2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Internal tests for the modes module */
15 #include <openssl/aes.h>
16 #include <openssl/modes.h>
17 #include "../crypto/modes/modes_lcl.h"
19 #include "test_main_custom.h"
24 const unsigned char *data;
27 /**********************************************************************
33 /* cts128 test vectors from RFC 3962 */
34 static const unsigned char cts128_test_key[16] = "chicken teriyaki";
35 static const unsigned char cts128_test_input[64] =
36 "I would like the" " General Gau's C"
37 "hicken, please, " "and wonton soup.";
38 static const unsigned char cts128_test_iv[] =
39 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
41 static const unsigned char vector_17[17] = {
42 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
43 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
47 static const unsigned char vector_31[31] = {
48 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
49 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
50 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
51 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
54 static const unsigned char vector_32[32] = {
55 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
56 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
57 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
58 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
61 static const unsigned char vector_47[47] = {
62 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
63 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
64 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
65 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
66 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
67 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
70 static const unsigned char vector_48[48] = {
71 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
72 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
73 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
74 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
75 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
76 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
79 static const unsigned char vector_64[64] = {
80 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
81 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
82 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
83 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
84 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
85 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
86 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
87 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
90 #define CTS128_TEST_VECTOR(len) \
92 sizeof(vector_##len), vector_##len \
94 static const SIZED_DATA cts128_vectors[] = {
95 CTS128_TEST_VECTOR(17),
96 CTS128_TEST_VECTOR(31),
97 CTS128_TEST_VECTOR(32),
98 CTS128_TEST_VECTOR(47),
99 CTS128_TEST_VECTOR(48),
100 CTS128_TEST_VECTOR(64),
103 static AES_KEY *cts128_encrypt_key_schedule()
105 static int init_key = 1;
109 AES_set_encrypt_key(cts128_test_key, 128, &ks);
115 static AES_KEY *cts128_decrypt_key_schedule()
117 static int init_key = 1;
121 AES_set_decrypt_key(cts128_test_key, 128, &ks);
128 const char *case_name;
130 size_t (*transform_output)(const unsigned char *in, unsigned char *out,
132 size_t (*encrypt_block)(const unsigned char *in,
133 unsigned char *out, size_t len,
134 const void *key, unsigned char ivec[16],
136 size_t (*encrypt)(const unsigned char *in, unsigned char *out,
137 size_t len, const void *key,
138 unsigned char ivec[16], cbc128_f cbc);
139 size_t (*decrypt_block)(const unsigned char *in,
140 unsigned char *out, size_t len,
141 const void *key, unsigned char ivec[16],
143 size_t (*decrypt)(const unsigned char *in, unsigned char *out,
144 size_t len, const void *key,
145 unsigned char ivec[16], cbc128_f cbc);
149 static CTS128_FIXTURE setup_cts128(const char *const test_case_name)
151 CTS128_FIXTURE fixture;
152 fixture.case_name = test_case_name;
156 static size_t transform_output(const unsigned char *in, unsigned char *out,
161 memcpy(out, in, len);
162 if ((tail = len % 16) == 0)
169 static size_t transform_output_nist(const unsigned char *in, unsigned char *out,
174 if ((tail = len % 16) == 0)
177 memcpy(out, in, len);
178 /* flip two last blocks */
179 memcpy(out + len, in + len + 16, tail);
180 memcpy(out + len + tail, in + len, 16);
187 static int execute_cts128(CTS128_FIXTURE fixture)
189 const unsigned char *test_iv = cts128_test_iv;
190 size_t test_iv_len = sizeof(cts128_test_iv);
191 const unsigned char *orig_vector = cts128_vectors[fixture.num].data;
192 size_t len = cts128_vectors[fixture.num].size;
193 const unsigned char *test_input = cts128_test_input;
194 const AES_KEY *encrypt_key_schedule = cts128_encrypt_key_schedule();
195 const AES_KEY *decrypt_key_schedule = cts128_decrypt_key_schedule();
196 unsigned char iv[16];
197 /* The largest test inputs are = 64 bytes. */
198 unsigned char cleartext[64], ciphertext[64], vector[64];
201 TEST_info("%s_vector_%lu", fixture.case_name, (unsigned long)len);
203 tail = fixture.transform_output(orig_vector, vector, len);
205 /* test block-based encryption */
206 memcpy(iv, test_iv, test_iv_len);
207 fixture.encrypt_block(test_input, ciphertext, len,
208 encrypt_key_schedule, iv,
209 (block128_f)AES_encrypt);
210 if (!TEST_mem_eq(ciphertext, len, vector, len))
213 if (!TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
216 /* test block-based decryption */
217 memcpy(iv, test_iv, test_iv_len);
218 fixture.decrypt_block(ciphertext, cleartext, len,
219 decrypt_key_schedule, iv,
220 (block128_f)AES_decrypt);
221 if (!TEST_mem_eq(cleartext, len, test_input, len))
223 if (!TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
226 /* test streamed encryption */
227 memcpy(iv, test_iv, test_iv_len);
228 fixture.encrypt(test_input, ciphertext, len, encrypt_key_schedule,
229 iv, (cbc128_f) AES_cbc_encrypt);
230 if (!TEST_mem_eq(ciphertext, len, vector, len))
232 if (!TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
235 /* test streamed decryption */
236 memcpy(iv, test_iv, test_iv_len);
237 fixture.decrypt(ciphertext, cleartext, len, decrypt_key_schedule, iv,
238 (cbc128_f)AES_cbc_encrypt);
239 if (!TEST_mem_eq(cleartext, len, test_input, len))
241 if (!TEST_mem_eq(iv, sizeof(iv), vector + len - tail, sizeof(iv)))
247 static int test_cts128(int idx)
249 SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
250 fixture.transform_output = transform_output;
251 fixture.encrypt_block = CRYPTO_cts128_encrypt_block;
252 fixture.encrypt = CRYPTO_cts128_encrypt;
253 fixture.decrypt_block = CRYPTO_cts128_decrypt_block;
254 fixture.decrypt = CRYPTO_cts128_decrypt;
255 fixture.case_name = "cts128";
257 EXECUTE_TEST_NO_TEARDOWN(execute_cts128);
260 static int test_cts128_nist(int idx)
262 SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
263 fixture.transform_output = transform_output_nist;
264 fixture.encrypt_block = CRYPTO_nistcts128_encrypt_block;
265 fixture.encrypt = CRYPTO_nistcts128_encrypt;
266 fixture.decrypt_block = CRYPTO_nistcts128_decrypt_block;
267 fixture.decrypt = CRYPTO_nistcts128_decrypt;
268 fixture.case_name = "cts128_nist";
270 EXECUTE_TEST_NO_TEARDOWN(execute_cts128);
280 static const u8 K1[16], P1[] = { 0 }, A1[] = { 0 }, IV1[12], C1[] = { 0 };
281 static const u8 T1[] = {
282 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
