98 sizeof(vector_##len), vector_##len \
99 }
100static const SIZED_DATA aes_cts128_vectors[] = {
101 CTS128_TEST_VECTOR(17),
102 CTS128_TEST_VECTOR(31),
103 CTS128_TEST_VECTOR(32),
104 CTS128_TEST_VECTOR(47),
105 CTS128_TEST_VECTOR(48),
106 CTS128_TEST_VECTOR(64),
107};
108
109static AES_KEY *cts128_encrypt_key_schedule(void)
110{
111 static int init_key = 1;
112 static AES_KEY ks;
113
114 if (init_key) {
115 AES_set_encrypt_key(cts128_test_key, 128, &ks);
116 init_key = 0;
117 }
118 return &ks;
119}
120
121static AES_KEY *cts128_decrypt_key_schedule(void)
122{
123 static int init_key = 1;
124 static AES_KEY ks;
125
126 if (init_key) {
127 AES_set_decrypt_key(cts128_test_key, 128, &ks);
128 init_key = 0;
129 }
130 return &ks;
131}
132
133typedef struct {
134 const char *case_name;
135 size_t (*last_blocks_correction)(const unsigned char *in,
136 unsigned char *out, size_t len);
137 size_t (*encrypt_block)(const unsigned char *in,
138 unsigned char *out, size_t len,
139 const void *key, unsigned char ivec[16],
140 block128_f block);
141 size_t (*encrypt_stream)(const unsigned char *in, unsigned char *out,
142 size_t len, const void *key,
143 unsigned char ivec[16], cbc128_f cbc);
144 size_t (*decrypt_block)(const unsigned char *in,
145 unsigned char *out, size_t len,
146 const void *key, unsigned char ivec[16],
147 block128_f block);
148 size_t (*decrypt_stream)(const unsigned char *in, unsigned char *out,
149 size_t len, const void *key,
150 unsigned char ivec[16], cbc128_f cbc);
151} CTS128_FIXTURE;
152
153static size_t last_blocks_correction(const unsigned char *in,
154 unsigned char *out, size_t len)
155{
156 size_t tail;
157
158 memcpy(out, in, len);
159 if ((tail = len % 16) == 0)
160 tail = 16;
161 tail += 16;
162
163 return tail;
164}
165
166static size_t last_blocks_correction_nist(const unsigned char *in,
167 unsigned char *out, size_t len)
168{
169 size_t tail;
170
171 if ((tail = len % 16) == 0)
172 tail = 16;
173 len -= 16 + tail;
174 memcpy(out, in, len);
175 /* flip two last blocks */
176 memcpy(out + len, in + len + 16, tail);
177 memcpy(out + len + tail, in + len, 16);
178 len += 16 + tail;
179 tail = 16;
180
181 return tail;
182}
183
184static int execute_cts128(const CTS128_FIXTURE *fixture, int num)
185{
186 const unsigned char *test_iv = cts128_test_iv;
187 size_t test_iv_len = sizeof(cts128_test_iv);
188 const unsigned char *orig_vector = aes_cts128_vectors[num].data;
189 size_t len = aes_cts128_vectors[num].size;
190 const unsigned char *test_input = cts128_test_input;
191 const AES_KEY *encrypt_key_schedule = cts128_encrypt_key_schedule();
192 const AES_KEY *decrypt_key_schedule = cts128_decrypt_key_schedule();
193 unsigned char iv[16];
194 /* The largest test inputs are = 64 bytes. */
195 unsigned char cleartext[64], ciphertext[64], vector[64];
196 size_t tail, size;
197
198 TEST_info("%s_vector_%lu", fixture->case_name, (unsigned long)len);
199
200 tail = fixture->last_blocks_correction(orig_vector, vector, len);
201
202 /* test block-based encryption */
203 memcpy(iv, test_iv, test_iv_len);
204 if (!TEST_size_t_eq(fixture->encrypt_block(test_input, ciphertext, len,
205 encrypt_key_schedule, iv,
206 (block128_f)AES_encrypt), len)
207 || !TEST_mem_eq(ciphertext, len, vector, len)
208 || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
209 return 0;
210
211 /* test block-based decryption */
212 memcpy(iv, test_iv, test_iv_len);
213 size = fixture->decrypt_block(ciphertext, cleartext, len,
214 decrypt_key_schedule, iv,
215 (block128_f)AES_decrypt);
216 if (!TEST_true(len == size || len + 16 == size)
217 || !TEST_mem_eq(cleartext, len, test_input, len)
218 || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
219 return 0;
220
221 /* test streamed encryption */
222 memcpy(iv, test_iv, test_iv_len);
223 if (!TEST_size_t_eq(fixture->encrypt_stream(test_input, ciphertext, len,
224 encrypt_key_schedule, iv,
225 (cbc128_f) AES_cbc_encrypt),
226 len)
227 || !TEST_mem_eq(ciphertext, len, vector, len)
228 || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
229 return 0;
230
231 /* test streamed decryption */
232 memcpy(iv, test_iv, test_iv_len);
233 if (!TEST_size_t_eq(fixture->decrypt_stream(ciphertext, cleartext, len,
234 decrypt_key_schedule, iv,
235 (cbc128_f)AES_cbc_encrypt),
236 len)
237 || !TEST_mem_eq(cleartext, len, test_input, len)
238 || !TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
239 return 0;
240
241 return 1;
242}
243
244static int test_aes_cts128(int idx)
245{
246 static const CTS128_FIXTURE fixture_cts128 = {
247 "aes_cts128", last_blocks_correction,
248 CRYPTO_cts128_encrypt_block, CRYPTO_cts128_encrypt,
249 CRYPTO_cts128_decrypt_block, CRYPTO_cts128_decrypt
250 };
251
252 return execute_cts128(&fixture_cts128, idx);
253}
254
255static int test_aes_cts128_nist(int idx)
256{
257 static const CTS128_FIXTURE fixture_cts128_nist = {
258 "aes_cts128_nist", last_blocks_correction_nist,
259 CRYPTO_nistcts128_encrypt_block, CRYPTO_nistcts128_encrypt,
260 CRYPTO_nistcts128_decrypt_block, CRYPTO_nistcts128_decrypt
261 };
262
263 return execute_cts128(&fixture_cts128_nist, idx);
264}
265
266/*
267 *
268 * Test of gcm128
269 *
270 */
271
272/* Test Case 1 */
273static const u8 K1[16], P1[] = { 0 }, A1[] = { 0 }, IV1[12], C1[] = { 0 };
274static const u8 T1[] = {
275 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
276 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
277};
278
279/* Test Case 2 */
280# define K2 K1
281# define A2 A1
282# define IV2 IV1
283static const u8 P2[16];
284static const u8 C2[] = {
285 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
286 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
