diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2026-04-15 15:22:26 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2026-04-15 15:22:26 -0700 |
| commit | aec2f682d47c54ef434b2d440992626d80b1ebdc (patch) | |
| tree | fc71dfb5db214bc8567b10c5b0a6327751f95abf /crypto | |
| parent | 8801e23b5b0dcf7d9c2291cc0901628dc1006145 (diff) | |
| parent | 8879a3c110cb8ca5a69c937643f226697aa551d9 (diff) | |
| download | lwn-aec2f682d47c54ef434b2d440992626d80b1ebdc.tar.gz lwn-aec2f682d47c54ef434b2d440992626d80b1ebdc.zip | |
Merge tag 'v7.1-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu:
"API:
- Replace crypto_get_default_rng with crypto_stdrng_get_bytes
- Remove simd skcipher support
- Allow algorithm types to be disabled when CRYPTO_SELFTESTS is off
Algorithms:
- Remove CPU-based des/3des acceleration
- Add test vectors for authenc(hmac(md5),cbc({aes,des})) and
authenc(hmac({md5,sha1,sha224,sha256,sha384,sha512}),rfc3686(ctr(aes)))
- Replace spin lock with mutex in jitterentropy
Drivers:
- Add authenc algorithms to safexcel
- Add support for zstd in qat
- Add wireless mode support for QAT GEN6
- Add anti-rollback support for QAT GEN6
- Add support for ctr(aes), gcm(aes), and ccm(aes) in dthev2"
* tag 'v7.1-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (129 commits)
crypto: af_alg - use sock_kmemdup in alg_setkey_by_key_serial
crypto: vmx - remove CRYPTO_DEV_VMX from Kconfig
crypto: omap - convert reqctx buffer to fixed-size array
crypto: atmel-sha204a - add Thorsten Blum as maintainer
crypto: atmel-ecc - add Thorsten Blum as maintainer
crypto: qat - fix IRQ cleanup on 6xxx probe failure
crypto: geniv - Remove unused spinlock from struct aead_geniv_ctx
crypto: qce - simplify qce_xts_swapiv()
crypto: hisilicon - Fix dma_unmap_single() direction
crypto: talitos - rename first/last to first_desc/last_desc
crypto: talitos - fix SEC1 32k ahash request limitation
crypto: jitterentropy - replace long-held spinlock with mutex
crypto: hisilicon - remove unused and non-public APIs for qm and sec
crypto: hisilicon/qm - drop redundant variable initialization
crypto: hisilicon/qm - remove else after return
crypto: hisilicon/qm - add const qualifier to info_name in struct qm_cmd_dump_item
crypto: hisilicon - fix the format string type error
crypto: ccree - fix a memory leak in cc_mac_digest()
crypto: qat - add support for zstd
crypto: qat - use swab32 macro
...
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/Kconfig | 36 | ||||
| -rw-r--r-- | crypto/af_alg.c | 4 | ||||
| -rw-r--r-- | crypto/cryptd.c | 112 | ||||
| -rw-r--r-- | crypto/dh.c | 8 | ||||
| -rw-r--r-- | crypto/drbg.c | 2 | ||||
| -rw-r--r-- | crypto/ecc.c | 11 | ||||
| -rw-r--r-- | crypto/geniv.c | 10 | ||||
| -rw-r--r-- | crypto/jitterentropy-kcapi.c | 14 | ||||
| -rw-r--r-- | crypto/krb5enc.c | 5 | ||||
| -rw-r--r-- | crypto/lrw.c | 2 | ||||
| -rw-r--r-- | crypto/rng.c | 23 | ||||
| -rw-r--r-- | crypto/simd.c | 239 | ||||
| -rw-r--r-- | crypto/tcrypt.c | 17 | ||||
| -rw-r--r-- | crypto/tea.c | 2 | ||||
| -rw-r--r-- | crypto/testmgr.c | 53 | ||||
| -rw-r--r-- | crypto/testmgr.h | 1764 | ||||
| -rw-r--r-- | crypto/xts.c | 2 |
17 files changed, 1896 insertions, 408 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig index 05f54c9332c3..b54a1bef6ade 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -25,7 +25,7 @@ menu "Crypto core or helper" config CRYPTO_FIPS bool "FIPS 200 compliance" - depends on CRYPTO_DRBG && CRYPTO_SELFTESTS + depends on CRYPTO_DRBG=y && CRYPTO_SELFTESTS depends on (MODULE_SIG || !MODULES) help This option enables the fips boot option which is @@ -109,10 +109,6 @@ config CRYPTO_RNG2 tristate select CRYPTO_ALGAPI2 -config CRYPTO_RNG_DEFAULT - tristate - select CRYPTO_DRBG_MENU - config CRYPTO_AKCIPHER2 tristate select CRYPTO_ALGAPI2 @@ -151,19 +147,20 @@ config CRYPTO_MANAGER config CRYPTO_MANAGER2 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) - select CRYPTO_ACOMP2 - select CRYPTO_AEAD2 - select CRYPTO_AKCIPHER2 - select CRYPTO_SIG2 - select CRYPTO_HASH2 - select CRYPTO_KPP2 - select CRYPTO_RNG2 - select CRYPTO_SKCIPHER2 + select CRYPTO_ACOMP2 if CRYPTO_SELFTESTS + select CRYPTO_AEAD2 if CRYPTO_SELFTESTS + select CRYPTO_AKCIPHER2 if CRYPTO_SELFTESTS + select CRYPTO_SIG2 if CRYPTO_SELFTESTS + select CRYPTO_HASH2 if CRYPTO_SELFTESTS + select CRYPTO_KPP2 if CRYPTO_SELFTESTS + select CRYPTO_RNG2 if CRYPTO_SELFTESTS + select CRYPTO_SKCIPHER2 if CRYPTO_SELFTESTS config CRYPTO_USER tristate "Userspace cryptographic algorithm configuration" depends on NET select CRYPTO_MANAGER + select CRYPTO_RNG help Userspace configuration for cryptographic instantiations such as cbc(aes). @@ -218,6 +215,7 @@ config CRYPTO_PCRYPT config CRYPTO_CRYPTD tristate "Software async crypto daemon" + select CRYPTO_AEAD select CRYPTO_SKCIPHER select CRYPTO_HASH select CRYPTO_MANAGER @@ -251,7 +249,10 @@ config CRYPTO_KRB5ENC config CRYPTO_BENCHMARK tristate "Crypto benchmarking module" depends on m || EXPERT + select CRYPTO_AEAD + select CRYPTO_HASH select CRYPTO_MANAGER + select CRYPTO_SKCIPHER help Quick & dirty crypto benchmarking module. @@ -261,10 +262,16 @@ config CRYPTO_BENCHMARK config CRYPTO_SIMD tristate + select CRYPTO_AEAD select CRYPTO_CRYPTD config CRYPTO_ENGINE tristate + select CRYPTO_AEAD + select CRYPTO_AKCIPHER + select CRYPTO_HASH + select CRYPTO_KPP + select CRYPTO_SKCIPHER endmenu @@ -290,7 +297,6 @@ config CRYPTO_DH config CRYPTO_DH_RFC7919_GROUPS bool "RFC 7919 FFDHE groups" depends on CRYPTO_DH - select CRYPTO_RNG_DEFAULT help FFDHE (Finite-Field-based Diffie-Hellman Ephemeral) groups defined in RFC7919. @@ -302,7 +308,6 @@ config CRYPTO_DH_RFC7919_GROUPS config CRYPTO_ECC tristate - select CRYPTO_RNG_DEFAULT config CRYPTO_ECDH tristate "ECDH (Elliptic Curve Diffie-Hellman)" @@ -800,7 +805,6 @@ config CRYPTO_GENIV tristate select CRYPTO_AEAD select CRYPTO_MANAGER - select CRYPTO_RNG_DEFAULT config CRYPTO_SEQIV tristate "Sequence Number IV Generator" diff --git a/crypto/af_alg.c b/crypto/af_alg.c index dd0e5be4d8c0..5a00c18eb145 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -324,15 +324,13 @@ static int alg_setkey_by_key_serial(struct alg_sock *ask, sockptr_t optval, return PTR_ERR(ret); } - key_data = sock_kmalloc(&ask->sk, key_datalen, GFP_KERNEL); + key_data = sock_kmemdup(&ask->sk, ret, key_datalen, GFP_KERNEL); if (!key_data) { up_read(&key->sem); key_put(key); return -ENOMEM; } - memcpy(key_data, ret, key_datalen); - up_read(&key->sem); key_put(key); diff --git a/crypto/cryptd.c b/crypto/cryptd.c index cd38f4676176..aba9fe0f23b4 100644 --- a/crypto/cryptd.c +++ b/crypto/cryptd.c @@ -646,7 +646,8 @@ static int cryptd_hash_import(struct ahash_request *req, const void *in) { struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); struct cryptd_hash_ctx *ctx = crypto_ahash_ctx(tfm); - struct shash_desc *desc = cryptd_shash_desc(req); + struct cryptd_hash_request_ctx *rctx = ahash_request_ctx(req); + struct shash_desc *desc = &rctx->desc; desc->tfm = ctx->child; @@ -952,115 +953,6 @@ static struct crypto_template cryptd_tmpl = { .module = THIS_MODULE, }; -struct cryptd_skcipher *cryptd_alloc_skcipher(const char *alg_name, - u32 type, u32 mask) -{ - char cryptd_alg_name[CRYPTO_MAX_ALG_NAME]; - struct cryptd_skcipher_ctx *ctx; - struct crypto_skcipher *tfm; - - if (snprintf(cryptd_alg_name, CRYPTO_MAX_ALG_NAME, - "cryptd(%s)", alg_name) >= CRYPTO_MAX_ALG_NAME) - return ERR_PTR(-EINVAL); - - tfm = crypto_alloc_skcipher(cryptd_alg_name, type, mask); - if (IS_ERR(tfm)) - return ERR_CAST(tfm); - - if (tfm->base.__crt_alg->cra_module != THIS_MODULE) { - crypto_free_skcipher(tfm); - return ERR_PTR(-EINVAL); - } - - ctx = crypto_skcipher_ctx(tfm); - refcount_set(&ctx->refcnt, 1); - - return container_of(tfm, struct cryptd_skcipher, base); -} -EXPORT_SYMBOL_GPL(cryptd_alloc_skcipher); - -struct crypto_skcipher *cryptd_skcipher_child(struct cryptd_skcipher *tfm) -{ - struct cryptd_skcipher_ctx *ctx = crypto_skcipher_ctx(&tfm->base); - - return ctx->child; -} -EXPORT_SYMBOL_GPL(cryptd_skcipher_child); - -bool cryptd_skcipher_queued(struct cryptd_skcipher *tfm) -{ - struct cryptd_skcipher_ctx *ctx = crypto_skcipher_ctx(&tfm->base); - - return refcount_read(&ctx->refcnt) - 1; -} -EXPORT_SYMBOL_GPL(cryptd_skcipher_queued); - -void cryptd_free_skcipher(struct cryptd_skcipher *tfm) -{ - struct cryptd_skcipher_ctx *ctx = crypto_skcipher_ctx(&tfm->base); - - if (refcount_dec_and_test(&ctx->refcnt)) - crypto_free_skcipher(&tfm->base); -} -EXPORT_SYMBOL_GPL(cryptd_free_skcipher); - -struct cryptd_ahash *cryptd_alloc_ahash(const char *alg_name, - u32 type, u32 mask) -{ - char cryptd_alg_name[CRYPTO_MAX_ALG_NAME]; - struct cryptd_hash_ctx *ctx; - struct crypto_ahash *tfm; - - if (snprintf(cryptd_alg_name, CRYPTO_MAX_ALG_NAME, - "cryptd(%s)", alg_name) >= CRYPTO_MAX_ALG_NAME) - return ERR_PTR(-EINVAL); - tfm = crypto_alloc_ahash(cryptd_alg_name, type, mask); - if (IS_ERR(tfm)) - return ERR_CAST(tfm); - if (tfm->base.