283 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
290 static const u8 P2[16];
291 static const u8 C2[] = {
292 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
293 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
296 static const u8 T2[] = {
297 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
298 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
303 static const u8 K3[] = {
304 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
305 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
308 static const u8 P3[] = {
309 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
310 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
311 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
312 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
313 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
314 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
315 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
316 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
319 static const u8 IV3[] = {
320 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
321 0xde, 0xca, 0xf8, 0x88
324 static const u8 C3[] = {
325 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
326 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
327 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
328 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
329 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
330 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
331 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
332 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
335 static const u8 T3[] = {
336 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
337 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
343 static const u8 P4[] = {
344 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
345 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
346 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
347 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
348 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
349 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
350 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
351 0xba, 0x63, 0x7b, 0x39
354 static const u8 A4[] = {
355 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
356 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
357 0xab, 0xad, 0xda, 0xd2
360 static const u8 C4[] = {
361 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
362 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
363 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
364 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
365 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
366 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
367 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
368 0x3d, 0x58, 0xe0, 0x91
371 static const u8 T4[] = {
372 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
373 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
380 static const u8 IV5[] = {
381 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
384 static const u8 C5[] = {
385 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
386 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
387 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
388 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
389 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
390 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
391 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
392 0xc2, 0x3f, 0x45, 0x98
395 static const u8 T5[] = {
396 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
397 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb
404 static const u8 IV6[] = {
405 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
406 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
407 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
408 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
409 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
410 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
411 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
412 0xa6, 0x37, 0xb3, 0x9b
415 static const u8 C6[] = {
416 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
417 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
418 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
419 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
420 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
421 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
422 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
423 0x4c, 0x34, 0xae, 0xe5
426 static const u8 T6[] = {
427 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
428 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50
432 static const u8 K7[24], P7[] = { 0 }, A7[] = { 0 }, IV7[12], C7[] = { 0 };
433 static const u8 T7[] = {
434 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
435 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35
442 static const u8 P8[16];
443 static const u8 C8[] = {
444 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
445 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00
448 static const u8 T8[] = {
449 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
450 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb
455 static const u8 K9[] = {
456 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
457 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
458 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
461 static const u8 P9[] = {
462 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
463 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
464 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
465 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
466 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
467 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
468 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
469 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
472 static const u8 IV9[] = {
473 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
474 0xde, 0xca, 0xf8, 0x88
477 static const u8 C9[] = {
478 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
479 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
480 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
481 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
482 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
483 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
484 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
485 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56
488 static const u8 T9[] = {
489 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
490 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14
496 static const u8 P10[] = {
497 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
498 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
499 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
500 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
501 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
502 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
503 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
504 0xba, 0x63, 0x7b, 0x39
507 static const u8 A10[] = {
508 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
509 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
510 0xab, 0xad, 0xda, 0xd2
513 static const u8 C10[] = {
514 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
515 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
516 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
517 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
518 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
519 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
520 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
521 0xcc, 0xda, 0x27, 0x10
524 static const u8 T10[] = {
525 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
526 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c
533 static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
535 static const u8 C11[] = {
536 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
537 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
538 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
539 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
540 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
541 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
542 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
543 0xa0, 0xf0, 0x62, 0xf7
546 static const u8 T11[] = {
547 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
548 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8
555 static const u8 IV12[] = {
556 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
557 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
558 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
559 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
560 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
561 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
562 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
563 0xa6, 0x37, 0xb3, 0x9b
566 static const u8 C12[] = {
567 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
568 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
569 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
570 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
571 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
572 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
573 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
574 0xe9, 0xb7, 0x37, 0x3b
577 static const u8 T12[] = {
578 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
579 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9
583 static const u8 K13[32], P13[] = { 0 }, A13[] = { 0 }, IV13[12], C13[] = { 0 };
584 static const u8 T13[] = {
585 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
586 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b
592 static const u8 P14[16], IV14[12];
593 static const u8 C14[] = {
594 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
595 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
598 static const u8 T14[] = {
599 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
600 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
605 static const u8 K15[] = {
606 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
607 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
608 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
609 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
612 static const u8 P15[] = {
613 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
614 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
615 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
616 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
617 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
618 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
619 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
620 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
623 static const u8 IV15[] = {
624 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
625 0xde, 0xca, 0xf8, 0x88
628 static const u8 C15[] = {
629 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
630 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
631 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
632 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
633 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
634 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
635 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
636 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
639 static const u8 T15[] = {
640 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
641 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
647 static const u8 P16[] = {
648 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
649 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
650 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
651 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
652 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
653 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
654 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
655 0xba, 0x63, 0x7b, 0x39
658 static const u8 A16[] = {
659 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
660 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
661 0xab, 0xad, 0xda, 0xd2
664 static const u8 C16[] = {
665 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
666 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
667 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
668 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
669 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
670 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
671 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
672 0xbc, 0xc9, 0xf6, 0x62
675 static const u8 T16[] = {
676 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
677 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
684 static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
686 static const u8 C17[] = {
687 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
688 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
689 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
690 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
691 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
692 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
693 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
694 0xf4, 0x7c, 0x9b, 0x1f
697 static const u8 T17[] = {
698 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
699 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2
706 static const u8 IV18[] = {
707 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
708 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
709 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
710 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
711 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
712 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
713 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
714 0xa6, 0x37, 0xb3, 0x9b
717 static const u8 C18[] = {
718 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
719 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
720 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
721 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
722 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
723 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
724 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
725 0x44, 0xae, 0x7e, 0x3f
728 static const u8 T18[] = {
729 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
730 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a
738 static const u8 A19[] = {
739 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