287};
288
289static const u8 T2[] = {
290 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
291 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
292};
293
294/* Test Case 3 */
295# define A3 A2
296static const u8 K3[] = {
297 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
298 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
299};
300
301static const u8 P3[] = {
302 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
303 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
304 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
305 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
306 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
307 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
308 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
309 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
310};
311
312static const u8 IV3[] = {
313 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
314 0xde, 0xca, 0xf8, 0x88
315};
316
317static const u8 C3[] = {
318 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
319 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
320 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
321 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
322 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
323 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
324 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
325 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
326};
327
328static const u8 T3[] = {
329 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
330 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
331};
332
333/* Test Case 4 */
334# define K4 K3
335# define IV4 IV3
336static const u8 P4[] = {
337 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
338 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
339 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
340 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
341 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
342 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
343 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
344 0xba, 0x63, 0x7b, 0x39
345};
346
347static const u8 A4[] = {
348 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
349 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
350 0xab, 0xad, 0xda, 0xd2
351};
352
353static const u8 C4[] = {
354 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
355 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
356 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
357 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
358 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
359 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
360 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
361 0x3d, 0x58, 0xe0, 0x91
362};
363
364static const u8 T4[] = {
365 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
366 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
367};
368
369/* Test Case 5 */
370# define K5 K4
371# define P5 P4
372# define A5 A4
373static const u8 IV5[] = {
374 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
375};
376
377static const u8 C5[] = {
378 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
379 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
380 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
381 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
382 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
383 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
384 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
385 0xc2, 0x3f, 0x45, 0x98
386};
387
388static const u8 T5[] = {
389 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
390 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb
391};
392
393/* Test Case 6 */
394# define K6 K5
395# define P6 P5
396# define A6 A5
397static const u8 IV6[] = {
398 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
399 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
400 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
401 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
402 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
403 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
404 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
405 0xa6, 0x37, 0xb3, 0x9b
406};
407
408static const u8 C6[] = {
409 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
410 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
411 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
412 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
413 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
414 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
415 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
416 0x4c, 0x34, 0xae, 0xe5
417};
418
419static const u8 T6[] = {
420 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
421 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50
422};
423
424/* Test Case 7 */
425static const u8 K7[24], P7[] = { 0 }, A7[] = { 0 }, IV7[12], C7[] = { 0 };
426static const u8 T7[] = {
427 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
428 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35
429};
430
431/* Test Case 8 */
432# define K8 K7
433# define IV8 IV7
434# define A8 A7
435static const u8 P8[16];
436static const u8 C8[] = {
437 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
438 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00
439};
440
441static const u8 T8[] = {
442 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
443 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb
444};
445
446/* Test Case 9 */
447# define A9 A8
