1 /* basic.c - basic regression tests
2 * Copyright (C) 2001, 2002, 2003, 2005, 2008,
3 * 2009 Free Software Foundation, Inc.
4 * Copyright (C) 2013 g10 Code GmbH
6 * This file is part of Libgcrypt.
8 * Libgcrypt is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Lesser General Public License as
10 * published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
13 * Libgcrypt is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this program; if not, see <http://www.gnu.org/licenses/>.
31 #include "../src/gcrypt-int.h"
34 # define DIM(v) (sizeof(v)/sizeof((v)[0]))
38 typedef struct test_spec_pubkey_key
44 test_spec_pubkey_key_t;
46 typedef struct test_spec_pubkey
50 test_spec_pubkey_key_t key;
54 #define FLAG_CRYPT (1 << 0)
55 #define FLAG_SIGN (1 << 1)
56 #define FLAG_GRIP (1 << 2)
59 static int error_count;
60 static int in_fips_mode;
61 static int die_on_error;
64 fail (const char *format, ...)
68 va_start (arg_ptr, format);
69 vfprintf (stderr, format, arg_ptr);
77 mismatch (const void *expected, size_t expectedlen,
78 const void *computed, size_t computedlen)
80 const unsigned char *p;
82 fprintf (stderr, "expected:");
83 for (p = expected; expectedlen; p++, expectedlen--)
84 fprintf (stderr, " %02x", *p);
85 fprintf (stderr, "\ncomputed:");
86 for (p = computed; computedlen; p++, computedlen--)
87 fprintf (stderr, " %02x", *p);
88 fprintf (stderr, "\n");
93 die (const char *format, ...)
97 va_start (arg_ptr, format);
98 vfprintf (stderr, format, arg_ptr);
105 show_sexp (const char *prefix, gcry_sexp_t a)
111 fputs (prefix, stderr);
112 size = gcry_sexp_sprint (a, GCRYSEXP_FMT_ADVANCED, NULL, 0);
113 buf = gcry_xmalloc (size);
115 gcry_sexp_sprint (a, GCRYSEXP_FMT_ADVANCED, buf, size);
116 fprintf (stderr, "%.*s", (int)size, buf);
121 #define MAX_DATA_LEN 100
124 progress_handler (void *cb_data, const char *what, int printchar,
125 int current, int total)
132 if (printchar == '\n')
133 fputs ( "<LF>", stdout);
140 check_cbc_mac_cipher (void)
142 static const struct tv
145 char key[MAX_DATA_LEN];
146 unsigned char plaintext[MAX_DATA_LEN];
148 char mac[MAX_DATA_LEN];
154 "This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
155 0, "\x23\x8f\x6d\xc7\x53\x6a\x62\x97\x11\xc4\xa5\x16\x43\xea\xb0\xb6" },
157 "abcdefghABCDEFGH01234567",
158 "This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
159 0, "\x5c\x11\xf0\x01\x47\xbd\x3d\x3a" },
162 "This is a sample plaintext for CBC MAC of sixtyfour bytes.......",
163 0, "\xfa\x4b\xdf\x9d\xfa\xab\x01\x70" }
166 unsigned char out[MAX_DATA_LEN];
167 int i, blklen, keylen;
168 gcry_error_t err = 0;
171 fprintf (stderr, " Starting CBC MAC checks.\n");
173 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
175 if (gcry_cipher_test_algo (tv[i].algo) && in_fips_mode)
178 fprintf (stderr, " algorithm %d not available in fips mode\n",
183 err = gcry_cipher_open (&hd,
185 GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_MAC);
188 fail ("cbc-mac algo %d, gcry_cipher_open failed: %s\n",
189 tv[i].algo, gpg_strerror (err));
193 blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
196 fail ("cbc-mac algo %d, gcry_cipher_get_algo_blklen failed\n",
198 gcry_cipher_close (hd);
202 keylen = gcry_cipher_get_algo_keylen (tv[i].algo);
205 fail ("cbc-mac algo %d, gcry_cipher_get_algo_keylen failed\n",
210 err = gcry_cipher_setkey (hd, tv[i].key, keylen);
213 fail ("cbc-mac algo %d, gcry_cipher_setkey failed: %s\n",
214 tv[i].algo, gpg_strerror (err));
215 gcry_cipher_close (hd);
219 err = gcry_cipher_setiv (hd, NULL, 0);
222 fail ("cbc-mac algo %d, gcry_cipher_setiv failed: %s\n",
223 tv[i].algo, gpg_strerror (err));
224 gcry_cipher_close (hd);
229 fprintf (stderr, " checking CBC MAC for %s [%i]\n",
230 gcry_cipher_algo_name (tv[i].algo),
232 err = gcry_cipher_encrypt (hd,
237 strlen ((char*)tv[i].plaintext));
240 fail ("cbc-mac algo %d, gcry_cipher_encrypt failed: %s\n",
241 tv[i].algo, gpg_strerror (err));
242 gcry_cipher_close (hd);
249 for (j = 0; j < gcry_cipher_get_algo_blklen (tv[i].algo); j++)
250 printf ("\\x%02x", out[j] & 0xFF);
255 if (memcmp (tv[i].mac, out, blklen))
256 fail ("cbc-mac algo %d, encrypt mismatch entry %d\n", tv[i].algo, i);
258 gcry_cipher_close (hd);
261 fprintf (stderr, " Completed CBC MAC checks.\n");
265 check_aes128_cbc_cts_cipher (void)
267 static const char key[128 / 8] = "chicken teriyaki";
268 static const unsigned char plaintext[] =
269 "I would like the General Gau's Chicken, please, and wonton soup.";
270 static const struct tv
272 unsigned char out[MAX_DATA_LEN];
276 { "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
279 { "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
280 "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
282 { "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
283 "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
285 { "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
286 "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
287 "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
289 { "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
290 "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
291 "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
293 { "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
294 "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
295 "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
296 "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
300 unsigned char out[MAX_DATA_LEN];
302 gcry_error_t err = 0;
305 fprintf (stderr, " Starting AES128 CBC CTS checks.\n");
306 err = gcry_cipher_open (&hd,
308 GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS);
311 fail ("aes-cbc-cts, gcry_cipher_open failed: %s\n", gpg_strerror (err));
315 err = gcry_cipher_setkey (hd, key, 128 / 8);
318 fail ("aes-cbc-cts, gcry_cipher_setkey failed: %s\n",
320 gcry_cipher_close (hd);
324 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
326 err = gcry_cipher_setiv (hd, NULL, 0);
329 fail ("aes-cbc-cts, gcry_cipher_setiv failed: %s\n",
331 gcry_cipher_close (hd);
336 fprintf (stderr, " checking encryption for length %i\n", tv[i].inlen);
337 err = gcry_cipher_encrypt (hd, out, MAX_DATA_LEN,
338 plaintext, tv[i].inlen);
341 fail ("aes-cbc-cts, gcry_cipher_encrypt failed: %s\n",
343 gcry_cipher_close (hd);
347 if (memcmp (tv[i].out, out, tv[i].inlen))
348 fail ("aes-cbc-cts, encrypt mismatch entry %d\n", i);
350 err = gcry_cipher_setiv (hd, NULL, 0);
353 fail ("aes-cbc-cts, gcry_cipher_setiv failed: %s\n",
355 gcry_cipher_close (hd);
359 fprintf (stderr, " checking decryption for length %i\n", tv[i].inlen);
360 err = gcry_cipher_decrypt (hd, out, tv[i].inlen, NULL, 0);
363 fail ("aes-cbc-cts, gcry_cipher_decrypt failed: %s\n",
365 gcry_cipher_close (hd);
369 if (memcmp (plaintext, out, tv[i].inlen))
370 fail ("aes-cbc-cts, decrypt mismatch entry %d\n", i);
373 gcry_cipher_close (hd);
375 fprintf (stderr, " Completed AES128 CBC CTS checks.\n");
379 check_ctr_cipher (void)
381 static const struct tv
384 char key[MAX_DATA_LEN];
385 char ctr[MAX_DATA_LEN];
388 unsigned char plaintext[MAX_DATA_LEN];
390 char out[MAX_DATA_LEN];
394 /* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
396 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
397 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
398 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
400 "\x87\x4d\x61\x91\xb6\x20\xe3\x26\x1b\xef\x68\x64\x99\x0d\xb6\xce" },
401 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
403 "\x98\x06\xf6\x6b\x79\x70\xfd\xff\x86\x17\x18\x7b\xb9\xff\xfd\xff" },
404 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
406 "\x5a\xe4\xdf\x3e\xdb\xd5\xd3\x5e\x5b\x4f\x09\x02\x0d\xb0\x3e\xab" },
407 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
409 "\x1e\x03\x1d\xda\x2f\xbe\x03\xd1\x79\x21\x70\xa0\xf3\x00\x9c\xee" },
414 { GCRY_CIPHER_AES192,
415 "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
416 "\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
417 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
418 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
420 "\x1a\xbc\x93\x24\x17\x52\x1c\xa2\x4f\x2b\x04\x59\xfe\x7e\x6e\x0b" },
421 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
423 "\x09\x03\x39\xec\x0a\xa6\xfa\xef\xd5\xcc\xc2\xc6\xf4\xce\x8e\x94" },
424 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
426 "\x1e\x36\xb2\x6b\xd1\xeb\xc6\x70\xd1\xbd\x1d\x66\x56\x20\xab\xf7" },
427 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
429 "\x4f\x78\xa7\xf6\xd2\x98\x09\x58\x5a\x97\xda\xec\x58\xc6\xb0\x50" },
433 { GCRY_CIPHER_AES256,
434 "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
435 "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
436 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
437 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
439 "\x60\x1e\xc3\x13\x77\x57\x89\xa5\xb7\xa7\xf5\x04\xbb\xf3\xd2\x28" },
440 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
442 "\xf4\x43\xe3\xca\x4d\x62\xb5\x9a\xca\x84\xe9\x90\xca\xca\xf5\xc5" },
443 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
445 "\x2b\x09\x30\xda\xa2\x3d\xe9\x4c\xe8\x70\x17\xba\x2d\x84\x98\x8d" },
446 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
448 "\xdf\xc9\xc5\x8d\xb6\x7a\xad\xa6\x13\xc2\xdd\x08\x45\x79\x41\xa6" },
452 /* Some truncation tests. With a truncated second block and
453 also with a single truncated block. */
455 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
456 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
457 {{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
459 "\x87\x4d\x61\x91\xb6\x20\xe3\x26\x1b\xef\x68\x64\x99\x0d\xb6\xce" },
460 {"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e",
462 "\x98\x06\xf6\x6b\x79\x70\xfd\xff\x86\x17\x18\x7b\xb9\xff\xfd" },
467 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
468 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
469 {{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
471 "\x87\x4d\x61\x91\xb6\x20\xe3\x26\x1b\xef\x68\x64\x99\x0d\xb6\xce" },
479 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
480 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
481 {{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17",
483 "\x87\x4d\x61\x91\xb6\x20\xe3\x26\x1b\xef\x68\x64\x99\x0d\xb6" },
488 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
489 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
496 /* Tests to see whether it works correctly as a stream cipher. */
498 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
499 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
500 {{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
502 "\x87\x4d\x61\x91\xb6\x20\xe3\x26\x1b\xef\x68\x64\x99\x0d\xb6\xce" },
503 {"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e",
505 "\x98\x06\xf6\x6b\x79\x70\xfd\xff\x86\x17\x18\x7b\xb9\xff\xfd" },
506 {"\x51\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
508 "\xff\x5a\xe4\xdf\x3e\xdb\xd5\xd3\x5e\x5b\x4f\x09\x02\x0d\xb0\x3e\xab" },
509 {"\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
511 "\x1e\x03\x1d\xda\x2f\xbe\x03\xd1\x79\x21\x70\xa0\xf3\x00\x9c\xee" },
517 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
518 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
531 {"\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
533 "\x26\x1b\xef\x68\x64\x99\x0d\xb6\xce" },
534 {"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e",
536 "\x98\x06\xf6\x6b\x79\x70\xfd\xff\x86\x17\x18\x7b\xb9\xff\xfd" },
537 {"\x51\x30\xc8\x1c\x46\xa3\x5c\xe4\x11",
539 "\xff\x5a\xe4\xdf\x3e\xdb\xd5\xd3\x5e" },
545 /* A selfmade test vector using an 64 bit block cipher. */
547 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
548 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8",
549 {{"\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
551 "\xe8\xa7\xac\x68\xca\xca\xa0\x20\x10\xcb\x1b\xcc\x79\x2c\xc4\x48" },
552 {"\xae\x2d\x8a\x57\x1e\x03\xac\x9c",
554 "\x16\xe8\x72\x77\xb0\x98\x29\x68" },
555 {"\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
557 "\x9a\xb3\xa8\x03\x3b\xb4\x14\xba" },
558 {"\xae\x2d\x8a\x57\x1e\x03\xac\x9c\xa1\x00",
560 "\x31\x5e\xd3\xfb\x1b\x8d\xd1\xf9\xb0\x83" },
573 gcry_cipher_hd_t hde, hdd;
574 unsigned char out[MAX_DATA_LEN];
575 int i, j, keylen, blklen;
576 gcry_error_t err = 0;
579 fprintf (stderr, " Starting CTR cipher checks.\n");
580 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
585 err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_CTR, 0);
587 err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_CTR, 0);
590 fail ("aes-ctr, gcry_cipher_open failed: %s\n", gpg_strerror (err));
594 keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
597 fail ("aes-ctr, gcry_cipher_get_algo_keylen failed\n");
601 err = gcry_cipher_setkey (hde, tv[i].key, keylen);
603 err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
606 fail ("aes-ctr, gcry_cipher_setkey failed: %s\n",
608 gcry_cipher_close (hde);
609 gcry_cipher_close (hdd);
613 blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
616 fail ("aes-ctr, gcry_cipher_get_algo_blklen failed\n");
620 err = gcry_cipher_setctr (hde, tv[i].ctr, blklen);
622 err = gcry_cipher_setctr (hdd, tv[i].ctr, blklen);
625 fail ("aes-ctr, gcry_cipher_setctr failed: %s\n",
627 gcry_cipher_close (hde);
628 gcry_cipher_close (hdd);
633 fprintf (stderr, " checking CTR mode for %s [%i]\n",
634 gcry_cipher_algo_name (tv[i].algo),
636 for (j = 0; tv[i].data[j].inlen; j++)
638 err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
639 tv[i].data[j].plaintext,
640 tv[i].data[j].inlen == -1 ?
