2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Internal tests for the modes module */
15 #include <openssl/aes.h>
16 #include <openssl/modes.h>
17 #include "../crypto/modes/modes_lcl.h"
23 const unsigned char *data;
26 /**********************************************************************
33 const char *case_name;
35 const AES_KEY *encrypt_key_schedule;
36 const AES_KEY *decrypt_key_schedule;
37 const unsigned char *input;
39 const SIZED_DATA *vector;
42 static CTS128_FIXTURE setup_cts128(const char *const test_case_name)
44 CTS128_FIXTURE fixture;
45 fixture.case_name = test_case_name;
49 static int execute_cts128(CTS128_FIXTURE fixture)
51 const unsigned char *test_iv = fixture.iv.data;
52 size_t test_iv_len = fixture.iv.size;
53 const unsigned char *vector = fixture.vector->data;
54 size_t len = fixture.vector->size;
55 const unsigned char *test_input = fixture.input;
56 const AES_KEY *encrypt_key_schedule = fixture.encrypt_key_schedule;
57 const AES_KEY *decrypt_key_schedule = fixture.decrypt_key_schedule;
59 unsigned char cleartext[64], ciphertext[64];
62 fprintf(stderr, "vector_%" OSSLzu "\n", len);
65 if ((tail = len % 16) == 0)
69 /* test block-based encryption */
70 memcpy(iv, test_iv, test_iv_len);
71 CRYPTO_cts128_encrypt_block(test_input, ciphertext, len,
72 encrypt_key_schedule, iv,
73 (block128_f)AES_encrypt);
74 if (memcmp(ciphertext, vector, len)) {
75 fprintf(stderr, "block encrypt: output_%" OSSLzu " mismatch\n", len);
78 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
79 fprintf(stderr, "block encrypt: iv_%" OSSLzu " mismatch\n", len);
83 /* test block-based decryption */
84 memcpy(iv, test_iv, test_iv_len);
85 CRYPTO_cts128_decrypt_block(ciphertext, cleartext, len,
86 decrypt_key_schedule, iv,
87 (block128_f)AES_decrypt);
88 if (memcmp(cleartext, test_input, len)) {
89 fprintf(stderr, "block decrypt: input_%" OSSLzu " mismatch\n", len);
92 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
93 fprintf(stderr, "block decrypt: iv_%" OSSLzu " mismatch\n", len);
97 /* test streamed encryption */
98 memcpy(iv, test_iv, test_iv_len);
99 CRYPTO_cts128_encrypt(test_input, ciphertext, len, encrypt_key_schedule,
100 iv, (cbc128_f) AES_cbc_encrypt);
101 if (memcmp(ciphertext, vector, len)) {
102 fprintf(stderr, "stream encrypt: output_%" OSSLzu " mismatch\n", len);
105 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
106 fprintf(stderr, "stream encrypt: iv_%" OSSLzu " mismatch\n", len);
110 /* test streamed decryption */
111 memcpy(iv, test_iv, test_iv_len);
112 CRYPTO_cts128_decrypt(ciphertext, cleartext, len, decrypt_key_schedule, iv,
113 (cbc128_f)AES_cbc_encrypt);
114 if (memcmp(cleartext, test_input, len)) {
115 fprintf(stderr, "stream decrypt: input_%" OSSLzu " mismatch\n", len);
118 if (memcmp(iv, vector + len - tail, sizeof(iv))) {
119 fprintf(stderr, "stream decrypt: iv_%" OSSLzu " mismatch\n", len);
126 static int execute_cts128_nist(CTS128_FIXTURE fixture)
128 const unsigned char *test_iv = fixture.iv.data;
129 size_t test_iv_len = fixture.iv.size;
130 const unsigned char *vector = fixture.vector->data;
131 size_t len = fixture.vector->size;
132 const unsigned char *test_input = fixture.input;
133 const AES_KEY *encrypt_key_schedule = fixture.encrypt_key_schedule;
134 const AES_KEY *decrypt_key_schedule = fixture.decrypt_key_schedule;
135 unsigned char iv[16];
136 unsigned char cleartext[64], ciphertext[64], nistvector[64];
139 fprintf(stderr, "nistvector_%" OSSLzu "\n", len);
142 if ((tail = len % 16) == 0)
146 memcpy(nistvector, vector, len);
147 /* flip two last blocks */
148 memcpy(nistvector + len, vector + len + 16, tail);
149 memcpy(nistvector + len + tail, vector + len, 16);
153 /* test block-based encryption */
154 memcpy(iv, test_iv, test_iv_len);
155 CRYPTO_nistcts128_encrypt_block(test_input, ciphertext, len,
156 encrypt_key_schedule, iv,
157 (block128_f)AES_encrypt);
158 if (memcmp(ciphertext, nistvector, len)) {
159 fprintf(stderr, "output_%" OSSLzu " mismatch\n", len);
162 if (memcmp(iv, nistvector + len - tail, sizeof(iv))) {
163 fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len);
167 /* test block-based decryption */
168 memcpy(iv, test_iv, test_iv_len);
169 CRYPTO_nistcts128_decrypt_block(ciphertext, cleartext, len,
170 decrypt_key_schedule, iv,
171 (block128_f)AES_decrypt);
172 if (memcmp(cleartext, test_input, len)) {
173 fprintf(stderr, "input_%" OSSLzu " mismatch\n", len);
176 if (memcmp(iv, nistvector + len - tail, sizeof(iv))) {
177 fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len);
181 /* test streamed encryption */
182 memcpy(iv, test_iv, test_iv_len);
183 CRYPTO_nistcts128_encrypt(test_input, ciphertext, len,
184 encrypt_key_schedule, iv,
185 (cbc128_f)AES_cbc_encrypt);
186 if (memcmp(ciphertext, nistvector, len)) {
187 fprintf(stderr, "output_%" OSSLzu " mismatch\n", len);
190 if (memcmp(iv, nistvector + len - tail, sizeof(iv))) {
191 fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len);
195 /* test streamed decryption */
196 memcpy(iv, test_iv, test_iv_len);
197 CRYPTO_nistcts128_decrypt(ciphertext, cleartext, len, decrypt_key_schedule,
198 iv, (cbc128_f)AES_cbc_encrypt);
199 if (memcmp(cleartext, test_input, len)) {
200 fprintf(stderr, "input_%" OSSLzu " mismatch\n", len);
203 if (memcmp(iv, nistvector + len - tail, sizeof(iv))) {
204 fprintf(stderr, "iv_%" OSSLzu " mismatch\n", len);
211 static void teardown_cts128(CTS128_FIXTURE fixture)
215 /**********************************************************************
222 const char *case_name;
232 static GCM128_FIXTURE setup_gcm128(const char *const test_case_name)
234 GCM128_FIXTURE fixture;
235 fixture.case_name = test_case_name;
239 static int execute_gcm128(GCM128_FIXTURE fixture)
241 unsigned char out[512];
242 SIZED_DATA *K = &fixture.K;
243 SIZED_DATA *IV = &fixture.IV;
244 SIZED_DATA *A = &fixture.A;
245 SIZED_DATA *P = &fixture.P;
246 SIZED_DATA *C = &fixture.C;
247 SIZED_DATA *T = &fixture.T;
253 AES_set_encrypt_key(K->data, K->size * 8, &key);
255 CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt);
256 CRYPTO_gcm128_setiv(&ctx, IV->data, IV->size);
257 memset(out, 0, P->size);
259 CRYPTO_gcm128_aad(&ctx, A->data, A->size);
261 CRYPTO_gcm128_encrypt( &ctx, P->data, out, P->size);
262 if (CRYPTO_gcm128_finish(&ctx, T->data, 16)
263 || (C->data && memcmp(out, C->data, P->size)))
264 err++, fprintf(stderr, "encrypt test#%d failed.\n", n);
266 CRYPTO_gcm128_setiv(&ctx, IV->data, IV->size);
267 memset(out, 0, P->size);
269 CRYPTO_gcm128_aad(&ctx, A->data, A->size);
271 CRYPTO_gcm128_decrypt(&ctx, C->data, out, P->size);
272 if (CRYPTO_gcm128_finish(&ctx, T->data, 16)
273 || (P->data && memcmp(out, P->data, P->size)))
274 err++, fprintf(stderr, "decrypt test#%d failed.\n", n);
279 static void teardown_gcm128(GCM128_FIXTURE fixture)
283 static void benchmark_gcm128(const unsigned char *K, size_t Klen,
284 const unsigned char *IV, size_t IVlen)
286 #ifdef OPENSSL_CPUID_OBJ
289 size_t start, gcm_t, ctr_t, OPENSSL_rdtsc();
295 AES_set_encrypt_key(K, Klen * 8, &key);
296 CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt);
297 CRYPTO_gcm128_setiv(&ctx, IV, IVlen);
299 CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
300 start = OPENSSL_rdtsc();
301 CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
302 gcm_t = OPENSSL_rdtsc() - start;
304 CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
305 &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
306 (block128_f) AES_encrypt);
307 start = OPENSSL_rdtsc();
308 CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
309 &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
310 (block128_f) AES_encrypt);
311 ctr_t = OPENSSL_rdtsc() - start;
313 printf("%.2f-%.2f=%.2f\n",
314 gcm_t / (double)sizeof(buf),
315 ctr_t / (double)sizeof(buf),
316 (gcm_t - ctr_t) / (double)sizeof(buf));
319 void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
320 const u8 *inp, size_t len) = ctx.ghash;
322 GHASH((&ctx), buf.c, sizeof(buf));
323 start = OPENSSL_rdtsc();
324 for (i = 0; i < 100; ++i)
325 GHASH((&ctx), buf.c, sizeof(buf));
326 gcm_t = OPENSSL_rdtsc() - start;
327 printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i);
332 "Benchmarking of modes isn't available on this platform\n");
336 /**********************************************************************
342 /* cts128 test vectors from RFC 3962 */
343 static const unsigned char cts128_test_key[16] = "chicken teriyaki";
344 static const unsigned char cts128_test_input[64] =
345 "I would like the" " General Gau's C"
346 "hicken, please, " "and wonton soup.";
347 static const unsigned char cts128_test_iv[] =
348 { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
350 static const unsigned char vector_17[17] = {
351 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
352 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
356 static const unsigned char vector_31[31] = {
357 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
358 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
359 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
360 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
363 static const unsigned char vector_32[32] = {
364 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
365 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
366 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
367 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
370 static const unsigned char vector_47[47] = {
371 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
372 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
373 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
374 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
375 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
376 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
379 static const unsigned char vector_48[48] = {
380 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
381 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
382 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
383 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
384 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
385 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
388 static const unsigned char vector_64[64] = {
389 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
390 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
391 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
392 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
393 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
394 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
395 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
396 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
399 #define CTS128_TEST_VECTOR(len) \
401 sizeof(vector_##len), vector_##len \
403 static const SIZED_DATA cts128_vectors[] = {
404 CTS128_TEST_VECTOR(17),
405 CTS128_TEST_VECTOR(31),
406 CTS128_TEST_VECTOR(32),
407 CTS128_TEST_VECTOR(47),
408 CTS128_TEST_VECTOR(48),
409 CTS128_TEST_VECTOR(64),
412 static AES_KEY *cts128_encrypt_key_schedule()
414 static int init_key = 1;
418 AES_set_encrypt_key(cts128_test_key, 128, &ks);
424 static AES_KEY *cts128_decrypt_key_schedule()
426 static int init_key = 1;
430 AES_set_decrypt_key(cts128_test_key, 128, &ks);
436 static int drive_cts128_tests(int idx)
438 SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
440 fixture.encrypt_key_schedule = cts128_encrypt_key_schedule();
441 fixture.decrypt_key_schedule = cts128_decrypt_key_schedule();
442 fixture.input = cts128_test_input;
443 fixture.iv.size = sizeof(cts128_test_iv);
444 fixture.iv.data = cts128_test_iv;
445 fixture.vector = &cts128_vectors[idx];
446 EXECUTE_TEST(execute_cts128, teardown_cts128);
449 static int drive_cts128_nist_tests(int idx)
451 SETUP_TEST_FIXTURE(CTS128_FIXTURE, setup_cts128);
453 fixture.encrypt_key_schedule = cts128_encrypt_key_schedule();
454 fixture.decrypt_key_schedule = cts128_decrypt_key_schedule();
455 fixture.input = cts128_test_input;
456 fixture.iv.size = sizeof(cts128_test_iv);
457 fixture.iv.data = cts128_test_iv;
458 fixture.vector = &cts128_vectors[idx];
459 EXECUTE_TEST(execute_cts128_nist, teardown_cts128);
463 static const u8 K1[16], P1[] = { 0 }, A1[] = { 0 }, IV1[12], C1[] = { 0 };
464 static const u8 T1[] = {
465 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
466 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
473 static const u8 P2[16];
474 static const u8 C2[] = {
475 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
476 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
479 static const u8 T2[] = {
480 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
481 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
486 static const u8 K3[] = {
487 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
488 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
491 static const u8 P3[] = {
492 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
493 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
494 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
495 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
496 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
497 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
498 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
499 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
502 static const u8 IV3[] = {
503 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
504 0xde, 0xca, 0xf8, 0x88
507 static const u8 C3[] = {
508 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
509 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
510 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
511 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
512 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
513 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
514 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
515 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
518 static const u8 T3[] = {
519 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
520 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
526 static const u8 P4[] = {
527 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
528 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
529 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
530 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
531 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
532 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
533 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
534 0xba, 0x63, 0x7b, 0x39
537 static const u8 A4[] = {
538 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
539 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
540 0xab, 0xad, 0xda, 0xd2
543 static const u8 C4[] = {
544 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
545 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
546 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
547 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
548 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
549 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
550 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
551 0x3d, 0x58, 0xe0, 0x91
554 static const u8 T4[] = {
555 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
556 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
563 static const u8 IV5[] = {
564 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
567 static const u8 C5[] = {
568 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
569 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
570 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
571 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
572 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
573 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
574 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
575 0xc2, 0x3f, 0x45, 0x98
578 static const u8 T5[] = {
579 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
580 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb
587 static const u8 IV6[] = {
588 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
589 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
590 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
591 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
592 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
593 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
594 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
595 0xa6, 0x37, 0xb3, 0x9b
598 static const u8 C6[] = {
599 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
600 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
601 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
602 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
603 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
604 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
605 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
606 0x4c, 0x34, 0xae, 0xe5
609 static const u8 T6[] = {
610 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
611 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50
615 static const u8 K7[24], P7[] = { 0 }, A7[] = { 0 }, IV7[12], C7[] = { 0 };
616 static const u8 T7[] = {
617 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
618 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35
625 static const u8 P8[16];
626 static const u8 C8[] = {
627 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
628 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00
631 static const u8 T8[] = {
632 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
633 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb
638 static const u8 K9[] = {
639 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
640 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
641 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
644 static const u8 P9[] = {
645 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
646 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
647 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
648 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
649 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
650 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
651 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
652 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
655 static const u8 IV9[] = {
656 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
657 0xde, 0xca, 0xf8, 0x88
660 static const u8 C9[] = {
661 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
662 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
663 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
664 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
665 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
666 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
667 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
668 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56
671 static const u8 T9[] = {
672 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
673 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14
679 static const u8 P10[] = {
680 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
681 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
682 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
683 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
684 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
685 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
686 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
687 0xba, 0x63, 0x7b, 0x39
690 static const u8 A10[] = {
691 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
692 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
693 0xab, 0xad, 0xda, 0xd2
696 static const u8 C10[] = {
697 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
698 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
699 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
700 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
701 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
702 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
703 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
704 0xcc, 0xda, 0x27, 0x10
707 static const u8 T10[] = {
708 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
709 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c
716 static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
718 static const u8 C11[] = {
719 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
720 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
721 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
722 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
723 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
724 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
725 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
726 0xa0, 0xf0, 0x62, 0xf7
729 static const u8 T11[] = {
730 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
731 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8
738 static const u8 IV12[] = {
739 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
740 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
741 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
742 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
743 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
744 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
745 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
746 0xa6, 0x37, 0xb3, 0x9b
749 static const u8 C12[] = {
750 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
751 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
752 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
753 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
754 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
755 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
756 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
757 0xe9, 0xb7, 0x37, 0x3b
760 static const u8 T12[] = {
761 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
762 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9
766 static const u8 K13[32], P13[] = { 0 }, A13[] = { 0 }, IV13[12], C13[] = { 0 };
767 static const u8 T13[] = {
768 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
769 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b
775 static const u8 P14[16], IV14[12];
776 static const u8 C14[] = {
777 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
778 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
781 static const u8 T14[] = {
782 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
783 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
788 static const u8 K15[] = {
789 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
790 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
791 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
792 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
795 static const u8 P15[] = {
796 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
797 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
798 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
799 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
800 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
801 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
802 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
803 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
806 static const u8 IV15[] = {
807 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
808 0xde, 0xca, 0xf8, 0x88
811 static const u8 C15[] = {
812 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
813 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
814 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
815 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
816 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
817 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
818 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
819 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
822 static const u8 T15[] = {
823 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
824 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
830 static const u8 P16[] = {
831 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
832 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
833 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
834 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
835 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
836 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
837 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
838 0xba, 0x63, 0x7b, 0x39
841 static const u8 A16[] = {
842 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
843 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
844 0xab, 0xad, 0xda, 0xd2
847 static const u8 C16[] = {
848 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
849 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
850 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
851 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
852 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
853 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
854 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
855 0xbc, 0xc9, 0xf6, 0x62
858 static const u8 T16[] = {
859 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
860 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
867 static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
869 static const u8 C17[] = {
870 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
871 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
872 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
873 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
874 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
875 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
876 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
877 0xf4, 0x7c, 0x9b, 0x1f
880 static const u8 T17[] = {
881 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
882 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2
889 static const u8 IV18[] = {
890 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
891 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
892 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
893 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
894 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
895 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
896 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
897 0xa6, 0x37, 0xb3, 0x9b
900 static const u8 C18[] = {
901 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
902 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
903 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
904 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
905 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
906 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
907 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
908 0x44, 0xae, 0x7e, 0x3f
911 static const u8 T18[] = {
912 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
913 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a
921 static const u8 A19[] = {
922 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
923 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
924 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
925 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
926 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
927 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
928 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
929 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55,
930 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
931 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
932 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
933 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
934 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
935 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
936 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
937 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
940 static const u8 T19[] = {
941 0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d,
942 0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92
948 /* this results in 0xff in counter LSB */
949 static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff };
951 static const u8 P20[288];
952 static const u8 C20[] = {
953 0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a,
954 0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14,
955 0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce,
956 0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f,
957 0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70,
958 0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18,
959 0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf,
960 0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49,
961 0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab,
962 0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c,
963 0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c,
964 0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29,
965 0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1,
966 0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76,
967 0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2,
968 0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce,
969 0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f,
970 0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86,
971 0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb,
972 0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18,
973 0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65,
974 0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42,
975 0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b,
976 0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06,
977 0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24,
978 0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c,
979 0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4,
980 0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64,
981 0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03,
982 0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6,
983 0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90,
984 0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74,
985 0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67,
986 0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46,
987 0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78,
988 0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c
991 static const u8 T20[] = {
992 0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a,
993 0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f
996 #define GCM128_TEST_VECTOR(n) \
998 {sizeof(K##n), K##n}, \
999 {sizeof(IV##n), IV##n}, \
1000 {sizeof(A##n), A##n}, \
1001 {sizeof(P##n), P##n}, \
1002 {sizeof(C##n), C##n}, \
1003 {sizeof(T##n), T##n} \
1005 static struct gcm128_data {
1007 const SIZED_DATA IV;
1012 } gcm128_vectors[] = {
1013 GCM128_TEST_VECTOR(1),
1014 GCM128_TEST_VECTOR(2),
1015 GCM128_TEST_VECTOR(3),
1016 GCM128_TEST_VECTOR(4),
1017 GCM128_TEST_VECTOR(5),
1018 GCM128_TEST_VECTOR(6),
1019 GCM128_TEST_VECTOR(7),
1020 GCM128_TEST_VECTOR(8),
1021 GCM128_TEST_VECTOR(9),
1022 GCM128_TEST_VECTOR(10),
1023 GCM128_TEST_VECTOR(11),
1024 GCM128_TEST_VECTOR(12),
1025 GCM128_TEST_VECTOR(13),
1026 GCM128_TEST_VECTOR(14),
1027 GCM128_TEST_VECTOR(15),
1028 GCM128_TEST_VECTOR(16),
1029 GCM128_TEST_VECTOR(17),
1030 GCM128_TEST_VECTOR(18),
1031 GCM128_TEST_VECTOR(19),
1032 GCM128_TEST_VECTOR(20)
1035 static int drive_gcm128_tests(int idx)
1037 SETUP_TEST_FIXTURE(GCM128_FIXTURE, setup_gcm128);
1039 fixture.K.size = gcm128_vectors[idx].K.size;
1040 fixture.K.data = fixture.K.size == 1 ? NULL : gcm128_vectors[idx].K.data;
1041 fixture.IV.size = gcm128_vectors[idx].IV.size;
1042 fixture.IV.data = fixture.IV.size == 1 ? NULL : gcm128_vectors[idx].IV.data;
1043 fixture.A.size = gcm128_vectors[idx].A.size;
1044 fixture.A.data = fixture.A.size == 1 ? NULL : gcm128_vectors[idx].A.data;
1045 fixture.P.size = gcm128_vectors[idx].P.size;
1046 fixture.P.data = fixture.P.size == 1 ? NULL : gcm128_vectors[idx].P.data;
1047 fixture.C.size = gcm128_vectors[idx].C.size;
1048 fixture.C.data = fixture.C.size == 1 ? NULL : gcm128_vectors[idx].C.data;
1049 fixture.T.size = gcm128_vectors[idx].T.size;
1050 fixture.T.data = fixture.T.size == 1 ? NULL : gcm128_vectors[idx].T.data;
1051 EXECUTE_TEST(execute_gcm128, teardown_gcm128);
1054 int main(int argc, char **argv)
1060 for (iter_argv = 1; iter_argv < argc; iter_argv++) {
1061 if (strcmp(argv[iter_argv], "-b") == 0)
1063 else if (strcmp(argv[iter_argv], "-h") == 0)
1067 ADD_ALL_TESTS(drive_cts128_tests, OSSL_NELEM(cts128_vectors));
1068 ADD_ALL_TESTS(drive_cts128_nist_tests, OSSL_NELEM(cts128_vectors));
1069 ADD_ALL_TESTS(drive_gcm128_tests, OSSL_NELEM(gcm128_vectors));
1071 result = run_tests(argv[0]);
1074 benchmark_gcm128(K1, sizeof(K1), IV1, sizeof(IV1));
1079 printf("-h\tThis help\n");
1080 printf("-b\tBenchmark gcm128 in addition to the tests\n");