448static const u8 K9[] = {
449 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
450 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
451 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
452};
453
454static const u8 P9[] = {
455 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
456 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
457 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
458 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
459 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
460 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
461 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
462 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
463};
464
465static const u8 IV9[] = {
466 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
467 0xde, 0xca, 0xf8, 0x88
468};
469
470static const u8 C9[] = {
471 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
472 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
473 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
474 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
475 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
476 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
477 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
478 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56
479};
480
481static const u8 T9[] = {
482 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
483 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14
484};
485
486/* Test Case 10 */
487# define K10 K9
488# define IV10 IV9
489static const u8 P10[] = {
490 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
491 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
492 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
493 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
494 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
495 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
496 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
497 0xba, 0x63, 0x7b, 0x39
498};
499
500static const u8 A10[] = {
501 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
502 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
503 0xab, 0xad, 0xda, 0xd2
504};
505
506static const u8 C10[] = {
507 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
508 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
509 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
510 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
511 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
512 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
513 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
514 0xcc, 0xda, 0x27, 0x10
515};
516
517static const u8 T10[] = {
518 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
519 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c
520};
521
522/* Test Case 11 */
523# define K11 K10
524# define P11 P10
525# define A11 A10
526static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
527
528static const u8 C11[] = {
529 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
530 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
531 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
532 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
533 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
534 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
535 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
536 0xa0, 0xf0, 0x62, 0xf7
537};
538
539static const u8 T11[] = {
540 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
541 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8
542};
543
544/* Test Case 12 */
545# define K12 K11
546# define P12 P11
547# define A12 A11
548static const u8 IV12[] = {
549 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
550 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
551 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
552 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
553 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
554 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
555 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
556 0xa6, 0x37, 0xb3, 0x9b
557};
558
559static const u8 C12[] = {
560 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
561 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
562 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
563 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
564 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
565 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
566 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
567 0xe9, 0xb7, 0x37, 0x3b
568};
569
570static const u8 T12[] = {
571 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
572 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9
573};
574
575/* Test Case 13 */
576static const u8 K13[32], P13[] = { 0 }, A13[] = { 0 }, IV13[12], C13[] = { 0 };
577static const u8 T13[] = {
578 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
579 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b
580};
581
582/* Test Case 14 */
583# define K14 K13
584# define A14 A13
585static const u8 P14[16], IV14[12];
586static const u8 C14[] = {
587 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
588 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
589};
590
591static const u8 T14[] = {
592 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
593 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
594};
595
596/* Test Case 15 */
597# define A15 A14
598static const u8 K15[] = {
599 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
600 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