740 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
741 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
742 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
743 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
744 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
745 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
746 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55,
747 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
748 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
749 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
750 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
751 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
752 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
753 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
754 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
757 static const u8 T19[] = {
758 0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d,
759 0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92
765 /* this results in 0xff in counter LSB */
766 static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff };
768 static const u8 P20[288];
769 static const u8 C20[] = {
770 0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a,
771 0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14,
772 0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce,
773 0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f,
774 0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70,
775 0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18,
776 0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf,
777 0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49,
778 0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab,
779 0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c,
780 0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c,
781 0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29,
782 0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1,
783 0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76,
784 0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2,
785 0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce,
786 0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f,
787 0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86,
788 0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb,
789 0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18,
790 0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65,
791 0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42,
792 0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b,
793 0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06,
794 0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24,
795 0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c,
796 0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4,
797 0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64,
798 0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03,
799 0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6,
800 0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90,
801 0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74,
802 0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67,
803 0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46,
804 0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78,
805 0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c
808 static const u8 T20[] = {
809 0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a,
810 0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f
813 #define GCM128_TEST_VECTOR(n) \
815 {sizeof(K##n), K##n}, \
816 {sizeof(IV##n), IV##n}, \
817 {sizeof(A##n), A##n}, \
818 {sizeof(P##n), P##n}, \
819 {sizeof(C##n), C##n}, \
820 {sizeof(T##n), T##n} \
822 static struct gcm128_data {
829 } gcm128_vectors[] = {
830 GCM128_TEST_VECTOR(1),
831 GCM128_TEST_VECTOR(2),
832 GCM128_TEST_VECTOR(3),
833 GCM128_TEST_VECTOR(4),
834 GCM128_TEST_VECTOR(5),
835 GCM128_TEST_VECTOR(6),
836 GCM128_TEST_VECTOR(7),
837 GCM128_TEST_VECTOR(8),
838 GCM128_TEST_VECTOR(9),
839 GCM128_TEST_VECTOR(10),
840 GCM128_TEST_VECTOR(11),
841 GCM128_TEST_VECTOR(12),
842 GCM128_TEST_VECTOR(13),
843 GCM128_TEST_VECTOR(14),
844 GCM128_TEST_VECTOR(15),
845 GCM128_TEST_VECTOR(16),
846 GCM128_TEST_VECTOR(17),
847 GCM128_TEST_VECTOR(18),
848 GCM128_TEST_VECTOR(19),
849 GCM128_TEST_VECTOR(20)
852 static int test_gcm128(int idx)
854 unsigned char out[512];
855 SIZED_DATA K = gcm128_vectors[idx].K;
856 SIZED_DATA IV = gcm128_vectors[idx].IV;
857 SIZED_DATA A = gcm128_vectors[idx].A;
858 SIZED_DATA P = gcm128_vectors[idx].P;
859 SIZED_DATA C = gcm128_vectors[idx].C;
860 SIZED_DATA T = gcm128_vectors[idx].T;
864 /* Size 1 inputs are special-cased to signal NULL. */
872 AES_set_encrypt_key(K.data, K.size * 8, &key);
874 CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt);
875 CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size);
876 memset(out, 0, P.size);
878 CRYPTO_gcm128_aad(&ctx, A.data, A.size);
880 CRYPTO_gcm128_encrypt( &ctx, P.data, out, P.size);
881 if (!TEST_false(CRYPTO_gcm128_finish(&ctx, T.data, 16))
883 && !TEST_mem_eq(out, P.size, C.data, P.size)))
886 CRYPTO_gcm128_setiv(&ctx, IV.data, IV.size);
887 memset(out, 0, P.size);
889 CRYPTO_gcm128_aad(&ctx, A.data, A.size);
891 CRYPTO_gcm128_decrypt(&ctx, C.data, out, P.size);
892 if (!TEST_false(CRYPTO_gcm128_finish(&ctx, T.data, 16))
894 && !TEST_mem_eq(out, P.size, P.data, P.size)))
900 static void benchmark_gcm128(const unsigned char *K, size_t Klen,
901 const unsigned char *IV, size_t IVlen)
903 #ifdef OPENSSL_CPUID_OBJ
906 size_t start, gcm_t, ctr_t, OPENSSL_rdtsc();
912 AES_set_encrypt_key(K, Klen * 8, &key);
913 CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt);
914 CRYPTO_gcm128_setiv(&ctx, IV, IVlen);
916 CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
917 start = OPENSSL_rdtsc();
918 CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
919 gcm_t = OPENSSL_rdtsc() - start;
921 CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
922 &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
923 (block128_f) AES_encrypt);
924 start = OPENSSL_rdtsc();
925 CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
926 &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
927 (block128_f) AES_encrypt);
928 ctr_t = OPENSSL_rdtsc() - start;
930 printf("%.2f-%.2f=%.2f\n",
931 gcm_t / (double)sizeof(buf),
932 ctr_t / (double)sizeof(buf),
933 (gcm_t - ctr_t) / (double)sizeof(buf));
936 void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
937 const u8 *inp, size_t len) = ctx.ghash;
939 GHASH((&ctx), buf.c, sizeof(buf));
940 start = OPENSSL_rdtsc();
941 for (i = 0; i < 100; ++i)
942 GHASH((&ctx), buf.c, sizeof(buf));
943 gcm_t = OPENSSL_rdtsc() - start;
944 printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i);
949 "Benchmarking of modes isn't available on this platform\n");
953 int test_main(int argc, char **argv)
959 for (iter_argv = 1; iter_argv < argc; iter_argv++) {
960 if (strcmp(argv[iter_argv], "-b") == 0)
962 else if (strcmp(argv[iter_argv], "-h") == 0)
966 ADD_ALL_TESTS(test_cts128, OSSL_NELEM(cts128_vectors));
967 ADD_ALL_TESTS(test_cts128_nist, OSSL_NELEM(cts128_vectors));
968 ADD_ALL_TESTS(test_gcm128, OSSL_NELEM(gcm128_vectors));
970 result = run_tests(argv[0]);
973 benchmark_gcm128(K1, sizeof(K1), IV1, sizeof(IV1));
978 printf("-h\tThis help\n");
979 printf("-b\tBenchmark gcm128 in addition to the tests\n");