__crt_alg->cra_module != THIS_MODULE) { - crypto_free_ahash(tfm); - return ERR_PTR(-EINVAL); - } - - ctx = crypto_ahash_ctx(tfm); - refcount_set(&ctx->refcnt, 1); - - return __cryptd_ahash_cast(tfm); -} -EXPORT_SYMBOL_GPL(cryptd_alloc_ahash); - -struct crypto_shash *cryptd_ahash_child(struct cryptd_ahash *tfm) -{ - struct cryptd_hash_ctx *ctx = crypto_ahash_ctx(&tfm->base); - - return ctx->child; -} -EXPORT_SYMBOL_GPL(cryptd_ahash_child); - -struct shash_desc *cryptd_shash_desc(struct ahash_request *req) -{ - struct cryptd_hash_request_ctx *rctx = ahash_request_ctx(req); - return &rctx->desc; -} -EXPORT_SYMBOL_GPL(cryptd_shash_desc); - -bool cryptd_ahash_queued(struct cryptd_ahash *tfm) -{ - struct cryptd_hash_ctx *ctx = crypto_ahash_ctx(&tfm->base); - - return refcount_read(&ctx->refcnt) - 1; -} -EXPORT_SYMBOL_GPL(cryptd_ahash_queued); - -void cryptd_free_ahash(struct cryptd_ahash *tfm) -{ - struct cryptd_hash_ctx *ctx = crypto_ahash_ctx(&tfm->base); - - if (refcount_dec_and_test(&ctx->refcnt)) - crypto_free_ahash(&tfm->base); -} -EXPORT_SYMBOL_GPL(cryptd_free_ahash); - struct cryptd_aead *cryptd_alloc_aead(const char *alg_name, u32 type, u32 mask) { diff --git a/crypto/dh.c b/crypto/dh.c index 8250eeeebd0f..7ad4768716c8 100644 --- a/crypto/dh.c +++ b/crypto/dh.c @@ -388,13 +388,7 @@ static void *dh_safe_prime_gen_privkey(const struct dh_safe_prime *safe_prime, * 5.6.1.1.3, step 3 (and implicitly step 4): obtain N + 64 * random bits and interpret them as a big endian integer. */ - err = -EFAULT; - if (crypto_get_default_rng()) - goto out_err; - - err = crypto_rng_get_bytes(crypto_default_rng, (u8 *)key, - oversampling_size); - crypto_put_default_rng(); + err = crypto_stdrng_get_bytes(key, oversampling_size); if (err) goto out_err; diff --git a/crypto/drbg.c b/crypto/drbg.c index 1ed209e5d5dd..9204e6edb426 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1780,7 +1780,7 @@ static inline int __init drbg_healthcheck_sanity(void) max_addtllen = drbg_max_addtl(drbg); max_request_bytes = drbg_max_request_bytes(drbg); drbg_string_fill(&addtl, buf, max_addtllen + 1); - /* overflow addtllen with additonal info string */ + /* overflow addtllen with additional info string */ len = drbg_generate(drbg, buf, OUTBUFLEN, &addtl); BUG_ON(0 < len); /* overflow max_bits */ diff --git a/crypto/ecc.c b/crypto/ecc.c index 08150b14e17e..43b0def3a225 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -1533,16 +1533,11 @@ int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, * The maximum security strength identified by NIST SP800-57pt1r4 for * ECC is 256 (N >= 512). * - * This condition is met by the default RNG because it selects a favored - * DRBG with a security strength of 256. + * This condition is met by stdrng because it selects a favored DRBG + * with a security strength of 256. */ - if (crypto_get_default_rng()) - return -EFAULT; - /* Step 3: obtain N returned_bits from the DRBG. */ - err = crypto_rng_get_bytes(crypto_default_rng, - (u8 *)private_key, nbytes); - crypto_put_default_rng(); + err = crypto_stdrng_get_bytes(private_key, nbytes); if (err) return err; diff --git a/crypto/geniv.c b/crypto/geniv.c index 42eff6a7387c..04befe3a7f44 100644 --- a/crypto/geniv.c +++ b/crypto/geniv.c @@ -112,15 +112,7 @@ int aead_init_geniv(struct crypto_aead *aead) struct crypto_aead *child; int err; - spin_lock_init(&ctx->lock); - - err = crypto_get_default_rng(); - if (err) - goto out; - - err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, - crypto_aead_ivsize(aead)); - crypto_put_default_rng(); + err = crypto_stdrng_get_bytes(ctx->salt, crypto_aead_ivsize(aead)); if (err) goto out; diff --git a/crypto/jitterentropy-kcapi.c b/crypto/jitterentropy-kcapi.c index 4ad729357441..652852649a31 100644 --- a/crypto/jitterentropy-kcapi.c +++ b/crypto/jitterentropy-kcapi.c @@ -41,6 +41,7 @@ #include <linux/fips.h> #include <linux/kernel.h> #include <linux/module.h> +#include <linux/mutex.h> #include <linux/slab.h> #include <linux/time.h> #include <crypto/internal/rng.h> @@ -172,7 +173,7 @@ void jent_read_random_block(struct sha3_ctx *hash_state, char *dst, ***************************************************************************/ struct jitterentropy { - spinlock_t jent_lock; + struct mutex jent_lock; struct rand_data *entropy_collector; struct sha3_ctx hash_state; }; @@ -181,14 +182,14 @@ static void jent_kcapi_cleanup(struct crypto_tfm *tfm) { struct jitterentropy *rng = crypto_tfm_ctx(tfm); - spin_lock(&rng->jent_lock); + mutex_lock(&rng->jent_lock); memzero_explicit(&rng->hash_state, sizeof(rng->hash_state)); if (rng->entropy_collector) jent_entropy_collector_free(rng->entropy_collector); rng->entropy_collector = NULL; - spin_unlock(&rng->jent_lock); + mutex_unlock(&rng->jent_lock); } static int jent_kcapi_init(struct crypto_tfm *tfm) @@ -196,7 +197,7 @@ static int jent_kcapi_init(struct crypto_tfm *tfm) struct jitterentropy *rng = crypto_tfm_ctx(tfm); int ret = 0; - spin_lock_init(&rng->jent_lock); + mutex_init(&rng->jent_lock); /* Use SHA3-256 as conditioner */ sha3_256_init(&rng->hash_state); @@ -208,7 +209,6 @@ static int jent_kcapi_init(struct crypto_tfm *tfm) goto err; } - spin_lock_init(&rng->jent_lock); return 0; err: @@ -223,7 +223,7 @@ static int jent_kcapi_random(struct crypto_rng *tfm, struct jitterentropy *rng = crypto_rng_ctx(tfm); int ret = 0; - spin_lock(&rng->jent_lock); + mutex_lock(&rng->jent_lock); ret = jent_read_entropy(rng->entropy_collector, rdata, dlen); @@ -249,7 +249,7 @@ static int jent_kcapi_random(struct crypto_rng *tfm, ret = -EINVAL; } - spin_unlock(&rng->jent_lock); + mutex_unlock(&rng->jent_lock); return ret; } diff --git a/crypto/krb5enc.c b/crypto/krb5enc.c index a1de55994d92..1bfe8370cf94 100644 --- a/crypto/krb5enc.c +++ b/crypto/krb5enc.c @@ -154,7 +154,7 @@ static int krb5enc_dispatch_encrypt(struct aead_request *req, dst = scatterwalk_ffwd(areq_ctx->dst, req->dst, req->assoclen); skcipher_request_set_tfm(skreq, enc); - skcipher_request_set_callback(skreq, aead_request_flags(req), + skcipher_request_set_callback(skreq, flags, krb5enc_encrypt_done, req); skcipher_request_set_crypt(skreq, src, dst, req->cryptlen, req->iv); @@ -192,7 +192,8 @@ static void krb5enc_encrypt_ahash_done(void *data, int err) krb5enc_insert_checksum(req, ahreq->result); - err = krb5enc_dispatch_encrypt(req, 0); + err = krb5enc_dispatch_encrypt(req, + aead_request_flags(req) & ~CRYPTO_TFM_REQ_MAY_SLEEP); if (err != -EINPROGRESS) aead_request_complete(req, err); } diff --git a/crypto/lrw.c b/crypto/lrw.c index dd403b800513..aa31ab03a597 100644 --- a/crypto/lrw.c +++ b/crypto/lrw.c @@ -134,7 +134,7 @@ static int lrw_next_index(u32 *counter) /* * We compute the tweak masks twice (both before and after the ECB encryption or * decryption) to avoid having to allocate a temporary buffer and/or make - * mutliple calls to the 'ecb(..)' instance, which usually would be slower than + * multiple calls to the 'ecb(..)' instance, which usually would be slower than * just doing the lrw_next_index() calls again. */ static int lrw_xor_tweak(struct skcipher_request *req, bool second_pass) diff --git a/crypto/rng.c b/crypto/rng.c index c6165c8eb387..1d4b9177bad4 100644 --- a/crypto/rng.c +++ b/crypto/rng.c @@ -24,8 +24,7 @@ #include "internal.h" static DEFINE_MUTEX(crypto_default_rng_lock); -struct crypto_rng *crypto_default_rng; -EXPORT_SYMBOL_GPL(crypto_default_rng); +static struct crypto_rng *crypto_default_rng; static int crypto_default_rng_refcnt; int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed, unsigned int slen) @@ -106,7 +105,7 @@ struct crypto_rng *crypto_alloc_rng(const char *alg_name, u32 type, u32 mask) } EXPORT_SYMBOL_GPL(crypto_alloc_rng); -int crypto_get_default_rng(void) +static int crypto_get_default_rng(void) { struct crypto_rng *rng; int err; @@ -135,15 +134,27 @@ unlock: return err; } -EXPORT_SYMBOL_GPL(crypto_get_default_rng); -void crypto_put_default_rng(void) +static void crypto_put_default_rng(void) { mutex_lock(&crypto_default_rng_lock); crypto_default_rng_refcnt--; mutex_unlock(&crypto_default_rng_lock); } -EXPORT_SYMBOL_GPL(crypto_put_default_rng); + +int __crypto_stdrng_get_bytes(void *buf, unsigned int len) +{ + int err; + + err = crypto_get_default_rng(); + if (err) + return err; + + err = crypto_rng_get_bytes(crypto_default_rng, buf, len); + crypto_put_default_rng(); + return err; +} +EXPORT_SYMBOL_GPL(__crypto_stdrng_get_bytes); #if defined(CONFIG_CRYPTO_RNG) || defined(CONFIG_CRYPTO_RNG_MODULE) int crypto_del_default_rng(void) diff --git a/crypto/simd.c b/crypto/simd.c index f71c4a334c7d..4e29f797709b 100644 --- a/crypto/simd.c +++ b/crypto/simd.c @@ -13,11 +13,11 @@ /* * Shared crypto SIMD helpers. These functions dynamically create and register - * an skcipher or AEAD algorithm that wraps another, internal algorithm. The - * wrapper ensures that the internal algorithm is only executed in a context - * where SIMD instructions