641 strlen ((char*)tv[i].data[j].plaintext) :
642 tv[i].data[j].inlen);
645 fail ("aes-ctr, gcry_cipher_encrypt (%d, %d) failed: %s\n",
646 i, j, gpg_strerror (err));
647 gcry_cipher_close (hde);
648 gcry_cipher_close (hdd);
652 if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
654 fail ("aes-ctr, encrypt mismatch entry %d:%d\n", i, j);
655 mismatch (tv[i].data[j].out, tv[i].data[j].inlen,
656 out, tv[i].data[j].inlen);
659 err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
662 fail ("aes-ctr, gcry_cipher_decrypt (%d, %d) failed: %s\n",
663 i, j, gpg_strerror (err));
664 gcry_cipher_close (hde);
665 gcry_cipher_close (hdd);
669 if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
671 fail ("aes-ctr, decrypt mismatch entry %d:%d\n", i, j);
672 mismatch (tv[i].data[j].plaintext, tv[i].data[j].inlen,
673 out, tv[i].data[j].inlen);
678 /* Now check that we get valid return codes back for good and
680 err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
681 "1234567890123456", 16);
683 fail ("aes-ctr, encryption failed for valid input");
685 err = gcry_cipher_encrypt (hde, out, 15,
686 "1234567890123456", 16);
687 if (gpg_err_code (err) != GPG_ERR_BUFFER_TOO_SHORT)
688 fail ("aes-ctr, too short output buffer returned wrong error: %s\n",
691 err = gcry_cipher_encrypt (hde, out, 0,
692 "1234567890123456", 16);
693 if (gpg_err_code (err) != GPG_ERR_BUFFER_TOO_SHORT)
694 fail ("aes-ctr, 0 length output buffer returned wrong error: %s\n",
697 err = gcry_cipher_encrypt (hde, out, 16,
698 "1234567890123456", 16);
700 fail ("aes-ctr, correct length output buffer returned error: %s\n",
703 /* Again, now for decryption. */
704 err = gcry_cipher_decrypt (hde, out, MAX_DATA_LEN,
705 "1234567890123456", 16);
707 fail ("aes-ctr, decryption failed for valid input");
709 err = gcry_cipher_decrypt (hde, out, 15,
710 "1234567890123456", 16);
711 if (gpg_err_code (err) != GPG_ERR_BUFFER_TOO_SHORT)
712 fail ("aes-ctr, too short output buffer returned wrong error: %s\n",
715 err = gcry_cipher_decrypt (hde, out, 0,
716 "1234567890123456", 16);
717 if (gpg_err_code (err) != GPG_ERR_BUFFER_TOO_SHORT)
718 fail ("aes-ctr, 0 length output buffer returned wrong error: %s\n",
721 err = gcry_cipher_decrypt (hde, out, 16,
722 "1234567890123456", 16);
724 fail ("aes-ctr, correct length output buffer returned error: %s\n",
727 gcry_cipher_close (hde);
728 gcry_cipher_close (hdd);
731 fprintf (stderr, " Completed CTR cipher checks.\n");
735 check_cfb_cipher (void)
737 static const struct tv
740 char key[MAX_DATA_LEN];
741 char iv[MAX_DATA_LEN];
744 unsigned char plaintext[MAX_DATA_LEN];
746 char out[MAX_DATA_LEN];
751 /* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
753 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
754 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
755 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
757 "\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20\x33\x34\x49\xf8\xe8\x3c\xfb\x4a" },
758 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
760 "\xc8\xa6\x45\x37\xa0\xb3\xa9\x3f\xcd\xe3\xcd\xad\x9f\x1c\xe5\x8b"},
761 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
763 "\x26\x75\x1f\x67\xa3\xcb\xb1\x40\xb1\x80\x8c\xf1\x87\xa4\xf4\xdf" },
764 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
766 "\xc0\x4b\x05\x35\x7c\x5d\x1c\x0e\xea\xc4\xc6\x6f\x9f\xf7\xf2\xe6" },
769 { GCRY_CIPHER_AES192,
770 "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
771 "\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
772 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
773 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
775 "\xcd\xc8\x0d\x6f\xdd\xf1\x8c\xab\x34\xc2\x59\x09\xc9\x9a\x41\x74" },
776 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
778 "\x67\xce\x7f\x7f\x81\x17\x36\x21\x96\x1a\x2b\x70\x17\x1d\x3d\x7a" },
779 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
781 "\x2e\x1e\x8a\x1d\xd5\x9b\x88\xb1\xc8\xe6\x0f\xed\x1e\xfa\xc4\xc9" },
782 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
784 "\xc0\x5f\x9f\x9c\xa9\x83\x4f\xa0\x42\xae\x8f\xba\x58\x4b\x09\xff" },
787 { GCRY_CIPHER_AES256,
788 "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
789 "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
790 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
791 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
793 "\xdc\x7e\x84\xbf\xda\x79\x16\x4b\x7e\xcd\x84\x86\x98\x5d\x38\x60" },
794 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
796 "\x39\xff\xed\x14\x3b\x28\xb1\xc8\x32\x11\x3c\x63\x31\xe5\x40\x7b" },
797 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
799 "\xdf\x10\x13\x24\x15\xe5\x4b\x92\xa1\x3e\xd0\xa8\x26\x7a\xe2\xf9" },
800 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
802 "\x75\xa3\x85\x74\x1a\xb9\xce\xf8\x20\x31\x62\x3d\x55\xb1\xe4\x71" }
806 gcry_cipher_hd_t hde, hdd;
807 unsigned char out[MAX_DATA_LEN];
808 int i, j, keylen, blklen;
809 gcry_error_t err = 0;
812 fprintf (stderr, " Starting CFB checks.\n");
814 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
817 fprintf (stderr, " checking CFB mode for %s [%i]\n",
818 gcry_cipher_algo_name (tv[i].algo),
820 err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_CFB, 0);
822 err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_CFB, 0);
825 fail ("aes-cfb, gcry_cipher_open failed: %s\n", gpg_strerror (err));
829 keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
832 fail ("aes-cfb, gcry_cipher_get_algo_keylen failed\n");
836 err = gcry_cipher_setkey (hde, tv[i].key, keylen);
838 err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
841 fail ("aes-cfb, gcry_cipher_setkey failed: %s\n",
843 gcry_cipher_close (hde);
844 gcry_cipher_close (hdd);
848 blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
851 fail ("aes-cfb, gcry_cipher_get_algo_blklen failed\n");
855 err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
857 err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
860 fail ("aes-cfb, gcry_cipher_setiv failed: %s\n",
862 gcry_cipher_close (hde);
863 gcry_cipher_close (hdd);
867 for (j = 0; tv[i].data[j].inlen; j++)
869 err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
870 tv[i].data[j].plaintext,
871 tv[i].data[j].inlen);
874 fail ("aes-cfb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
875 i, j, gpg_strerror (err));
876 gcry_cipher_close (hde);
877 gcry_cipher_close (hdd);
881 if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen)) {
882 fail ("aes-cfb, encrypt mismatch entry %d:%d\n", i, j);
884 err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
887 fail ("aes-cfb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
888 i, j, gpg_strerror (err));
889 gcry_cipher_close (hde);
890 gcry_cipher_close (hdd);
894 if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
895 fail ("aes-cfb, decrypt mismatch entry %d:%d\n", i, j);
898 gcry_cipher_close (hde);
899 gcry_cipher_close (hdd);
902 fprintf (stderr, " Completed CFB checks.\n");
906 check_ofb_cipher (void)
908 static const struct tv
911 char key[MAX_DATA_LEN];
912 char iv[MAX_DATA_LEN];
915 unsigned char plaintext[MAX_DATA_LEN];
917 char out[MAX_DATA_LEN];
922 /* http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */
924 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c",
925 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
926 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
928 "\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20\x33\x34\x49\xf8\xe8\x3c\xfb\x4a" },
929 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
931 "\x77\x89\x50\x8d\x16\x91\x8f\x03\xf5\x3c\x52\xda\xc5\x4e\xd8\x25"},
932 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
934 "\x97\x40\x05\x1e\x9c\x5f\xec\xf6\x43\x44\xf7\xa8\x22\x60\xed\xcc" },
935 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
937 "\x30\x4c\x65\x28\xf6\x59\xc7\x78\x66\xa5\x10\xd9\xc1\xd6\xae\x5e" },
940 { GCRY_CIPHER_AES192,
941 "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b"
942 "\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
943 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
944 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
946 "\xcd\xc8\x0d\x6f\xdd\xf1\x8c\xab\x34\xc2\x59\x09\xc9\x9a\x41\x74" },
947 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
949 "\xfc\xc2\x8b\x8d\x4c\x63\x83\x7c\x09\xe8\x17\x00\xc1\x10\x04\x01" },
950 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
952 "\x8d\x9a\x9a\xea\xc0\xf6\x59\x6f\x55\x9c\x6d\x4d\xaf\x59\xa5\xf2" },
953 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
955 "\x6d\x9f\x20\x08\x57\xca\x6c\x3e\x9c\xac\x52\x4b\xd9\xac\xc9\x2a" },
958 { GCRY_CIPHER_AES256,
959 "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
960 "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
961 "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
962 { { "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a",
964 "\xdc\x7e\x84\xbf\xda\x79\x16\x4b\x7e\xcd\x84\x86\x98\x5d\x38\x60" },
965 { "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51",
967 "\x4f\xeb\xdc\x67\x40\xd2\x0b\x3a\xc8\x8f\x6a\xd8\x2a\x4f\xb0\x8d" },
968 { "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef",
970 "\x71\xab\x47\xa0\x86\xe8\x6e\xed\xf3\x9d\x1c\x5b\xba\x97\xc4\x08" },
971 { "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
973 "\x01\x26\x14\x1d\x67\xf3\x7b\xe8\x53\x8f\x5a\x8b\xe7\x40\xe4\x84" }
977 gcry_cipher_hd_t hde, hdd;
978 unsigned char out[MAX_DATA_LEN];
979 int i, j, keylen, blklen;
980 gcry_error_t err = 0;
983 fprintf (stderr, " Starting OFB checks.\n");
985 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
988 fprintf (stderr, " checking OFB mode for %s [%i]\n",
989 gcry_cipher_algo_name (tv[i].algo),
991 err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_OFB, 0);
993 err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_OFB, 0);
996 fail ("aes-ofb, gcry_cipher_open failed: %s\n", gpg_strerror (err));
1000 keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
1003 fail ("aes-ofb, gcry_cipher_get_algo_keylen failed\n");
1007 err = gcry_cipher_setkey (hde, tv[i].key, keylen);
1009 err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
1012 fail ("aes-ofb, gcry_cipher_setkey failed: %s\n",
1013 gpg_strerror (err));
1014 gcry_cipher_close (hde);
1015 gcry_cipher_close (hdd);
1019 blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
1022 fail ("aes-ofb, gcry_cipher_get_algo_blklen failed\n");
1026 err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
1028 err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
1031 fail ("aes-ofb, gcry_cipher_setiv failed: %s\n",
1032 gpg_strerror (err));
1033 gcry_cipher_close (hde);
1034 gcry_cipher_close (hdd);
1038 for (j = 0; tv[i].data[j].inlen; j++)
1040 err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
1041 tv[i].data[j].plaintext,
1042 tv[i].data[j].inlen);
1045 fail ("aes-ofb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
1046 i, j, gpg_strerror (err));
1047 gcry_cipher_close (hde);
1048 gcry_cipher_close (hdd);
1052 if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
1053 fail ("aes-ofb, encrypt mismatch entry %d:%d\n", i, j);
1055 err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
1058 fail ("aes-ofb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
1059 i, j, gpg_strerror (err));
1060 gcry_cipher_close (hde);
1061 gcry_cipher_close (hdd);
1065 if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
1066 fail ("aes-ofb, decrypt mismatch entry %d:%d\n", i, j);
1069 err = gcry_cipher_reset(hde);
1071 err = gcry_cipher_reset(hdd);
1074 fail ("aes-ofb, gcry_cipher_reset (%d, %d) failed: %s\n",
1075 i, j, gpg_strerror (err));
1076 gcry_cipher_close (hde);
1077 gcry_cipher_close (hdd);
1081 /* gcry_cipher_reset clears the IV */
1082 err = gcry_cipher_setiv (hde, tv[i].iv, blklen);
1084 err = gcry_cipher_setiv (hdd, tv[i].iv, blklen);
1087 fail ("aes-ofb, gcry_cipher_setiv failed: %s\n",
1088 gpg_strerror (err));
1089 gcry_cipher_close (hde);
1090 gcry_cipher_close (hdd);
1094 /* this time we encrypt and decrypt one byte at a time */
1095 for (j = 0; tv[i].data[j].inlen; j++)
1098 for (byteNum = 0; byteNum < tv[i].data[j].inlen; ++byteNum)
1100 err = gcry_cipher_encrypt (hde, out+byteNum, 1,
1101 (tv[i].data[j].plaintext) + byteNum,
1105 fail ("aes-ofb, gcry_cipher_encrypt (%d, %d) failed: %s\n",
1106 i, j, gpg_strerror (err));
1107 gcry_cipher_close (hde);
1108 gcry_cipher_close (hdd);
1113 if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
1114 fail ("aes-ofb, encrypt mismatch entry %d:%d\n", i, j);
1116 for (byteNum = 0; byteNum < tv[i].data[j].inlen; ++byteNum)
1118 err = gcry_cipher_decrypt (hdd, out+byteNum, 1, NULL, 0);
1121 fail ("aes-ofb, gcry_cipher_decrypt (%d, %d) failed: %s\n",
1122 i, j, gpg_strerror (err));
1123 gcry_cipher_close (hde);
1124 gcry_cipher_close (hdd);
1129 if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
1130 fail ("aes-ofb, decrypt mismatch entry %d:%d\n", i, j);
1133 gcry_cipher_close (hde);
1134 gcry_cipher_close (hdd);
1137 fprintf (stderr, " Completed OFB checks.\n");
1141 _check_gcm_cipher (unsigned int step)
1146 char key[MAX_DATA_LEN];
1147 char iv[MAX_DATA_LEN];
1149 unsigned char aad[MAX_DATA_LEN];
1151 unsigned char plaintext[MAX_DATA_LEN];
1153 char out[MAX_DATA_LEN];
1154 char tag[MAX_DATA_LEN];
1157 /* http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf */
1159 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
1160 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 12,
1165 "\x58\xe2\xfc\xce\xfa\x7e\x30\x61\x36\x7f\x1d\x57\xa4\xe7\x45\x5a" },
1167 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
1168 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 12,
1170 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
1172 "\x03\x88\xda\xce\x60\xb6\xa3\x92\xf3\x28\xc2\xb9\x71\xb2\xfe\x78",
1173 "\xab\x6e\x47\xd4\x2c\xec\x13\xbd\xf5\x3a\x67\xb2\x12\x57\xbd\xdf" },
1175 "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08",
1176 "\xca\xfe\xba\xbe\xfa\xce\xdb\xad\xde\xca\xf8\x88", 12,
1178 "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a"
1179 "\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72"
1180 "\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25"
1181 "\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39\x1a\xaf\xd2\x55",
1183 "\x42\x83\x1e\xc2\x21\x77\x74\x24\x4b\x72\x21\xb7\x84\xd0\xd4\x9c"
1184 "\xe3\xaa\x21\x2f\x2c\x02\xa4\xe0\x35\xc1\x7e\x23\x29\xac\xa1\x2e"
1185 "\x21\xd5\x14\xb2\x54\x66\x93\x1c\x7d\x8f\x6a\x5a\xac\x84\xaa\x05"
1186 "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x47\x3f\x59\x85",
1187 "\x4d\x5c\x2a\xf3\x27\xcd\x64\xa6\x2c\xf3\x5a\xbd\x2b\xa6\xfa\xb4" },
1189 "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08",
1190 "\xca\xfe\xba\xbe\xfa\xce\xdb\xad\xde\xca\xf8\x88", 12,
1191 "\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef"
1192 "\xab\xad\xda\xd2", 20,
1193 "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a"
1194 "\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72"
1195 "\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25"
1196 "\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39",
1198 "\x42\x83\x1e\xc2\x21\x77\x74\x24\x4b\x72\x21\xb7\x84\xd0\xd4\x9c"
1199 "\xe3\xaa\x21\x2f\x2c\x02\xa4\xe0\x35\xc1\x7e\x23\x29\xac\xa1\x2e"
1200 "\x21\xd5\x14\xb2\x54\x66\x93\x1c\x7d\x8f\x6a\x5a\xac\x84\xaa\x05"
1201 "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x47\x3f\x59\x85",
1202 "\x5b\xc9\x4f\xbc\x32\x21\xa5\xdb\x94\xfa\xe9\x5a\xe7\x12\x1a\x47" },