601 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
602 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
603};
604
605static const u8 P15[] = {
606 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
607 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
608 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
609 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
610 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
611 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
612 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
613 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
614};
615
616static const u8 IV15[] = {
617 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
618 0xde, 0xca, 0xf8, 0x88
619};
620
621static const u8 C15[] = {
622 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
623 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
624 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
625 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
626 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
627 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
628 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
629 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
630};
631
632static const u8 T15[] = {
633 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
634 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
635};
636
637/* Test Case 16 */
638# define K16 K15
639# define IV16 IV15
640static const u8 P16[] = {
641 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
642 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
643 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
644 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
645 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
646 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
647 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
648 0xba, 0x63, 0x7b, 0x39
649};
650
651static const u8 A16[] = {
652 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
653 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
654 0xab, 0xad, 0xda, 0xd2
655};
656
657static const u8 C16[] = {
658 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
659 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
660 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
661 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
662 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
663 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
664 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
665 0xbc, 0xc9, 0xf6, 0x62
666};
667
668static const u8 T16[] = {
669 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
670 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
671};
672
673/* Test Case 17 */
674# define K17 K16
675# define P17 P16
676# define A17 A16
677static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
678
679static const u8 C17[] = {
680 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
681 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
682 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
683 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
684 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
685 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
686 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
687 0xf4, 0x7c, 0x9b, 0x1f
688};
689
690static const u8 T17[] = {
691 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
692 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2
693};
694
695/* Test Case 18 */
696# define K18 K17
697# define P18 P17
698# define A18 A17
699static const u8 IV18[] = {
700 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
701 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
702 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
703 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
704 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
705 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
706 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
707 0xa6, 0x37, 0xb3, 0x9b
708};
709
710static const u8 C18[] = {
711 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
712 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
713 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
714 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
715 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
716 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
717 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
718 0x44, 0xae, 0x7e, 0x3f
719};
720
721static const u8 T18[] = {
722 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
723 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a
724};
725
726/* Test Case 19 */
727# define K19 K1
728# define P19 P1
729# define IV19 IV1
730# define C19 C1
731static const u8 A19[] = {
732 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
733 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
734 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
735 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
736 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
737 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
738 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
739 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55,
740 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
741 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
742 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
743 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
744 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
745 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
746 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
