Loading crypto/evp/evp_test.c +19 −19 Original line number Diff line number Diff line Loading @@ -623,7 +623,7 @@ static const struct evp_test_method digest_test_method = { struct cipher_data { const EVP_CIPHER *cipher; int enc; /* Set to EVP_CIPH_GCM_MODE or EVP_CIPH_CCM_MODE if AEAD */ /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */ int aead; unsigned char *key; size_t key_len; Loading Loading @@ -664,6 +664,7 @@ static int cipher_test_init(struct evp_test *t, const char *alg) cdat->tag = NULL; t->data = cdat; if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE) cdat->aead = EVP_CIPHER_mode(cipher); else Loading Loading @@ -746,12 +747,8 @@ static int cipher_test_enc(struct evp_test *t, int enc) goto err; err = "INVALID_IV_LENGTH"; if (cdat->iv) { if (cdat->aead == EVP_CIPH_GCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, cdat->iv_len, 0)) goto err; } else if (cdat->aead == EVP_CIPH_CCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, if (cdat->aead) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, cdat->iv_len, 0)) goto err; } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) Loading @@ -760,22 +757,18 @@ static int cipher_test_enc(struct evp_test *t, int enc) if (cdat->aead) { unsigned char *tag; /* * If encrypting just set tag length. If decrypting set * tag length and value. * If encrypting or OCB just set tag length initially, otherwise * set tag length and value. */ if (enc) { if (enc || cdat->aead == EVP_CIPH_OCB_MODE) { err = "TAG_LENGTH_SET_ERROR"; tag = NULL; } else { err = "TAG_SET_ERROR"; tag = cdat->tag; } if (cdat->aead == EVP_CIPH_GCM_MODE && tag) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, cdat->tag_len, tag)) goto err; } else if (cdat->aead == EVP_CIPH_CCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, if (tag || cdat->aead != EVP_CIPH_GCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, cdat->tag_len, tag)) goto err; } Loading @@ -788,6 +781,14 @@ static int cipher_test_enc(struct evp_test *t, int enc) if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1)) goto err; if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, cdat->tag_len, cdat->tag)) { err = "TAG_SET_ERROR"; goto err; } } if (cdat->aead == EVP_CIPH_CCM_MODE) { if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) { err = "CCM_PLAINTEXT_LENGTH_SET_ERROR"; Loading Loading @@ -823,8 +824,7 @@ static int cipher_test_enc(struct evp_test *t, int enc) err = "TAG_LENGTH_INTERNAL_ERROR"; goto err; } /* EVP_CTRL_CCM_GET_TAG and EVP_CTRL_GCM_GET_TAG are equal. */ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, cdat->tag_len, rtag)) { err = "TAG_RETRIEVE_ERROR"; goto err; Loading crypto/evp/evptests.txt +145 −0 Original line number Diff line number Diff line Loading @@ -1652,6 +1652,151 @@ Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5 #AES OCB Test vectors Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 197B9C3C441D3C83EAFB2BEF633B9182 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 0001020304050607 Tag = 16DC76A46D47E1EAD537209E8A96D14E Plaintext = 0001020304050607 Ciphertext = 92B657130A74B85A Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 0001020304050607 Tag = 98B91552C8C009185044E30A6EB2FE21 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 971EFFCAE19AD4716F88E87B871FBEED Plaintext = 0001020304050607 Ciphertext = 92B657130A74B85A Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F Tag = 776C9924D6723A1FC4524532AC3E5BEB Plaintext = 000102030405060708090A0B0C0D0E0F Ciphertext = BEA5E8798DBE7110031C144DA0B26122 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F Tag = 7DDB8E6CEA6814866212509619B19CC6 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 13CC8B747807121A4CBB3E4BD6B456AF Plaintext = 000102030405060708090A0B0C0D0E0F Ciphertext = BEA5E8798DBE7110031C144DA0B26122 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F1011121314151617 Tag = 5FA94FC3F38820F1DC3F3D1FD4E55E1C Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617 Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F1011121314151617 Tag = 282026DA3068BC9FA118681D559F10F6 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 6EF2F52587FDA0ED97DC7EEDE241DF68 Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617 Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Tag = B2A040DD3BD5164372D76D7BB6824240 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Tag = E1E072633BADE51A60E85951D9C42A1B Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 4A3BAE824465CFDAF8C41FC50C7DF9D9 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Tag = 659C623211DEEA0DE30D2C381879F4C8 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Tag = 7AEB7A69A1687DD082CA27B0D9A37096 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 060C8467F4ABAB5E8B3C2067A2E115DC Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635 #AES OCB Non standard test vectors - generated from reference implementation Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Tag = 1b6c44f34e3abb3cbf8976e7 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Ciphertext = 09a4fd29de949d9a9aa9924248422097ad4883b4713e6c214ff6567ada08a96766fc4e2ee3e3a5a1 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B0C0D0E AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Tag = 1ad62009901f40cba7cd7156f94a7324 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Ciphertext = 5e2fa7367ffbdb3938845cfd415fcc71ec79634eb31451609d27505f5e2978f43c44213d8fa441ee # AES XTS test vectors from IEEE Std 1619-2007 Cipher = aes-128-xts Loading Loading
crypto/evp/evp_test.c +19 −19 Original line number Diff line number Diff line Loading @@ -623,7 +623,7 @@ static const struct evp_test_method digest_test_method = { struct cipher_data { const EVP_CIPHER *cipher; int enc; /* Set to EVP_CIPH_GCM_MODE or EVP_CIPH_CCM_MODE if AEAD */ /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */ int aead; unsigned char *key; size_t key_len; Loading Loading @@ -664,6 +664,7 @@ static int cipher_test_init(struct evp_test *t, const char *alg) cdat->tag = NULL; t->data = cdat; if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE) cdat->aead = EVP_CIPHER_mode(cipher); else Loading Loading @@ -746,12 +747,8 @@ static int cipher_test_enc(struct evp_test *t, int enc) goto err; err = "INVALID_IV_LENGTH"; if (cdat->iv) { if (cdat->aead == EVP_CIPH_GCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, cdat->iv_len, 0)) goto err; } else if (cdat->aead == EVP_CIPH_CCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, if (cdat->aead) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, cdat->iv_len, 0)) goto err; } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) Loading @@ -760,22 +757,18 @@ static int cipher_test_enc(struct evp_test *t, int enc) if (cdat->aead) { unsigned char *tag; /* * If encrypting just set tag length. If decrypting set * tag length and value. * If encrypting or OCB just set tag length initially, otherwise * set tag length and value. */ if (enc) { if (enc || cdat->aead == EVP_CIPH_OCB_MODE) { err = "TAG_LENGTH_SET_ERROR"; tag = NULL; } else { err = "TAG_SET_ERROR"; tag = cdat->tag; } if (cdat->aead == EVP_CIPH_GCM_MODE && tag) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, cdat->tag_len, tag)) goto err; } else if (cdat->aead == EVP_CIPH_CCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, if (tag || cdat->aead != EVP_CIPH_GCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, cdat->tag_len, tag)) goto err; } Loading @@ -788,6 +781,14 @@ static int cipher_test_enc(struct evp_test *t, int enc) if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1)) goto err; if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, cdat->tag_len, cdat->tag)) { err = "TAG_SET_ERROR"; goto err; } } if (cdat->aead == EVP_CIPH_CCM_MODE) { if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) { err = "CCM_PLAINTEXT_LENGTH_SET_ERROR"; Loading Loading @@ -823,8 +824,7 @@ static int cipher_test_enc(struct evp_test *t, int enc) err = "TAG_LENGTH_INTERNAL_ERROR"; goto err; } /* EVP_CTRL_CCM_GET_TAG and EVP_CTRL_GCM_GET_TAG are equal. */ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, cdat->tag_len, rtag)) { err = "TAG_RETRIEVE_ERROR"; goto err; Loading
crypto/evp/evptests.txt +145 −0 Original line number Diff line number Diff line Loading @@ -1652,6 +1652,151 @@ Tag = 3b629ccfbc1119b7319e1dce2cd6fd6d Plaintext = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f Ciphertext = 6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5 #AES OCB Test vectors Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 197B9C3C441D3C83EAFB2BEF633B9182 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 0001020304050607 Tag = 16DC76A46D47E1EAD537209E8A96D14E Plaintext = 0001020304050607 Ciphertext = 92B657130A74B85A Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 0001020304050607 Tag = 98B91552C8C009185044E30A6EB2FE21 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 971EFFCAE19AD4716F88E87B871FBEED Plaintext = 0001020304050607 Ciphertext = 92B657130A74B85A Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F Tag = 776C9924D6723A1FC4524532AC3E5BEB Plaintext = 000102030405060708090A0B0C0D0E0F Ciphertext = BEA5E8798DBE7110031C144DA0B26122 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F Tag = 7DDB8E6CEA6814866212509619B19CC6 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 13CC8B747807121A4CBB3E4BD6B456AF Plaintext = 000102030405060708090A0B0C0D0E0F Ciphertext = BEA5E8798DBE7110031C144DA0B26122 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F1011121314151617 Tag = 5FA94FC3F38820F1DC3F3D1FD4E55E1C Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617 Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F1011121314151617 Tag = 282026DA3068BC9FA118681D559F10F6 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 6EF2F52587FDA0ED97DC7EEDE241DF68 Plaintext = 000102030405060708090A0B0C0D0E0F1011121314151617 Ciphertext = BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Tag = B2A040DD3BD5164372D76D7BB6824240 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Tag = E1E072633BADE51A60E85951D9C42A1B Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 4A3BAE824465CFDAF8C41FC50C7DF9D9 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Tag = 659C623211DEEA0DE30D2C381879F4C8 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Tag = 7AEB7A69A1687DD082CA27B0D9A37096 Plaintext = Ciphertext = Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = Tag = 060C8467F4ABAB5E8B3C2067A2E115DC Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Ciphertext = BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A657149D53773463CB68C65778B058A635 #AES OCB Non standard test vectors - generated from reference implementation Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Tag = 1b6c44f34e3abb3cbf8976e7 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Ciphertext = 09a4fd29de949d9a9aa9924248422097ad4883b4713e6c214ff6567ada08a96766fc4e2ee3e3a5a1 Cipher = aes-128-ocb Key = 000102030405060708090A0B0C0D0E0F IV = 000102030405060708090A0B0C0D0E AAD = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Tag = 1ad62009901f40cba7cd7156f94a7324 Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627 Ciphertext = 5e2fa7367ffbdb3938845cfd415fcc71ec79634eb31451609d27505f5e2978f43c44213d8fa441ee # AES XTS test vectors from IEEE Std 1619-2007 Cipher = aes-128-xts Loading
Matt Caswell <matt@openssl.org>Matt Caswell <matt@openssl.org>