1204 "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08",
1205 "\xca\xfe\xba\xbe\xfa\xce\xdb\xad", 8,
1206 "\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef"
1207 "\xab\xad\xda\xd2", 20,
1208 "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a"
1209 "\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72"
1210 "\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25"
1211 "\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39",
1213 "\x61\x35\x3b\x4c\x28\x06\x93\x4a\x77\x7f\xf5\x1f\xa2\x2a\x47\x55"
1214 "\x69\x9b\x2a\x71\x4f\xcd\xc6\xf8\x37\x66\xe5\xf9\x7b\x6c\x74\x23"
1215 "\x73\x80\x69\x00\xe4\x9f\x24\xb2\x2b\x09\x75\x44\xd4\x89\x6b\x42"
1216 "\x49\x89\xb5\xe1\xeb\xac\x0f\x07\xc2\x3f\x45\x98",
1217 "\x36\x12\xd2\xe7\x9e\x3b\x07\x85\x56\x1b\xe1\x4a\xac\xa2\xfc\xcb" },
1219 "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08",
1220 "\x93\x13\x22\x5d\xf8\x84\x06\xe5\x55\x90\x9c\x5a\xff\x52\x69\xaa"
1221 "\x6a\x7a\x95\x38\x53\x4f\x7d\xa1\xe4\xc3\x03\xd2\xa3\x18\xa7\x28"
1222 "\xc3\xc0\xc9\x51\x56\x80\x95\x39\xfc\xf0\xe2\x42\x9a\x6b\x52\x54"
1223 "\x16\xae\xdb\xf5\xa0\xde\x6a\x57\xa6\x37\xb3\x9b", 60,
1224 "\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef"
1225 "\xab\xad\xda\xd2", 20,
1226 "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a"
1227 "\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72"
1228 "\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25"
1229 "\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39",
1231 "\x8c\xe2\x49\x98\x62\x56\x15\xb6\x03\xa0\x33\xac\xa1\x3f\xb8\x94"
1232 "\xbe\x91\x12\xa5\xc3\xa2\x11\xa8\xba\x26\x2a\x3c\xca\x7e\x2c\xa7"
1233 "\x01\xe4\xa9\xa4\xfb\xa4\x3c\x90\xcc\xdc\xb2\x81\xd4\x8c\x7c\x6f"
1234 "\xd6\x28\x75\xd2\xac\xa4\x17\x03\x4c\x34\xae\xe5",
1235 "\x61\x9c\xc5\xae\xff\xfe\x0b\xfa\x46\x2a\xf4\x3c\x16\x99\xd0\x50" },
1236 { GCRY_CIPHER_AES192,
1237 "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
1238 "\xfe\xff\xe9\x92\x86\x65\x73\x1c",
1239 "\x93\x13\x22\x5d\xf8\x84\x06\xe5\x55\x90\x9c\x5a\xff\x52\x69\xaa"
1240 "\x6a\x7a\x95\x38\x53\x4f\x7d\xa1\xe4\xc3\x03\xd2\xa3\x18\xa7\x28"
1241 "\xc3\xc0\xc9\x51\x56\x80\x95\x39\xfc\xf0\xe2\x42\x9a\x6b\x52\x54"
1242 "\x16\xae\xdb\xf5\xa0\xde\x6a\x57\xa6\x37\xb3\x9b", 60,
1243 "\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef"
1244 "\xab\xad\xda\xd2", 20,
1245 "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a"
1246 "\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72"
1247 "\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25"
1248 "\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39",
1250 "\xd2\x7e\x88\x68\x1c\xe3\x24\x3c\x48\x30\x16\x5a\x8f\xdc\xf9\xff"
1251 "\x1d\xe9\xa1\xd8\xe6\xb4\x47\xef\x6e\xf7\xb7\x98\x28\x66\x6e\x45"
1252 "\x81\xe7\x90\x12\xaf\x34\xdd\xd9\xe2\xf0\x37\x58\x9b\x29\x2d\xb3"
1253 "\xe6\x7c\x03\x67\x45\xfa\x22\xe7\xe9\xb7\x37\x3b",
1254 "\xdc\xf5\x66\xff\x29\x1c\x25\xbb\xb8\x56\x8f\xc3\xd3\x76\xa6\xd9" },
1255 { GCRY_CIPHER_AES256,
1256 "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
1257 "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08",
1258 "\x93\x13\x22\x5d\xf8\x84\x06\xe5\x55\x90\x9c\x5a\xff\x52\x69\xaa"
1259 "\x6a\x7a\x95\x38\x53\x4f\x7d\xa1\xe4\xc3\x03\xd2\xa3\x18\xa7\x28"
1260 "\xc3\xc0\xc9\x51\x56\x80\x95\x39\xfc\xf0\xe2\x42\x9a\x6b\x52\x54"
1261 "\x16\xae\xdb\xf5\xa0\xde\x6a\x57\xa6\x37\xb3\x9b", 60,
1262 "\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef"
1263 "\xab\xad\xda\xd2", 20,
1264 "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a"
1265 "\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72"
1266 "\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25"
1267 "\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39",
1269 "\x5a\x8d\xef\x2f\x0c\x9e\x53\xf1\xf7\x5d\x78\x53\x65\x9e\x2a\x20"
1270 "\xee\xb2\xb2\x2a\xaf\xde\x64\x19\xa0\x58\xab\x4f\x6f\x74\x6b\xf4"
1271 "\x0f\xc0\xc3\xb7\x80\xf2\x44\x45\x2d\xa3\xeb\xf1\xc5\xd8\x2c\xde"
1272 "\xa2\x41\x89\x97\x20\x0e\xf8\x2e\x44\xae\x7e\x3f",
1273 "\xa4\x4a\x82\x66\xee\x1c\x8e\xb0\xc8\xb5\xd4\xcf\x5a\xe9\xf1\x9a" }
1276 gcry_cipher_hd_t hde, hdd;
1277 unsigned char out[MAX_DATA_LEN];
1278 unsigned char tag[GCRY_GCM_BLOCK_LEN];
1280 gcry_error_t err = 0;
1285 fprintf (stderr, " Starting GCM checks.\n");
1287 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
1290 fprintf (stderr, " checking GCM mode for %s [%i]\n",
1291 gcry_cipher_algo_name (tv[i].algo),
1293 err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_GCM, 0);
1295 err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_GCM, 0);
1298 fail ("aes-gcm, gcry_cipher_open failed: %s\n", gpg_strerror (err));
1302 keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
1305 fail ("aes-gcm, gcry_cipher_get_algo_keylen failed\n");
1309 err = gcry_cipher_setkey (hde, tv[i].key, keylen);
1311 err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
1314 fail ("aes-gcm, gcry_cipher_setkey failed: %s\n",
1315 gpg_strerror (err));
1316 gcry_cipher_close (hde);
1317 gcry_cipher_close (hdd);
1321 err = gcry_cipher_setiv (hde, tv[i].iv, tv[i].ivlen);
1323 err = gcry_cipher_setiv (hdd, tv[i].iv, tv[i].ivlen);
1326 fail ("aes-gcm, gcry_cipher_setiv failed: %s\n",
1327 gpg_strerror (err));
1328 gcry_cipher_close (hde);
1329 gcry_cipher_close (hdd);
1333 for (pos = 0; pos < tv[i].aadlen; pos += step)
1335 poslen = (pos + step < tv[i].aadlen) ? step : tv[i].aadlen - pos;
1337 err = gcry_cipher_authenticate(hde, tv[i].aad + pos, poslen);
1340 fail ("aes-gcm, gcry_cipher_authenticate (%d) (%d:%d) failed: "
1341 "%s\n", i, pos, step, gpg_strerror (err));
1342 gcry_cipher_close (hde);
1343 gcry_cipher_close (hdd);
1346 err = gcry_cipher_authenticate(hdd, tv[i].aad + pos, poslen);
1349 fail ("aes-gcm, de gcry_cipher_authenticate (%d) (%d:%d) failed: "
1350 "%s\n", i, pos, step, gpg_strerror (err));
1351 gcry_cipher_close (hde);
1352 gcry_cipher_close (hdd);
1357 for (pos = 0; pos < tv[i].inlen; pos += step)
1359 poslen = (pos + step < tv[i].inlen) ? step : tv[i].inlen - pos;
1361 err = gcry_cipher_encrypt (hde, out + pos, poslen,
1362 tv[i].plaintext + pos, poslen);
1365 fail ("aes-gcm, gcry_cipher_encrypt (%d) (%d:%d) failed: %s\n",
1366 i, pos, step, gpg_strerror (err));
1367 gcry_cipher_close (hde);
1368 gcry_cipher_close (hdd);
1373 if (memcmp (tv[i].out, out, tv[i].inlen))
1374 fail ("aes-gcm, encrypt mismatch entry %d (step %d)\n", i, step);
1376 for (pos = 0; pos < tv[i].inlen; pos += step)
1378 poslen = (pos + step < tv[i].inlen) ? step : tv[i].inlen - pos;
1380 err = gcry_cipher_decrypt (hdd, out + pos, poslen, NULL, 0);
1383 fail ("aes-gcm, gcry_cipher_decrypt (%d) (%d:%d) failed: %s\n",
1384 i, pos, step, gpg_strerror (err));
1385 gcry_cipher_close (hde);
1386 gcry_cipher_close (hdd);
1391 if (memcmp (tv[i].plaintext, out, tv[i].inlen))
1392 fail ("aes-gcm, decrypt mismatch entry %d (step %d)\n", i, step);
1394 err = gcry_cipher_gettag (hde, out, GCRY_GCM_BLOCK_LEN);
1397 fail ("aes-gcm, gcry_cipher_gettag(%d) failed: %s\n",
1398 i, gpg_strerror (err));
1399 gcry_cipher_close (hde);
1400 gcry_cipher_close (hdd);
1404 if (memcmp (tv[i].tag, out, GCRY_GCM_BLOCK_LEN))
1405 fail ("aes-gcm, encrypt tag mismatch entry %d\n", i);
1408 err = gcry_cipher_checktag (hdd, out, GCRY_GCM_BLOCK_LEN);
1411 fail ("aes-gcm, gcry_cipher_checktag(%d) failed: %s\n",
1412 i, gpg_strerror (err));
1413 gcry_cipher_close (hde);
1414 gcry_cipher_close (hdd);
1418 err = gcry_cipher_reset(hde);
1420 err = gcry_cipher_reset(hdd);
1423 fail ("aes-gcm, gcry_cipher_reset (%d) failed: %s\n",
1424 i, gpg_strerror (err));
1425 gcry_cipher_close (hde);
1426 gcry_cipher_close (hdd);
1430 /* gcry_cipher_reset clears the IV */
1431 err = gcry_cipher_setiv (hde, tv[i].iv, tv[i].ivlen);
1433 err = gcry_cipher_setiv (hdd, tv[i].iv, tv[i].ivlen);
1436 fail ("aes-gcm, gcry_cipher_setiv failed: %s\n",
1437 gpg_strerror (err));
1438 gcry_cipher_close (hde);
1439 gcry_cipher_close (hdd);
1443 /* this time we authenticate, encrypt and decrypt one byte at a time */
1444 for (byteNum = 0; byteNum < tv[i].aadlen; ++byteNum)
1446 err = gcry_cipher_authenticate(hde, tv[i].aad + byteNum, 1);
1449 fail ("aes-gcm, gcry_cipher_authenticate (%d) (byte-buf) failed: "
1450 "%s\n", i, gpg_strerror (err));
1451 gcry_cipher_close (hde);
1452 gcry_cipher_close (hdd);
1455 err = gcry_cipher_authenticate(hdd, tv[i].aad + byteNum, 1);
1458 fail ("aes-gcm, de gcry_cipher_authenticate (%d) (byte-buf) "
1459 "failed: %s\n", i, gpg_strerror (err));
1460 gcry_cipher_close (hde);
1461 gcry_cipher_close (hdd);
1466 for (byteNum = 0; byteNum < tv[i].inlen; ++byteNum)
1468 err = gcry_cipher_encrypt (hde, out+byteNum, 1,
1469 (tv[i].plaintext) + byteNum,
1473 fail ("aes-gcm, gcry_cipher_encrypt (%d) (byte-buf) failed: %s\n",
1474 i, gpg_strerror (err));
1475 gcry_cipher_close (hde);
1476 gcry_cipher_close (hdd);
1481 if (memcmp (tv[i].out, out, tv[i].inlen))
1482 fail ("aes-gcm, encrypt mismatch entry %d, (byte-buf)\n", i);
1484 err = gcry_cipher_gettag (hde, tag, GCRY_GCM_BLOCK_LEN);
1487 fail ("aes-gcm, gcry_cipher_gettag(%d) (byte-buf) failed: %s\n",
1488 i, gpg_strerror (err));
1489 gcry_cipher_close (hde);
1490 gcry_cipher_close (hdd);
1494 if (memcmp (tv[i].tag, tag, GCRY_GCM_BLOCK_LEN))
1495 fail ("aes-gcm, encrypt tag mismatch entry %d, (byte-buf)\n", i);
1497 for (byteNum = 0; byteNum < tv[i].inlen; ++byteNum)
1499 err = gcry_cipher_decrypt (hdd, out+byteNum, 1, NULL, 0);
1502 fail ("aes-gcm, gcry_cipher_decrypt (%d) (byte-buf) failed: %s\n",
1503 i, gpg_strerror (err));
1504 gcry_cipher_close (hde);
1505 gcry_cipher_close (hdd);
1510 if (memcmp (tv[i].plaintext, out, tv[i].inlen))
1511 fail ("aes-gcm, decrypt mismatch entry %d\n", i);
1513 err = gcry_cipher_checktag (hdd, tag, GCRY_GCM_BLOCK_LEN);
1516 fail ("aes-gcm, gcry_cipher_checktag(%d) (byte-buf) failed: %s\n",
1517 i, gpg_strerror (err));
1518 gcry_cipher_close (hde);
1519 gcry_cipher_close (hdd);
1523 gcry_cipher_close (hde);
1524 gcry_cipher_close (hdd);
1527 fprintf (stderr, " Completed GCM checks.\n");
1532 check_gcm_cipher (void)
1534 /* Large buffers, no splitting. */
1535 _check_gcm_cipher(0xffffffff);
1536 /* Split input to one byte buffers. */
1537 _check_gcm_cipher(1);
1538 /* Split input to 7 byte buffers. */
1539 _check_gcm_cipher(7);
1540 /* Split input to 16 byte buffers. */
1541 _check_gcm_cipher(16);
1546 check_ccm_cipher (void)
1548 #ifdef HAVE_U64_TYPEDEF
1549 static const struct tv
1559 const char *plaintext;
1561 const char *ciphertext;
1565 { GCRY_CIPHER_AES, /* Packet Vector #1 */
1566 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1567 13, "\x00\x00\x00\x03\x02\x01\x00\xA0\xA1\xA2\xA3\xA4\xA5",
1568 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1570 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
1572 "\x58\x8C\x97\x9A\x61\xC6\x63\xD2\xF0\x66\xD0\xC2\xC0\xF9\x89\x80\x6D\x5F\x6B\x61\xDA\xC3\x84\x17\xE8\xD1\x2C\xFD\xF9\x26\xE0"},
1573 { GCRY_CIPHER_AES, /* Packet Vector #2 */
1574 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1575 13, "\x00\x00\x00\x04\x03\x02\x01\xA0\xA1\xA2\xA3\xA4\xA5",
1576 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1578 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
1580 "\x72\xC9\x1A\x36\xE1\x35\xF8\xCF\x29\x1C\xA8\x94\x08\x5C\x87\xE3\xCC\x15\xC4\x39\xC9\xE4\x3A\x3B\xA0\x91\xD5\x6E\x10\x40\x09\x16"},
1581 { GCRY_CIPHER_AES, /* Packet Vector #3 */
1582 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1583 13, "\x00\x00\x00\x05\x04\x03\x02\xA0\xA1\xA2\xA3\xA4\xA5",
1584 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1586 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
1588 "\x51\xB1\xE5\xF4\x4A\x19\x7D\x1D\xA4\x6B\x0F\x8E\x2D\x28\x2A\xE8\x71\xE8\x38\xBB\x64\xDA\x85\x96\x57\x4A\xDA\xA7\x6F\xBD\x9F\xB0\xC5"},
1589 { GCRY_CIPHER_AES, /* Packet Vector #4 */
1590 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1591 13, "\x00\x00\x00\x06\x05\x04\x03\xA0\xA1\xA2\xA3\xA4\xA5",
1592 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1594 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
1596 "\xA2\x8C\x68\x65\x93\x9A\x9A\x79\xFA\xAA\x5C\x4C\x2A\x9D\x4A\x91\xCD\xAC\x8C\x96\xC8\x61\xB9\xC9\xE6\x1E\xF1"},
1597 { GCRY_CIPHER_AES, /* Packet Vector #5 */
1598 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1599 13, "\x00\x00\x00\x07\x06\x05\x04\xA0\xA1\xA2\xA3\xA4\xA5",
1600 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1602 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
1604 "\xDC\xF1\xFB\x7B\x5D\x9E\x23\xFB\x9D\x4E\x13\x12\x53\x65\x8A\xD8\x6E\xBD\xCA\x3E\x51\xE8\x3F\x07\x7D\x9C\x2D\x93"},
1605 { GCRY_CIPHER_AES, /* Packet Vector #6 */
1606 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1607 13, "\x00\x00\x00\x08\x07\x06\x05\xA0\xA1\xA2\xA3\xA4\xA5",
1608 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1610 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
1612 "\x6F\xC1\xB0\x11\xF0\x06\x56\x8B\x51\x71\xA4\x2D\x95\x3D\x46\x9B\x25\x70\xA4\xBD\x87\x40\x5A\x04\x43\xAC\x91\xCB\x94"},
1613 { GCRY_CIPHER_AES, /* Packet Vector #7 */
1614 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1615 13, "\x00\x00\x00\x09\x08\x07\x06\xA0\xA1\xA2\xA3\xA4\xA5",
1616 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1618 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
1620 "\x01\x35\xD1\xB2\xC9\x5F\x41\xD5\xD1\xD4\xFE\xC1\x85\xD1\x66\xB8\x09\x4E\x99\x9D\xFE\xD9\x6C\x04\x8C\x56\x60\x2C\x97\xAC\xBB\x74\x90"},
1621 { GCRY_CIPHER_AES, /* Packet Vector #8 */
1622 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1623 13, "\x00\x00\x00\x0A\x09\x08\x07\xA0\xA1\xA2\xA3\xA4\xA5",
1624 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1626 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
1628 "\x7B\x75\x39\x9A\xC0\x83\x1D\xD2\xF0\xBB\xD7\x58\x79\xA2\xFD\x8F\x6C\xAE\x6B\x6C\xD9\xB7\xDB\x24\xC1\x7B\x44\x33\xF4\x34\x96\x3F\x34\xB4"},
1629 { GCRY_CIPHER_AES, /* Packet Vector #9 */
1630 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1631 13, "\x00\x00\x00\x0B\x0A\x09\x08\xA0\xA1\xA2\xA3\xA4\xA5",
1632 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1634 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
1636 "\x82\x53\x1A\x60\xCC\x24\x94\x5A\x4B\x82\x79\x18\x1A\xB5\xC8\x4D\xF2\x1C\xE7\xF9\xB7\x3F\x42\xE1\x97\xEA\x9C\x07\xE5\x6B\x5E\xB1\x7E\x5F\x4E"},
1637 { GCRY_CIPHER_AES, /* Packet Vector #10 */
1638 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1639 13, "\x00\x00\x00\x0C\x0B\x0A\x09\xA0\xA1\xA2\xA3\xA4\xA5",
1640 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1642 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
1644 "\x07\x34\x25\x94\x15\x77\x85\x15\x2B\x07\x40\x98\x33\x0A\xBB\x14\x1B\x94\x7B\x56\x6A\xA9\x40\x6B\x4D\x99\x99\x88\xDD"},
1645 { GCRY_CIPHER_AES, /* Packet Vector #11 */
1646 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1647 13, "\x00\x00\x00\x0D\x0C\x0B\x0A\xA0\xA1\xA2\xA3\xA4\xA5",
1648 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1650 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
1652 "\x67\x6B\xB2\x03\x80\xB0\xE3\x01\xE8\xAB\x79\x59\x0A\x39\x6D\xA7\x8B\x83\x49\x34\xF5\x3A\xA2\xE9\x10\x7A\x8B\x6C\x02\x2C"},
1653 { GCRY_CIPHER_AES, /* Packet Vector #12 */
1654 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1655 13, "\x00\x00\x00\x0E\x0D\x0C\x0B\xA0\xA1\xA2\xA3\xA4\xA5",
1656 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1658 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
1660 "\xC0\xFF\xA0\xD6\xF0\x5B\xDB\x67\xF2\x4D\x43\xA4\x33\x8D\x2A\xA4\xBE\xD7\xB2\x0E\x43\xCD\x1A\xA3\x16\x62\xE7\xAD\x65\xD6\xDB"},
1661 { GCRY_CIPHER_AES, /* Packet Vector #13 */
1662 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1663 13, "\x00\x41\x2B\x4E\xA9\xCD\xBE\x3C\x96\x96\x76\x6C\xFA",
1664 8, "\x0B\xE1\xA8\x8B\xAC\xE0\x18\xB1",
1666 "\x08\xE8\xCF\x97\xD8\x20\xEA\x25\x84\x60\xE9\x6A\xD9\xCF\x52\x89\x05\x4D\x89\x5C\xEA\xC4\x7C",
1668 "\x4C\xB9\x7F\x86\xA2\xA4\x68\x9A\x87\x79\x47\xAB\x80\x91\xEF\x53\x86\xA6\xFF\xBD\xD0\x80\xF8\xE7\x8C\xF7\xCB\x0C\xDD\xD7\xB3"},
1669 { GCRY_CIPHER_AES, /* Packet Vector #14 */
1670 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1671 13, "\x00\x33\x56\x8E\xF7\xB2\x63\x3C\x96\x96\x76\x6C\xFA",
1672 8, "\x63\x01\x8F\x76\xDC\x8A\x1B\xCB",
1674 "\x90\x20\xEA\x6F\x91\xBD\xD8\x5A\xFA\x00\x39\xBA\x4B\xAF\xF9\xBF\xB7\x9C\x70\x28\x94\x9C\xD0\xEC",
1676 "\x4C\xCB\x1E\x7C\xA9\x81\xBE\xFA\xA0\x72\x6C\x55\xD3\x78\x06\x12\x98\xC8\x5C\x92\x81\x4A\xBC\x33\xC5\x2E\xE8\x1D\x7D\x77\xC0\x8A"},
1677 { GCRY_CIPHER_AES, /* Packet Vector #15 */
1678 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1679 13, "\x00\x10\x3F\xE4\x13\x36\x71\x3C\x96\x96\x76\x6C\xFA",
1680 8, "\xAA\x6C\xFA\x36\xCA\xE8\x6B\x40",
1682 "\xB9\x16\xE0\xEA\xCC\x1C\x00\xD7\xDC\xEC\x68\xEC\x0B\x3B\xBB\x1A\x02\xDE\x8A\x2D\x1A\xA3\x46\x13\x2E",
1684 "\xB1\xD2\x3A\x22\x20\xDD\xC0\xAC\x90\x0D\x9A\xA0\x3C\x61\xFC\xF4\xA5\x59\xA4\x41\x77\x67\x08\x97\x08\xA7\x76\x79\x6E\xDB\x72\x35\x06"},
1685 { GCRY_CIPHER_AES, /* Packet Vector #16 */
1686 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1687 13, "\x00\x76\x4C\x63\xB8\x05\x8E\x3C\x96\x96\x76\x6C\xFA",
1688 12, "\xD0\xD0\x73\x5C\x53\x1E\x1B\xEC\xF0\x49\xC2\x44",
1690 "\x12\xDA\xAC\x56\x30\xEF\xA5\x39\x6F\x77\x0C\xE1\xA6\x6B\x21\xF7\xB2\x10\x1C",
1692 "\x14\xD2\x53\xC3\x96\x7B\x70\x60\x9B\x7C\xBB\x7C\x49\x91\x60\x28\x32\x45\x26\x9A\x6F\x49\x97\x5B\xCA\xDE\xAF"},
1693 { GCRY_CIPHER_AES, /* Packet Vector #17 */
1694 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1695 13, "\x00\xF8\xB6\x78\x09\x4E\x3B\x3C\x96\x96\x76\x6C\xFA",
1696 12, "\x77\xB6\x0F\x01\x1C\x03\xE1\x52\x58\x99\xBC\xAE",
1698 "\xE8\x8B\x6A\x46\xC7\x8D\x63\xE5\x2E\xB8\xC5\x46\xEF\xB5\xDE\x6F\x75\xE9\xCC\x0D",
1700 "\x55\x45\xFF\x1A\x08\x5E\xE2\xEF\xBF\x52\xB2\xE0\x4B\xEE\x1E\x23\x36\xC7\x3E\x3F\x76\x2C\x0C\x77\x44\xFE\x7E\x3C"},
1701 { GCRY_CIPHER_AES, /* Packet Vector #18 */
1702 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1703 13, "\x00\xD5\x60\x91\x2D\x3F\x70\x3C\x96\x96\x76\x6C\xFA",
1704 12, "\xCD\x90\x44\xD2\xB7\x1F\xDB\x81\x20\xEA\x60\xC0",
1706 "\x64\x35\xAC\xBA\xFB\x11\xA8\x2E\x2F\x07\x1D\x7C\xA4\xA5\xEB\xD9\x3A\x80\x3B\xA8\x7F",
1708 "\x00\x97\x69\xEC\xAB\xDF\x48\x62\x55\x94\xC5\x92\x51\xE6\x03\x57\x22\x67\x5E\x04\xC8\x47\x09\x9E\x5A\xE0\x70\x45\x51"},
1709 { GCRY_CIPHER_AES, /* Packet Vector #19 */
1710 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1711 13, "\x00\x42\xFF\xF8\xF1\x95\x1C\x3C\x96\x96\x76\x6C\xFA",
1712 8, "\xD8\x5B\xC7\xE6\x9F\x94\x4F\xB8",
1714 "\x8A\x19\xB9\x50\xBC\xF7\x1A\x01\x8E\x5E\x67\x01\xC9\x17\x87\x65\x98\x09\xD6\x7D\xBE\xDD\x18",
1716 "\xBC\x21\x8D\xAA\x94\x74\x27\xB6\xDB\x38\x6A\x99\xAC\x1A\xEF\x23\xAD\xE0\xB5\x29\x39\xCB\x6A\x63\x7C\xF9\xBE\xC2\x40\x88\x97\xC6\xBA"},
1717 { GCRY_CIPHER_AES, /* Packet Vector #20 */
1718 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1719 13, "\x00\x92\x0F\x40\xE5\x6C\xDC\x3C\x96\x96\x76\x6C\xFA",
1720 8, "\x74\xA0\xEB\xC9\x06\x9F\x5B\x37",
1722 "\x17\x61\x43\x3C\x37\xC5\xA3\x5F\xC1\xF3\x9F\x40\x63\x02\xEB\x90\x7C\x61\x63\xBE\x38\xC9\x84\x37",
1724 "\x58\x10\xE6\xFD\x25\x87\x40\x22\xE8\x03\x61\xA4\x78\xE3\xE9\xCF\x48\x4A\xB0\x4F\x44\x7E\xFF\xF6\xF0\xA4\x77\xCC\x2F\xC9\xBF\x54\x89\x44"},
1725 { GCRY_CIPHER_AES, /* Packet Vector #21 */
1726 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1727 13, "\x00\x27\xCA\x0C\x71\x20\xBC\x3C\x96\x96\x76\x6C\xFA",
1728 8, "\x44\xA3\xAA\x3A\xAE\x64\x75\xCA",
1730 "\xA4\x34\xA8\xE5\x85\x00\xC6\xE4\x15\x30\x53\x88\x62\xD6\x86\xEA\x9E\x81\x30\x1B\x5A\xE4\x22\x6B\xFA",
1732 "\xF2\xBE\xED\x7B\xC5\x09\x8E\x83\xFE\xB5\xB3\x16\x08\xF8\xE2\x9C\x38\x81\x9A\x89\xC8\xE7\x76\xF1\x54\x4D\x41\x51\xA4\xED\x3A\x8B\x87\xB9\xCE"},
1733 { GCRY_CIPHER_AES, /* Packet Vector #22 */
1734 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1735 13, "\x00\x5B\x8C\xCB\xCD\x9A\xF8\x3C\x96\x96\x76\x6C\xFA",
1736 12, "\xEC\x46\xBB\x63\xB0\x25\x20\xC3\x3C\x49\xFD\x70",
1738 "\xB9\x6B\x49\xE2\x1D\x62\x17\x41\x63\x28\x75\xDB\x7F\x6C\x92\x43\xD2\xD7\xC2",
1740 "\x31\xD7\x50\xA0\x9D\xA3\xED\x7F\xDD\xD4\x9A\x20\x32\xAA\xBF\x17\xEC\x8E\xBF\x7D\x22\xC8\x08\x8C\x66\x6B\xE5\xC1\x97"},
1741 { GCRY_CIPHER_AES, /* Packet Vector #23 */
1742 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1743 13, "\x00\x3E\xBE\x94\x04\x4B\x9A\x3C\x96\x96\x76\x6C\xFA",
1744 12, "\x47\xA6\x5A\xC7\x8B\x3D\x59\x42\x27\xE8\x5E\x71",
1746 "\xE2\xFC\xFB\xB8\x80\x44\x2C\x73\x1B\xF9\x51\x67\xC8\xFF\xD7\x89\x5E\x33\x70\x76",
1748 "\xE8\x82\xF1\xDB\xD3\x8C\xE3\xED\xA7\xC2\x3F\x04\xDD\x65\x07\x1E\xB4\x13\x42\xAC\xDF\x7E\x00\xDC\xCE\xC7\xAE\x52\x98\x7D"},
1749 { GCRY_CIPHER_AES, /* Packet Vector #24 */
1750 16, "\xD7\x82\x8D\x13\xB2\xB0\xBD\xC3\x25\xA7\x62\x36\xDF\x93\xCC\x6B",
1751 13, "\x00\x8D\x49\x3B\x30\xAE\x8B\x3C\x96\x96\x76\x6C\xFA",
1752 12, "\x6E\x37\xA6\xEF\x54\x6D\x95\x5D\x34\xAB\x60\x59",
1754 "\xAB\xF2\x1C\x0B\x02\xFE\xB8\x8F\x85\x6D\xF4\xA3\x73\x81\xBC\xE3\xCC\x12\x85\x17\xD4",
1756 "\xF3\x29\x05\xB8\x8A\x64\x1B\x04\xB9\xC9\xFF\xB5\x8C\xC3\x90\x90\x0F\x3D\xA1\x2A\xB1\x6D\xCE\x9E\x82\xEF\xA1\x6D\xA6\x20\x59"},
1758 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #1 */
1759 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1760 13, "\x00\x00\x00\x03\x02\x01\x00\xA0\xA1\xA2\xA3\xA4\xA5",
1761 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1763 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
1765 "\xBA\x73\x71\x85\xE7\x19\x31\x04\x92\xF3\x8A\x5F\x12\x51\xDA\x55\xFA\xFB\xC9\x49\x84\x8A\x0D\xFC\xAE\xCE\x74\x6B\x3D\xB9\xAD"},
1766 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #2 */
1767 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1768 13, "\x00\x00\x00\x04\x03\x02\x01\xA0\xA1\xA2\xA3\xA4\xA5",
1769 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1771 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
1773 "\x5D\x25\x64\xBF\x8E\xAF\xE1\xD9\x95\x26\xEC\x01\x6D\x1B\xF0\x42\x4C\xFB\xD2\xCD\x62\x84\x8F\x33\x60\xB2\x29\x5D\xF2\x42\x83\xE8"},
1774 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #3 */
1775 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1776 13, "\x00\x00\x00\x05\x04\x03\x02\xA0\xA1\xA2\xA3\xA4\xA5",
1777 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1779 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
1781 "\x81\xF6\x63\xD6\xC7\x78\x78\x17\xF9\x20\x36\x08\xB9\x82\xAD\x15\xDC\x2B\xBD\x87\xD7\x56\xF7\x92\x04\xF5\x51\xD6\x68\x2F\x23\xAA\x46"},
1782 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #4 */
1783 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1784 13, "\x00\x00\x00\x06\x05\x04\x03\xA0\xA1\xA2\xA3\xA4\xA5",
1785 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1787 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
1789 "\xCA\xEF\x1E\x82\x72\x11\xB0\x8F\x7B\xD9\x0F\x08\xC7\x72\x88\xC0\x70\xA4\xA0\x8B\x3A\x93\x3A\x63\xE4\x97\xA0"},
1790 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #5 */
1791 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1792 13, "\x00\x00\x00\x07\x06\x05\x04\xA0\xA1\xA2\xA3\xA4\xA5",
1793 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1795 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
1797 "\x2A\xD3\xBA\xD9\x4F\xC5\x2E\x92\xBE\x43\x8E\x82\x7C\x10\x23\xB9\x6A\x8A\x77\x25\x8F\xA1\x7B\xA7\xF3\x31\xDB\x09"},
1798 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #6 */
1799 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1800 13, "\x00\x00\x00\x08\x07\x06\x05\xA0\xA1\xA2\xA3\xA4\xA5",
1801 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1803 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
1805 "\xFE\xA5\x48\x0B\xA5\x3F\xA8\xD3\xC3\x44\x22\xAA\xCE\x4D\xE6\x7F\xFA\x3B\xB7\x3B\xAB\xAB\x36\xA1\xEE\x4F\xE0\xFE\x28"},
1806 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #7 */
1807 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1808 13, "\x00\x00\x00\x09\x08\x07\x06\xA0\xA1\xA2\xA3\xA4\xA5",
1809 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1811 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
1813 "\x54\x53\x20\x26\xE5\x4C\x11\x9A\x8D\x36\xD9\xEC\x6E\x1E\xD9\x74\x16\xC8\x70\x8C\x4B\x5C\x2C\xAC\xAF\xA3\xBC\xCF\x7A\x4E\xBF\x95\x73"},
1814 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #8 */
1815 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1816 13, "\x00\x00\x00\x0A\x09\x08\x07\xA0\xA1\xA2\xA3\xA4\xA5",
1817 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1819 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
1821 "\x8A\xD1\x9B\x00\x1A\x87\xD1\x48\xF4\xD9\x2B\xEF\x34\x52\x5C\xCC\xE3\xA6\x3C\x65\x12\xA6\xF5\x75\x73\x88\xE4\x91\x3E\xF1\x47\x01\xF4\x41"},
1822 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #9 */
1823 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1824 13, "\x00\x00\x00\x0B\x0A\x09\x08\xA0\xA1\xA2\xA3\xA4\xA5",
1825 8, "\x00\x01\x02\x03\x04\x05\x06\x07",
1827 "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
1829 "\x5D\xB0\x8D\x62\x40\x7E\x6E\x31\xD6\x0F\x9C\xA2\xC6\x04\x74\x21\x9A\xC0\xBE\x50\xC0\xD4\xA5\x77\x87\x94\xD6\xE2\x30\xCD\x25\xC9\xFE\xBF\x87"},
1830 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #10 */
1831 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1832 13, "\x00\x00\x00\x0C\x0B\x0A\x09\xA0\xA1\xA2\xA3\xA4\xA5",
1833 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1835 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E",
1837 "\xDB\x11\x8C\xCE\xC1\xB8\x76\x1C\x87\x7C\xD8\x96\x3A\x67\xD6\xF3\xBB\xBC\x5C\xD0\x92\x99\xEB\x11\xF3\x12\xF2\x32\x37"},
1838 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #11 */
1839 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1840 13, "\x00\x00\x00\x0D\x0C\x0B\x0A\xA0\xA1\xA2\xA3\xA4\xA5",
1841 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1843 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F",
1845 "\x7C\xC8\x3D\x8D\xC4\x91\x03\x52\x5B\x48\x3D\xC5\xCA\x7E\xA9\xAB\x81\x2B\x70\x56\x07\x9D\xAF\xFA\xDA\x16\xCC\xCF\x2C\x4E"},
1846 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #12 */
1847 16, "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF",
1848 13, "\x00\x00\x00\x0E\x0D\x0C\x0B\xA0\xA1\xA2\xA3\xA4\xA5",
1849 12, "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B",
1851 "\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F\x20",
1853 "\x2C\xD3\x5B\x88\x20\xD2\x3E\x7A\xA3\x51\xB0\xE9\x2F\xC7\x93\x67\x23\x8B\x2C\xC7\x48\xCB\xB9\x4C\x29\x47\x79\x3D\x64\xAF\x75"},
1854 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #13 */
1855 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1856 13, "\x00\xA9\x70\x11\x0E\x19\x27\xB1\x60\xB6\xA3\x1C\x1C",
1857 8, "\x6B\x7F\x46\x45\x07\xFA\xE4\x96",
1859 "\xC6\xB5\xF3\xE6\xCA\x23\x11\xAE\xF7\x47\x2B\x20\x3E\x73\x5E\xA5\x61\xAD\xB1\x7D\x56\xC5\xA3",
1861 "\xA4\x35\xD7\x27\x34\x8D\xDD\x22\x90\x7F\x7E\xB8\xF5\xFD\xBB\x4D\x93\x9D\xA6\x52\x4D\xB4\xF6\x45\x58\xC0\x2D\x25\xB1\x27\xEE"},
1862 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #14 */
1863 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1864 13, "\x00\x83\xCD\x8C\xE0\xCB\x42\xB1\x60\xB6\xA3\x1C\x1C",
1865 8, "\x98\x66\x05\xB4\x3D\xF1\x5D\xE7",
1867 "\x01\xF6\xCE\x67\x64\xC5\x74\x48\x3B\xB0\x2E\x6B\xBF\x1E\x0A\xBD\x26\xA2\x25\x72\xB4\xD8\x0E\xE7",
1869 "\x8A\xE0\x52\x50\x8F\xBE\xCA\x93\x2E\x34\x6F\x05\xE0\xDC\x0D\xFB\xCF\x93\x9E\xAF\xFA\x3E\x58\x7C\x86\x7D\x6E\x1C\x48\x70\x38\x06"},
1870 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #15 */
1871 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1872 13, "\x00\x5F\x54\x95\x0B\x18\xF2\xB1\x60\xB6\xA3\x1C\x1C",
1873 8, "\x48\xF2\xE7\xE1\xA7\x67\x1A\x51",
1875 "\xCD\xF1\xD8\x40\x6F\xC2\xE9\x01\x49\x53\x89\x70\x05\xFB\xFB\x8B\xA5\x72\x76\xF9\x24\x04\x60\x8E\x08",
1877 "\x08\xB6\x7E\xE2\x1C\x8B\xF2\x6E\x47\x3E\x40\x85\x99\xE9\xC0\x83\x6D\x6A\xF0\xBB\x18\xDF\x55\x46\x6C\xA8\x08\x78\xA7\x90\x47\x6D\xE5"},
1878 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #16 */
1879 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1880 13, "\x00\xEC\x60\x08\x63\x31\x9A\xB1\x60\xB6\xA3\x1C\x1C",
1881 12, "\xDE\x97\xDF\x3B\x8C\xBD\x6D\x8E\x50\x30\xDA\x4C",
1883 "\xB0\x05\xDC\xFA\x0B\x59\x18\x14\x26\xA9\x61\x68\x5A\x99\x3D\x8C\x43\x18\x5B",
1885 "\x63\xB7\x8B\x49\x67\xB1\x9E\xDB\xB7\x33\xCD\x11\x14\xF6\x4E\xB2\x26\x08\x93\x68\xC3\x54\x82\x8D\x95\x0C\xC5"},
1886 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #17 */
1887 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1888 13, "\x00\x60\xCF\xF1\xA3\x1E\xA1\xB1\x60\xB6\xA3\x1C\x1C",
1889 12, "\xA5\xEE\x93\xE4\x57\xDF\x05\x46\x6E\x78\x2D\xCF",
1891 "\x2E\x20\x21\x12\x98\x10\x5F\x12\x9D\x5E\xD9\x5B\x93\xF7\x2D\x30\xB2\xFA\xCC\xD7",
1893 "\x0B\xC6\xBB\xE2\xA8\xB9\x09\xF4\x62\x9E\xE6\xDC\x14\x8D\xA4\x44\x10\xE1\x8A\xF4\x31\x47\x38\x32\x76\xF6\x6A\x9F"},
1894 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #18 */
1895 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1896 13, "\x00\x0F\x85\xCD\x99\x5C\x97\xB1\x60\xB6\xA3\x1C\x1C",
1897 12, "\x24\xAA\x1B\xF9\xA5\xCD\x87\x61\x82\xA2\x50\x74",
1899 "\x26\x45\x94\x1E\x75\x63\x2D\x34\x91\xAF\x0F\xC0\xC9\x87\x6C\x3B\xE4\xAA\x74\x68\xC9",
1901 "\x22\x2A\xD6\x32\xFA\x31\xD6\xAF\x97\x0C\x34\x5F\x7E\x77\xCA\x3B\xD0\xDC\x25\xB3\x40\xA1\xA3\xD3\x1F\x8D\x4B\x44\xB7"},
1902 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #19 */
1903 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1904 13, "\x00\xC2\x9B\x2C\xAA\xC4\xCD\xB1\x60\xB6\xA3\x1C\x1C",
1905 8, "\x69\x19\x46\xB9\xCA\x07\xBE\x87",
1907 "\x07\x01\x35\xA6\x43\x7C\x9D\xB1\x20\xCD\x61\xD8\xF6\xC3\x9C\x3E\xA1\x25\xFD\x95\xA0\xD2\x3D",
1909 "\x05\xB8\xE1\xB9\xC4\x9C\xFD\x56\xCF\x13\x0A\xA6\x25\x1D\xC2\xEC\xC0\x6C\xCC\x50\x8F\xE6\x97\xA0\x06\x6D\x57\xC8\x4B\xEC\x18\x27\x68"},
1910 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #20 */
1911 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1912 13, "\x00\x2C\x6B\x75\x95\xEE\x62\xB1\x60\xB6\xA3\x1C\x1C",
1913 8, "\xD0\xC5\x4E\xCB\x84\x62\x7D\xC4",
1915 "\xC8\xC0\x88\x0E\x6C\x63\x6E\x20\x09\x3D\xD6\x59\x42\x17\xD2\xE1\x88\x77\xDB\x26\x4E\x71\xA5\xCC",
1917 "\x54\xCE\xB9\x68\xDE\xE2\x36\x11\x57\x5E\xC0\x03\xDF\xAA\x1C\xD4\x88\x49\xBD\xF5\xAE\x2E\xDB\x6B\x7F\xA7\x75\xB1\x50\xED\x43\x83\xC5\xA9"},
1918 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #21 */
1919 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1920 13, "\x00\xC5\x3C\xD4\xC2\xAA\x24\xB1\x60\xB6\xA3\x1C\x1C",
1921 8, "\xE2\x85\xE0\xE4\x80\x8C\xDA\x3D",
1923 "\xF7\x5D\xAA\x07\x10\xC4\xE6\x42\x97\x79\x4D\xC2\xB7\xD2\xA2\x07\x57\xB1\xAA\x4E\x44\x80\x02\xFF\xAB",
1925 "\xB1\x40\x45\x46\xBF\x66\x72\x10\xCA\x28\xE3\x09\xB3\x9B\xD6\xCA\x7E\x9F\xC8\x28\x5F\xE6\x98\xD4\x3C\xD2\x0A\x02\xE0\xBD\xCA\xED\x20\x10\xD3"},
1926 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #22 */
1927 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1928 13, "\x00\xBE\xE9\x26\x7F\xBA\xDC\xB1\x60\xB6\xA3\x1C\x1C",
1929 12, "\x6C\xAE\xF9\x94\x11\x41\x57\x0D\x7C\x81\x34\x05",
1931 "\xC2\x38\x82\x2F\xAC\x5F\x98\xFF\x92\x94\x05\xB0\xAD\x12\x7A\x4E\x41\x85\x4E",
1933 "\x94\xC8\x95\x9C\x11\x56\x9A\x29\x78\x31\xA7\x21\x00\x58\x57\xAB\x61\xB8\x7A\x2D\xEA\x09\x36\xB6\xEB\x5F\x62\x5F\x5D"},
1934 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #23 */
1935 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1936 13, "\x00\xDF\xA8\xB1\x24\x50\x07\xB1\x60\xB6\xA3\x1C\x1C",
1937 12, "\x36\xA5\x2C\xF1\x6B\x19\xA2\x03\x7A\xB7\x01\x1E",
1939 "\x4D\xBF\x3E\x77\x4A\xD2\x45\xE5\xD5\x89\x1F\x9D\x1C\x32\xA0\xAE\x02\x2C\x85\xD7",
1941 "\x58\x69\xE3\xAA\xD2\x44\x7C\x74\xE0\xFC\x05\xF9\xA4\xEA\x74\x57\x7F\x4D\xE8\xCA\x89\x24\x76\x42\x96\xAD\x04\x11\x9C\xE7"},
1942 { GCRY_CIPHER_CAMELLIA128, /* Packet Vector #24 */
1943 16, "\xD7\x5C\x27\x78\x07\x8C\xA9\x3D\x97\x1F\x96\xFD\xE7\x20\xF4\xCD",
1944 13, "\x00\x3B\x8F\xD8\xD3\xA9\x37\xB1\x60\xB6\xA3\x1C\x1C",
1945 12, "\xA4\xD4\x99\xF7\x84\x19\x72\x8C\x19\x17\x8B\x0C",
1947 "\x9D\xC9\xED\xAE\x2F\xF5\xDF\x86\x36\xE8\xC6\xDE\x0E\xED\x55\xF7\x86\x7E\x33\x33\x7D",
1949 "\x4B\x19\x81\x56\x39\x3B\x0F\x77\x96\x08\x6A\xAF\xB4\x54\xF8\xC3\xF0\x34\xCC\xA9\x66\x94\x5F\x1F\xCE\xA7\xE1\x1B\xEE\x6A\x2F"}
1951 static const int cut[] = { 0, 1, 8, 10, 16, 19, -1 };
1952 gcry_cipher_hd_t hde, hdd;
1953 unsigned char out[MAX_DATA_LEN];
1955 int split, aadsplit;
1956 size_t j, i, keylen, blklen, authlen;
1957 gcry_error_t err = 0;
1960 fprintf (stderr, " Starting CCM checks.\n");
1962 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
1965 fprintf (stderr, " checking CCM mode for %s [%i]\n",
1966 gcry_cipher_algo_name (tv[i].algo),
1969 for (j = 0; j < sizeof (cut) / sizeof (cut[0]); j++)
1971 split = cut[j] < 0 ? tv[i].plainlen : cut[j];
1972 if (tv[i].plainlen < split)
1975 err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_CCM, 0);
1977 err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_CCM, 0);
1980 fail ("cipher-ccm, gcry_cipher_open failed: %s\n",
1981 gpg_strerror (err));
1985 keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
1988 fail ("cipher-ccm, gcry_cipher_get_algo_keylen failed\n");
1992 err = gcry_cipher_setkey (hde, tv[i].key, keylen);
1994 err = gcry_cipher_setkey (hdd, tv[i].key, keylen);
1997 fail ("cipher-ccm, gcry_cipher_setkey failed: %s\n",
1998 gpg_strerror (err));
1999 gcry_cipher_close (hde);
2000 gcry_cipher_close (hdd);
2004 blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
2007 fail ("cipher-ccm, gcry_cipher_get_algo_blklen failed\n");
2011 err = gcry_cipher_setiv (hde, tv[i].nonce, tv[i].noncelen);
2013 err = gcry_cipher_setiv (hdd, tv[i].nonce, tv[i].noncelen);
2016 fail ("cipher-ccm, gcry_cipher_setiv failed: %s\n",
2017 gpg_strerror (err));
2018 gcry_cipher_close (hde);
2019 gcry_cipher_close (hdd);
2023 authlen = tv[i].cipherlen - tv[i].plainlen;
2024 ctl_params[0] = tv[i].plainlen; /* encryptedlen */
2025 ctl_params[1] = tv[i].aadlen; /* aadlen */
2026 ctl_params[2] = authlen; /* authtaglen */
2027 err = gcry_cipher_ctl (hde, GCRYCTL_SET_CCM_LENGTHS, ctl_params,
2028 sizeof(ctl_params));
2030 err = gcry_cipher_ctl (hdd, GCRYCTL_SET_CCM_LENGTHS, ctl_params,
2031 sizeof(ctl_params));
2034 fail ("cipher-ccm, gcry_cipher_ctl GCRYCTL_SET_CCM_LENGTHS "
2035 "failed: %s\n", gpg_strerror (err));
2036 gcry_cipher_close (hde);
2037 gcry_cipher_close (hdd);
2041 aadsplit = split > tv[i].aadlen ? 0 : split;
2043 err = gcry_cipher_authenticate (hde, tv[i].aad,
2044 tv[i].aadlen - aadsplit);
2046 err = gcry_cipher_authenticate (hde,
2047 &tv[i].aad[tv[i].aadlen - aadsplit],
2050 err = gcry_cipher_authenticate (hdd, tv[i].aad,
2051 tv[i].aadlen - aadsplit);
2053 err = gcry_cipher_authenticate (hdd,
2054 &tv[i].aad[tv[i].aadlen - aadsplit],
2058 fail ("cipher-ccm, gcry_cipher_authenticate failed: %s\n",
2059 gpg_strerror (err));
2060 gcry_cipher_close (hde);
2061 gcry_cipher_close (hdd);
2065 err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN, tv[i].plaintext,
2066 tv[i].plainlen - split);
2068 err = gcry_cipher_encrypt (hde, &out[tv[i].plainlen - split],
2069 MAX_DATA_LEN - (tv[i].plainlen - split),
2070 &tv[i].plaintext[tv[i].plainlen - split],
2074 fail ("cipher-ccm, gcry_cipher_encrypt (%d:%d) failed: %s\n",
2075 i, j, gpg_strerror (err));
2076 gcry_cipher_close (hde);
2077 gcry_cipher_close (hdd);
2081 err = gcry_cipher_gettag (hde, &out[tv[i].plainlen], authlen);
2084 fail ("cipher-ccm, gcry_cipher_gettag (%d:%d) failed: %s\n",
2085 i, j, gpg_strerror (err));
2086 gcry_cipher_close (hde);
2087 gcry_cipher_close (hdd);
2091 if (memcmp (tv[i].ciphertext, out, tv[i].cipherlen))
2092 fail ("cipher-ccm, encrypt mismatch entry %d:%d\n", i, j);
2094 err = gcry_cipher_decrypt (hdd, out, tv[i].plainlen - split, NULL, 0);
2096 err = gcry_cipher_decrypt (hdd, &out[tv[i].plainlen - split], split,
2100 fail ("cipher-ccm, gcry_cipher_decrypt (%d:%d) failed: %s\n",
2101 i, j, gpg_strerror (err));
2102 gcry_cipher_close (hde);
2103 gcry_cipher_close (hdd);
2107 if (memcmp (tv[i].plaintext, out, tv[i].plainlen))
2108 fail ("cipher-ccm, decrypt mismatch entry %d:%d\n", i, j);
2110 err = gcry_cipher_checktag (hdd, &out[tv[i].plainlen], authlen);
2113 fail ("cipher-ccm, gcry_cipher_checktag (%d:%d) failed: %s\n",
2114 i, j, gpg_strerror (err));
2115 gcry_cipher_close (hde);
2116 gcry_cipher_close (hdd);
2120 gcry_cipher_close (hde);
2121 gcry_cipher_close (hdd);
2125 /* Large buffer tests. */
2127 /* Test encoding of aadlen > 0xfeff. */
2129 static const char key[]={0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,
2130 0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f};
2131 static const char iv[]={0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19};
2132 static const char tag[]={0x9C,0x76,0xE7,0x33,0xD5,0x15,0xB3,0x6C,
2133 0xBA,0x76,0x95,0xF7,0xFB,0x91};
2135 size_t enclen = 0x20000;
2136 size_t aadlen = 0x20000;
2137 size_t taglen = sizeof(tag);
2139 err = gcry_cipher_open (&hde, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CCM, 0);
2142 fail ("cipher-ccm-large, gcry_cipher_open failed: %s\n",
2143 gpg_strerror (err));
2147 err = gcry_cipher_setkey (hde, key, sizeof (key));
2150 fail ("cipher-ccm-large, gcry_cipher_setkey failed: %s\n",
2151 gpg_strerror (err));
2152 gcry_cipher_close (hde);
2156 err = gcry_cipher_setiv (hde, iv, sizeof (iv));
2159 fail ("cipher-ccm-large, gcry_cipher_setiv failed: %s\n",
2160 gpg_strerror (err));
2161 gcry_cipher_close (hde);
2165 ctl_params[0] = enclen; /* encryptedlen */
2166 ctl_params[1] = aadlen; /* aadlen */
2167 ctl_params[2] = taglen; /* authtaglen */
2168 err = gcry_cipher_ctl (hde, GCRYCTL_SET_CCM_LENGTHS, ctl_params,
2169 sizeof(ctl_params));
2172 fail ("cipher-ccm-large, gcry_cipher_ctl GCRYCTL_SET_CCM_LENGTHS "
2173 "failed: %s\n", gpg_strerror (err));
2174 gcry_cipher_close (hde);
2178 memset (buf, 0xaa, sizeof(buf));
2180 for (i = 0; i < aadlen; i += sizeof(buf))
2182 err = gcry_cipher_authenticate (hde, buf, sizeof (buf));
2185 fail ("cipher-ccm-large, gcry_cipher_authenticate failed: %s\n",
2186 gpg_strerror (err));
2187 gcry_cipher_close (hde);
2192 for (i = 0; i < enclen; i += sizeof(buf))
2194 memset (buf, 0xee, sizeof(buf));
2195 err = gcry_cipher_encrypt (hde, buf, sizeof (buf), NULL, 0);
2198 fail ("cipher-ccm-large, gcry_cipher_encrypt failed: %s\n",
2199 gpg_strerror (err));
2200 gcry_cipher_close (hde);
2205 err = gcry_cipher_gettag (hde, buf, taglen);
2208 fail ("cipher-ccm-large, gcry_cipher_gettag failed: %s\n",
2209 gpg_strerror (err));
2210 gcry_cipher_close (hde);
2214 if (memcmp (buf, tag, taglen) != 0)
2215 fail ("cipher-ccm-large, encrypt mismatch entry\n");
2217 gcry_cipher_close (hde);
2221 /* Test encoding of aadlen > 0xffffffff. */
2223 static const char key[]={0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,
2224 0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f};
2225 static const char iv[]={0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19};
2226 static const char tag[]={0x01,0xB2,0xC3,0x4A,0xA6,0x6A,0x07,0x6D,
2227 0xBC,0xBD,0xEA,0x17,0xD3,0x73,0xD7,0xD4};
2229 size_t enclen = (size_t)0xffffffff + 1 + 1024;
2230 size_t aadlen = (size_t)0xffffffff + 1 + 1024;
2231 size_t taglen = sizeof(tag);
2233 err = gcry_cipher_open (&hde, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CCM, 0);
2236 fail ("cipher-ccm-huge, gcry_cipher_open failed: %s\n",
2237 gpg_strerror (err));
2241 err = gcry_cipher_setkey (hde, key, sizeof (key));
2244 fail ("cipher-ccm-huge, gcry_cipher_setkey failed: %s\n",
2245 gpg_strerror (err));
2246 gcry_cipher_close (hde);
2250 err = gcry_cipher_setiv (hde, iv, sizeof (iv));
2253 fail ("cipher-ccm-huge, gcry_cipher_setiv failed: %s\n",
2254 gpg_strerror (err));
2255 gcry_cipher_close (hde);
2259 ctl_params[0] = enclen; /* encryptedlen */
2260 ctl_params[1] = aadlen; /* aadlen */
2261 ctl_params[2] = taglen; /* authtaglen */
2262 err = gcry_cipher_ctl (hde, GCRYCTL_SET_CCM_LENGTHS, ctl_params,
2263 sizeof(ctl_params));
2266 fail ("cipher-ccm-huge, gcry_cipher_ctl GCRYCTL_SET_CCM_LENGTHS failed:"
2267 "%s\n", gpg_strerror (err));
2268 gcry_cipher_close (hde);
2272 memset (buf, 0xaa, sizeof(buf));
2274 for (i = 0; i < aadlen; i += sizeof(buf))
2276 err = gcry_cipher_authenticate (hde, buf, sizeof (buf));
2279 fail ("cipher-ccm-huge, gcry_cipher_authenticate failed: %s\n",
2280 gpg_strerror (err));
2281 gcry_cipher_close (hde);
2286 for (i = 0; i < enclen; i += sizeof(buf))
2288 memset (buf, 0xee, sizeof(buf));
2289 err = gcry_cipher_encrypt (hde, buf, sizeof (buf), NULL, 0);
2292 fail ("cipher-ccm-huge, gcry_cipher_encrypt failed: %s\n",
2293 gpg_strerror (err));
2294 gcry_cipher_close (hde);
2299 err = gcry_cipher_gettag (hde, buf, taglen);
2302 fail ("cipher-ccm-huge, gcry_cipher_gettag failed: %s\n",
2303 gpg_strerror (err));
2304 gcry_cipher_close (hde);
2308 if (memcmp (buf, tag, taglen) != 0)
2309 fail ("cipher-ccm-huge, encrypt mismatch entry\n");
2311 gcry_cipher_close (hde);
2315 fprintf (stderr, " Completed CCM checks.\n");
2317 #endif /*HAVE_U64_TYPEDEF*/
2322 check_stream_cipher (void)
2324 static const struct tv
2335 const char *plaintext;
2337 } data[MAX_DATA_LEN];
2341 "Salsa20 128 bit, test 1",
2342 GCRY_CIPHER_SALSA20, 16, 8,
2343 "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2344 "\x00\x00\x00\x00\x00\x00\x00\x00",
2347 "\x00\x00\x00\x00\x00\x00\x00\x00",
2348 "\x4D\xFA\x5E\x48\x1D\xA2\x3E\xA0"
2353 "Salsa20 128 bit, test 2",
2354 GCRY_CIPHER_SALSA20, 16, 8,
2355 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2356 "\x80\x00\x00\x00\x00\x00\x00\x00",
2359 "\x00\x00\x00\x00\x00\x00\x00\x00",
2360 "\xB6\x6C\x1E\x44\x46\xDD\x95\x57"
2365 "Salsa20 128 bit, test 3",
2366 GCRY_CIPHER_SALSA20, 16, 8,
2367 "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
2368 "\x0D\x74\xDB\x42\xA9\x10\x77\xDE",
2371 "\x00\x00\x00\x00\x00\x00\x00\x00",
2372 "\x05\xE1\xE7\xBE\xB6\x97\xD9\x99"
2377 "Salsa20 256 bit, test 1",
2378 GCRY_CIPHER_SALSA20, 32, 8,
2379 "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2380 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2381 "\x00\x00\x00\x00\x00\x00\x00\x00",
2384 "\x00\x00\x00\x00\x00\x00\x00\x00",
2385 "\xE3\xBE\x8F\xDD\x8B\xEC\xA2\xE3"
2390 "Salsa20 256 bit, test 2",
2391 GCRY_CIPHER_SALSA20, 32, 8,
2392 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2393 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2394 "\x80\x00\x00\x00\x00\x00\x00\x00",
2397 "\x00\x00\x00\x00\x00\x00\x00\x00",
2398 "\x2A\xBA\x3D\xC4\x5B\x49\x47\x00"
2403 "Salsa20 256 bit, ecrypt verified, set 6, vector 0",
2404 GCRY_CIPHER_SALSA20, 32, 8,
2405 "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD"
2406 "\x30\x83\xD6\x29\x7C\xCF\x22\x75\xC8\x1B\x6E\xC1\x14\x67\xBA\x0D",
2407 "\x0D\x74\xDB\x42\xA9\x10\x77\xDE",
2410 "\x00\x00\x00\x00\x00\x00\x00\x00",
2411 "\xF5\xFA\xD5\x3F\x79\xF9\xDF\x58"
2414 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2415 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2416 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2417 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2418 "\xF5\xFA\xD5\x3F\x79\xF9\xDF\x58\xC4\xAE\xA0\xD0\xED\x9A\x96\x01"
2419 "\xF2\x78\x11\x2C\xA7\x18\x0D\x56\x5B\x42\x0A\x48\x01\x96\x70\xEA"
2420 "\xF2\x4C\xE4\x93\xA8\x62\x63\xF6\x77\xB4\x6A\xCE\x19\x24\x77\x3D"
2421 "\x2B\xB2\x55\x71\xE1\xAA\x85\x93\x75\x8F\xC3\x82\xB1\x28\x0B\x71"
2426 "Salsa20/12 128 bit, test 1",
2427 GCRY_CIPHER_SALSA20R12, 16, 8,
2428 "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2429 "\x00\x00\x00\x00\x00\x00\x00\x00",
2432 "\x00\x00\x00\x00\x00\x00\x00\x00",
2433 "\xFC\x20\x7D\xBF\xC7\x6C\x5E\x17"
2438 "Salsa20/12 128 bit, test 2",
2439 GCRY_CIPHER_SALSA20R12, 16, 8,
2440 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2441 "\x80\x00\x00\x00\x00\x00\x00\x00",
2444 "\x00\x00\x00\x00\x00\x00\x00\x00",
2445 "\x08\x28\x39\x9A\x6F\xEF\x20\xDA"
2450 "Salsa20/12 128 bit, test 3",
2451 GCRY_CIPHER_SALSA20R12, 16, 8,
2452 "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
2453 "\x0D\x74\xDB\x42\xA9\x10\x77\xDE",
2456 "\x00\x00\x00\x00\x00\x00\x00\x00",
2457 "\xAD\x9E\x60\xE6\xD2\xA2\x64\xB8"
2462 "Salsa20/12 256 bit, test 1",
2463 GCRY_CIPHER_SALSA20R12, 32, 8,
2464 "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2465 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2466 "\x00\x00\x00\x00\x00\x00\x00\x00",
2469 "\x00\x00\x00\x00\x00\x00\x00\x00",
2470 "\xAF\xE4\x11\xED\x1C\x4E\x07\xE4"
2475 "Salsa20/12 256 bit, test 2",
2476 GCRY_CIPHER_SALSA20R12, 32, 8,
2477 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2478 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2479 "\x80\x00\x00\x00\x00\x00\x00\x00",
2482 "\x00\x00\x00\x00\x00\x00\x00\x00",
2483 "\x17\x2C\x51\x92\xCB\x6E\x64\x5B"
2488 "Salsa20/12 256 bit, ecrypt verified, set 6, vector 0",
2489 GCRY_CIPHER_SALSA20R12, 32, 8,
2490 "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD"
2491 "\x30\x83\xD6\x29\x7C\xCF\x22\x75\xC8\x1B\x6E\xC1\x14\x67\xBA\x0D",
2492 "\x0D\x74\xDB\x42\xA9\x10\x77\xDE",
2495 "\x00\x00\x00\x00\x00\x00\x00\x00",
2496 "\x52\xE2\x0C\xF8\x77\x5A\xE8\x82"
2499 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2500 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2501 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
2502 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
2503 "\x52\xE2\x0C\xF8\x77\x5A\xE8\x82\xF2\x00\xC2\x99\x9F\xE4\xBA\x31"
2504 "\xA7\xA1\x8F\x1D\x5C\x97\x16\x19\x1D\x12\x31\x75\xE1\x47\xBD\x4E"
2505 "\x8C\xA6\xED\x16\x6C\xE0\xFC\x8E\x65\xA5\xCA\x60\x84\x20\xFC\x65"
2506 "\x44\xC9\x70\x0A\x0F\x21\x38\xE8\xC1\xA2\x86\xFB\x8C\x1F\xBF\xA0"
2510 #endif /*USE_SALSA20*/
2513 gcry_cipher_hd_t hde, hdd;
2514 unsigned char out[MAX_DATA_LEN];
2516 gcry_error_t err = 0;
2520 fprintf (stderr, " Starting stream cipher checks.\n");
2522 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
2525 fprintf (stderr, " checking stream mode for %s [%i] (%s)\n",
2526 gcry_cipher_algo_name (tv[i].algo), tv[i].algo, tv[i].name);
2528 if (gcry_cipher_get_algo_blklen(tv[i].algo) != 1)
2530 fail ("stream, gcry_cipher_get_algo_blklen: bad block length\n");
2534 err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_STREAM, 0);
2536 err = gcry_cipher_open (&hdd, tv[i].algo, GCRY_CIPHER_MODE_STREAM, 0);
2539 fail ("stream, gcry_cipher_open for stream mode failed: %s\n",
2540 gpg_strerror (err));
2544 /* Now loop over all the data samples. */
2545 for (j = 0; tv[i].data[j].inlen; j++)
2547 err = gcry_cipher_setkey (hde, tv[i].key, tv[i].keylen);
2549 err = gcry_cipher_setkey (hdd, tv[i].key, tv[i].keylen);
2552 fail ("stream, gcry_cipher_setkey failed: %s\n",
2553 gpg_strerror (err));
2557 err = gcry_cipher_setiv (hde, tv[i].iv, tv[i].ivlen);
2559 err = gcry_cipher_setiv (hdd, tv[i].iv, tv[i].ivlen);
2562 fail ("stream, gcry_cipher_setiv failed: %s\n",
2563 gpg_strerror (err));
2567 err = gcry_cipher_encrypt (hde, out, MAX_DATA_LEN,
2568 tv[i].data[j].plaintext,
2569 tv[i].data[j].inlen);
2572 fail ("stream, gcry_cipher_encrypt (%d, %d) failed: %s\n",
2573 i, j, gpg_strerror (err));
2577 if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
2579 fail ("stream, encrypt mismatch entry %d:%d\n", i, j);
2580 mismatch (tv[i].data[j].out, tv[i].data[j].inlen,
2581 out, tv[i].data[j].inlen);
2584 err = gcry_cipher_decrypt (hdd, out, tv[i].data[j].inlen, NULL, 0);
2587 fail ("stream, gcry_cipher_decrypt (%d, %d) failed: %s\n",
2588 i, j, gpg_strerror (err));
2592 if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
2593 fail ("stream, decrypt mismatch entry %d:%d\n", i, j);
2597 /* This time we encrypt and decrypt one byte at a time */
2598 for (j = 0; tv[i].data[j].inlen; j++)
2602 err = gcry_cipher_setkey (hde, tv[i].key, tv[i].keylen);
2604 err = gcry_cipher_setkey (hdd, tv[i].key, tv[i].keylen);
2607 fail ("stream, gcry_cipher_setkey failed: %s\n",
2608 gpg_strerror (err));
2612 err = gcry_cipher_setiv (hde, tv[i].iv, tv[i].ivlen);
2614 err = gcry_cipher_setiv (hdd, tv[i].iv, tv[i].ivlen);
2617 fail ("stream, gcry_cipher_setiv failed: %s\n",
2618 gpg_strerror (err));
2622 for (byteNum = 0; byteNum < tv[i].data[j].inlen; ++byteNum)
2624 err = gcry_cipher_encrypt (hde, out+byteNum, 1,
2625 (tv[i].data[j].plaintext) + byteNum,
2629 fail ("stream, gcry_cipher_encrypt (%d, %d) failed: %s\n",
2630 i, j, gpg_strerror (err));
2635 if (memcmp (tv[i].data[j].out, out, tv[i].data[j].inlen))
2636 fail ("stream, encrypt mismatch entry %d:%d (byte-wise)\n", i, j);
2638 for (byteNum = 0; byteNum < tv[i].data[j].inlen; ++byteNum)
2640 err = gcry_cipher_decrypt (hdd, out+byteNum, 1, NULL, 0);
2643 fail ("stream, gcry_cipher_decrypt (%d, %d) failed: %s\n",
2644 i, j, gpg_strerror (err));
2649 if (memcmp (tv[i].data[j].plaintext, out, tv[i].data[j].inlen))
2650 fail ("stream, decrypt mismatch entry %d:%d (byte-wise)\n", i, j);
2654 gcry_cipher_close (hde);
2655 gcry_cipher_close (hdd);
2658 fprintf (stderr, " Completed stream cipher checks.\n");
2663 check_stream_cipher_large_block (void)
2665 static const struct tv
2677 } data[MAX_DATA_LEN];
2681 "Salsa20 256 bit, ecrypt verified, set 6, vector 0",
2682 GCRY_CIPHER_SALSA20, 32, 8,
2683 "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD"
2684 "\x30\x83\xD6\x29\x7C\xCF\x22\x75\xC8\x1B\x6E\xC1\x14\x67\xBA\x0D",
2685 "\x0D\x74\xDB\x42\xA9\x10\x77\xDE",
2688 "\xF5\xFA\xD5\x3F\x79\xF9\xDF\x58\xC4\xAE\xA0\xD0\xED\x9A\x96\x01"
2689 "\xF2\x78\x11\x2C\xA7\x18\x0D\x56\x5B\x42\x0A\x48\x01\x96\x70\xEA"
2690 "\xF2\x4C\xE4\x93\xA8\x62\x63\xF6\x77\xB4\x6A\xCE\x19\x24\x77\x3D"
2691 "\x2B\xB2\x55\x71\xE1\xAA\x85\x93\x75\x8F\xC3\x82\xB1\x28\x0B\x71"
2694 "\xB7\x0C\x50\x13\x9C\x63\x33\x2E\xF6\xE7\x7A\xC5\x43\x38\xA4\x07"
2695 "\x9B\x82\xBE\xC9\xF9\xA4\x03\xDF\xEA\x82\x1B\x83\xF7\x86\x07\x91"
2696 "\x65\x0E\xF1\xB2\x48\x9D\x05\x90\xB1\xDE\x77\x2E\xED\xA4\xE3\xBC"
2697 "\xD6\x0F\xA7\xCE\x9C\xD6\x23\xD9\xD2\xFD\x57\x58\xB8\x65\x3E\x70"
2700 "\x81\x58\x2C\x65\xD7\x56\x2B\x80\xAE\xC2\xF1\xA6\x73\xA9\xD0\x1C"
2701 "\x9F\x89\x2A\x23\xD4\x91\x9F\x6A\xB4\x7B\x91\x54\xE0\x8E\x69\x9B"
2702 "\x41\x17\xD7\xC6\x66\x47\x7B\x60\xF8\x39\x14\x81\x68\x2F\x5D\x95"
2703 "\xD9\x66\x23\xDB\xC4\x89\xD8\x8D\xAA\x69\x56\xB9\xF0\x64\x6B\x6E"
2706 "\xA1\x3F\xFA\x12\x08\xF8\xBF\x50\x90\x08\x86\xFA\xAB\x40\xFD\x10"
2707 "\xE8\xCA\xA3\x06\xE6\x3D\xF3\x95\x36\xA1\x56\x4F\xB7\x60\xB2\x42"
2708 "\xA9\xD6\xA4\x62\x8C\xDC\x87\x87\x62\x83\x4E\x27\xA5\x41\xDA\x2A"
2709 "\x5E\x3B\x34\x45\x98\x9C\x76\xF6\x11\xE0\xFE\xC6\xD9\x1A\xCA\xCC"
2714 "Salsa20 256 bit, ecrypt verified, set 6, vector 1",
2715 GCRY_CIPHER_SALSA20, 32, 8,
2716 "\x05\x58\xAB\xFE\x51\xA4\xF7\x4A\x9D\xF0\x43\x96\xE9\x3C\x8F\xE2"
2717 "\x35\x88\xDB\x2E\x81\xD4\x27\x7A\xCD\x20\x73\xC6\x19\x6C\xBF\x12",
2718 "\x16\x7D\xE4\x4B\xB2\x19\x80\xE7",
2721 "\x39\x44\xF6\xDC\x9F\x85\xB1\x28\x08\x38\x79\xFD\xF1\x90\xF7\xDE"
2722 "\xE4\x05\x3A\x07\xBC\x09\x89\x6D\x51\xD0\x69\x0B\xD4\xDA\x4A\xC1"
2723 "\x06\x2F\x1E\x47\xD3\xD0\x71\x6F\x80\xA9\xB4\xD8\x5E\x6D\x60\x85"
2724 "\xEE\x06\x94\x76\x01\xC8\x5F\x1A\x27\xA2\xF7\x6E\x45\xA6\xAA\x87"
2727 "\x36\xE0\x3B\x4B\x54\xB0\xB2\xE0\x4D\x06\x9E\x69\x00\x82\xC8\xC5"
2728 "\x92\xDF\x56\xE6\x33\xF5\xD8\xC7\x68\x2A\x02\xA6\x5E\xCD\x13\x71"
2729 "\x8C\xA4\x35\x2A\xAC\xCB\x0D\xA2\x0E\xD6\xBB\xBA\x62\xE1\x77\xF2"
2730 "\x10\xE3\x56\x0E\x63\xBB\x82\x2C\x41\x58\xCA\xA8\x06\xA8\x8C\x82"
2733 "\x1B\x77\x9E\x7A\x91\x7C\x8C\x26\x03\x9F\xFB\x23\xCF\x0E\xF8\xE0"
2734 "\x8A\x1A\x13\xB4\x3A\xCD\xD9\x40\x2C\xF5\xDF\x38\x50\x10\x98\xDF"
2735 "\xC9\x45\xA6\xCC\x69\xA6\xA1\x73\x67\xBC\x03\x43\x1A\x86\xB3\xED"
2736 "\x04\xB0\x24\x5B\x56\x37\x9B\xF9\x97\xE2\x58\x00\xAD\x83\x7D\x7D"
2739 "\x7E\xC6\xDA\xE8\x1A\x10\x5E\x67\x17\x2A\x0B\x8C\x4B\xBE\x7D\x06"
2740 "\xA7\xA8\x75\x9F\x91\x4F\xBE\xB1\xAF\x62\xC8\xA5\x52\xEF\x4A\x4F"
2741 "\x56\x96\x7E\xA2\x9C\x74\x71\xF4\x6F\x3B\x07\xF7\xA3\x74\x6E\x95"
2742 "\x3D\x31\x58\x21\xB8\x5B\x6E\x8C\xB4\x01\x22\xB9\x66\x35\x31\x3C"
2747 "Salsa20 256 bit, ecrypt verified, set 6, vector 2",
2748 GCRY_CIPHER_SALSA20, 32, 8,
2749 "\x0A\x5D\xB0\x03\x56\xA9\xFC\x4F\xA2\xF5\x48\x9B\xEE\x41\x94\xE7"
2750 "\x3A\x8D\xE0\x33\x86\xD9\x2C\x7F\xD2\x25\x78\xCB\x1E\x71\xC4\x17",
2751 "\x1F\x86\xED\x54\xBB\x22\x89\xF0",
2754 "\x3F\xE8\x5D\x5B\xB1\x96\x0A\x82\x48\x0B\x5E\x6F\x4E\x96\x5A\x44"
2755 "\x60\xD7\xA5\x45\x01\x66\x4F\x7D\x60\xB5\x4B\x06\x10\x0A\x37\xFF"
2756 "\xDC\xF6\xBD\xE5\xCE\x3F\x48\x86\xBA\x77\xDD\x5B\x44\xE9\x56\x44"
2757 "\xE4\x0A\x8A\xC6\x58\x01\x15\x5D\xB9\x0F\x02\x52\x2B\x64\x40\x23"
2760 "\xC8\xD6\xE5\x4C\x29\xCA\x20\x40\x18\xA8\x30\xE2\x66\xCE\xEE\x0D"
2761 "\x03\x7D\xC4\x7E\x92\x19\x47\x30\x2A\xCE\x40\xD1\xB9\x96\xA6\xD8"
2762 "\x0B\x59\x86\x77\xF3\x35\x2F\x1D\xAA\x6D\x98\x88\xF8\x91\xAD\x95"
2763 "\xA1\xC3\x2F\xFE\xB7\x1B\xB8\x61\xE8\xB0\x70\x58\x51\x51\x71\xC9"
2766 "\xB7\x9F\xD7\x76\x54\x2B\x46\x20\xEF\xCB\x88\x44\x95\x99\xF2\x34"
2767 "\x03\xE7\x4A\x6E\x91\xCA\xCC\x50\xA0\x5A\x8F\x8F\x3C\x0D\xEA\x8B"
2768 "\x00\xE1\xA5\xE6\x08\x1F\x55\x26\xAE\x97\x5B\x3B\xC0\x45\x0F\x1A"
2769 "\x0C\x8B\x66\xF8\x08\xF1\x90\x4B\x97\x13\x61\x13\x7C\x93\x15\x6F"
2772 "\x79\x98\x20\x4F\xED\x70\xCE\x8E\x0D\x02\x7B\x20\x66\x35\xC0\x8C"
2773 "\x8B\xC4\x43\x62\x26\x08\x97\x0E\x40\xE3\xAE\xDF\x3C\xE7\x90\xAE"
2774 "\xED\xF8\x9F\x92\x26\x71\xB4\x53\x78\xE2\xCD\x03\xF6\xF6\x23\x56"
2775 "\x52\x9C\x41\x58\xB7\xFF\x41\xEE\x85\x4B\x12\x35\x37\x39\x88\xC8"
2780 "Salsa20 256 bit, ecrypt verified, set 6, vector 3",
2781 GCRY_CIPHER_SALSA20, 32, 8,
2782 "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
2783 "\x3F\x92\xE5\x38\x8B\xDE\x31\x84\xD7\x2A\x7D\xD0\x23\x76\xC9\x1C",
2784 "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9",
2787 "\x5E\x5E\x71\xF9\x01\x99\x34\x03\x04\xAB\xB2\x2A\x37\xB6\x62\x5B"
2788 "\xF8\x83\xFB\x89\xCE\x3B\x21\xF5\x4A\x10\xB8\x10\x66\xEF\x87\xDA"
2789 "\x30\xB7\x76\x99\xAA\x73\x79\xDA\x59\x5C\x77\xDD\x59\x54\x2D\xA2"
2790 "\x08\xE5\x95\x4F\x89\xE4\x0E\xB7\xAA\x80\xA8\x4A\x61\x76\x66\x3F"
2793 "\x2D\xA2\x17\x4B\xD1\x50\xA1\xDF\xEC\x17\x96\xE9\x21\xE9\xD6\xE2"
2794 "\x4E\xCF\x02\x09\xBC\xBE\xA4\xF9\x83\x70\xFC\xE6\x29\x05\x6F\x64"
2795 "\x91\x72\x83\x43\x6E\x2D\x3F\x45\x55\x62\x25\x30\x7D\x5C\xC5\xA5"
2796 "\x65\x32\x5D\x89\x93\xB3\x7F\x16\x54\x19\x5C\x24\x0B\xF7\x5B\x16"
2799 "\xAB\xF3\x9A\x21\x0E\xEE\x89\x59\x8B\x71\x33\x37\x70\x56\xC2\xFE"
2800 "\xF4\x2D\xA7\x31\x32\x75\x63\xFB\x67\xC7\xBE\xDB\x27\xF3\x8C\x7C"
2801 "\x5A\x3F\xC2\x18\x3A\x4C\x6B\x27\x7F\x90\x11\x52\x47\x2C\x6B\x2A"
2802 "\xBC\xF5\xE3\x4C\xBE\x31\x5E\x81\xFD\x3D\x18\x0B\x5D\x66\xCB\x6C"
2805 "\x1B\xA8\x9D\xBD\x3F\x98\x83\x97\x28\xF5\x67\x91\xD5\xB7\xCE\x23"
2806 "\x50\x36\xDE\x84\x3C\xCC\xAB\x03\x90\xB8\xB5\x86\x2F\x1E\x45\x96"
2807 "\xAE\x8A\x16\xFB\x23\xDA\x99\x7F\x37\x1F\x4E\x0A\xAC\xC2\x6D\xB8"
2808 "\xEB\x31\x4E\xD4\x70\xB1\xAF\x6B\x9F\x8D\x69\xDD\x79\xA9\xD7\x50"
2813 "Salsa20/12 256 bit, ecrypt verified, set 6, vector 0",
2814 GCRY_CIPHER_SALSA20R12, 32, 8,
2815 "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD"
2816 "\x30\x83\xD6\x29\x7C\xCF\x22\x75\xC8\x1B\x6E\xC1\x14\x67\xBA\x0D",
2817 "\x0D\x74\xDB\x42\xA9\x10\x77\xDE",
2820 "\x52\xE2\x0C\xF8\x77\x5A\xE8\x82\xF2\x00\xC2\x99\x9F\xE4\xBA\x31"
2821 "\xA7\xA1\x8F\x1D\x5C\x97\x16\x19\x1D\x12\x31\x75\xE1\x47\xBD\x4E"
2822 "\x8C\xA6\xED\x16\x6C\xE0\xFC\x8E\x65\xA5\xCA\x60\x84\x20\xFC\x65"
2823 "\x44\xC9\x70\x0A\x0F\x21\x38\xE8\xC1\xA2\x86\xFB\x8C\x1F\xBF\xA0"
2826 "\x8F\xBC\x9F\xE8\x69\x1B\xD4\xF0\x82\xB4\x7F\x54\x05\xED\xFB\xC1"
2827 "\x6F\x4D\x5A\x12\xDD\xCB\x2D\x75\x4E\x8A\x99\x98\xD0\xB2\x19\x55"
2828 "\x7D\xFE\x29\x84\xF4\xA1\xD2\xDD\xA7\x6B\x95\x96\x92\x8C\xCE\x05"
2829 "\x56\xF5\x00\x66\xCD\x59\x9E\x44\xEF\x5C\x14\xB2\x26\x68\x3A\xEF"
2832 "\xBC\xBD\x01\xDD\x28\x96\x1C\xC7\xAD\x30\x47\x38\x6C\xBC\xC6\x7C"
2833 "\x10\x8D\x6A\xF1\x11\x67\xE4\x0D\x7A\xE1\xB2\xFC\x45\x18\xA8\x67"
2834 "\xEF\xE4\x02\x65\x1D\x1D\x88\x51\xC4\xFD\x23\x30\xC5\x97\xB3\x6A"
2835 "\x46\xD5\x68\x9E\x00\xFC\x96\xFE\xCF\x9C\xE3\xE2\x21\x1D\x44\xBE"
2838 "\x91\x66\xF3\x1C\xD8\x5B\x5B\xB1\x8F\xC6\x14\xE5\x4E\x4A\xD6\x7F"
2839 "\xB8\x65\x8E\x3B\xF9\xFB\x19\xB7\xA8\x2F\x0F\xE7\xDC\x90\x2D\xF5"
2840 "\x63\xC6\xAC\x4F\x44\x67\x48\xC4\xBC\x3E\x14\x05\xE1\x24\x82\x0D"
2841 "\xC4\x09\x41\x99\x8F\x44\xA8\x10\xE7\x22\x78\x7F\xCD\x47\x78\x4C"
2846 "Salsa20/12 256 bit, ecrypt verified, set 6, vector 1",
2847 GCRY_CIPHER_SALSA20R12, 32, 8,
2848 "\x05\x58\xAB\xFE\x51\xA4\xF7\x4A\x9D\xF0\x43\x96\xE9\x3C\x8F\xE2"
2849 "\x35\x88\xDB\x2E\x81\xD4\x27\x7A\xCD\x20\x73\xC6\x19\x6C\xBF\x12",
2850 "\x16\x7D\xE4\x4B\xB2\x19\x80\xE7",
2853 "\xC0\x75\x60\xB3\xE7\x76\xB4\x71\xC5\xE2\x93\x14\x26\xCA\xF1\xED"
2854 "\x3A\xE4\xB8\x67\x08\x76\x82\xCA\x9D\xFD\xC2\xBA\xE8\x93\x50\xBD"
2855 "\x84\x82\x1C\xAE\xFF\x85\xAA\xC4\x9D\x74\x35\xA7\xD9\x88\x93\x52"
2856 "\xF5\x27\x9E\x36\x12\x3F\x41\x72\x8A\x14\xEF\x26\x9F\xCB\x94\x4B"
2859 "\xEE\xD1\xBB\x58\xF9\x0C\x89\xE0\x5C\xC6\x8B\x2D\xB6\x05\x58\x49"
2860 "\xB3\xD2\xB1\x87\xB7\xF0\x2F\x9A\x24\xCE\x34\x2A\xF0\xFC\x47\xA3"
2861 "\x74\xBD\x75\x90\xFB\xF4\xFD\x9E\xE5\x9B\x1A\x38\x1E\xBF\xD2\x29"
2862 "\xAD\x2A\x29\x01\xB3\xFB\x61\x08\x12\x90\x0B\x92\x30\xE6\x22\xE9"
2865 "\x70\xF0\x49\x3A\x1B\x62\x53\xCC\x5E\xD3\x45\x0A\x31\xCF\x37\x7D"
2866 "\x83\x4B\xAD\x20\x72\x30\x29\x27\xCC\xD8\x30\x10\x4B\xD3\x05\xFF"
2867 "\x59\xD2\x94\x17\xB2\x32\x88\x4E\xC9\x59\x19\x4D\x60\x47\xC3\xDD"
2868 "\x66\x56\xC4\x7E\x32\x00\x64\xEB\x01\x44\xF7\x34\x1B\xC3\xD6\x97"
2871 "\xD2\xCC\xF7\xC1\xAF\x2A\xB4\x66\xE6\x27\xDB\x44\x08\x40\x96\x9A"
2872 "\xBD\xAB\x68\xD8\x86\xAE\x6A\x38\xA1\x3F\xEE\x17\x50\xCA\x97\xB5"
2873 "\xD3\x31\x5B\x84\x08\x47\x28\x86\x2F\xBC\xC7\xD4\xA9\x7C\x75\xC8"
2874 "\x65\x5F\xF9\xD6\xBB\xC2\x61\x88\x63\x6F\x3E\xDF\xE1\x5C\x7D\x30"
2879 "Salsa20/12 256 bit, ecrypt verified, set 6, vector 2",
2880 GCRY_CIPHER_SALSA20R12, 32, 8,
2881 "\x0A\x5D\xB0\x03\x56\xA9\xFC\x4F\xA2\xF5\x48\x9B\xEE\x41\x94\xE7"
2882 "\x3A\x8D\xE0\x33\x86\xD9\x2C\x7F\xD2\x25\x78\xCB\x1E\x71\xC4\x17",
2883 "\x1F\x86\xED\x54\xBB\x22\x89\xF0",
2886 "\x51\x22\x52\x91\x01\x90\xD1\x54\xD1\x4D\x0B\x92\x32\xB8\x84\x31"
2887 "\x8C\xCB\x43\x81\x9B\xD5\x42\x19\x32\xC0\x3A\x13\xF0\x7B\x40\x10"
2888 "\x83\xD7\x89\x72\x5A\xA9\xDA\x0B\x41\xCB\x62\x24\x94\x5E\xDC\xB0"
2889 "\xFB\x6F\xD7\xC2\x34\x22\x35\xC9\x70\xF6\x4E\x10\x1C\x25\x68\x64"
2892 "\x97\x96\x74\x55\x84\x0A\x4A\xE5\xC1\xCA\xCE\x49\x15\x19\x13\x8A"
2893 "\xA3\x5E\x5F\x02\x40\x7D\x4A\x1F\xE5\x08\x6D\x35\xF3\x55\x1E\xF4"
2894 "\x77\xD9\x28\x9D\x17\x23\x79\x7C\x1A\x49\xEC\x26\x62\x9A\xFA\xDC"
2895 "\x56\xA0\x38\xA3\x8C\x75\x88\x1B\x62\x17\xFD\x74\x67\x25\x59\x09"
2898 "\x1B\xF8\x2E\x3D\x5C\x54\xDA\xAB\xCF\x84\x15\xF8\xA2\xA1\xA2\x2E"
2899 "\x86\x88\x06\x33\x4F\xF3\x11\x36\x04\x74\x1C\x1D\xF2\xB9\x84\x0F"
2900 "\x87\xDE\xEF\xB0\x07\x23\xA8\xA1\xB2\x4A\x4D\xA1\x7E\xCD\xAD\x00"
2901 "\x01\xF9\x79\xDD\xAE\x2D\xF0\xC5\xE1\xE5\x32\xC4\x8F\x8E\x0D\x34"
2904 "\x06\xD8\x4F\x6A\x71\x34\x84\x20\x32\x9F\xCD\x0C\x41\x75\x9A\xD1"
2905 "\x8F\x99\x57\xA3\x8F\x22\x89\x3B\xA5\x58\xC5\x05\x11\x97\x28\x5C"
2906 "\x6B\xE2\xFD\x6C\x96\xA5\xC6\x62\xAF\xD3\x11\x78\xE7\x0F\x96\x0A"
2907 "\xAB\x3F\x47\x96\x23\xA4\x44\xB6\x81\x91\xE4\xC5\x28\x46\x93\x88"
2912 "Salsa20/12 256 bit, ecrypt verified, set 6, vector 3",
2913 GCRY_CIPHER_SALSA20R12, 32, 8,
2914 "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
2915 "\x3F\x92\xE5\x38\x8B\xDE\x31\x84\xD7\x2A\x7D\xD0\x23\x76\xC9\x1C",
2916 "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9",
2919 "\x99\xDB\x33\xAD\x11\xCE\x0C\xCB\x3B\xFD\xBF\x8D\x0C\x18\x16\x04"
2920 "\x52\xD0\x14\xCD\xE9\x89\xB4\xC4\x11\xA5\x59\xFF\x7C\x20\xA1\x69"
2921 "\xE6\xDC\x99\x09\xD8\x16\xBE\xCE\xDC\x40\x63\xCE\x07\xCE\xA8\x28"
2922 "\xF4\x4B\xF9\xB6\xC9\xA0\xA0\xB2\x00\xE1\xB5\x2A\xF4\x18\x59\xC5"
2925 "\x2F\xF2\x02\x64\xEE\xAF\x47\xAB\x7D\x57\xC3\x62\x24\x53\x54\x51"
2926 "\x73\x5A\xC8\x36\xD3\x2D\xD2\x8A\xE6\x36\x45\xCE\x95\x2F\x7F\xDB"
2927 "\xE6\x68\x9C\x69\x59\x77\xB1\xC7\x6E\x60\xDD\x5B\x27\xAC\xA4\x76"
2928 "\xD2\x62\x0F\xDC\x93\x13\xE8\x48\x9B\xA5\x6A\x70\xC9\xF4\xC3\xA8"
2931 "\xEB\x30\xCD\xA7\x27\xC0\xF8\xB7\xE4\x5D\x5E\xF3\x0D\xB7\xCB\xE0"
2932 "\x21\xF2\x29\x1E\x5F\x56\x93\x8D\x56\xF6\x87\xB7\x37\xC3\xB4\x27"
2933 "\x54\x5C\x56\xA6\xD3\xA0\xBF\x2B\x2F\x47\xB4\x84\x93\xFA\xE4\x5E"
2934 "\xD5\x0C\x2E\x9B\xBE\x49\xFD\x92\xD6\x7C\x76\x49\x05\x5F\x06\xFD"
2937 "\x0E\xBF\x6C\xC3\xCB\xCB\xE7\x4E\x6E\xE8\x07\x47\x1B\x49\x2A\x67"
2938 "\x39\xA5\x2F\x57\x11\x31\xA2\x50\xBC\xDF\xA0\x76\xA2\x65\x90\xD7"
2939 "\xED\xE6\x75\x1C\x03\x26\xA0\x2C\xB1\x1C\x58\x77\x35\x52\x80\x4F"
2940 "\xD8\x68\x67\x15\x35\x5C\x5A\x5C\xC5\x91\x96\x3A\x75\xE9\x94\xB4"
2944 #endif /*USE_SALSA20*/
2949 gcry_cipher_hd_t hde;
2950 unsigned char *buffer;
2955 gcry_error_t err = 0;
2958 fprintf (stderr, " Starting large block stream cipher checks.\n");
2960 memset (zeroes, 0, 512);
2962 buffersize = 128 * 1024;
2963 buffer = gcry_xmalloc (buffersize+1024);
2964 memset (buffer+buffersize, 0x5a, 1024);
2966 for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
2969 fprintf (stderr, " checking large block stream for %s [%i] (%s)\n",
2970 gcry_cipher_algo_name (tv[i].algo), tv[i].algo, tv[i].name);
2972 err = gcry_cipher_open (&hde, tv[i].algo, GCRY_CIPHER_MODE_STREAM, 0);
2975 fail ("large stream, gcry_cipher_open for stream mode failed: %s\n",
2976 gpg_strerror (err));
2980 err = gcry_cipher_setkey (hde, tv[i].key, tv[i].keylen);
2983 fail ("large stream, gcry_cipher_setkey failed: %s\n",
2984 gpg_strerror (err));
2988 err = gcry_cipher_setiv (hde, tv[i].iv, tv[i].ivlen);
2991 fail ("large stream, gcry_cipher_setiv failed: %s\n",
2992 gpg_strerror (err));
2996 for (j=0, p=buffer; j < buffersize/512; j++, p += 512)
2998 err = gcry_cipher_encrypt (hde, p, 512, zeroes, 512);
3001 fail ("large stream, "
3002 "gcry_cipher_encrypt (%d) block %d failed: %s\n",
3003 i, j, gpg_strerror (err));
3007 for (j=0, p=buffer+buffersize; j < 1024; j++, p++)
3009 die ("large stream, buffer corrupted at j=%d\n", j);
3011 /* Now loop over all the data samples. */
3012 for (j = 0; tv[i].data[j].length; j++)
3014 assert (tv[i].data[j].offset + tv[i].data[j].length <= buffersize);
3016 if (memcmp (tv[i].data[j].result,
3017 buffer + tv[i].data[j].offset, tv[i].data[j].length))
3019 fail ("large stream, encrypt mismatch entry %d:%d\n", i, j);
3020 mismatch (tv[i].data[j].result, tv[i].data[j].length,
3021 buffer + tv[i].data[j].offset, tv[i].data[j].length);
3026 * Let's do the same thing again but using changing block sizes.
3028 err = gcry_cipher_setkey (hde, tv[i].key, tv[i].keylen);
3031 fail ("large stream, gcry_cipher_setkey failed: %s\n",
3032 gpg_strerror (err));
3036 err = gcry_cipher_setiv (hde, tv[i].iv, tv[i].ivlen);
3039 fail ("large stream, gcry_cipher_setiv failed: %s\n",
3040 gpg_strerror (err));
3044 for (n=0, p=buffer, j = 0; n < buffersize; n += j, p += j)
3048 case 0: j = 1; break;
3049 case 1: j = 64; break;
3050 case 64: j= 384; break;
3051 case 384: j = 63; break;
3052 case 63: j = 512; break;
3053 case 512: j = 32; break;
3054 case 32: j = 503; break;
3055 default: j = 509; break;
3057 if ( n + j >= buffersize )
3060 err = gcry_cipher_encrypt (hde, p, j, zeroes, j);
3063 fail ("large stream, "
3064 "gcry_cipher_encrypt (%d) offset %u failed: %s\n",
3065 i, n, gpg_strerror (err));
3069 for (j=0, p=buffer+buffersize; j < 1024; j++, p++)
3071 die ("large stream, buffer corrupted at j=%d (line %d)\n",
3074 /* Now loop over all the data samples. */
3075 for (j = 0; tv[i].data[j].length; j++)
3077 assert (tv[i].data[j].offset + tv[i].data[j].length <= buffersize);
3079 if (memcmp (tv[i].data[j].result,
3080 buffer + tv[i].data[j].offset, tv[i].data[j].length))
3082 fail ("large stream var, encrypt mismatch entry %d:%d\n", i, j);
3083 mismatch (tv[i].data[j].result, tv[i].data[j].length,
3084 buffer + tv[i].data[j].offset, tv[i].data[j].length);
3089 gcry_cipher_close (hde);
3094 fprintf (stderr, " Completed large block stream cipher checks.\n");
3099 /* Check that our bulk encryption fucntions work properly. */
3101 check_bulk_cipher_modes (void)
3113 { GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CFB,
3114 "abcdefghijklmnop", 16,
3115 "1234567890123456", 16,
3117 { 0x53, 0xda, 0x27, 0x3c, 0x78, 0x3d, 0x54, 0x66, 0x19, 0x63,
3118 0xd7, 0xe6, 0x20, 0x10, 0xcd, 0xc0, 0x5a, 0x0b, 0x06, 0xcc }
3120 { GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CFB,
3121 "abcdefghijklmnopABCDEFG", 24,
3122 "1234567890123456", 16,
3124 { 0xc7, 0xb1, 0xd0, 0x09, 0x95, 0x04, 0x34, 0x61, 0x2b, 0xd9,
3125 0xcb, 0xb3, 0xc7, 0xcb, 0xef, 0xea, 0x16, 0x19, 0x9b, 0x3e }
3127 { GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CFB,
3128 "abcdefghijklmnopABCDEFGHIJKLMNOP", 32,
3129 "1234567890123456", 16,
3131 { 0x31, 0xe1, 0x1f, 0x63, 0x65, 0x47, 0x8c, 0x3f, 0x53, 0xdb,
3132 0xd9, 0x4d, 0x91, 0x1d, 0x02, 0x9c, 0x05, 0x25, 0x58, 0x29 }
3134 { GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC,
3135 "abcdefghijklmnop", 16,
3136 "1234567890123456", 16,
3138 { 0xdc, 0x0c, 0xc2, 0xd9, 0x6b, 0x47, 0xf9, 0xeb, 0x06, 0xb4,
3139 0x2f, 0x6e, 0xec, 0x72, 0xbf, 0x55, 0x26, 0x7f, 0xa9, 0x97 }
3141 { GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CBC,
3142 "abcdefghijklmnopABCDEFG", 24,
3143 "1234567890123456", 16,
3145 { 0x2b, 0x90, 0x9b, 0xe6, 0x40, 0xab, 0x6e, 0xc2, 0xc5, 0xb1,
3146 0x87, 0xf5, 0x43, 0x84, 0x7b, 0x04, 0x06, 0x47, 0xd1, 0x8f }
3148 { GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC,
3149 "abcdefghijklmnopABCDEFGHIJKLMNOP", 32,
3150 "1234567890123456", 16,
3152 { 0xaa, 0xa8, 0xdf, 0x03, 0xb0, 0xba, 0xc4, 0xe3, 0xc1, 0x02,
3153 0x38, 0x31, 0x8d, 0x86, 0xcb, 0x49, 0x6d, 0xad, 0xae, 0x01 }
3155 { GCRY_CIPHER_AES, GCRY_CIPHER_MODE_OFB,
3156 "abcdefghijklmnop", 16,
3157 "1234567890123456", 16,
3159 { 0x65, 0xfe, 0xde, 0x48, 0xd0, 0xa1, 0xa6, 0xf9, 0x24, 0x6b,
3160 0x52, 0x5f, 0x21, 0x8a, 0x6f, 0xc7, 0x70, 0x3b, 0xd8, 0x4a }
3162 { GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_OFB,
3163 "abcdefghijklmnopABCDEFG", 24,
3164 "1234567890123456", 16,
3166 { 0x59, 0x5b, 0x02, 0xa2, 0x88, 0xc0, 0xbe, 0x94, 0x43, 0xaa,
3167 0x39, 0xf6, 0xbd, 0xcc, 0x83, 0x99, 0xee, 0x00, 0xa1, 0x91 }
3169 { GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_OFB,
3170 "abcdefghijklmnopABCDEFGHIJKLMNOP", 32,
3171 "1234567890123456", 16,
3173 { 0x38, 0x8c, 0xe1, 0xe2, 0xbe, 0x67, 0x60, 0xe8, 0xeb, 0xce,
3174 0xd0, 0xc6, 0xaa, 0xd6, 0xf6, 0x26, 0x15, 0x56, 0xd0, 0x2b }
3176 { GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CTR,
3177 "abcdefghijklmnop", 16,
3178 "1234567890123456", 16,
3180 { 0x9a, 0x48, 0x94, 0xd6, 0x50, 0x46, 0x81, 0xdb, 0x68, 0x34,
3181 0x3b, 0xc5, 0x9e, 0x66, 0x94, 0x81, 0x98, 0xa0, 0xf9, 0xff }
3183 { GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CTR,
3184 "abcdefghijklmnopABCDEFG", 24,
3185 "1234567890123456", 16,
3187 { 0x2c, 0x2c, 0xd3, 0x75, 0x81, 0x2a, 0x59, 0x07, 0xeb, 0x08,
3188 0xce, 0x28, 0x4c, 0x0c, 0x6a, 0xa8, 0x8f, 0xa3, 0x98, 0x7e }
3190 { GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CTR,
3191 "abcdefghijklmnopABCDEFGHIJKLMNOP", 32,
3192 "1234567890123456", 16,
3194 { 0x64, 0xce, 0x73, 0x03, 0xc7, 0x89, 0x99, 0x1f, 0xf1, 0xce,
3195 0xfe, 0xfb, 0xb9, 0x42, 0x30, 0xdf, 0xbb, 0x68, 0x6f, 0xd3 }
3197 { GCRY_CIPHER_AES, GCRY_CIPHER_MODE_ECB,
3198 "abcdefghijklmnop", 16,
3199 "1234567890123456", 16,
3201 { 0x51, 0xae, 0xf5, 0xac, 0x22, 0xa0, 0xba, 0x11, 0xc5, 0xaa,
3202 0xb4, 0x70, 0x99, 0xce, 0x18, 0x08, 0x12, 0x9b, 0xb1, 0xc5 }
3204 { GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_ECB,
3205 "abcdefghijklmnopABCDEFG", 24,
3206 "1234567890123456", 16,
3208 { 0x57, 0x91, 0xea, 0x48, 0xd8, 0xbf, 0x9e, 0xc1, 0xae, 0x33,
3209 0xb3, 0xfd, 0xf7, 0x7a, 0xeb, 0x30, 0xb1, 0x62, 0x0d, 0x82 }
3211 { GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_ECB,
3212 "abcdefghijklmnopABCDEFGHIJKLMNOP", 32,
3213 "1234567890123456", 16,
3215 { 0x2d, 0x71, 0x54, 0xb9, 0xc5, 0x28, 0x76, 0xff, 0x76, 0xb5,
3216 0x99, 0x37, 0x99, 0x9d, 0xf7, 0x10, 0x6d, 0x86, 0x4f, 0x3f }
3219 gcry_cipher_hd_t hde = NULL;
3220 gcry_cipher_hd_t hdd = NULL;
3221 unsigned char *buffer_base, *outbuf_base; /* Allocated buffers. */
3222 unsigned char *buffer, *outbuf; /* Aligned buffers. */
3224 unsigned char hash[20];
3225 int i, j, keylen, blklen;
3226 gcry_error_t err = 0;
3229 fprintf (stderr, "Starting bulk cipher checks.\n");
3231 buflen = 16*100; /* We check a 1600 byte buffer. */
3232 buffer_base = gcry_xmalloc (buflen+16);
3233 buffer = buffer_base + (16 - ((size_t)buffer_base & 0x0f));
3234 outbuf_base = gcry_xmalloc (buflen+16);
3235 outbuf = outbuf_base + (16 - ((size_t)outbuf_base & 0x0f));
3238 for (i = 0; i < DIM (tv); i++)
3241 fprintf (stderr, " checking bulk encryption for %s [%i], mode %d\n",
3242 gcry_cipher_algo_name (tv[i].algo),
3243 tv[i].algo, tv[i].mode);
3244 err = gcry_cipher_open (&hde, tv[i].algo, tv[i].mode, 0);
3246 err = gcry_cipher_open (&hdd, tv[i].algo, tv[i].mode, 0);
3249 fail ("gcry_cipher_open failed: %s\n", gpg_strerror (err));
3253 keylen = gcry_cipher_get_algo_keylen(tv[i].algo);
3256 fail ("gcry_cipher_get_algo_keylen failed\n");
3260 err = gcry_cipher_setkey (hde, tv[i].key, tv[i].keylen);
3262 err = gcry_cipher_setkey (hdd, tv[i].key, tv[i].keylen);
3265 fail ("gcry_cipher_setkey failed: %s\n", gpg_strerror (err));
3269 blklen = gcry_cipher_get_algo_blklen(tv[i].algo);
3272 fail ("gcry_cipher_get_algo_blklen failed\n");
3276 err = gcry_cipher_setiv (hde, tv[i].iv, tv[i].ivlen);
3278 err = gcry_cipher_setiv (hdd, tv[i].iv, tv[i].ivlen);
3281 fail ("gcry_cipher_setiv failed: %s\n", gpg_strerror (err));
3285 /* Fill the buffer with our test pattern. */
3286 for (j=0; j < buflen; j++)
3287 buffer[j] = ((j & 0xff) ^ ((j >> 8) & 0xff));
3289 err = gcry_cipher_encrypt (hde, outbuf, buflen, buffer, buflen);
3292 fail ("gcry_cipher_encrypt (algo %d, mode %d) failed: %s\n",
3293 tv[i].algo, tv[i].mode, gpg_strerror (err));
3297 gcry_md_hash_buffer (GCRY_MD_SHA1, hash, outbuf, buflen);
3299 printf ("/*[%d]*/\n", i);
3300 fputs (" {", stdout);
3301 for (j=0; j < 20; j++)
3302 printf (" 0x%02x%c%s", hash[j], j==19? ' ':',', j == 9? "\n ":"");
3306 if (memcmp (hash, tv[i].t1_hash, 20))
3307 fail ("encrypt mismatch (algo %d, mode %d)\n",
3308 tv[i].algo, tv[i].mode);
3310 err = gcry_cipher_decrypt (hdd, outbuf, buflen, NULL, 0);
3313 fail ("gcry_cipher_decrypt (algo %d, mode %d) failed: %s\n",
3314 tv[i].algo, tv[i].mode, gpg_strerror (err));
3318 if (memcmp (buffer, outbuf, buflen))
3319 fail ("decrypt mismatch (algo %d, mode %d)\n",
3320 tv[i].algo, tv[i].mode);
3322 gcry_cipher_close (hde); hde = NULL;
3323 gcry_cipher_close (hdd); hdd = NULL;
3327 fprintf (stderr, "Completed bulk cipher checks.\n");
3329 gcry_cipher_close (hde);
3330 gcry_cipher_close (hdd);
3331 gcry_free (buffer_base);
3332 gcry_free (outbuf_base);
3336 /* The core of the cipher check. In addition to the parameters passed
3337 to check_one_cipher it also receives the KEY and the plain data.
3338 PASS is printed with error messages. The function returns 0 on
3341 check_one_cipher_core (int algo, int mode, int flags,
3342 const char *key, size_t nkey,
3343 const unsigned char *plain, size_t nplain,
3344 int bufshift, int pass)
3346 gcry_cipher_hd_t hd;
3347 unsigned char in_buffer[1040+1], out_buffer[1040+1];
3348 unsigned char *in, *out;
3350 gcry_error_t err = 0;
3352 assert (nkey == 32);
3353 assert (nplain == 1040);
3354 assert (sizeof(in_buffer) == nplain + 1);
3355 assert (sizeof(out_buffer) == sizeof(in_buffer));
3362 else if (bufshift == 1)
3367 else if (bufshift == 2)
3378 keylen = gcry_cipher_get_algo_keylen (algo);
3381 fail ("pass %d, algo %d, mode %d, gcry_cipher_get_algo_keylen failed\n",
3386 if (keylen < 40 / 8 || keylen > 32)
3388 fail ("pass %d, algo %d, mode %d, keylength problem (%d)\n", pass, algo, mode, keylen);
3392 err = gcry_cipher_open (&hd, algo, mode, flags);
3395 fail ("pass %d, algo %d, mode %d, gcry_cipher_open failed: %s\n",
3396 pass, algo, mode, gpg_strerror (err));
3400 err = gcry_cipher_setkey (hd, key, keylen);
3403 fail ("pass %d, algo %d, mode %d, gcry_cipher_setkey failed: %s\n",
3404 pass, algo, mode, gpg_strerror (err));
3405 gcry_cipher_close (hd);
3409 err = gcry_cipher_encrypt (hd, out, nplain, plain, nplain);
3412 fail ("pass %d, algo %d, mode %d, gcry_cipher_encrypt failed: %s\n",
3413 pass, algo, mode, gpg_strerror (err));
3414 gcry_cipher_close (hd);
3418 gcry_cipher_reset (hd);
3420 err = gcry_cipher_decrypt (hd, in, nplain, out, nplain);
3423 fail ("pass %d, algo %d, mode %d, gcry_cipher_decrypt failed: %s\n",
3424 pass, algo, mode, gpg_strerror (err));
3425 gcry_cipher_close (hd);
3429 if (memcmp (plain, in, nplain))
3430 fail ("pass %d, algo %d, mode %d, encrypt-decrypt mismatch\n",
3433 /* Again, using in-place encryption. */
3434 gcry_cipher_reset (hd);
3436 memcpy (out, plain, nplain);
3437 err = gcry_cipher_encrypt (hd, out, nplain, NULL, 0);
3440 fail ("pass %d, algo %d, mode %d, in-place, gcry_cipher_encrypt failed:"
3442 pass, algo, mode, gpg_strerror (err));
3443 gcry_cipher_close (hd);
3447 gcry_cipher_reset (hd);
3449 err = gcry_cipher_decrypt (hd, out, nplain, NULL, 0);
3452 fail ("pass %d, algo %d, mode %d, in-place, gcry_cipher_decrypt failed:"
3454 pass, algo, mode, gpg_strerror (err));
3455 gcry_cipher_close (hd);
3459 if (memcmp (plain, out, nplain))
3460 fail ("pass %d, algo %d, mode %d, in-place, encrypt-decrypt mismatch\n",
3464 gcry_cipher_close (hd);
3472 check_one_cipher (int algo, int mode, int flags)
3475 unsigned char plain[1040+1];
3478 for (bufshift=0; bufshift < 4; bufshift++)
3480 /* Pass 0: Standard test. */
3481 memcpy (key, "0123456789abcdef.,;/[]{}-=ABCDEF", 32);
3482 memcpy (plain, "foobar42FOOBAR17", 16);
3483 for (i = 16; i < 1040; i += 16)
3485 memcpy (&plain[i], &plain[i-16], 16);
3492 if (check_one_cipher_core (algo, mode, flags, key, 32, plain, 1040,
3493 bufshift, 0+10*bufshift))
3496 /* Pass 1: Key not aligned. */
3497 memmove (key+1, key, 32);
3498 if (check_one_cipher_core (algo, mode, flags, key+1, 32, plain, 1040,
3499 bufshift, 1+10*bufshift))
3502 /* Pass 2: Key not aligned and data not aligned. */
3503 memmove (plain+1, plain, 1040);
3504 if (check_one_cipher_core (algo, mode, flags, key+1, 32, plain+1, 1040,
3505 bufshift, 2+10*bufshift))
3508 /* Pass 3: Key aligned and data not aligned. */
3509 memmove (key, key+1, 32);
3510 if (check_one_cipher_core (algo, mode, flags, key, 32, plain+1, 1040,
3511 bufshift, 3+10*bufshift))
3521 check_ciphers (void)
3523 static const int algos[] = {
3525 GCRY_CIPHER_BLOWFISH,
3540 GCRY_CIPHER_TWOFISH,
3541 GCRY_CIPHER_TWOFISH128,
3544 GCRY_CIPHER_SERPENT128,
3545 GCRY_CIPHER_SERPENT192,
3546 GCRY_CIPHER_SERPENT256,
3549 GCRY_CIPHER_RFC2268_40,
3555 GCRY_CIPHER_CAMELLIA128,
3556 GCRY_CIPHER_CAMELLIA192,
3557 GCRY_CIPHER_CAMELLIA256,
3563 GCRY_CIPHER_GOST28147,
3567 static const int algos2[] = {
3569 GCRY_CIPHER_ARCFOUR,
3572 GCRY_CIPHER_SALSA20,
3573 GCRY_CIPHER_SALSA20R12,
3580 fprintf (stderr, "Starting Cipher checks.\n");
3581 for (i = 0; algos[i]; i++)
3583 if (gcry_cipher_test_algo (algos[i]) && in_fips_mode)
3586 fprintf (stderr, " algorithm %d not available in fips mode\n",
3591 fprintf (stderr, " checking %s [%i]\n",
3592 gcry_cipher_algo_name (algos[i]),
3593 gcry_cipher_map_name (gcry_cipher_algo_name (algos[i])));
3595 check_one_cipher (algos[i], GCRY_CIPHER_MODE_ECB, 0);
3596 check_one_cipher (algos[i], GCRY_CIPHER_MODE_CFB, 0);
3597 check_one_cipher (algos[i], GCRY_CIPHER_MODE_OFB, 0);
3598 check_one_cipher (algos[i], GCRY_CIPHER_MODE_CBC, 0);
3599 check_one_cipher (algos[i], GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS);
3600 check_one_cipher (algos[i], GCRY_CIPHER_MODE_CTR, 0);
3601 if (gcry_cipher_get_algo_blklen (algos[i]) == GCRY_GCM_BLOCK_LEN)
3602 check_one_cipher (algos[i], GCRY_CIPHER_MODE_GCM, 0);
3605 for (i = 0; algos2[i]; i++)
3607 if (gcry_cipher_test_algo (algos[i]) && in_fips_mode)
3610 fprintf (stderr, " algorithm %d not available in fips mode\n",
3615 fprintf (stderr, " checking %s\n",
3616 gcry_cipher_algo_name (algos2[i]));
3618 check_one_cipher (algos2[i], GCRY_CIPHER_MODE_STREAM, 0);
3620 /* we have now run all cipher's selftests */
3623 fprintf (stderr, "Completed Cipher checks.\n");
3625 /* TODO: add some extra encryption to test the higher level functions */
3630 check_cipher_modes(void)
3633 fprintf (stderr, "Starting Cipher Mode checks.\n");
3635 check_aes128_cbc_cts_cipher ();
3636 check_cbc_mac_cipher ();
3637 check_ctr_cipher ();
3638 check_cfb_cipher ();
3639 check_ofb_cipher ();
3640 check_ccm_cipher ();
3641 check_gcm_cipher ();
3642 check_stream_cipher ();
3643 check_stream_cipher_large_block ();
3646 fprintf (stderr, "Completed Cipher Mode checks.\n");
3650 check_one_md (int algo, const char *data, int len, const char *expect)
3652 gcry_md_hd_t hd, hd2;
3656 gcry_error_t err = 0;
3658 err = gcry_md_open (&hd, algo, 0);
3661 fail ("algo %d, gcry_md_open failed: %s\n", algo, gpg_strerror (err));
3665 mdlen = gcry_md_get_algo_dlen (algo);
3666 if (mdlen < 1 || mdlen > 500)
3668 fail ("algo %d, gcry_md_get_algo_dlen failed: %d\n", algo, mdlen);
3672 if (*data == '!' && !data[1])
3673 { /* hash one million times a "a" */
3676 /* Write in odd size chunks so that we test the buffering. */
3677 memset (aaa, 'a', 1000);
3678 for (i = 0; i < 1000; i++)
3679 gcry_md_write (hd, aaa, 1000);
3682 gcry_md_write (hd, data, len);
3684 err = gcry_md_copy (&hd2, hd);
3687 fail ("algo %d, gcry_md_copy failed: %s\n", algo, gpg_strerror (err));
3692 p = gcry_md_read (hd2, algo);
3694 if (memcmp (p, expect, mdlen))
3696 printf ("computed: ");
3697 for (i = 0; i < mdlen; i++)
3698 printf ("%02x ", p[i] & 0xFF);
3699 printf ("\nexpected: ");
3700 for (i = 0; i < mdlen; i++)
3701 printf ("%02x ", expect[i] & 0xFF);
3704 fail ("algo %d, digest mismatch\n", algo);
3707 gcry_md_close (hd2);
3712 check_one_md_multi (int algo, const char *data, int len, const char *expect)
3715 gcry_buffer_t iov[3];
3721 mdlen = gcry_md_get_algo_dlen (algo);
3722 if (mdlen < 1 || mdlen > 64)
3724 fail ("check_one_md_multi: algo %d, gcry_md_get_algo_dlen failed: %d\n",
3729 if (*data == '!' && !data[1])
3730 return; /* We can't do that here. */
3732 memset (iov, 0, sizeof iov);
3734 iov[0].data = (void*)data;
3744 iov[iovcnt].data = (void*)data;
3745 iov[iovcnt].len = 4;
3750 iov[iovcnt].data = (void*)data;
3751 iov[iovcnt].len = len;
3753 assert (iovcnt <= DIM (iov));
3755 err = gcry_md_hash_buffers (algo, 0, digest, iov, iovcnt);
3758 fail ("check_one_md_multi: algo %d, gcry_hash_buffers failed: %s\n",
3759 algo, gpg_strerror (err));
3762 if (memcmp (digest, expect, mdlen))
3764 printf ("computed: ");
3765 for (i = 0; i < mdlen; i++)
3766 printf ("%02x ", digest[i] & 0xFF);
3767 printf ("\nexpected: ");
3768 for (i = 0; i < mdlen; i++)
3769 printf ("%02x ", expect[i] & 0xFF);
3772 fail ("check_one_md_multi: algo %d, digest mismatch\n", algo);
3778 check_digests (void)
3780 static const struct algos
3788 "\x31\xD6\xCF\xE0\xD1\x6A\xE9\x31\xB7\x3C\x59\xD7\xE0\xC0\x89\xC0" },
3790 "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb\x24" },
3791 { GCRY_MD_MD4, "message digest",
3792 "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01\x4b" },
3794 "\xD4\x1D\x8C\xD9\x8F\x00\xB2\x04\xE9\x80\x09\x98\xEC\xF8\x42\x7E" },
3796 "\x0C\xC1\x75\xB9\xC0\xF1\xB6\xA8\x31\xC3\x99\xE2\x69\x77\x26\x61" },
3797 { GCRY_MD_MD5, "abc",
3798 "\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72" },
3799 { GCRY_MD_MD5, "message digest",
3800 "\xF9\x6B\x69\x7D\x7C\xB7\x93\x8D\x52\x5A\x2F\x31\xAA\xF1\x61\xD0" },
3801 { GCRY_MD_SHA1, "abc",
3802 "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
3803 "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
3805 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
3806 "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE"
3807 "\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1" },
3808 { GCRY_MD_SHA1, "!" /* kludge for "a"*1000000 */ ,
3809 "\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E"
3810 "\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F" },
3812 { GCRY_MD_SHA224, "abc",
3813 "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2\x55\xb3"
3814 "\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7" },
3816 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
3817 "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01\x50"
3818 "\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25" },
3819 { GCRY_MD_SHA224, "!",
3820 "\x20\x79\x46\x55\x98\x0c\x91\xd8\xbb\xb4\xc1\xea\x97\x61\x8a\x4b"
3821 "\xf0\x3f\x42\x58\x19\x48\xb2\xee\x4e\xe7\xad\x67" },
3822 { GCRY_MD_SHA256, "abc",
3823 "\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
3824 "\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad" },
3826 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
3827 "\x24\x8d\x6a\x61\xd2\x06\x38\xb8\xe5\xc0\x26\x93\x0c\x3e\x60\x39"
3828 "\xa3\x3c\xe4\x59\x64\xff\x21\x67\xf6\xec\xed\xd4\x19\xdb\x06\xc1" },
3829 { GCRY_MD_SHA256, "!",
3830 "\xcd\xc7\x6e\x5c\x99\x14\xfb\x92\x81\xa1\xc7\xe2\x84\xd7\x3e\x67"
3831 "\xf1\x80\x9a\x48\xa4\x97\x20\x0e\x04\x6d\x39\xcc\xc7\x11\x2c\xd0" },
3832 { GCRY_MD_SHA384, "abc",
3833 "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50\x07"
3834 "\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff\x5b\xed"
3835 "\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34\xc8\x25\xa7" },
3836 { GCRY_MD_SHA512, "abc",
3837 "\xDD\xAF\x35\xA1\x93\x61\x7A\xBA\xCC\x41\x73\x49\xAE\x20\x41\x31"
3838 "\x12\xE6\xFA\x4E\x89\xA9\x7E\xA2\x0A\x9E\xEE\xE6\x4B\x55\xD3\x9A"
3839 "\x21\x92\x99\x2A\x27\x4F\xC1\xA8\x36\xBA\x3C\x23\xA3\xFE\xEB\xBD"
3840 "\x45\x4D\x44\x23\x64\x3C\xE8\x0E\x2A\x9A\xC9\x4F\xA5\x4C\xA4\x9F" },
3841 { GCRY_MD_RMD160, "",
3842 "\x9c\x11\x85\xa5\xc5\xe9\xfc\x54\x61\x28"
3843 "\x08\x97\x7e\xe8\xf5\x48\xb2\x25\x8d\x31" },
3844 { GCRY_MD_RMD160, "a",
3845 "\x0b\xdc\x9d\x2d\x25\x6b\x3e\xe9\xda\xae"
3846 "\x34\x7b\xe6\xf4\xdc\x83\x5a\x46\x7f\xfe" },
3847 { GCRY_MD_RMD160, "abc",
3848 "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04"
3849 "\x4a\x8e\x98\xc6\xb0\x87\xf1\x5a\x0b\xfc" },
3850 { GCRY_MD_RMD160, "message digest",
3851 "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8"
3852 "\x81\xb1\x23\xa8\x5f\xfa\x21\x59\x5f\x36" },
3853 { GCRY_MD_CRC32, "", "\x00\x00\x00\x00" },
3854 { GCRY_MD_CRC32, "foo", "\x8c\x73\x65\x21" },
3855 { GCRY_MD_CRC32_RFC1510, "", "\x00\x00\x00\x00" },
3856 { GCRY_MD_CRC32_RFC1510, "foo", "\x73\x32\xbc\x33" },
3857 { GCRY_MD_CRC32_RFC1510, "test0123456789", "\xb8\x3e\x88\xd6" },
3858 { GCRY_MD_CRC32_RFC1510, "MASSACHVSETTS INSTITVTE OF TECHNOLOGY",
3859 "\xe3\x41\x80\xf7" },
3861 { GCRY_MD_CRC32_RFC1510, "\x80\x00", "\x3b\x83\x98\x4b" },
3862 { GCRY_MD_CRC32_RFC1510, "\x00\x08", "\x0e\xdb\x88\x32" },
3863 { GCRY_MD_CRC32_RFC1510, "\x00\x80", "\xed\xb8\x83\x20" },
3865 { GCRY_MD_CRC32_RFC1510, "\x80", "\xed\xb8\x83\x20" },
3867 { GCRY_MD_CRC32_RFC1510, "\x80\x00\x00\x00", "\xed\x59\xb6\x3b" },
3868 { GCRY_MD_CRC32_RFC1510, "\x00\x00\x00\x01", "\x77\x07\x30\x96" },
3870 { GCRY_MD_CRC24_RFC2440, "", "\xb7\x04\xce" },
3871 { GCRY_MD_CRC24_RFC2440, "foo", "\x4f\xc2\x55" },
3873 { GCRY_MD_TIGER, "",
3874 "\x24\xF0\x13\x0C\x63\xAC\x93\x32\x16\x16\x6E\x76"
3875 "\xB1\xBB\x92\x5F\xF3\x73\xDE\x2D\x49\x58\x4E\x7A" },
3876 { GCRY_MD_TIGER, "abc",
3877 "\xF2\x58\xC1\xE8\x84\x14\xAB\x2A\x52\x7A\xB5\x41"
3878 "\xFF\xC5\xB8\xBF\x93\x5F\x7B\x95\x1C\x13\x29\x51" },
3879 { GCRY_MD_TIGER, "Tiger",
3880 "\x9F\x00\xF5\x99\x07\x23\x00\xDD\x27\x6A\xBB\x38"
3881 "\xC8\xEB\x6D\xEC\x37\x79\x0C\x11\x6F\x9D\x2B\xDF" },
3882 { GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefg"
3883 "hijklmnopqrstuvwxyz0123456789+-",
3884 "\x87\xFB\x2A\x90\x83\x85\x1C\xF7\x47\x0D\x2C\xF8"
3885 "\x10\xE6\xDF\x9E\xB5\x86\x44\x50\x34\xA5\xA3\x86" },
3886 { GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdef"
3887 "ghijklmnopqrstuvwxyz+0123456789",
3888 "\x46\x7D\xB8\x08\x63\xEB\xCE\x48\x8D\xF1\xCD\x12"
3889 "\x61\x65\x5D\xE9\x57\x89\x65\x65\x97\x5F\x91\x97" },
3890 { GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
3891 "by Ross Anderson and Eli Biham",
3892 "\x0C\x41\x0A\x04\x29\x68\x86\x8A\x16\x71\xDA\x5A"
3893 "\x3F\xD2\x9A\x72\x5E\xC1\xE4\x57\xD3\xCD\xB3\x03" },
3894 { GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
3895 "by Ross Anderson and Eli Biham, proceedings of Fa"
3896 "st Software Encryption 3, Cambridge.",
3897 "\xEB\xF5\x91\xD5\xAF\xA6\x55\xCE\x7F\x22\x89\x4F"
3898 "\xF8\x7F\x54\xAC\x89\xC8\x11\xB6\xB0\xDA\x31\x93" },
3899 { GCRY_MD_TIGER, "Tiger - A Fast New Hash Function, "
3900 "by Ross Anderson and Eli Biham, proceedings of Fa"
3901 "st Software Encryption 3, Cambridge, 1996.",
3902 "\x3D\x9A\xEB\x03\xD1\xBD\x1A\x63\x57\xB2\x77\x4D"
3903 "\xFD\x6D\x5B\x24\xDD\x68\x15\x1D\x50\x39\x74\xFC" },
3904 { GCRY_MD_TIGER, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefgh"
3905 "ijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRS"
3906 "TUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-",
3907 "\x00\xB8\x3E\xB4\xE5\x34\x40\xC5\x76\xAC\x6A\xAE"
3908 "\xE0\xA7\x48\x58\x25\xFD\x15\xE7\x0A\x59\xFF\xE4" },
3910 { GCRY_MD_TIGER1, "",
3911 "\x32\x93\xAC\x63\x0C\x13\xF0\x24\x5F\x92\xBB\xB1"
3912 "\x76\x6E\x16\x16\x7A\x4E\x58\x49\x2D\xDE\x73\xF3" },
3913 { GCRY_MD_TIGER1, "a",
3914 "\x77\xBE\xFB\xEF\x2E\x7E\xF8\xAB\x2E\xC8\xF9\x3B"
3915 "\xF5\x87\xA7\xFC\x61\x3E\x24\x7F\x5F\x24\x78\x09" },
3916 { GCRY_MD_TIGER1, "abc",
3917 "\x2A\xAB\x14\x84\xE8\xC1\x58\xF2\xBF\xB8\xC5\xFF"
3918 "\x41\xB5\x7A\x52\x51\x29\x13\x1C\x95\x7B\x5F\x93" },
3919 { GCRY_MD_TIGER1, "message digest",
3920 "\xD9\x81\xF8\xCB\x78\x20\x1A\x95\x0D\xCF\x30\x48"
3921 "\x75\x1E\x44\x1C\x51\x7F\xCA\x1A\xA5\x5A\x29\xF6" },
3922 { GCRY_MD_TIGER1, "abcdefghijklmnopqrstuvwxyz",
3923 "\x17\x14\xA4\x72\xEE\xE5\x7D\x30\x04\x04\x12\xBF"
3924 "\xCC\x55\x03\x2A\x0B\x11\x60\x2F\xF3\x7B\xEE\xE9" },
3926 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
3927 "\x0F\x7B\xF9\xA1\x9B\x9C\x58\xF2\xB7\x61\x0D\xF7"
3928 "\xE8\x4F\x0A\xC3\xA7\x1C\x63\x1E\x7B\x53\xF7\x8E" },
3930 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
3931 "abcdefghijklmnopqrstuvwxyz" "0123456789",
3932 "\x8D\xCE\xA6\x80\xA1\x75\x83\xEE\x50\x2B\xA3\x8A"
3933 "\x3C\x36\x86\x51\x89\x0F\xFB\xCC\xDC\x49\xA8\xCC" },
3935 "1234567890" "1234567890" "1234567890" "1234567890"
3936 "1234567890" "1234567890" "1234567890" "1234567890",
3937 "\x1C\x14\x79\x55\x29\xFD\x9F\x20\x7A\x95\x8F\x84"
3938 "\xC5\x2F\x11\xE8\x87\xFA\x0C\xAB\xDF\xD9\x1B\xFD" },
3939 { GCRY_MD_TIGER1, "!",
3940 "\x6D\xB0\xE2\x72\x9C\xBE\xAD\x93\xD7\x15\xC6\xA7"
3941 "\xD3\x63\x02\xE9\xB3\xCE\xE0\xD2\xBC\x31\x4B\x41" },
3943 { GCRY_MD_TIGER2, "",
3944 "\x44\x41\xBE\x75\xF6\x01\x87\x73\xC2\x06\xC2\x27"
3945 "\x45\x37\x4B\x92\x4A\xA8\x31\x3F\xEF\x91\x9F\x41" },
3946 { GCRY_MD_TIGER2, "a",
3947 "\x67\xE6\xAE\x8E\x9E\x96\x89\x99\xF7\x0A\x23\xE7"
3948 "\x2A\xEA\xA9\x25\x1C\xBC\x7C\x78\xA7\x91\x66\x36" },
3949 { GCRY_MD_TIGER2, "abc",
3950 "\xF6\x8D\x7B\xC5\xAF\x4B\x43\xA0\x6E\x04\x8D\x78"
3951 "\x29\x56\x0D\x4A\x94\x15\x65\x8B\xB0\xB1\xF3\xBF" },
3952 { GCRY_MD_TIGER2, "message digest",
3953 "\xE2\x94\x19\xA1\xB5\xFA\x25\x9D\xE8\x00\x5E\x7D"
3954 "\xE7\x50\x78\xEA\x81\xA5\x42\xEF\x25\x52\x46\x2D" },
3955 { GCRY_MD_TIGER2, "abcdefghijklmnopqrstuvwxyz",
3956 "\xF5\xB6\xB6\xA7\x8C\x40\x5C\x85\x47\xE9\x1C\xD8"
3957 "\x62\x4C\xB8\xBE\x83\xFC\x80\x4A\x47\x44\x88\xFD" },
3959 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
3960 "\xA6\x73\x7F\x39\x97\xE8\xFB\xB6\x3D\x20\xD2\xDF"
3961 "\x88\xF8\x63\x76\xB5\xFE\x2D\x5C\xE3\x66\x46\xA9" },
3963 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
3964 "abcdefghijklmnopqrstuvwxyz" "0123456789",
3965 "\xEA\x9A\xB6\x22\x8C\xEE\x7B\x51\xB7\x75\x44\xFC"
3966 "\xA6\x06\x6C\x8C\xBB\x5B\xBA\xE6\x31\x95\x05\xCD" },
3968 "1234567890" "1234567890" "1234567890" "1234567890"
3969 "1234567890" "1234567890" "1234567890" "1234567890",
projects / libgcrypt.git / blob