are usable, i.e. where may_use_simd() returns true. - * If SIMD is already usable, the wrapper directly calls the internal algorithm. - * Otherwise it defers execution to a workqueue via cryptd. + * an AEAD algorithm that wraps another, internal algorithm. The wrapper + * ensures that the internal algorithm is only executed in a context where SIMD + * instructions are usable, i.e. where may_use_simd() returns true. If SIMD is + * already usable, the wrapper directly calls the internal algorithm. Otherwise + * it defers execution to a workqueue via cryptd. * * This is an alternative to the internal algorithm implementing a fallback for * the !may_use_simd() case itself. @@ -30,232 +30,11 @@ #include <crypto/cryptd.h> #include <crypto/internal/aead.h> #include <crypto/internal/simd.h> -#include <crypto/internal/skcipher.h> #include <linux/kernel.h> #include <linux/module.h> #include <linux/preempt.h> #include <asm/simd.h> -/* skcipher support */ - -struct simd_skcipher_alg { - const char *ialg_name; - struct skcipher_alg alg; -}; - -struct simd_skcipher_ctx { - struct cryptd_skcipher *cryptd_tfm; -}; - -static int simd_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key, - unsigned int key_len) -{ - struct simd_skcipher_ctx *ctx = crypto_skcipher_ctx(tfm); - struct crypto_skcipher *child = &ctx->cryptd_tfm->base; - - crypto_skcipher_clear_flags(child, CRYPTO_TFM_REQ_MASK); - crypto_skcipher_set_flags(child, crypto_skcipher_get_flags(tfm) & - CRYPTO_TFM_REQ_MASK); - return crypto_skcipher_setkey(child, key, key_len); -} - -static int simd_skcipher_encrypt(struct skcipher_request *req) -{ - struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); - struct simd_skcipher_ctx *ctx = crypto_skcipher_ctx(tfm); - struct skcipher_request *subreq; - struct crypto_skcipher *child; - - subreq = skcipher_request_ctx(req); - *subreq = *req; - - if (!crypto_simd_usable() || - (in_atomic() && cryptd_skcipher_queued(ctx->cryptd_tfm))) - child = &ctx->cryptd_tfm->base; - else - child = cryptd_skcipher_child(ctx->cryptd_tfm); - - skcipher_request_set_tfm(subreq, child); - - return crypto_skcipher_encrypt(subreq); -} - -static int simd_skcipher_decrypt(struct skcipher_request *req) -{ - struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); - struct simd_skcipher_ctx *ctx = crypto_skcipher_ctx(tfm); - struct skcipher_request *subreq; - struct crypto_skcipher *child; - - subreq = skcipher_request_ctx(req); - *subreq = *req; - - if (!crypto_simd_usable() || - (in_atomic() && cryptd_skcipher_queued(ctx->cryptd_tfm))) - child = &ctx->cryptd_tfm->base; - else - child = cryptd_skcipher_child(ctx->cryptd_tfm); - - skcipher_request_set_tfm(subreq, child); - - return crypto_skcipher_decrypt(subreq); -} - -static void simd_skcipher_exit(struct crypto_skcipher *tfm) -{ - struct simd_skcipher_ctx *ctx = crypto_skcipher_ctx(tfm); - - cryptd_free_skcipher(ctx->cryptd_tfm); -} - -static int simd_skcipher_init(struct crypto_skcipher *tfm) -{ - struct simd_skcipher_ctx *ctx = crypto_skcipher_ctx(tfm); - struct cryptd_skcipher *cryptd_tfm; - struct simd_skcipher_alg *salg; - struct skcipher_alg *alg; - unsigned reqsize; - - alg = crypto_skcipher_alg(tfm); - salg = container_of(alg, struct simd_skcipher_alg, alg); - - cryptd_tfm = cryptd_alloc_skcipher(salg->ialg_name, - CRYPTO_ALG_INTERNAL, - CRYPTO_ALG_INTERNAL); - if (IS_ERR(cryptd_tfm)) - return PTR_ERR(cryptd_tfm); - - ctx->cryptd_tfm = cryptd_tfm; - - reqsize = crypto_skcipher_reqsize(cryptd_skcipher_child(cryptd_tfm)); - reqsize = max(reqsize, crypto_skcipher_reqsize(&cryptd_tfm->base)); - reqsize += sizeof(struct skcipher_request); - - crypto_skcipher_set_reqsize(tfm, reqsize); - - return 0; -} - -struct simd_skcipher_alg *simd_skcipher_create_compat(struct skcipher_alg *ialg, - const char *algname, - const char *drvname, - const char *basename) -{ - struct simd_skcipher_alg *salg; - struct skcipher_alg *alg; - int err; - - salg = kzalloc_obj(*salg); - if (!salg) { - salg = ERR_PTR(-ENOMEM); - goto out; - } - - salg->ialg_name = basename; - alg = &salg->alg; - - err = -ENAMETOOLONG; - if (snprintf(alg->base.cra_name, CRYPTO_MAX_ALG_NAME, "%s", algname) >= - CRYPTO_MAX_ALG_NAME) - goto out_free_salg; - - if (snprintf(alg->base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s", - drvname) >= CRYPTO_MAX_ALG_NAME) - goto out_free_salg; - - alg->base.cra_flags = CRYPTO_ALG_ASYNC | - (ialg->base.cra_flags & CRYPTO_ALG_INHERITED_FLAGS); - alg->base.cra_priority = ialg->base.cra_priority; - alg->base.cra_blocksize = ialg->base.cra_blocksize; - alg->base.cra_alignmask = ialg->base.cra_alignmask; - alg->base.cra_module = ialg->base.cra_module; - alg->base.cra_ctxsize = sizeof(struct simd_skcipher_ctx); - - alg->ivsize = ialg->ivsize; - alg->chunksize = ialg->chunksize; - alg->min_keysize = ialg->min_keysize; - alg->max_keysize = ialg->max_keysize; - - alg->init = simd_skcipher_init; - alg->exit = simd_skcipher_exit; - - alg->setkey = simd_skcipher_setkey; - alg->encrypt = simd_skcipher_encrypt; - alg->decrypt = simd_skcipher_decrypt; - - err = crypto_register_skcipher(alg); - if (err) - goto out_free_salg; - -out: - return salg; - -out_free_salg: - kfree(salg); - salg = ERR_PTR(err); - goto out; -} -EXPORT_SYMBOL_GPL(simd_skcipher_create_compat); - -void simd_skcipher_free(struct simd_skcipher_alg *salg) -{ - crypto_unregister_skcipher(&salg->alg); - kfree(salg); -} -EXPORT_SYMBOL_GPL(simd_skcipher_free); - -int simd_register_skciphers_compat(struct skcipher_alg *algs, int count, - struct simd_skcipher_alg **simd_algs) -{ - int err; - int i; - const char *algname; - const char *drvname; - const char *basename; - struct simd_skcipher_alg *simd; - - err = crypto_register_skciphers(algs, count); - if (err) - return err; - - for (i = 0; i < count; i++) { - WARN_ON(strncmp(algs[i].base.cra_name, "__", 2)); - WARN_ON(strncmp(algs[i].base.cra_driver_name, "__", 2)); - algname = algs[i].base.cra_name + 2; - drvname = algs[i].base.cra_driver_name + 2; - basename = algs[i].base.cra_driver_name; - simd = simd_skcipher_create_compat(algs + i, algname, drvname, basename); - err = PTR_ERR(simd); - if (IS_ERR(simd)) - goto err_unregister; - simd_algs[i] = simd; - } - return 0; - -err_unregister: - simd_unregister_skciphers(algs, count, simd_algs); - return err; -} -EXPORT_SYMBOL_GPL(simd_register_skciphers_compat); - -void simd_unregister_skciphers(struct skcipher_alg *algs, int count, - struct simd_skcipher_alg **simd_algs) -{ - int i; - - crypto_unregister_skciphers(algs, count); - - for (i = 0; i < count; i++) { - if (simd_algs[i]) { - simd_skcipher_free(simd_algs[i]); - simd_algs[i] = NULL; - } - } -} -EXPORT_SYMBOL_GPL(simd_unregister_skciphers); - -/* AEAD support */ - struct simd_aead_alg { const char *ialg_name; struct aead_alg alg; @@ -437,13 +216,17 @@ int simd_register_aeads_compat(struct aead_alg *algs, int count, const char *basename; struct simd_aead_alg *simd; + for (i = 0; i < count; i++) { + if (WARN_ON(strncmp(algs[i].base.cra_name, "__", 2) || + strncmp(algs[i].base.cra_driver_name, "__", 2))) + return -EINVAL; + } + err = crypto_register_aeads(algs, count); if (err) return err; for (i = 0; i < count; i++) { - WARN_ON(strncmp(algs[i].base.cra_name, "__", 2)); - WARN_ON(strncmp(algs[i].base.cra_driver_name, "__", 2)); algname = algs[i].base.cra_name + 2; drvname = algs[i].base.cra_driver_name + 2; basename = algs[i].base.cra_driver_name; diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index e43ba59e7627..e54517605f5f 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c @@ -911,8 +911,14 @@ static void test_ahash_speed_common(const char *algo, unsigned int secs, break; } - if (klen) - crypto_ahash_setkey(tfm, tvmem[0], klen); + if (klen) { + ret = crypto_ahash_setkey(tfm, tvmem[0], klen); + if (ret) { + pr_err("setkey() failed flags=%x: %d\n", + crypto_ahash_get_flags(tfm), ret); + break; + } + } pr_info("test%3u " "(%5u byte blocks,%5u bytes per update,%4u updates): ", @@ -2795,6 +2801,11 @@ static int __init tcrypt_mod_init(void) goto err_free_tv; } + if (!num_mb) { + pr_warn("num_mb must be at least 1; forcing to 1\n"); + num_mb = 1; + } + err = do_test(alg, type, mask, mode, num_mb); if (err) { @@ -2804,7 +2815,7 @@ static int __init tcrypt_mod_init(void) pr_debug("all tests passed\n"); } - /* We intentionaly return -EAGAIN to prevent keeping the module, + /* We intentionally return -EAGAIN to prevent keeping the module, * unless we're running in fips mode. It does all its work from * init() and doesn't offer any runtime functionality, but in * the fips case, checking for a successful load is helpful. diff --git a/crypto/tea.c b/crypto/tea.c index cb05140e3470..7c66efcb5caa 100644 --- a/crypto/tea.c +++ b/crypto/tea.c @@ -2,7 +2,7 @@ /* * Cryptographic API. * - * TEA, XTEA, and XETA crypto alogrithms + * TEA, XTEA, and XETA crypto algorithms * * The TEA and Xtended TEA algorithms were developed by David Wheeler * and Roger Needham