747 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
748};
749
750static const u8 T19[] = {
751 0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d,
752 0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92
753};
754
755/* Test Case 20 */
756# define K20 K1
757# define A20 A1
758/* this results in 0xff in counter LSB */
759static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff };
760
761static const u8 P20[288];
762static const u8 C20[] = {
763 0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a,
764 0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14,
765 0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce,
766 0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f,
767 0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70,
768 0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18,
769 0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf,
770 0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49,
771 0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab,
772 0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c,
773 0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c,
774 0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29,
775 0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1,
776 0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76,
777 0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2,
778 0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce,
779 0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f,
780 0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86,
781 0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb,
782 0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18,
783 0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65,
784 0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42,
785 0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b,
786 0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06,
787 0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24,
788 0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c,
789 0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4,
790 0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64,
791 0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03,
792 0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6,
793 0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90,
794 0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74,
795 0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67,
796 0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46,
797 0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78,
798 0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c
799};
800
801static const u8 T20[] = {
802 0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a,
803 0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f
804};
805
806#define GCM128_TEST_VECTOR(n) \
807 { \
808 {sizeof(K##n), K##n}, \
809 {sizeof(IV##n), IV##n}, \
810 {sizeof(A##n), A##n}, \
811 {sizeof(P##n), P##n}, \
812 {sizeof(C##n), C##n}, \
813 {sizeof(T##n), T##n} \
814 }
815static struct gcm128_data {
816 const SIZED_DATA K;
817 const SIZED_DATA IV;
818 const SIZED_DATA A;
819 const SIZED_DATA P;
820 const SIZED_DATA C;
821 const SIZED_DATA T;
822} gcm128_vectors[] = {
823 GCM128_TEST_VECTOR(1),
824 GCM128_TEST_VECTOR(2),
825 GCM128_TEST_VECTOR(3),
826 GCM128_TEST_VECTOR(4),
827 GCM128_TEST_VECTOR(5),
828 GCM128_TEST_VECTOR(6),
829 GCM128_TEST_VECTOR(7),
830 GCM128_TEST_VECTOR(8),
831 GCM128_TEST_VECTOR(9),
832 GCM128_TEST_VECTOR(10),
833 GCM128_TEST_VECTOR(11),
834 GCM128_TEST_VECTOR(12),
835 GCM128_TEST_VECTOR(13),
836 GCM128_TEST_VECTOR(14),
837 GCM128_TEST_VECTOR(15),
838 GCM128_TEST_VECTOR(16),
839 GCM128_TEST_VECTOR(17),
840 GCM128_TEST_VECTOR(18),
841 GCM128_TEST_VECTOR(19),
842 GCM128_TEST_VECTOR(20)
843};
844
845static int test_gcm128(int idx)
846{
847 unsigned char out[512];
848 SIZED_DATA K = gcm128_vectors[idx].K;
849 SIZED_DATA IV = gcm128_vectors[idx].IV;
850 SIZED_DATA A = gcm128_vectors[idx].A;
851 SIZED_DATA P = gcm128_vectors[idx].P;
852 SIZED_DATA C = gcm128_vectors[idx].C;
853 SIZED_DATA T = gcm128_vectors[idx].T;
854 GCM128_CONTEXT ctx;
855 AES_KEY key;
856
857 /* Size 1 inputs are special-cased to signal NULL. */
858 if (A.size == 1)
859 A.data = NULL;
860 if (P.size == 1)
861 P.data = NULL;
862 if (C.size == 1)
863 C.data = NULL;
864
865 AES_set_encrypt_key(K.data, K.size * 8, &key);
866
867 CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt);
868 CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size);
869 memset(out, 0, P.size);
870 if (A.data != NULL)
871 CRYPTO_gcm128_aad(&ctx, A.data, A.size);
872 if (P.data != NULL)
873 if (!TEST_int_ge(CRYPTO_gcm128_encrypt(&ctx, P.data, out, P.size), 0))
874 return 0;
875 if (!TEST_false(CRYPTO_gcm128_finish(&ctx, T.data, 16))
876 || (C.data != NULL
877 && !TEST_mem_eq(out, P.size, C.data, P.size)))
878 return 0;
879
880 CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size);
881 memset(out, 0, P.size);
882 if (A.data != NULL)
883 CRYPTO_gcm128_aad(&ctx, A.data, A.size);
884 if (C.data != NULL)
885 CRYPTO_gcm128_decrypt(&ctx, C.data, out, P.size);
886 if (!TEST_false(CRYPTO_gcm128_finish(&ctx, T.data, 16))
887 || (P.data != NULL
888 && !TEST_mem_eq(out, P.size, P.data, P.size)))
889 return 0;
890
891 return 1;
892}
893
894int setup_tests(void)
895{
896 ADD_ALL_TESTS(test_aes_cts128, OSSL_NELEM(aes_cts128_vectors));
897 ADD_ALL_TESTS(test_aes_cts128_nist, OSSL_NELEM(aes_cts128_vectors));
898 ADD_ALL_TESTS(test_gcm128, OSSL_NELEM(gcm128_vectors));
899 return 1;
900}
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette