1 /* 2 * COPYRIGHT (c) International Business Machines Corp. 2011-2017 3 * 4 * This program is provided under the terms of the Common Public License, 5 * version 1.0 (CPL-1.0). Any use, reproduction or distribution for this 6 * software constitutes recipient's acceptance of CPL-1.0 terms which can be 7 * found in the file LICENSE file or at 8 * https://opensource.org/licenses/cpl1.0.php 9 */ 10 11 #include "pkcs11types.h" 12 13 #ifndef _AES_H_ 14 #define _AES_H_ 15 #endif 16 #if !defined(TRUE) 17 #define TRUE 1 18 #endif 19 20 #if !defined(FALSE) 21 #define FALSE 0 22 #endif 23 24 #define MAX_KEY_SIZE 64 25 #define MAX_TEXT_SIZE 4096 26 #define MAX_IV_SIZE 64 27 #define MAX_COUNTER_SIZE 16 28 #define MAX_AAD_SIZE 512 29 #define MAX_TAG_SIZE 16 30 #define AES_BLOCK_SIZE 16 31 #define AES_COUNTER_VALUE "0123456789012345" 32 #define AES_IV_VALUE "1234567890123456" 33 #define AES_KEY_LEN 32 34 35 #define AES_IV_SIZE 16 36 #define AES_COUNTER_SIZE 16 37 #define MAX_CHUNKS 8 38 39 40 struct aes_test_vector { 41 unsigned char key[MAX_KEY_SIZE]; 42 unsigned char klen; 43 unsigned char plaintext[MAX_TEXT_SIZE]; 44 unsigned char plen; 45 unsigned char ciphertext[MAX_TEXT_SIZE]; 46 unsigned char clen; 47 unsigned char iv[MAX_IV_SIZE]; // aes cbc mode 48 unsigned char ivlen; // aes cbc mode 49 unsigned char counter[MAX_COUNTER_SIZE]; // aes ctr mode 50 unsigned char counterlen; // aes ctr mode 51 unsigned int counterbits; // aes ctr mode 52 unsigned char aad[MAX_AAD_SIZE]; // aes gcm mode 53 unsigned int aadlen; // aes gcm mode 54 unsigned int tag[MAX_TAG_SIZE]; // aes gcm mode 55 unsigned int taglen; // aes gcm mode 56 int chunks_plain[MAX_CHUNKS]; 57 int num_chunks_plain; 58 int chunks_ciph[MAX_CHUNKS]; 59 int num_chunks_ciph; 60 }; 61 62 struct published_test_suite_info { 63 const char *name; 64 unsigned int tvcount; 65 struct aes_test_vector *tv; 66 unsigned int size; 67 CK_MECHANISM mech; 68 }; 69 70 struct generated_test_suite_info { 71 const char *name; 72 CK_MECHANISM mech; 73 unsigned int size; 74 }; 75 76 char aes_iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 77 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f 78 }; 79 80 struct CK_AES_CTR_PARAMS aesctr = { 81 .ulCounterBits = AES_COUNTER_SIZE, 82 .cb = {0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 83 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff}, 84 }; 85 86 struct CK_GCM_PARAMS aesgcm = { 87 .ulIvLen = AES_BLOCK_SIZE, 88 .ulAADLen = 0, 89 .ulTagBits = 16, 90 }; 91 92 struct CK_MECHANISM aes_keygen = { 93 .mechanism = CKM_AES_KEY_GEN, 94 .ulParameterLen = 0, 95 .pParameter = NULL, 96 }; 97 98 /** NIST Special Publication 800-38A 99 http://www.csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf 100 **/ 101 static struct aes_test_vector aes_ecb_tv[] = { 102 { // #0 103 .key = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 104 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}, 105 .klen = 16, 106 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 107 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 108 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 109 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 110 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 111 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 112 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 113 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 114 .plen = 64, 115 .ciphertext = {0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60, 116 0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97, 117 0xf5, 0xd3, 0xd5, 0x85, 0x03, 0xb9, 0x69, 0x9d, 118 0xe7, 0x85, 0x89, 0x5a, 0x96, 0xfd, 0xba, 0xaf, 119 0x43, 0xb1, 0xcd, 0x7f, 0x59, 0x8e, 0xce, 0x23, 120 0x88, 0x1b, 0x00, 0xe3, 0xed, 0x03, 0x06, 0x88, 121 0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f, 122 0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4}, 123 .clen = 64, 124 }, { // #1 125 .key = {0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 126 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 127 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, 128 .klen = 24, 129 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 130 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 131 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 132 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 133 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 134 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 135 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 136 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 137 .plen = 64, 138 .num_chunks_plain = 4, 139 .chunks_plain = {16, 16, 16, 16}, 140 .ciphertext = {0xbd, 0x33, 0x4f, 0x1d, 0x6e, 0x45, 0xf2, 0x5f, 141 0xf7, 0x12, 0xa2, 0x14, 0x57, 0x1f, 0xa5, 0xcc, 142 0x97, 0x41, 0x04, 0x84, 0x6d, 0x0a, 0xd3, 0xad, 143 0x77, 0x34, 0xec, 0xb3, 0xec, 0xee, 0x4e, 0xef, 144 0xef, 0x7a, 0xfd, 0x22, 0x70, 0xe2, 0xe6, 0x0a, 145 0xdc, 0xe0, 0xba, 0x2f, 0xac, 0xe6, 0x44, 0x4e, 146 0x9a, 0x4b, 0x41, 0xba, 0x73, 0x8d, 0x6c, 0x72, 147 0xfb, 0x16, 0x69, 0x16, 0x03, 0xc1, 0x8e, 0x0e}, 148 .clen = 64, 149 .num_chunks_ciph = 4, 150 .chunks_ciph = {16, 16, 16, 16}, 151 }, { // #2 152 .key = {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 153 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 154 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 155 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4}, 156 .klen = 32, 157 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 158 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 159 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 160 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 161 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 162 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 163 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 164 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 165 .plen = 64, 166 .num_chunks_plain = 5, 167 .chunks_plain = {25, 0, 8, -1, 31}, 168 .ciphertext = {0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c, 169 0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8, 170 0x59, 0x1c, 0xcb, 0x10, 0xd4, 0x10, 0xed, 0x26, 171 0xdc, 0x5b, 0xa7, 0x4a, 0x31, 0x36, 0x28, 0x70, 172 0xb6, 0xed, 0x21, 0xb9, 0x9c, 0xa6, 0xf4, 0xf9, 173 0xf1, 0x53, 0xe7, 0xb1, 0xbe, 0xaf, 0xed, 0x1d, 174 0x23, 0x30, 0x4b, 0x7a, 0x39, 0xf9, 0xf3, 0xff, 175 0x06, 0x7d, 0x8d, 0x8f, 0x9e, 0x24, 0xec, 0xc7}, 176 .clen = 64, 177 .num_chunks_ciph = 5, 178 .chunks_ciph = {25, 0, 8, -1, 31}, 179 }, 180 }; 181 182 /** NIST Special Publication 800-38A 183 http://www.csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf 184 **/ 185 static struct aes_test_vector aes_cbc_tv[] = { 186 { // #0 187 .key = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 188 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}, 189 .klen = 16, 190 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 191 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 192 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 193 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 194 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 195 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 196 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 197 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 198 .plen = 64, 199 .ciphertext = {0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 200 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d, 201 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 202 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2, 203 0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b, 204 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16, 205 0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09, 206 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7}, 207 .clen = 64, 208 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 209 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 210 .ivlen = 16, 211 }, { // #1 212 .key = {0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 213 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 214 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, 215 .klen = 24, 216 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 217 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 218 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 219 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 220 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 221 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 222 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 223 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 224 .plen = 64, 225 .num_chunks_plain = 4, 226 .chunks_plain = {16, 16, 16, 16}, 227 .ciphertext = {0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d, 228 0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8, 229 0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4, 230 0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a, 231 0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0, 232 0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0, 233 0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81, 234 0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd}, 235 .clen = 64, 236 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 237 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 238 .ivlen = 16, 239 .num_chunks_ciph = 4, 240 .chunks_ciph = {16, 16, 16, 16}, 241 }, { // #2 242 .key = {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 243 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 244 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 245 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4}, 246 .klen = 32, 247 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 248 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 249 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 250 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 251 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 252 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 253 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 254 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 255 .plen = 64, 256 .num_chunks_plain = 5, 257 .chunks_plain = {25, 0, 8, -1, 31}, 258 .ciphertext = {0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba, 259 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6, 260 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d, 261 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d, 262 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf, 263 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61, 264 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc, 265 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b}, 266 .clen = 64, 267 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 268 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 269 .ivlen = 16, 270 .num_chunks_ciph = 5, 271 .chunks_ciph = {25, 0, 8, -1, 31}, 272 }, 273 }; 274 275 /** NIST Special Publication 800-38A 276 http://www.csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf 277 **/ 278 static struct aes_test_vector aes_ctr_tv[] = { 279 { // #0 280 .key = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 281 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}, 282 .klen = 16, 283 .counter = {0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 284 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff}, 285 .counterlen = 16, 286 .counterbits = 128, 287 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 288 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 289 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 290 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 291 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 292 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 293 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 294 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 295 .plen = 64, 296 .ciphertext = {0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26, 297 0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce, 298 0x98, 0x06, 0xf6, 0x6b, 0x79, 0x70, 0xfd, 0xff, 299 0x86, 0x17, 0x18, 0x7b, 0xb9, 0xff, 0xfd, 0xff, 300 0x5a, 0xe4, 0xdf, 0x3e, 0xdb, 0xd5, 0xd3, 0x5e, 301 0x5b, 0x4f, 0x09, 0x02, 0x0d, 0xb0, 0x3e, 0xab, 302 0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe, 0x03, 0xd1, 303 0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee}, 304 .clen = 64, 305 }, { // #1 306 .key = {0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 307 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 308 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, 309 .klen = 24, 310 .counter = {0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 311 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff}, 312 .counterlen = 16, 313 .counterbits = 128, 314 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 315 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 316 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 317 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 318 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 319 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 320 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 321 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 322 .plen = 64, 323 .num_chunks_plain = 4, 324 .chunks_plain = {16, 16, 16, 16}, 325 .ciphertext = {0x1a, 0xbc, 0x93, 0x24, 0x17, 0x52, 0x1c, 0xa2, 326 0x4f, 0x2b, 0x04, 0x59, 0xfe, 0x7e, 0x6e, 0x0b, 327 0x09, 0x03, 0x39, 0xec, 0x0a, 0xa6, 0xfa, 0xef, 328 0xd5, 0xcc, 0xc2, 0xc6, 0xf4, 0xce, 0x8e, 0x94, 329 0x1e, 0x36, 0xb2, 0x6b, 0xd1, 0xeb, 0xc6, 0x70, 330 0xd1, 0xbd, 0x1d, 0x66, 0x56, 0x20, 0xab, 0xf7, 331 0x4f, 0x78, 0xa7, 0xf6, 0xd2, 0x98, 0x09, 0x58, 332 0x5a, 0x97, 0xda, 0xec, 0x58, 0xc6, 0xb0, 0x50}, 333 .clen = 64, 334 .num_chunks_ciph = 4, 335 .chunks_ciph = {16, 16, 16, 16}, 336 }, { // #2 337 .key = {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 338 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 339 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 340 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4}, 341 .klen = 32, 342 .counter = {0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 343 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff}, 344 .counterlen = 16, 345 .counterbits = 128, 346 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 347 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 348 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 349 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 350 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 351 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 352 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 353 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 354 .plen = 64, 355 .num_chunks_plain = 5, 356 .chunks_plain = {25, 0, 8, -1, 31}, 357 .ciphertext = {0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5, 358 0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28, 359 0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a, 360 0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5, 361 0x2b, 0x09, 0x30, 0xda, 0xa2, 0x3d, 0xe9, 0x4c, 362 0xe8, 0x70, 0x17, 0xba, 0x2d, 0x84, 0x98, 0x8d, 363 0xdf, 0xc9, 0xc5, 0x8d, 0xb6, 0x7a, 0xad, 0xa6, 364 0x13, 0xc2, 0xdd, 0x08, 0x45, 0x79, 0x41, 0xa6}, 365 .clen = 64, 366 .num_chunks_ciph = 5, 367 .chunks_ciph = {25, 0, 8, -1, 31}, 368 }, 369 }; 370 371 static struct aes_test_vector aes_gcm_tv[] = { 372 { /* #0 test with chunks */ 373 .key = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 374 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08}, 375 .klen = 16, 376 .iv = {0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 377 0xde, 0xca, 0xf8, 0x88,}, 378 .ivlen = 12, 379 .aad = {0}, 380 .aadlen = 0, 381 .tag = {0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, 382 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4}, 383 .taglen = 128, 384 .plaintext = {0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 385 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, 386 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, 387 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 388 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, 389 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, 390 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 391 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55}, 392 .plen = 64, 393 .num_chunks_plain = 5, 394 .chunks_plain = {20, 5, 7, 1, 31}, 395 .ciphertext = {0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 396 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, 397 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, 398 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 399 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, 400 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, 401 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, 402 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85, 403 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, 404 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4}, 405 .clen = 80, 406 .num_chunks_ciph = 7, 407 .chunks_ciph = {20, 5, 7, 1, 31, 10, 6}, 408 }, { 409 /* #1 - NIST - 410 * [Keylen = 128] 411 * [IVlen = 96] 412 * [PTlen = 0] 413 * [AADlen = 0] 414 * [Taglen = 128] 415 */ 416 .key = {0x11, 0x75, 0x4c, 0xd7, 0x2a, 0xec, 0x30, 0x9b, 417 0xf5, 0x2f, 0x76, 0x87, 0x21, 0x2e, 0x89, 0x57}, 418 .klen = 16, 419 .iv = {0x3c, 0x81, 0x9d, 0x9a, 0x9b, 0xed, 0x08, 0x76, 420 0x15, 0x03, 0x0b, 0x65}, 421 .ivlen = 12, 422 .aad = {0}, 423 .aadlen = 0, 424 .tag = {0x25, 0x03, 0x27, 0xc6, 0x74, 0xaa, 0xf4, 0x77, 425 0xae, 0xf2, 0x67, 0x57, 0x48, 0xcf, 0x69, 0x71}, 426 .taglen = 128, 427 .plaintext = {0}, 428 .plen = 0, 429 .ciphertext = {0x25, 0x03, 0x27, 0xc6, 0x74, 0xaa, 0xf4, 0x77, 430 0xae, 0xf2, 0x67, 0x57, 0x48, 0xcf, 0x69, 0x71}, 431 .clen = 16, 432 }, { 433 /* #2 - NIST - 434 * [Keylen = 128] 435 * [IVlen = 96] 436 * [PTlen = 128] 437 * [AADlen = 0] 438 * [Taglen = 128] 439 */ 440 .key = {0x99, 0x71, 0x07, 0x10, 0x59, 0xab, 0xc0, 0x09, 441 0xe4, 0xf2, 0xbd, 0x69, 0x86, 0x9d, 0xb3, 0x38}, 442 .klen = 16, 443 .iv = {0x07, 0xa9, 0xa9, 0x5e, 0xa3, 0x82, 0x1e, 0x9c, 444 0x13, 0xc6, 0x32, 0x51}, 445 .ivlen = 12, 446 .aad = {0}, 447 .aadlen = 0, 448 .tag = {0x78, 0x70, 0xd9, 0x11, 0x7f, 0x54, 0x81, 0x1a, 449 0x34, 0x69, 0x70, 0xf1, 0xde, 0x09, 0x0c, 0x41}, 450 .taglen = 128, 451 .plaintext = {0xf5, 0x4b, 0xc3, 0x50, 0x1f, 0xed, 0x4f, 0x6f, 452 0x6d, 0xfb, 0x5e, 0xa8, 0x01, 0x06, 0xdf, 0x0b, 453 0xd8, 0x36, 0xe6, 0x82, 0x62, 0x25, 0xb7, 0x5c, 454 0x02, 0x22, 0xf6, 0xe8, 0x59, 0xb3, 0x59, 0x83}, 455 .plen = 32, 456 .ciphertext = {0x05, 0x56, 0xc1, 0x59, 0xf8, 0x4e, 0xf3, 0x6c, 457 0xb1, 0x60, 0x2b, 0x45, 0x26, 0xb1, 0x20, 0x09, 458 0xc7, 0x75, 0x61, 0x1b, 0xff, 0xb6, 0x4d, 0xc0, 459 0xd9, 0xca, 0x92, 0x97, 0xcd, 0x2c, 0x6a, 0x01, 460 0x78, 0x70, 0xd9, 0x11, 0x7f, 0x54, 0x81, 0x1a, 461 0x34, 0x69, 0x70, 0xf1, 0xde, 0x09, 0x0c, 0x41}, 462 .clen = 48, 463 }, { 464 /* #3 - NIST - 465 * [Keylen = 128] 466 * [IVlen = 96] 467 * [PTlen = 104] 468 * [AADlen = 0] 469 * [Taglen = 128] 470 */ 471 .key = {0xfe, 0x9b, 0xb4, 0x7d, 0xeb, 0x3a, 0x61, 0xe4, 472 0x23, 0xc2, 0x23, 0x18, 0x41, 0xcf, 0xd1, 0xfb}, 473 .klen = 16, 474 .iv = {0x4d, 0x32, 0x8e, 0xb7, 0x76, 0xf5, 0x00, 0xa2, 475 0xf7, 0xfb, 0x47, 0xaa}, 476 .ivlen = 12, 477 .aad = {0}, 478 .aadlen = 0, 479 .tag = {0x43, 0xfd, 0x47, 0x27, 0xfe, 0x5c, 0xdb, 0x4b, 480 0x5b, 0x42, 0x81, 0x8d, 0xea, 0x7e, 0xf8, 0xc9}, 481 .taglen = 128, 482 .plaintext = {0xf1, 0xcc, 0x38, 0x18, 0xe4, 0x21, 0x87, 0x6b, 483 0xb6, 0xb8, 0xbb, 0xd6, 0xc9}, 484 .plen = 13, 485 .ciphertext = {0xb8, 0x8c, 0x5c, 0x19, 0x77, 0xb3, 0x5b, 0x51, 486 0x7b, 0x0a, 0xea, 0xe9, 0x67, 0x43, 0xfd, 0x47, 487 0x27, 0xfe, 0x5c, 0xdb, 0x4b, 0x5b, 0x42, 0x81, 488 0x8d, 0xea, 0x7e, 0xf8, 0xc9}, 489 .clen = 29, 490 }, { 491 /* #4 - NIST - 492 * [Keylen = 128] 493 * [IVlen = 96] 494 * [PTlen = 128] 495 * [AADlen = 0] 496 * [Taglen = 96] 497 */ 498 .key = {0xf0, 0x0f, 0xdd, 0x01, 0x8c, 0x02, 0xe0, 0x35, 499 0x76, 0x00, 0x8b, 0x51, 0x6e, 0xa9, 0x71, 0xad}, 500 .klen = 16, 501 .iv = {0x3b, 0x3e, 0x27, 0x6f, 0x9e, 0x98, 0xb1, 0xec, 502 0xb7, 0xce, 0x6d, 0x28}, 503 .ivlen = 12, 504 .aad = {0}, 505 .aadlen = 0, 506 .tag = {0xcb, 0xa0, 0x6b, 0xb4, 0xf6, 0xe0, 0x97, 0x19, 507 0x92, 0x50, 0xb0, 0xd1}, 508 .taglen = 96, 509 .plaintext = {0x28, 0x53, 0xe6, 0x6b, 0x7b, 0x1b, 0x3e, 0x1f, 510 0xa3, 0xd1, 0xf3, 0x72, 0x79, 0xac, 0x82, 0xbe}, 511 .plen = 16, 512 .ciphertext = {0x55, 0xd2, 0xda, 0x7a, 0x3f, 0xb7, 0x73, 0xb8, 513 0xa0, 0x73, 0xdb, 0x49, 0x9e, 0x24, 0xbf, 0x62, 514 0xcb, 0xa0, 0x6b, 0xb4, 0xf6, 0xe0, 0x97, 0x19, 515 0x92, 0x50, 0xb0, 0xd1}, 516 .clen = 28, 517 }, { 518 /* #5 - NIST - 519 * [Keylen = 128] 520 * [IVlen = 96] 521 * [PTlen = 128] 522 * [AADlen = 128] 523 * [Taglen = 128] 524 */ 525 .key = {0xc9, 0x39, 0xcc, 0x13, 0x39, 0x7c, 0x1d, 0x37, 526 0xde, 0x6a, 0xe0, 0xe1, 0xcb, 0x7c, 0x42, 0x3c}, 527 .klen = 16, 528 .iv = {0xb3, 0xd8, 0xcc, 0x01, 0x7c, 0xbb, 0x89, 0xb3, 529 0x9e, 0x0f, 0x67, 0xe2}, 530 .ivlen = 12, 531 .aad = {0x24, 0x82, 0x56, 0x02, 0xbd, 0x12, 0xa9, 0x84, 532 0xe0, 0x09, 0x2d, 0x3e, 0x44, 0x8e, 0xda, 0x5f}, 533 .aadlen = 16, 534 .tag = {0x00, 0x32, 0xa1, 0xdc, 0x85, 0xf1, 0xc9, 0x78, 535 0x69, 0x25, 0xa2, 0xe7, 0x1d, 0x82, 0x72, 0xdd}, 536 .taglen = 128, 537 .plaintext = {0xc3, 0xb3, 0xc4, 0x1f, 0x11, 0x3a, 0x31, 0xb7, 538 0x3d, 0x9a, 0x5c, 0xd4, 0x32, 0x10, 0x30, 0x69}, 539 .plen = 16, 540 .ciphertext = {0x93, 0xfe, 0x7d, 0x9e, 0x9b, 0xfd, 0x10, 0x34, 541 0x8a, 0x56, 0x06, 0xe5, 0xca, 0xfa, 0x73, 0x54, 542 0x00, 0x32, 0xa1, 0xdc, 0x85, 0xf1, 0xc9, 0x78, 543 0x69, 0x25, 0xa2, 0xe7, 0x1d, 0x82, 0x72, 0xdd}, 544 .clen = 32, 545 }, { 546 /* #6 - NIST - 547 * [Keylen = 128] 548 * [IVlen = 96] 549 * [PTlen = 128] 550 * [AADlen = 128] 551 * [Taglen = 96] 552 */ 553 .key = {0x56, 0x2a, 0xe8, 0xaa, 0xdb, 0x8d, 0x23, 0xe0, 554 0xf2, 0x71, 0xa9, 0x9a, 0x7d, 0x1b, 0xd4, 0xd1}, 555 .klen = 16, 556 .iv = {0xf7, 0xa5, 0xe2, 0x39, 0x94, 0x13, 0xb8, 0x9b, 557 0x6a, 0xd3, 0x1a, 0xff}, 558 .ivlen = 12, 559 .aad = {0x2b, 0x96, 0x80, 0xb8, 0x86, 0xb3, 0xef, 0xb7, 560 0xc6, 0x35, 0x4b, 0x38, 0xc6, 0x3b, 0x53, 0x73}, 561 .aadlen = 16, 562 .tag = {0xcb, 0xf2, 0x01, 0x51, 0x84, 0xff, 0xfb, 0x82, 563 0xf2, 0x65, 0x1c, 0x36}, 564 .taglen = 96, 565 .plaintext = {0xbb, 0xdc, 0x35, 0x04, 0xd8, 0x03, 0x68, 0x2a, 566 0xa0, 0x8a, 0x77, 0x3c, 0xde, 0x5f, 0x23, 0x1a}, 567 .plen = 16, 568 .ciphertext = {0xe2, 0xb7, 0xe5, 0xed, 0x5f, 0xf2, 0x7f, 0xc8, 569 0x66, 0x41, 0x48, 0xf5, 0xa6, 0x28, 0xa4, 0x6d, 570 0xcb, 0xf2, 0x01, 0x51, 0x84, 0xff, 0xfb, 0x82, 571 0xf2, 0x65, 0x1c, 0x36}, 572 .clen = 28, 573 }, { 574 /* #7 - NIST - 575 * [Keylen = 128] 576 * [IVlen = 96] 577 * [PTlen = 408] 578 * [AADlen = 160] 579 * [Taglen = 32] 580 */ 581 .key = {0xe6, 0x49, 0x03, 0xa7, 0x7d, 0x2c, 0x8f, 0x54, 582 0xe5, 0x74, 0x13, 0x54, 0x89, 0x5f, 0x9f, 0x25}, 583 .klen = 16, 584 .iv = {0x75, 0xbf, 0xc0, 0xf3, 0xc6, 0xac, 0x07, 0x1a, 585 0xf0, 0x43, 0x43, 0x18}, 586 .ivlen = 12, 587 .aad = {0x41, 0x6b, 0x40, 0xf1, 0x4b, 0xdb, 0x9f, 0x0a, 588 0xce, 0xf9, 0x96, 0xc9, 0x63, 0xd2, 0x3b, 0xcf, 589 0x10, 0xb7, 0x25, 0x18}, 590 .aadlen = 20, 591 .tag = {0x5c, 0x52, 0x6f, 0x9d}, 592 .taglen = 32, 593 .plaintext = {0x19, 0x56, 0x1f, 0x57, 0xd5, 0x7d, 0x9a, 0x96, 594 0x1b, 0xbc, 0x6a, 0xc5, 0x63, 0x45, 0x56, 0xd0, 595 0x05, 0xfa, 0x60, 0x10, 0xd9, 0x0b, 0xd2, 0x18, 596 0xc6, 0x27, 0x75, 0x37, 0xa4, 0x3f, 0x8d, 0x3f, 597 0xa8, 0xf2, 0x9a, 0x16, 0xe4, 0xcc, 0x49, 0x5b, 598 0x49, 0xb8, 0xaf, 0x19, 0x5d, 0x91, 0x7c, 0xb7, 599 0x60, 0xc3, 0x4f}, 600 .plen = 51, 601 .ciphertext = {0x89, 0x8a, 0xbb, 0x3d, 0x70, 0x69, 0xc0, 0x59, 602 0x19, 0x04, 0x6f, 0xe4, 0x8c, 0xa9, 0xa4, 0x43, 603 0xa5, 0xd2, 0xbd, 0x2d, 0x28, 0x50, 0x3f, 0xd0, 604 0xa2, 0x71, 0x6b, 0x2e, 0xf5, 0xa1, 0x75, 0xf7, 605 0x48, 0x68, 0xf7, 0x91, 0x7f, 0x55, 0x42, 0x14, 606 0x4b, 0x67, 0x04, 0xdf, 0x8a, 0x42, 0xcc, 0x11, 607 0xc9, 0x65, 0xc3, 0x5c, 0x52, 0x6f, 0x9d}, 608 .clen = 55, 609 }, { 610 /* #8 - NIST - 611 * [Keylen = 192] 612 * [IVlen = 96] 613 * [PTlen = 128] 614 * [AADlen = 128] 615 * [Taglen = 128] 616 */ 617 .key = {0x6f, 0x44, 0xf5, 0x2c, 0x2f, 0x62, 0xda, 0xe4, 618 0xe8, 0x68, 0x4b, 0xd2, 0xbc, 0x7d, 0x16, 0xee, 619 0x7c, 0x55, 0x73, 0x30, 0x30, 0x5a, 0x79, 0x0d}, 620 .klen = 24, 621 .iv = {0x9a, 0xe3, 0x58, 0x25, 0xd7, 0xc7, 0xed, 0xc9, 622 0xa3, 0x9a, 0x07, 0x32}, 623 .ivlen = 12, 624 .aad = {0x1b, 0x42, 0x36, 0xb8, 0x46, 0xfc, 0x2a, 0x0f, 625 0x78, 0x28, 0x81, 0xba, 0x48, 0xa0, 0x67, 0xe9}, 626 .aadlen = 16, 627 .tag = {0x1c, 0x19, 0x80, 0x86, 0x45, 0x0a, 0xe1, 0x83, 628 0x4d, 0xd6, 0xc2, 0x63, 0x67, 0x96, 0xbc, 0xe2}, 629 .taglen = 128, 630 .plaintext = {0x37, 0x22, 0x2d, 0x30, 0x89, 0x5e, 0xb9, 0x58, 631 0x84, 0xbb, 0xbb, 0xae, 0xe4, 0xd9, 0xca, 0xe1}, 632 .plen = 16, 633 .ciphertext = {0xa5, 0x4b, 0x5d, 0xa3, 0x3f, 0xc1, 0x19, 0x6a, 634 0x8e, 0xf3, 0x1a, 0x53, 0x21, 0xbf, 0xca, 0xeb, 635 0x1c, 0x19, 0x80, 0x86, 0x45, 0x0a, 0xe1, 0x83, 636 0x4d, 0xd6, 0xc2, 0x63, 0x67, 0x96, 0xbc, 0xe2}, 637 .clen = 32, 638 }, { 639 /* #9 - NIST - 640 * [Keylen = 256] 641 * [IVlen = 96] 642 * [PTlen = 128] 643 * [AADlen = 128] 644 * [Taglen = 128] 645 */ 646 .key = {0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c, 647 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50, 648 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5, 649 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b}, 650 .klen = 32, 651 .iv = {0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd, 652 0xe9, 0x02, 0xf2, 0x1a}, 653 .ivlen = 12, 654 .aad = {0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c, 655 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6}, 656 .aadlen = 16, 657 .tag = {0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a, 658 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab}, 659 .taglen = 128, 660 .plaintext = {0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0, 661 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24}, 662 .plen = 16, 663 .ciphertext = {0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9, 664 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f, 665 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a, 666 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab}, 667 .clen = 32, 668 }, 669 }; 670 671 /** NIST Special Publication 800-38A 672 http://www.csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf 673 **/ 674 static struct aes_test_vector aes_cfb8_tv[] = { 675 { 676 .key = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 677 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}, 678 .klen = 16, 679 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 680 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 681 0xae, 0x2d}, 682 .plen = 18, 683 .ciphertext = {0x3b, 0x79, 0x42, 0x4c, 0x9c, 0x0d, 0xd4, 0x36, 684 0xba, 0xce, 0x9e, 0x0e, 0xd4, 0x58, 0x6a, 0x4f, 685 0x32, 0xb9}, 686 .clen = 18, 687 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 688 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 689 .ivlen = 16, 690 }, { 691 .key = {0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 692 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 693 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, 694 .klen = 24, 695 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 696 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 697 0xae, 0x2d}, 698 .plen = 18, 699 .num_chunks_plain = 2, 700 .chunks_plain = {8, 10}, 701 .ciphertext = {0xcd, 0xa2, 0x52, 0x1e, 0xf0, 0xa9, 0x05, 0xca, 702 0x44, 0xcd, 0x05, 0x7c, 0xbf, 0x0d, 0x47, 0xa0, 703 0x67, 0x8a}, 704 .clen = 18, 705 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 706 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 707 .ivlen = 16, 708 .num_chunks_ciph = 2, 709 .chunks_ciph = {8, 10}, 710 }, { 711 .key = {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 712 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 713 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 714 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4}, 715 .klen = 32, 716 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 717 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 718 0xae, 0x2d}, 719 .plen = 18, 720 .num_chunks_plain = 5, 721 .chunks_plain = {5, 0, 9, -1, 4}, 722 .ciphertext = {0xdc, 0x1f, 0x1a, 0x85, 0x20, 0xa6, 0x4d, 0xb5, 723 0x5f, 0xcc, 0x8a, 0xc5, 0x54, 0x84, 0x4e, 0x88, 724 0x97, 0x00}, 725 .clen = 18, 726 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 727 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 728 .ivlen = 16, 729 .num_chunks_ciph = 5, 730 .chunks_ciph = {5, 0, 9, -1, 4}, 731 } 732 }; 733 734 /** NIST Special Publication 800-38A 735 http://www.csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf 736 **/ 737 static struct aes_test_vector aes_cfb128_tv[] = { 738 { // #0 739 .key = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 740 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}, 741 .klen = 16, 742 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 743 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 744 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 745 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 746 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 747 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 748 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 749 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 750 .plen = 64, 751 .ciphertext = {0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20, 752 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a, 753 0xc8, 0xa6, 0x45, 0x37, 0xa0, 0xb3, 0xa9, 0x3f, 754 0xcd, 0xe3, 0xcd, 0xad, 0x9f, 0x1c, 0xe5, 0x8b, 755 0x26, 0x75, 0x1f, 0x67, 0xa3, 0xcb, 0xb1, 0x40, 756 0xb1, 0x80, 0x8c, 0xf1, 0x87, 0xa4, 0xf4, 0xdf, 757 0xc0, 0x4b, 0x05, 0x35, 0x7c, 0x5d, 0x1c, 0x0e, 758 0xea, 0xc4, 0xc6, 0x6f, 0x9f, 0xf7, 0xf2, 0xe6}, 759 .clen = 64, 760 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 761 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 762 .ivlen = 16, 763 }, { // #2 764 .key = {0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 765 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 766 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, 767 .klen = 24, 768 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 769 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 770 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 771 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 772 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 773 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 774 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 775 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 776 .plen = 64, 777 .num_chunks_plain = 4, 778 .chunks_plain = {16, 16, 16, 16}, 779 .ciphertext = {0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab, 780 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74, 781 0x67, 0xce, 0x7f, 0x7f, 0x81, 0x17, 0x36, 0x21, 782 0x96, 0x1a, 0x2b, 0x70, 0x17, 0x1d, 0x3d, 0x7a, 783 0x2e, 0x1e, 0x8a, 0x1d, 0xd5, 0x9b, 0x88, 0xb1, 784 0xc8, 0xe6, 0x0f, 0xed, 0x1e, 0xfa, 0xc4, 0xc9, 785 0xc0, 0x5f, 0x9f, 0x9c, 0xa9, 0x83, 0x4f, 0xa0, 786 0x42, 0xae, 0x8f, 0xba, 0x58, 0x4b, 0x09, 0xff}, 787 .clen = 64, 788 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 789 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 790 .ivlen = 16, 791 .num_chunks_ciph = 4, 792 .chunks_ciph = {16, 16, 16, 16}, 793 }, { // #3 794 .key = {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 795 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 796 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 797 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4}, 798 .klen = 32, 799 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 800 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 801 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 802 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 803 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 804 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 805 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 806 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 807 .plen = 64, 808 .num_chunks_plain = 5, 809 .chunks_plain = {25, 0, 8, -1, 31}, 810 .ciphertext = {0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b, 811 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60, 812 0x39, 0xff, 0xed, 0x14, 0x3b, 0x28, 0xb1, 0xc8, 813 0x32, 0x11, 0x3c, 0x63, 0x31, 0xe5, 0x40, 0x7b, 814 0xdf, 0x10, 0x13, 0x24, 0x15, 0xe5, 0x4b, 0x92, 815 0xa1, 0x3e, 0xd0, 0xa8, 0x26, 0x7a, 0xe2, 0xf9, 816 0x75, 0xa3, 0x85, 0x74, 0x1a, 0xb9, 0xce, 0xf8, 817 0x20, 0x31, 0x62, 0x3d, 0x55, 0xb1, 0xe4, 0x71}, 818 .clen = 64, 819 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 820 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 821 .ivlen = 16, 822 .num_chunks_ciph = 5, 823 .chunks_ciph = {25, 0, 8, -1, 31}, 824 } 825 }; 826 827 /** NIST Special Publication 800-38A 828 http://www.csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf 829 **/ 830 static struct aes_test_vector aes_ofb_tv[] = { 831 { // #0 832 .key = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 833 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}, 834 .klen = 16, 835 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 836 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 837 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 838 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 839 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 840 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 841 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 842 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 843 .plen = 64, 844 .ciphertext = {0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20, 845 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a, 846 0x77, 0x89, 0x50, 0x8d, 0x16, 0x91, 0x8f, 0x03, 847 0xf5, 0x3c, 0x52, 0xda, 0xc5, 0x4e, 0xd8, 0x25, 848 0x97, 0x40, 0x05, 0x1e, 0x9c, 0x5f, 0xec, 0xf6, 849 0x43, 0x44, 0xf7, 0xa8, 0x22, 0x60, 0xed, 0xcc, 850 0x30, 0x4c, 0x65, 0x28, 0xf6, 0x59, 0xc7, 0x78, 851 0x66, 0xa5, 0x10, 0xd9, 0xc1, 0xd6, 0xae, 0x5e}, 852 .clen = 64, 853 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 854 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 855 .ivlen = 16, 856 }, { // #1 857 .key = {0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 858 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 859 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, 860 .klen = 24, 861 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 862 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 863 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 864 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 865 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 866 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 867 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 868 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 869 .plen = 64, 870 .num_chunks_plain = 4, 871 .chunks_plain = {16, 16, 16, 16}, 872 .ciphertext = {0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab, 873 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74, 874 0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c, 875 0x09, 0xe8, 0x17, 0x00, 0xc1, 0x10, 0x04, 0x01, 876 0x8d, 0x9a, 0x9a, 0xea, 0xc0, 0xf6, 0x59, 0x6f, 877 0x55, 0x9c, 0x6d, 0x4d, 0xaf, 0x59, 0xa5, 0xf2, 878 0x6d, 0x9f, 0x20, 0x08, 0x57, 0xca, 0x6c, 0x3e, 879 0x9c, 0xac, 0x52, 0x4b, 0xd9, 0xac, 0xc9, 0x2a}, 880 .clen = 64, 881 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 882 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 883 .ivlen = 16, 884 .num_chunks_ciph = 4, 885 .chunks_ciph = {16, 16, 16, 16}, 886 }, { // #2 887 .key = {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 888 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 889 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 890 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4}, 891 .klen = 32, 892 .plaintext = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 893 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 894 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 895 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, 896 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 897 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, 898 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 899 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, 900 .plen = 64, 901 .num_chunks_plain = 5, 902 .chunks_plain = {25, 0, 8, -1, 31}, 903 .ciphertext = {0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b, 904 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60, 905 0x4f, 0xeb, 0xdc, 0x67, 0x40, 0xd2, 0x0b, 0x3a, 906 0xc8, 0x8f, 0x6a, 0xd8, 0x2a, 0x4f, 0xb0, 0x8d, 907 0x71, 0xab, 0x47, 0xa0, 0x86, 0xe8, 0x6e, 0xed, 908 0xf3, 0x9d, 0x1c, 0x5b, 0xba, 0x97, 0xc4, 0x08, 909 0x01, 0x26, 0x14, 0x1d, 0x67, 0xf3, 0x7b, 0xe8, 910 0x53, 0x8f, 0x5a, 0x8b, 0xe7, 0x40, 0xe4, 0x84}, 911 .clen = 64, 912 .iv = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 913 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 914 .ivlen = 16, 915 .num_chunks_ciph = 5, 916 .chunks_ciph = {25, 0, 8, -1, 31}, 917 } 918 }; 919 920 #define NUM_OF_PUBLISHED_TESTSUITES 7 921 922 struct published_test_suite_info published_test_suites[] = { 923 { 924 .name = "AES_ECB", 925 .tvcount = 3, 926 .tv = aes_ecb_tv, 927 .size = AES_BLOCK_SIZE, 928 .mech = {CKM_AES_ECB, 0, 0}, 929 }, { 930 .name = "AES_CBC", 931 .tvcount = 3, 932 .tv = aes_cbc_tv, 933 .size = AES_BLOCK_SIZE, 934 .mech = {CKM_AES_CBC, &aes_iv, AES_IV_SIZE}, 935 }, { 936 .name = "AES_CTR", 937 .tvcount = 3, 938 .tv = aes_ctr_tv, 939 .size = AES_BLOCK_SIZE, 940 .mech = {CKM_AES_CTR, &aesctr, sizeof(aesctr)}, 941 }, { 942 .name = "AES_GCM", 943 .tvcount = 10, 944 .tv = aes_gcm_tv, 945 .size = AES_BLOCK_SIZE, 946 .mech = {CKM_AES_GCM, &aesgcm, sizeof(aesgcm)}, 947 }, { 948 .name = "AES_CFB8", 949 .tvcount = 3, 950 .tv = aes_cfb8_tv, 951 .size = 1, 952 .mech = {CKM_AES_CFB8, &aes_iv, AES_IV_SIZE}, 953 }, { 954 .name = "AES_CFB128", 955 .tvcount = 3, 956 .tv = aes_cfb128_tv, 957 .size = AES_BLOCK_SIZE, 958 .mech = {CKM_AES_CFB128, &aes_iv, AES_IV_SIZE}, 959 }, { 960 .name = "AES_OFB", 961 .tvcount = 3, 962 .tv = aes_ofb_tv, 963 .size = AES_BLOCK_SIZE, 964 .mech = {CKM_AES_OFB, &aes_iv, AES_IV_SIZE}, 965 } 966 }; 967 968 #define NUM_OF_GENERATED_TESTSUITES 4 969 970 struct generated_test_suite_info generated_test_suites[] = { 971 { 972 .name = "AES_ECB", 973 .mech = {CKM_AES_ECB, 0, 0}, 974 }, { 975 .name = "AES_CBC", 976 .mech = {CKM_AES_CBC, &aes_iv, AES_IV_SIZE}, 977 }, { 978 .name = "AES_CBC_PAD", 979 .mech = {CKM_AES_CBC_PAD, &aes_iv, AES_IV_SIZE}, 980 }, { 981 .name = "AES_CTR", 982 .mech = {CKM_AES_CTR, &aesctr, sizeof(aesctr)}, 983 } 984 }; 985 986 #define NUM_OF_GENERATED_ERR_TESTSUITES 2 987 988 struct generated_test_suite_info generated_err_test_suites[] = { 989 { 990 .name = "AES_ECB", 991 .mech = {CKM_AES_ECB, 0, 0}, 992 }, { 993 .name = "AES_CBC", 994 .mech = {CKM_AES_CBC, &aes_iv, AES_IV_SIZE}, 995 } 996 }; 997