at the Computer Laboratory of Cambridge University. diff --git a/crypto/testmgr.c b/crypto/testmgr.c index a8079cff7755..4d86efae65b2 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -4080,6 +4080,20 @@ static const struct alg_test_desc alg_test_descs[] = { .aead = __VECS(aegis128_tv_template) } }, { + .alg = "authenc(hmac(md5),cbc(aes))", + .generic_driver = "authenc(hmac-md5-lib,cbc(aes-lib))", + .test = alg_test_aead, + .suite = { + .aead = __VECS(hmac_md5_aes_cbc_tv_temp) + } + }, { + .alg = "authenc(hmac(md5),cbc(des))", + .generic_driver = "authenc(hmac-md5-lib,cbc(des-generic))", + .test = alg_test_aead, + .suite = { + .aead = __VECS(hmac_md5_des_cbc_tv_temp) + } + }, { .alg = "authenc(hmac(md5),cbc(des3_ede))", .generic_driver = "authenc(hmac-md5-lib,cbc(des3_ede-generic))", .test = alg_test_aead, @@ -4094,6 +4108,13 @@ static const struct alg_test_desc alg_test_descs[] = { .aead = __VECS(hmac_md5_ecb_cipher_null_tv_template) } }, { + .alg = "authenc(hmac(md5),rfc3686(ctr(aes)))", + .generic_driver = "authenc(hmac-md5-lib,rfc3686(ctr(aes-lib)))", + .test = alg_test_aead, + .suite = { + .aead = __VECS(hmac_md5_aes_ctr_rfc3686_tv_temp) + } + }, { .alg = "authenc(hmac(sha1),cbc(aes))", .generic_driver = "authenc(hmac-sha1-lib,cbc(aes-lib))", .test = alg_test_aead, @@ -4128,12 +4149,17 @@ static const struct alg_test_desc alg_test_descs[] = { } }, { .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))", - .test = alg_test_null, + .generic_driver = "authenc(hmac-sha1-lib,rfc3686(ctr(aes-lib)))", + .test = alg_test_aead, .fips_allowed = 1, + .suite = { + .aead = __VECS(hmac_sha1_aes_ctr_rfc3686_tv_temp) + } }, { .alg = "authenc(hmac(sha224),cbc(aes))", .generic_driver = "authenc(hmac-sha224-lib,cbc(aes-lib))", .test = alg_test_aead, + .fips_allowed = 1, .suite = { .aead = __VECS(hmac_sha224_aes_cbc_tv_temp) } @@ -4153,8 +4179,12 @@ static const struct alg_test_desc alg_test_descs[] = { } }, { .alg = "authenc(hmac(sha224),rfc3686(ctr(aes)))", - .test = alg_test_null, + .generic_driver = "authenc(hmac-sha224-lib,rfc3686(ctr(aes-lib)))", + .test = alg_test_aead, .fips_allowed = 1, + .suite = { + .aead = __VECS(hmac_sha224_aes_ctr_rfc3686_tv_temp) + } }, { .alg = "authenc(hmac(sha256),cbc(aes))", .generic_driver = "authenc(hmac-sha256-lib,cbc(aes-lib))", @@ -4190,12 +4220,17 @@ static const struct alg_test_desc alg_test_descs[] = { } }, { .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))", - .test = alg_test_null, + .generic_driver = "authenc(hmac-sha256-lib,rfc3686(ctr(aes-lib)))", + .test = alg_test_aead, .fips_allowed = 1, + .suite = { + .aead = __VECS(hmac_sha256_aes_ctr_rfc3686_tv_temp) + } }, { .alg = "authenc(hmac(sha384),cbc(aes))", .generic_driver = "authenc(hmac-sha384-lib,cbc(aes-lib))", .test = alg_test_aead, + .fips_allowed = 1, .suite = { .aead = __VECS(hmac_sha384_aes_cbc_tv_temp) } @@ -4226,8 +4261,12 @@ static const struct alg_test_desc alg_test_descs[] = { } }, { .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))", - .test = alg_test_null, + .generic_driver = "authenc(hmac-sha384-lib,rfc3686(ctr(aes-lib)))", + .test = alg_test_aead, .fips_allowed = 1, + .suite = { + .aead = __VECS(hmac_sha384_aes_ctr_rfc3686_tv_temp) + } }, { .alg = "authenc(hmac(sha512),cbc(aes))", .generic_driver = "authenc(hmac-sha512-lib,cbc(aes-lib))", @@ -4256,8 +4295,12 @@ static const struct alg_test_desc alg_test_descs[] = { .fips_allowed = 1, }, { .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))", - .test = alg_test_null, + .generic_driver = "authenc(hmac-sha512-lib,rfc3686(ctr(aes-lib)))", + .test = alg_test_aead, .fips_allowed = 1, + .suite = { + .aead = __VECS(hmac_sha512_aes_ctr_rfc3686_tv_temp) + } }, { .alg = "blake2b-160", .generic_driver = "blake2b-160-lib", diff --git a/crypto/testmgr.h b/crypto/testmgr.h index efbc707bb8e3..9b4d7e11c9fd 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -14453,6 +14453,261 @@ static const struct cipher_testvec aes_cbc_tv_template[] = { }, }; +static const struct aead_testvec hmac_md5_aes_cbc_tv_temp[] = { + { /* RFC 3602 Case 1 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x10" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x06\xa9\x21\x40\x36\xb8\xa1\x5b" + "\x51\x2e\x03\xd5\x34\x12\x00\x06", + .klen = 8 + 16 + 16, + .iv = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30" + "\xb4\x22\xda\x80\x2c\x9f\xac\x41", + .assoc = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30" + "\xb4\x22\xda\x80\x2c\x9f\xac\x41", + .alen = 16, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\xe3\x53\x77\x9c\x10\x79\xae\xb8" + "\x27\x08\x94\x2d\xbe\x77\x18\x1a" + "\x22\x10\xf2\x25\x7f\xe9\x0d\x92" + "\xfc\x00\x55\xb1\xd0\xb5\x3a\x74", + .clen = 16 + 16, + }, { /* RFC 3602 Case 2 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x10" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\xc2\x86\x69\x6d\x88\x7c\x9a\xa0" + "\x61\x1b\xbb\x3e\x20\x25\xa4\x5a", + .klen = 8 + 16 + 16, + .iv = "\x56\x2e\x17\x99\x6d\x09\x3d\x28" + "\xdd\xb3\xba\x69\x5a\x2e\x6f\x58", + .assoc = "\x56\x2e\x17\x99\x6d\x09\x3d\x28" + "\xdd\xb3\xba\x69\x5a\x2e\x6f\x58", + .alen = 16, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\xd2\x96\xcd\x94\xc2\xcc\xcf\x8a" + "\x3a\x86\x30\x28\xb5\xe1\xdc\x0a" + "\x75\x86\x60\x2d\x25\x3c\xff\xf9" + "\x1b\x82\x66\xbe\xa6\xd6\x1a\xb1" + "\x31\xef\xd1\x5e\x2d\x83\xde\x59" + "\x5c\x63\x6c\xd6\x6e\x96\x8c\x5b", + .clen = 32 + 16, + }, { /* RFC 3602 Case 3 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x10" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x6c\x3e\xa0\x47\x76\x30\xce\x21" + "\xa2\xce\x33\x4a\xa7\x46\xc2\xcd", + .klen = 8 + 16 + 16, + .iv = "\xc7\x82\xdc\x4c\x09\x8c\x66\xcb" + "\xd9\xcd\x27\xd8\x25\x68\x2c\x81", + .assoc = "\xc7\x82\xdc\x4c\x09\x8c\x66\xcb" + "\xd9\xcd\x27\xd8\x25\x68\x2c\x81", + .alen = 16, + .ptext = "This is a 48-byte message (exactly 3 AES blocks)", + .plen = 48, + .ctext = "\xd0\xa0\x2b\x38\x36\x45\x17\x53" + "\xd4\x93\x66\x5d\x33\xf0\xe8\x86" + "\x2d\xea\x54\xcd\xb2\x93\xab\xc7" + "\x50\x69\x39\x27\x67\x72\xf8\xd5" + "\x02\x1c\x19\x21\x6b\xad\x52\x5c" + "\x85\x79\x69\x5d\x83\xba\x26\x84" + "\xa1\x9e\xc5\x65\x43\xc5\x51\x70" + "\xb5\xc8\x38\xce\xbb\x3b\xc6\x0f", + .clen = 48 + 16, + }, { /* RFC 3602 Case 4 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x10" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x56\xe4\x7a\x38\xc5\x59\x89\x74" + "\xbc\x46\x90\x3d\xba\x29\x03\x49", + .klen = 8 + 16 + 16, + .iv = "\x8c\xe8\x2e\xef\xbe\xa0\xda\x3c" + "\x44\x69\x9e\xd7\xdb\x51\xb7\xd9", + .assoc = "\x8c\xe8\x2e\xef\xbe\xa0\xda\x3c" + "\x44\x69\x9e\xd7\xdb\x51\xb7\xd9", + .alen = 16, + .ptext = "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7" + "\xa8\xa9\xaa\xab\xac\xad\xae\xaf" + "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7" + "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf" + "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7" + "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf" + "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7" + "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf", + .plen = 64, + .ctext = "\xc3\x0e\x32\xff\xed\xc0\x77\x4e" + "\x6a\xff\x6a\xf0\x86\x9f\x71\xaa" + "\x0f\x3a\xf0\x7a\x9a\x31\xa9\xc6" + "\x84\xdb\x20\x7e\xb0\xef\x8e\x4e" + "\x35\x90\x7a\xa6\x32\xc3\xff\xdf" + "\x86\x8b\xb7\xb2\x9d\x3d\x46\xad" + "\x83\xce\x9f\x9a\x10\x2e\xe9\x9d" + "\x49\xa5\x3e\x87\xf4\xc3\xda\x55" + "\x19\x90\xcc\x2c\x6d\x76\x0f\xd6" + "\x6c\x54\x09\xb1\x3e\x98\x0c\x11", + .clen = 64 + 16, + }, { /* RFC 3602 Case 5 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x10" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x90\xd3\x82\xb4\x10\xee\xba\x7a" + "\xd9\x38\xc4\x6c\xec\x1a\x82\xbf", + .klen = 8 + 16 + 16, + .iv = "\xe9\x6e\x8c\x08\xab\x46\x57\x63" + "\xfd\x09\x8d\x45\xdd\x3f\xf8\x93", + .assoc = "\x00\x00\x43\x21\x00\x00\x00\x01" + "\xe9\x6e\x8c\x08\xab\x46\x57\x63" + "\xfd\x09\x8d\x45\xdd\x3f\xf8\x93", + .alen = 24, + .ptext = "\x08\x00\x0e\xbd\xa7\x0a\x00\x00" + "\x8e\x9c\x08\x3d\xb9\x5b\x07\x00" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x01\x02\x03\x04\x05\x06\x07\x08" + "\x09\x0a\x0b\x0c\x0d\x0e\x0e\x01", + .plen = 80, + .ctext = "\xf6\x63\xc2\x5d\x32\x5c\x18\xc6" + "\xa9\x45\x3e\x19\x4e\x12\x08\x49" + "\xa4\x87\x0b\x66\xcc\x6b\x99\x65" + "\x33\x00\x13\xb4\x89\x8d\xc8\x56" + "\xa4\x69\x9e\x52\x3a\x55\xdb\x08" + "\x0b\x59\xec\x3a\x8e\x4b\x7e\x52" + "\x77\x5b\x07\xd1\xdb\x34\xed\x9c" + "\x53\x8a\xb5\x0c\x55\x1b\x87\x4a" + "\xa2\x69\xad\xd0\x47\xad\x2d\x59" + "\x13\xac\x19\xb7\xcf\xba\xd4\xa6" + "\x9f\x6f\xa4\x85\x28\xf1\xc9\xea" + "\xe1\xd0\x7d\x30\x4a\xd0\x81\x12", + .clen = 80 + 16, + }, { /* NIST SP800-38A F.2.3 CBC-AES192.Encrypt */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x18" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x8e\x73\xb0\xf7\xda\x0e\x64\x52" + "\xc8\x10\xf3\x2b\x80\x90\x79\xe5" + "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", + .klen = 8 + 16 + 24, + .iv = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .assoc = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .alen = 16, + .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96" + "\xe9\x3d\x7e\x11\x73\x93\x17\x2a" + "\xae\x2d\x8a\x57\x1e\x03\xac\x9c" + "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" + "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11" + "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" + "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17" + "\xad\x2b\x41\x7b\xe6\x6c\x37\x10", + .plen = 64, + .ctext = "\x4f\x02\x1d\xb2\x43\xbc\x63\x3d" + "\x71\x78\x18\x3a\x9f\xa0\x71\xe8" + "\xb4\xd9\xad\xa9\xad\x7d\xed\xf4" + "\xe5\xe7\x38\x76\x3f\x69\x14\x5a" + "\x57\x1b\x24\x20\x12\xfb\x7a\xe0" + "\x7f\xa9\xba\xac\x3d\xf1\x02\xe0" + "\x08\xb0\xe2\x79\x88\x59\x88\x81" + "\xd9\x20\xa9\xe6\x4f\x56\x15\xcd" + "\xc3\x46\xe5\x2c\x07\x27\x50\xca" + "\x50\x4a\x83\x5f\x72\xd9\x76\x8d", + .clen = 64 + 16, + }, { /* NIST SP800-38A F.2.5 CBC-AES256.Encrypt */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x20" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x60\x3d\xeb\x10\x15\xca\x71\xbe" + "\x2b\x73\xae\xf0\x85\x7d\x77\x81" + "\x1f\x35\x2c\x07\x3b\x61\x08\xd7" + "\x2d\x98\x10\xa3\x09\x14\xdf\xf4", + .klen = 8 + 16 + 32, + .iv = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .assoc = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .alen = 16, + .ptext = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96" + "\xe9\x3d\x7e\x11\x73\x93\x17\x2a" + "\xae\x2d\x8a\x57\x1e\x03\xac\x9c" + "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" + "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11" + "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" + "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17" + "\xad\x2b\x41\x7b\xe6\x6c\x37\x10", + .plen = 64, + .ctext = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba" + "\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6" + "\x9c\xfc\x4e\x96\x7e\xdb\x80\x8d" + "\x67\x9f\x77\x7b\xc6\x70\x2c\x7d" + "\x39\xf2\x33\x69\xa9\xd9\xba\xcf" + "\xa5\x30\xe2\x63\x04\x23\x14\x61" + "\xb2\xeb\x05\xe2\xc3\x9b\xe9\xfc" + "\xda\x6c\x19\x07\x8c\x6a\x9d\x1b" + "\x59\x62\x06\x71\x57\xdf\x18\x15" + "\x32\x02\xfa\xce\x2c\xd2\x1a\x8d", + .clen = 64 + 16, + }, +}; + static const struct aead_testvec hmac_md5_ecb_cipher_null_tv_template[] = { { /* Input data from RFC 2410 Case 1 */ #ifdef __LITTLE_ENDIAN @@ -14764,6 +15019,227 @@ static const struct aead_testvec hmac_sha1_aes_cbc_tv_temp[] = { }, }; +static const struct aead_testvec hmac_sha1_aes_ctr_rfc3686_tv_temp[] = { + { /* RFC 3686 Case 1 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00" + "\xae\x68\x52\xf8\x12\x10\x67\xcc" + "\x4b\xf7\xa5\x76\x55\x77\xf3\x9e" + "\x00\x00\x00\x30", + .klen = 8 + 20 + 20, + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .assoc = "\x00\x00\x00\x00\x00\x00\x00\x00", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79" + "\x2d\x61\x75\xa3\x26\x13\x11\xb8" + "\x70\xdc\x6b\x62\x43\xa1\x2f\x08" + "\xf1\xec\x93\x7d\x69\xb2\x8e\x1f" + "\x0a\x97\x39\x86", + .clen = 16 + 20, + }, { /* RFC 3686 Case 2 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33" + "\x7e\x24\x06\x78\x17\xfa\xe0\xd7" + "\x43\xd6\xce\x1f\x32\x53\x91\x63" + "\x00\x6c\xb6\xdb", + .klen = 8 + 20 + 20, + .iv = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .assoc = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x51\x04\xa1\x06\x16\x8a\x72\xd9" + "\x79\x0d\x41\xee\x8e\xda\xd3\x88" + "\xeb\x2e\x1e\xfc\x46\xda\x57\xc8" + "\xfc\xe6\x30\xdf\x91\x41\xbe\x28" + "\x6b\x7b\x4d\x39\x36\x1c\x12\x5f" + "\x72\xd2\x88\xb2\x26\xa6\xa6\xb5" + "\x1d\x3a\x49\xa6", + .clen = 32 + 20, + }, { /* RFC 3686 Case 3 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x22\x33\x44\x55" + "\x76\x91\xbe\x03\x5e\x50\x20\xa8" + "\xac\x6e\x61\x85\x29\xf9\xa0\xdc" + "\x00\xe0\x01\x7b", + .klen = 8 + 20 + 20, + .iv = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .assoc = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" + "\x20\x21\x22\x23", + .plen = 36, + .ctext = "\xc1\xcf\x48\xa8\x9f\x2f\xfd\xd9" + "\xcf\x46\x52\xe9\xef\xdb\x72\xd7" + "\x45\x40\xa4\x2b\xde\x6d\x78\x36" + "\xd5\x9a\x5c\xea\xae\xf3\x10\x53" + "\x25\xb2\x07\x2f" + "\x2c\x86\xa0\x90\x8e\xc1\x02\x1d" + "\x51\xdc\xd6\x21\xc7\x30\xcc\x32" + "\x38\x55\x47\x64", + .clen = 36 + 20, + }, { /* RFC 3686 Case 4 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00" + "\x16\xaf\x5b\x14\x5f\xc9\xf5\x79" + "\xc1\x75\xf9\x3e\x3b\xfb\x0e\xed" + "\x86\x3d\x06\xcc\xfd\xb7\x85\x15" + "\x00\x00\x00\x48", + .klen = 8 + 20 + 28, + .iv = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .assoc = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8" + "\x4e\x79\x35\xa0\x03\xcb\xe9\x28" + "\xe9\x4e\x49\xf0\x6b\x8d\x58\x2b" + "\x26\x7f\xf3\xab\xeb\x2f\x74\x2f" + "\x45\x43\x64\xc1", + .clen = 16 + 20, + }, { /* RFC 3686 Case 5 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33" + "\x7c\x5c\xb2\x40\x1b\x3d\xc3\x3c" + "\x19\xe7\x34\x08\x19\xe0\xf6\x9c" + "\x67\x8c\x3d\xb8\xe6\xf6\xa9\x1a" + "\x00\x96\xb0\x3b", + .klen = 8 + 20 + 28, + .iv = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .assoc = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x45\x32\x43\xfc\x60\x9b\x23\x32" + "\x7e\xdf\xaa\xfa\x71\x31\xcd\x9f" + "\x84\x90\x70\x1c\x5a\xd4\xa7\x9c" + "\xfc\x1f\xe0\xff\x42\xf4\xfb\x00" + "\xab\xc4\xfa\x6d\x20\xe1\xce\x72" + "\x0e\x92\x4e\x97\xaa\x4d\x30\x84" + "\xb6\xd8\x4d\x3b", + .clen = 32 + 20, + }, { /* RFC 3686 Case 7 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00" + "\x77\x6b\xef\xf2\x85\x1d\xb0\x6f" + "\x4c\x8a\x05\x42\xc8\x69\x6f\x6c" + "\x6a\x81\xaf\x1e\xec\x96\xb4\xd3" + "\x7f\xc1\xd6\x89\xe6\xc1\xc1\x04" + "\x00\x00\x00\x60", + .klen = 8 + 20 + 36, + .iv = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .assoc = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7" + "\x56\x08\x63\xdc\x71\xe3\xe0\xc0" + "\x3d\x6c\x23\x27\xda\x0e\x7f\x29" + "\xfd\x8d\x3c\x1b\xf7\x7a\x63\xd9" + "\x7e\x0f\xe9\xf6", + .clen = 16 + 20, + }, { /* RFC 3686 Case 8 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33" + "\xf6\xd6\x6d\x6b\xd5\x2d\x59\xbb" + "\x07\x96\x36\x58\x79\xef\xf8\x86" + "\xc6\x6d\xd5\x1a\x5b\x6a\x99\x74" + "\x4b\x50\x59\x0c\x87\xa2\x38\x84" + "\x00\xfa\xac\x24", + .klen = 8 + 20 + 36, + .iv = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .assoc = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c" + "\x49\xee\x00\x0b\x80\x4e\xb2\xa9" + "\xb8\x30\x6b\x50\x8f\x83\x9d\x6a" + "\x55\x30\x83\x1d\x93\x44\xaf\x1c" + "\xe7\xee\x22\xa4\xdd\xbf\x5d\x44" + "\x3b\x43\x1c\x69\x55\x11\xd5\xad" + "\x14\x5f\x44\xa6", + .clen = 32 + 20, + }, +}; + static const struct aead_testvec hmac_sha1_ecb_cipher_null_tv_temp[] = { { /* Input data from RFC 2410 Case 1 */ #ifdef __LITTLE_ENDIAN @@ -15095,6 +15571,241 @@ static const struct aead_testvec hmac_sha224_aes_cbc_tv_temp[] = { }, }; +static const struct aead_testvec hmac_sha224_aes_ctr_rfc3686_tv_temp[] = { + { /* RFC 3686 Case 1 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00" + "\xae\x68\x52\xf8\x12\x10\x67\xcc" + "\x4b\xf7\xa5\x76\x55\x77\xf3\x9e" + "\x00\x00\x00\x30", + .klen = 8 + 28 + 20, + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .assoc = "\x00\x00\x00\x00\x00\x00\x00\x00", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79" + "\x2d\x61\x75\xa3\x26\x13\x11\xb8" + "\x36\xb4\x3b\x9c\x62\xed\xcf\x77" + "\xdc\x19\x27\x3f\x92\x80\x52\xce" + "\x8f\xad\x01\x0b\x79\xda\x04\x83" + "\xcb\x45\x1a\x52", + .clen = 16 + 28, + }, { /* RFC 3686 Case 2 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b" + "\x7e\x24\x06\x78\x17\xfa\xe0\xd7" + "\x43\xd6\xce\x1f\x32\x53\x91\x63" + "\x00\x6c\xb6\xdb", + .klen = 8 + 28 + 20, + .iv = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .assoc = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x51\x04\xa1\x06\x16\x8a\x72\xd9" + "\x79\x0d\x41\xee\x8e\xda\xd3\x88" + "\xeb\x2e\x1e\xfc\x46\xda\x57\xc8" + "\xfc\xe6\x30\xdf\x91\x41\xbe\x28" + "\x7f\xe4\x8f\xa7\x06\x71\xe9\xe5" + "\x16\x79\xef\xf9\x7e\x5c\x93\x4d" + "\xa0\xf8\x3b\x3a\xaa\x1c\xc0\xd9" + "\x6b\x48\x49\x01", + .clen = 32 + 28, + }, { /* RFC 3686 Case 3 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x22\x33\x44\x55\x66\x77\x88\x99" + "\xaa\xbb\xcc\xdd" + "\x76\x91\xbe\x03\x5e\x50\x20\xa8" + "\xac\x6e\x61\x85\x29\xf9\xa0\xdc" + "\x00\xe0\x01\x7b", + .klen = 8 + 28 + 20, + .iv = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .assoc = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" + "\x20\x21\x22\x23", + .plen = 36, + .ctext = "\xc1\xcf\x48\xa8\x9f\x2f\xfd\xd9" + "\xcf\x46\x52\xe9\xef\xdb\x72\xd7" + "\x45\x40\xa4\x2b\xde\x6d\x78\x36" + "\xd5\x9a\x5c\xea\xae\xf3\x10\x53" + "\x25\xb2\x07\x2f" + "\xb0\x19\x45\xee\xa7\x31\xd9\xd0" + "\x74\x6b\xb8\xb1\x67\x61\x2f\x8c" + "\x68\xde\xe3\xc9\x3b\x0c\x72\xda" + "\x48\xba\x1b\x51", + .clen = 36 + 28, + }, { /* RFC 3686 Case 4 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00" + "\x16\xaf\x5b\x14\x5f\xc9\xf5\x79" + "\xc1\x75\xf9\x3e\x3b\xfb\x0e\xed" + "\x86\x3d\x06\xcc\xfd\xb7\x85\x15" + "\x00\x00\x00\x48", + .klen = 8 + 28 + 28, + .iv = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .assoc = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8" + "\x4e\x79\x35\xa0\x03\xcb\xe9\x28" + "\xfd\xf5\x35\x26\x50\x3d\xdf\x80" + "\x6e\xbe\xba\x8d\x56\xf3\x03\xb7" + "\x27\xb8\x13\xe8\x72\x8f\xc9\x52" + "\x4a\xb7\xc3\x3a", + .clen = 16 + 28, + }, { /* RFC 3686 Case 5 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b" + "\x7c\x5c\xb2\x40\x1b\x3d\xc3\x3c" + "\x19\xe7\x34\x08\x19\xe0\xf6\x9c" + "\x67\x8c\x3d\xb8\xe6\xf6\xa9\x1a" + "\x00\x96\xb0\x3b", + .klen = 8 + 28 + 28, + .iv = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .assoc = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x45\x32\x43\xfc\x60\x9b\x23\x32" + "\x7e\xdf\xaa\xfa\x71\x31\xcd\x9f" + "\x84\x90\x70\x1c\x5a\xd4\xa7\x9c" + "\xfc\x1f\xe0\xff\x42\xf4\xfb\x00" + "\x72\x89\xa8\x04\xa5\xac\x8f\x29" + "\xe6\xb8\x58\xe8\xcf\x6a\x91\x89" + "\xd3\x66\x3b\xdc\xce\x43\x23\xb7" + "\x6a\xdd\x9d\xbd", + .clen = 32 + 28, + }, { /* RFC 3686 Case 7 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00" + "\x77\x6b\xef\xf2\x85\x1d\xb0\x6f" + "\x4c\x8a\x05\x42\xc8\x69\x6f\x6c" + "\x6a\x81\xaf\x1e\xec\x96\xb4\xd3" + "\x7f\xc1\xd6\x89\xe6\xc1\xc1\x04" + "\x00\x00\x00\x60", + .klen = 8 + 28 + 36, + .iv = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .assoc = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7" + "\x56\x08\x63\xdc\x71\xe3\xe0\xc0" + "\xfe\xdf\x6f\x62\x8a\x79\xb5\x34" + "\xd0\x6f\x32\xaf\x31\x50\x5b\x1f" + "\xe0\x6d\x0b\xbc\x02\x25\xee\x74" + "\x7a\xdf\x97\x3c", + .clen = 16 + 28, + }, { /* RFC 3686 Case 8 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b" + "\xf6\xd6\x6d\x6b\xd5\x2d\x59\xbb" + "\x07\x96\x36\x58\x79\xef\xf8\x86" + "\xc6\x6d\xd5\x1a\x5b\x6a\x99\x74" + "\x4b\x50\x59\x0c\x87\xa2\x38\x84" + "\x00\xfa\xac\x24", + .klen = 8 + 28 + 36, + .iv = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .assoc = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c" + "\x49\xee\x00\x0b\x80\x4e\xb2\xa9" + "\xb8\x30\x6b\x50\x8f\x83\x9d\x6a" + "\x55\x30\x83\x1d\x93\x44\xaf\x1c" + "\x19\x1e\x9c\x2c\x6d\x4e\x21\xda" + "\x6c\x4d\x88\x90\xf8\x5f\xa5\x9d" + "\xb4\xd4\x40\xad\xfa\x67\x3f\x0e" + "\x11\x12\xd6\x10", + .clen = 32 + 28, + }, +}; + static const struct aead_testvec hmac_sha256_aes_cbc_tv_temp[] = { { /* RFC 3602 Case 1 */ #ifdef __LITTLE_ENDIAN @@ -15378,6 +16089,241 @@ static const struct aead_testvec hmac_sha256_aes_cbc_tv_temp[] = { }, }; +static const struct aead_testvec hmac_sha256_aes_ctr_rfc3686_tv_temp[] = { + { /* RFC 3686 Case 1 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\xae\x68\x52\xf8\x12\x10\x67\xcc" + "\x4b\xf7\xa5\x76\x55\x77\xf3\x9e" + "\x00\x00\x00\x30", + .klen = 8 + 32 + 20, + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .assoc = "\x00\x00\x00\x00\x00\x00\x00\x00", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79" + "\x2d\x61\x75\xa3\x26\x13\x11\xb8" + "\x9b\xa2\x34\x62\xe5\xb3\xe8\x2d" + "\x6d\xdb\x93\x64\xa5\x08\x2e\x77" + "\x72\x1f\x21\x94\xc7\xbe\x14\xa6" + "\xcd\xea\x96\xa1\x29\x8f\x30\xc3", + .clen = 16 + 32, + }, { /* RFC 3686 Case 2 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\x7e\x24\x06\x78\x17\xfa\xe0\xd7" + "\x43\xd6\xce\x1f\x32\x53\x91\x63" + "\x00\x6c\xb6\xdb", + .klen = 8 + 32 + 20, + .iv = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .assoc = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x51\x04\xa1\x06\x16\x8a\x72\xd9" + "\x79\x0d\x41\xee\x8e\xda\xd3\x88" + "\xeb\x2e\x1e\xfc\x46\xda\x57\xc8" + "\xfc\xe6\x30\xdf\x91\x41\xbe\x28" + "\x22\xf7\x95\xa8\xbb\xcd\x19\xf4" + "\x58\x16\x54\x28\x2b\xf4\x52\xe7" + "\x5c\x6c\xe1\x44\x0b\xd5\x10\x6e" + "\xe1\xf7\x04\xc4\x2c\xab\x93\xdd", + .clen = 32 + 32, + }, { /* RFC 3686 Case 3 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x22\x33\x44\x55\x66\x77\x88\x99" + "\xaa\xbb\xcc\xdd\xee\xff\x11\x22" + "\x76\x91\xbe\x03\x5e\x50\x20\xa8" + "\xac\x6e\x61\x85\x29\xf9\xa0\xdc" + "\x00\xe0\x01\x7b", + .klen = 8 + 32 + 20, + .iv = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .assoc = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" + "\x20\x21\x22\x23", + .plen = 36, + .ctext = "\xc1\xcf\x48\xa8\x9f\x2f\xfd\xd9" + "\xcf\x46\x52\xe9\xef\xdb\x72\xd7" + "\x45\x40\xa4\x2b\xde\x6d\x78\x36" + "\xd5\x9a\x5c\xea\xae\xf3\x10\x53" + "\x25\xb2\x07\x2f" + "\x1d\x05\x5f\x77\x3b\x4f\x5c\x21" + "\x29\xea\xf1\xa8\x71\x49\x7b\x0b" + "\x66\x0d\xff\x18\x81\x63\xfc\xc3" + "\x91\xb6\x38\xc8\xcd\x2d\x39\x83", + .clen = 36 + 32, + }, { /* RFC 3686 Case 4 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x16\xaf\x5b\x14\x5f\xc9\xf5\x79" + "\xc1\x75\xf9\x3e\x3b\xfb\x0e\xed" + "\x86\x3d\x06\xcc\xfd\xb7\x85\x15" + "\x00\x00\x00\x48", + .klen = 8 + 32 + 28, + .iv = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .assoc = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8" + "\x4e\x79\x35\xa0\x03\xcb\xe9\x28" + "\x8d\x03\x77\xb2\x1c\xc9\xe0\xac" + "\xde\x69\xbe\x8a\xef\x5b\x13\x74" + "\x1d\x39\xbc\xdc\x95\xa4\xbf\xc3" + "\xd5\xc6\xd1\xda\xda\x3b\xca\x78", + .clen = 16 + 32, + }, { /* RFC 3686 Case 5 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\x7c\x5c\xb2\x40\x1b\x3d\xc3\x3c" + "\x19\xe7\x34\x08\x19\xe0\xf6\x9c" + "\x67\x8c\x3d\xb8\xe6\xf6\xa9\x1a" + "\x00\x96\xb0\x3b", + .klen = 8 + 32 + 28, + .iv = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .assoc = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x45\x32\x43\xfc\x60\x9b\x23\x32" + "\x7e\xdf\xaa\xfa\x71\x31\xcd\x9f" + "\x84\x90\x70\x1c\x5a\xd4\xa7\x9c" + "\xfc\x1f\xe0\xff\x42\xf4\xfb\x00" + "\x34\x06\x2b\x3d\xf1\xa8\x3d\xf1" + "\xa6\x5e\x5c\x1a\xdb\x0c\xb5\x1e" + "\x8f\xdb\xf4\xca\x7d\x09\x5e\x81" + "\xdb\x32\x07\x4a\x1d\x1c\x6d\x83", + .clen = 32 + 32, + }, { /* RFC 3686 Case 7 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x77\x6b\xef\xf2\x85\x1d\xb0\x6f" + "\x4c\x8a\x05\x42\xc8\x69\x6f\x6c" + "\x6a\x81\xaf\x1e\xec\x96\xb4\xd3" + "\x7f\xc1\xd6\x89\xe6\xc1\xc1\x04" + "\x00\x00\x00\x60", + .klen = 8 + 32 + 36, + .iv = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .assoc = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7" + "\x56\x08\x63\xdc\x71\xe3\xe0\xc0" + "\xc3\xb4\x5f\xb0\xbf\xf5\x1b\xff" + "\x7c\xf1\x79\x00\x63\x50\xdd\x77" + "\xc0\x4a\xba\xcd\xdc\x47\x05\x2a" + "\x5d\x85\x2d\x83\x44\xca\x79\x2c", + .clen = 16 + 32, + }, { /* RFC 3686 Case 8 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\xf6\xd6\x6d\x6b\xd5\x2d\x59\xbb" + "\x07\x96\x36\x58\x79\xef\xf8\x86" + "\xc6\x6d\xd5\x1a\x5b\x6a\x99\x74" + "\x4b\x50\x59\x0c\x87\xa2\x38\x84" + "\x00\xfa\xac\x24", + .klen = 8 + 32 + 36, + .iv = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .assoc = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c" + "\x49\xee\x00\x0b\x80\x4e\xb2\xa9" + "\xb8\x30\x6b\x50\x8f\x83\x9d\x6a" + "\x55\x30\x83\x1d\x93\x44\xaf\x1c" + "\xc8\x59\x5d\xe1\xba\xac\x13\x82" + "\xfd\x21\x7c\x8c\x23\x31\x04\x02" + "\x9e\x69\x5b\x57\xa8\x13\xe7\x21" + "\x60\x0c\x24\xc2\x80\x4a\x93\x6e", + .clen = 32 + 32, + }, +}; + static const struct aead_testvec hmac_sha384_aes_cbc_tv_temp[] = { { /* RFC 3602 Case 1 */ #ifdef __LITTLE_ENDIAN @@ -15689,6 +16635,269 @@ static const struct aead_testvec hmac_sha384_aes_cbc_tv_temp[] = { }, }; +static const struct aead_testvec hmac_sha384_aes_ctr_rfc3686_tv_temp[] = { + { /* RFC 3686 Case 1 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\xae\x68\x52\xf8\x12\x10\x67\xcc" + "\x4b\xf7\xa5\x76\x55\x77\xf3\x9e" + "\x00\x00\x00\x30", + .klen = 8 + 48 + 20, + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .assoc = "\x00\x00\x00\x00\x00\x00\x00\x00", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79" + "\x2d\x61\x75\xa3\x26\x13\x11\xb8" + "\x45\x51\x59\x72\x16\xd3\xc6\x15" + "\x25\x1e\xe8\x92\x2e\x47\x52\xcc" + "\x91\x9c\x24\xef\x11\xb2\x53\x00" + "\x10\x20\x43\x06\xe2\x35\x88\x9e" + "\x18\x32\x5a\x79\x7d\x73\x7e\x89" + "\xfe\xa1\xda\xa4\x86\xc4\x2a\x04", + .clen = 16 + 48, + }, { /* RFC 3686 Case 2 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\x40\x41\x42\x43\x44\x45\x46\x47" + "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f" + "\x7e\x24\x06\x78\x17\xfa\xe0\xd7" + "\x43\xd6\xce\x1f\x32\x53\x91\x63" + "\x00\x6c\xb6\xdb", + .klen = 8 + 48 + 20, + .iv = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .assoc = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x51\x04\xa1\x06\x16\x8a\x72\xd9" + "\x79\x0d\x41\xee\x8e\xda\xd3\x88" + "\xeb\x2e\x1e\xfc\x46\xda\x57\xc8" + "\xfc\xe6\x30\xdf\x91\x41\xbe\x28" + "\x83\x65\x32\x1e\x6b\x60\xe6\x4a" + "\xe2\xab\x52\x2b\xa6\x70\x3a\xfa" + "\xd2\xec\x83\xe4\x31\x0c\x28\x40" + "\x9b\x5e\x18\xa4\xdc\x48\xb8\x56" + "\x33\xab\x7f\x2b\xaf\xe4\x3a\xe3" + "\x8a\x61\xf6\x22\xb4\x6b\xfe\x7d", + .clen = 32 + 48, + }, { /* RFC 3686 Case 3 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x22\x33\x44\x55\x66\x77\x88\x99" + "\xaa\xbb\xcc\xdd\xee\xff\x11\x22" + "\x33\x44\x55\x66\x77\x88\x99\xaa" + "\xbb\xcc\xdd\xee\xff\x11\x22\x33" + "\x76\x91\xbe\x03\x5e\x50\x20\xa8" + "\xac\x6e\x61\x85\x29\xf9\xa0\xdc" + "\x00\xe0\x01\x7b", + .klen = 8 + 48 + 20, + .iv = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .assoc = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" + "\x20\x21\x22\x23", + .plen = 36, + .ctext = "\xc1\xcf\x48\xa8\x9f\x2f\xfd\xd9" + "\xcf\x46\x52\xe9\xef\xdb\x72\xd7" + "\x45\x40\xa4\x2b\xde\x6d\x78\x36" + "\xd5\x9a\x5c\xea\xae\xf3\x10\x53" + "\x25\xb2\x07\x2f" + "\x4a\xaa\xad\x3b\x3b\xb6\x9a\xba" + "\xa1\x7b\xc6\xce\x96\xc3\xff\x67" + "\xf3\x0c\x33\x57\xf0\x51\x24\x08" + "\xed\x4f\x6a\x9c\x22\x42\xbd\x18" + "\x97\x74\x68\x36\x00\xf1\x69\x3a" + "\x18\x77\x40\xf0\x56\xba\xba\xe0", + .clen = 36 + 48, + }, { /* RFC 3686 Case 4 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x16\xaf\x5b\x14\x5f\xc9\xf5\x79" + "\xc1\x75\xf9\x3e\x3b\xfb\x0e\xed" + "\x86\x3d\x06\xcc\xfd\xb7\x85\x15" + "\x00\x00\x00\x48", + .klen = 8 + 48 + 28, + .iv = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .assoc = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8" + "\x4e\x79\x35\xa0\x03\xcb\xe9\x28" + "\x36\xd6\xc7\x55\xac\xb6\x0b\x14" + "\x95\x71\xf9\x86\x30\xe3\x96\xc3" + "\x76\x85\x6d\xa5\x06\xed\x6f\x34" + "\xcc\x1f\xcc\x2d\x88\x06\xb0\x1d" + "\xbe\xd9\xa2\xd3\x64\xf1\x33\x03" + "\x13\x50\x8f\xae\x61\x2d\x82\xb8", + .clen = 16 + 48, + }, { /* RFC 3686 Case 5 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\x40\x41\x42\x43\x44\x45\x46\x47" + "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f" + "\x7c\x5c\xb2\x40\x1b\x3d\xc3\x3c" + "\x19\xe7\x34\x08\x19\xe0\xf6\x9c" + "\x67\x8c\x3d\xb8\xe6\xf6\xa9\x1a" + "\x00\x96\xb0\x3b", + .klen = 8 + 48 + 28, + .iv = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .assoc = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x45\x32\x43\xfc\x60\x9b\x23\x32" + "\x7e\xdf\xaa\xfa\x71\x31\xcd\x9f" + "\x84\x90\x70\x1c\x5a\xd4\xa7\x9c" + "\xfc\x1f\xe0\xff\x42\xf4\xfb\x00" + "\x80\x12\x67\x22\xf2\x4d\x9b\xbf" + "\xdc\x38\xd3\xaa\x12\xc0\x58\x1a" + "\x9a\x62\x6e\x42\x3d\x44\x63\xdd" + "\xee\x7e\xe3\xa3\xdf\x2a\x65\x05" + "\xd0\xc1\xd2\x54\x55\x35\x5c\xc7" + "\xb0\xb5\xb1\x36\xe0\x0b\xaf\x72", + .clen = 32 + 48, + }, { /* RFC 3686 Case 7 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x77\x6b\xef\xf2\x85\x1d\xb0\x6f" + "\x4c\x8a\x05\x42\xc8\x69\x6f\x6c" + "\x6a\x81\xaf\x1e\xec\x96\xb4\xd3" + "\x7f\xc1\xd6\x89\xe6\xc1\xc1\x04" + "\x00\x00\x00\x60", + .klen = 8 + 48 + 36, + .iv = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .assoc = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7" + "\x56\x08\x63\xdc\x71\xe3\xe0\xc0" + "\xb1\x7b\xb1\xec\xca\x94\x55\xc4" + "\x3f\x2b\xb1\x70\x04\x91\xf5\x9d" + "\x1a\xc0\xe1\x2a\x93\x5f\x96\x2a" + "\x12\x85\x38\x36\xe1\xb2\xe9\xf0" + "\xf2\x6e\x5d\x81\xcc\x49\x07\x9c" + "\x5b\x88\xc8\xcc\xc4\x21\x4f\x32", + .clen = 16 + 48, + }, { /* RFC 3686 Case 8 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\x40\x41\x42\x43\x44\x45\x46\x47" + "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f" + "\xf6\xd6\x6d\x6b\xd5\x2d\x59\xbb" + "\x07\x96\x36\x58\x79\xef\xf8\x86" + "\xc6\x6d\xd5\x1a\x5b\x6a\x99\x74" + "\x4b\x50\x59\x0c\x87\xa2\x38\x84" + "\x00\xfa\xac\x24", + .klen = 8 + 48 + 36, + .iv = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .assoc = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c" + "\x49\xee\x00\x0b\x80\x4e\xb2\xa9" + "\xb8\x30\x6b\x50\x8f\x83\x9d\x6a" + "\x55\x30\x83\x1d\x93\x44\xaf\x1c" + "\xd6\x96\xbb\x12\x39\xc4\x4d\xe2" + "\x4c\x02\xe7\x1f\xdc\xb2\xb1\x57" + "\x38\x0d\xdd\x13\xb3\x89\x57\x9e" + "\x1f\xb5\x48\x32\xc4\xd3\x9d\x1f" + "\x68\xab\x8d\xc6\xa8\x05\x3a\xc2" + "\x87\xaf\x23\xb3\xe4\x1b\xde\xb3", + .clen = 32 + 48, + }, +}; + static const struct aead_testvec hmac_sha512_aes_cbc_tv_temp[] = { { /* RFC 3602 Case 1 */ #ifdef __LITTLE_ENDIAN @@ -16028,6 +17237,354 @@ static const struct aead_testvec hmac_sha512_aes_cbc_tv_temp[] = { }, }; +static const struct aead_testvec hmac_md5_des_cbc_tv_temp[] = { + { /*Generated with cryptopp*/ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x08" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\xE9\xC0\xFF\x2E\x76\x0B\x64\x24", + .klen = 8 + 16 + 8, + .iv = "\x7D\x33\x88\x93\x0F\x93\xB2\x42", + .assoc = "\x00\x00\x43\x21\x00\x00\x00\x01" + "\x7D\x33\x88\x93\x0F\x93\xB2\x42", + .alen = 16, + .ptext = "\x6f\x54\x20\x6f\x61\x4d\x79\x6e" + "\x53\x20\x63\x65\x65\x72\x73\x74" + "\x54\x20\x6f\x6f\x4d\x20\x6e\x61" + "\x20\x79\x65\x53\x72\x63\x74\x65" + "\x20\x73\x6f\x54\x20\x6f\x61\x4d" + "\x79\x6e\x53\x20\x63\x65\x65\x72" + "\x73\x74\x54\x20\x6f\x6f\x4d\x20" + "\x6e\x61\x20\x79\x65\x53\x72\x63" + "\x74\x65\x20\x73\x6f\x54\x20\x6f" + "\x61\x4d\x79\x6e\x53\x20\x63\x65" + "\x65\x72\x73\x74\x54\x20\x6f\x6f" + "\x4d\x20\x6e\x61\x20\x79\x65\x53" + "\x72\x63\x74\x65\x20\x73\x6f\x54" + "\x20\x6f\x61\x4d\x79\x6e\x53\x20" + "\x63\x65\x65\x72\x73\x74\x54\x20" + "\x6f\x6f\x4d\x20\x6e\x61\x0a\x79", + .plen = 128, + .ctext = "\x70\xd6\xde\x64\x87\x17\xf1\xe8" + "\x54\x31\x85\x37\xed\x6b\x01\x8d" + "\xe3\xcc\xe0\x1d\x5e\xf3\xfe\xf1" + "\x41\xaa\x33\x91\xa7\x7d\x99\x88" + "\x4d\x85\x6e\x2f\xa3\x69\xf5\x82" + "\x3a\x6f\x25\xcb\x7d\x58\x1f\x9b" + "\xaa\x9c\x11\xd5\x76\x67\xce\xde" + "\x56\xd7\x5a\x80\x69\xea\x3a\x02" + "\xf0\xc7\x7c\xe3\xcb\x40\xe5\x52" + "\xd1\x10\x92\x78\x0b\x8e\x5b\xf1" + "\xe3\x26\x1f\xe1\x15\x41\xc7\xba" + "\x99\xdb\x08\x51\x1c\xd3\x01\xf4" + "\x87\x47\x39\xb8\xd2\xdd\xbd\xfb" + "\x66\x13\xdf\x1c\x01\x44\xf0\x7a" + "\x1a\x6b\x13\xf5\xd5\x0b\xb8\xba" + "\x53\xba\xe1\x76\xe3\x82\x07\x86" + "\x95\x9e\x7d\x37\x1e\x60\xaf\x7c" + "\x53\x12\x61\x68\xef\xb4\x47\xa6", + .clen = 128 + 16, + }, +}; + +static const struct aead_testvec hmac_sha512_aes_ctr_rfc3686_tv_temp[] = { + { /* RFC 3686 Case 1 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\xae\x68\x52\xf8\x12\x10\x67\xcc" + "\x4b\xf7\xa5\x76\x55\x77\xf3\x9e" + "\x00\x00\x00\x30", + .klen = 8 + 64 + 20, + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .assoc = "\x00\x00\x00\x00\x00\x00\x00\x00", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79" + "\x2d\x61\x75\xa3\x26\x13\x11\xb8" + "\xa4\x45\x3a\x44\x9c\xe5\x1c\xd9" + "\x10\x43\x51\x2e\x76\x5e\xf8\x9d" + "\x03\x12\x1a\x31\x00\x33\x10\xb4" + "\x94\x4b\x70\x84\x6c\xda\xb1\x46" + "\x24\xb6\x3b\x2a\xec\xd5\x67\xb8" + "\x65\xa2\xbd\xac\x18\xe2\xf8\x55" + "\xc6\x91\xb0\x92\x84\x2d\x74\x44" + "\xa7\xee\xc3\x44\xa0\x07\x0e\x62", + .clen = 16 + 64, + }, { /* RFC 3686 Case 2 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\x40\x41\x42\x43\x44\x45\x46\x47" + "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f" + "\x50\x51\x52\x53\x54\x55\x56\x57" + "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f" + "\x7e\x24\x06\x78\x17\xfa\xe0\xd7" + "\x43\xd6\xce\x1f\x32\x53\x91\x63" + "\x00\x6c\xb6\xdb", + .klen = 8 + 64 + 20, + .iv = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .assoc = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x51\x04\xa1\x06\x16\x8a\x72\xd9" + "\x79\x0d\x41\xee\x8e\xda\xd3\x88" + "\xeb\x2e\x1e\xfc\x46\xda\x57\xc8" + "\xfc\xe6\x30\xdf\x91\x41\xbe\x28" + "\xec\x67\x0d\xb3\xbd\x98\x13\x01" + "\x2b\x04\x9b\xe6\x06\x67\x3c\x76" + "\xcd\x41\xb7\xcc\x70\x6c\x7f\xc8" + "\x67\xbd\x22\x39\xb2\xaa\xe8\x88" + "\xe0\x4f\x81\x52\xdf\xc9\xc3\xd6" + "\x44\xf4\x66\x33\x87\x64\x61\x02" + "\x02\xa2\x64\x15\x2b\xe9\x0b\x3d" + "\x4c\xea\xa1\xa5\xa7\xc9\xd3\x1b", + .clen = 32 + 64, + }, { /* RFC 3686 Case 3 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x22\x33\x44\x55\x66\x77\x88\x99" + "\xaa\xbb\xcc\xdd\xee\xff\x11\x22" + "\x33\x44\x55\x66\x77\x88\x99\xaa" + "\xbb\xcc\xdd\xee\xff\x11\x22\x33" + "\x44\x55\x66\x77\x88\x99\xaa\xbb" + "\xcc\xdd\xee\xff\x11\x22\x33\x44" + "\x76\x91\xbe\x03\x5e\x50\x20\xa8" + "\xac\x6e\x61\x85\x29\xf9\xa0\xdc" + "\x00\xe0\x01\x7b", + .klen = 8 + 64 + 20, + .iv = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .assoc = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" + "\x20\x21\x22\x23", + .plen = 36, + .ctext = "\xc1\xcf\x48\xa8\x9f\x2f\xfd\xd9" + "\xcf\x46\x52\xe9\xef\xdb\x72\xd7" + "\x45\x40\xa4\x2b\xde\x6d\x78\x36" + "\xd5\x9a\x5c\xea\xae\xf3\x10\x53" + "\x25\xb2\x07\x2f" + "\x6f\x90\xb6\xa3\x35\x43\x59\xff" + "\x1e\x32\xd6\xfe\xfa\x33\xf9\xf0" + "\x31\x2f\x03\x2d\x88\x1d\xab\xbf" + "\x0e\x19\x16\xd9\xf3\x98\x3e\xdd" + "\x0c\xec\xfe\xe8\x89\x13\x91\x15" + "\xf6\x61\x65\x5c\x1b\x7d\xde\xc0" + "\xe4\xba\x6d\x27\xe2\x89\x23\x24" + "\x15\x82\x37\x3d\x48\xd3\xc9\x32", + .clen = 36 + 64, + }, { /* RFC 3686 Case 4 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x16\xaf\x5b\x14\x5f\xc9\xf5\x79" + "\xc1\x75\xf9\x3e\x3b\xfb\x0e\xed" + "\x86\x3d\x06\xcc\xfd\xb7\x85\x15" + "\x00\x00\x00\x48", + .klen = 8 + 64 + 28, + .iv = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .assoc = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8" + "\x4e\x79\x35\xa0\x03\xcb\xe9\x28" + "\x25\xea\xdc\xad\x52\xb8\x0f\x70" + "\xe7\x39\x83\x80\x10\x3f\x18\xc4" + "\xf8\x59\x14\x25\x5f\xba\x20\x87" + "\x0b\x04\x5e\xf7\xde\x41\x39\xff" + "\xa2\xee\x84\x3f\x9d\x38\xfd\x17" + "\xc0\x66\x5e\x74\x39\xe3\xd3\xd7" + "\x3d\xbc\xe3\x99\x2f\xe7\xef\x37" + "\x61\x03\xf3\x9e\x01\xaf\xba\x9d", + .clen = 16 + 64, + }, { /* RFC 3686 Case 5 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\x40\x41\x42\x43\x44\x45\x46\x47" + "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f" + "\x50\x51\x52\x53\x54\x55\x56\x57" + "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f" + "\x7c\x5c\xb2\x40\x1b\x3d\xc3\x3c" + "\x19\xe7\x34\x08\x19\xe0\xf6\x9c" + "\x67\x8c\x3d\xb8\xe6\xf6\xa9\x1a" + "\x00\x96\xb0\x3b", + .klen = 8 + 64 + 28, + .iv = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .assoc = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x45\x32\x43\xfc\x60\x9b\x23\x32" + "\x7e\xdf\xaa\xfa\x71\x31\xcd\x9f" + "\x84\x90\x70\x1c\x5a\xd4\xa7\x9c" + "\xfc\x1f\xe0\xff\x42\xf4\xfb\x00" + "\x51\xa3\xe6\x1d\x23\x7d\xd1\x18" + "\x55\x9c\x1c\x92\x2b\xc2\xcd\xfe" + "\x8a\xa8\xa5\x96\x65\x2e\x9d\xdb" + "\x06\xd2\x1c\x57\x2b\x76\xb5\x9c" + "\xd4\x3e\x8b\x61\x54\x2d\x08\xe5" + "\xb2\xf8\x88\x20\x0c\xad\xe8\x85" + "\x61\x8e\x5c\xa4\x96\x2c\xe2\x7d" + "\x4f\xb6\x1d\xb2\x8c\xd7\xe3\x38", + .clen = 32 + 64, + }, { /* RFC 3686 Case 7 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x77\x6b\xef\xf2\x85\x1d\xb0\x6f" + "\x4c\x8a\x05\x42\xc8\x69\x6f\x6c" + "\x6a\x81\xaf\x1e\xec\x96\xb4\xd3" + "\x7f\xc1\xd6\x89\xe6\xc1\xc1\x04" + "\x00\x00\x00\x60", + .klen = 8 + 64 + 36, + .iv = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .assoc = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7" + "\x56\x08\x63\xdc\x71\xe3\xe0\xc0" + "\x6b\x68\x0b\x99\x9a\x4d\xc8\xb9" + "\x35\xea\xcd\x56\x3f\x40\xa2\xb6" + "\x68\xda\x59\xd8\xa0\x89\xcd\x52" + "\xb1\x6e\xed\xc1\x42\x10\xa5\x0f" + "\x88\x0b\x80\xce\xc4\x67\xf0\x45" + "\x5d\xb2\x9e\xde\x1c\x79\x52\x0d" + "\xff\x75\x36\xd5\x0f\x52\x8e\xe5" + "\x31\x85\xcf\x1d\x31\xf8\x62\x67", + .clen = 16 + 64, + }, { /* RFC 3686 Case 8 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x30\x31\x32\x33\x34\x35\x36\x37" + "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f" + "\x40\x41\x42\x43\x44\x45\x46\x47" + "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f" + "\x50\x51\x52\x53\x54\x55\x56\x57" + "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f" + "\xf6\xd6\x6d\x6b\xd5\x2d\x59\xbb" + "\x07\x96\x36\x58\x79\xef\xf8\x86" + "\xc6\x6d\xd5\x1a\x5b\x6a\x99\x74" + "\x4b\x50\x59\x0c\x87\xa2\x38\x84" + "\x00\xfa\xac\x24", + .klen = 8 + 64 + 36, + .iv = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .assoc = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c" + "\x49\xee\x00\x0b\x80\x4e\xb2\xa9" + "\xb8\x30\x6b\x50\x8f\x83\x9d\x6a" + "\x55\x30\x83\x1d\x93\x44\xaf\x1c" + "\x9a\xac\x38\xbd\xf3\xcf\xd5\xd0" + "\x09\x07\xa6\xe1\x7f\xd6\x79\x98" + "\x4e\x90\x0e\xc0\x3d\xa0\xf2\x12" + "\x52\x79\x9c\x17\xff\xb9\xb8\xe3" + "\x2f\x31\xcb\xbd\x63\x70\x72\x7b" + "\x4e\x1e\xd1\xde\xb5\x6b\x7d\x54" + "\x68\x56\xdd\xe5\x53\xee\x29\xd2" + "\x85\xa1\x73\x61\x00\xa9\x26\x8f", + .clen = 32 + 64, + }, +}; + static const struct aead_testvec hmac_sha1_des_cbc_tv_temp[] = { { /*Generated with cryptopp*/ #ifdef __LITTLE_ENDIAN @@ -16341,6 +17898,213 @@ static const struct aead_testvec hmac_sha512_des_cbc_tv_temp[] = { }, }; +static const struct aead_testvec hmac_md5_aes_ctr_rfc3686_tv_temp[] = { + { /* RFC 3686 Case 1 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\xae\x68\x52\xf8\x12\x10\x67\xcc" + "\x4b\xf7\xa5\x76\x55\x77\xf3\x9e" + "\x00\x00\x00\x30", + .klen = 8 + 16 + 20, + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .assoc = "\x00\x00\x00\x00\x00\x00\x00\x00", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\xe4\x09\x5d\x4f\xb7\xa7\xb3\x79" + "\x2d\x61\x75\xa3\x26\x13\x11\xb8" + "\xdd\x5f\xea\x13\x2a\xf2\xb0\xf1" + "\x91\x79\x46\x40\x62\x6c\x87\x5b", + .clen = 16 + 16, + }, { /* RFC 3686 Case 2 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x7e\x24\x06\x78\x17\xfa\xe0\xd7" + "\x43\xd6\xce\x1f\x32\x53\x91\x63" + "\x00\x6c\xb6\xdb", + .klen = 8 + 16 + 20, + .iv = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .assoc = "\xc0\x54\x3b\x59\xda\x48\xd9\x0b", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x51\x04\xa1\x06\x16\x8a\x72\xd9" + "\x79\x0d\x41\xee\x8e\xda\xd3\x88" + "\xeb\x2e\x1e\xfc\x46\xda\x57\xc8" + "\xfc\xe6\x30\xdf\x91\x41\xbe\x28" + "\x03\x39\x23\xcd\x22\x5f\x1b\x8b" + "\x93\x70\xbc\x45\xf3\xba\xde\x2e", + .clen = 32 + 16, + }, { /* RFC 3686 Case 3 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x14" /* enc key length */ + "\x11\x22\x33\x44\x55\x66\x77\x88" + "\x99\xaa\xbb\xcc\xdd\xee\xff\x11" + "\x76\x91\xbe\x03\x5e\x50\x20\xa8" + "\xac\x6e\x61\x85\x29\xf9\xa0\xdc" + "\x00\xe0\x01\x7b", + .klen = 8 + 16 + 20, + .iv = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .assoc = "\x27\x77\x7f\x3f\x4a\x17\x86\xf0", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" + "\x20\x21\x22\x23", + .plen = 36, + .ctext = "\xc1\xcf\x48\xa8\x9f\x2f\xfd\xd9" + "\xcf\x46\x52\xe9\xef\xdb\x72\xd7" + "\x45\x40\xa4\x2b\xde\x6d\x78\x36" + "\xd5\x9a\x5c\xea\xae\xf3\x10\x53" + "\x25\xb2\x07\x2f" + "\xb4\x40\x0c\x7b\x4c\x55\x8a\x4b" + "\x04\xf7\x48\x9e\x0f\x9a\xae\x73", + .clen = 36 + 16, + }, { /* RFC 3686 Case 4 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x16\xaf\x5b\x14\x5f\xc9\xf5\x79" + "\xc1\x75\xf9\x3e\x3b\xfb\x0e\xed" + "\x86\x3d\x06\xcc\xfd\xb7\x85\x15" + "\x00\x00\x00\x48", + .klen = 8 + 16 + 28, + .iv = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .assoc = "\x36\x73\x3c\x14\x7d\x6d\x93\xcb", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x4b\x55\x38\x4f\xe2\x59\xc9\xc8" + "\x4e\x79\x35\xa0\x03\xcb\xe9\x28" + "\xc4\x5d\xa1\x16\x6c\x2d\xa5\x43" + "\x60\x7b\x58\x98\x11\x9b\x50\x06", + .clen = 16 + 16, + }, { /* RFC 3686 Case 5 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x1c" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\x7c\x5c\xb2\x40\x1b\x3d\xc3\x3c" + "\x19\xe7\x34\x08\x19\xe0\xf6\x9c" + "\x67\x8c\x3d\xb8\xe6\xf6\xa9\x1a" + "\x00\x96\xb0\x3b", + .klen = 8 + 16 + 28, + .iv = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .assoc = "\x02\x0c\x6e\xad\xc2\xcb\x50\x0d", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\x45\x32\x43\xfc\x60\x9b\x23\x32" + "\x7e\xdf\xaa\xfa\x71\x31\xcd\x9f" + "\x84\x90\x70\x1c\x5a\xd4\xa7\x9c" + "\xfc\x1f\xe0\xff\x42\xf4\xfb\x00" + "\xc5\xec\x47\x33\xae\x05\x28\x49" + "\xd5\x2b\x08\xad\x10\x98\x24\x01", + .clen = 32 + 16, + }, { /* RFC 3686 Case 7 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x77\x6b\xef\xf2\x85\x1d\xb0\x6f" + "\x4c\x8a\x05\x42\xc8\x69\x6f\x6c" + "\x6a\x81\xaf\x1e\xec\x96\xb4\xd3" + "\x7f\xc1\xd6\x89\xe6\xc1\xc1\x04" + "\x00\x00\x00\x60", + .klen = 8 + 16 + 36, + .iv = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .assoc = "\xdb\x56\x72\xc9\x7a\xa8\xf0\xb2", + .alen = 8, + .ptext = "Single block msg", + .plen = 16, + .ctext = "\x14\x5a\xd0\x1d\xbf\x82\x4e\xc7" + "\x56\x08\x63\xdc\x71\xe3\xe0\xc0" + "\xc6\x26\xb2\x27\x0d\x21\xd4\x40" + "\x6c\x4f\x53\xea\x19\x75\xda\x8e", + .clen = 16 + 16, + }, { /* RFC 3686 Case 8 */ +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x24" /* enc key length */ + "\x20\x21\x22\x23\x24\x25\x26\x27" + "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f" + "\xf6\xd6\x6d\x6b\xd5\x2d\x59\xbb" + "\x07\x96\x36\x58\x79\xef\xf8\x86" + "\xc6\x6d\xd5\x1a\x5b\x6a\x99\x74" + "\x4b\x50\x59\x0c\x87\xa2\x38\x84" + "\x00\xfa\xac\x24", + .klen = 8 + 16 + 36, + .iv = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .assoc = "\xc1\x58\x5e\xf1\x5a\x43\xd8\x75", + .alen = 8, + .ptext = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17" + "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .plen = 32, + .ctext = "\xf0\x5e\x23\x1b\x38\x94\x61\x2c" + "\x49\xee\x00\x0b\x80\x4e\xb2\xa9" + "\xb8\x30\x6b\x50\x8f\x83\x9d\x6a" + "\x55\x30\x83\x1d\x93\x44\xaf\x1c" + "\x8c\x4d\x2a\x8d\x23\x47\x59\x6f" + "\x1e\x74\x62\x39\xed\x14\x50\x6c", + .clen = 32 + 16, + }, +}; + static const struct aead_testvec hmac_md5_des3_ede_cbc_tv_temp[] = { { /*Generated with cryptopp*/ #ifdef __LITTLE_ENDIAN diff --git a/crypto/xts.c b/crypto/xts.c index 3da8f5e053d6..ad97c8091582 100644 --- a/crypto/xts.c +++ b/crypto/xts.c @@ -76,7 +76,7 @@ static int xts_setkey(struct crypto_skcipher *parent, const u8 *key, /* * We compute the tweak masks twice (both before and after the ECB encryption or * decryption) to avoid having to allocate a temporary buffer and/or make - * mutliple calls to the 'ecb(..)' instance, which usually would be slower than + * multiple calls to the 'ecb(..)' instance, which usually would be slower than * just doing the gf128mul_x_ble() calls again. */ static int xts_xor_tweak(struct skcipher_request *req, bool second_pass, |